Continuing education credits, without the rabbit hole.

Detecting Malicious Activity in Large Enterprises Modern enterprises are extremely diverse and complex. Yet, security data collection, correlation, and analysis has not kept up with these complexities. It often seems like organizations collect too much without ever truly finding value in the vast amounts of data they have amassed. In this webcast, SANS author Matt Bromiley and Chronicle Security's Dr. Anton Chuvakin focus on concepts to effectively detect malicious activity within large enterprises. They will review how to bring giga-/tera-/petabytes togethers, correlating them into actionable intel by using YARA-L to craft efficient detections that can be used across these vast data sets. The webcast will help attendees answer important questions such as:In your current state, how much data are you ingesting/analyzing?How is your team writing detections? What types of metadata points are they looking for?How do you detect threats?Can you effectively scale detections across your data sets?How do you manage the lifecycle of those detections, tune them, keep them relevant, remove them when no longer relevant? Register today and be among the first to receive the associated whitepaper written by Matt Bromiley.WebinarDigital Forensics and Incident Response Presented: 10 Sep 2020 Technical Presentation View details

How to Improve Threat Detection and Hunting in the AWS Cloud Using the MITRE ATT&CK Matrix Understanding adversary tactics and techniques based on real-world observations are critical to building more effective threat detection and hunting capabilities. The context provided by data sources is what enables us to make actionable decisions. Still, it is limited to what raw data inputs we consume, as well as consuming enough of the right data to be able to mitigate, remediate and prevent future adversary activity. However, detecting malicious events is not the final solution to thwarting adversaries. Actions need to be taken, whether they are operational (e.g., stopping a malicious process) or strategic (e.g., securing an environment to prevent the execution of malicious processes). In this webinar, SANS and AWS Marketplace will discuss the exercise of applying the MITRE ATT&CK Matrix to the AWS Cloud. They will also explore how to enhance threat detection and hunting in an AWS environment to maintain a strong security posture. Attendees will learn how to:Apply the MITRE ATT&CK Matrix to classify and understand cloud-based techniquesCreate an effective detection strategy and uncover what data sources are requiredBreak down and recognize detections by security product capabilities and data sourcesLeverage threat intel for improved detectionUse AWS services and third-party solutions to support their threat detection and hunting strategy Register today to be among the first to receive the associated whitepaper written by SANS senior instructor and cloud security expert Dave Shackleford.WebinarDigital Forensics and Incident Response Presented: 1 Sep 2020 Technical Presentation View details

Closing the Critical Skills Gap for Modern and Effective Security Operations Centers (SOCs): Survey Results Any successful security operations center (SOC) will combine skilled people, effective processes and efficient technology. Previous SANS surveys have shown that the skills of the people are the prime prerequisite to enable organizations to define critical SOC processes; create use cases, hypotheses and plans; architect effective security solutions; and efficiently deploy, operate and maintain security systems. From that skills base, sophisticated technology and tools can be used as a force multiplier. CISOs and SOC managers who can reduce or close their critical skills gaps have the highest probability of minimizing business impact from cyberattacks when budgets and staffing are constrained. Webcast attendees will learn:Where hiring managers turn when sourcing potential new hiresWhich skill areas are most sought afterWhat technologies employers wish new hires had hands-on experience usingWhich security technologies are perceived as enabling organizations to delay or mitigate the need for additional staff Register today to be among the first to receive the associated whitepaper written by SANS Director of Emerging Security Trends, John Pescatore. Click here'to register for a companion webcast to be held at 1 PM ET on Thursday, July 30, 2020 ' a panel discussion with survey author John Pescatore and selected sponsors that digs more deeply in to the results.WebinarCyber Defense Presented: 29 Jul 2020 Technical Presentation View details

How to Protect All Surfaces and Services in the AWS Cloud Multiple layers of defense are required to protect your AWS environment. The first step is to reduce your overall attack surface to reduce exposure, in ways such as hardening your Amazon EC2 operating systems and configuring your containers. Organizations can then implement tools, such as a cloud security posture management (CSPM) solutions, to monitor and manage risk. In this prerecorded webcast, SANS instructor Dave Shackleford and AWS Marketplace explore best practices and provide practical guidance on how you can secure your entire AWS footprint. They will also present real-world use cases and examples of tools you can leverage to protect your investments. Attendees at this webcast will learn how to:Decrease their attack surface to limit exposureProtect their AWS environment with configuration management, real-time assessment, and access control mechanisms.Implement automation for monitoring and continuous protectionLeverage AWS services and seller solutions in AWS Marketplace to protect AWS services and surfaces Register today to be among the first to receive the associated whitepaper written by SANS senior instructor and cloud security expert Dave Shackleford.WebinarCloud Security Presented: 28 Jul 2020 Technical Presentation View details

How Are Remote Workers Working? A SANS Poll Remote work has quickly become the \new normal" with the COVID-19 pandemic. Organizations have been forced to rethink how they will get work done with their employees mandated to stay home. 'How are organizations handling working from home? How well were companies prepared for remote work? How have technological needs changed with this shift? How are teams communicating? How are devices and communications being secured? When a time like this does not allow for the mission to halt, employees and employers have scrambled to keep the work going. 'Ensuring that teams are equipped, communicating, and are safe at home is key during this time.'this webinar, led by Heather Mahalik SANS Senior Instructor, Author and Senior Director of Digital Intelligence at Cellebrite, covers how companies have adjusted to this new landscape as a workforce. How have things changed and how are we coping and keeping the ball rolling forward from home.WebinarCyber Defense Presented: 4 Jun 2020 Technical Presentation View details

SANS Top New Attacks and Threat Report As we move into 2020, news reports have been filled with reports of deepfakes, attacks against election systems, quantum computing advances and more. SANS instructors Heather Mahalik, Ed Skoudis and Johannes Ullrich present their analysis of the new attack techniques currently in use that will affect you and share their projections for future exploits in a highly rated keynote presentation moderated by Alan Paller at the annual RSA Conference in San Francisco.In this webcast, SANS Director of Emerging Security Trends John Pescatore will highlight key themes from that report and other sources to provide:Coverage of the top new attacks and threats as defined in that presentationDeeper insight into overall cybersecurity trends on both the offensive and defensive sidesAdvice from SANS on the steps enterprises must take to evolve critical skills, processes and controls to mitigate current and future risksBe among the first to receive the associated whitepaper written by John Pescatore, SANS Director of Emerging Security Trends.WebinarCyber Defense Presented: 28 Apr 2020 Technical Presentation View details