Tag Archives: SANS

Special Webcast: Gaining a Decisive Advantage Through Terrain Based Cyber Defense – May 8, 2019 12:00pm US/Eastern

This post was originally published on this site

Speakers: Craig Harber and Rami Mizrahi

When it comes to cybersecurity, you can only defend what you can see. Organizations continue to suffer breaches, oftentimes because they do not have continuous, real-time visibility of all their critical assets. With more data and applications moving to the cloud, IoT and other emerging technologies, the attack surface continues to expand, giving adversaries more blind spots to leverage.

Join us for this webinar where we examine how to:

  • Discover, classify and profile assets and network communications
  • Detect threats and decode content in real-time at wire speed
  • Hunt for unknown threats via rich, indexable metadata
  • Alter your terrain and attack surface with deception to slow down attackers

By knowing your cyber terrain and increasing the risk of detection and cost to the adversary, you can gain a decisive advantage.

Analyst Webcast: The State of Cloud Security: Panel Discussion – May 7, 2019 1:00pm US/Eastern

This post was originally published on this site

Speakers: Dave Shackleford and Jim Reavis

This webcast digs more deeply into the results of the SANS 2019 Cloud Security Survey, conducted in cooperation with the Cloud Security Alliance. A panel comprised of survey author Dave Shackleford and representatives from ExtraHop and Sysdig will touch on key themes developed through analyzing the results of the survey.

Click here to register for the survey results webcast on May 1 at 1:00 PM (EDT) and be among the first to receive the associated whitepaper written by Dave Shackleford with advice from Cloud Security Alliance CEO Jim Reavis.

Special Webcast: From Seizure to Actionable Intelligence in 90 Minutes or Less – May 2, 2019 10:30am US/Eastern

This post was originally published on this site

Speakers: Kevin Ripa

An effective battlefield forensicator must investigate large amounts of data quickly while maintaining data collection integrity and defensibility, often within high-stress environments. SANS is proud to introduce the FOR498: Battlefield Forensics & Data Acquisition, a new course authored by Instructors Eric Zimmerman and Kevin Ripa. This webcast will give you an overview of the contents of the 6 day course and the myriad of topics being covered. We will also dive deeper into a couple of the highlights, including booting an .E01 file in VMware to view the contents as though we were sitting at the subjects computer without spoliating the source evidence; discussing non-traditional acquisitions, and write blocking of devices that dont lend themselves to the traditional methods of protecting source data. We will cover a lot of ground in a little time, so bring a seatbelt!

https://www.sans.org/course/battlefield-forensics-and-data-acquisition

Add a Learn more button and link to https://www.sans.org/course/battlefield-forensics-and-data-acquisition

Ask The Expert Webcast: Rethinking your global security platform – May 2, 2019 3:30pm US/Eastern

This post was originally published on this site

Speakers: Matt Bromiley and Brandon Levene

Today, most security teams struggle to identify and locate threats in their networks. Without the ability to find the bad guys in your network, security teams are unable to be effective in their roles. Find out if you have the tools to link intelligence about threats in the wild, threats in your network, and understand unique signals from both. Learn how Chronicle, an Alphabet company, is looking to solve the problems of the security industry a global scale with a focus on speed and efficacy.

Join this webinar to:

  • Learn more about the new Chronicle Security platform, Backstory.
  • Find out how it offers different and better answers to the largest, ongoing pain points for security professionals.
  • See it in action with a live demo.

Ask The Expert Webcast: How Effective is Your WAF Protection? – Metrics & Key Considerations – May 2, 2019 1:00pm US/Eastern

This post was originally published on this site

Speakers: Chris Brazdziunas and Will Woodson

With all of the daily distractions that security professionals face, it is easy to forget that Application Security is an inherently pragmatic and numbers-driven discipline. Frequent and sophisticated threats demand a large portion of the little time and resources security teams have. In order to keep pace, we need our WAFs to perform at peak efficiency. Many security teams would argue that theirs is not, and struggle to identify where to start diagnosing the problem.

In this webinar, we bring an AppSec focus to the old adage of what gets measured, gets improved. We dive into the bottlenecks of current WAFs and address the key metrics that you should be holding your WAF against. Well answer such questions as:

o How can you establish benchmarks for threat detection and protection?

o What is the true cost of a false positive and an underperforming WAF?

o How should I measure WAF operational cost?

o How important are deployment time and the impact of application updates on the success of my security strategy?

o Whats the best way to measure and evaluate WAF performance over time?

o How can you measure application security posture?

Join Chris Brazdziunas, Chief Product Officer, and Will Woodson, Lead Security Engineer, at ThreatX, for this 45-minute discussion where they will focus on the empirical side of application security and share guidance that you can use to improve your security practice

Ask The Expert Webcast: A CISO’s Perspective on Presenting OT Risk to the Board – May 1, 2019 10:30am US/Eastern

This post was originally published on this site

Speakers: Dan Shugrue and Ilan Abadi

Join Ilan Abadi, Chief Information Security Officer at Teva Pharmaceutical, as he describes effective real-world strategies for presenting OT Risk to the Board of Directors.

A key goal of the BoDs of most enterprises is to maintain an appropriate balance between protecting the security of the enterprise, its ability to function, and control financial outlays from losses. The Board cares about business outcomes as opposed to technical details. When addressing the Board of Directors, learn to anticipate and answer these 5 key questions:

1. When is cybersecurity not an IT issue?

2. What are the legal implications of OT risk?

3. How can the BoD get and maintain adequate access to cybersecurity expertise?

4. What is an adequate risk management framework and budget?

5. Which risks can be avoided, which can be accepted, which can be mitigated through technology and which can be transferred through insurance?

Daniel Shugrue, Senior Director of Industrial Cybersecurity, will also discuss how a modern OT cybersecurity platform can provide a spectrum of mitigation and protection options for reducing key risks to your companys most critical functions.

Special Webcast: The State of Cloud Security: Results of the SANS 2019 Cloud Security Survey – May 1, 2019 1:00pm US/Eastern

This post was originally published on this site

Speakers: Dave Shackleford and Jim Reavis

Cloud is part of today’s infrastructures, and infrastructures are part of clouds. Are security infrastructures maturing to support the business and improve risk management in the cloud model? How are organizations using the public cloud to meet their business needs?

This webcast will explore the results of the SANS 2019 Cloud Security Survey, conducted in cooperation with the Cloud Security Alliance, concerning organizations’ use of the public cloud and will provide actionable advice for attendees to improve their cloud security. Attendees will learn about the:

  • Types of applications that are implemented most frequently through the cloud
  • Number of public cloud providers most organizations use
  • Concerns organizations have about use of the public cloud and the frequency of those concerns becoming realities
  • Issues associated with public cloud breaches
  • Technologies used to secure sensitive data in the cloud and integrate with in-house environments
  • Challenges organizations face in adapting incident response and forensics to a cloud environment

Register for this webcast now, and you will be among the first to receive the associated whitepaper written by SANS Analyst and cloud security course author Dave Shackleford.

Special Webcast: The Future of Phishing: Its all about your customers – April 30, 2019 3:30pm US/Eastern

This post was originally published on this site

Speakers: Elad Schulman

While current anti-phishing solutions usually cover basic entry-level phishing scams using reactive inside-the-firewall defenses, a billion of potential variations of sophisticated phishing scams are already being planned and executed everywhere on the internet, entirely undisturbed, evading most current detection tools.

Todays phishing attacks are no longer performed by scruffy hoodie covered villains, but by sophisticated, risk-calculating, online marketing experts who take social engineering to new heights. By constantly using A/B testing to improve their technology with each attack, they know how to tell a convincing story that would trick even the savviest users, causing irreversible reputational and financial damages to brands worldwide.

In this talk, we will go through:

❏ Why todays anti-phishing solutions cannot protect against tomorrows sophisticated customer-focused phishing attacks.

❏ Why only solutions that proactively scan the web for content scraping, brand, and non-brand related manipulation can prevent and block planned attacks before they even launch.

❏ How an innovative 4-step solution covers over 99.97% of planned phishing attacks across the web, incorporating best-of-breed detection, non-brand defense, take-down, and deception.

Special Webcast: What Are Fileless Attacks and How Can You Stop Them? – April 30, 2019 1:00pm US/Eastern

This post was originally published on this site

Speakers: Jamie French and Jim Walter

Fileless attacks achieve a breach without writing files to the host system. By leveraging legitimate system resources for malicious purposes, fileless malware effectively hides from almost all traditional threat detection methods. Learn how Unisys Advanced Endpoint Protection protects your organization by denying these kinds of attacks access to system resources

Analyst Webcast: Why Your Vulnerability Management Strategy Is Not Working and What to Do About It – April 24, 2019 10:30am US/Eastern

This post was originally published on this site

Speakers: Jake Williams and Eric Olson

Vulnerability management has become a critical component of a holistic information security program, yet enterprises continue to be breached, in part due to a lack response to known vulnerabilities, such as effective patching.

The state of attacks is changing and vulnerability management must change with it. While many organizations understand that annual scans aren’t enough, they still struggle with prioritizing resources to address vulnerabilities.

In this SANS webcast, certified instructor Jake Williams will address todays effective vulnerability management. Attendees will learn about:

  • Prioritizing the application of patches
  • Mapping security controls to assets
  • Threat modeling to understand attack chains
  • Gap analysis to prioritize new security controls

Register now and be among the first to receive the associated white paper written by Jake Williams.