World-Class, Expert-Led Cybersecurity Training. Purpose-Built for the AI Era.

Current Trends and Future of Digital Investigative Analysis

This webcast explores the current and future state of Digital Investigative Analysis in an environment shaped by encryption by default, cloud based systems, and expanding data volumes.

Living in the Bubble - Cyber Threat Intelligence: Organic or Artificial?

This talk will highlight the pitfalls of incorporating artificial intelligence into analytical workflows, explore the areas where it can add value, and offer a perspective that is both skeptical and cautiously optimistic on where CTI may go in the age of AI.

ML RAG, Fine-tuning and Security

This webcast explores the evolution of machine learning context-based prompting, RAG, Agentic AI, and fine-tuning and associated risks.

What's New in SEC560: Bonus Labs, Cloud Attacks, and a Bonus RANGE?!

SEC560 has received a major update! Join lead author Jeff McJunkin for a walkthrough of new bonus labs, Azure and hybrid attack scenarios, native Apple Silicon VM support, and a brand-new multi-network bonus range built to extend real-world skills.

SANS Surge 2026: Featured Keynote - Securing Your AI Transformation

AI is the most transformational technology of our generation. It is where conflict will occur. And it's our job to secure it. Come to this session and learn the trends, techniques, and tools to do just that.

Inside the New SEC573: AI-Powered Python for Security Automation

SEC573 has been updated for the AI era. Join Mark Baggett for a first look at how Python, LLMs, and MCP are transforming security automation, making tool building faster, more accessible, and far more powerful for defenders and offensive operators alike.

Detection Engineering That Scales: Practical Strategies for Resilient, Maintainable Security Operations

Join SANS Senior Instructor Erik Van Buggenhout, Splunk’s Director of Product Management Tim Nary, and NVISO Detection Engineering SME Stamatis Chatzimangou as they explore effective detection engineering.

Vibe Hacking: AI-Driven C2 Operations with MCP

Command and Control doesn’t have to be command-heavy. This hands-on workshop shows how to use AI and the Model Context Protocol (MCP) to interact with Empire C2 through natural language, streamlining red team operations and reducing friction during engagements.

SANS 2026 SOC, SIEM, SOAR Forum

Security teams are under increasing pressure to detect, respond, and adapt at the speed of today’s evolving threats. The SANS 2026 SOC, SIEM, SOAR Forum brings together practitioners, architects, and leaders to share real-world experiences, lessons learned, and proven practices for advancing Security Operations.

Trust Your Vendors, Do You?

Organizations rely on third-party vendors to operate and scale, but blind reliance introduces risk. Learn why vendor risk matters, lessons from real breaches, and how to build a modern, continuous TPRM program aligned to NIS2, DORA, and GDPR.

Infosec Rock Star: 5 Critical Skills for Infosec Professionals

Technical Skills are Essential, But Geek will only get you so far

Agile Incident Response: How Leading Teams Execute Fast

The first minutes of an incident determine containment or crisis. Join this SANS virtual roundtable to learn how leading teams align across SOC, cloud, OT, and leadership to execute faster under pressure.

Securing Branch and OT Environments with Agentless Segmentation

In this SANS First Look webcast, we explore how Zscaler’s Zero Trust Branch (ZTB) introduces a new, streamlined approach to securing branch and OT environments.

2026 SANS State of Identity Threats & Defenses Survey Insights Event: How Identity Became the New Security Perimeter—And What’s Next

Overview Identity has become the new battleground. From SaaS to cloud to legacy Active Directory, it is now the central control point—and attackers know it.

OSINT Summit Solutions Track 2026

In an era where adversaries exploit publicly available data with increasing sophistication, Open-Source Intelligence (OSINT) has become a vital part of modern cyber defense. This Solutions Track session explores how organizations can leverage OSINT more effectively—shifting it from ad-hoc collection to a proactive, integrated security capability.

Leadership Summit Solutions Track 2026

As organizations face increasing uncertainty, evolving threats, and shifting regulations, cybersecurity leaders are being challenged to lead with both vision and adaptability. This Solutions Track session focuses on translating those leadership challenges into actionable strategies—providing frameworks, proven approaches, and decision-making tools for professionals at every level who are responsible for driving security initiatives and organizational resilience.

Don't Trust AI – Verify It: A Practical Discussion About AI in the SOC

Buzz about AI agents is everywhere in security. But in the SOC, trust remains the biggest barrier to adoption. Trust that AI actually brings value instead of mere vendor hype. Trust that AI SOC tools aren’t being used to replace analysts.

AI-Human Collaboration in Modern SOCs

In this SANS webcast, Mathias Fuchs examines whether human-only security operations can realistically keep up in an era of AI-enabled attacks, shrinking budgets, and a widening cybersecurity workforce gap.

Getting Started with Prompt Injection

Discover how attackers exploit prompt injection to bypass AI safeguards and learn the defensive strategies needed to secure modern AI systems.

Using MITRE ATT&CK as an Operational Framework: Prioritizing, Testing, and Sustaining Defense

Join SANS Instructor Chris Crowley and Tidal Cyber Co-Founder and Chief Innovation Officer Frank Duff to explore how to move beyond theory and operationalize MITRE ATT&CK across your environment.