Learn real-world cyber security skills from active industry experts in Anaheim. Save $150 thru 12/18.

SANS Security Insights

AI Wars

Artificial intelligence in cybersecurity can introduce accidental or intentional bias that results in false security data.

By Deb Radcliff, Creative Director,SANS Analyst Program

The benefits of AI in cybersecurity are hard to dispute. When implemented properly, AI enhances detection and response, improves access controls, aids with threat hunting and other capabilities, and uses machine learning to continually improve response.


When Investigations Go South

How to avoid legal liability when stumbling into dicey and illegal situations during investigations

By Deb Radcliff, Creative Director,SANS Analyst Program

Stolen credentials, malware forums, human trafficking, drug dealing, kiddie porn: just about any illegal activity you can think of is facilitated over the dark web. Not surprisingly, this type of criminal activity also ends up on the servers inside of legitimate business and government organizations.


Active Directory Password Policies & NIST Password Standards

by Josh Horwitz,Chief Operating Officer, Enzoic

NIST password standards balance employee-friendly password policies with improved security. While NIST introduced these password standards in 2017, many organizations are just now getting around to adopting them in Active Directory. As they do so, organizations are embracing tools to automate screening of exposed passwords and password policy enforcement to simplify their AD implementations without creating a lot of additional burden on the IT team.


The Dark Side of Threat Research

White hat threat researchers, security pros and cyber investigators share tips for protecting their personal lives from bad guys they encounter online.

By Deb Radcliff, Creative Director,SANS Analyst Program

Before starting any cyber investigation into the dark web, Bryan Seely scrubs his social media profiles, creates a fake identity, opens an anonymous Google voice account and buys a new burner phone. These are just a few safeguards he takes to protect himself from being attacked by some of the shadowy characters he interacts with online during his dark-web research.


Three Cloud Security Best Practices for 2020

By Matt Cauthorn, VP of Cyber Security Engineering, ExtraHop Cloud security attacks are on the rise-and a lot of the blame can be placed on one factor: hackers are exploiting misconfigurations to access sensitive data. Whether customers fail to properly configure Amazon Web Services (AWS) settings for unrestricted external access or elastic block store (EBS) … Continue reading Three Cloud Security Best Practices for 2020