Cyber Defense Training

AI-Driven SecOps: Unifying Controls, Automating Response, and Advancing the Modern SOC using Palo Alto’s XSIAM

With the breadth of technologies in use across many enterprise organizations today, security analysts need more visibility than ever.

Swimlane Turbine AI Automation in Security Operations

Are you feeling the pressure to do more with less—juggling tool sprawl, alert fatigue, and increasingly sophisticated attacks? Security automation and AI-driven decision support can help streamline operations, enhance accuracy, and accelerate response times.

Full Packet Capture as a Strategic and Regulatory Imperative

From the U.S. government's 72-hour capture mandate to the EU’s NIS2 Directive, organizations are facing mounting pressure to implement full packet capture to meet emerging compliance obligations. What began as simple log retention requirements has evolved into a complex global web of regulations demanding forensic-grade network visibility.

The AI Threat: Protecting Your Email from AI-Generated Attacks

The widespread adoption of generative AI meant increased productivity for employees, but also for bad actors. They can now create sophisticated email attacks at scale—void of typos and grammatical errors that have become a key indicator of attack.

5 Critical Skills for Infosec professionals

What are the critical skills that extremely successful infosec professionals need, and how can we develop these? Obviously, technology matters, but it's not just about technology.

Closing the Gaps: Orchestrating Cross-Domain Remediation in Modern Security Environments

Watch

Building a Lab to Detect What Matters

This webinar explores the design and deployment of a robust detection engineering lab—built both on-prem and in the cloud—that enables engineers to simulate real world attacks, validate hypotheses, and rapidly iterate on detection logic.

Full Packet Capture as a Strategic and Regulatory Imperative

Cybersecurity leaders and compliance professionals are under increasing pressure to meet a growing array of global regulations—all while maintaining effective threat detection and response capabilities. Traditional monitoring is no longer enough. Full Packet Capture (FPC) is rapidly emerging as a foundational requirement—not only for real-time visibility and forensic analysis, but as a direct response to regulatory mandates in the U.S., EU, and beyond.

2025 SANS Zero Trust Survey Webcast & Forum: Exploring Challenges, Opportunities, and Innovative Solutions for a Secure Digital Future

As digital transformation accelerates, Zero Trust has become crucial for defending against an increasingly complex threat landscape. The rise in ransomware, credential stealers, supply chain attacks, and disruptive incidents impacting availability in 2024 has underscored the need for resilient cybersecurity strategies that can withstand and adapt to evolving threats.

Employee, Contractor, Consultant: Which Work Model is Best for You?

We are lucky in Infosec. It may not be an easy field to get into, but once you’re in infosec, there is plenty of work available and many work models.

SANS 2025 Attack Surface & Vulnerability Management Survey: Hackers Don’t Wait—Why Should We?

In an era where digital footprints expand faster than security teams can track, managing the attack surface is no longer a reactive task, it’s a continuous battle. Organizations face an evolving threat landscape driven by shadow IT, cloud sprawl, third-party risks, and zero-day vulnerabilities. Yet, many security teams struggle to gain full visibility into their external exposure, let alone remediate risks before adversaries exploit them.

Fall Cyber Solutions Fest 2025: SOC Track

When performing effectively, security operations is  ongoing visibility into information assets and threats to them. Poise with a nuanced understanding of risk and capacity to act.Explore the balance of people, process, and technology in the always insightful SOC Track. We'll surely address what AI is and isn't doing to enhance operations; cover threat intelligence; staffing; capabilities of the SOC; and discuss the ongoing challenge of scarce resources.Join us to hear how others are succeeding and failing to maintain an operational balance between competing internal priorities and threats which seem to relentlessly improve.

Fall Cyber Solutions Fest 2025: Threat Track

Moving from clicking alerts to actively hunting threats takes planning, the right data, and the right tools. In 2025, with AI and automation everywhere, it’s more important than ever to stay ahead of attackers, arming yourself with clear intelligence, full visibility, and smart processes to catch problems before they become crises.Attackers are now making effective use of AI too, creating fake identities, automated phishing, and constantly changing malware. Still, behind every tool is still a real person (or group) with goals. Organizations need to have a balance of automated analysis with human judgment so you can spot true threats in the noise.There’s no shortage of threat intelligence sources either: open source, commercial, vendor, and community. Yet many teams struggle to turn intelligence into real defense. In this track, you’ll learn to plug intelligence directly into your security tools, while equipping humans to do better analysis: enriching alerts instantly, mapping threats to the MITRE ATT&CK framework, and sharpening your hunting approach based on what adversaries actually do.Key Takeaways for 2025:Plan regular, data-driven hunt campaigns instead of one-off investigationsEmbed threat intelligence into SIEM, SOAR, XDR, and NDR workflowsUse AI to speed up indicator triage and add context fastCombine automated analytics with focused human-led huntsFocus on high-quality intelligence that fits your environmentWhat to Expect:Smart Alert Enrichment: Automatically add useful context to indicators without flooding your team.Next-Gen XDR & MDR: Learn how managed services and orchestration speed up hunts.Live CTI Demos: See real examples of turning raw threat feeds into detection rules.Automated Hunting Playbooks: Create repeatable tasks across XDR, NDR, and cloud logs.Actionable Intelligence Guides: Pick the best data sources and turn them into playbooks your team will use.Join Ismael Valenzuela, author and SANS senior instructor, as we explore the most successful strategies and opportunities for implementing these tactics in your organization.Full Fall Cyber Solutions Fest Track List:Emerging Technologies Track | Nov 4Cloud Identity and Access Management Track | Nov 5SOC Track | Nov 5Threat Track | Nov 6AI Track | Nov 6