SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense, Artificial Intelligence
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
Search results
Filter results
Search results
- Whitepaper
Event Monitoring and Incident Response
Ever wish you could observe, report, and react in a timely manner after an event occurred? Evidence...
- Whitepaper
Detecting System Log Loss Through One-Way Communication Channels
Organizations are consolidating log collecting, monitoring, and incident response activities. There...
- Webinar
Securing AI with the CIS Controls v8.1
Artificial Intelligence (AI) and Large Language Models (LLMs) are transforming business operations but also introduce new risks. In this one-hour webcast, hosted by the author and instructor of SANS SEC566: Implementing and Auditing CIS Controls, we will explore how to apply the CIS Controls to the AI lifecycle—covering data security, system hardening, access management, monitoring, and incident response.
- Poster & Cheat Sheet
Industrial Network Security Monitoring & Incident Response Cheat Sheet
This tri-fold cheat sheet provides guidance for Industrial Control System (ICS) Network Security Monitoring (NSM), and Incident Response (IR) for control system environments.
- Policy
Physical Security Management Policy
A robust physical security strategy safeguards facilities, assets, and personnel by implementing access controls, monitoring mechanisms, and incident response protocols.
- Summit Presentation
Tool: 4n6pi - A Lightweight, Open Source, Forensic Disk Imager
This session introduces 4n6pi, an open-source forensic imaging tool built on Raspberry Pi hardware that produces forensically sound E01 disk images. Attendees will discover how its YAML-based setup and optional Django web interface enable affordable, efficient evidence acquisition and monitoring for incident response and forensic triage.
- Job Role
Intrusion Detection / (SOC) Analyst
Security Operations Center (SOC) analysts work alongside security engineers and SOC managers to implement prevention, detection, monitoring, and active response. Working closely with incident response teams, a SOC analyst will address security issues when detected, quickly and effectively. With an eye for detail and anomalies, these analysts see things most others miss.
- Whitepaper
Continuous Monitoring Effectiveness Against Detecting Insider Threat
More organizations are implementing some form of Continuous Monitoring, yet there is an increase in...
- Whitepaper
Uncovering Indicators of Compromise (IoC) Using PowerShell, Event Logs and a Traditional Monitoring Tool
What security concerns keep you up at night? Is it pivoting, persistent access, the time to detect...
- Whitepaper
NOC/SOC Integration: Opportunities for Increased Efficiency in Incident Response within Cyber-Security
Managing, monitoring and defending enterprise networks with siloed Network Operation Centers (NOC)...