SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
Search results
Filter results
Search results
- Whitepaper
Event Monitoring and Incident Response
Ever wish you could observe, report, and react in a timely manner after an event occurred? Evidence...
- Whitepaper
NetFlow Collection and Analysis Using NFCAPD, Python, and Splunk
NetFlow data is often collected for network monitoring and management, but it has many applications...
- Whitepaper
NOC/SOC Integration: Opportunities for Increased Efficiency in Incident Response within Cyber-Security
Managing, monitoring and defending enterprise networks with siloed Network Operation Centers (NOC)...
- Summit Presentation
Tool: 4n6pi - A Lightweight, Open Source, Forensic Disk Imager
This session introduces 4n6pi, an open-source forensic imaging tool built on Raspberry Pi hardware that produces forensically sound E01 disk images. Attendees will discover how its YAML-based setup and optional Django web interface enable affordable, efficient evidence acquisition and monitoring for incident response and forensic triage.
- Whitepaper
Continuous Monitoring Effectiveness Against Detecting Insider Threat
More organizations are implementing some form of Continuous Monitoring, yet there is an increase in...
- Whitepaper
Uncovering Indicators of Compromise (IoC) Using PowerShell, Event Logs and a Traditional Monitoring Tool
What security concerns keep you up at night? Is it pivoting, persistent access, the time to detect...
- Whitepaper
Packets or It Didn’t Happen: Network-Driven Incident Investigations
This paper examines use cases for network monitoring (including in cloud environments) and how...
- Person
David Szili
David has 10+ years of professional experience in penetration testing, red teaming, vulnerability assessment and management, security monitoring, security architecture design, incident response, digital forensics, and software development.
- Person
Xavier Mertens
Xavier's motto is “to better defend yourself, know your enemy”. That’s why he focuses on the defensive side of cybersecurity. He has a strong background in incident management, threat hunting, malware analysis, and security monitoring.
- Blog
The Role of Mentorship in Cyber Threat Intelligence (Part 2)
Mentoring needs will vary from person to person based largely on where they are in their career. Here are a few resources to help you get there!