SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
Search results
Filter results
Search results
- Whitepaper
Expanding Response: Deeper Analysis for Incident Handlers
The perspective embraced for this discussion is that of an analyst who is working a process to...
- Blog
GIAC Introduces Industry-First Cloud Forensic Responder (GCFR) Certification
If you’re in the field of cloud incident response and analysis, put this industry-leading certification on your to-do list and validate your skills.
- Whitepaper
Practical Attack Detection, Analysis, and Response using Big Data, Semantics, and Kill Chains within the OODA Loop
The traditional approach to using toolsets is to treat them as independent entities - detect an...
- Summit Presentation
EKS Incident Response and Forensic Analysis
SANS DFIR Summit 2023
- Whitepaper
Boiling the Ocean: Security Operations and Log Analysis
Incident handlers are expected to provide timely and efficient detection, analysis and response to...
- Webinar
Siaran Web Penting SANS: What you Need to Know about CVE-2021-30860 aka FORCEDENTRY
Siaran Web Penting SANS: What you Need to Know about CVE-2021-30860 aka FORCEDENTRYJumat, 24 Sep 2021 9:00AM WIBChris Crowley Apple merilis CVE-2021-30860 dengan menyebutkan: semua versi iPhone iOS sebelum 14.8; versi macOS sebelum OSX Big Sur 11.6, Pembaruan Keamanan 2021-005 Catalina, dan Apple Watch sebelum watchOS versi 7.6.2 menjadi target yang saat ini aktif di eksploitasi. Kami akan membahas hal-hal yang harus segera Anda lakukan untuk melindungi pengguna dan sistem informasi Anda dari eksploitasi zero-day ini terhadap iOS dan MacOS. Kami akan membahas hasil temuan tersebut. Kami akan memberikan indikator tentang apa yang harus dicari untuk mengetahui apakah perangkat Anda telah terdampak oleh kerentanan ini, informasi terbatas tentang detail kerentanan, dan Threat attribution yang telah dikembangkan oleh Citizen Labs. Christopher Crowley, Instruktur Senior SANS, memiliki 15 tahun pengalaman mengelola dan mengamankan jaringan. Dia telah menulis banyak kursus dan merupakan salah satu ahli dalam membangun SOC yang efektif. Saat ini, dia bekerja sebagai konsultan independen di wilayah Washington, DC dan fokus dalam mengembangkan computer network defense yang efektif. Pengalamannya meliputi penetration testing, security operation, incident response, dan forensic analysis.
- Podcast
Josh Johnson: PowerShell for the Blue Team | 19
PowerShell may seem intimidating, but it can be one of the most amazing and useful tools at your disposal...if you know how to use it. In this episode, we have Josh Johnson giving you a masterful crash course in:The importance of PowerShellHow PowerShell works, and how to set yourself up to use itBlue team use cases for log analysis, incident response and moreHow to stopping attackers from leveraging PowerShellSome of the amazing automation and playbook opportunities you may be missing out on.Lots of actionable content for defenders here, don't miss in this episode!
- Person
Phil Hagen
Phil Hagen shaped network forensics with SOF-ELK® and SANS FOR572, setting standards in large-scale log analysis and response. His role in exposing a global fraud ring behind hundreds of millions in losses defines his lasting impact on cybersecurity.
- Course
FOR518: Mac and iOS Forensic Analysis and Incident Response
Conduct detailed, in-depth analysis on raw data from Mac and iOS cases. Gain confidence in your forensic analysis and incident response skills with hands-on labs.
- Course
FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response
Deepen your advanced network forensics experience, including threat hunting, analysis, and incident response. Explore the tools, technology, and processes needed to integrate network evidence sources.