World-Class, Expert-Led Cybersecurity Training

SANS 2025 Utilities Forum

This free virtual event brings together cybersecurity professionals, utility operators, government stakeholders, and industry experts to explore the unique challenges and emerging threats facing the energy and water sectors.

Improving Security Outcomes with Skilled Practitioners: Realizing the Business Value of SANS Institute Security Training

We invite you to join us for this webinar, where IDC and SANS analysts will discuss the results of a recent research project that quantified the business value of training.

Building a Lab to Detect What Matters

This webinar explores the design and deployment of a robust detection engineering lab—built both on-prem and in the cloud—that enables engineers to simulate real world attacks, validate hypotheses, and rapidly iterate on detection logic.

ZTA Unpacked: The Critical Technical Components of Zero Trust Architecture

Join Greg Scheidel as he demystifies the technical foundation of Zero Trust Architecture (ZTA) and outlines the key technologies that drive modern, mature implementations.

Solving OT Governance

Get a masterclass in ICS/OT cyber governance. Learn how to launch, right-size, and sustain a program, keep momentum alive, and maximise your risk ROI.

Securing the 5G Frontier: Real Threats, Deepfakes & Defense Strategies

As 5G networks rapidly expand across North America, from public rollouts to private enterprise deployments, FWA, and ORAN, security challenges are growing just as fast.

Data Security in the Age of AI: Proactive Strategies to Protect Your Most Valuable Assets

As organizations accelerate cloud adoption and embrace AI-driven innovation, maintaining visibility and control over sensitive data has become increasingly complex.

When the Vibes Lie: Securing IaC in the Age of Prompt Generated Templates

Infrastructure as Code (IaC) gives teams speed, repeatability, and auditability, but only when it’s done securely.

SANS 2025 AI Survey Webcast & Forum: Measuring AI's Impact on Security Three Years Later

This webcast is built on insights from one of our most anticipated cybersecurity surveys of the year—offering an in-depth look at how the community is adopting, adapting to, and defending against artificial intelligence in all its forms.

Stop Playing Security Whack-a-Mole: Enforcing Cloud Security with Organizational Controls

Security teams often find themselves reacting to cloud misconfigurations and policy violations after they occur—playing an endless game of security Whack-a-Mole.

Major Course Update 2025: SEC598 | Automate Security with Generative AI

In this exclusive webcast, course authors Jeroen Vandeleur and Jason Ostrom unveil the groundbreaking updates to SEC598: AI and Security Automation for Red, Blue, and Purple Teams.

Full Packet Capture as a Strategic and Regulatory Imperative

Cybersecurity leaders and compliance professionals are under increasing pressure to meet a growing array of global regulations—all while maintaining effective threat detection and response capabilities. Traditional monitoring is no longer enough. Full Packet Capture (FPC) is rapidly emerging as a foundational requirement—not only for real-time visibility and forensic analysis, but as a direct response to regulatory mandates in the U.S., EU, and beyond.

Unlock the Power of Network Visibility in Industrial Environments

In ICS/OT environments, network visibility isn’t just a buzzword, it’s the foundation for safe and effective cybersecurity, incident response, and operational/engineering troubleshooting.

Raiders of the Encrypted Disk | 暗号化されたディスクの襲撃者

Ransomware strikes an innocent virtual hard disk leaving its contents unrecoverable… or so we were told.

Balancing On-Prem and Cloud Security: Strategic Considerations for Modern Organizations

Join us on September 16, 2025, at 1:00pm ET for a deep dive into how modern enterprises can keep pace with today’s fast-moving threat landscape.

The Hype Around GRC Engineering: What It Is and Why It’s Growing

The evolving field of Governance, Risk, and Compliance (GRC) is increasingly intersecting with engineering, giving rise to a pivotal discipline known as GRC Engineering. This 45-minute webinar explores this emerging practice, clearly defining GRC Engineering and highlighting its critical role within modern enterprises.

Shadow Steps: Understanding and Detecting User Impersonation and Lateral Movement in Active Directory

This hands-on, scenario-driven workshop delves into how attackers move stealthily through Active Directory environments using user impersonation and lateral movement techniques.

SANS Raleigh 2025: SANS@Night - I, For One, Welcome Our New AI Overlords (Pentesting, AI, And The Future)

The integration of AI in penetration testing promises to revolutionize cybersecurity assessments. Machine learning algorithms will automate vulnerability discovery, enabling real-time identification and exploitation of security weaknesses.

Top Active Directory Attacks Every Security Professional Should Know

Modern smartphones collect an extensive array of data that offers insights into a user's daily behavior, often without them being fully aware of it. This presentation will delve into how digital forensics can analyze such data to reconstruct an individual's actions, routines, and habits.

The Latest on AI and Its Impact on Cybersecurity

This session examines the latest developments in GenAI, both as a potent weapon for attackers and a game-changing tool for defenders.