World-Class, Expert-Led Cybersecurity Training

SANS Cyber Defense Initiative 2025: SANS@Night - From Servant to Surrogate: The Misenar 4A Model for Agentic Security

Organizations keep deploying AI "agents" without understanding what autonomy level they're getting or what governance it warrants. Chinese state-sponsored hackers used Claude Code to automate a cyberattack campaign across 30 organizations. Replit's AI coding agent deleted a production database, then tried to cover up its mistake. These aren't anomalies. They're predictable governance failures.

SANS Cyber Defense Initiative 2025: SANS@Night - Pay to Play: Surviving and Winning Ransomware Negotiations in 2025

This isn't your typical "don't pay ransoms" talk. We'll explore the harsh realities where business continuity and regulatory pressure create impossible choices, providing practical frameworks for decision-making under duress, technical protocols for verifying attacker claims, and strategies for maintaining leverage when all seems lost.

Mysteries in the Cloud: The Baker221b Cyber Sleuth Challenge

Join the renowned investigators of Baker221b and step into the role of a digital detective.

The Future of Network Security: A Thought Leader's Guide to Hybrid Mesh Firewall

In this webinar, experts from SANS and Cisco will explore the hybrid mesh firewall approach—what it is, why it’s critical today, and effective deployment at scale. 

Securing Branch and OT Environments with Agentless Segmentation

In this SANS First Look webcast, we explore how Zscaler’s Zero Trust Branch (ZTB) introduces a new, streamlined approach to securing branch and OT environments.

SANS Nashville Winter 2026: SANS@Night - Bootstrap: How To Start Anything

This talk is about how to bootstrap almost anything, whether it’s a company, an open source project, a personal pursuit, a charity, a conference, or just about anything else.

Securing Remote Access in OT: A Critical Control for Modern Risk

Mike Hoffman will explain how Dispel’s OT-first remote access platform implements 5CC-aligned safeguards—covering architecture, deployment patterns, connection models, and operational controls. You’ll see how moving-target defense, disposable sessions, vaulted credentials, granular auditing, and compliance artifacts can reduce dwell time and simplify investigations—while preserving operator productivity.

SANS 2026 Kubernetes & CNAPP Forum

The SANS 2026 Kubernetes and CNAPP Forum is a focused, one-day event designed for security professionals, DevOps teams, and cloud architects seeking to secure modern, containerized applications.

MCP and the Question of Authorization

The Model Context Protocol (MCP) is becoming increasingly important in enabling and expanding the capabilities of agents.

SANS Holiday Hack Challenge 2025 | Closing Ceremony and Winners Announcement

Join us for the grand finale of the Holiday Hack Challenge 2025 where we’ll reveal the names of the big winners as we bid farewell to another chapter of challenges, victories, and innovation!

Three Keys to Becoming a Cyber Risk Officer | サイバーリスク責任者になるための3つのポイント

Modern security leaders must deal with an endless barrage of changes to the business, technology, and threat landscape. This requires a combination of technical knowledge, understanding of risk, and the ability to lead teams in times of intense pressure.

Securing Enterprise Data in the Age of AI: Closing Gaps Through DLP and Data Risk Management Programs

This webcast will explore where conventional DLP programs fall short in the age of AI, including lack of context, overwhelming alert fatigue, and ineffective measurement.

Beyond the Breach - Why Unified DFIR Is the Future of Enterprise Cyber Resilience

This session explores the strategic shift toward unified DFIR platforms that merge forensic-grade investigation capabilities with incident response. Attendees will gain insight into how integrating evidence collection, artifact triage, endpoint isolation, and threat remediation into a single workflow reduces tool fatigue, shortens dwell time, and improves regulatory compliance.

CTI Summit Solutions Track - CTI in the AI Arms Race: Building Resilient, Adaptive Intelligence Platforms for 2026: Day 1

As adversaries harness AI to deploy polymorphic malware, agentic automation, and high-speed deception, defenders must respond with intelligent, explainable, and resilient threat intelligence systems.

CTI Summit Solutions Track - CTI in the AI Arms Race: Building Resilient, Adaptive Intelligence Platforms for 2026: Day 2

As adversaries harness AI to deploy polymorphic malware, agentic automation, and high-speed deception, defenders must respond with intelligent, explainable, and resilient threat intelligence systems.

The Five ICS Cybersecurity Critical Controls

Join Justin Searle, one of the leading experts in the industry and one of our Senior Instructors at SANS, for the first in a series of webcasts that will walk you through the most challenging aspects of launching a cybersecurity program in OT/ICS.

SANS ICS Command Briefing 2026: Preparing for What Comes Next in Industrial Cybersecurity

Grounded in current SANS research and frontline operational experience, this one-hour session brings together Tim Conway, Robert M. Lee, Jason D. Christopher, and Dean Parsons to deliver leadership-level guidance for practitioners and executives.

Maturing Your Incident Response Program with Updated NIST SP 800-61 Rev 3 Guidance

NIST SP 800-61 just got a major update with Revision 3. Learn what changed and how to mature your Incident Response program with actionable updates that you can use right away.

Go Beyond SIEM to Transform Your SOC with AI - Cortex XSIAM

Join this SANS webcast to discover how to build a modern, AI-driven SOC powered by Cortex XSIAM—the industry’s leading AI-powered security operations platform.

Beyond Borders: Modern Data Security in the Cloud and AI Era

Come to this webcast to learn how to translate cloud adoption and AI integration into effective defenses that can be applied consistently, at scale, and without slowing innovation.