Final Week to Get a MacBook Air or Surface Pro 7 with 5 or 6 Day Training - Register Today!

Cloud Security Webcasts

SANS Webcasts are live web broadcasts that allow you to hear a knowledgeable speaker while viewing presentation slides that you download in advance. You need either Real Audio Player or Windows Media Player (free downloads are available on the webcast access page), and a SANS Account. If you aren't a member of the SANS.org Community, just go to the Join Community page and fill in the simple registration form, it's free.

Webcasts
Title Speaker Date Sponsor
BIPOC in Cybersecurity Forum: Cloud Security Frank Kim Feb 18, 2021 --
AWS Well-Architected: A Well-Architected Environment is a More Secure & Operationally Excellent Environment Jonathan Kirby Jan 27, 2021 --
3-part series: PowerShell for Audit, Compliance and Security Automation and Visualization Part 3: Beyond CSVs - Visualization using PowerShell, Excel and Grafana Clay Risenhoover Jan 21, 2021 --
Most Used AWS Services & How to Use Them Securely Jonathan Kirby Jan 14, 2021 --
3-part series: PowerShell for Audit, Compliance and Security Automation and Visualization Part 2: Audit and Compliance Data Acquisition with PowerShell Clay Risenhoover Jan 14, 2021 --
3-part series: PowerShell for Audit, Compliance and Security Automation and Visualization Part 1: Introduction to Automation with PowerShell Clay Risenhoover Jan 7, 2021 --
SANS Cloud Security Solutions Forum Dec 11, 2020 AWS Marketplace
Alibaba Cloud Security Tim Coakley Nov 20, 2020 --
Extending DevSecOps Security Controls into the Cloud: A Panel Discussion of the 2020 SANS Survey Jim Bird and Eric Johnson Nov 4, 2020 CloudPassage
Beyond Compliance: Tips to Deliver Engaging Application Security Training Scott Russo Oct 30, 2020 Secure Code Warrior
Extending DevSecOps Security Controls into the Cloud: A SANS Survey Jim Bird and Eric Johnson Oct 28, 2020 Cisco Systems
AWS ID Prefixes: What AWS Doesn’t Cover is What You Need to Know Dan Girard Sep 24, 2020 --
2020 SANS Enterprise Cloud Incident Response Survey: A Panel Discussion Chris Dale, Tanner Payne, Bobby Mazzotti Sep 22, 2020 ExtraHop
2020 SANS Enterprise Cloud Incident Response Survey Results Chris Dale and Matt Bromiley Sep 15, 2020 Cisco Systems Inc.
A Purple-Team Approach to Exploring AWS Security Services & Capabilities Kenneth G.. Hartman Sep 8, 2020 --
Dealing with an Adolescent Cloud Ross Young Sep 4, 2020 --
SANS Vulnerability Management Maturity Model Jonathan Risto Aug 20, 2020 --
Stranger Things in the Cloud: How Do We Stop Breaches? Roger O’Farril Aug 14, 2020 --
In the Cloud. We don't need roads. Kyle Dickinson Aug 7, 2020 --
How to Protect All Surfaces and Services in the AWS Cloud Jul 28, 2020 AWS Marketplace
Cyber Security 101 for Human Resource Professionals Kelli Tarala Jul 22, 2020 --
An Integrated Approach to Embedding Security into DevOps Jake Williams, Matt Rose Jul 22, 2020 Checkmarx Ltd.
Attacking and Defending Cloud Native Infrastructure Andy Martin Jul 16, 2020 Cisco Systems Inc.
Threat Hunting through Log Analysis in AWS Shaun McCullough Jul 15, 2020 --
Consulting: What Makes a Good Consultant, from the “Hiring One” and “Being One” perspectives Ted Demopoulos Jul 7, 2020 --
SANS @MIC Talk - Defending Lift and Shift Cloud Applications Ryan Nicholson Jul 1, 2020 --
Extending Your Home Lab to include Cloud Ismael Valezuela, Justin Henderson Jul 1, 2020 --
Leading the Cloud transformation - Building the Roadmap Jason Lam Jun 26, 2020 --
SANS @MIC Talk - SEC510: Multicloud Security Assessment and Defense Eric Johnson, Brandon Evans Jun 24, 2020 --
The Best of Both Worlds: Cloud + SASE Prasidh Srikanth, Kenneth G. Hartman Jun 23, 2020 Bitglass
SANS@MIC- Infrastructure as Code is REAL: Using the Cloud to Provision Infrastructure with Software Shaun McCullough Jun 22, 2020 --
Effortlessly Immunize Software - Rapidly Inoculate Compiled Code Against Software Memory Vulnerabilities Doug Britton Jun 18, 2020 RunSafe Security
SANS@MIC -Arcane web and mobile application vulnerabilities Bojan Zdrnja Jun 15, 2020 --
Shift Left: Integrate security in your DevOps lifecycle Remi Phillipe Jun 4, 2020 Cisco Systems Inc.
Winning in the Dark - Defending Serverless Infrastructure in the Cloud Eric Johnson Jun 3, 2020 --
How to Implement a Software-Defined Network Security Fabric in AWS Dave Shackleford and Sagar Khasnis May 27, 2020 AWS Marketplace
Mobile Application Dynamic Analysis Jeroen Beckers May 26, 2020 --
How to Better Understand HR to Accomplish our Cybersecurity Goals Jim Michaud May 21, 2020 --
Enabling Consistent Multi-Cloud Security, Forensics and Incident Response Chris McHenry May 15, 2020 Cisco Systems Inc.
SANS @Mic Talk - Cloud Native Payloads: A Matryoshka Doll of Exploits Moses Frost May 13, 2020 --
Privilege Escalation in GCP - A Transitive Path Kat Traxler May 13, 2020 --
Enabling Consistent Multi-Cloud Security, Forensics and Incident Response Chris McHenry May 13, 2020 Cisco Systems Inc.
WhatWorks in Migrating to the Cloud while Maintaining Security and Network Performance (with a remote workforce) Juan Canales - Sr. Manager of Enterprise Security and Architecture at Hill Physicians Medical Group (HPMG) and John Pescatore - SANS Director of Emerging Security Trends Apr 29, 2020 ExtraHop
How to Design a Least Privilege Architecture in AWS Dave Shackleford and Sagar Khasnis Apr 29, 2020 AWS Marketplace
Securing the shift to cloud-based business operations Samantha Humphries and Jean-Paul Bergeaux Apr 22, 2020 Exabeam
7 Techniques for Ramping Your DevSecOps Program Quickly Jake King Mar 26, 2020 Cmd
Building an Enterprise DevSecOps Program Rich Mogull and Chris Kirsch Mar 26, 2020 Veracode
Anatomy of a Cloud Data Breach Nathan Smolenski and Ray Canzanese Mar 19, 2020 Netskope
State of Cloud and Threats Ray Canzanese, Ph.D. Mar 4, 2020 Netskope
How to Leverage Endpoint Detection and Response (EDR) in AWS Investigations Justin Henderson and Sagar Khasnis Mar 3, 2020 AWS Marketplace
Secure by Default? Scoring the Big 3 Cloud Providers Brandon Evans Jan 27, 2020 --
Protecting your Cloud Native & Kubernetes environments from exposure and breach with Cisco Stealthwatch Cloud Jeff Moncrief Jan 22, 2020 Cisco Systems Inc.
Why as a DoD Contractor Do I Need to Be CMMC Compliant Katie Arrington Jan 14, 2020 --
How to Leverage a CASB for Your AWS Environment Kyle Dickinson and David Aiken Dec 19, 2019 AWS Marketplace
Getting Your Head in the Cloud: Implementing Security Monitoring for Public Clouds Sunil Amin Dec 12, 2019 Cisco Systems Inc.
Protecting the User: A Review of Mimecast’s Web Security Service David Szili and Dan Sloshberg Dec 12, 2019 Mimecast Services Limited
Workforce Development What Works – Jason Jury – Booz Allen Hamilton Jason Jury and John Pescatore Dec 4, 2019 --
Move to Cloud: A Chance to Finally Transform Security? Matt Bromiley, Dr. Anton A. Chuvakin and Brandon Levene Nov 26, 2019 Chronicle
Hiring and retaining for the SOC: Recruit, Train, and Retain Talented and Dedicated Staff Christopher Crowley Nov 14, 2019 --
How to Perform a Security Investigation in AWS Kyle Dickinson and David Aiken Nov 14, 2019 AWS Marketplace
Lessons from the Trenches: Implementing Zero Trust Data Centers in the Real World Dave Karp and Chase Cunningham Nov 8, 2019 ShieldX
Attacking and Defending Cloud Metadata Services Eric Johnson Oct 30, 2019 --
SANS Cloud Security Operations Solutions Forum Kenneth G. Hartman Oct 18, 2019 Cisco Systems Inc.
How to Inject Security Into Your Software Development Life Cycle - Close Security Gaps in Your Software Supply Chain Through Automation and Deep Analysis Chip Epps and Rob Simmons Oct 15, 2019 Reversing Labs
How to Secure App Pipelines in AWS Dave Shackleford and David Aiken Oct 10, 2019 AWS Marketplace
The perils and perks of cloud access security David Hazar Sep 30, 2019 --
Jumpstart Guide to Application Security in the Cloud Nathan Getty, Aidan Walden and Nam Le Sep 24, 2019 AWS Marketplace
How to Build a Threat Detection Strategy in AWS David Szili and David Aiken Sep 12, 2019 AWS Marketplace
How to Protect Enterprise Systems with Cloud-Based Firewalls Kevin Garvey and David Aiken Aug 8, 2019 AWS Marketplace
JumpStart Guide to Cloud-Based Firewalls in AWS Brian Russell, Anthony Tanzi and David Aiken Jul 31, 2019 AWS Marketplace
How to Build an Endpoint Security Strategy in AWS Thomas Banasik and David Aiken Jul 18, 2019 AWS Marketplace
You can rest easy when protecting REST APIs Jason Lam Jul 17, 2019 --
Next-Gen Vulnerability Management: Clarity, Consistency, and Cloud David Hazar Jun 28, 2019 --
Cloud Data Protection Mark Geeslin Jun 25, 2019 --
JumpStart Guide for Endpoint Security in AWS David Hazar, Joe Vadakkan, and David Aiken Jun 25, 2019 AWS Marketplace
How to Build a Data Protection Strategy in AWS Dave Shackleford and David Aiken Jun 13, 2019 AWS Marketplace
Lessons From the Front Lines of AppSec: Analysis of real-world attacks from 2019 and best practices for dealing with them Chris Brazdziunas and Will Woodson Jun 4, 2019 ThreatX
Cloud Security Automation: Monitoring and Operations Frank Kim May 28, 2019 --
Web application defense – Use headers to make pentester’s job difficult Jason Lam May 15, 2019 --
How to Secure a Modern Web Application in AWS Shaun McCullough and David Aiken May 9, 2019 AWS Marketplace
The State of Cloud Security: Panel Discussion Dave Shackleford, Jim Reavis, Pawan Shankar and Eric Thomas May 7, 2019 ExtraHop
Terraforming Azure: not as difficult as planets David Hazar May 7, 2019 AWS Marketplace: Telos Corporation
The State of Cloud Security: Results of the SANS 2019 Cloud Security Survey Dave Shackleford and Jim Reavis May 1, 2019 ExtraHop
Simplifying Application Security with Software-Defined Security Matt DeVincentis and Dave Shackleford Apr 17, 2019 VMWare, Inc
How to Automate Compliance Gaps for Public Cloud Vikram Varakantam and John Pescatore Apr 11, 2019 Lacework
How to Build a Security Visibility Strategy in the Cloud Dave Shackleford and David Aiken Apr 11, 2019 AWS Marketplace
Cloud Security and DevOps Automation: Keys for Modern Security Success Eric Johnson Apr 9, 2019 --
Next-Gen Vulnerability Management: Clarity, Consistency, and Cloud David Hazar Apr 9, 2019 --
Building a Zero Trust Model in the Cloud with Microsegmentation Salvatore Sinno and John Kindervag Apr 2, 2019 Unisys
Securing Your Endpoints with Carbon Black: A SANS Review of the CB Predictive Security Cloud Platform Dave Shackleford and Tristan Morris Mar 18, 2019 Carbon Black
How to Automate Compliance and Risk Management for Cloud Workloads Matt Bromiley and David Aiken Mar 15, 2019 AWS Marketplace
Overcoming Obstacles to Secure Multi-cloud Access Rajoo Nagar and John Pescatore Mar 13, 2019 Pulse Secure
Taking SIEM to the Cloud: A SANS Review of Securonix Next-Gen SIEM Dave Shackleford and Nitin Agale Mar 1, 2019 Securonix
Prioritizing Security Operations in the Cloud through the Lens of the NIST Framework John Pescatore and David Aiken Feb 21, 2019 AWS Marketplace
Modern AppSec Tools for Modern AppSec Problems: A Practical Introduction to the Next-Gen WAF Kelly Brazil Feb 19, 2019 ThreatX
Best Practices to Get You CloudFit- 12 AWS Best Practices for Cloud Security John Martinez and Matt Bromiley Jan 31, 2019 Palo Alto Networks
Using Data Science to Secure Cloud Workloads Mikkel Hansen and Aaron Bryson Jan 17, 2019 Cylance
Modern Information Security; Forget Cyber, It\'s All About AppSec Adrien de Beaupre Dec 19, 2018 --
WhatWorks in Application Security: How to Detect and Remediate Application Vulnerabilities and Block Attacks with Contrast Security John Pescatore and Joshua Bentley Dec 12, 2018 Contrast Security
Secure DevOps: Fact or Fiction? SANS Survey Looks at Reality, Part II Jim Bird, Barb Filkins, Chris Eng, Sandeep Potdar, and Hari Srinivasan Nov 9, 2018 Aqua Security Inc.
Secure DevOps: Fact or Fiction? SANS Survey Looks at Reality, Part I Jim Bird, Barb Filkins, Dan Kuykendall, Zane Lackey, and Rani Osnat Nov 8, 2018 Aqua Security Inc.
How to use Machine Learning to protect Cloud Infrastructure Subbu Iyer and Chaitanya Yinti Nov 7, 2018 Oracle
How to Conduct and Utilize Human Intelligence by Engaging Your Cyber Adversaries Itay Kozuch Oct 30, 2018 IntSights
Why the World Must Take Notice of the Rising Asian Dark Web Itay Kozuch and Brandon McCrillis Oct 2, 2018 IntSights
Cloud Services - Look before you Leap David Miller Sep 19, 2018 --
Continuous Security: Monitoring & Active Defense in the Cloud Eric Johnson Aug 14, 2018 --
Cloud Security Visibility: Establishing security control of the cloud estate Avishai Wool and Dave Shackleford Jul 11, 2018 AlgoSec Systems, Ltd.
10 Tips for Effective Modern Day Endpoint Protection Jake Williams and Adam Licata Jun 21, 2018 Symantec
The Cloud Browser: Enabling Safe and Secure OSINT Malware Analysis John Klassen, Nick Espinoza and John Pescatore Jun 11, 2018 Authentic8
True Detective – Autopsy of latest O365 and AWS threats Brandon Cook and John Pescatore May 30, 2018 SkyHigh Networks
Securing the Hybrid Cloud: A Guide to Using Security Controls, Tools and Automation Dave Shackleford and Chris Carlson Apr 2, 2018 Qualys
Moving Endpoint Security to the Cloud: Replacing Traditional Antivirus Barbara Filkins and Dave Gruber Mar 27, 2018 Carbon Black
Secure DevOps: Encryption in the Cloud with KMS Mark Geeslin Mar 12, 2018 --
Why Insider Actions Matter: SANS Review of LogRhythm CloudAI for User and Entity Behavior Analytics Dave Shackleford, Samir Jain, and Mark Settle Feb 27, 2018 LogRhythm
It’s Time to Move Endpoint Security to the Cloud Sean Blanton and John Pescatore Feb 23, 2018 Carbon Black
5 Critical Success Factors for Identity When Moving to the Cloud Eric Olden Feb 21, 2018 Oracle
The Impact Of Enterprise Web Application Trends Going Mainstream Serge Borso and Saikrishna Chavali Feb 14, 2018 Veracode
Cloud Security: Taking charge of Security in Your Cloud- A Master\'s Degree Presentation Luciana Obregon Feb 14, 2018 --
Secure DevOps: Microservices and API Security Greg Leonard Feb 12, 2018 --
Building Zero Trust Model with Microsegmentation in the Cloud Salvatore Sinno & Jonathan Payne Feb 9, 2018 Unisys
Secure DevOps: Faster Feedback with Effective Security Unit Tests in CI / CD Eric Johnson Jan 15, 2018 --
OWASP Top 10 2017: What You Need to Know Dr. Johannes Ullrich and Chris Eng Dec 8, 2017 Veracode
Secure DevOps – Monitoring in the Cloud Ben Allen Dec 4, 2017 --
The ROI of AppSec: Getting your Money\'s Worth from Your AppSec Program Jim Bird, Maria Loughlin, and Ellen Nussbaum Nov 30, 2017 Veracode
Secure DevOps: Three Keys for Success Frank Kim Nov 13, 2017 --
Scripting Cloud Security Capabilities Kenneth Hartman Nov 7, 2017 --
Cloud Security: Defense in Detail if Not in Depth. Part 2: Changes Make the Cloud More Secure, but Is InfoSec Changing Even More? Dave Shackleford, Eric Boerger, and Nicolas (Nico) Fischbach Nov 2, 2017 BMC Software, Inc.
Cloud Security: Defense in Detail if Not in Depth. Part 1: Using Cloud Services to Address the Cloud Threat Environment Dave Shackleford, Allison Cramer, and Mark Butler Nov 1, 2017 BMC Software, Inc.
7-Step Process to Secure AWS and Custom Applications John Pescatore, Brandon Cook, Niraj Patel, and Anant Mahajan Oct 25, 2017 SkyHigh Networks
Application Breaches and Lifecycle Security: SANS 2017 Application Security Survey, Part 2 Frank Kim, Anthony Bettini and Ryan O\'Leary Oct 25, 2017 Rapid7 Inc.
Application Security on the Go! SANS Survey Results, Part 1 Eric Johnson, Alfred Chung, Colin Domoney and Apoorva Phadke Oct 24, 2017 Rapid7 Inc.
There's A Secure App for That: How to Mitigate Attacks Targeting Automotive Mobile Application's Communications Ben Gardiner and Colin DeWinter Oct 17, 2017 --
DevSecOps - Building Continuous Security Into IT & App Infrastructures Chris Carlson and John Pescatore Oct 10, 2017 Qualys
I\'m in the cloud now so... I\'m secure right? John Pescatore and Jeff Melnick Oct 5, 2017 Netwrix
Asking the Right Questions about Dynamic Scanning to Secure Web Applications: A Buyer\'s Guide to App Sec Scanning Tools Barbara Filkins and Joe Pelletier Sep 12, 2017 Veracode
Continuous Security: Implementing the Critical Controls in a DevOps Environment, A SANS Technology Institute Master’s Degree Presentation Alyssa Robinson Aug 16, 2017 --
Making Sense of the Critical Security Controls in the Cloud Eric Johnson Aug 15, 2017 --
Cloud Security Monitoring Balaji Balakrishnan Jul 20, 2017 --
Automating Cloud Security to Mitigate Risk Dave Shackelford and David Boardman Jul 14, 2017 Skybox Security, Inc.
Effortless Detection and Investigation of Cloud Breaches: A Review of Lacework\'s Zero Touch Cloud Workload Security Platform Matt Bromiley and Sanjay Kalra Jun 28, 2017 Lacework
Using Dynamic Scanning to Secure Web Apps in Development and After Deployment Barbara Filkins and Chris Kirsch May 31, 2017 Veracode
The Role of Vulnerability Scanning in Web App Security Barbara Filkins and Ferruh Mavituna May 25, 2017 Netsparker
Choosing the Right Path to Application Security Adam Shostack and Chris Wysopal May 24, 2017 Veracode
Mobile App Security Trends and Techniques Gregory Leonard Apr 7, 2017 --
Increasing Software Security Up and Down the Supply Chain John Pescatore, Steve Lipner, John Martin, and Chris Wysopal Apr 4, 2017 Veracode
SOC in the Cloud: A review of Arctic Wolf SOC Services Sonny Sarai and Sridhar Karnam Mar 29, 2017 Arctic Wolf Networks
Best practices for securing, analyzing, and mitigating threats to your AWS applications Sesh Sayani, Mike Janik, and Scott Ward Mar 28, 2017 Gigamon
Changing the Game in Public Cloud Security Erik Yunghans, Scott Simkin, and Dave Shackelford Mar 22, 2017 Palo Alto Networks
Real DevSecOps for the Security Practitioner Jenks Gibbons Mar 1, 2017 CloudPassage
Continuous Integration: Static Analysis with Visual Studio & Roslyn Eric Johnson Feb 24, 2017 --
Implementing and Maintaining a DevSecOps Approach in the Cloud - Tips, tricks, operational and security best practices George Gerchow and Mark Bloom Jan 25, 2017 Sumo Logic
2017 Cloud Security and Risk Benchmarks Brandon Cook and John Pescatore Jan 24, 2017 SkyHigh Networks
Enhanced Application Security for the Financial Industry Steve Kosten and Mike Ware Jan 17, 2017 Synopsys
Easier Web App Pen Testing by Leveraging Plugins & Extensions Micah Hoffman Oct 27, 2015 --
Complete Application pwnage via Multi-POST XSRF Adrien de Beaupre Oct 9, 2015 --
Analyst Webcast: RASP vs. WAF: Comparing Capabilities and Efficiencies Jake Williams Aug 14, 2015 HP
Protecting Third Party Applications with RASP Eric Johnson and Cindy Blake Jul 30, 2015 Hewlett Packard
WhatWorks in AppSec: ASP.NET Identity and AntiForgery Tokens Eric Johnson Jul 24, 2015 --
How to Detect SQL Injection & XSS Attacks with AlienVault USM Mark Allen and Garrett Gross Jul 15, 2015 AlienVault
Blocking XSS attacks with Content Security Policy Greg Leonard Jun 22, 2015 --
Node.js: Successful, exciting... and bares security risks Amit Ashbel Jun 9, 2015 Checkmarx Ltd.
Application Security by Example Frank Kim May 18, 2015 --
2015 Application Security Survey, Part 2: Builder Issues Eric Johnson, Maria Loughlin and Bruce Jenkins May 14, 2015 Hewlett Packard
2015 Application Security Survey, Part 1: Defender Issues Eric Johnson, Will Bechtel, Robert Hansen and Brian Maccaba May 13, 2015 Hewlett Packard
What's in your software? Reduce risk from third-party and open source components. Adrian Lane and Phil Neray Nov 18, 2014 Veracode
Building a Content Security Policy Eric Johnson Aug 19, 2014 --
SQL Injection Exploited Micah Hoffman Aug 8, 2014 --
Securing Web Applications: Identifying and Managing Risks with Programming Languages and Frameworks Johannes Ullrich and Jeremiah Grossman May 21, 2014 WhiteHat Security
Secrets of Exploiting Blind SQL Injection Justin Searle Apr 30, 2014 HP
Application Security Programs On the Rise, Skills Lacking: A SANS Survey Frank Kim, Will Bechtel, Erik Peterson and Ryan English Feb 12, 2014 HP
HTML5: Risky Business or Hidden Security Tool Chest for Mobile Web App Authentication Johannes Ullrich Jan 13, 2014 --

View All webcasts | Subscribe to webcast feed