Below you can find all webcasts that have already been presented since 2013. You can view these webcasts and download the slides by logging into your SANS Portal Account or creating an Account. Once you have logged in, click the Register Now button on your webcast of choice to view the Webcast and download slides.
Archive Webcasts
| Date | Title | Sponsor | Speaker |
|---|---|---|---|
| Monday, December 18, 2017 at 3:30 PM EST (2017-12-18 20:30 UTC) | Lessons Learned from the TalkTalk Breach - A Master's Candidate Webcast | Ed Yuwono | |
| Friday, December 15, 2017 at 3:30 PM EST (2017-12-15 20:30 UTC) | The Convergence of EPP and EDR: Tomorrow's Solution Today | FireEye | Dan Reis, John Pescatore |
| Thursday, December 14, 2017 at 1:00 PM EST (2017-12-14 18:00 UTC) | Who Owns ICS Security? Fusing IT, OT, & IIoT Security in the Corporate SOC. | CyberX | Phil Neray, Doug Wylie |
| Wednesday, December 13, 2017 at 3:30 PM EST (2017-12-13 20:30 UTC) | 2017 Trends and Strategies for Protecting Endpoints in Healthcare | Barkly | Justin Armstrong, Jack Danahy, Barbara Filkins |
| Wednesday, December 13, 2017 at 1:00 PM EST (2017-12-13 18:00 UTC) | Stop All Imposter Threats Coming Into and Going Out of your Organization | ProofPoint | Ryan Terry, John Pescatore |
| Wednesday, December 13, 2017 at 10:30 AM EDT (2017-12-13 15:30 UTC) | Global Response and Industrial Defense (GRID) Certification - What ICS Defenders Need to Know | Robert M. Lee | |
| Monday, December 11, 2017 at 8:18 PM EST (2017-12-12 01:18 UTC) | Please Check Back | ||
| Monday, December 11, 2017 at 1:00 PM EST (2017-12-11 18:00 UTC) | Tackling DoD Cyber Red Team Deficiencies Through Systems Engineering A Master's Candidate Webcast | John Schab | |
| Friday, December 08, 2017 at 3:00 PM EST (2017-12-08 20:00 UTC) | Java on the server? What could possibly go wrong? | Adrien de Beaupre, Jason Blanchard | |
| Friday, December 08, 2017 at 1:00 PM EST (2017-12-08 18:00 UTC) | Driving Better Cybersecurity for Industrial Networks and Critical Infrastructure | Claroty Inc. | Dan Desruisseaux, Patrick McBride |
| Friday, December 08, 2017 at 10:30 AM EST (2017-12-08 15:30 UTC) | OWASP Top 10 2017: What You Need to Know | Veracode | Dr. Johannes Ullrich, Chris Eng |
| Thursday, December 07, 2017 at 1:00 PM EST (2017-12-07 18:00 UTC) | Using Anti-Evasion to Block Stealth Attacks with Minerva Labs | Minerva Labs | Lenny Zeltser, Eric Cole, PhD |
| Thursday, December 07, 2017 at 10:30 AM EST (2017-12-07 15:30 UTC) | Continuous Security Validation: How effective is your security? | Forcepoint LLC | Anil Nandigam |
| Wednesday, December 06, 2017 at 1:00 PM EST (2017-12-06 18:00 UTC) | Security and Ops Hacks | Rapid7 Inc. | Sonny Sarai |
| Wednesday, December 06, 2017 at 10:30 AM EST (2017-12-06 15:30 UTC) | Business-Driven Network Security Policy Management | AlgoSec Systems, Ltd. | Edy Almer |
| Tuesday, December 05, 2017 at 3:30 PM EST (2017-12-05 20:30 UTC) | Top Network Security Products Revealed in Latest Tests | Forcepoint LLC | Thomas Skybakmoen |
| Tuesday, December 05, 2017 at 1:00 PM EST (2017-12-05 18:00 UTC) | Next-Generation Antivirus (NGAV) Buyer's Guide: Successful Strategies for Choosing and Implementing NGAV | Carbon Black | Barbara Filkins, Brian Gladstein |
| Tuesday, December 05, 2017 at 10:30 AM EST (2017-12-05 15:30 UTC) | Bring the Fight to Them: Hunting down adversaries using OSQuery | Erik Van Buggenhout, Stephen Sims | |
| Monday, December 04, 2017 at 1:00 PM EST (2017-12-04 18:00 UTC) | Secure DevOps – Monitoring in the Cloud | Ben Allen | |
| Thursday, November 30, 2017 at 1:00 PM EDT (2017-11-30 18:00 UTC) | The ROI of AppSec: Getting your Money's Worth from Your AppSec Program | Veracode | Jim Bird, Maria Loughlin, Ellen Nussbaum |
| Wednesday, November 29, 2017 at 1:00 PM EST (2017-11-29 18:00 UTC) | Use Code Reuse to your Advantage: The Forgotten Component of your Incident Response Plan | Intezer | Itai Tevet, Jake Williams |
| Wednesday, November 22, 2017 at 10:00 AM EST (2017-11-22 15:00 UTC) | GDPR - What to Train Your Workforce | Brian Honan, Lance Spitzner | |
| Tuesday, November 21, 2017 at 1:00 PM EST (2017-11-21 18:00 UTC) | The Four Types of Threat Detection for ICS Security | Dragos, Inc. | Robert M. Lee |
| Tuesday, November 21, 2017 at 10:00 AM EDT (2017-11-21 15:00 UTC) | Memory Forensics: Sodium Pentothal for Your Security | Jake Williams, Alissa Torres | |
| Monday, November 20, 2017 at 1:00 PM EST (2017-11-20 18:00 UTC) | Prevent-Detect-RESPONSE - How to Win at Security Part 3 - Implementing Proper Incident Response from SEC401 | Dr. Eric Cole | |
| Friday, November 17, 2017 at 8:00 AM EST (2017-11-17 13:00 UTC) | SANS Security Operations Center (SOC) Briefing | RecordedFuture DomainTools Authentic8 Digital Guardian | Please Check Back |
| Wednesday, November 15, 2017 at 3:30 PM EST (2017-11-15 20:30 UTC) | Collaborative Development of Att&ck Analytics | John Wunder | |
| Wednesday, November 15, 2017 at 10:30 AM EST (2017-11-15 15:30 UTC) | Breaking Down the Data: How Secure Are You and Your Supply Chain? | Bitsight | Stephen Boyer, Jay Jacobs, G. Mark Hardy |
| Tuesday, November 14, 2017 at 3:30 PM EST (2017-11-14 20:30 UTC) | Integrated Security Operations - The Difference between Knowing and Guessing | ServiceNow | Matthew O'Brien, Piero DePaoli, John Pescatore |
| Tuesday, November 14, 2017 at 1:00 PM EST (2017-11-14 18:00 UTC) | A day in the life doing incident response without Bro. And how it could be so much better. | Corelight | Vincent Stoffer, Matt Bromiley |
| Tuesday, November 14, 2017 at 11:00 AM EST (2017-11-14 16:00 UTC) | Using Malware Analysis to Explore the Potential of Malware Vaccination | Lenny Zeltser | |
| Monday, November 13, 2017 at 3:30 PM EST (2017-11-13 20:30 UTC) | Secure DevOps: Three Keys for Success | Frank Kim | |
| Monday, November 13, 2017 at 1:00 PM EST (2017-11-13 18:00 UTC) | Making IoT Relevant | Magnet Forensics | Jessica Hyde |
| Friday, November 10, 2017 at 1:00 PM EST (2017-11-10 18:00 UTC) | Getting Started with the SIFT Workstation | Rob Lee | |
| Thursday, November 09, 2017 at 3:00 PM EST (2017-11-09 20:00 UTC) | Which SANS Pen Test Course Should I Take? November 2017 Edition | Jason Blanchard, Larry Pesce, Ed Skoudis | |
| Thursday, November 09, 2017 at 1:00 PM EDT (2017-11-09 18:00 UTC) | Preventing Persistent Attacks With Linux Micro Virtualization | Immutable Systems | Tom Gillis, John Pescatore |
| Thursday, November 09, 2017 at 10:30 AM EST (2017-11-09 15:30 UTC) | Creating Understanding from Data | John Bambenek | |
| Wednesday, November 08, 2017 at 3:00 PM EDT (2017-11-08 20:00 UTC) | Modern Log Parsing and Enrichment with SIEM | John Hubbard, Justin Henderson | |
| Wednesday, November 08, 2017 at 10:30 AM EST (2017-11-08 15:30 UTC) | iOS 11 isn't all fun and games. What we know so far and ways to handle unsupported data sets | Domenica Crognale, Heather Mahalik | |
| Tuesday, November 07, 2017 at 3:30 PM EDT (2017-11-07 20:30 UTC) | Attack and Defend: Linux Privilege Escalation Techniques In Depth | Michael C. Long | |
| Tuesday, November 07, 2017 at 10:30 AM EST (2017-11-07 15:30 UTC) | Scripting Cloud Security Capabilities | Kenneth G. Hartman | |
| Monday, November 06, 2017 at 1:00 PM EST (2017-11-06 18:00 UTC) | Managed Detection and Response and Business context-- where do they meet, how do they co-exist to help organizations understand true risk? | Leidos | Justin Lachesky, Mike Gotham, Anne Saunders, Ken Brown |
| Friday, November 03, 2017 at 3:30 PM EDT (2017-11-03 19:30 UTC) | Catch, Investigate, Repeat: Automating Incident Response with Behavior-Based IOCs | SECDO | Joseph Pizzo, Jake Williams |
| Friday, November 03, 2017 at 1:00 PM EDT (2017-11-03 17:00 UTC) | Updated FOR578 - Training for Security Personnel and Why Intelligence Matters to You | Robert M. Lee | |
| Thursday, November 02, 2017 at 3:30 PM EDT (2017-11-02 19:30 UTC) | Office 365 Migration Checklist: Considerations for Midsize Enterprises | ProofPoint | Jennifer Cheng |
| Thursday, November 02, 2017 at 1:00 PM EDT (2017-11-02 17:00 UTC) | Cloud Security: Defense in Detail if Not in Depth. Part 2: Changes Make the Cloud More Secure, but Is InfoSec Changing Even More? | BMC Software, Inc. Forcepoint LLC Mcafee LLC Qualys | Nicolas Fischbach, Eric Boerger, Dave Shackleford |
| Thursday, November 02, 2017 at 10:30 AM EST (2017-11-02 14:30 UTC) | Spamhaus DNS Firewall ( DNS RPZ ) - DNS as a 'Critical Choke Point' to Block Resolution of Known Malicious Sites | SecurityZONES | Matt Stith |
| Wednesday, November 01, 2017 at 1:00 PM EST (2017-11-01 17:00 UTC) | Cloud Security: Defense in Detail if Not in Depth. Part 1: Using Cloud Services to Address the Cloud Threat Environment | BMC Software, Inc. Forcepoint LLC Mcafee LLC Qualys | Mark Butler, Allison Cramer, Dave Shackleford |
| Wednesday, November 01, 2017 at 10:30 AM EDT (2017-11-01 14:30 UTC) | The Role of AI in Cybersecurity and Auditing | Muzamil Riffat | |
| Tuesday, October 31, 2017 at 10:30 AM EDT (2017-10-31 14:30 UTC) | Closing the Skills Gap with Analytics and Machine Learning | RSA | Peter M. Tran, Ahmed Tantawy |
| Monday, October 30, 2017 at 1:00 PM EDT (2017-10-30 17:00 UTC) | Beyond layered security | Palo Alto Networks | Navneet Singh, John Pescatore |
| Friday, October 27, 2017 at 1:00 PM EDT (2017-10-27 17:00 UTC) | Windows Credentials: Attacks, Mitigations & Defense | Chad Tilbury | |
| Thursday, October 26, 2017 at 3:30 PM EDT (2017-10-26 19:30 UTC) | Prevent-DETECT-Response - How to Win at Security Part 2 - Timely Detection Tips and Tricks from SEC401 | Eric Cole | |
| Thursday, October 26, 2017 at 1:00 PM EDT (2017-10-26 17:00 UTC) | Enhance Your Investigations with Network Data | Cisco Systems | Brian Ford, Matt Bromiley |
| Thursday, October 26, 2017 at 10:30 AM EST (2017-10-26 14:30 UTC) | The Science Behind the Hype: Machine Learning in Endpoint Security | Barkly | David Hoelzer, Jack Danahy |
| Wednesday, October 25, 2017 at 3:30 PM EDT (2017-10-25 19:30 UTC) | 7-Step Process to Secure AWS and Custom Applications | SkyHigh Networks | John Pescatore, Brandon Cook, Niraj Patel, Anant Mahajan |
| Wednesday, October 25, 2017 at 1:00 PM EST (2017-10-25 17:00 UTC) | Application Breaches and Lifecycle Security: SANS 2017 Application Security Survey, Part 2 | Rapid7 Inc. Synopsys Tenable Veracode WhiteHat Security | Frank Kim, Anthony Bettini, Ryan O'Leary |
| Wednesday, October 25, 2017 at 10:30 AM EDT (2017-10-25 14:30 UTC) | Forensic Timeline Analysis Using Wireshark | David Fletcher | |
| Tuesday, October 24, 2017 at 3:30 PM EDT (2017-10-24 19:30 UTC) | Closing the Skills Gap Chasm with Automation and Actionable Analytics | Exabeam | Orion Cassetto, Dave Shackleford |
| Tuesday, October 24, 2017 at 1:00 PM EST (2017-10-24 17:00 UTC) | Application Security on the Go! SANS Survey Results, Part 1 | Rapid7 Inc. Synopsys Tenable Veracode WhiteHat Security | Eric Johnson, Alfred Chung, Colin Domoney, Apoorva Phadke |
| Tuesday, October 24, 2017 at 10:30 AM EDT (2017-10-24 14:30 UTC) | The Maturing of Endpoint Detection and Response (EDR): Choose the Right Solution | CrowdStrike, Inc. | Con Mallon, John Pescatore |
| Friday, October 20, 2017 at 3:00 PM EST (2017-10-20 19:00 UTC) | EDR vs SIEM - Place your bet! The fight is on | Justin Henderson | |
| Thursday, October 19, 2017 at 3:00 PM EDT (2017-10-19 19:00 UTC) | The facts about KRACK and your WPA enabled WiFi network | Larry Pesce | |
| Thursday, October 19, 2017 at 1:00 PM EDT (2017-10-19 17:00 UTC) | Threat Intelligence for Every Security Function | RecordedFuture | Dave Shackleford, Chris Pace |
| Wednesday, October 18, 2017 at 1:00 PM EST (2017-10-18 17:00 UTC) | Security Awareness for Board of Directors | Lance Spitzner, John Pescatore | |
| Wednesday, October 18, 2017 at 10:30 AM EST (2017-10-18 14:30 UTC) | New Threats Posed by Misuse of Legitimate Websites, End-to-End Encryption Technologies and Countermeasures, A SANS Technology Institute Master’s Candidate Presentation | Paul Tang | |
| Tuesday, October 17, 2017 at 1:00 PM EDT (2017-10-17 17:00 UTC) | Targeted Attack Protection: SANS Review of Endgame's endpoint security platform | Endgame | Mike Nichols, Dave Shackleford |
| Tuesday, October 17, 2017 at 11:00 AM EDT (2017-10-17 15:00 UTC) | There's A Secure App for That: How to Mitigate Attacks Targeting Automotive Mobile Application's Communications | Colin DeWinter, Ben Gardiner | |
| Friday, October 13, 2017 at 3:30 PM EDT (2017-10-13 19:30 UTC) | Strut(s) your stuff. | Moses Hernandez | |
| Thursday, October 12, 2017 at 1:00 PM EDT (2017-10-12 17:00 UTC) | NotPetya, Dragonfly 2.0 & CrashOverride: Is Now the Time for Active Cyber Defense in ICS/SCADA Networks? | CyberX | Phil Neray, Mike Assante |
| Wednesday, October 11, 2017 at 1:00 PM EDT (2017-10-11 17:00 UTC) | Isolate the Critical: How to Deploy Microsegmentation for Operational Resiliency | Unisys | Chip Yeager, Erin Kelly |
| Wednesday, October 11, 2017 at 10:30 AM EDT (2017-10-11 14:30 UTC) | Turning Threat Data into Threat Intel Using Automated Analysis | VMRay | Carsten Willems, Dave Shackleford |
| Tuesday, October 10, 2017 at 1:00 PM EDT (2017-10-10 17:00 UTC) | DevSecOps - Building Continuous Security Into IT & App Infrastructures | Qualys | Chris Carlson, John Pescatore |
| Friday, October 06, 2017 at 3:00 PM EST (2017-10-06 19:00 UTC) | Guide to Selecting and Sourcing a Managed Security Services Provider | Cory Mazzola, Chris Crowley | |
| Thursday, October 05, 2017 at 3:30 PM EDT (2017-10-05 19:30 UTC) | Simplified Segmentation for a Stronger Threat Defense | Cisco Systems | Keti Kilcrease |
| Thursday, October 05, 2017 at 1:00 PM EST (2017-10-05 17:00 UTC) | I'm in the cloud now so... I'm secure right? | Netwrix | Jeff Melnick, John Pescatore |
| Wednesday, October 04, 2017 at 3:00 PM EDT (2017-10-04 19:00 UTC) | Detecting Modern PowerShell Attacks with SIEM | Tim Garcia, Justin Henderson | |
| Wednesday, October 04, 2017 at 10:30 AM EDT (2017-10-04 14:30 UTC) | Beyond Scanning: Delivering Impact Driven Vulnerability Assessments | Matthew Toussain | |
| Tuesday, October 03, 2017 at 9:00 PM EDT (2017-10-04 01:00 UTC) | SANS Asia-Pacific Webcast Series- Standard Logs Made into Actionable Detects | Tim Garcia, Justin Henderson | |
| Tuesday, October 03, 2017 at 3:30 PM EDT (2017-10-03 19:30 UTC) | New SANS Course - How to Prevent, Detect & Respond to an Advanced Attack | Erik Van Buggenhout, Stephen Sims | |
| Tuesday, October 03, 2017 at 1:00 PM EDT (2017-10-03 17:00 UTC) | Shrinking Attack Dwell Times - A Phishing Case Study Demo | Syncurity | John Jolly, John Pescatore |
| Tuesday, October 03, 2017 at 9:00 AM EST (2017-10-03 13:00 UTC) | New SANS Course - How to Prevent, Detect & Respond to an Advanced Attack | Erik Van Buggenhout, Stephen Sims | |
| Monday, October 02, 2017 at 1:00 PM EST (2017-10-02 17:00 UTC) | Accurate behavior analysis enables detection and of malicious insiders, outsiders and IoT device | E8 Security | Matt Rodgers, John Pescatore |
| Friday, September 29, 2017 at 1:00 PM EDT (2017-09-29 17:00 UTC) | Understanding Fileless Attacks and How to Stop Them | CrowdStrike, Inc. | Jackie Castelli, John Pescatore |
| Thursday, September 28, 2017 at 3:30 PM EDT (2017-09-28 19:30 UTC) | Clustering, Sourcing, and Correlating All Things Indicators | DomainTools | Kyle Wilhoit, Rebekah Brown |
| Thursday, September 28, 2017 at 1:00 PM EDT (2017-09-28 17:00 UTC) | SANS CyberTalent VetSuccess | Brian D. Ray, Sonny Sandelius | |
| Thursday, September 28, 2017 at 7:00 AM EDT (2017-09-28 11:00 UTC) | SANS Asia-Pacific Webcast Series- 2017 SANS SOC Survey Discussion | Christopher Crowley | |
| Wednesday, September 27, 2017 at 3:30 PM EDT (2017-09-27 19:30 UTC) | PREVENT-Detect-Response - How to Win at Security Part 1 - The Secret to Prevention from SEC401 | Eric Cole | |
| Wednesday, September 27, 2017 at 1:00 PM EDT (2017-09-27 17:00 UTC) | Your Security Sandbox Won't Catch It All - The Phishing Problem | ProofPoint | Mark Guntrip, Robert M. Lee |
| Tuesday, September 26, 2017 at 3:30 PM EDT (2017-09-26 19:30 UTC) | The True Cost of Ransomware: 5 Companies, 5 Attacks, and the Reality of Recovery | Barkly | John Pescatore, Ryan Berg |
| Wednesday, September 20, 2017 at 10:30 AM EDT (2017-09-20 14:30 UTC) | Outsmart Hackers by Coordinating Your Defenses | Sophos Inc. | Seth Geftic, John Pescatore |
| Tuesday, September 19, 2017 at 1:00 PM EDT (2017-09-19 17:00 UTC) | The Top 20 ICS Cyber Attacks And how to use them to improve IIoT and cloud security designs | Waterfall Security | Andrew Ginter, Tim Conway |
| Monday, September 18, 2017 at 1:00 PM EDT (2017-09-18 17:00 UTC) | Breaking Red - Designing IOCs Using Red Team Tools | Joe Vest | |
| Friday, September 15, 2017 at 1:00 PM EDT (2017-09-15 17:00 UTC) | EDR + NGAV Working Together: SANS Review of Carbon Black Cb Defense | Carbon Black | Jerry Shenk, Brian Gladstein |
| Wednesday, September 13, 2017 at 3:30 PM EDT (2017-09-13 19:30 UTC) | What To Do About the Equifax Hack | Lance Spitzner | |
| Wednesday, September 13, 2017 at 1:00 PM EDT (2017-09-13 17:00 UTC) | Harness the Hacker With Breach and Attack Simulation | Safebreach | Itzik Kotler, John Pescatore |
| Tuesday, September 12, 2017 at 1:00 PM EDT (2017-09-12 17:00 UTC) | Asking the Right Questions about Dynamic Scanning to Secure Web Applications: A Buyer's Guide to App Sec Scanning Tools | Veracode | Joe Pelletier, Barbara Filkins |
| Tuesday, September 12, 2017 at 11:00 AM EDT (2017-09-12 15:00 UTC) | Hitting the Security Sweet Spot with Honeypots in ICS Networks | Brent Huston | |
| Wednesday, September 06, 2017 at 10:00 PM EDT (2017-09-07 02:00 UTC) | Windows PowerShell for Auditors | Clay Risenhoover | |
| Wednesday, September 06, 2017 at 3:00 PM EDT (2017-09-06 19:00 UTC) | SIEM Design & Architecture | John Hubbard, Justin Henderson | |
| Wednesday, September 06, 2017 at 1:00 PM EST (2017-09-06 17:00 UTC) | Sensitive Data Everywhere: Results of SANS 2017 Data Protection Survey | InfoBlox Mcafee LLC | Barbara Filkins, Benjamin Wright, Cindy Chen, Sam Kumarsamy |
| Wednesday, September 06, 2017 at 10:30 AM EDT (2017-09-06 14:30 UTC) | The latest 2017 NSS Labs NGFW test results reveals many NGFWs may be vulnerable to evasions. Does your current firewall or IPS protect against AETs? | Forcepoint LLC | Jim Fulton |
| Tuesday, September 05, 2017 at 1:00 PM EDT (2017-09-05 17:00 UTC) | The Efficiency of Context: Review of WireX Network Forensics Platform | WireX Systems | Philip Campeau, Jerry Shenk |
| Thursday, August 31, 2017 at 1:00 PM EDT (2017-08-31 17:00 UTC) | Threat Hunting with Endpoints: A Methodology for Effective Detection and Agile Response | RSA | Jack "Wes" Riley, John Pescatore |
| Thursday, August 24, 2017 at 3:30 PM EST (2017-08-24 19:30 UTC) | Building Your Own Super-Duper Home Lab | Jeff McJunkin, Jason Blanchard | |
| Wednesday, August 23, 2017 at 3:30 PM EDT (2017-08-23 19:30 UTC) | Which SANS Pen Test Course Should I Take? | Ed Skoudis, Mark Baggett, Jason Blanchard | |
| Wednesday, August 23, 2017 at 10:30 AM EDT (2017-08-23 14:30 UTC) | Protect and Prevent: 3 strategies for blocking fileless attacks and exploits | Barkly | Philip Maio, John Pescatore, Jack Danahy |
| Tuesday, August 22, 2017 at 3:30 PM EST (2017-08-22 19:30 UTC) | Using COIN doctrine to improve Cyber Defense | Sebastien Godin | |
| Thursday, August 17, 2017 at 1:00 PM EDT (2017-08-17 17:00 UTC) | Detect & Prevent Data Exfiltration: A Unique Approach with Infoblox | InfoBlox | Sam Kumarsamy, Andrew Hay |
| Thursday, August 17, 2017 at 10:30 AM EDT (2017-08-17 14:30 UTC) | Put Some Power in Your Network Security: Detect, Hunt & Prevent Threats | Bricata | Druce MacFarlane, John Pescatore |
| Wednesday, August 16, 2017 at 3:30 PM EDT (2017-08-16 19:30 UTC) | Continuous Security: Implementing the Critical Controls in a DevOps Environment, A SANS Technology Institute Master’s Degree Presentation | Alyssa Robinson | |
| Tuesday, August 15, 2017 at 3:30 PM EDT (2017-08-15 19:30 UTC) | Making Sense of the Critical Security Controls in the Cloud | Eric Johnson | |
| Tuesday, August 15, 2017 at 1:00 PM EDT (2017-08-15 17:00 UTC) | Security Whack-a-Mole: SANS 2017 Threat Landscape Survey | Cylance FireEye Mcafee LLC Qualys | Chad Skipper, Sean Murphy, Robert Leong, Mark Butler, Lee Neely |
| Tuesday, August 15, 2017 at 10:30 AM EDT (2017-08-15 14:30 UTC) | Know Thy Network - Cisco Firepower and CIS Critical Security Controls 1 & 2 | Ryan Firth | |
| Monday, August 14, 2017 at 1:00 PM EDT (2017-08-14 17:00 UTC) | 5.3 Billion Reasons to Keep Up-to-date with BEC | ProofPoint | Ryan Terry, Johannes Ullrich |
| Thursday, August 10, 2017 at 1:00 PM EDT (2017-08-10 17:00 UTC) | Roadmap to a Secure Smart Infrastructure | Rapid7 Inc. | Tod Beardsley, Barbara Filkins |
| Wednesday, August 09, 2017 at 10:30 AM EDT (2017-08-09 14:30 UTC) | Dissecting various real-world DGA variants | Cybereason | Sean Ennis, John Pescatore |
| Tuesday, August 08, 2017 at 1:00 PM EDT (2017-08-08 17:00 UTC) | Protecting the Critical: An innovative approach to defending your Industrial Control Systems | Unisys | Stuart Phillips, Christopher Blask, Mike Assante |
| Thursday, August 03, 2017 at 1:00 PM EDT (2017-08-03 17:00 UTC) | Machine Learning: Practical Applications for Cyber Security | RecordedFuture | Chris Pace, Ismael Valenzuela |
| Thursday, August 03, 2017 at 10:30 AM EDT (2017-08-03 14:30 UTC) | Using Docker to Create Multi-Container Research Environments | Shaun McCullough | |
| Tuesday, August 01, 2017 at 3:30 PM EDT (2017-08-01 19:30 UTC) | Risk-based privilege management | Christoph Eckstein | |
| Tuesday, August 01, 2017 at 1:00 PM EDT (2017-08-01 17:00 UTC) | The SANS 2017 Insider Threat Survey: Mounting an Effective Defense Against Insider Threat | Dtex Systems Haystax Technology Rapid7 Inc. | Eric Cole, PhD, Bryan Ware, Matt Hathaway, Pramod Cherukumilli |
| Thursday, July 27, 2017 at 10:30 AM EDT (2017-07-27 14:30 UTC) | Win The Cyberwar With Zero Trust | Palo Alto Networks | John Kindervag |
| Friday, July 21, 2017 at 1:00 PM EDT (2017-07-21 17:00 UTC) | A glimpse into NEW FOR500: Windows Forensics Course: Windows 10 and beyond - what is your digital forensics investigation missing? | Rob Lee | |
| Thursday, July 20, 2017 at 10:00 PM EDT (2017-07-21 02:00 UTC) | SANS Asia-Pacific Webcast Series- Elevating Your Analysis Tactics: The New Forensics Poster | Philip Hagen | |
| Thursday, July 20, 2017 at 1:00 PM EDT (2017-07-20 17:00 UTC) | Cloud Security Monitoring | Balaji Balakrishnan | |
| Wednesday, July 19, 2017 at 1:00 PM EDT (2017-07-19 17:00 UTC) | Bridging the O365 Security Gap with CASB | SkyHigh Networks | Andreas Zengel, Brandon Cook, John Pescatore |
| Tuesday, July 18, 2017 at 3:30 PM EDT (2017-07-18 19:30 UTC) | PowerShell Proxy | Kenton Groombridge | |
| Tuesday, July 18, 2017 at 10:30 AM EDT (2017-07-18 14:30 UTC) | NSS Labs NGFW Test: Is your firewall a top performer? | Forcepoint LLC | Thomas Skybakmoen, Jim Fulton |
| Friday, July 14, 2017 at 10:00 AM EDT (2017-07-14 14:00 UTC) | Automating Cloud Security to Mitigate Risk | Skybox Security, Inc. | David Boardman, Dave Shackleford |
| Thursday, July 13, 2017 at 4:15 PM CST (2017-07-13 21:15 UTC) | SANS ICS Briefing: Defending Energy Systems | Waterfall Security PAS Cylance Arbor Networks Tripwire, Inc. Claroty Inc. | Jason Farmer, Nick Cappi, Stuart Bailey, Robert M. Lee |
| Wednesday, July 12, 2017 at 1:00 PM EDT (2017-07-12 17:00 UTC) | The 2017 State of Industrial Control System Security—Part 2: Protection, Prevention and Convergence | Great Bay Software Nozomi Networks PAS Tempered Tripwire, Inc. | David Zahn, Erik Giesa, Katherine Brocklehurst, Doug Wylie, Bengt Gregory-Brown |
| Wednesday, July 12, 2017 at 10:30 AM EDT (2017-07-12 14:30 UTC) | ICS Cyber Security in The Real-World: Demonstrating Threat Detection and Mitigation In Industrial Networks | Indegy | Dana Tamir, Chris Grove |
| Tuesday, July 11, 2017 at 1:00 PM EDT (2017-07-11 17:00 UTC) | The 2017 State of Industrial Control System Security-Part 1: Personnel, Threats and Tools | Great Bay Software Nozomi Networks PAS Tempered Tripwire, Inc. | Ty Powers, Edgard Capdevielle, Doug Wylie, Bengt Gregory-Brown |
| Tuesday, July 11, 2017 at 10:30 AM EST (2017-07-11 14:30 UTC) | Five Lessons Learned from Petya and WannaCry | Veracode | Jake Williams, Chris Wysopal |
| Friday, July 07, 2017 at 1:00 PM EDT (2017-07-07 17:00 UTC) | CRASHOVERIDE - Detecting and Mitigating the Electric Grid Targeted Malware | Dan Gunter, Robert M. Lee, Mike Assante | |
| Thursday, July 06, 2017 at 3:00 PM EDT (2017-07-06 19:00 UTC) | IPv6 and Open Source IDS, A SANS Technology Institute Master’s Degree Presentation | Jon Mark Allen | |
| Thursday, July 06, 2017 at 11:00 AM EDT (2017-07-06 15:00 UTC) | A glimpse of the NEW FOR585 Advanced Smartphone Course | Heather Mahalik | |
| Thursday, June 29, 2017 at 3:30 PM EDT (2017-06-29 19:30 UTC) | Putting Digital Threat Investigation and Response into Hyperdrive | RiskIQ | Beckie Neumann, Dave Shackleford |
| Thursday, June 29, 2017 at 1:00 PM EDT (2017-06-29 17:00 UTC) | Using Endpoint Security Innovation and Next-Gen Capabilities to Counter Endpoint Threats At-Scale | CounterTack | Raj Dodhiawala, John Pescatore |
| Thursday, June 29, 2017 at 10:00 AM EDT (2017-06-29 14:00 UTC) | Complying with Data Protection Law in a Changing World | Forcepoint LLC | Neil Thacker, Benjamin Wright |
| Wednesday, June 28, 2017 at 1:00 PM EDT (2017-06-28 17:00 UTC) | Effortless Detection and Investigation of Cloud Breaches: A Review of Lacework's Zero Touch Cloud Workload Security Platform | Lacework | Sanjay Kalra, Matt Bromiley |
| Wednesday, June 28, 2017 at 10:30 AM EDT (2017-06-28 14:30 UTC) | Securing Critical Infrastructure Organizations against the Next Cyber Breach: Best Practices for organizations leveraging Managed Services | Leidos RSA | Jim Hollar, Gib Sorebo |
| Tuesday, June 27, 2017 at 1:00 PM EDT (2017-06-27 17:00 UTC) | New Threat Vectors for ICS/SCADA Networks -- and How to Prepare for Them | CyberX | Phil Neray, Mike Assante |
| Tuesday, June 27, 2017 at 10:30 AM EDT (2017-06-27 14:30 UTC) | Managing Your Top 5 Human Risks | Lance Spitzner | |
| Thursday, June 22, 2017 at 1:00 PM EDT (2017-06-22 17:00 UTC) | Efficiently Contain Threats and Ease Operations with Security Orchestration | InfoBlox | Srikrupa Srivatsan, Andrew Hay |
| Tuesday, June 20, 2017 at 1:00 PM EDT (2017-06-20 17:00 UTC) | Live Demonstration: Automating Enterprise Security Response | ServiceNow | Alex Cox, Piero DePaoli, John Strand |
| Friday, June 16, 2017 at 8:00 AM EDT (2017-06-16 12:00 UTC) | SANS Finance Briefing: Practical Threat Modeling for Financial Organizations | Forcepoint LLC RecordedFuture | Please Check Back |
| Thursday, June 15, 2017 at 11:00 AM EDT (2017-06-15 15:00 UTC) | Catch Me if You can - Pentesting vs APT | Cybereason | Mor Levi |
| Wednesday, June 14, 2017 at 3:30 PM EDT (2017-06-14 19:30 UTC) | Intrusion Detection Through Relationship Analysis, A SANS Technology Institute Master’s Degree Presentation | Patrick Neise | |
| Wednesday, June 14, 2017 at 12:00 PM EDT (2017-06-14 16:00 UTC) | SANS 2017 Incident Response Survey Results—Part 2: Threat Intelligence and Improving Incident Response Capabilities | AlienVault Anomali Guidance Software IBM LogRhythm Mcafee LLC | Matt Bromiley, Anthony Di Bello, George Mina, Travis Farral |
| Tuesday, June 13, 2017 at 3:00 PM EDT (2017-06-13 19:00 UTC) | PKI Cartels: The Value of Trust, A SANS Technology Institute Master’s Degree Presentation | Sandy Dunn | |
| Tuesday, June 13, 2017 at 12:00 PM EDT (2017-06-13 16:00 UTC) | SANS 2017 Incident Response Survey Results - Part 1: Attack, Response and Maturity | AlienVault Anomali Guidance Software IBM LogRhythm Mcafee LLC | Danielle Russell, Matt Bromiley, Riana Smalberger, James Carder |
| Monday, June 12, 2017 at 10:30 AM EDT (2017-06-12 14:30 UTC) | You Have 24 Hours to Comply: Lessons Learned from Implementing a Behavioral Ransomware Detection Framework | Mark Mager | |
| Friday, June 09, 2017 at 3:30 PM EDT (2017-06-09 19:30 UTC) | What's New in the FOR610: Reverse-Engineering Malware Analysis Course in 2017? | Lenny Zeltser | |
| Friday, June 09, 2017 at 1:00 PM EDT (2017-06-09 17:00 UTC) | SecOps principles to close gaps in Vulnerability Management | Flexera Software | Ken Hilker, John Pescatore |
| Friday, June 09, 2017 at 10:30 AM EDT (2017-06-09 14:30 UTC) | A New Era in Endpoint Protection: A SANS Product Review of CrowdStrike Falcon Endpoint Protection | CrowdStrike, Inc. | Peter Ingebrigtsen, Dave Shackleford |
| Thursday, June 08, 2017 at 11:00 AM EDT (2017-06-08 15:00 UTC) | What Works in Situational Awareness and Visibility: Reducing Time to Detect and Enhancing Business Outcomes with Splunk | Splunk | Ryan Niemes, John Pescatore |
| Wednesday, June 07, 2017 at 3:00 PM EDT (2017-06-07 19:00 UTC) | Evaluation Criteria for ICS Cyber Security Monitoring with Rockwell Automation and Claroty | Claroty Inc. Rockwell Automation | Umair Masud, Patrick McBride |
| Wednesday, June 07, 2017 at 10:30 AM EST (2017-06-07 14:30 UTC) | Tackling Mobile Security with Cisco | Cisco Systems | Beth Barach |
| Tuesday, June 06, 2017 at 8:00 PM EDT (2017-06-07 00:00 UTC) | Critical Security Controls for Home Networks, A SANS Technology Institute Masters Degree Presentation | Glen Roberts | |
| Tuesday, June 06, 2017 at 3:00 PM EDT (2017-06-06 19:00 UTC) | Pin the Key on the App... and Other Transport Security Fun | Mark Geeslin | |
| Tuesday, June 06, 2017 at 1:00 PM EDT (2017-06-06 17:00 UTC) | Elevating Your Analysis Tactics: The New Forensics Poster | Philip Hagen | |
| Friday, June 02, 2017 at 1:00 PM EDT (2017-06-02 17:00 UTC) | FROM DETECTION TO RESPONSE, SOC 2.0 - 2017 State of Security Operations and What's Being Done! | Siemplify | Miguel Carrero, Meny Har |
| Wednesday, May 31, 2017 at 1:00 PM EDT (2017-05-31 17:00 UTC) | Using Dynamic Scanning to Secure Web Apps in Development and After Deployment | Veracode | Chris Kirsch, Barbara Filkins |
| Wednesday, May 31, 2017 at 11:00 AM EDT (2017-05-31 15:00 UTC) | Vulnerability Management Lifecycle | David R. Miller | |
| Tuesday, May 30, 2017 at 10:00 PM EDT (2017-05-31 02:00 UTC) | SANS Asia-Pacific Webcast Series- Powercat has Power: A PowerShell Implementation of Netcat | Mick Douglas | |
| Tuesday, May 30, 2017 at 11:00 AM EDT (2017-05-30 15:00 UTC) | 2017 SANS Security Awareness Report | The Kogod Cybersecurity Governance Center (KCGC), Lance Spitzner | |
| Friday, May 26, 2017 at 1:00 PM EDT (2017-05-26 17:00 UTC) | Building Effective CTI Sharing for Network Defense | Scott J. Roberts | |
| Friday, May 26, 2017 at 10:30 AM EDT (2017-05-26 14:30 UTC) | Defending the ICS Ahead of the Patch: WannaCry Lessons Learned | Joe Slowik, Mike Assante, Ben Miller | |
| Thursday, May 25, 2017 at 1:00 PM EDT (2017-05-25 17:00 UTC) | The Role of Vulnerability Scanning in Web App Security | Netsparker | Ferruh Mavituna, Barbara Filkins |
| Thursday, May 25, 2017 at 11:00 AM EDT (2017-05-25 15:00 UTC) | The New Reality: Centralizing Security when Your Network is Decentralizing | Forcepoint LLC | Dave Shackleford, Michael Knapp |
| Wednesday, May 24, 2017 at 3:00 PM EDT (2017-05-24 19:00 UTC) | The Road to Increased Asset Visibility: Building an Effective ICS Security Strategy | Leidos | Aruna Sreeram, Eric Cornelius |
| Wednesday, May 24, 2017 at 1:00 PM EDT (2017-05-24 17:00 UTC) | Choosing the Right Path to Application Security | Veracode | Adam Shostack, Chris Wysopal |
| Wednesday, May 24, 2017 at 11:00 AM EDT (2017-05-24 15:00 UTC) | Fighting Fileless Malware | Cybereason | Sanat Chugh |
| Tuesday, May 23, 2017 at 1:00 PM EDT (2017-05-23 17:00 UTC) | Network Security Infrastructure and Best Practices: A SANS Survey | NETSCOUT Systems, Inc. | Matt Bromiley, John Pescatore, Barbara Filkins, Ann Sun |
| Friday, May 19, 2017 at 3:00 PM EDT (2017-05-19 19:00 UTC) | Prelude to Beats & Bytes: Striking the Right Chord in Digital Forensics | Ryan Pittman, Matt Linton, Cindy Murphy | |
| Thursday, May 18, 2017 at 3:00 PM EST (2017-05-18 19:00 UTC) | Lingering Exploits Related to WannaCry Ransomware? | Jake Williams, Gil Barak, Benjamin Wright | |
| Thursday, May 18, 2017 at 1:00 PM EDT (2017-05-18 17:00 UTC) | Future SOCs: Results of the 2017 SANS Survey on Security Operations Centers, Part 2 | Carbon Black Endgame LogRhythm NETSCOUT Systems, Inc. ThreatConnect Tripwire, Inc. | Christopher Crowley, Braden Preston, Jim Wachhaus , Ksenia Coffman |
| Thursday, May 18, 2017 at 11:00 AM EDT (2017-05-18 15:00 UTC) | Threat Hunting for the Masses | Frank McClain | |
| Wednesday, May 17, 2017 at 1:00 PM EDT (2017-05-17 17:00 UTC) | SOCs Grow Up to Protect, Defend, Respond: Results of the 2017 SANS Survey on Security Operations Centers, Part 1 | Carbon Black Endgame LogRhythm NETSCOUT Systems, Inc. ThreatConnect Tripwire, Inc. | Alex Valdivia, Christopher Crowley, John Markott, James Carder |
| Tuesday, May 16, 2017 at 12:00 PM EDT (2017-05-16 16:00 UTC) | Latest on WannaCry Ransomware | Renato Marinho, Jake Williams, Benjamin Wright | |
| Monday, May 15, 2017 at 1:00 PM EDT (2017-05-15 17:00 UTC) | Elevating the Fraud in Point of Sale (PoS) to Another Level | Thiago Bordini | |
| Friday, May 12, 2017 at 7:45 PM PST (2017-05-13 02:45 UTC) | Special Webcast: WannaCry Ransomeware Threat - What we know so far | Jake Williams | |
| Thursday, May 11, 2017 at 1:00 PM EDT (2017-05-11 17:00 UTC) | Prevent DNS Based Data Exfiltration and Disrupt Cyber Kill Chain | InfoBlox | Srikrupa Srivatsan, Andrew Hay |
| Thursday, May 11, 2017 at 11:00 AM EDT (2017-05-11 15:00 UTC) | www.google.com/search?q=what+does+this+all+mean? | Phill Moore | |
| Wednesday, May 10, 2017 at 1:00 PM EDT (2017-05-10 17:00 UTC) | How to Conquer Targeted Email Threats: SANS Review of Agari Advanced Threat Protection | AGARI | Vidur Apparao, Dave Shackleford |
| Wednesday, May 10, 2017 at 11:00 AM EDT (2017-05-10 15:00 UTC) | IIOT and Megacities 2025 | Andy Bochman, Mike Assante | |
| Tuesday, May 09, 2017 at 3:00 PM EDT (2017-05-09 19:00 UTC) | The Promise and Pitfalls of Security Testing Today | WhiteHat Security | Setu Kulkarni, Mark Geeslin |
| Tuesday, May 09, 2017 at 1:00 PM EDT (2017-05-09 17:00 UTC) | SANS Best of Awards Drilldown: Endpoint Detection and Response | Carbon Black | John Pescatore, Justin Falck |
| Friday, May 05, 2017 at 11:00 AM EDT (2017-05-05 15:00 UTC) | Obfuscated No More: Practical Steps for Defeating Android Obfuscation | Joshua Wright | |
| Thursday, May 04, 2017 at 3:00 PM EDT (2017-05-04 19:00 UTC) | Deploying DNSSEC at Scale | CloudFlare | Dani Grant, Matt Bromiley |
| Tuesday, May 02, 2017 at 8:00 PM EDT (2017-05-03 00:00 UTC) | Improvements to Critical Control 12 | Steve Jaworski | |
| Tuesday, May 02, 2017 at 3:00 PM EDT (2017-05-02 19:00 UTC) | Taming and Securing the Internet of Things Infestation in Your Enterprise | Great Bay Software | Ty Powers, John Pescatore |
| Tuesday, May 02, 2017 at 1:00 PM EDT (2017-05-02 17:00 UTC) | Deception Matters: Slowing the Adversary with illusive networks | Illusive Networks | Chad Gasaway, Eric Cole |
| Monday, May 01, 2017 at 1:00 PM EDT (2017-05-01 17:00 UTC) | Speeding Up Triage and Incident Response By Speaking to Malware | Todd O'Boyle | |
| Friday, April 28, 2017 at 11:00 AM EDT (2017-04-28 15:00 UTC) | Establishing a Security Ambassador Program | John Haren, Cassie Clark, Lance Spitzner | |
| Thursday, April 27, 2017 at 1:00 PM EDT (2017-04-27 17:00 UTC) | Reducing Attacks and Improving Resiliency: The SANS 2017 Threat Hunting Survey Results | Part 2 | Anomali DomainTools Malwarebytes Rapid7 Inc. Sqrrl Data, Inc. ThreatConnect | Robert M. Lee, Toni Gidwani, Mike Scutt, Dana Torgersen |
| Thursday, April 27, 2017 at 11:00 AM EDT (2017-04-27 15:00 UTC) | Attack Attribution: It’s Complicated | Cybereason | Ross Rustici, Jake Williams |
| Wednesday, April 26, 2017 at 3:00 PM EDT (2017-04-26 19:00 UTC) | WikiLeaks' Release of CIA Hacking Tools: What Security Professionals Need to Know | Carbon Black | Rick McElroy, Jake Williams |
| Wednesday, April 26, 2017 at 1:00 PM EDT (2017-04-26 17:00 UTC) | Threat Hunting-Modernizing Detection Operations: The SANS 2017 Threat Hunting Survey Results | Part 1 | Anomali DomainTools Malwarebytes Rapid7 Inc. Sqrrl Data, Inc. ThreatConnect | Zach Hill, Travis Farral, Rob Lee, Ely Kahn |
| Wednesday, April 26, 2017 at 10:00 AM EDT (2017-04-26 14:00 UTC) | Phoning it in: Heather talks about smartphone forensics | Heather Mahalik | |
| Friday, April 21, 2017 at 1:00 PM EDT (2017-04-21 17:00 UTC) | NoSQL Doesn’t Make you NoVulnerable | Johannes Ullrich | |
| Friday, April 21, 2017 at 11:00 AM EDT (2017-04-21 15:00 UTC) | Hiding in Plain Sight: When Malware Abuses Legitimate Services for Communications | Cisco Systems | Josh Reynolds |
| Thursday, April 20, 2017 at 1:00 PM EDT (2017-04-20 17:00 UTC) | Impact of Isolated Cyber Security Functions: A SANS Survey | ThreatConnect | Wade Baker, G.W. Ray Davidson, PhD |
| Thursday, April 20, 2017 at 11:00 AM EDT (2017-04-20 15:00 UTC) | Using the Power of Artificial Intelligence to Minimize Your Cybersecurity Attack Surface | SparkCognition Inc. | Bryan Lares, John Pescatore |
| Wednesday, April 19, 2017 at 1:00 PM EDT (2017-04-19 17:00 UTC) | Real Steps to Build a Threat Intelligence Framework | RecordedFuture | Chris Pace, Dave Shackleford |
| Tuesday, April 18, 2017 at 3:00 PM EDT (2017-04-18 19:00 UTC) | Ready, Aim, Protect With Total Endpoint Protection | SentinelOne | Eran Ashkenazi, G.W. Ray Davidson, PhD |
| Tuesday, April 18, 2017 at 1:00 PM EDT (2017-04-18 17:00 UTC) | Influencing and Effectively Communicating to CEOs and Boards of Directors | AGARI | John Pescatore, Alan Paller |
| Tuesday, April 18, 2017 at 11:00 AM EDT (2017-04-18 15:00 UTC) | Exploring the Unknown ICS Threat Landscape | Dragos, Inc. | Robert M. Lee, Ben Miller, Michael Assante |
| Monday, April 17, 2017 at 3:00 PM EDT (2017-04-17 19:00 UTC) | AFF4: The New Standard in Forensic Image Format, and Why You Should Care | Dr. Bradley Schatz | |
| Thursday, April 13, 2017 at 11:00 AM EDT (2017-04-13 15:00 UTC) | Preventing an IT Security Epidemic - Cybersecurity for Connected Healthcare | Pwnie Express | Aaron Turner, Tony Sager |
| Wednesday, April 12, 2017 at 10:00 PM EDT (2017-04-13 02:00 UTC) | SANS Asia-Pacific Webcast Series- How to bring some Advanced Persistent Trickery to your fight against Advanced Persistent Threats... | Bryce Galbraith | |
| Tuesday, April 11, 2017 at 1:00 PM EDT (2017-04-11 17:00 UTC) | Learn how to protect your infrastructure against the widest range of DNS attacks | InfoBlox | Cricket Liu, John Pescatore, Sam Kumarsamy |
| Friday, April 07, 2017 at 3:00 PM EDT (2017-04-07 19:00 UTC) | Mobile App Security Trends and Techniques | Gregory Leonard | |
| Friday, April 07, 2017 at 1:00 PM EDT (2017-04-07 17:00 UTC) | NEW SANS DFIR Cheat Sheet: A Guide to Eric Zimmerman's command line tools | Eric Zimmerman | |
| Thursday, April 06, 2017 at 1:00 PM EDT (2017-04-06 17:00 UTC) | How to Achieve Visibility, Security and Integrity for Forward Looking Resilience | UpGuard Inc | Andy Steigleder |
| Thursday, April 06, 2017 at 11:00 AM EST (2017-04-06 15:00 UTC) | Struts-Shock: Current Attacks against Struts2 and How to Defend Against Them | Veracode | Jonathan Mandell, Johannes Ullrich |
| Wednesday, April 05, 2017 at 1:00 PM EDT (2017-04-05 17:00 UTC) | Six stages of an attack: The Art of Detection | Cybereason | Richard Harlan, Matt Bromiley |
| Tuesday, April 04, 2017 at 1:00 PM EDT (2017-04-04 17:00 UTC) | Increasing Software Security Up and Down the Supply Chain | Veracode | John Pescatore, Steve Lipner, John Martin, Chris Wysopal |
| Wednesday, March 29, 2017 at 3:00 PM EDT (2017-03-29 19:00 UTC) | Forensic State Analysis: A New Approach to Threat Hunting | Infocyte | Chris Gerritz, Alissa Torres |
| Wednesday, March 29, 2017 at 1:00 PM EDT (2017-03-29 17:00 UTC) | SOC in the Cloud: A review of Arctic Wolf SOC Services | Arctic Wolf Networks | Sridhar Karnam, Sonny Sarai |
| Tuesday, March 28, 2017 at 1:00 PM EDT (2017-03-28 17:00 UTC) | Best practices for securing, analyzing, and mitigating threats to your AWS applications | Gigamon RSA | Sesh Sayani, Mike Janik, Scott Ward |
| Tuesday, March 28, 2017 at 11:00 AM EDT (2017-03-28 15:00 UTC) | ICS Hacking Exposed | CyberX | Phil Neray, Clint Bodungen |
| Friday, March 24, 2017 at 3:00 PM EDT (2017-03-24 19:00 UTC) | A Case Study: Exploring Potential Attack Methods and Sophisticated Security Defenses for the World's Power Plants | Claroty Inc. | Patrick McBride |
| Friday, March 24, 2017 at 1:00 PM EDT (2017-03-24 17:00 UTC) | FISMA Compliance for Containerized Apps | Red Hat | Jason Callaway |
| Thursday, March 23, 2017 at 3:00 PM EDT (2017-03-23 19:00 UTC) | Threat Hunting 102: Beyond the Basics, Maturing Your Threat Hunting Program | Cybereason | Brad Mecha, Dave Shackleford |
| Thursday, March 23, 2017 at 1:00 PM EDT (2017-03-23 17:00 UTC) | MobileIron Security Labs: Combatting the Current State of Mobile Enterprise Security | MobileIron | James Plouffe |
| Thursday, March 23, 2017 at 11:00 AM EDT (2017-03-23 15:00 UTC) | Profiling Online Personas: Are We Sharing Too Much? | Lance Spitzner, Micah Hoffman | |
| Wednesday, March 22, 2017 at 1:00 PM EST (2017-03-22 17:00 UTC) | Changing the Game in Public Cloud Security | Palo Alto Networks | Erik Yunghans, Scott Simkin, Dave Shackleford |
| Tuesday, March 21, 2017 at 3:00 PM EST (2017-03-21 19:00 UTC) | Threat Hunting with Indicators: Not for Prevention Anymore | Philip Hagen | |
| Tuesday, March 21, 2017 at 1:00 PM EST (2017-03-21 17:00 UTC) | 2017 Cybersecurity Trends: Aiming Ahead of the Target to Increase Security | Qualys | Chris Carlson, John Pescatore |
| Friday, March 17, 2017 at 3:00 PM EST (2017-03-17 19:00 UTC) | Breaking Red - Understanding Threats through Red Teaming | James Tubberville, Joe Vest | |
| Friday, March 17, 2017 at 1:00 PM EST (2017-03-17 17:00 UTC) | Protecting Business Mobility Against Emerging Threats | InfoBlox | Prakash Nagpal, John Pescatore |
| Thursday, March 16, 2017 at 3:00 PM EST (2017-03-16 19:00 UTC) | I Don't Give One IoTA: Introducing the Internet of Things Attack Methodology | Larry Pesce | |
| Thursday, March 16, 2017 at 1:00 PM EST (2017-03-16 17:00 UTC) | Cyber Threat Intelligence in Action-Effectiveness of CTI Programs and Wish Lists for the Future: Results of the 2017 Cyber Threat Intelligence Survey Part 2 | Anomali Arbor Networks DomainTools Lookingglass Cyber Solutions, Inc. Rapid7 Inc. ThreatConnect | Travis Farral, Rebekah Brown, Dave Shackleford, Allan Thomson |
| Wednesday, March 15, 2017 at 1:00 PM EST (2017-03-15 17:00 UTC) | Cyber Threat Intelligence in Action-Skills and Implementations: Results of the 2017 Cyber Threat Intelligence Survey Part 1 | Anomali Arbor Networks DomainTools Lookingglass Cyber Solutions, Inc. Rapid7 Inc. ThreatConnect | Zach Hill, Robert Simmons, Paul Bowen, Dave Shackleford |
| Wednesday, March 15, 2017 at 11:00 AM EST (2017-03-15 15:00 UTC) | Going Past the Wire: Leveraging Social Engineering in Physical Security Assessments | Stephanie Carruthers | |
| Tuesday, March 14, 2017 at 3:00 PM EST (2017-03-14 19:00 UTC) | How the new Preemptive Incident Response methodology can slash end-to-end IR time for SOC teams to minutes and solve alert fatigue | SECDO | Gil Barak, John Pescatore |
| Tuesday, March 14, 2017 at 1:00 PM EST (2017-03-14 17:00 UTC) | Ransomware Remedies: Decoding and Dealing with Ransomware's Problematic Behaviors | Cybereason | Cortez Lake, Jessica Stanford, Alissa Torres |
| Tuesday, March 14, 2017 at 11:00 AM EST (2017-03-14 15:00 UTC) | Cybersecuring DoD ICS Systems | Michael Chipley | |
| Monday, March 13, 2017 at 1:00 PM EST (2017-03-13 17:00 UTC) | The Impacts of JSON on Reversing Your Firmware | Ben Gardiner | |
| Friday, March 10, 2017 at 11:00 AM EST (2017-03-10 16:00 UTC) | The life and death of SHA-1 | Jake Williams | |
| Wednesday, March 08, 2017 at 1:00 PM EST (2017-03-08 18:00 UTC) | Complying with the General Data Protection Regulation: A Guide for Security Practitioners | Skybox Security, Inc. | Kevin Flynn, Benjamin Wright |
| Tuesday, March 07, 2017 at 11:00 AM EST (2017-03-07 16:00 UTC) | What's new on the FOR572 Horizon – Stockholm and Beyond | Philip Hagen | |
| Wednesday, March 01, 2017 at 3:00 PM EST (2017-03-01 20:00 UTC) | Real DevSecOps for the Security Practitioner | CloudPassage | Jenks Gibbons |
| Wednesday, March 01, 2017 at 1:00 PM EST (2017-03-01 18:00 UTC) | Next-Gen Endpoints Risks and Protections: A SANS Survey Part 2: Next-Gen Protection and Response | Carbon Black Great Bay Software Guidance Software IBM Malwarebytes Sophos Inc. | Matt Cooke, G.W. Ray Davidson, PhD, Mark Hafner, Stacia Tympanick |
| Tuesday, February 28, 2017 at 1:00 PM EST (2017-02-28 18:00 UTC) | Next-Gen Endpoints Risks and Protections: A SANS Survey Part 1: New Devices and Risks | Carbon Black Great Bay Software Guidance Software IBM Malwarebytes Sophos Inc. | G.W. Ray Davidson, PhD, Nick Charpentier, Anthony Di Bello, Dana Torgersen |
| Tuesday, February 28, 2017 at 11:00 AM EST (2017-02-28 16:00 UTC) | Reimagine Your Identity Strategy | RSA | Chris Wraight, Jim Ducharme |
| Monday, February 27, 2017 at 11:00 AM EST (2017-02-27 16:00 UTC) | Malware Wants your Memory: Here's Why and How to Protect it | Alissa Torres, Lance Spitzner | |
| Friday, February 24, 2017 at 3:00 PM EST (2017-02-24 20:00 UTC) | Continuous Integration: Static Analysis with Visual Studio & Roslyn | Eric Johnson | |
| Thursday, February 23, 2017 at 3:00 PM EST (2017-02-23 20:00 UTC) | The Problems with the Dark Web: From Crime to Complicated Crawling | Terbium Labs | Alex Viana, Emily Wilson |
| Tuesday, February 21, 2017 at 8:00 PM EST (2017-02-22 01:00 UTC) | Application White-listing through Bit9 aka Parity aka Carbon Black Protect - A Masters Candidate Webcast | Michael Weeks | |
| Tuesday, February 21, 2017 at 1:00 PM EST (2017-02-21 18:00 UTC) | So What's It Mean To Hack a Car | Matthew Carpenter | |
| Friday, February 17, 2017 at 1:00 PM EST (2017-02-17 18:00 UTC) | Analyzing the Enhanced Analysis of GRIZZLY STEPPE Report | Robert M. Lee | |
| Friday, February 10, 2017 at 1:00 PM EST (2017-02-10 18:00 UTC) | Operation Escalation: How Attackers Use Adware to Sell Corporate Assets | Cybereason | Israel Barak, G. Mark Hardy |
| Thursday, February 09, 2017 at 1:00 PM EST (2017-02-09 18:00 UTC) | The Cost and Consequences of Security Complexity: New Ponemon Institute Research Identifies 8 Best Practices | MobileIron | Ojas Rege, Dr. Larry Ponemon |
| Wednesday, February 08, 2017 at 8:00 PM EST (2017-02-09 01:00 UTC) | Tools and Techniques for Assessing Android Malware | Christopher Crowley | |
| Wednesday, February 08, 2017 at 3:00 PM EST (2017-02-08 20:00 UTC) | Go Beyond Incident Response: The Benefits of a Complete Incident Management Platform | D3 Security Chertoff Group | Fraser Retallack, Bob Day, Jim Pflaging, Chris Crowley |
| Wednesday, February 08, 2017 at 1:00 PM EST (2017-02-08 18:00 UTC) | Beyond Feeds: A Deep Dive Into Threat Intelligence Sources | RecordedFuture | Chris Pace, Dave Shackleford |
| Tuesday, February 07, 2017 at 3:00 PM EST (2017-02-07 20:00 UTC) | Elevators as Security Risks... What Goes Up May Let You Down | Deviant Ollam | |
| Friday, February 03, 2017 at 11:00 AM EST (2017-02-03 16:00 UTC) | Cross Origin Resource Sharing: Using CORS to secure AJAX | Clay Risenhoover | |
| Wednesday, February 01, 2017 at 1:00 PM EST (2017-02-01 18:00 UTC) | Digital Ghost: Turning the Tables on Cyber Attacks in Industrial Systems | GE | Robert Garry, Michael Assante |
| Tuesday, January 31, 2017 at 1:00 PM EST (2017-01-31 18:00 UTC) | 3 Cs of Security Awareness | Lance Spitzner | |
| Tuesday, January 31, 2017 at 11:00 AM EST (2017-01-31 16:00 UTC) | Automating Information Security | Mark Baggett | |
| Thursday, January 26, 2017 at 2:00 PM EST (2017-01-26 19:00 UTC) | Mimecast Targeted Threat Protection | Mimecast Services Limited | Matthew Gardiner, Jerry Shenk |
| Thursday, January 26, 2017 at 12:00 PM EST (2017-01-26 17:00 UTC) | Don’t get marooned on Analytic Islands | BAE Systems Applied Intelligence | Mark Watkinson |
| Wednesday, January 25, 2017 at 3:00 PM EST (2017-01-25 20:00 UTC) | Stop Threats in their Tracks- An Introduction to Advanced Malware Protection | Cisco Systems | Brian McMahon, Tom Stitt |
| Wednesday, January 25, 2017 at 1:00 PM EST (2017-01-25 18:00 UTC) | Implementing and Maintaining a DevSecOps Approach in the Cloud - Tips, tricks, operational and security best practices | Sumo Logic | Mark Bloom, George Gerchow |
| Wednesday, January 25, 2017 at 11:00 AM EST (2017-01-25 16:00 UTC) | Introducing the NEW SANS Pen Test Poster - White Board of Awesome Command Line Kung-Fu | Ed Skoudis | |
| Tuesday, January 24, 2017 at 1:00 PM EST (2017-01-24 18:00 UTC) | 2017 Cloud Security and Risk Benchmarks | SkyHigh Networks | Brandon Cook, John Pescatore |
| Tuesday, January 24, 2017 at 11:00 AM EST (2017-01-24 16:00 UTC) | Next generation analysts for next generation threats - lessons from deploying best practices to hundreds of SOC teams! | Siemplify | Meny Har, John Pescatore |
| Monday, January 23, 2017 at 1:00 PM EST (2017-01-23 18:00 UTC) | Practical Application of Threat Intel for Network Defenders | DomainTools | Dave Shackleford, Tim Helming |
| Friday, January 20, 2017 at 1:00 PM EST (2017-01-20 18:00 UTC) | Attacks on Databases: When NoSQL became NoDatabase | Matt Bromiley | |
| Thursday, January 19, 2017 at 1:00 PM EST (2017-01-19 18:00 UTC) | Packets Don’t Lie: What’s Really Happening on Your Network? | LogRhythm | Rob McCovern, Dave Shackleford |
| Wednesday, January 18, 2017 at 1:00 PM EST (2017-01-18 18:00 UTC) | Hunting with Cyber Deception and Incident Response Automation | Cymmetria | Gadi Evron |
| Tuesday, January 17, 2017 at 1:00 PM EST (2017-01-17 18:00 UTC) | Enhanced Application Security for the Financial Industry | Synopsys | Mike Ware, Steve Kosten |
| Friday, January 13, 2017 at 1:00 PM EST (2017-01-13 18:00 UTC) | Using Cisco Stealthwatch to Increase Security By Enhancing Critical Security Control Performance | Cisco Systems | Jamison Budacki, John Pescatore |
| Thursday, January 12, 2017 at 11:00 AM EST (2017-01-12 16:00 UTC) | How To Use Your Network To Fend Off The Latest Cyber Threats | NETSCOUT Systems, Inc. | Arabella Hallawell, Paul Bowen, John Pescatore, Ann Sun |
| Wednesday, January 11, 2017 at 9:00 PM EST (2017-01-12 02:00 UTC) | Packet Capture + Flow Analytics = Holistic Network Visibility | Cisco Systems | Brian Ford |
| Tuesday, January 10, 2017 at 12:00 PM EST (2017-01-10 17:00 UTC) | Hello Friend: Creating a Threat Intelligence Capability | Scott Roberts, Rebekah Brown | |
| Friday, January 06, 2017 at 1:00 PM EST (2017-01-06 18:00 UTC) | Analyzing the DHS/FBI's GRIZZLY STEPPE Report | Robert M. Lee |
Note to Vendors:If you are interested in sponsoring a future SANS Webcast, contact our vendor team today.
