| Date (in UTC) |
Title |
Sponsor |
Speaker |
| Aug 17, 2017 | Detect & Prevent Data Exfiltration: A Unique Approach with Infoblox | Sam Kumarsamy, Andrew Hay |
| Aug 17, 2017 | Put Some Power in Your Network Security: Detect, Hunt & Prevent Threats | Druce MacFarlane, John Pescatore |
| Aug 16, 2017 | Continuous Security: Implementing the Critical Controls in a DevOps Environment, A SANS Technology Institute Masters Degree Presentation | Alyssa Robinson |
| Aug 15, 2017 | Making Sense of the Critical Security Controls in the Cloud | Eric Johnson |
| Aug 15, 2017 | Security Whack-a-Mole: SANS 2017 Threat Landscape Survey | Chad Skipper, Sean Murphy, Robert Leong, Mark Butler, Lee Neely |
| Aug 15, 2017 | Know Thy Network - Cisco Firepower and CIS Critical Security Controls 1 & 2 | Ryan Firth |
| Aug 14, 2017 | 5.3 Billion Reasons to Keep Up-to-date with BEC | Ryan Terry, Johannes Ullrich |
| Aug 10, 2017 | Roadmap to a Secure Smart Infrastructure | Tod Beardsley, Barbara Filkins |
| Aug 9, 2017 | Dissecting various real-world DGA variants | Sean Ennis, John Pescatore |
| Aug 8, 2017 | Protecting the Critical: An innovative approach to defending your Industrial Control Systems | Stuart Phillips, Christopher Blask, Mike Assante |
| Aug 3, 2017 | Machine Learning: Practical Applications for Cyber Security | Chris Pace, Ismael Valenzuela |
| Aug 3, 2017 | Using Docker to Create Multi-Container Research Environments | Shaun McCullough |
| Aug 1, 2017 | Risk-based privilege management | Christoph Eckstein |
| Aug 1, 2017 | The SANS 2017 Insider Threat Survey: Mounting an Effective Defense Against Insider Threat | Eric Cole, PhD, Bryan Ware, Matt Hathaway, Pramod Cherukumilli |
| Jul 27, 2017 | Win The Cyberwar With Zero Trust | John Kindervag |
| Jul 21, 2017 | A glimpse into NEW FOR500: Windows Forensics Course: Windows 10 and beyond - what is your digital forensics investigation missing? | Rob Lee |
| Jul 21, 2017 | SANS Asia-Pacific Webcast Series- Elevating Your Analysis Tactics: The New Forensics Poster | Philip Hagen |
| Jul 20, 2017 | Cloud Security Monitoring | Balaji Balakrishnan |
| Jul 19, 2017 | Bridging the O365 Security Gap with CASB | Andreas Zengel, Brandon Cook, John Pescatore |
| Jul 18, 2017 | PowerShell Proxy | Kenton Groombridge |
| Jul 18, 2017 | NSS Labs NGFW Test: Is your firewall a top performer? | Thomas Skybakmoen, Jim Fulton |
| Jul 14, 2017 | Automating Cloud Security to Mitigate Risk | David Boardman, Dave Shackleford |
| Jul 13, 2017 | SANS ICS Briefing: Defending Energy Systems | Jason Farmer, Nick Cappi, Stuart Bailey, Robert M. Lee |
| Jul 12, 2017 | The 2017 State of Industrial Control System SecurityPart 2: Protection, Prevention and Convergence | David Zahn, Erik Giesa, Katherine Brocklehurst, Doug Wylie, Bengt Gregory-Brown |
| Jul 12, 2017 | ICS Cyber Security in The Real-World: Demonstrating Threat Detection and Mitigation In Industrial Networks | Dana Tamir, Chris Grove |
| Jul 11, 2017 | The 2017 State of Industrial Control System Security-Part 1: Personnel, Threats and Tools | Ty Powers, Edgard Capdevielle, Doug Wylie, Bengt Gregory-Brown |
| Jul 11, 2017 | Five Lessons Learned from Petya and WannaCry | Jake Williams, Chris Wysopal |
| Jul 7, 2017 | CRASHOVERIDE - Detecting and Mitigating the Electric Grid Targeted Malware | Dan Gunter, Robert M. Lee, Mike Assante |
| Jul 6, 2017 | IPv6 and Open Source IDS, A SANS Technology Institute Masters Degree Presentation | Jon Mark Allen |
| Jul 6, 2017 | A glimpse of the NEW FOR585 Advanced Smartphone Course | Heather Mahalik |
| Jun 29, 2017 | Putting Digital Threat Investigation and Response into Hyperdrive | Beckie Neumann, Dave Shackleford |
| Jun 29, 2017 | Using Endpoint Security Innovation and Next-Gen Capabilities to Counter Endpoint Threats At-Scale | Raj Dodhiawala, John Pescatore |
| Jun 29, 2017 | Complying with Data Protection Law in a Changing World | Neil Thacker, Benjamin Wright |
| Jun 28, 2017 | Effortless Detection and Investigation of Cloud Breaches: A Review of Lacework's Zero Touch Cloud Workload Security Platform | Sanjay Kalra, Matt Bromiley |
| Jun 28, 2017 | Securing Critical Infrastructure Organizations against the Next Cyber Breach: Best Practices for organizations leveraging Managed Services | Jim Hollar, Gib Sorebo |
| Jun 27, 2017 | New Threat Vectors for ICS/SCADA Networks -- and How to Prepare for Them | Phil Neray, Mike Assante |
| Jun 27, 2017 | Managing Your Top 5 Human Risks | Lance Spitzner |
| Jun 22, 2017 | Efficiently Contain Threats and Ease Operations with Security Orchestration | Srikrupa Srivatsan, Andrew Hay |
| Jun 20, 2017 | Live Demonstration: Automating Enterprise Security Response | Alex Cox, Piero DePaoli, John Strand |
| Jun 16, 2017 | SANS Finance Briefing: Practical Threat Modeling for Financial Organizations | |
| Jun 15, 2017 | Catch Me if You can - Pentesting vs APT | Mor Levi |
| Jun 14, 2017 | Intrusion Detection Through Relationship Analysis, A SANS Technology Institute Masters Degree Presentation | Patrick Neise |
| Jun 14, 2017 | SANS 2017 Incident Response Survey ResultsPart 2: Threat Intelligence and Improving Incident Response Capabilities | Matt Bromiley, Anthony Di Bello, George Mina, Travis Farral |
| Jun 13, 2017 | PKI Cartels: The Value of Trust, A SANS Technology Institute Masters Degree Presentation | Sandy Dunn |
| Jun 13, 2017 | SANS 2017 Incident Response Survey ResultsPart 1: Attack, Response and Maturity | Danielle Russell, Matt Bromiley, Riana Smalberger, James Carder |
| Jun 12, 2017 | You Have 24 Hours to Comply: Lessons Learned from Implementing a Behavioral Ransomware Detection Framework | Mark Mager |
| Jun 9, 2017 | What's New in the FOR610: Reverse-Engineering Malware Analysis Course in 2017? | Lenny Zeltser |
| Jun 9, 2017 | SecOps principles to close gaps in Vulnerability Management | Ken Hilker, John Pescatore |
| Jun 9, 2017 | A New Era in Endpoint Protection: A SANS Product Review of CrowdStrike Falcon Endpoint Protection | Peter Ingebrigtsen, Dave Shackleford |
| Jun 8, 2017 | What Works in Situational Awareness and Visibility: Reducing Time to Detect and Enhancing Business Outcomes with Splunk | Ryan Niemes, John Pescatore |
| Jun 7, 2017 | Evaluation Criteria for ICS Cyber Security Monitoring with Rockwell Automation and Claroty | Umair Masud, Patrick McBride |
| Jun 7, 2017 | Fighting Account Takeover - Change The Battle and Win | Ido Safruti |
| Jun 7, 2017 | Tackling Mobile Security with Cisco | Beth Barach |
| Jun 7, 2017 | Critical Security Controls for Home Networks, A SANS Technology Institute Masters Degree Presentation | Glen Roberts |
| Jun 6, 2017 | Pin the Key on the App... and Other Transport Security Fun | Mark Geeslin |
| Jun 6, 2017 | Elevating Your Analysis Tactics: The New Forensics Poster | Philip Hagen |
| Jun 2, 2017 | FROM DETECTION TO RESPONSE, SOC 2.0 - 2017 State of Security Operations and What's Being Done! | Miguel Carrero, Meny Har |
| May 31, 2017 | Using Dynamic Scanning to Secure Web Apps in Development and After Deployment | Chris Kirsch, Barbara Filkins |
| May 31, 2017 | Vulnerability Management Lifecycle | David R. Miller |
| May 31, 2017 | SANS Asia-Pacific Webcast Series- Powercat has Power: A PowerShell Implementation of Netcat | Mick Douglas |
| May 30, 2017 | 2017 SANS Security Awareness Report | The Kogod Cybersecurity Governance Center (KCGC), Lance Spitzner |
| May 26, 2017 | Building Effective CTI Sharing for Network Defense | Scott J. Roberts |
| May 26, 2017 | Defending the ICS Ahead of the Patch: WannaCry Lessons Learned | Joe Slowik, Mike Assante, Ben Miller |
| May 25, 2017 | The Role of Vulnerability Scanning in Web App Security | Ferruh Mavituna, Barbara Filkins |
| May 25, 2017 | The New Reality: Centralizing Security when Your Network is Decentralizing | Dave Shackleford, Michael Knapp |
| May 24, 2017 | The Road to Increased Asset Visibility: Building an Effective ICS Security Strategy | Aruna Sreeram, Eric Cornelius |
| May 24, 2017 | Choosing the Right Path to Application Security | Adam Shostack, Chris Wysopal |
| May 24, 2017 | Fighting Fileless Malware | Sanat Chugh |
| May 23, 2017 | Network Security Infrastructure and Best Practices: A SANS Survey | Matt Bromiley, John Pescatore, Barbara Filkins, Ann Sun |
| May 23, 2017 | The Power of Bro - and why you should include it in your security infrastructure | Seth Hall, Matt Bromiley |
| May 19, 2017 | Prelude to Beats & Bytes: Striking the Right Chord in Digital Forensics | Ryan Pittman, Matt Linton, Cindy Murphy |
| May 18, 2017 | Lingering Exploits Related to WannaCry Ransomware? | Jake Williams, Gil Barak, Benjamin Wright |
| May 18, 2017 | Future SOCs: Results of the 2017 SANS Survey on Security Operations Centers, Part 2 | Christopher Crowley, Braden Preston, Jim Wachhaus
, Ksenia Coffman |
| May 18, 2017 | Threat Hunting for the Masses | Frank McClain |
| May 17, 2017 | SOCs Grow Up to Protect, Defend, Respond: Results of the 2017 SANS Survey on Security Operations Centers, Part 1 | Alex Valdivia, Christopher Crowley, John Markott, James Carder |
| May 16, 2017 | Latest on WannaCry Ransomware | Renato Marinho, Jake Williams, Benjamin Wright |
| May 15, 2017 | Elevating the Fraud in Point of Sale (PoS) to Another Level | Thiago Bordini |
| May 13, 2017 | Special Webcast: WannaCry Ransomeware Threat - What we know so far | Jake Williams |
| May 11, 2017 | Prevent DNS Based Data Exfiltration and Disrupt Cyber Kill Chain | Srikrupa Srivatsan, Andrew Hay |
| May 11, 2017 | www.google.com/search?q=what+does+this+all+mean? | Phill Moore |
| May 10, 2017 | How to Conquer Targeted Email Threats: SANS Review of Agari Enterprise Protect | Vidur Apparao, Dave Shackleford |
| May 10, 2017 | IIOT and Megacities 2025 | Andy Bochman, Mike Assante |
| May 9, 2017 | The Promise and Pitfalls of Security Testing Today | Setu Kulkarni, Mark Geeslin |
| May 9, 2017 | SANS Best of Awards Drilldown: Endpoint Detection and Response | John Pescatore, Justin Falck |
| May 5, 2017 | Obfuscated No More: Practical Steps for Defeating Android Obfuscation | Joshua Wright |
| May 4, 2017 | Deploying DNSSEC at Scale | Dani Grant, Matt Bromiley |
| May 3, 2017 | Improvements to Critical Control 12 | Steve Jaworski |
| May 2, 2017 | Taming and Securing the Internet of Things Infestation in Your Enterprise | Ty Powers, John Pescatore |
| May 2, 2017 | Deception Matters: Slowing the Adversary with illusive networks | Chad Gasaway, Eric Cole |
| May 1, 2017 | Speeding Up Triage and Incident Response By Speaking to Malware | Todd O'Boyle |
| Apr 28, 2017 | Establishing a Security Ambassador Program | John Haren, Cassie Clark, Lance Spitzner |
| Apr 27, 2017 | Reducing Attacks and Improving Resiliency: The SANS 2017 Threat Hunting Survey Results | Part 2 | Robert M. Lee, Toni Gidwani, Mike Scutt, Dana Torgersen |
| Apr 27, 2017 | Attack Attribution: Its Complicated | Ross Rustici, Jake Williams |
| Apr 26, 2017 | WikiLeaks' Release of CIA Hacking Tools: What Security Professionals Need to Know | Rick McElroy, Jake Williams |
| Apr 26, 2017 | Threat Hunting-Modernizing Detection Operations: The SANS 2017 Threat Hunting Survey Results | Part 1 | Zach Hill, Travis Farral, Rob Lee, Ely Kahn |
| Apr 26, 2017 | Phoning it in: Heather talks about smartphone forensics | Heather Mahalik |
| Apr 21, 2017 | NoSQL Doesnt Make you NoVulnerable | Johannes Ullrich |
| Apr 21, 2017 | Hiding in Plain Sight: When Malware Abuses Legitimate Services for Communications | Josh Reynolds |
| Apr 20, 2017 | Impact of Isolated Cyber Security Functions: A SANS Survey | Wade Baker, G.W. Ray Davidson, PhD |
| Apr 20, 2017 | Using the Power of Artificial Intelligence to Minimize Your Cybersecurity Attack Surface | Bryan Lares, John Pescatore |
| Apr 19, 2017 | Real Steps to Build a Threat Intelligence Framework | Chris Pace, Dave Shackleford |
| Apr 18, 2017 | Ready, Aim, Protect With Total Endpoint Protection | Eran Ashkenazi, G.W. Ray Davidson, PhD |
| Apr 18, 2017 | Influencing and Effectively Communicating to CEOs and Boards of Directors | John Pescatore, Alan Paller |
| Apr 18, 2017 | Exploring the Unknown ICS Threat Landscape | Robert M. Lee, Ben Miller, Michael Assante |
| Apr 17, 2017 | AFF4: The New Standard in Forensic Image Format, and Why You Should Care | Dr. Bradley Schatz |
| Apr 13, 2017 | Preventing an IT Security Epidemic - Cybersecurity for Connected Healthcare | Aaron Turner, Tony Sager |
| Apr 13, 2017 | SANS Asia-Pacific Webcast Series- How to bring some Advanced Persistent Trickery to your fight against Advanced Persistent Threats... | Bryce Galbraith |
| Apr 11, 2017 | Learn how to protect your infrastructure against the widest range of DNS attacks | Cricket Liu, John Pescatore, Sam Kumarsamy |
| Apr 7, 2017 | Mobile App Security Trends and Techniques | Gregory Leonard |
| Apr 7, 2017 | NEW SANS DFIR Cheat Sheet: A Guide to Eric Zimmerman's command line tools | Eric Zimmerman |
| Apr 6, 2017 | How to Achieve Visibility, Security and Integrity for Forward Looking Resilience | Andy Steigleder |
| Apr 6, 2017 | Struts-Shock: Current Attacks against Struts2 and How to Defend Against Them | Jonathan Mandell, Johannes Ullrich |
| Apr 5, 2017 | Six stages of an attack: The Art of Detection | Richard Harlan, Matt Bromiley |
| Apr 4, 2017 | Increasing Software Security Up and Down the Supply Chain | John Pescatore, Steve Lipner, John Martin, Chris Wysopal |
| Mar 29, 2017 | Forensic State Analysis: A New Approach to Threat Hunting | Chris Gerritz, Alissa Torres |
| Mar 29, 2017 | SOC in the Cloud: A review of Arctic Wolf SOC Services | Sridhar Karnam, Sonny Sarai |
| Mar 28, 2017 | Best practices for securing, analyzing, and mitigating threats to your AWS applications | Sesh Sayani, Mike Janik, Scott Ward |
| Mar 28, 2017 | ICS Hacking Exposed | Phil Neray, Clint Bodungen |
| Mar 24, 2017 | A Case Study: Exploring Potential Attack Methods and Sophisticated Security Defenses for the World's Power Plants | Patrick McBride |
| Mar 24, 2017 | FISMA Compliance for Containerized Apps | Jason Callaway |
| Mar 23, 2017 | Threat Hunting 102: Beyond the Basics, Maturing Your Threat Hunting Program | Brad Mecha, Dave Shackleford |
| Mar 23, 2017 | MobileIron Security Labs: Combatting the Current State of Mobile Enterprise Security | James Plouffe |
| Mar 23, 2017 | Profiling Online Personas: Are We Sharing Too Much? | Lance Spitzner, Micah Hoffman |
| Mar 22, 2017 | Changing the Game in Public Cloud Security | Erik Yunghans, Scott Simkin, Dave Shackleford |
| Mar 21, 2017 | Threat Hunting with Indicators: Not for Prevention Anymore | Philip Hagen |
| Mar 21, 2017 | 2017 Cybersecurity Trends: Aiming Ahead of the Target to Increase Security | Chris Carlson, John Pescatore |
| Mar 17, 2017 | Breaking Red - Understanding Threats through Red Teaming | James Tubberville, Joe Vest |
| Mar 17, 2017 | Protecting Business Mobility Against Emerging Threats | Prakash Nagpal, John Pescatore |
| Mar 16, 2017 | I Don't Give One IoTA: Introducing the Internet of Things Attack Methodology | Larry Pesce |
| Mar 16, 2017 | Cyber Threat Intelligence in Action-Effectiveness of CTI Programs and Wish Lists for the Future: Results of the 2017 Cyber Threat Intelligence Survey Part 2 | Travis Farral, Rebekah Brown, Dave Shackleford, Allan Thomson |
| Mar 15, 2017 | Cyber Threat Intelligence in Action-Skills and Implementations: Results of the 2017 Cyber Threat Intelligence Survey Part 1 | Zach Hill, Robert Simmons, Paul Bowen, Dave Shackleford |
| Mar 15, 2017 | Going Past the Wire: Leveraging Social Engineering in Physical Security Assessments | Stephanie Carruthers |
| Mar 14, 2017 | How the new Preemptive Incident Response methodology can slash end-to-end IR time for SOC teams to minutes and solve alert fatigue | Gil Barak, John Pescatore |
| Mar 14, 2017 | Ransomware Remedies: Decoding and Dealing with Ransomware's Problematic Behaviors | Cortez Lake, Jessica Stanford, Alissa Torres |
| Mar 14, 2017 | Cybersecuring DoD ICS Systems | Michael Chipley |
| Mar 13, 2017 | The Impacts of JSON on Reversing Your Firmware | Ben Gardiner |
| Mar 10, 2017 | The life and death of SHA-1 | Jake Williams |
| Mar 8, 2017 | Complying with the General Data Protection Regulation: A Guide for Security Practitioners | Kevin Flynn, Benjamin Wright |
| Mar 7, 2017 | What's new on the FOR572 Horizon Stockholm and Beyond | Philip Hagen |
| Mar 1, 2017 | Real DevSecOps for the Security Practitioner | Jenks Gibbons |
| Mar 1, 2017 | Next-Gen Endpoints Risks and Protections: A SANS Survey Part 2: Next-Gen Protection and Response | Matt Cooke, G.W. Ray Davidson, PhD, Mark Hafner, Stacia Tympanick |
| Feb 28, 2017 | Next-Gen Endpoints Risks and Protections: A SANS Survey Part 1: New Devices and Risks | G.W. Ray Davidson, PhD, Nick Charpentier, Anthony Di Bello, Dana Torgersen |
| Feb 28, 2017 | Reimagine Your Identity Strategy | Chris Wraight, Jim Ducharme |
| Feb 27, 2017 | Malware Wants your Memory: Here's Why and How to Protect it | Alissa Torres, Lance Spitzner |
| Feb 24, 2017 | Continuous Integration: Static Analysis with Visual Studio & Roslyn | Eric Johnson |
| Feb 23, 2017 | The Problems with the Dark Web: From Crime to Complicated Crawling | Alex Viana, Emily Wilson |
| Feb 22, 2017 | Application White-listing through Bit9 aka Parity aka Carbon Black Protect - A Masters Candidate Webcast | Michael Weeks |
| Feb 21, 2017 | So What's It Mean To Hack a Car | Matthew Carpenter |
| Feb 17, 2017 | Analyzing the Enhanced Analysis of GRIZZLY STEPPE Report | Robert M. Lee |
| Feb 10, 2017 | Operation Escalation: How Attackers Use Adware to Sell Corporate Assets | Israel Barak, G. Mark Hardy |
| Feb 9, 2017 | The Cost and Consequences of Security Complexity: New Ponemon Institute Research Identifies 8 Best Practices | Ojas Rege, Dr. Larry Ponemon |
| Feb 9, 2017 | Tools and Techniques for Assessing Android Malware | Christopher Crowley |
| Feb 8, 2017 | Go Beyond Incident Response: The Benefits of a Complete Incident Management Platform | Fraser Retallack, Bob Day, Jim Pflaging, Chris Crowley |
| Feb 8, 2017 | Beyond Feeds: A Deep Dive Into Threat Intelligence Sources | Chris Pace, Dave Shackleford |
| Feb 7, 2017 | Elevators as Security Risks... What Goes Up May Let You Down | Deviant Ollam |
| Feb 3, 2017 | Cross Origin Resource Sharing: Using CORS to secure AJAX | Clay Risenhoover |
| Feb 1, 2017 | Digital Ghost: Turning the Tables on Cyber Attacks in Industrial Systems | Robert Garry, Michael Assante |
| Jan 31, 2017 | 3 Cs of Security Awareness | Lance Spitzner |
| Jan 31, 2017 | Automating Information Security | Mark Baggett |
| Jan 26, 2017 | Mimecast Targeted Threat Protection | Matthew Gardiner, Jerry Shenk |
| Jan 26, 2017 | Dont get marooned on Analytic Islands | Mark Watkinson |
| Jan 25, 2017 | Stop Threats in their Tracks- An Introduction to Advanced Malware Protection | Brian McMahon, Tom Stitt |
| Jan 25, 2017 | Implementing and Maintaining a DevSecOps Approach in the Cloud - Tips, tricks, operational and security best practices | Mark Bloom, George Gerchow |
| Jan 25, 2017 | Introducing the NEW SANS Pen Test Poster - White Board of Awesome Command Line Kung-Fu | Ed Skoudis |
| Jan 24, 2017 | 2017 Cloud Security and Risk Benchmarks | Brandon Cook, John Pescatore |
| Jan 24, 2017 | Next generation analysts for next generation threats - lessons from deploying best practices to hundreds of SOC teams! | Meny Har, John Pescatore |
| Jan 23, 2017 | Practical Application of Threat Intel for Network Defenders | Dave Shackleford, Tim Helming |
| Jan 20, 2017 | Attacks on Databases: When NoSQL became NoDatabase | Matt Bromiley |
| Jan 19, 2017 | Packets Dont Lie: Whats Really Happening on Your Network? | Rob McCovern, Dave Shackleford |
| Jan 18, 2017 | Hunting with Cyber Deception and Incident Response Automation | Gadi Evron |
| Jan 17, 2017 | Enhanced Application Security for the Financial Industry | Mike Ware, Steve Kosten |
| Jan 13, 2017 | Using Cisco Stealthwatch to Increase Security By Enhancing Critical Security Control Performance | Jamison Budacki, John Pescatore |
| Jan 12, 2017 | How To Use Your Network To Fend Off The Latest Cyber Threats | Arabella Hallawell, Paul Bowen, John Pescatore, Ann Sun |
| Jan 12, 2017 | Packet Capture + Flow Analytics = Holistic Network Visibility | Brian Ford |
| Jan 10, 2017 | Taking Control of Your Application Security | Lance Spitzner, Eric Johnson |
| Jan 10, 2017 | Hello Friend: Creating a Threat Intelligence Capability | Scott Roberts, Rebekah Brown |
| Jan 6, 2017 | Analyzing the DHS/FBI's GRIZZLY STEPPE Report | Robert M. Lee |
