Below you can find all webcasts that have already been presented since 2013. You can view these webcasts and download the slides by logging into your SANS Portal Account or creating an Account. Once you have logged in, click the Register Now button on your webcast of choice to view the Webcast and download slides.
Archive Webcasts
| Date | Title | Sponsor | Speaker |
|---|---|---|---|
| Tuesday, December 31, 2019 at 1:00 PM EST (2019-12-31 18:00 UTC) | What you Need To Know About The Critical Citrix Gateway (Netscaler) Vulnerability CVE-2019-19781 | Jason Lam, Johannes Ullrich | |
| Friday, December 20, 2019 at 10:30 AM EST (2019-12-20 15:30 UTC) | Don’t Patch - Transformative Security Programs go Beyond the Vulnerability | Matthew Toussain | |
| Thursday, December 19, 2019 at 1:00 PM EST (2019-12-19 18:00 UTC) | How to Leverage a CASB for Your AWS Environment | AWS Marketplace | Kyle Dickinson, David Aiken |
| Wednesday, December 18, 2019 at 3:30 PM EST (2019-12-18 20:30 UTC) | Cloud Security Vulnerabilities, Management, and Communication | David Hazar | |
| Wednesday, December 18, 2019 at 1:00 PM EST (2019-12-18 18:00 UTC) | Workforce Transformation and Risk: A SANS Survey | RSA | David Hazar, Tony Karam |
| Wednesday, December 18, 2019 at 10:30 AM EST (2019-12-18 15:30 UTC) | How to use Strategic CTI to address shortfalls in understanding systemic cyber risk | Lincoln Kaffenberger | |
| Tuesday, December 17, 2019 at 1:00 PM EST (2019-12-17 18:00 UTC) | Accuracy Before Automation: How to Implement SOAR | Stratozen | Kevin Prince, John Pescatore |
| Tuesday, December 17, 2019 at 10:30 AM EST (2019-12-17 15:30 UTC) | WhatsApp End To End Encryption Demystified | Raul Siles | |
| Friday, December 13, 2019 at 3:30 PM EST (2019-12-13 20:30 UTC) | Hacking Common AD Misconfigurations | Tim Medin | |
| Friday, December 13, 2019 at 1:00 PM EST (2019-12-13 18:00 UTC) | 10 Visibility Gaps Every CISO Must Fill | Cisco Systems Inc. | Russell Eubanks |
| Thursday, December 12, 2019 at 3:30 PM EST (2019-12-12 20:30 UTC) | Getting Your Head in the Cloud: Implementing Security Monitoring for Public Clouds | Cisco Systems Inc. | Sunil Amin |
| Thursday, December 12, 2019 at 1:00 PM EST (2019-12-12 18:00 UTC) | Protecting the User: A Review of Mimecast’s Web Security Service | Mimecast Services Limited | Dan Sloshberg, David Szili |
| Wednesday, December 11, 2019 at 3:30 PM EST (2019-12-11 20:30 UTC) | 7 Myths of Security Automation: Be Clear on What It Can Achieve | Firemon | Tim Woods |
| Wednesday, December 11, 2019 at 1:00 PM EST (2019-12-11 18:00 UTC) | OUTFIGHT the adversary: Anticipate threats instead of reacting to them | Fidelis Cybersecurity | Dr. Abdul Rahman, Dave Shackleford |
| Wednesday, December 11, 2019 at 10:30 AM EST (2019-12-11 15:30 UTC) | The SANS Purple Team Curriculum - SEC599 and SEC699 | Erik Van Buggenhout | |
| Tuesday, December 10, 2019 at 3:30 PM EDT (2019-12-10 20:30 UTC) | Securing Microservices in Containerized Environments | Threat Stack | Tim Buntel, Jacob Williams |
| Tuesday, December 10, 2019 at 1:00 PM EST (2019-12-10 18:00 UTC) | How To Threat Hunt in Encrypted Network Traffic | Corelight | Aaron Soto, Matt Bromiley |
| Tuesday, December 10, 2019 at 10:30 AM EST (2019-12-10 15:30 UTC) | Script malicieux et compilation de code source pour contourner les contrôles de sécurité. | Xavier Mertens | |
| Monday, December 09, 2019 at 10:30 AM EST (2019-12-09 15:30 UTC) | Threat Hunting with Consistency - A SANS Whitepaper | Vectra Networks Inc. | Matt Bromiley, Chris Morales |
| Friday, December 06, 2019 at 1:00 PM EST (2019-12-06 18:00 UTC) | You have to see the criminal to catch the criminal. The most relevant data to monitor, ranked. | CI Security | Mike Simon, Brandon McCrillis |
| Thursday, December 05, 2019 at 3:30 PM EST (2019-12-05 20:30 UTC) | How to Build a Threat Hunting Capability in AWS | AWS Marketplace | David Aiken, Shaun McCullough |
| Thursday, December 05, 2019 at 1:00 PM EST (2019-12-05 18:00 UTC) | Why It’s Time for a New Link Analysis Platform | King & Union | John Pescatore |
| Thursday, December 05, 2019 at 10:30 AM EST (2019-12-05 15:30 UTC) | OUTMANEUVER the adversary-Alter your cyber terrain by making attacks more difficult | Fidelis Cybersecurity | Dr. Abdul Rahman, Dave Shackleford |
| Wednesday, December 04, 2019 at 3:30 PM EST (2019-12-04 20:30 UTC) | Simplifying Response with the Mitre ATT&CK Framework | OpenText Inc. | Justin Henderson, Anthony Di Bello, JJ Cranford |
| Wednesday, December 04, 2019 at 10:30 AM EST (2019-12-04 15:30 UTC) | Workforce Development What Works – Jason Jury – Booz Allen Hamilton | Jason Jury, John Pescatore | |
| Tuesday, December 03, 2019 at 3:30 PM EST (2019-12-03 20:30 UTC) | Cloud Storage Forensics: Endpoint Evidence | Chad Tilbury | |
| Tuesday, December 03, 2019 at 1:00 PM EDT (2019-12-03 18:00 UTC) | 2019 SANS Survey on Next-Generation Endpoint Risks and Protections | Cisco Systems OpenText Inc. Sophos Inc. VMWare Carbon Black | Justin Henderson, John Hubbard |
| Monday, December 02, 2019 at 1:00 PM EST (2019-12-02 18:00 UTC) | 3 Critical Concepts That New SOC Analysts Must Master | John Hubbard | |
| Tuesday, November 26, 2019 at 3:30 PM EST (2019-11-26 20:30 UTC) | Accelerate Your Career By Building FIVE Critical Professional Skills | Ted Demopoulos | |
| Tuesday, November 26, 2019 at 1:00 PM EST (2019-11-26 18:00 UTC) | Move to Cloud: A Chance to Finally Transform Security? | Chronicle | Matt Bromiley, Dr. Anton A. Chuvakin, Brandon Levene |
| Friday, November 22, 2019 at 3:30 PM EST (2019-11-22 20:30 UTC) | Security Vulnerability Prioritization: Managing Millions of Vulns | Jonathan Risto | |
| Friday, November 22, 2019 at 1:00 PM EST (2019-11-22 18:00 UTC) | Six Steps to Effective ICS Threat Hunting | Dragos, Inc. | Tim Conway, Marc Seitz, Dan Gunter |
| Thursday, November 21, 2019 at 1:00 PM EST (2019-11-21 18:00 UTC) | Maximizing Threat Hunting Efficiency with Automated Queries | Cisco Systems Inc. | Eric Hulse, Daniel Bates |
| Thursday, November 21, 2019 at 10:30 AM EST (2019-11-21 15:30 UTC) | Beyond detection: An Exploration of Key Pillars of the Next-gen SIEM | Devo Technology Inc. | Jason Mical, Justin Henderson |
| Wednesday, November 20, 2019 at 1:00 PM EST (2019-11-20 18:00 UTC) | OUTPERFORM the adversary with tactical decision-making and rapid response | Fidelis Cybersecurity | Craig Harber, Dave Shackleford |
| Wednesday, November 20, 2019 at 10:30 AM EST (2019-11-20 15:30 UTC) | Threat Intelligence Driven Detect and Response Operations | Bitdefender S.R.L. | Jacob Williams, Daniel Clayton, Ryan Moon |
| Tuesday, November 19, 2019 at 1:00 PM EST (2019-11-19 18:00 UTC) | Someone to Watch Over You: A Review of CrowdStrike’s Falcon OverWatch | CrowdStrike, Inc. | Joe Sullivan, Scott Taschler |
| Monday, November 18, 2019 at 10:30 AM EST (2019-11-18 15:30 UTC) | A Blueprint for Designing a New Security Perimeter | Netskope | Bob Gilbert |
| Friday, November 15, 2019 at 8:30 AM EST (2019-11-15 13:30 UTC) | SANS Dark Web Solutions Forum - Illuminating the Dark Web: Harvesting and Using OSINT Data from Dark Web Resources | Terbium Labs Sophos Inc. Viavi Solutions RecordedFuture | Micah Hoffman |
| Thursday, November 14, 2019 at 3:30 PM EST (2019-11-14 20:30 UTC) | Hiring and retaining for the SOC: Recruit, Train, and Retain Talented and Dedicated Staff | Chris Crowley | |
| Thursday, November 14, 2019 at 1:00 PM EST (2019-11-14 18:00 UTC) | How to Perform a Security Investigation in AWS | AWS Marketplace | Kyle Dickinson, David Aiken |
| Wednesday, November 13, 2019 at 3:30 PM EST (2019-11-13 20:30 UTC) | Taming Linux for Enterprise Security | Cmd | Matt Bromiley, John Brunn, Brian Gladstein |
| Wednesday, November 13, 2019 at 1:00 PM EST (2019-11-13 18:00 UTC) | SOARing beyond aggregation: How to achieve meaningful correlation and prioritization of security alerts and actions | Swimlane | Nick Tausek, Jake Williams |
| Tuesday, November 12, 2019 at 3:30 PM EST (2019-11-12 20:30 UTC) | SEC588: Cloud Penetration Testing. What is it? What's different, and why? | Moses Frost | |
| Tuesday, November 12, 2019 at 1:00 PM EST (2019-11-12 18:00 UTC) | Building on ICS Security Basics—What’s Next? | Tripwire, Inc. | Matthew Luallen, Kristen Poulos, Joseph Blankenship |
| Tuesday, November 12, 2019 at 10:30 AM EDT (2019-11-12 15:30 UTC) | Successful Infosec Consulting: Lessons from Three Decades in The Field | Ted Demopoulos | |
| Friday, November 08, 2019 at 1:00 PM EST (2019-11-08 18:00 UTC) | Lessons from the Trenches: Implementing Zero Trust Data Centers in the Real World | ShieldX | Dave Karp, Chase Cunningham |
| Friday, November 08, 2019 at 10:30 AM EST (2019-11-08 15:30 UTC) | What's New in SEC575: Mobile Device Security and Ethical Hacking | Erik Van Buggenhout, Jeroen Beckers | |
| Thursday, November 07, 2019 at 3:30 PM EST (2019-11-07 20:30 UTC) | Data Governance: What Dark secrets lurk in your Salesforce instance? | RevCult | Pete Thurston, Dave Shackleford |
| Thursday, November 07, 2019 at 1:00 PM EST (2019-11-07 18:00 UTC) | What Works in SOC/NOC Integration: Improving Time to Detect, Respond and Contain with ExtraHop Reveal(x) | ExtraHop | John Pescatore, Mitch Roberson |
| Thursday, November 07, 2019 at 10:30 AM EST (2019-11-07 15:30 UTC) | Evade Me If You Can: Unmasking Context-Aware Malware | VMRay | Brandon McCrillis, Tamas Boczan |
| Wednesday, November 06, 2019 at 3:30 PM EST (2019-11-06 20:30 UTC) | Evaluating Network Traffic Analysis Systems – Requirements and Challenges | Awake Security | David Pearson, Kevin Tolly |
| Wednesday, November 06, 2019 at 10:30 AM EST (2019-11-06 15:30 UTC) | Hear me SOAR - Using Elastic, ElastAlert and TheHive in an effective purple team pipeline | Please Check Back | |
| Tuesday, November 05, 2019 at 3:30 PM EST (2019-11-05 20:30 UTC) | Interested in Smartphone Forensics? | Domenica Crognale | |
| Wednesday, October 30, 2019 at 3:30 PM EDT (2019-10-30 19:30 UTC) | Threat Hunting for New and Experienced Hunters: Panel Discussion of the SANS 2019 Threat Hunting Survey | DomainTools ExtraHop ThreatConnect | Mathias Fuchs, Joshua Lemon, Matt Cauthorn, Alex Valdivia, Taylor Wilkes-Pierce |
| Wednesday, October 30, 2019 at 1:00 PM EDT (2019-10-30 17:00 UTC) | Securing Your Modern Data Center | Palo Alto Networks | Christer Swartz, Dave Shackleford |
| Wednesday, October 30, 2019 at 10:30 AM EDT (2019-10-30 14:30 UTC) | Attacking and Defending Cloud Metadata Services | Eric Johnson | |
| Tuesday, October 29, 2019 at 3:30 PM EDT (2019-10-29 19:30 UTC) | SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters | Anomali Authentic8 VMWare Carbon Black DomainTools ExtraHop Lastline ThreatConnect ThreatQuotient Sophos Inc. Verodin | Mathias Fuchs, Joshua Lemon |
| Tuesday, October 29, 2019 at 10:30 AM EDT (2019-10-29 14:30 UTC) | Real World Challenges for PCI Compliant Containers | Threat Stack | Tim Buntel, John Pescatore, Katie Paugh |
| Monday, October 28, 2019 at 1:00 PM EDT (2019-10-28 17:00 UTC) | Human Fingerprints in Malware and their Use in Cyber Threat Intelligence | Robert M. Lee, Tobias Johansson | |
| Friday, October 25, 2019 at 10:30 AM EST (2019-10-25 14:30 UTC) | Have You Taken The "Endpoint Blue Pill"? Debunking The Endpoint Protection Myth. | Cisco Systems Inc. | Justin Henderson, Ismael Valenzuela |
| Thursday, October 24, 2019 at 3:30 PM EDT (2019-10-24 19:30 UTC) | Successful Infosec Consulting 101 | Ted Demopoulos | |
| Thursday, October 24, 2019 at 10:30 AM EDT (2019-10-24 14:30 UTC) | Untapped Potential: Getting the most out of your SIEM | Justin Henderson, John Hubbard | |
| Wednesday, October 23, 2019 at 3:30 PM EDT (2019-10-23 19:30 UTC) | Modern Web Application Penetration Testing Part 1, XSS and XSRF Together | Adrien de Beaupré | |
| Wednesday, October 23, 2019 at 1:00 PM EDT (2019-10-23 17:00 UTC) | Lessons Learned from Over a Thousand Threat Hunting Workshops | Cisco Systems Inc. | Brandon Newport |
| Wednesday, October 23, 2019 at 10:30 AM EDT (2019-10-23 14:30 UTC) | JumpStart Guide to Security Investigations and Posture Management in Amazon Web Services | AWS Marketplace | Kyle Dickinson, Tim Jefferson, David Aiken |
| Tuesday, October 22, 2019 at 3:30 PM EST (2019-10-22 19:30 UTC) | Are you prepared for a Ransomware Attack? | Cisco Systems Inc. | Peter Romness, John Pescatore |
| Tuesday, October 22, 2019 at 1:00 PM EDT (2019-10-22 17:00 UTC) | Converged Threat and Performance Management – Listen to Your Network! | Viavi Solutions | Ward Cobleigh, John Pescatore |
| Tuesday, October 22, 2019 at 11:00 AM EDT (2019-10-22 15:00 UTC) | Are Your Security Controls Yesterday's News? | Cymulate | Matt Bromiley, Eyal Ahraoni |
| Monday, October 21, 2019 at 1:00 PM EDT (2019-10-21 17:00 UTC) | Windows User Enumeration, Living off the land | Dale Hobbs | |
| Friday, October 18, 2019 at 8:30 AM MST (2019-10-18 14:30 UTC) | SANS Cloud Security Operations Solutions Forum | Cisco Systems Inc. Microsoft Swimlane CloudPassage | Please Check Back |
| Thursday, October 17, 2019 at 1:00 PM EST (2019-10-17 17:00 UTC) | How Attackers Exploit Office 365 Vulnerabilities | Netwrix | John Pescatore, Jeff Melnick |
| Wednesday, October 16, 2019 at 11:00 PM EST (2019-10-17 03:00 UTC) | Power up your Security Operations Center’s human capital with the new SEC450 Part 2 - Blue Team Fundamentals…Finding and training the right people! | John Hubbard | |
| Tuesday, October 15, 2019 at 3:30 PM EDT (2019-10-15 19:30 UTC) | Launching APOLLO - Creating a Simple Tool for Advanced Forensic Analysis | Sarah Edwards | |
| Tuesday, October 15, 2019 at 1:00 PM EDT (2019-10-15 17:00 UTC) | Pivotal Platform - Getting Started with Native Runtime Protection for PAS | Aqua Security Inc. | Bryan Morrow, Dave Shackleford |
| Tuesday, October 15, 2019 at 10:30 AM EDT (2019-10-15 14:30 UTC) | How to Inject Security Into Your Software Development Life Cycle - Close Security Gaps in Your Software Supply Chain Through Automation and Deep Analysis | Reversing Labs | Please Check Back |
| Thursday, October 10, 2019 at 3:30 PM EDT (2019-10-10 19:30 UTC) | Improve Network Security with Application Intelligence | Ixia | Christophe Olivier, Sarah Gross |
| Thursday, October 10, 2019 at 1:00 PM EDT (2019-10-10 17:00 UTC) | How to Secure App Pipelines in AWS | AWS Marketplace | Dave Shackleford, David Aiken |
| Monday, October 07, 2019 at 1:00 PM EDT (2019-10-07 17:00 UTC) | When Hacking Becomes Deadly – InfoSec in the Age of Connected Medical Devices | Kenneth May | |
| Friday, October 04, 2019 at 3:30 PM EST (2019-10-04 19:30 UTC) | Manage Vulnerabilities through the Software Lifecycle: How to Enable Secure DevOps | ZeroNorth | Brandon Helms, Andrei Bezdedeanu |
| Thursday, October 03, 2019 at 3:30 PM EDT (2019-10-03 19:30 UTC) | IT, OT, and IOT — Oh, My! Learn to See and Secure It All | Ixia | Tim Jones, Dennis Carpio |
| Thursday, October 03, 2019 at 1:00 PM EDT (2019-10-03 17:00 UTC) | Red, Blue and Purple Teams: Combining Your Security Capabilities for the Best Outcome | Core Security Technologies | Chris Dale, Bobby Kuzma |
| Wednesday, October 02, 2019 at 3:30 PM EDT (2019-10-02 19:30 UTC) | Dominating the Active Directory | Erik Van Buggenhout | |
| Wednesday, October 02, 2019 at 1:00 PM EDT (2019-10-02 17:00 UTC) | How to Effectively Use Segmentation and Microsegmentation | VMWare, Inc | Dave Shackleford, Nick Furman |
| Tuesday, October 01, 2019 at 1:00 PM EST (2019-10-01 17:00 UTC) | Demystifying The Hunt: How to Assess Your Threat Hunting Readiness and Prepare for the Next Step | Corelight Optiv | Gary Fisk, Fayyaz Rajpari, Matt Bromiley |
| Tuesday, October 01, 2019 at 10:30 AM EST (2019-10-01 14:30 UTC) | ExtraHop Reveal(x) Expands Attack Investigations to Cover All Vectors | ExtraHop | Dave Shackleford, Tom Stitt |
| Monday, September 30, 2019 at 1:00 PM EDT (2019-09-30 17:00 UTC) | The perils and perks of cloud access security | David Hazar | |
| Friday, September 27, 2019 at 8:00 AM EDT (2019-09-27 12:00 UTC) | Vulnerability Management Vendor Briefing: Decreasing the Attack Surface with Effective Vulnerability Management | Akamai Technologies Arctic Wolf Networks Cisco Systems Inc. CloudPassage ZeroNorth | Matt Bromiley |
| Thursday, September 26, 2019 at 3:30 PM EDT (2019-09-26 19:30 UTC) | NetOps and SecOps: “Can’t We All Just Get Along?" | Ixia | Scott Register, Ryan Davis |
| Thursday, September 26, 2019 at 1:00 PM EDT (2019-09-26 17:00 UTC) | Speaking the Language of the Board | Unisys | Please Check Back |
| Thursday, September 26, 2019 at 10:30 AM EDT (2019-09-26 14:30 UTC) | Learn about the New SIEM Poster - Architecture, Enrichment, and More | Justin Henderson | |
| Wednesday, September 25, 2019 at 3:30 PM EDT (2019-09-25 19:30 UTC) | Threat Hunting in the Cloud: Time for a Power-Up? | Ben Johnson | |
| Wednesday, September 25, 2019 at 1:00 PM EDT (2019-09-25 17:00 UTC) | Effectively Addressing Advanced Threats | IBM Security | Matt Bromiley, Lauren Horaist |
| Wednesday, September 25, 2019 at 10:30 AM EDT (2019-09-25 14:30 UTC) | Lights Out: Inside the Mind of a Utility Hacker | Thycotic | Joseph Carson |
| Tuesday, September 24, 2019 at 1:00 PM EDT (2019-09-24 17:00 UTC) | The DNS Privacy Debate, Explained: Making the Right Choice between DNS over TLS and DNS over HTTPS | Infoblox | Paul Adair, Dave Shackleford |
| Tuesday, September 24, 2019 at 10:30 AM EDT (2019-09-24 14:30 UTC) | Jumpstart Guide to Application Security in the Cloud | AWS Marketplace | Nathan Getty, Aidan Walden, Nam Le |
| Monday, September 23, 2019 at 1:00 PM EDT (2019-09-23 17:00 UTC) | Elevating Enterprise Security with Fidelis Cybersecurity: Endpoint Security Capabilities | Fidelis Cybersecurity | Matt Bromiley, Gerald Mancini |
| Friday, September 20, 2019 at 3:30 PM EDT (2019-09-20 19:30 UTC) | Hacking Your Way to Business Knowledge | Kevin Garvey | |
| Friday, September 20, 2019 at 10:30 AM EDT (2019-09-20 14:30 UTC) | Easing Into Consulting; Consulting on The Side & Other Approaches | Ted Demopoulos | |
| Thursday, September 19, 2019 at 1:00 PM EDT (2019-09-19 17:00 UTC) | Modern Threat Hunting And Response: How TTPs Are Changing The Game | Exabeam | Orion Cassetto, Trevor Daughney |
| Thursday, September 19, 2019 at 10:30 AM EDT (2019-09-19 14:30 UTC) | Live Webinar: Micro-Segmentation for Network Security – Strategy to Execution | AlgoSec Systems, Ltd. | Avishai Wool, Dave Shackleford |
| Wednesday, September 18, 2019 at 1:00 PM EDT (2019-09-18 17:00 UTC) | Yes, IT and OT Are Converging. So How Does This Affect Compliance? | Forescout Technologies BV | Don C. Weber |
| Tuesday, September 17, 2019 at 1:00 PM EDT (2019-09-17 17:00 UTC) | Elevating Enterprise Security with Fidelis Cybersecurity: Network and Deception | Fidelis Cybersecurity | Matt Bromiley, Gerald Mancini |
| Monday, September 16, 2019 at 11:00 PM EST (2019-09-17 03:00 UTC) | Power up your Security Operations Center with the new SEC450 Part 1 - Blue Team Fundamentals…Creating an on-ramp for new defenders! | John Hubbard | |
| Monday, September 16, 2019 at 1:00 PM EDT (2019-09-16 17:00 UTC) | Keeping the Technical in Technical Management | Kevin Garvey | |
| Thursday, September 12, 2019 at 1:00 PM EDT (2019-09-12 17:00 UTC) | How to Build a Threat Detection Strategy in AWS | AWS Marketplace | David Szili, David Aiken |
| Tuesday, September 10, 2019 at 1:00 PM EDT (2019-09-10 17:00 UTC) | Success Patterns for Supply Chain Security | Interos Panorays | John Pescatore |
| Tuesday, September 10, 2019 at 10:30 AM EDT (2019-09-10 14:30 UTC) | Advanced Zeek Usage: Scripting and Framework | David Szili | |
| Monday, September 09, 2019 at 1:00 PM EDT (2019-09-09 17:00 UTC) | Enabling KAPE at Scale | Mark Hallman | |
| Thursday, September 05, 2019 at 3:30 PM EST (2019-09-05 19:30 UTC) | How to accelerate your cyber security career | Stephen Sims | |
| Tuesday, September 03, 2019 at 3:30 PM EDT (2019-09-03 19:30 UTC) | The State of Malware Analysis: Advice from the Trenches | Jim Clausing, Evan Dygert, Anuj Soni, Jake Williams, Lenny Zeltser | |
| Tuesday, September 03, 2019 at 1:00 PM EDT (2019-09-03 17:00 UTC) | Getting the Knack of ATT&CK™ | Rapid7 Inc. | Bob Rudis |
| Thursday, August 29, 2019 at 3:30 PM EDT (2019-08-29 19:30 UTC) | Don't Open These-- The Five Most Dangerous File Types | Palo Alto Networks | Dave Shackleford, Erik Yunghans, John Harrison |
| Thursday, August 29, 2019 at 1:00 PM EDT (2019-08-29 17:00 UTC) | Strengthening and Optimizing Your Security Posture from the Foundation Up | Infoblox | Srikrupa Srivatsan, Dave Shackleford |
| Thursday, August 29, 2019 at 10:30 AM EDT (2019-08-29 14:30 UTC) | New hosted course: ICS Cybersecurity for Managers | Doug Wylie, Paul Rostick, John Cusimano | |
| Wednesday, August 28, 2019 at 3:30 PM EDT (2019-08-28 19:30 UTC) | More Super Practical Blue Tips, Tools, and Lessons Learned from Team-Based Training: Coordinating Hand-Offs, Your Buddy RITA, and Microsoft Message Analyzer FOR THE WIN! | Ed Skoudis, Joshua Wright | |
| Wednesday, August 28, 2019 at 1:00 PM EDT (2019-08-28 17:00 UTC) | JumpStart Guide for Security Information and Event Management (SIEM) in AWS | AWS Marketplace Optiv | J. Michael Butler, David Aiken, Jay Austad |
| Tuesday, August 27, 2019 at 3:30 PM EDT (2019-08-27 19:30 UTC) | The Cycle of Cyber Threat Intelligence | Katie Nickels | |
| Tuesday, August 27, 2019 at 1:00 PM EDT (2019-08-27 17:00 UTC) | Meet Your New Best Friend: DNS Security | Cisco Systems Inc. | Rachel Ackerly |
| Tuesday, August 27, 2019 at 10:30 AM EDT (2019-08-27 14:30 UTC) | How to Identify Hidden & Destructive Objects in Your Environment | Reversing Labs | Please Check Back |
| Monday, August 26, 2019 at 1:00 PM EDT (2019-08-26 17:00 UTC) | So you Wanna Start a TI Program | Christian Nicholson | |
| Thursday, August 22, 2019 at 3:30 PM EDT (2019-08-22 19:30 UTC) | Purple Teaming: The Pen-Test Grows Up | Bryce Galbraith | |
| Wednesday, August 21, 2019 at 3:30 PM EDT (2019-08-21 19:30 UTC) | Kerberos & Attacks 101 | Tim Medin | |
| Wednesday, August 21, 2019 at 10:30 AM EDT (2019-08-21 14:30 UTC) | ICS 612 – Practitioner focused Hands on cybersecurity | Tim Conway | |
| Tuesday, August 20, 2019 at 11:00 PM EST (2019-08-21 03:00 UTC) | Leveraging OSINT for Better DFIR Investigations | Jeff Lomas, Micah Hoffman | |
| Tuesday, August 20, 2019 at 1:00 PM EDT (2019-08-20 17:00 UTC) | Focus On People, Process, and Technology to Take Your SOC to the Next Level | Anomali | John Kitchen, John Pescatore |
| Monday, August 19, 2019 at 1:00 PM EDT (2019-08-19 17:00 UTC) | Legacy Authentication and Password Spray, Understanding and Stopping Attackers Favorite TTPs in Azure AD | Mark Morowczynski, Ramiro Calderon | |
| Thursday, August 15, 2019 at 1:00 PM EDT (2019-08-15 17:00 UTC) | The Beginner’s Guide to Applying Machine Learning to Incident Response | DomainTools | Dave Shackleford |
| Wednesday, August 14, 2019 at 1:00 PM EDT (2019-08-14 17:00 UTC) | Stop Letting Security Fail. Identify the True Problem | Endgame | Ian McShane, Matt Bromiley |
| Wednesday, August 14, 2019 at 10:30 AM EDT (2019-08-14 14:30 UTC) | Practical tips to build a successful purple team | Erik Van Buggenhout | |
| Tuesday, August 13, 2019 at 3:30 PM EDT (2019-08-13 19:30 UTC) | Triage Collection and Timeline Analysis with KAPE | Mari DeGrazia | |
| Tuesday, August 13, 2019 at 1:00 PM EDT (2019-08-13 17:00 UTC) | Visibility for Incident Response: A Review of Forescout 8.1 | Forescout Technologies BV | Don Murdoch, Sandeep Kumar |
| Thursday, August 08, 2019 at 3:30 PM EDT (2019-08-08 19:30 UTC) | SANS Introduction to Python Course | Mark Baggett | |
| Thursday, August 08, 2019 at 1:00 PM EDT (2019-08-08 17:00 UTC) | How to Protect Enterprise Systems with Cloud-Based Firewalls | AWS Marketplace | Kevin Garvey, David Aiken |
| Thursday, August 08, 2019 at 10:30 AM EST (2019-08-08 14:30 UTC) | Neighborhood Keeper: A Collaborative Initiative for Our ICS Community | Dragos, Inc. | Robert M. Lee, Tim Conway, Matt Bodman |
| Wednesday, August 07, 2019 at 1:00 PM EDT (2019-08-07 17:00 UTC) | The Age of Autonomous Breach Protection: Prepare, confront and Respond to Cyberthreats Across the Entire Environment | Cynet | Yiftach Keshet, Dave Shackleford |
| Wednesday, August 07, 2019 at 10:30 AM EDT (2019-08-07 14:30 UTC) | A Ghidra Test Drive | Jim Clausing | |
| Tuesday, August 06, 2019 at 1:00 PM EDT (2019-08-06 17:00 UTC) | Backstory + VirusTotal: How to get the most out of your security data | Chronicle | Matt Bromiley |
| Monday, August 05, 2019 at 1:00 PM EDT (2019-08-05 17:00 UTC) | Security Inside the Perimeter with VMware | VMWare, Inc | Arjun Narang |
| Friday, August 02, 2019 at 3:30 PM EDT (2019-08-02 19:30 UTC) | ATT&CKing your Enterprise: Adversary Detection Pipelines & Adversary Simulation | Xena Olsen, Ben Goerz | |
| Friday, August 02, 2019 at 1:00 PM EDT (2019-08-02 17:00 UTC) | Integrated Incident Response: A Panel Discussion about the SANS 2019 IR Survey | DomainTools ExtraHop | John Smith, Corin Imai, Matt Bromiley |
| Thursday, August 01, 2019 at 1:00 PM EDT (2019-08-01 17:00 UTC) | Integrated Incident Response: A SANS Survey | DFLabs DomainTools ExtraHop Infoblox King & Union OpenText Inc. Unisys Swimlane | Matt Bromiley |
| Wednesday, July 31, 2019 at 10:30 AM EDT (2019-07-31 14:30 UTC) | JumpStart Guide to Cloud-Based Firewalls in AWS | AWS Marketplace Optiv | Brian Russell, Anthony Tanzi, David Aiken |
| Tuesday, July 30, 2019 at 1:00 PM EDT (2019-07-30 17:00 UTC) | URL Filtering Best Practices-- Making Your Web Security Policy Work for You | Palo Alto Networks | Dave Shackleford, Suzanne VanPatten, Kelvin Kwan |
| Monday, July 29, 2019 at 1:00 PM EDT (2019-07-29 17:00 UTC) | Is Your Plant Cyber Resilient? Next Steps to Achieving Safe and Secure Plant Operation | Yokogawa Corporation of America | Camilo Gomez, Barbara Filkins |
| Thursday, July 25, 2019 at 1:00 PM EDT (2019-07-25 17:00 UTC) | A Cyber-First Approach to Disaster Recovery | Semperis | Darren Mar-Elia, John Pescatore |
| Thursday, July 25, 2019 at 10:30 AM EDT (2019-07-25 14:30 UTC) | A BEAST and a POODLE celebrating SWEET32 | Bojan Zdrnja | |
| Wednesday, July 24, 2019 at 11:00 PM EST (2019-07-25 03:00 UTC) | The Global Privacy Law Imperative | Benjamin Wright, Grace Chong | |
| Wednesday, July 24, 2019 at 3:30 PM EDT (2019-07-24 19:30 UTC) | Rethinking Vulnerability Management | Kevin Garvey | |
| Tuesday, July 23, 2019 at 1:00 PM EDT (2019-07-23 17:00 UTC) | Tips, Tricks, and Cheats Gathered from Red vs. Blue Team-Based Training | Ed Skoudis, Joshua Wright | |
| Monday, July 22, 2019 at 1:00 PM EDT (2019-07-22 17:00 UTC) | UNDERSTANDING THE FORENSIC SCIENCE IN DIGITAL FORENSICS | Jason Jordaan | |
| Thursday, July 18, 2019 at 1:00 PM EDT (2019-07-18 17:00 UTC) | How to Build an Endpoint Security Strategy in AWS | AWS Marketplace | Thomas Banasik, David Aiken |
| Wednesday, July 17, 2019 at 10:30 AM EDT (2019-07-17 14:30 UTC) | You can rest easy when protecting REST APIs | Jason Lam | |
| Thursday, July 11, 2019 at 1:00 PM EDT (2019-07-11 17:00 UTC) | Common and Best Practices for Security Operations Centers: Panel Discussion | ExtraHop Siemplify ThreatConnect | Christopher Crowley, Jody Caldwell, Jeff Costlow, Steve Salinas |
| Thursday, July 11, 2019 at 10:30 AM EDT (2019-07-11 14:30 UTC) | Managed Security Services for OT Networks – Simplifying Your OT Security Journey | Radiflow | Ilan Barda |
| Wednesday, July 10, 2019 at 3:30 PM EDT (2019-07-10 19:30 UTC) | The Critical Security Controls and Some Recent Data Breaches | Please Check Back | |
| Wednesday, July 10, 2019 at 1:00 PM EDT (2019-07-10 17:00 UTC) | Common and Best Practices for Security Operations Centers: Results of the 2019 SOC Survey | Anomali BTB Security CYBERBIT Commercial Solutions DFLabs ExtraHop Siemplify ThreatConnect CyberProof | Christopher Crowley |
| Tuesday, July 09, 2019 at 3:30 PM EDT (2019-07-09 19:30 UTC) | Simplify Your Office 365 Migration | Valimail | Sibrina Subedar, Brandon Helms |
| Tuesday, July 09, 2019 at 10:30 AM EDT (2019-07-09 14:30 UTC) | Leveraging Your SIEM to Implement Security Best Practices | Rapid7 Inc. | Please Check Back |
| Wednesday, July 03, 2019 at 3:30 PM EST (2019-07-03 19:30 UTC) | Effective Threat Hunting | Chris Dale | |
| Wednesday, July 03, 2019 at 10:30 AM EDT (2019-07-03 14:30 UTC) | Leading Change for CISOs | Cisco Systems Inc. | Lance Spitzner |
| Monday, July 01, 2019 at 2:00 PM EDT (2019-07-01 18:00 UTC) | Adversaries have goals too! | Please Check Back | |
| Friday, June 28, 2019 at 3:30 PM EDT (2019-06-28 19:30 UTC) | Next-Gen Vulnerability Management: Clarity, Consistency, and Cloud | David Hazar | |
| Friday, June 28, 2019 at 1:00 PM EDT (2019-06-28 17:00 UTC) | Why Traditional EDR Is Not Working--and What to Do About It | Mcafee LLC | Jake Williams, Ismael Valenzuela |
| Thursday, June 27, 2019 at 1:00 PM EDT (2019-06-27 17:00 UTC) | Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks | Forescout Technologies BV | Sandeep Lota, Dean Parsons |
| Thursday, June 27, 2019 at 10:30 AM EST (2019-06-27 14:30 UTC) | Hitting the Silent Alarm on Banking Trojans | VMRay | Jacob Williams, Rohan Viegas, Tamas Boczan |
| Wednesday, June 26, 2019 at 3:30 PM EDT (2019-06-26 19:30 UTC) | Practical Approach to Vendor Risk Management & Data Privacy | Spirion | Norman Levine |
| Wednesday, June 26, 2019 at 1:00 PM EDT (2019-06-26 17:00 UTC) | Malicious Bots: How they became #1 New Threat and How to Stop Them | Cequence | Arif Husain |
| Wednesday, June 26, 2019 at 10:30 AM EST (2019-06-26 14:30 UTC) | Gaining Complete Visibility of Your Environment with Attack Surface Monitoring | Rapid7 Inc. | Jon Hart, Tori Sitcawich |
| Tuesday, June 25, 2019 at 3:30 PM EDT (2019-06-25 19:30 UTC) | Cloud Data Protection | Mark Geeslin | |
| Tuesday, June 25, 2019 at 1:00 PM EDT (2019-06-25 17:00 UTC) | Building and Maturing Your Threat Hunt Program | Cisco Systems | David Szili |
| Tuesday, June 25, 2019 at 10:30 AM EDT (2019-06-25 14:30 UTC) | JumpStart Guide for Endpoint Security in AWS | AWS Marketplace | David Hazar, Joe Vadakkan, David Aiken |
| Monday, June 24, 2019 at 4:00 PM EST (2019-06-24 20:00 UTC) | Live from the Security Operations Summit: Rethinking the SOC for Long-Term Success & 2019 SANS SOC Survey Preview | John Hubbard, Chris Crowley | |
| Monday, June 24, 2019 at 1:00 PM EDT (2019-06-24 17:00 UTC) | Addressing Consumer Safety Concerns With Zero Trust Security | Unisys | Chris Kloes |
| Friday, June 21, 2019 at 10:30 AM EDT (2019-06-21 14:30 UTC) | Web App Testing 101 - Getting the Lay of the Land | Mike Saunders | |
| Thursday, June 20, 2019 at 3:30 PM EDT (2019-06-20 19:30 UTC) | How To Increase MITRE ATT&CK Coverage with Network Traffic Analysis | ExtraHop | Chris Crowley, John Smith |
| Wednesday, June 19, 2019 at 1:00 PM EDT (2019-06-19 17:00 UTC) | Converging OT and IT Networks: Where and How to Evolve ICS for Security | Nozomi Networks Radiflow Yokogawa Corporation of America | Barbara Filkins, Doug Wylie, Ilan Barda, Camilo Gomez, Kim Legelis |
| Wednesday, June 19, 2019 at 8:30 AM EST (2019-06-19 12:30 UTC) | SANS FedRAMP Technology Workshop | Amazon Web Services, Inc. IBM Rackspace CrowdStrike, Inc. Okta | John Pescatore |
| Tuesday, June 18, 2019 at 1:00 PM EDT (2019-06-18 17:00 UTC) | Managing the Insider Threat: Why Visibility Is Critical | ObserveIT | Sai Chavali, John Pescatore |
| Tuesday, June 18, 2019 at 10:30 AM EDT (2019-06-18 14:30 UTC) | Increasing Visibility with Ixia's Vision ONE | Ixia | Serge Borso, Taran Singh |
| Friday, June 14, 2019 at 1:00 PM EDT (2019-06-14 17:00 UTC) | DDI data – a Critical Enabler of SOAR | Infoblox | Srikrupa Srivatsan, Dave Shackleford |
| Friday, June 14, 2019 at 10:30 AM EDT (2019-06-14 14:30 UTC) | Five Keys for Successful Vulnerability Management | Jonathan Risto | |
| Thursday, June 13, 2019 at 3:30 PM EDT (2019-06-13 19:30 UTC) | Authentication: It Is All About the User Experience | Yubico, Inc. | Matt Bromiley, Hormazd Romer |
| Thursday, June 13, 2019 at 1:00 PM EDT (2019-06-13 17:00 UTC) | How to Build a Data Protection Strategy in AWS | AWS Marketplace | Dave Shackleford, David Aiken |
| Wednesday, June 12, 2019 at 3:30 PM EDT (2019-06-12 19:30 UTC) | Using Zeek/Bro To Discover Network TTPs of MITRE ATT&CK | Corelight | Richard Bejtlich, James Schweitzer |
| Wednesday, June 12, 2019 at 1:00 PM EDT (2019-06-12 17:00 UTC) | SANS 2019 State of OT/ICS Cybersecurity Survey | Cisco Systems Inc. Forescout Technologies BV Owl Cyber Defense Nozomi Networks Radiflow Yokogawa Corporation of America | Jason Dely, Barbara Filkins, Doug Wylie |
| Wednesday, June 12, 2019 at 10:30 AM EDT (2019-06-12 14:30 UTC) | Cybersecurity Frameworks for CISOs | Cisco Systems Inc. | Frank Kim |
| Tuesday, June 11, 2019 at 3:30 PM EDT (2019-06-11 19:30 UTC) | The 20 Critical Security Controls: From Framework to Operational to Implementation | Randy Marchany | |
| Monday, June 10, 2019 at 2:00 PM EDT (2019-06-10 18:00 UTC) | ICS Active Defense Primer | Kai Thomsen | |
| Friday, June 07, 2019 at 1:00 PM EST (2019-06-07 17:00 UTC) | SIEM as Alexa – How Natural Language Processing Can Transform Your Cyber Security Experience | Empow | Dave Shackleford, Avi Chesla |
| Thursday, June 06, 2019 at 1:00 PM EDT (2019-06-06 17:00 UTC) | Missing Information About Security Misconfiguration? Explore this often-used vulnerability category through data from 1000+ pentests | Cobalt Labs, Inc. | John Pescatore, Joe Sechman |
| Wednesday, June 05, 2019 at 3:30 PM EDT (2019-06-05 19:30 UTC) | Power up your Security Operations Center’s human capital with the new SEC450 Part 2 - Blue Team Fundamentals…Finding and training the right people! | John Hubbard | |
| Wednesday, June 05, 2019 at 1:00 PM EDT (2019-06-05 17:00 UTC) | How SOC Superheroes Win | Unisys LogRhythm | Salvatore Sinno, Ismael Cervantes |
| Tuesday, June 04, 2019 at 1:00 PM EDT (2019-06-04 17:00 UTC) | Lessons From the Front Lines of AppSec: Analysis of real-world attacks from 2019 and best practices for dealing with them | ThreatX | Chris Brazdziunas, Will Woodson |
| Tuesday, June 04, 2019 at 10:30 AM EDT (2019-06-04 14:30 UTC) | The Future of Authentication: How Two Factor Authentication is Dying and What’s Next | Yubico, Inc. | Johannes Ullrich, PhD |
| Thursday, May 30, 2019 at 10:30 AM EDT (2019-05-30 14:30 UTC) | Secure Kubernetes Application Delivery | Andrew Martin | |
| Tuesday, May 28, 2019 at 11:00 PM EST (2019-05-29 03:00 UTC) | Fileless Malware Fun | Hal Pomeranz | |
| Tuesday, May 28, 2019 at 3:30 PM EDT (2019-05-28 19:30 UTC) | Cloud Security Automation: Monitoring and Operations | Frank Kim | |
| Tuesday, May 28, 2019 at 10:30 AM EST (2019-05-28 14:30 UTC) | Streamlining Your Security Process with Orchestration & Automation | Rapid7 Inc. | Please Check Back |
| Friday, May 24, 2019 at 3:30 PM EDT (2019-05-24 19:30 UTC) | IoT vulnerability and security is the next frontier | Lee Reiber | |
| Friday, May 24, 2019 at 10:30 AM EDT (2019-05-24 14:30 UTC) | Defensible Security Architecture and Engineering – Part 3: Protect your Lunch Money – Keeping the Thieves at Bay | Ismael Valenzuela, Justin Henderson | |
| Thursday, May 23, 2019 at 1:00 PM EDT (2019-05-23 17:00 UTC) | What Real-World Attacks Look Like — and How to Stop Them in Their Tracks | Netwrix | Dave Shackleford, Brian Johnson |
| Wednesday, May 22, 2019 at 1:00 PM EDT (2019-05-22 17:00 UTC) | Actionable IT/OT end point protection to: detect, contain, and respond to limit ICS cyber threats | Verve | Ron Brash |
| Wednesday, May 22, 2019 at 10:30 AM EDT (2019-05-22 14:30 UTC) | SEC599: Defeating Advanced Adversaries – Discover what’s NEW in Purple Team….Latest course updates! | Erik Van Buggenhout | |
| Tuesday, May 21, 2019 at 1:00 PM EDT (2019-05-21 17:00 UTC) | Passive Isn't Good Enough: Moving into Active EDR | SentinelOne | Justin Henderson, Migo Kedem |
| Wednesday, May 15, 2019 at 3:30 PM EDT (2019-05-15 19:30 UTC) | Power up your Security Operations Center with the new SEC450 Part 1 - Blue Team Fundamentals: Creating an on-ramp for new defenders! | John Hubbard | |
| Wednesday, May 15, 2019 at 1:00 PM EDT (2019-05-15 17:00 UTC) | Vetting Your Intel - Techniques and Tools for False Positive Analysis | DomainTools | Robert M. Lee, Tarik Saleh |
| Wednesday, May 15, 2019 at 10:30 AM EDT (2019-05-15 14:30 UTC) | Web application defense – Use headers to make pentester’s job difficult | Jason Lam | |
| Tuesday, May 14, 2019 at 3:30 PM EDT (2019-05-14 19:30 UTC) | Hacking without Domain Admin | Tim Medin, Mike Saunders | |
| Monday, May 13, 2019 at 3:30 PM EDT (2019-05-13 19:30 UTC) | Not sure that you need OT Cybersecurity? A Sentryo Assessment can quickly provide the data and guidance that you need. | Sentryo | Tim Conway, Michael Thompson, Bob Foley, Fayce Daira |
| Thursday, May 09, 2019 at 1:00 PM EDT (2019-05-09 17:00 UTC) | How to Secure a Modern Web Application in AWS | AWS Marketplace | Shaun McCullough, David Aiken |
| Wednesday, May 08, 2019 at 12:00 PM EDT (2019-05-08 16:00 UTC) | Gaining a Decisive Advantage Through Terrain Based Cyber Defense | Fidelis Cybersecurity | Craig Harber, Rami Mizrahi |
| Tuesday, May 07, 2019 at 1:00 PM EDT (2019-05-07 17:00 UTC) | The State of Cloud Security: Panel Discussion | ExtraHop Sysdig | Dave Shackleford, Jim Reavis, Pawan Shankar, Eric Thomas |
| Tuesday, May 07, 2019 at 10:30 AM EDT (2019-05-07 14:30 UTC) | Terraforming Azure: not as difficult as planets | AWS Marketplace: Telos Corporation | David Hazar |
| Thursday, May 02, 2019 at 3:30 PM EDT (2019-05-02 19:30 UTC) | Rethinking Your Global Security Platform | Chronicle | Matt Bromiley, Brandon Levene |
| Thursday, May 02, 2019 at 1:00 PM EDT (2019-05-02 17:00 UTC) | How Effective is Your WAF Protection? - Metrics & Key Considerations | ThreatX | Chris Brazdziunas, Will Woodson |
| Thursday, May 02, 2019 at 10:30 AM EDT (2019-05-02 14:30 UTC) | From Seizure to Actionable Intelligence in 90 Minutes or Less | Kevin Ripa | |
| Wednesday, May 01, 2019 at 3:30 PM EDT (2019-05-01 19:30 UTC) | Sharing Alerts and Threat Intelligence with MISP | Justin Henderson, John Hubbard | |
| Wednesday, May 01, 2019 at 1:00 PM EDT (2019-05-01 17:00 UTC) | The State of Cloud Security: Results of the SANS 2019 Cloud Security Survey | ExtraHop Sophos Inc. Sysdig | Dave Shackleford, Jim Reavis |
| Wednesday, May 01, 2019 at 10:30 AM EDT (2019-05-01 14:30 UTC) | A CISO's Perspective on Presenting OT Risk to the Board | CyberX | Ilan Abadi, Daniel Shugrue |
| Tuesday, April 30, 2019 at 3:30 PM EDT (2019-04-30 19:30 UTC) | The Future of Phishing: It’s all about your customers | Segasec | Dave Shackleford, Elad Schulman |
| Tuesday, April 30, 2019 at 1:00 PM EDT (2019-04-30 17:00 UTC) | What Are Fileless Attacks and How Can You Stop Them? | Unisys | Please Check Back |
| Tuesday, April 30, 2019 at 10:30 AM EDT (2019-04-30 14:30 UTC) | Defensible Security Architecture and Engineering – Part 2: Thinking Red, Acting Blue – Mindset & Actions | Ismael Valenzuela, Justin Henderson | |
| Wednesday, April 24, 2019 at 3:30 PM EDT (2019-04-24 19:30 UTC) | Take Back Control of Your DNS Traffic | Palo Alto Networks | Dave Shackleford |
| Wednesday, April 24, 2019 at 10:30 AM EDT (2019-04-24 14:30 UTC) | Why Your Vulnerability Management Strategy Is Not Working – and What to Do About It | Lookingglass Cyber Solutions, Inc. | Brandon Helms, Eric Olson |
| Tuesday, April 23, 2019 at 1:00 PM EDT (2019-04-23 17:00 UTC) | Delivering Infrastructure, Security and Operations as Code across Multi-cloud Environments | Palo Alto Networks | Vinay Venkataraghavan, Matt Bromiley |
| Friday, April 19, 2019 at 1:00 PM EDT (2019-04-19 17:00 UTC) | SANS Top New Attacks and Threat Report | Anomali DomainTools Infoblox Unisys Veracode | John Pescatore |
| Thursday, April 18, 2019 at 3:30 PM EDT (2019-04-18 19:30 UTC) | New Year, Same Magecart: The Continuation of Web-based Supply Chain Attacks | RiskIQ | Yonathan Klijnsma, Dave Shackleford |
| Thursday, April 18, 2019 at 1:00 PM EDT (2019-04-18 17:00 UTC) | Resolved: How to protect your organization when your perimeter fails | VMWare, Inc | Tom Gillis, John Pescatore |
| Wednesday, April 17, 2019 at 1:00 PM EDT (2019-04-17 17:00 UTC) | Simplifying Application Security with Software-Defined Security | VMWare, Inc | Matt De Vincentis, Dave Shackleford |
| Tuesday, April 16, 2019 at 1:00 PM EDT (2019-04-16 17:00 UTC) | Cryptojacking - What is it? Where is it? How to protect against it? | Cisco Systems | Brandon Helms, Brian McMahon |
| Thursday, April 11, 2019 at 3:30 PM EDT (2019-04-11 19:30 UTC) | How to Automate Compliance Gaps for Public Cloud | Lacework | Vikram Varakantam, John Pescatore |
| Thursday, April 11, 2019 at 1:00 PM EDT (2019-04-11 17:00 UTC) | How to Build a Security Visibility Strategy in the Cloud | AWS Marketplace | Dave Shackleford, David Aiken |
| Wednesday, April 10, 2019 at 3:30 PM EDT (2019-04-10 19:30 UTC) | Alert Investigations in the SOC - Building Your Workflow | Justin Henderson, John Hubbard | |
| Wednesday, April 10, 2019 at 1:00 PM EDT (2019-04-10 17:00 UTC) | Vulnerability Practices of Tomorrow: Part 2 of the SANS Vulnerability Management Survey Results | Balbix Bromium Tenable Veracode | Andrew Laman, David Hoelzer, Gaurav Banga, Nate Dyer |
| Wednesday, April 10, 2019 at 10:30 AM EDT (2019-04-10 14:30 UTC) | Purple PowerShell: Current attack strategies & defenses | Erik Van Buggenhout | |
| Tuesday, April 09, 2019 at 3:30 PM EDT (2019-04-09 19:30 UTC) | Cloud Security and DevOps Automation: Keys for Modern Security Success | Eric Johnson | |
| Tuesday, April 09, 2019 at 1:00 PM EDT (2019-04-09 17:00 UTC) | Current State of Vulnerability Management: Part 1 of the SANS Vulnerability Management Survey Results | Balbix Bromium Tenable Veracode | Andrew Laman, David Hoelzer, RJ Gazarek, Michael Rosen |
| Tuesday, April 09, 2019 at 10:30 AM EDT (2019-04-09 14:30 UTC) | Next-Gen Vulnerability Management: Clarity, Consistency, and Cloud | David Hazar | |
| Monday, April 08, 2019 at 1:00 PM EDT (2019-04-08 17:00 UTC) | The Cyber Kill Chain and MobileIron Threat Defense | MobileIron | James Saturnio, Ilya Geller |
| Wednesday, April 03, 2019 at 1:00 PM EDT (2019-04-03 17:00 UTC) | The Foundation of Continuous Host Monitoring | OpenText Inc. | Matt Bromiley, JJ Cranford |
| Tuesday, April 02, 2019 at 3:30 PM EDT (2019-04-02 19:30 UTC) | Vulnerability Management for the Enterprise and Cloud | Jonathan Risto | |
| Tuesday, April 02, 2019 at 1:00 PM EDT (2019-04-02 17:00 UTC) | Building a Zero Trust Model in the Cloud with Microsegmentation | Unisys | John Kindervag, Salvatore Sinno |
| Tuesday, April 02, 2019 at 10:30 AM EDT (2019-04-02 14:30 UTC) | All Your Data Belongs to Us: How to Defend Against Credential Stuffing | Johannes Ullrich, PhD | |
| Friday, March 29, 2019 at 10:30 AM EDT (2019-03-29 14:30 UTC) | Defensible Security Architecture and Engineering – Part 1: How to become an All-Round Defender - the Secret Sauce | Ismael Valenzuela, Justin Henderson | |
| Thursday, March 28, 2019 at 9:30 AM EDT (2019-03-28 13:30 UTC) | Best Practices for Network Security Resilience | Ixia | Jon Oltsik, Keith Bromley |
| Wednesday, March 27, 2019 at 11:00 AM EDT (2019-03-27 15:00 UTC) | Taming the Endpoint Chaos Within: A Review of Panda Security Adaptive Defense 360 | Panda Security | Justin Henderson, James Manning |
| Tuesday, March 26, 2019 at 1:00 PM EDT (2019-03-26 17:00 UTC) | Security Gets Smart with AI: A SANS Survey | Cylance | G.W. Ray Davidson, PhD, Barbara Filkins, Bret Lenmark |
| Monday, March 25, 2019 at 1:00 PM EDT (2019-03-25 17:00 UTC) | Playing Moneyball in Cybersecurity | Unisys | Matt Soderlund |
| Friday, March 22, 2019 at 2:00 PM EDT (2019-03-22 18:00 UTC) | Empowering Incident Response via Automation | Cisco Systems Inc. | Matt Bromiley |
| Thursday, March 21, 2019 at 3:30 PM EDT (2019-03-21 19:30 UTC) | Alternative Network Visibility Strategies for an Encrypted World | Corelight | Gregory Bell, Matt Bromiley |
| Thursday, March 21, 2019 at 1:00 PM EDT (2019-03-21 17:00 UTC) | What's Next in Automation Support: Part 2 of the SANS Automation and Integration Survey | D3 Security LogRhythm Mcafee LLC Swimlane ThreatConnect | Barbara Filkins, Matt Bromiley, Emily Laufer, Nick Tausek |
| Thursday, March 21, 2019 at 10:30 AM EDT (2019-03-21 14:30 UTC) | 2018 Holiday Hack Challenge Winner Announcement and More! | Ed Skoudis, Joshua Wright | |
| Wednesday, March 20, 2019 at 3:30 PM EDT (2019-03-20 19:30 UTC) | Osquery: A Modern Approach to CSIRT Analytics | Uptycs | Dave Shackleford, Milan Shah |
| Wednesday, March 20, 2019 at 10:30 AM EDT (2019-03-20 14:30 UTC) | Hiding in Plain Sight: Dissecting Popular Evasive Malware Techniques | VMRay | Jake Williams, Rohan Viegas, Tamas Boczan |
| Tuesday, March 19, 2019 at 1:00 PM EDT (2019-03-19 17:00 UTC) | The State of Automation/Integration Practice: Part 1 of the SANS Automation and Integration Survey | D3 Security LogRhythm Mcafee LLC Swimlane ThreatConnect | Barbara Filkins, Matt Bromiley, Dan Cole, Stan Engelbrecht, Darren Thomas |
| Monday, March 18, 2019 at 1:00 PM EDT (2019-03-18 17:00 UTC) | Securing Your Endpoints with Carbon Black: A SANS Review of the CB Predictive Security Cloud Platform | Carbon Black | Dave Shackleford, Tristan Morris |
| Friday, March 15, 2019 at 1:00 PM EDT (2019-03-15 17:00 UTC) | How to Automate Compliance and Risk Management for Cloud Workloads | AWS Marketplace | Matt Bromiley, David Aiken |
| Thursday, March 14, 2019 at 10:30 AM EDT (2019-03-14 14:30 UTC) | USBs Behaving Badly - How to Control USB Usage in Operational Networks | Honeywell International | Sam Wilson, Matt Wiseman |
| Wednesday, March 13, 2019 at 1:00 PM EDT (2019-03-13 17:00 UTC) | Overcoming Obstacles to Secure Multi-cloud Access | Pulse Secure | Rajoo Nagar, John Pescatore |
| Tuesday, March 12, 2019 at 1:00 PM EDT (2019-03-12 17:00 UTC) | Maximizing SOC Effectiveness and Efficiency with Integrated Operations and Defense | NETSCOUT Systems, Inc. | John Pescatore, Arabella Hallawell |
| Monday, March 11, 2019 at 1:00 PM EDT (2019-03-11 17:00 UTC) | Purple Kerberos: Current attack strategies & defenses | Erik Van Buggenhout | |
| Thursday, March 07, 2019 at 3:30 PM EST (2019-03-07 20:30 UTC) | Investigating WMI Attacks | Chad Tilbury | |
| Wednesday, March 06, 2019 at 1:00 PM EST (2019-03-06 18:00 UTC) | The State of Kubernetes Security | Aqua Security Inc. | Liz Rice |
| Tuesday, March 05, 2019 at 1:00 PM EST (2019-03-05 18:00 UTC) | SOF-ELK(R): A Free, Scalable Analysis Platform for Forensic, Incident Response, and Security Operations | Philip Hagen | |
| Friday, March 01, 2019 at 1:00 PM EST (2019-03-01 18:00 UTC) | Taking SIEM to the Cloud: A SANS Review of Securonix Next-Gen SIEM | Securonix | Nitin Agale, Dave Shackleford |
| Thursday, February 28, 2019 at 3:30 PM EST (2019-02-28 20:30 UTC) | NIST Recommendations for ICS & IIoT Security | CyberX | Phil Neray, Michael Powell, Jim McCarthy, Tim Zimmerman |
| Wednesday, February 27, 2019 at 1:00 PM EST (2019-02-27 18:00 UTC) | Improving Detection and Understanding the Adversary with Deception Technology | TrapX Security | Matt Bromiley, Ori Bach |
| Tuesday, February 26, 2019 at 1:00 PM EST (2019-02-26 18:00 UTC) | 72-Hours-to-Disclose Survival Guide: Accurate Scoping and Impact Assessment of Breaches | ExtraHop | John Matthews, John Pescatore |
| Friday, February 22, 2019 at 1:00 PM EST (2019-02-22 18:00 UTC) | Top 10 Writing Mistakes in Cybersecurity and How You Can Avoid Them | Lenny Zeltser | |
| Thursday, February 21, 2019 at 3:30 PM EST (2019-02-21 20:30 UTC) | Leveraging MITRE ATT&CK and ATT&CK Navigator | Erik Van Buggenhout | |
| Thursday, February 21, 2019 at 1:00 PM EST (2019-02-21 18:00 UTC) | Prioritizing Security Operations in the Cloud through the Lens of the NIST Framework | AWS Marketplace | John Pescatore, David Aiken |
| Wednesday, February 20, 2019 at 1:00 PM EST (2019-02-20 18:00 UTC) | Identifying Emerging Threats with Security Analytics | AlphaSOC, Inc. | Chris McNab |
| Tuesday, February 19, 2019 at 1:00 PM EST (2019-02-19 18:00 UTC) | Modern AppSec Tools for Modern AppSec Problems: A Practical Introduction to the Next-Gen WAF | ThreatX | Kelly Brazil |
| Monday, February 18, 2019 at 1:00 PM EST (2019-02-18 18:00 UTC) | The SANS ICS Summit 2019 and What to Expect | Tim Conway, Robert M. Lee, Michael Assante | |
| Thursday, February 14, 2019 at 1:00 PM EST (2019-02-14 18:00 UTC) | Dispelling GDPR Myths: Avoid the Compliance Trap, Make Real Security/Privacy Gains | Brian Honan, John Pescatore, Gal Shpantzer, Mark Weatherford | |
| Wednesday, February 13, 2019 at 3:30 PM EST (2019-02-13 20:30 UTC) | MITRE ATT&CK and Sigma Alerting | Justin Henderson, John Hubbard | |
| Wednesday, February 13, 2019 at 1:00 PM EST (2019-02-13 18:00 UTC) | Challenges we face, repeatedly | BTB Security | Dave Shackleford, Ron Schlecht, Jr. |
| Tuesday, February 12, 2019 at 3:30 PM EST (2019-02-12 20:30 UTC) | Offensive WMI | Tim Medin | |
| Monday, February 11, 2019 at 9:00 PM EST (2019-02-12 02:00 UTC) | Dealing with Remote Access to Critical ICS Infrastructure | Justin Searle | |
| Friday, February 08, 2019 at 10:30 AM EST (2019-02-08 15:30 UTC) | SANS Automation & Integration Security Briefing: SOARing to New Heights - Using Orchestration & Automation Tools in the Way They're Intended | Swimlane DomainTools Amazon Web Services, Inc. Siemplify Anitian RedCanary DFLabs | Chris Crowley |
| Thursday, February 07, 2019 at 1:00 PM EST (2019-02-07 18:00 UTC) | CTI Tools, Usage and a Look Ahead: Part 2 of the 2019 SANS Cyber Threat Intelligence Survey | Anomali DomainTools IntSights RecordedFuture ThreatQuotient | Rebekah Brown, Jonathan Couch, Nicholas Hayden |
| Tuesday, February 05, 2019 at 1:00 PM EST (2019-02-05 18:00 UTC) | CTI Requirements and Inhibitors: Part 1 of the 2019 SANS Cyber Threat Intelligence Survey | Anomali DomainTools IntSights RecordedFuture ThreatQuotient | Robert M. Lee, Nick Hayes, Helen Johnson, Allan Liska |
| Thursday, January 31, 2019 at 1:00 PM EST (2019-01-31 18:00 UTC) | Best Practices to Get You CloudFit- 12 AWS Best Practices for Cloud Security | Palo Alto Networks | John Martinez, Matt Bromiley |
| Thursday, January 24, 2019 at 1:00 PM EST (2019-01-24 18:00 UTC) | Remediating Threats by Bridging Islands of Security | Infoblox | John Pescatore, Chintan Udeshi |
| Wednesday, January 23, 2019 at 12:30 PM EST (2019-01-23 17:30 UTC) | Enterprise Security with a Fluid Perimeter | Aruba Networks | Matt Bromiley, Larry Lunetta |
| Wednesday, January 23, 2019 at 10:30 AM EST (2019-01-23 15:30 UTC) | Network Visualizations: Understand what's happening faster and easier than ever! | Mick Douglas | |
| Tuesday, January 22, 2019 at 1:00 PM EST (2019-01-22 18:00 UTC) | Malicious or Negligent? How to Understand User Intent to Stop Data Exfiltration | ObserveIT | Brad Green, John Pescatore |
| Monday, January 21, 2019 at 9:00 PM EST (2019-01-22 02:00 UTC) | The Hitchhiker’s Guide to Evidence Sources | Nick Klein | |
| Thursday, January 17, 2019 at 3:30 PM EST (2019-01-17 20:30 UTC) | Using Data Science to Secure Cloud Workloads | Cylance | Mikkel Hansen, Aaron Bryson |
| Thursday, January 17, 2019 at 1:00 PM EST (2019-01-17 18:00 UTC) | Falcon and the MITRE ATT&CK Framework – Better Together; Feature Update | CrowdStrike, Inc. | Ken Warren |
| Wednesday, January 16, 2019 at 3:30 PM EST (2019-01-16 20:30 UTC) | Lessons learned after Hundreds of Breach Investigations | Cisco Systems Inc. | Robert Reyes, Gerard Johansen, Jake Williams |
| Wednesday, January 16, 2019 at 1:00 PM EST (2019-01-16 18:00 UTC) | Breaking Bad Bots - The New #1 Threat and How to Stop Them | Cequence | Shreyans Mehta, Franklyn Jones |
| Friday, January 11, 2019 at 3:30 PM EST (2019-01-11 20:30 UTC) | 24/7 CTI: Operationalizing Cyber Threat Intelligence | Xena Olsen | |
| Wednesday, January 09, 2019 at 3:30 PM EST (2019-01-09 20:30 UTC) | Assumption of a breach: How a new notion can help protect your enterprise | Tim Medin | |
| Tuesday, January 08, 2019 at 1:00 PM EST (2019-01-08 18:00 UTC) | Defeating Attackers with Preventive Security | VMWare, Inc | Dave Shackleford, Alex Berger |
Note to Vendors:If you are interested in sponsoring a future SANS Webcast, contact our vendor team today.
