| Date (in UTC) |
Title |
Sponsor |
Speaker |
| Nov 21, 2019 | Maximizing Threat Hunting Efficiency with Automated Queries | Eric Hulse, Daniel Bates |
| Nov 21, 2019 | Beyond detection: An Exploration of Key Pillars of the Next-gen SIEM | Jason Mical, Justin Henderson |
| Nov 20, 2019 | OUTPERFORM the adversary with tactical decision-making and rapid response | Craig Harber, Dave Shackleford |
| Nov 20, 2019 | Threat Intelligence Driven Detect and Response Operations | Jacob Williams, Daniel Clayton, Ryan Moon |
| Nov 19, 2019 | Someone to Watch Over You: A Review of CrowdStrikes Falcon OverWatch | Joe Sullivan, Scott Taschler |
| Nov 18, 2019 | A Blueprint for Designing a New Security Perimeter | Bob Gilbert |
| Nov 15, 2019 | SANS Dark Web Solutions Forum - Illuminating the Dark Web: Harvesting and Using OSINT Data from Dark Web Resources | Micah Hoffman |
| Nov 14, 2019 | Hiring and retaining for the SOC: Recruit, Train, and Retain Talented and Dedicated Staff | Chris Crowley |
| Nov 14, 2019 | How to Perform a Security Investigation in AWS | Kyle Dickinson, David Aiken |
| Nov 13, 2019 | Taming Linux for Enterprise Security | Matt Bromiley, John Brunn, Brian Gladstein |
| Nov 13, 2019 | SOARing beyond aggregation: How to achieve meaningful correlation and prioritization of security alerts and actions | Nick Tausek, Jake Williams |
| Nov 12, 2019 | SEC588: Cloud Penetration Testing. What is it? What's different, and why? | Moses Frost |
| Nov 12, 2019 | Building on ICS Security BasicsWhats Next? | Matthew Luallen, Kristen Poulos, Joseph Blankenship |
| Nov 12, 2019 | Successful Infosec Consulting: Lessons from Three Decades in The Field | Ted Demopoulos |
| Nov 8, 2019 | Lessons from the Trenches: Implementing Zero Trust Data Centers in the Real World | Dave Karp, Chase Cunningham |
| Nov 8, 2019 | Whats New in SEC575: Mobile Device Security and Ethical Hacking | Erik Van Buggenhout, Jeroen Beckers |
| Nov 7, 2019 | Data Governance: What Dark secrets lurk in your Salesforce instance? | Pete Thurston, Dave Shackleford |
| Nov 7, 2019 | What Works in SOC/NOC Integration: Improving Time to Detect, Respond and Contain with ExtraHop Reveal(x) | John Pescatore, Mitch Roberson |
| Nov 7, 2019 | Evade Me If You Can: Unmasking Context-Aware Malware | Brandon McCrillis, Tamas Boczan |
| Nov 6, 2019 | Evaluating Network Traffic Analysis Systems Requirements and Challenges | David Pearson, Kevin Tolly |
| Nov 6, 2019 | Hear me SOAR - Using Elastic, ElastAlert and TheHive in an effective purple team pipeline | |
| Nov 5, 2019 | Interested in Smartphone Forensics? | Domenica Crognale |
| Oct 30, 2019 | Threat Hunting for New and Experienced Hunters: Panel Discussion of the SANS 2019 Threat Hunting Survey | Mathias Fuchs, Joshua Lemon, Matt Cauthorn, Alex Valdivia, Taylor Wilkes-Pierce |
| Oct 30, 2019 | Securing Your Modern Data Center | Christer Swartz, Dave Shackleford |
| Oct 30, 2019 | Attacking and Defending Cloud Metadata Services | Eric Johnson |
| Oct 29, 2019 | SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters | Mathias Fuchs, Joshua Lemon |
| Oct 29, 2019 | Real World Challenges for PCI Compliant Containers | Tim Buntel, John Pescatore, Katie Paugh |
| Oct 28, 2019 | Human Fingerprints in Malware and their Use in Cyber Threat Intelligence | Robert M. Lee, Tobias Johansson |
| Oct 25, 2019 | Have You Taken The \"Endpoint Blue Pill\"? Debunking The Endpoint Protection Myth. | Justin Henderson, Ismael Valenzuela |
| Oct 24, 2019 | Successful Infosec Consulting 101 | Ted Demopoulos |
| Oct 24, 2019 | Untapped Potential: Getting the most out of your SIEM | Justin Henderson, John Hubbard |
| Oct 23, 2019 | Modern Web Application Penetration Testing Part 1, XSS and XSRF Together | Adrien de Beaupré |
| Oct 23, 2019 | Lessons Learned from Over a Thousand Threat Hunting Workshops | Brandon Newport |
| Oct 23, 2019 | JumpStart Guide to Security Investigations and Posture Management in Amazon Web Services | Kyle Dickinson, Tim Jefferson, David Aiken |
| Oct 22, 2019 | Are you prepared for a Ransomware Attack? | Peter Romness, John Pescatore |
| Oct 22, 2019 | Converged Threat and Performance Management Listen to Your Network! | Ward Cobleigh, John Pescatore |
| Oct 22, 2019 | Are Your Security Controls Yesterday's News? | Matt Bromiley, Eyal Ahraoni |
| Oct 21, 2019 | Windows User Enumeration, Living off the land | Dale Hobbs |
| Oct 18, 2019 | SANS Cloud Security Operations Solutions Forum | |
| Oct 17, 2019 | How Attackers Exploit Office 365 Vulnerabilities | John Pescatore, Jeff Melnick |
| Oct 17, 2019 | Power up your Security Operations Centers human capital with the new SEC450 Part 2 - Blue Team FundamentalsFinding and training the right people! | John Hubbard |
| Oct 15, 2019 | Launching APOLLO - Creating a Simple Tool for Advanced Forensic Analysis | Sarah Edwards |
| Oct 15, 2019 | Pivotal Platform - Getting Started with Native Runtime Protection for PAS | Bryan Morrow, Dave Shackleford |
| Oct 15, 2019 | How to Inject Security Into Your Software Development Life Cycle - Close Security Gaps in Your Software Supply Chain Through Automation and Deep Analysis | |
| Oct 10, 2019 | Improve Network Security with Application Intelligence | Christophe Olivier, Sarah Gross |
| Oct 10, 2019 | How to Secure App Pipelines in AWS | Dave Shackleford, David Aiken |
| Oct 7, 2019 | When Hacking Becomes Deadly InfoSec in the Age of Connected Medical Devices | Kenneth May |
| Oct 4, 2019 | Manage Vulnerabilities through the Software Lifecycle: How to Enable Secure DevOps | Brandon Helms, Andrei Bezdedeanu |
| Oct 3, 2019 | IT, OT, and IOT Oh, My! Learn to See and Secure It All | Tim Jones, Dennis Carpio |
| Oct 3, 2019 | Red, Blue and Purple Teams: Combining Your Security Capabilities for the Best Outcome | Chris Dale, Bobby Kuzma |
| Oct 2, 2019 | Dominating the Active Directory | Erik Van Buggenhout |
| Oct 2, 2019 | How to Effectively Use Segmentation and Microsegmentation | Dave Shackleford, Nick Furman |
| Oct 1, 2019 | Demystifying The Hunt: How to Assess Your Threat Hunting Readiness and Prepare for the Next Step | Gary Fisk, Fayyaz Rajpari, Matt Bromiley |
| Oct 1, 2019 | ExtraHop Reveal(x) Expands Attack Investigations to Cover All Vectors | Dave Shackleford, Tom Stitt |
| Sep 30, 2019 | The perils and perks of cloud access security | David Hazar |
| Sep 27, 2019 | Vulnerability Management Vendor Briefing: Decreasing the Attack Surface with Effective Vulnerability Management | Matt Bromiley |
| Sep 26, 2019 | NetOps and SecOps: Cant We All Just Get Along?" | Scott Register, Ryan Davis |
| Sep 26, 2019 | Speaking the Language of the Board | |
| Sep 26, 2019 | Learn about the New SIEM Poster - Architecture, Enrichment, and More | Justin Henderson |
| Sep 25, 2019 | Threat Hunting in the Cloud: Time for a Power-Up? | Ben Johnson |
| Sep 25, 2019 | Effectively Addressing Advanced Threats | Matt Bromiley, Lauren Horaist |
| Sep 25, 2019 | Lights Out: Inside the Mind of a Utility Hacker | Joseph Carson |
| Sep 24, 2019 | A Principal Control Engineer's Perspective on Defending Energy Utilities from IoT/ICS Attacks | Henry Sierk |
| Sep 24, 2019 | The DNS Privacy Debate, Explained: Making the Right Choice between DNS over TLS and DNS over HTTPS | Paul Adair, Dave Shackleford |
| Sep 24, 2019 | Jumpstart Guide to Application Security in the Cloud | Nathan Getty, Aidan Walden, Nam Le |
| Sep 23, 2019 | Elevating Enterprise Security with Fidelis Cybersecurity: Endpoint Security Capabilities | Matt Bromiley, Gerald Mancini |
| Sep 20, 2019 | Hacking Your Way to Business Knowledge | Kevin Garvey |
| Sep 20, 2019 | Easing Into Consulting; Consulting on The Side & Other Approaches | Ted Demopoulos |
| Sep 19, 2019 | Modern Threat Hunting And Response: How TTPs Are Changing The Game | Orion Cassetto, Trevor Daughney |
| Sep 19, 2019 | Live Webinar: Micro-Segmentation for Network Security Strategy to Execution | Avishai Wool, Dave Shackleford |
| Sep 18, 2019 | Yes, IT and OT Are Converging. So How Does This Affect Compliance? | Don C. Weber |
| Sep 17, 2019 | Elevating Enterprise Security with Fidelis Cybersecurity: Network and Deception | Matt Bromiley, Gerald Mancini |
| Sep 17, 2019 | Power up your Security Operations Center with the new SEC450 Part 1 - Blue Team FundamentalsCreating an on-ramp for new defenders! | John Hubbard |
| Sep 16, 2019 | Keeping the Technical in Technical Management | Kevin Garvey |
| Sep 12, 2019 | How to Build a Threat Detection Strategy in AWS | David Szili, David Aiken |
| Sep 10, 2019 | Success Patterns for Supply Chain Security | John Pescatore |
| Sep 10, 2019 | Advanced Zeek Usage: Scripting and Framework | David Szili |
| Sep 9, 2019 | Enabling KAPE at Scale | Mark Hallman |
| Sep 5, 2019 | How to accelerate your cyber security career | Stephen Sims |
| Sep 3, 2019 | The State of Malware Analysis: Advice from the Trenches | Jim Clausing, Evan Dygert, Anuj Soni, Jake Williams, Lenny Zeltser |
| Sep 3, 2019 | Getting the Knack of ATT&CK | Bob Rudis |
| Aug 29, 2019 | Don't Open These-- The Five Most Dangerous File Types | Dave Shackleford, Erik Yunghans, John Harrison |
| Aug 29, 2019 | BloxOne Threat Defense: Strengthening and Optimizing Your Security Posture from the Foundation Up | Srikrupa Srivatsan, Dave Shackleford |
| Aug 29, 2019 | New hosted course: ICS Cybersecurity for Managers | Doug Wylie, Paul Rostick, John Cusimano |
| Aug 28, 2019 | More Super Practical Blue Tips, Tools, and Lessons Learned from Team-Based Training: Coordinating Hand-Offs, Your Buddy RITA, and Microsoft Message Analyzer FOR THE WIN! | Ed Skoudis, Joshua Wright |
| Aug 28, 2019 | JumpStart Guide for Security Information and Event Management (SIEM) in AWS | J. Michael Butler, David Aiken, Jay Austad |
| Aug 27, 2019 | The Cycle of Cyber Threat Intelligence | Katie Nickels |
| Aug 27, 2019 | Meet Your New Best Friend: DNS Security | Rachel Ackerly |
| Aug 27, 2019 | How to Identify Hidden & Destructive Objects in Your Environment | |
| Aug 26, 2019 | So you Wanna Start a TI Program | Christian Nicholson |
| Aug 22, 2019 | Purple Teaming: The Pen-Test Grows Up | Bryce Galbraith |
| Aug 21, 2019 | Kerberos & Attacks 101 | Tim Medin |
| Aug 21, 2019 | ICS 612 Practitioner focused Hands on cybersecurity | Tim Conway |
| Aug 21, 2019 | Leveraging OSINT for Better DFIR Investigations | Jeff Lomas, Micah Hoffman |
| Aug 20, 2019 | Focus On People, Process, and Technology to Take Your SOC to the Next Level | John Kitchen, John Pescatore |
| Aug 19, 2019 | Legacy Authentication and Password Spray, Understanding and Stopping Attackers Favorite TTPs in Azure AD | Mark Morowczynski, Ramiro Calderon |
| Aug 15, 2019 | The Beginners Guide to Applying Machine Learning to Incident Response | Dave Shackleford |
| Aug 14, 2019 | Stop Letting Security Fail. Identify the True Problem | Ian McShane, Matt Bromiley |
| Aug 14, 2019 | Practical tips to build a successful purple team | Erik Van Buggenhout |
| Aug 13, 2019 | Triage Collection and Timeline Analysis with KAPE | Mari DeGrazia |
| Aug 13, 2019 | Visibility for Incident Response: A Review of Forescout 8.1 | Don Murdoch, Sandeep Kumar |
| Aug 8, 2019 | SANS Introduction to Python Course | Mark Baggett |
| Aug 8, 2019 | How to Protect Enterprise Systems with Cloud-Based Firewalls | Kevin Garvey, David Aiken |
| Aug 8, 2019 | Neighborhood Keeper: A Collaborative Initiative for Our ICS Community | Robert M. Lee, Tim Conway, Matt Bodman |
| Aug 7, 2019 | The Age of Autonomous Breach Protection: Prepare, confront and Respond to Cyberthreats Across the Entire Environment | Yiftach Keshet, Dave Shackleford |
| Aug 7, 2019 | A Ghidra Test Drive | Jim Clausing |
| Aug 6, 2019 | Backstory + VirusTotal: How to get the most out of your security data | Matt Bromiley |
| Aug 5, 2019 | Security Inside the Perimeter with VMware | Arjun Narang |
| Aug 2, 2019 | ATT&CKing your Enterprise: Adversary Detection Pipelines & Adversary Simulation | Xena Olsen, Ben Goerz |
| Aug 2, 2019 | Integrated Incident Response: A Panel Discussion about the SANS 2019 IR Survey | John Smith, Corin Imai, Matt Bromiley |
| Aug 2, 2019 | Hunting LOLBin Activity with Process Memory | Alissa Torres |
| Aug 1, 2019 | Integrated Incident Response: A SANS Survey | Matt Bromiley |
| Jul 31, 2019 | JumpStart Guide to Cloud-Based Firewalls in AWS | Brian Russell, Anthony Tanzi, David Aiken |
| Jul 30, 2019 | URL Filtering Best Practices-- Making Your Web Security Policy Work for You | Dave Shackleford, Suzanne VanPatten, Kelvin Kwan |
| Jul 29, 2019 | Is Your Plant Cyber Resilient? Next Steps to Achieving Safe and Secure Plant Operation | Camilo Gomez, Barbara Filkins |
| Jul 25, 2019 | A Cyber-First Approach to Disaster Recovery | Darren Mar-Elia, John Pescatore |
| Jul 25, 2019 | A BEAST and a POODLE celebrating SWEET32 | Bojan Zdrnja |
| Jul 25, 2019 | The Global Privacy Law Imperative | Benjamin Wright, Grace Chong |
| Jul 24, 2019 | Rethinking Vulnerability Management | Kevin Garvey |
| Jul 23, 2019 | Tips, Tricks, and Cheats Gathered from Red vs. Blue Team-Based Training | Ed Skoudis, Joshua Wright |
| Jul 22, 2019 | UNDERSTANDING THE FORENSIC SCIENCE IN DIGITAL FORENSICS | Jason Jordaan |
| Jul 18, 2019 | How to Build an Endpoint Security Strategy in AWS | Thomas Banasik, David Aiken |
| Jul 17, 2019 | You can rest easy when protecting REST APIs | Jason Lam |
| Jul 11, 2019 | Common and Best Practices for Security Operations Centers: Panel Discussion | Christopher Crowley, Jody Caldwell, Jeff Costlow, Steve Salinas |
| Jul 11, 2019 | Managed Security Services for OT Networks Simplifying Your OT Security Journey | Ilan Barda |
| Jul 10, 2019 | The Critical Security Controls and Some Recent Data Breaches | |
| Jul 10, 2019 | Common and Best Practices for Security Operations Centers: Results of the 2019 SOC Survey | Christopher Crowley |
| Jul 9, 2019 | Simplify Your Office 365 Migration | Sibrina Subedar, Brandon Helms |
| Jul 9, 2019 | Leveraging Your SIEM to Implement Security Best Practices | |
| Jul 3, 2019 | Effective Threat Hunting | Chris Dale |
| Jul 3, 2019 | Leading Change for CISOs | Lance Spitzner |
| Jul 1, 2019 | Adversaries have goals too! | |
| Jun 28, 2019 | Next-Gen Vulnerability Management: Clarity, Consistency, and Cloud | David Hazar |
| Jun 28, 2019 | Why Traditional EDR Is Not Working--and What to Do About It | Jake Williams, Ismael Valenzuela |
| Jun 27, 2019 | Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks | Sandeep Lota, Dean Parsons |
| Jun 27, 2019 | Hitting the Silent Alarm on Banking Trojans | Jacob Williams, Rohan Viegas, Tamas Boczan |
| Jun 26, 2019 | Practical Approach to Vendor Risk Management & Data Privacy | Norman Levine |
| Jun 26, 2019 | Malicious Bots: How they became #1 New Threat and How to Stop Them | Arif Husain |
| Jun 26, 2019 | Gaining Complete Visibility of Your Environment with Attack Surface Monitoring | Jon Hart, Tori Sitcawich |
| Jun 25, 2019 | Cloud Data Protection | Mark Geeslin |
| Jun 25, 2019 | Building and Maturing Your Threat Hunt Program | David Szili |
| Jun 25, 2019 | JumpStart Guide for Endpoint Security in AWS | David Hazar, Joe Vadakkan, David Aiken |
| Jun 24, 2019 | Live from the Security Operations Summit: Rethinking the SOC for Long-Term Success & 2019 SANS SOC Survey Preview | John Hubbard, Chris Crowley |
| Jun 24, 2019 | Addressing Consumer Safety Concerns With Zero Trust Security | Chris Kloes |
| Jun 21, 2019 | Web App Testing 101 - Getting the Lay of the Land | Mike Saunders |
| Jun 20, 2019 | How To Increase MITRE ATT&CK Coverage with Network Traffic Analysis | Chris Crowley, John Smith |
| Jun 20, 2019 | Bolster your Cyber Terrain with Endpoint Forensics | Alissa Torres, Justin Swisher |
| Jun 19, 2019 | Converging OT and IT Networks: Where and How to Evolve ICS for Security | Barbara Filkins, Doug Wylie, Ilan Barda, Camilo Gomez, Kim Legelis |
| Jun 19, 2019 | SANS FedRAMP Technology Workshop | John Pescatore |
| Jun 18, 2019 | Managing the Insider Threat: Why Visibility Is Critical | Sai Chavali, John Pescatore |
| Jun 18, 2019 | Increasing Visibility with Ixia's Vision ONE | Serge Borso, Taran Singh |
| Jun 14, 2019 | DDI data a Critical Enabler of SOAR | Srikrupa Srivatsan, Dave Shackleford |
| Jun 14, 2019 | Five Keys for Successful Vulnerability Management | Jonathan Risto |
| Jun 13, 2019 | Authentication: It Is All About the User Experience | Matt Bromiley, Hormazd Romer |
| Jun 13, 2019 | How to Build a Data Protection Strategy in AWS | Dave Shackleford, David Aiken |
| Jun 12, 2019 | Using Zeek/Bro To Discover Network TTPs of MITRE ATT&CK​ | Richard Bejtlich, James Schweitzer |
| Jun 12, 2019 | SANS 2019 State of OT/ICS Cybersecurity Survey | Jason Dely, Barbara Filkins, Doug Wylie |
| Jun 12, 2019 | Cybersecurity Frameworks for CISOs | Frank Kim |
| Jun 11, 2019 | The 20 Critical Security Controls: From Framework to Operational to Implementation | Randy Marchany |
| Jun 10, 2019 | ICS Active Defense Primer | Kai Thomsen |
| Jun 7, 2019 | SIEM as Alexa How Natural Language Processing Can Transform Your Cyber Security Experience | Dave Shackleford, Avi Chesla |
| Jun 6, 2019 | Missing Information About Security Misconfiguration? Explore this often-used vulnerability category through data from 1000+ pentests | John Pescatore, Joe Sechman |
| Jun 5, 2019 | Power up your Security Operations Centers human capital with the new SEC450 Part 2 - Blue Team FundamentalsFinding and training the right people! | John Hubbard |
| Jun 5, 2019 | How SOC Superheroes Win | Salvatore Sinno, Ismael Cervantes |
| Jun 4, 2019 | Lessons From the Front Lines of AppSec: Analysis of real-world attacks from 2019 and best practices for dealing with them | Chris Brazdziunas, Will Woodson |
| Jun 4, 2019 | The Future of Authentication: How Two Factor Authentication is Dying and Whats Next | Johannes Ullrich, PhD |
| May 30, 2019 | Secure Kubernetes Application Delivery | Andrew Martin |
| May 29, 2019 | Fileless Malware Fun | Hal Pomeranz |
| May 28, 2019 | Cloud Security Automation: Monitoring and Operations | Frank Kim |
| May 28, 2019 | Streamlining Your Security Process with Orchestration & Automation | |
| May 24, 2019 | IoT vulnerability and security is the next frontier | Lee Reiber |
| May 24, 2019 | Defensible Security Architecture and Engineering Part 3: Protect your Lunch Money Keeping the Thieves at Bay | Ismael Valenzuela, Justin Henderson |
| May 23, 2019 | What Real-World Attacks Look Like and How to Stop Them in Their Tracks | Dave Shackleford, Brian Johnson |
| May 22, 2019 | Actionable IT/OT end point protection to: detect, contain, and respond to limit ICS cyber threats | Ron Brash |
| May 22, 2019 | SEC599: Defeating Advanced Adversaries Discover whats NEW in Purple Team.Latest course updates! | Erik Van Buggenhout |
| May 21, 2019 | Passive Isn't Good Enough: Moving into Active EDR | Justin Henderson, Migo Kedem |
| May 15, 2019 | Power up your Security Operations Center with the new SEC450 Part 1 - Blue Team Fundamentals: Creating an on-ramp for new defenders! | John Hubbard |
| May 15, 2019 | Vetting Your Intel - Techniques and Tools for False Positive Analysis | Robert M. Lee, Tarik Saleh |
| May 15, 2019 | Web application defense Use headers to make pentesters job difficult | Jason Lam |
| May 14, 2019 | Hacking without Domain Admin | Tim Medin, Mike Saunders |
| May 13, 2019 | Not sure that you need OT Cybersecurity? A Sentryo Assessment can quickly provide the data and guidance that you need. | Tim Conway, Michael Thompson, Bob Foley, Fayce Daira |
| May 9, 2019 | How to Secure a Modern Web Application in AWS | Shaun McCullough, David Aiken |
| May 8, 2019 | Gaining a Decisive Advantage Through Terrain Based Cyber Defense | Craig Harber, Rami Mizrahi |
| May 7, 2019 | The State of Cloud Security: Panel Discussion | Dave Shackleford, Jim Reavis, Pawan Shankar, Eric Thomas |
| May 7, 2019 | Terraforming Azure: not as difficult as planets | David Hazar |
| May 2, 2019 | Rethinking Your Global Security Platform | Matt Bromiley, Brandon Levene |
| May 2, 2019 | How Effective is Your WAF Protection? - Metrics & Key Considerations | Chris Brazdziunas, Will Woodson |
| May 2, 2019 | From Seizure to Actionable Intelligence in 90 Minutes or Less | Kevin Ripa |
| May 1, 2019 | Sharing Alerts and Threat Intelligence with MISP | Justin Henderson, John Hubbard |
| May 1, 2019 | The State of Cloud Security: Results of the SANS 2019 Cloud Security Survey | Dave Shackleford, Jim Reavis |
| May 1, 2019 | A CISO's Perspective on Presenting OT Risk to the Board | Ilan Abadi, Daniel Shugrue |
| Apr 30, 2019 | The Future of Phishing: Its all about your customers | Dave Shackleford, Elad Schulman |
| Apr 30, 2019 | What Are Fileless Attacks and How Can You Stop Them? | |
| Apr 30, 2019 | Defensible Security Architecture and Engineering Part 2: Thinking Red, Acting Blue Mindset & Actions | Ismael Valenzuela, Justin Henderson |
| Apr 24, 2019 | Take Back Control of Your DNS Traffic | Dave Shackleford |
| Apr 24, 2019 | Why Your Vulnerability Management Strategy Is Not Working and What to Do About It | Brandon Helms, Eric Olson |
| Apr 23, 2019 | Delivering Infrastructure, Security and Operations as Code across Multi-cloud Environments | Vinay Venkataraghavan, Matt Bromiley |
| Apr 19, 2019 | SANS Top New Attacks and Threat Report | John Pescatore |
| Apr 18, 2019 | New Year, Same Magecart: The Continuation of Web-based Supply Chain Attacks | Yonathan Klijnsma, Dave Shackleford |
| Apr 18, 2019 | Resolved: How to protect your organization when your perimeter fails | Tom Gillis, John Pescatore |
| Apr 17, 2019 | Simplifying Application Security with Software-Defined Security | Matt De Vincentis, Dave Shackleford |
| Apr 16, 2019 | Cryptojacking - What is it? Where is it? How to protect against it? | Brandon Helms, Brian McMahon |
| Apr 11, 2019 | How to Automate Compliance Gaps for Public Cloud | Vikram Varakantam, John Pescatore |
| Apr 11, 2019 | How to Build a Security Visibility Strategy in the Cloud | Dave Shackleford, David Aiken |
| Apr 10, 2019 | Alert Investigations in the SOC - Building Your Workflow | Justin Henderson, John Hubbard |
| Apr 10, 2019 | Vulnerability Practices of Tomorrow: Part 2 of the SANS Vulnerability Management Survey Results | Andrew Laman, David Hoelzer, Gaurav Banga, Nate Dyer |
| Apr 10, 2019 | Purple PowerShell: Current attack strategies & defenses | Erik Van Buggenhout |
| Apr 9, 2019 | Cloud Security and DevOps Automation: Keys for Modern Security Success | Eric Johnson |
| Apr 9, 2019 | Current State of Vulnerability Management: Part 1 of the SANS Vulnerability Management Survey Results | Andrew Laman, David Hoelzer, RJ Gazarek, Michael Rosen |
| Apr 9, 2019 | Next-Gen Vulnerability Management: Clarity, Consistency, and Cloud | David Hazar |
| Apr 8, 2019 | The Cyber Kill Chain and MobileIron Threat Defense | James Saturnio, Ilya Geller |
| Apr 3, 2019 | The Foundation of Continuous Host Monitoring | Matt Bromiley, JJ Cranford |
| Apr 2, 2019 | Vulnerability Management for the Enterprise and Cloud | Jonathan Risto |
| Apr 2, 2019 | Building a Zero Trust Model in the Cloud with Microsegmentation | John Kindervag, Salvatore Sinno |
| Apr 2, 2019 | All Your Data Belongs to Us: How to Defend Against Credential Stuffing | Johannes Ullrich, PhD |
| Mar 29, 2019 | Defensible Security Architecture and Engineering Part 1: How to become an All-Round Defender - the Secret Sauce | Ismael Valenzuela, Justin Henderson |
| Mar 28, 2019 | Best Practices for Network Security Resilience | Jon Oltsik, Keith Bromley |
| Mar 27, 2019 | Taming the Endpoint Chaos Within: A Review of Panda Security Adaptive Defense 360 | Justin Henderson, James Manning |
| Mar 26, 2019 | Security Gets Smart with AI: A SANS Survey | G.W. Ray Davidson, PhD, Barbara Filkins, Bret Lenmark |
| Mar 25, 2019 | Playing Moneyball in Cybersecurity | Matt Soderlund |
| Mar 22, 2019 | Empowering Incident Response via Automation | Matt Bromiley |
| Mar 21, 2019 | Alternative Network Visibility Strategies for an Encrypted World | Gregory Bell, Matt Bromiley |
| Mar 21, 2019 | What's Next in Automation Support: Part 2 of the SANS Automation and Integration Survey | Barbara Filkins, Matt Bromiley, Emily Laufer, Nick Tausek |
| Mar 21, 2019 | 2018 Holiday Hack Challenge Winner Announcement and More! | Ed Skoudis, Joshua Wright |
| Mar 20, 2019 | Osquery: A Modern Approach to CSIRT Analytics | Dave Shackleford, Milan Shah |
| Mar 20, 2019 | Hiding in Plain Sight: Dissecting Popular Evasive Malware Techniques | Jake Williams, Rohan Viegas, Tamas Boczan |
| Mar 19, 2019 | The State of Automation/Integration Practice: Part 1 of the SANS Automation and Integration Survey | Barbara Filkins, Matt Bromiley, Dan Cole, Stan Engelbrecht, Darren Thomas |
| Mar 18, 2019 | Securing Your Endpoints with Carbon Black: A SANS Review of the CB Predictive Security Cloud Platform | Dave Shackleford, Tristan Morris |
| Mar 15, 2019 | How to Automate Compliance and Risk Management for Cloud Workloads | Matt Bromiley, David Aiken |
| Mar 14, 2019 | USBs Behaving Badly - How to Control USB Usage in Operational Networks | Sam Wilson, Matt Wiseman |
| Mar 13, 2019 | Overcoming Obstacles to Secure Multi-cloud Access | Rajoo Nagar, John Pescatore |
| Mar 12, 2019 | Maximizing SOC Effectiveness and Efficiency with Integrated Operations and Defense | John Pescatore, Arabella Hallawell |
| Mar 11, 2019 | Purple Kerberos: Current attack strategies & defenses | Erik Van Buggenhout |
| Mar 7, 2019 | Investigating WMI Attacks | Chad Tilbury |
| Mar 6, 2019 | The State of Kubernetes Security | Liz Rice |
| Mar 5, 2019 | SOF-ELK(R): A Free, Scalable Analysis Platform for Forensic, Incident Response, and Security Operations | Philip Hagen |
| Mar 1, 2019 | Taking SIEM to the Cloud: A SANS Review of Securonix Next-Gen SIEM | Nitin Agale, Dave Shackleford |
| Feb 28, 2019 | NIST Recommendations for ICS & IIoT Security | Phil Neray, Michael Powell, Jim McCarthy, Tim Zimmerman |
| Feb 27, 2019 | Improving Detection and Understanding the Adversary with Deception Technology | Matt Bromiley, Ori Bach |
| Feb 26, 2019 | 72-Hours-to-Disclose Survival Guide: Accurate Scoping and Impact Assessment of Breaches | John Matthews, John Pescatore |
| Feb 22, 2019 | Top 10 Writing Mistakes in Cybersecurity and How You Can Avoid Them | Lenny Zeltser |
| Feb 21, 2019 | Leveraging MITRE ATT&CK and ATT&CK Navigator | Erik Van Buggenhout |
| Feb 21, 2019 | Prioritizing Security Operations in the Cloud through the Lens of the NIST Framework | John Pescatore, David Aiken |
| Feb 20, 2019 | It's All About Scale! Succeeding in Enterprise Defense | Alissa Torres, Jeff McJunkin |
| Feb 20, 2019 | Identifying Emerging Threats with Security Analytics | Chris McNab |
| Feb 19, 2019 | Modern AppSec Tools for Modern AppSec Problems: A Practical Introduction to the Next-Gen WAF | Kelly Brazil |
| Feb 18, 2019 | The SANS ICS Summit 2019 and What to Expect | Tim Conway, Robert M. Lee, Michael Assante |
| Feb 14, 2019 | Dispelling GDPR Myths: Avoid the Compliance Trap, Make Real Security/Privacy Gains | Brian Honan, John Pescatore, Gal Shpantzer, Mark Weatherford |
| Feb 13, 2019 | MITRE ATT&CK and Sigma Alerting | Justin Henderson, John Hubbard |
| Feb 13, 2019 | Challenges we face, repeatedly | Dave Shackleford, Ron Schlecht, Jr. |
| Feb 12, 2019 | Offensive WMI | Tim Medin |
| Feb 12, 2019 | Dealing with Remote Access to Critical ICS Infrastructure | Justin Searle |
| Feb 8, 2019 | SANS Automation & Integration Security Briefing: SOARing to New Heights - Using Orchestration & Automation Tools in the Way They're Intended | Chris Crowley |
| Feb 7, 2019 | CTI Tools, Usage and a Look Ahead: Part 2 of the 2019 SANS Cyber Threat Intelligence Survey | Rebekah Brown, Jonathan Couch, Nicholas Hayden |
| Feb 5, 2019 | CTI Requirements and Inhibitors: Part 1 of the 2019 SANS Cyber Threat Intelligence Survey | Robert M. Lee, Nick Hayes, Helen Johnson, Allan Liska |
| Jan 31, 2019 | Best Practices to Get You CloudFit- 12 AWS Best Practices for Cloud Security | John Martinez, Matt Bromiley |
| Jan 30, 2019 | Game Changing Defensive Strategies for 2019 | Alissa Torres, Dr. Abdul Rahman, Tom Clare |
| Jan 24, 2019 | Remediating Threats by Bridging Islands of Security | John Pescatore, Chintan Udeshi |
| Jan 23, 2019 | Enterprise Security with a Fluid Perimeter | Matt Bromiley, Larry Lunetta |
| Jan 23, 2019 | Network Visualizations: Understand what's happening faster and easier than ever! | Mick Douglas |
| Jan 22, 2019 | Malicious or Negligent? How to Understand User Intent to Stop Data Exfiltration | Brad Green, John Pescatore |
| Jan 22, 2019 | The Hitchhikers Guide to Evidence Sources | Nick Klein |
| Jan 17, 2019 | Using Data Science to Secure Cloud Workloads | Mikkel Hansen, Aaron Bryson |
| Jan 17, 2019 | Falcon and the MITRE ATT&CK Framework Better Together; Feature Update | Ken Warren |
| Jan 16, 2019 | Lessons learned after Hundreds of Breach Investigations | Robert Reyes, Gerard Johansen, Jake Williams |
| Jan 16, 2019 | Breaking Bad Bots - The New #1 Threat and How to Stop Them | Shreyans Mehta, Franklyn Jones |
| Jan 14, 2019 | Whats new with FOR526 Advanced Memory Forensics and Threat Detection | Alissa Torres |
| Jan 11, 2019 | 24/7 CTI: Operationalizing Cyber Threat Intelligence | Xena Olsen |
| Jan 9, 2019 | Assumption of a breach: How a new notion can help protect your enterprise | Tim Medin |
| Jan 8, 2019 | Defeating Attackers with Preventive Security | Dave Shackleford, Alex Berger |
