SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

This SANS First Look explores how Magnet Nexus can help DFIR teams reliably and effectively acquire data from remote systems across an organization.

Virtual
Plagued by manual processes, siloed data, expensive consultants, and glacial speeds that stifle innovation, GRC has become the ultimate organizational bottleneck. This session will demonstrate how RegScale’s AI-driven compliance platform is shattering these traditional barriers, delivering game-changing results like:
Attendees will discover how contextual AI and code-based Continuous Controls Monitoring create an “always audit-ready" state, transforming compliance from a reactive burden into a strategic advantage. Learn how to leverage intelligent automation to enable comprehensive real-time visibility, maximize ROI, and turn your compliance program from a costly bottleneck into a competitive advantage.
*Sponsored by RegScale
Virtual
IP intelligence remains a critical component of fraud prevention, but on its own, it often falls short, especially in an age of mobile gateways, carrier-grade NATs, and complex network infrastructures that can mask true user behavior. Threat actors exploit this opacity to blend into legitimate traffic, leaving organizations struggling to distinguish fraud from real customers without adding friction. This webinar explores how session-layer intelligence provides the context needed to uncover fraud signals hidden beneath the surface of raw IP data. By analyzing user sessions across devices, networks, and behaviors, security teams can better separate anomalies from authentic activity and dramatically improve detection accuracy.
*Sponsored by Spur
Virtual
In today’s complex security landscape, fragmented compliance and risk workflows create blind spots, slow audits, and put customer trust at risk.
Vanta addresses these challenges by centralizing compliance, risk, and trust management into a single platform, powered by automation and AI. With the industry’s broadest library of automated tests and integrations, Vanta delivers continuous monitoring that keeps evidence, policies, and vendor reviews current—surfacing risks early and putting you in control.
In this session, we’ll explore how Vanta shifts teams from manual, fragmented processes to automated and continuous trust management, turning chaos into clarity and reactivity into control. By unifying compliance and risk, Vanta enables faster, more confident security decisions, automates manual work, and gives organizations clarity and confidence to scale securely.
*Sponsored by Vanta
Virtual
Virtual
An alert tells you that something happened. Digital forensics tells you what, how, and why. In modern environments, that difference determines whether you can fully remediate an incident or simply move on to the next fire. DFIR provides the artifacts, timelines, and context that incident responders need to fully scope attacks, preserve evidence, and help build better IR playbooks.
But today’s challenges, including hybrid and remote workforces, cloud adoption, and ever-larger volumes of data, make those answers harder to get. In this session, Jeff Rutherford, Forensic Consultant at Magnet Forensics, will examine how SaaS-based DFIR tools, and hybrid collection methods are changing the way investigations are run. He’ll show how Magnet Nexus enables practitioners to collect data remotely at scale, perform artifact-first investigations in the cloud (or within their environment), and collaborate with global team members. All with speed and simplicity that legacy enterprise DFIR solutions can’t match.
*Sponsored by Magnet Forensics
Virtual
Join Chief Innovation Officer and Co-Founder of Tidal Cyber, Frank Duff, as he talks about the next evolution in cyber defense: Threat-Led Defense. Tidal Cyber is the first true Threat-Led Defense platform built to flip the defensive security model by putting real adversary behavior at the center of your defense strategy.
By delivering a structured, operationalized library of real-world adversary procedures, we’re solving one of the most critical challenges in modern defensive security. How do I defend against the latest threats based on the actual (Sub-)Techniques adversaries use. It’s a level of precision defenders have never seen before, empowering security teams to Prioritize, Defend, and Respond based on how attackers actually operate.
*Sponsored by Tidal Cyber
Virtual
The convergence of risk velocity and volatility in the 2020s has contributed to a perilous risk exposure gap for many organizations—fueled by new and emerging risks and stagnant or declining resources. As technology advances and the risks associated with it rapidly expand, IT GRC teams need to implement a connected risk model. By leveraging emerging technologies like AI and continuous monitoring to build scalable compliance programs, organizations can bridge the risk exposure gap and successfully navigate tomorrow’s cyber risks.
Join this session to explore the evolving cyber GRC landscape, how organizational collaboration can address issues, roadblocks to progress, and keys to creating a risk-aware culture. See firsthand how a connected risk platform can help you achieve cyber resilience in our live product demonstration.
*Sponsored by AuditBoard
Virtual
Your workforce is making decisions every day about what apps (and vendors) are brought into your org and how data flows across them, often without oversight by the security team. This is the Workforce Edge and without proper security governance, this edge becomes an attractive attack surface for bad actors. Nudge Security helps you secure the Workforce Edge with Day One visibility of every SaaS app and account ever introduced by your workforce and policy-driven, automated guardrails to scale your security and governance efforts.
In this presentation, you’ll learn how Nudge Security can help you:
*Sponsored by Nudge Security
Virtual
Virtual
In this 30-minute technical demonstration with Sr. Product Manager for Cybersecurity Amanda Berlin, discover how Blumira's security operations platform helps teams overcome the challenges of alert fatigue, limited in-house security expertise, and operational risks that can slow their organization's work. We'll showcase Blumira's architecture for capturing comprehensive security telemetry across cloud, endpoint, and network environments, and demonstrate how our pre-tuned detection engine filters signal from noise without months of configuration.
Technical attendees will see firsthand how SOC Auto-Focus, Blumira's AI-powered context enrichment engine, accelerates investigations by analyzing evidence patterns, providing clear prioritization, and delivering guided response workflows. The demo will include practical examples how Blumira integrates automated, supported, and guided workflows to right-size response and mature from a reactive security posture to a proactive one.
Join us to learn how organizations of all sizes can achieve enterprise-grade security operations, with the help of Blumira's team of experts acting as an extension of your own!
*Sponsored by Blumira
Virtual
Virtual
Shipping fast doesn’t have to mean shipping risk. Join us for a live demo of how Endor Labs helps security and platform engineering teams at Atlassian, Cursor, Dropbox, Robinhood, and other hypergrowth companies deliver secure-by-default code without blocking innovation. In this session you’ll learn how to use function-level reachability to prioritize risks that impact your code, and evidence-backed insights that make remediation both secure and stable.
*Sponsored by Endor Labs
Virtual
Phishing remains a costly security risk, with Business Email Compromise driving $6.3B in 2024 losses (FBI IC3). Attackers have moved beyond mass email blasts, weaponizing AI and trusted SaaS infrastructure to deliver highly effective browser-native credential theft.
In this session, Cody Pierce, CEO/Co-Founder of Neon Cyber, breaks down why phishing is still so successful and discusses what you can do today to improve your anti-phishing program with browser-native defenses that stop attacks live in the browser, at the point of action, before credentials are stolen and the incident escalates.
*Sponsored by Neon Cyber
Virtual
Virtual