SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsPresentation - Improving Windows Event Log Analysis with Yamato Security Tools presented by SANS Certified Instructor Zachary Mathis
As approximately 75% of desktop computers are using Windows, this is still the main operating system that attackers will target and hence the main OS that incident responders have to respond to and figure out how the computer was compromised, what did the attackers do, what other systems were compromised, etc... Unfortunately, the default log settings are completely inadequate and do not provide enough details for the investigators. Furthermore, even when proper logging is enabled, analysts face various challenges such as Windows logs are mostly noise, logs are separated across hundreds of files, fields are not normalised, messages are often cryptic, etc... making log analysis traditionally a very tedious and unpleasant task. Zach Mathis, the project leader for the Yamato Security tools, will explain about how to properly configure your logs in a practical manner and how to perform easy and scalable analysis with Hayabusa and Takajo, two free open-source tools. Hayabusa is a fast forensics timeline generator and threat hunting tool utilising over 4000+ open-source Sigma detection rules. It is currently the only free and open-source tool that fully supports the Sigma specification letting your analysts detect the most complex attacks with the highest precision and customisation. Takajo will further automate the most common analysis tasks as well as provide a dynamic web report to quickly triage alerts and compromised computers.
Presentation - Top Five Cloud Security Trends and Tips with SANS Professor Frank Kim
Learn about the top five trends that are shaping cloud security adoption: identity, automation, architecture, monitoring, and GenAI. Hear about high profile cloud security breaches and walk away with tips and techniques for responding to these trends including free and open-source tools as well as cloud provider specific services you can use to build your security capabilities.
Frank Kim is the Founder of ThinkSec, a security consulting and CISO advisory firm. He leads the Cybersecurity Leadership and Cloud Security curricula at SANS, as well as authors and instructs multiple SANS courses.
Learn moreA graduate of Purdue University with dual degrees in Computer Science and East Asian studies, Zach is a trailblazing security professional in Japan. He has founding a security team and deliveried various services from pen-testing to DFIR since 2006.
Learn more