Cybersecurity Webinars and Workshops

Integrating Open NDR To Automate Alert Response Via Better Network Evidence

Are you interested in context for your cloud or container environment when you investigate an event from last week, last month, or last year? Would it save you time to have IDS alerts that include the full context of the connection? Join this session to hear James Schweitzer demonstrate some easy to understand, interlinked network evidence, available wherever you need it and which also enables orchestration.

SANS Workshop – NTLM Relaying 101: How Internal Pentesters Compromise Domains

In this workshop, SANS certified instructor Jean-François Maes will walk you through some of the most used NTLM relay attack paths pentesters use to compromise the domain.

SANS Holiday Hack Challenge Special Invitation-Only Sneak Peek for SANS Customers

SANS is finalizing our exciting, free Holiday Hack Challenge for release the second week of December.  It’s our gift to the cybersecurity community every year, featuring fun real-world cyber security challenges, a quirky story line, and a bunch of holiday cheer.

SANS Government Cybersecurity Solutions Focus Report

Threat actors continue to make government agencies – at the federal, state and local levels – one of their most important targets. A series of Presidential Executive Orders and DHS CISA Binding Operational Directives have been issued in response, often with specific cybersecurity control and technology requirements. Government agencies need to address both these pressures, and do it with limited resources, prioritizing their actions based on identified risks and available resources

Security Masterclass - Privilege Without the Pain

With great power comes great responsibility. Privileged accounts are a necessary part of everyday IT operations, but managing them to date has been complex and costly with a lot of disruption to the business, so organizations only deploy solutions when they really have to e.g. compliance drivers.

The 5 Critical Controls for ICS/OT Cybersecurity

SANS authors and instructors Robert M. Lee and Tim Conway have been working with the community to analyze all the known ICS cyber attacks for the purpose of creating the most important cybersecurity controls for organizations to implement.

SANS Workshop – Advanced Python Automation Hands On Workshop

Have you heard that SANS has a new Advanced Python Automation class?  Are you interested in trying out some of the content?  Join us for this workshop where Senior SANS Instructor and course author Mark Baggett will deliver the first hour and a half of content.  But wait, isn't the first hour and a half always introductions and no real hands on material?  Maybe in other classes but not in this one.  Come check it out!

クラウドのためのDFIRエビデンス収集と証拠保全

データの保管場所や方法が変わると、そのデータに関するフォレンジックが不要になったという思い込みが生じることがあるようです。しかしクラウドでは、オンプレミスの環境では存在しない新しいデジタルフォレンジックのケイパビリティや奥の深さが存在します。ただしクラウド環境における証拠保全のための正しい設定やセットアップの方法を理解しておく必要があります。

Best Practices and Lessons Learned from Starting Up OSINT Teams

Throughout his career, Matt Edmondson has started up several OSINT teams within the U.S. government and worked with private sector cyber threat intelligence teams ranging from Fortune 100 businesses to small startups.

ภัยคุกคามต่อระบบ Industrial Control System และวิธีป้องกัน

การบรรยายนี้จะมุ่งเป้าที่การตรวจจับภัยคุกคามและการตอบสนองต่อภัยคุกคามในสภาพแวดล้อมของ Industrial Control System (ICS) โดยจะเจาะลึกถึงเทคนิคและความสามารถของผู้ร้ายในเคสที่เกิดขึ้นไม่นานมานี้ การบรรยายจะเน้นเรื่อง Tactics Techniques and Procedures (TTP) ของผู้ร้าย และอุตสาหกรรม ICS จะตอบสนองต่อผู้ร้ายอย่างไรโดยที่ไม่ต้องใช้งบประมาณสูง Dean จะแสดงให้เห็นว่าการวิเคราะห์เทคนิคและเครื่องมือ ที่ผู้ร้ายใช้ สำคัญหว่าการระบุตัวของผู้ร้าย ซึ่งจะทำให้การปฏิบัติงานของมีประสิทธิภาพมากขึ้นในอุตสาหกรรม ICS/OT

산업시스템(ICS) 위협 환경 및 적극적 방어 전략

이번 웹 캐스트에서는 최근 공격 유형들(campaigns)중에서 고급 산업제어시스템 (ICS)을 대상으로 한 적대적 위협 가능성들(adversary threat capabilities)을 심층 분석하여 산업제어시스템(ICS) 환경에서 일어날 수 있는 실질적 위협을 감지하고 발생한 사고에 대응하는 것에 초점을 맞추고 있으며, 산업제어시스템(ICS)의 공격자TTP(Tactics, Techniques and Procedures/전술, 기법 및 절차) 및 효율적이고 경제적인 사전 방어기법들을 소개합니다. 특히, 강사 Dean은 최근 많은 공격에서 활용되고 있는 사이버무기와 기술들이 전술적 산업제어시스템(ICS) 침해사고대응(IR)에서 드러나는 적대적 공격속성(adversary attribution)보다 왜 더 중요한지에 대해 자세히 다룰 예정입니다.

タイトル：産業制御システム（ICS）の脅威の状況とアクティブデフェンス

概要：このWebcastでは、最近の攻撃キャンペーンにおける高度なICS攻撃者の脅威を分析することで、産業用制御システム環境における実践的な脅威の検出とインシデントレスポンスの対応方法についてご紹介します。このWebcastの焦点は、ICS攻撃者の戦術と手順（TTPs）、および産業用制御システムのセキュリティを、いかにプロアクティブかつ最低限のコストで、効果的に実現するかというところにあります。Deanは、近年の攻撃で使用されるツールや技術について理解することが、戦術的なICSインシデントレスポンスにおいて重要である理由を説明し、あらゆるICS/OT重要インフラ部門の業務において実践的なヒントを提供します。