Cybersecurity Webinars and Workshops

Building Better Cloud Detections…By Hacking? Azure Edition

Learn how the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our Azure environments

Top Code Vulnerabilities to Avoid in 2023

Familiar with the SANS25 but looking to take the next steps to secure your applications? In this webinar, we will explore the latest code vulnerabilities identified through real user scans of modern applications and discuss steps organizations can take to safeguard their code and protect themselves from potential security breaches.

SANS Security West 2023 - Keynote: Thinking DFIRently: From Entry to Specialty

The Digital Forensics and Incident Response world. An incredibly broad sphere. We have people trying to get into this world. We have people that have just entered this world. We have people that work day-to-day in this world. We have people that excel in niche areas of this world. Each group thinks they are unique in this world, but actually, one commonality that pervades everyone and everywhere in this world is that we have questions about, “How do I?”.How do I get into DFIR? How do I get better at DFIR? How do I specialize? How do I decide what to specialize in next? How do I get to be like ‘that’ person?Besides these questions, there are more practical questions. What training do I take? What tools do I use? Who should I follow? How can I find a mentor? Why would anyone want to give up their time to help me?Things are changing faster in DFIR than ever before. Questions are everywhere. Let’s walk through the world of DFIR from beginning to end together. Where did you come from? Where do you go? How can you know what is in between? We don’t profess to know all the answers, but I can assure you we all feel the same way, and we are all on this crazy ride together. So let’s get to know each other and the playing field. The theme? You be you and be comfortable in your skin. It is going to be a fun hour and a half!

Red and Purple Team: Improve the defenders' ability to stop the attackers

Defenders must be constantly vigilant in their efforts to protect their organization's environment. Through practice, the defenders can be sharpened by red and purple team exercises. This presentation will explore some cassstudies where exercise improved the organization's security posture.

The Five ICS Cybersecurity Critical Controls for APAC practitioners

In ICS (industrial control systems) or OT (operational technology) security, there is an endless list of ‘security’ issues that could be ‘remediated’.  Many industrial organisations, much less IT/OT stakeholders don’t know where to start.

ICS 보안 담당자를 위한 다섯가지 보안 핵심기법

산업 제어 시스템(ICS) 및 운영기술(OT)관련 보안에서는 '해결'될 수 있는 끊임없는 '보안' 문제들이 산재해 있습니다만 담당자들은 보통 어디서 시작해야하는지가 가장 큰 고민입니다.

産業用制御システム（ICS）におけるサイバーセキュリティCritical Controls５選

産業用制御システム（ICS）や運用技術（OT）に関するセキュリティにおいては、改善すべきセキュリティ上の課題が無限に存在します。多くの産業系の組織やIT/OTに携わる方は、こうした課題に対してどこから手を付ければいいのか迷ってしまいがちです。

SANS Security West 2023 - Hands-On Workshop: Building Detections in Azure

This is a 2-hour hands-on workshop. As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. In this workshop, which is a follow-on from the talk “Building Better Cloud Detections... By Hacking? (Azure Edition)“, we will work through the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our Azure environments. The overall process and takeaways will be:- Establish proper logging to detect the adversarial activity- Perform the attack to generate the appropriate artifacts- Review the log event data- Create an automated process to quickly discover this activity- Test that the automated process is working effectively by “re-attacking” the Azure accountPrerequisites: An Azure account with administrator accessSystem Requirements: A modern web browser

Fantastic Caches and What You Can Find in Them

This talk will explore some of the artefacts that, without the knowledge of the user, records more than just metadata.

Bridging the Gap: Securing Your Digital Transformation Journey

In this session, learn from Armis Field CTO, Steve Gyurindak, how your organization can overcome data security hurdles without compromising critical infrastructure or existing security solutions.

3 Crucial Cloud Security Changes to Hackproof your Cloud

Cloud environments are attractive targets for hackers due to their complexity, which can make them difficult to defend. This presentation will cover three crucial details of cloud setup that can greatly impact your cloud's security posture. We'll kick off by exposing common vulnerabilities that hackers exploit to compromise cloud environments. Then, we'll dive into effective mitigation strategies in three areas and show you how to implement them in a practical and hands-on manner. Our insights on mitigations will apply to typical enterprise cloud setups.

Cybersecurity in the Age of LLM: Risks, Opportunities, and the Future of AI-Driven Information Security

With the rapid development of large language models (LLM) and generative AI, the landscape of cybersecurity has experienced a paradigm shift. In this one-hour webcast, we will delve into the emerging information security risks and opportunities associated with LLM and cyber deception operations. As these technologies become increasingly sophisticated, it is imperative for organizations to stay informed about potential threats and best practices in order to maintain a strong security posture.