Cybersecurity Webinars and Workshops

Accelerate Your ASM Journey: Top 10 Attack Surface Management Use Cases

The move to the cloud and increasing remote work have fragmented attack surfaces, making it easy for attackers to find unmanaged assets with critical exposures. Manually finding and remediating these risks is untenable, so security teams need active attack surface management to not just find the unknown exposures but also automatically fix them.

SANS Pen Test Austin 2023: Keynote - UP YOUR Security Game

Join SANS Senior Instructor, Tim Medin, as he discusses the dumbest red team tricks and hacks he has encountered over the years. We are taking the A out of APT for this one, because so few attackers actually need to use advanced techniques in the real world. Developing your career in security does not have to be painful. There are a lot of opportunities to find new and interesting things, no matter if you are completely new to the field, junior level, or an experienced practitioner.

2023 SANS Threat Hunting Survey: Focusing on the Hunters and How Best to Support Them

As vendors develop new software or tools for threat hunting, we need to remember that threat hunting is predominantly a human-based activity in looking for incidents that our automated tools have not yet found, or cannot yet detect. This year, our survey will focus on the hunters themselves and how their organizations support threat hunting. Are hunters asked to complete multiple tasks at once? How much focus is given to threat hunting compared with other cybersecurity tasks? We look further at the skills that threat hunters must hone as that are just starting out, to skillsets of those who have been hunting for many years. We again will compare year-on-year trends to see how organizations have shifted their perspectives on threat hunting.

Tactical Tripwires

It isn’t a question of “if” but “when”. Your environment will be compromised. It’s inevitable. The adversary has an unlimited set of tools at their disposal.

SANS Pen Test Austin 2023: Workshop - Building Azure Security Labs using Terraform

The increased importance of the cloud and identity is not lost on attackers. To simulate adversary tradecraft, Red teams must be able to evolve offensive techniques against cloud identity systems. Cloud defenders must adapt quickly to understand these same attacks and instrument defenses. In this SANS Workshop, students will be introduced to the PurpleCloud open-source Azure lab creation tool. Students will learn how to use Terraform to automatically create an Azure Active Directory security lab which can be used for your own security simulations. After automatically creating Azure AD users, Applications, and RBAC role assignments, participants will have hands-on exercises to perform reconnaissance and a specific attack pathway that abuses mis-configured roles and permissions. This workshop is intended for Cloud Architects, Security Engineers, Penetration Testers, Defenders, and anyone looking to learn a little more Azure and Terraform. Prerequisites: • An active Azure subscription (https://portal.azure.com) • An Azure account with Global Administrator permissions Prior to the workshop: 1. Download the Building Azure Security Labs using Terraform virtual machine. Double-click on the OVA file to import the VM with VMware. Boot the VM after import, then login with the username sec588 and the password slingshot. https://sansurl.com/building-azure-labsPassword: jaJDY8hu44b32. Launch Firefox browser and navigate to home (it should auto-launch). 3. Follow the lab 0 instructions to ensure that you have an Azure account and active subscription.4. The Workshop instructions are also available at https://lab.purplecloud.network with the following credentials sec588:sec588 Please note – we will not be able to troubleshoot or support local VM issues or Azure account subscription issues. It is highly encouraged that you download and verify login to the VM before the workshop and that you follow all steps in lab 0 for Azure account and subscription setup. System Requirements: • VMware to launch a customized Slingshot Linux distribution (VMware Workstation Pro, VMware Workstation Player, or VMware Fusion for macOS; trial versions of all three are available, and VMware Workstation Player is available for free for non-commercial use. • 30 GB free hard drive space • At least 8 GB RAM

Managing Apps on BYO and Managed Devices: How to Enforce Policies to Protect Your Data

The number of organizations banning applications due to surveillance and spyware concerns on employee devices continues to grow In 2020, the average smartphone user had 40 apps installed on their mobile phone (source). And Zimperium’s zLab Research team found last year (2022) that 23% of all Android samples and 24% of the iOS apps in the public record are malicious, meaning mobile apps represent a major attack surface.

ターゲット環境に侵入するために用いられるマルウェア技術の変遷

サイバー攻撃の最初の目的はターゲット環境への侵入に成功することです。最初の攻撃ペイロードは境界防御を突破し、ターゲットユーザーの操作を促し、感染させるものが多いでしょう。攻撃者が悪用するテクニックは時代とともに変化してきていますが、この分野では特に顕著なトレンドが見られます。このWebcastでは近年のマルウェアが悪用しているテクニックのトレンドを紹介します。

Changing Trends in Malware Techniques to Infiltrate Target Environments

One of the first objectiveｓ in a cyber attack is to successfully infiltrate into the target environment. The initial attack payload needs to penetrate through perimeter defenses and be easy for the target users to infect themselves. Techniques that attackers use to achieve this change over time, and there have been noticeable trends in this area. This presentation reviews some of the techniques from the recent years.

Hands-On Workshop: Container Security 101

This is a 2 hour hands-on workshop. Is your company adopting containers but you haven’t had a chance to figure out the best way to secure them yet?

2023 ICS Security Summit Solutions Track | Two Day Event May 1st and 2nd

The focus of this two day event is to illustrate the challenges, risks, impacts of incidents in control systems, as well as actionable achievable methods we can meet these challenges head-on.

Securing Your Cached Assets

Content delivery networks provide a valuable service and make the Internet a better place. Without them, streaming services would overwhelm entire networks. Mobile and single-paged web applications would take forever to load. But, what about sensitive data? Do we have to avoid caching sensitive data at all costs or are there ways we can secure it? Join me to learn more about origin protection and signature enforcement with custom policy in Amazon CloudFront. Get a behind-the-scenes peak at one of the labs from SEC540: Cloud Security & DevSecOps Automation.

Promoting Your Path: From Engineer to CISO

Not sure how to make the leap from engineer to manager? Questioning whether or not you really want a leadership position? Unclear if you really have what it takes to be a CISO? Come hear real world case studies and learn tips and tools to help you on your path and take the next step in your career.