Cybersecurity Webinars and Workshops

Designing Access to Shared Datasets in the Cloud

This workshop is structured around teaching students how to construct access to shared datasets in S3 and more broadly, cementing in their minds the threats to consider when using cloud-native storage. Students will dive headlong into a case study where they will serve as the Cloud Security Architect Consultant for a fictional company undergoing the growing pains of a nascent cloud migration.

SANS Community Night Abu Dhabi March 2023 - Establishing the Link Between Corruption and Cybercrime

We are confronted by so many cyber threat actors, with the primary focus being on external threats, and when it comes to internal threats, the focus is often on internal negligence. But the reality is we are seeing in more and more cases that external threat actors are actually simply corrupting internal staff members, often in trusted IT and security positions, to overcome even the most sophisticated cyber security systems.

大規模なインシデントレスポンスの対処法

大規模なインシデントレスポンスは、従来のフォレンジックアプローチを拡張するものではなく、全く別の対処が必要となります。Mathiasは、100,000以上のエンドポイント端末を所有する組織において大規模なインシデントに対処する際のさまざまな落とし穴に焦点を当てます。この講演では、多くのポイントを取り上げますが、特にドキュメンテーションに焦点を当て、それがどのようにリソースや被害者、その他のステークホルダーのマネジメントと結びついているかを説明します。

2023 SANS Report: Become Timeless: The Present and Future Skills Needed for Cyber Security Job Success at Any Level

The hard skills required to be successful in the cyber security industry are constantly evolving. The evolution of technology and the ever-evolving threat landscape have contributed to a new world of hard skills cyber security professions need to be well versed. Acquiring additional skills will not only help you better protect your organization, but also help grow your successful career in this dynamic industry. Knowing what skills to acquire can be overwhelming when you do not know where to start.

Top 5 Reasons Why Posture Management is not Enough for Cloud Security

Most companies with cloud infrastructure have implemented multiple security posture tools, along with compliance management and identity access management – but breaches still happen. A recent IBM study found that organizations take an average of 207 days to uncover breaches and another 70 days to remediate. Configuration and vulnerability management are important for compliance reporting but not enough.

SANS Community Night Abu Dhabi March 2023 - ICS / OT Security Challenges, Assessments, and Takeaways

Don C. Weber will discuss his experiences related to the cyber security challenges facing utilities, industrial, and automation industries. He will discuss the challenges he has experienced, outline security assessments of OT environments, and provide insight into common systemic issues. The presentation will include a question-and-answer session to allow attendees to discuss the challenges and resolutions experienced by their own teams.

The New OSINT Cheat Code: ChatGPT

The intelligence cycle is a six-step process to gather, analyze, and disseminate intelligence information. During the webinar, we will discuss how ChatGPT, an AI-based language model, can assist in each phase of this process.We’ll provide real-world examples of ChatGPT being used to drastically reduce the time it takes to go from concept to functionality and to help us learn while we’re using it.

Breaking the Cloud Kill Chain

Organizations are moving data and applications into public cloud services at a rapid pace. As the public cloud footprint expands, red teams and attackers are reinventing the kill chain in the cloud. Public cloud services provide new, creative ways to discover assets, compromise credentials, move laterally, and exfiltrate data. In this webcast, Eric Johnson (SEC510 and SEC540 author) explores common cloud attack techniques from the MITRE ATT&CK Cloud Matrix. For each technique, we will analyze misconfigurations, exploitation paths, and common architecture patterns for breaking the kill chain.

2023 Report: The State of MDR

As more organizations today struggle to keep up with the threat landscape, detection and response capabilities can suffer, too. This is often due to a lack of expertise on-staff, or a lack of staff altogether. Increasingly, many security teams are turning to managed detection and response (MDR) providers to help shore up their defenses. In the past several years, the breadth and capabilities of MDR providers have expanded considerably, often including threat intelligence, threat hunting, advanced malware analysis, and many more services than in the past. More solutions are also capable of integrating with other security controls and platforms running in customer environments, and automation for response workflows is another major consideration for most organizations, as well. In this webcast, we’ll explore the landscape of what security teams should be looking for in a mature, capable MDR offering, and also discuss emerging and evolving trends that will affect the industry now and in the future.Register for this webcast now and be among the first to receive the companion report by author and SANS Senior Instructor Dave Shackleford.

Community Night – SANS Secure Australia 2023

SANS Community Nights are a great way to stay in touch with your local InfoSec community and to hear the latest in technical wizardry, industry intelligence, and thought leadership from our amazing instructors.

Breach and Attack Simulation and Security Team Success

Come listen to Scott Southerland, Vice President of Research, discuss how Breach and Attack Simulation (BAS) is a critical piece of security team success at any organization.

変化するセキュリティリーダーの役割と考えるべきこと

情報技術の世界が変化し続ける中、セキュリティリーダーの役割も変化しています。CISOやセキュリティに関する管理職、またはそのようなキャリアを目指している方にとって、ITとビジネスの現在のトレンドがキャリアパスにどのような影響を与えるかを考える必要があります。