Cybersecurity Webinars and Workshops

Siaran Web Penting SANS: What you Need to Know about CVE-2021-30860 aka FORCEDENTRY

Siaran Web Penting SANS: What you Need to Know about CVE-2021-30860 aka FORCEDENTRYJumat, 24 Sep 2021 9:00AM WIBChris Crowley Apple merilis CVE-2021-30860 dengan menyebutkan: semua versi iPhone iOS sebelum 14.8; versi macOS sebelum OSX Big Sur 11.6, Pembaruan Keamanan 2021-005 Catalina, dan Apple Watch sebelum watchOS versi 7.6.2 menjadi target yang saat ini aktif di eksploitasi. Kami akan membahas hal-hal yang harus segera Anda lakukan untuk melindungi pengguna dan sistem informasi Anda dari eksploitasi zero-day ini terhadap iOS dan MacOS. Kami akan membahas hasil temuan tersebut. Kami akan memberikan indikator tentang apa yang harus dicari untuk mengetahui apakah perangkat Anda telah terdampak oleh kerentanan ini, informasi terbatas tentang detail kerentanan, dan Threat attribution yang telah dikembangkan oleh Citizen Labs. Christopher Crowley, Instruktur Senior SANS, memiliki 15 tahun pengalaman mengelola dan mengamankan jaringan. Dia telah menulis banyak kursus dan merupakan salah satu ahli dalam membangun SOC yang efektif. Saat ini, dia bekerja sebagai konsultan independen di wilayah Washington, DC dan fokus dalam mengembangkan computer network defense yang efektif. Pengalamannya meliputi penetration testing, security operation, incident response, dan forensic analysis.

Adapting detection and response strategies in the cloud

Cloud systems are dynamic, with rapid workload changes to ensure availability, scalability, and cost optimization. Traditional security tools, such as endpoint, network, and event management, find difficulties monitoring changes and addressing vulnerabilities in cloud environments and the changing security landscape. As a result, organizations should consider updated strategies and mechanisms that are proactive, agile, and can effectively mitigate cloud security risks.

Cryptography – The Encryption and Password Hashing Recipe (With a Little Salt)

Dalam webcast selama satu jam ini, kami akan memberikan pengantar singkat tentang berbagai ystem kriptografi dalam penggunaan modern serta membahas miskonsepsi seputar kriptografi yang mengakibatkan implementasi yang salah.

Core NetWars Tournament 7 - Walmart Oct. 2021

Once you have signed up, you will need to proceed to your Account Dashboard in order to complete registration for the game.

Cyber Solutions Fest 2021: Level Cloud Security

You are entering Level Cloud Security at the SANS Cyber Solutions Fest 2021. This full-day session, led by SANS cloud expert Shaun McCullough, will explore innovative cybersecurity solutions that can help security teams adapt to cloud deployments in areas such as network security, threat intelligence, container and serverless security, and many more. The focus we need to look at is what comes next in Cloud Security?

Tech Tuesday Workshop – Cloud Attacks and Incident Response

Attackers evolve to exploit new opportunities, including attacks against cloud systems. As defenders, we also need to evolve, developing new skills and understanding in how attackers exploit cloud platforms, and how we should respond to these incidents.

Data Security Solutions Forum

To be effective, data protection has to be everywhere, from the server to the endpoint, at the office and at home, throughout the cloud and across the web. A company's system must be able to detect data leakage from any path, quickly apply real-time data protection policies, automate incident workflows, and alert the IT team as needed for further investigation. Having an effective understanding of how and where a company's data is stored is essential when trying to protect it. Data stored across multiple devices and cloud services need to be discovered and categorized according to sensitivity and accessibility. The data that a company creates, collects, stores, and exchanges is a valuable asset. Safeguarding it from corruption and unauthorized access by internal or external people protects a company from financial loss, reputation damage, consumer confidence breakdown, and brand erosion. Furthermore, government and industry regulation around data security make it imperative that a company achieve and maintain compliance with these rules wherever you do business.

How to Mitigate Dangerous Web Application Vulnerabilities with Security Awareness Training

Application security is quickly becoming a growing concern for many organizations. But relatively fewer resources are spent preventing the application-specific security bugs that create dangerous vulnerabilities. Effectively reducing human risk across the organization requires dedicated training paths to teach the entire team involved in your development cycles.

SANS 2021 Ransomware Detection and Incident Response Report

Ransomware attacks have become some of the most prolific and public intrusions over recent years. Within a matter of hours, organizations can go from normal operations to having an inoperable network and being extorted for tens of millions of dollars. On this webcast, SANS instructor and author Matt Bromiley, as well as sponsor representatives, will share their thoughts on modern detection and response techniques for ransomware breaches.

Your Extra Layer of Security: Getting to Zero Trust Network Access

Maintaining trust in a network has become an enormous challenge due to: an increasingly sophisticated cyber threat landscape an expanding digital infrastructurea mushrooming cybersecurity skills gap, and an increased need to secure remote work In addition, the growing remote workforce needs to access both cloud-based and on-premises infrastructures. Zero trust network access needs to include controls and policies for network segmentation, endpoint security, identity and access management—and lead the way into a modern extended detection and response (XDR) model of security operations, as well.

How SMBs Can Benefit from the Security Protections of Windows 11

Small-to-medium businesses (SMBs) often operate with limited security budgets. Consequently, they need to take advantage of any built-in security features of programs they already use to maximize their protections.

산업 제어시스템(ICS) 직접 체험하기!

SANS의 산업 제어시스템(ICS) 코스의 저자이며 국제적으로 유명한 Tim Conway와 Jeff Shearer이 핵심 인프라 및 프로세스 환경에서 근무하는 사이버보안 실무자들이 ICS 환경을 보호하고 위협 및 취약점 식별 방법을 익혀야 함에 있어 실무 경험과 전문 교육의 중요성에 대해 설명합니다. Jeff와 Tim은 ICS 환경을 지원하고 작업하는 모든 실무자님들이 접하게 될 공통 요소 및 자산 유형과 ICS 전문가들이 추구해야 하는 다양한 지식 영역에 대해 논의하고자 합니다.