Cybersecurity Webinars and Workshops

Understanding IEC 62443: An Overview of the Standard, Its Deployment and How to Use Fortinet Products for Compliance

IEC '62443 is the global standard for the security of ICS networks, designed to help organizations reduce the risk of failure and exposure of ICS networks to cyberthreats. The standard demands that security professionals not only understand their organization's hardware and its interactions, but also how to recognize a threat, how to report it and how to respond and to recover. In this webcast, SANS instructor/author Jason Dely and Fortinet representatives Antoine D'Haussy and Aasef Iqbal will explore how the IEC62443 set of standards can provide the guidance to enterprises looking to choose and implement technical security capabilities. They will look at some of the common challenges and how the use of compensating controls can help maintain a layered security across the ICS. Learn how Fortinet's layered solutions may help asset owners and system integrators reach IEC 62443 compliance. Register now and be among the first to receive the associated white papers: \Effective ICS Cybersecurity Using the IEC 62443 Standard" and "Managing ICS Security with IEC 62443".

SANS Attack Surface Management Virtual Conference

You will earn 6 CPE credits for attending this virtual event. Forum Format: Virtual - US Eastern Event Overview Designed for security leaders tasked with managing a growing attack surface, the SANS Attack Surface Management Virtual Conference will take place on April 14, 2021 as a virtual event. This half-day event will bring together thought leaders, subject matter experts and practitioners to discuss, share and discover best practices for addressing the operational challenges associated with work-from-home transitions, cloud migrations, M&A, shadow IT and the rise of ransomware attacks. Attendees will gain valuable lessons on how to operationalize attack surface management in order to improve their threat intelligence, vulnerability management and offensive security programs.Agenda 10:30 - 10:35 AM EDT - Event Welcome Dave Cowen, @HECFBlog, Forum Chair, SANS Institute, @SANSInstitute 10:35 - 11:05 AM EDT - Defending Forward in Today's Exposed World David "Moose" Wolpoff, @HexadeciMoose, CTO, CO-Founder, Randori, @RandoriSecurity Dan MacDonnell, Retired Rear Admiral, Former Deputy Chief NSA/CSS, Randori, @RandoriSecurity Whether we like it or not, organizations today are on the front lines of an ongoing and growing geopolitical cyberwar. We need look no further than Solarwinds for proof. In this session, former Deputy NSA Chief Rear Admiral Dan MacDonnell and Randori Co-Founder & CTO David Wolpoff will take attendees on a behind the scenes'look into forces driving today's cyber landscape and what they tell us about the future of security. Attendees will leave with a firm understanding of the macro-forces driving today's cyberwar, clarity into why today's approaches won't cut it tomorrow, and why it's essential organizations defend forward - adopting proactive strategies that leverage the attacker's perspective to anticipate threats and test resiliency. 11:05 - 11:35 AM EDT - Getting on Target: Looking at Your Attack Surface Like An Attacker Aaron Portnoy, @aaronportnoy, Principal Scientist, Randori, @RandoriSecurity Fundamental to the rise of attack surface management is a growing recognition that attackers see the world differently. In this session, Aaron Portnoy, Principal Scientist at Randori will break down why that is the case and how red teams, like the Randori Attack Team, can often come to dramatically different conclusions than security teams about an asset - even when both are looking at the same information. He will look at real examples taken from customer environments and break down some of the ways he's see security teams adopting the attacker's perspective to reduce noise, prioritize risk and get on target faster. 11:35 AM - 12:05 PM EDT - Hunting Threat Actors with Attack Surface Management Kyle Howson, Cyber Security Operations Centre Specialist, Air Canada, @AirCanada Dan Pistelli, Security Solutions Engineer, LogicHub, @Logichubhq With a third of successful breaches now originating with unmanaged or unknown assets, understanding your attack surface and being able to prioritize new risks as they emerge has never been more essential. In this session, Air Canada's Kyle Howson and LogicHub's Dan Pistelli will break down how Air Canada is 'integrating the attacker's perspective into their asset, vulnerability, and threat management workflows through LogicHub to hunt for APTs and quickly find, prioritize, and act upon issues as they are discovered. In this session, Kyle and Dan will walk through tangible examples and break down how attendees can replicate these actions in their organization, by:Establishing an external source of truth for threat prioritization between Security and ITIncreasing the efficiency of remediation efforts by combining threat intelligence with real time visibility into their attack surfaceIdentifying process failures and shadow IT that poses categorical risks.Leveraging the attacker's perspective to turn threat data into actionable narratives both executives and practitioners can agree-on.Saving time and money by focusing teams on the specific threats that pose the greatest risk to Air Canada. 12:05 - 12:15 PM EDT - Randori Attack Platform See how Randori Recon empowers enterprise organizations to understand their attack surface in order to identify blindspots, process failures and dangerous misconfigurations. 12:15 - 12:45 PM EDT - Evaluating Attack Surface Management Tools Pierre Lidome, @texaquila, SANS Instructor and Cyber Hunter, SANS Institute, @SANSInstitute Attack surface management (ASM) is an emerging category that aims to help organizations address these challenges by providing a continuous perspective of an organization's external attack surface. In this session, SANS course author Pierre Lidome will provide an overview of Attack Surface Management, the key use-cases and 'benefits and limitations of today's solutions. Based off his research developing the SANS Guide to Evaluating Attack Surface Management, Pierre will also provide attendees with 'actionable guidance they can use 'when crafting RFPs and PoCs for ASM projects. 12:45 - 12:55 PM EDT - Randori Attack Platform See how Randori Recon empowers enterprise organizations to understand their attack surface in order to identify blindspots, process failures and dangerous misconfigurations. 12:55 - 1:25 PM EDT - Top IOT/OT Security Attack Vectors Eric McIntyre, @pwnpnw, Director of Research and Development, Randori, @RandoriSecurity Phil Neray, Director of Azure IoT & Industrial Cybersecurity, Microsoft, @Microsoft IoT and OT devices are now everywhere, helping individuals and businesses collect real-time data and automate tasks for greater productivity and efficiency. This is increasingly true in enterprises, as workers rely on a diverse set of smart devices to get their work done. These devices are often unpatched, unmanaged, and invisible to IT and OT teams ' making them soft targets for adversaries seeking to gain access to corporate networks in order to steal sensitive intellectual property or deploy ransomware. In this talk, join Phil Neray from Microsoft and Randori's Eric McIntyre for a look into the top IT and OT Attack Vectors and how organizations are using ASM to reduce their exposure. 1:25 - 2:15 PM EDT - Fireside Chat: Exchanging Zero Days - Where Do We Go From Here? Moderator - Joseph Menn Panelists: Window Snyder, @window, former CISO at Square, Square, @Square Richard Puckett, CISO, SAP, @SAP Stewart Baker, Former General Counsel of NSA David "Moose" Wolpoff, @HexadeciMoose, CTO and CO-Founder, Randori, @RandoriSecurity SolarWinds and Microsoft Exchange were not the first, and they won't be the last, major cyber attacks to leverage zero days to infect tens of thousands of organizations. In this session - attendees will hear from a panel of leading experts from the commercial and public sector on how they see our approaches to security evolving post these two seismic supply chain attacks. Topics discussed will include - what role policies/regulations can play in reducing cyber risk? How can we as a society work together to build more resilient systems? And what role active defense, or "Defending Forward," has in the future of security. 2:15 - 2:25 PM EDT - Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World Joseph Menn, Reuters Cybersecurity Journalist and author Cult of the Dead Cow is the tale of the oldest, most respected, and most famous American hacking group of all time. Though until now it has remained mostly anonymous, its members invented the concept of hacktivism, released the top tool for testing password security, and created what was for years the best technique for controlling computers from afar, forcing giant companies to work harder to protect customers. They contributed to the development of Tor, the most important privacy tool on the net, and helped build cyberweapons that advanced US security without injuring anyone. 2:25 - 2:30 PM EDT - Wrap-up

Data Security Solutions Forum

To be effective, data protection has to be everywhere, from the server to the endpoint, at the office and at home, throughout the cloud and across the web. A company's system must be able to detect data leakage from any path, quickly apply real-time data protection policies, automate incident workflows, and alert the IT team as needed for further investigation. Having an effective understanding of how and where a company's data is stored is essential when trying to protect it. Data stored across multiple devices and cloud services need to be discovered and categorized according to sensitivity and accessibility. The data that a company creates, collects, stores, and exchanges is a valuable asset. Safeguarding it from corruption and unauthorized access by internal or external people protects a company from financial loss, reputation damage, consumer confidence breakdown, and brand erosion. Furthermore, government and industry regulation around data security make it imperative that a company achieve and maintain compliance with these rules wherever you do business.

SANS 2021 Ransomware Detection and Incident Response Report

Ransomware attacks have become some of the most prolific and public intrusions over recent years. Within a matter of hours, organizations can go from normal operations to having an inoperable network and being extorted for tens of millions of dollars. On this webcast, SANS instructor and author Matt Bromiley, as well as sponsor representatives, will share their thoughts on modern detection and response techniques for ransomware breaches.

Demystifying SIEM, EDR, XDR & MDR

CISOs and security practitioners are now being bombarded by new acronyms such as XDR which seem to overlap with “older” acronyms like EDR, SIEM, and MDR.According to Gartner, XDR is mainly attractive to smaller security organizations that don’t currently have a SIEM, and it will likely not displace SIEM functionality in large and mature security operations. And according to Forrester, XDR is grounded in EDR and also on a collision course with SIEM and SOAR.

Less Busy work. More Security.

Save your SOC team hundreds of hours on daily tasks.What does an ideal day in the SOC look like? It certainly wouldn’t include what you’re facing now with an endless stream of alerts, user requests and ad hoc fire drills. But you’re not alone. According to USNews, security analyst jobs rank in the top 25 most stressful jobs.

A Leader's Guide to Security Operations: Improve Productivity with Threat Intelligence and Automation

In The 2021 State of Enterprise Breaches, Forrester® found that enterprises spend a median of 37 days and a mean of $2.4 million to find and recover from a breach.

How to Build a Risk Register That Accounts for Internal and External Risk

An organized, full-coverage risk register can maximize your cybersecurity resources while improving organizational security. Without including third-party risks, however, even the best risk register can fail to stop security incidents. Your risk framework needs to map to internal and external gaps to identify weaknesses and ensure complete coverage.

Foiling Modern Attacks: Map MITRE ATT&CK Tactics to Falco Rules

In this panel with a SANS Analyst, we will discuss how your organization can navigate the complexity of the MITRE ATT&CK framework.

Accelerate Your ASM Journey: Top 10 Attack Surface Management Use Cases

The move to the cloud and increasing remote work have fragmented attack surfaces, making it easy for attackers to find unmanaged assets with critical exposures. Manually finding and remediating these risks is untenable, so security teams need active attack surface management to not just find the unknown exposures but also automatically fix them.

Implementing Attack Surface Management

Selection of an effective Attack Surface Management (ASM) solution can help you identify and mitigate potential threats.

A Journey of Vulnerability Hunting in a Third-Party Plugin in Adobe Acrobat Through Fuzzing

In today’s cybersecurity landscape, zero-day vulnerabilities pose significant threats to software applications, and their discovery is crucial for effective mitigations. Join us in this webinar as we will share our journey in uncovering vulnerabilities in Adobe Acrobat and Foxit PDF Editor, the two most widely used PDF processing applications.