Join us on September 30, 2025, at 3:30 pm ET for an in-depth exploration of Google Threat Intelligence, a powerful platform that blends advanced AI capabilities, crowdsourced data, large-scale device scanning, and deep human expertise from Mandiant with the community-driven intelligence of VirusTotal. In this webcast, SANS Instructor Dave Shackleford and Google’s Global Solutions Architect, Ben Cook, will talk about how this platform str...

Vulnerability chaining is the combination of low and medium vulnerabilities to create critical attacks. Due to the massive backlog and sheer volume of vulnerabilities that exist today, it is difficult to remediate every vulnerability across an organization. Come learn about vulnerability chaining identification and remediation to create a holistic and effective vulnerability management program.

Serious Cyber Security Training in Raleigh Unlock the full potential of your cybersecurity career at SANS Raleigh 2025 (September 15-20, ET). Guided by world-renowned instructors at the forefront of the field, this event provides exclusive access to live industry experts, ensuring you stay ahead of the curve. Immerse yourself in a learning environment that features industry-leading hands-on labs, simulations, and exercises, all geared towards...

This hands-on, scenario-driven workshop delves into how attackers move stealthily through Active Directory environments using user impersonation and lateral movement techniques. Participants will explore how attackers exploit credentials and trust relationships to expand their access, and how defenders can detect, prevent, and respond to such threats. Through simulated exercises and guided labs, participants will walk through real-world attack...

As digital transformation accelerates, Zero Trust has become crucial for defending against an increasingly complex threat landscape. The rise in ransomware, credential stealers, supply chain attacks, and disruptive incidents impacting availability in 2024 has underscored the need for resilient cybersecurity strategies that can withstand and adapt to evolving threats. Our 2025 survey focuses on how Zero Trust principles, such as identity manage...

In an era where digital footprints expand faster than security teams can track, managing the attack surface is no longer a reactive task, it’s a continuous battle. Organizations face an evolving threat landscape driven by shadow IT, cloud sprawl, third-party risks, and zero-day vulnerabilities. Yet, many security teams struggle to gain full visibility into their external exposure, let alone remediate risks before adversaries exploit them...

As attackers grow more sophisticated and enterprise environments more complex, security professionals need expert guidance to stay ahead. This webcast offers practical insights into the real-world trade-offs between cloud and on-prem models, single-vendor platforms vs. multitool stacks, and how to strike the right balance between agility and control. Join us on September 16, 2025, at 1:00pm ET for a deep dive into how modern enterprises can ke...

SANS Stay Sharp: Sept 2025 (September 8-10, ET) offers short courses designed to equip you with cybersecurity training you can implement immediately. Whether you are new to the industry, looking for a place to start, or are a seasoned professional looking to sharpen particular skills, SANS Stay Sharp training can help you achieve your goal. View the line-up of courses, and register now to get targeted training designed to help you build specia...

Generative AI (GenAI) and large language models (LLM) entered the cybersecurity zeitgeist nearly three years ago, when ChatGPT became available to the public. The industry immediately saw its potential and scrambled to incorporate it in any way that made sense (and many ways that did not make sense). How have our expectations stacked up against reality? What security problems has GenAI made more manageable, if any? The 2025 SANS AI Survey trie...

Security teams often find themselves reacting to cloud misconfigurations and policy violations after they occur—playing an endless game of security Whack-a-Mole. Instead of relying solely on detection and response, organizations can enforce preventive security measures at scale using cloud-native organization-level controls. In this webinar, we will explore how AWS Service Control Policies (SCPs), Azure Policy, and GCP Organizational Con...