Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses. Once attackers have gained access to your infrastructure, be it through a compromised host or through physical access, they will be looking to gain access to further resources. While there is a wide variety of ways that attackers can use to broaden their footprint in your environment, this webcast will focus on...

Do we ask too much of our security validation platforms? Is it really possible to mitigate risks created by security gaps, vulnerabilities, and external exposure across an entire organization? Yes—it’s all about asking, and answering, the right questions. In this webcast, Senior SANS Instructor Dave Shackleford and Cymulate’s Director of Cyber Evangelism Dave Klein examine the Cymulate Extended Security Posture Management Pl...

Finding flaws is much easier than fixing flaws. That's a fact. Happy to debate it. If this were not the case, we might just have this security thing all wrapped up. There are hundreds of tools that are reasonably successful at telling us what we are doing wrong (think compliance and vulnerability scanners). However, the solutions to these problems are not always as straightforward as they might seem. Sure, our tools and penetration testers wi...

Attackers are circling your cloud-native apps, sniffing your API structure, and lying in wait for one exposed API before they pounce on your vulnerable endpoints. Unfair? Absolutely. So how do you prevent this? Join SANS Senior Instructor Dave Shackleford and a product expert from Traceable as they demonstrate the Traceable AI solution. Watch as they show the importance of API exposure visibility, the realities of detection and prevention, an...

It’s typical for defenders to learn about the latest adversary tactics, techniques, and procedures (TTPs) from a defense perspective – meaning TTPs are viewed from the lens of “how to mitigate this or prevent it from happening again.” Unfortunately, adversaries are smart problem solvers and can quickly adapt to changes made in enterprise security defenses, and even countermeasures. What is it like to view TTPs through t...

The pressure is on! As if there wasn’t enough momentum pushing security and development teams to get applications to the cloud, along came 24 months of remote work, high workforce turnover, and budget reductions. Never has there been more reason or pressure on security and development teams to get mission-critical workloads to the cloud than there is in 2022. Powerful, enabling technologies such as Function-as-a-Service, containers, and...

An attacker needs very little other than open source intelligence (OSINT) to profile an organization or individual successfully. But OSINT can also be used to protect against social engineering. In this webcast, SANS Instructor Jeff Lomas and Picnic’s CEO Matt Polak take a look at how enterprises can neutralize vulnerabilities, reduce their attack surface, and automate continuous risk detection. Register today and be among the first to...

Join SANS Certified Instructor Jean-François Maes as he previews new material directly from the updated SANS SEC699: Purple Team Tactics - Adversary Emulation for Breach Prevention & Detection. Once attackers have gained initial access, they do not want to get caught by the suite of security tools on modern Windows systems. To stay under the radar, attackers leverage Living Off the Land Binaries and Scripts (LOLBAS). These are signe...

Ransomware attacks are no longer “drive-by” events. Encryption is only one of the problems among a list of others that include operational disruption and data exfiltration for extortion, ransom, sale, and re-sale. Join SANS Senior Instructor Jake Williams, SANS Instructor and BlackBerry Principal Incident Response Consultant Ryan Chapman, and BlackBerry Most Distinguished Threat Researcher Dmitry Bestuzhev as they dissect and anal...

Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses. There are many stages in the attack lifecycle in which we can detect or prevent an (advanced) attacker from getting closer to their final objectives. One thing we always come across however is that the attacker likes to persist in your environment, be it for two days, two months, or two years. It is important fr...