Hands-On Cyber Security Training Taught by Real-World PractitionersAttend in San Francisco, CA or Live OnlineExperience immersive cyber security training relevant to today’s top cyber threats. Join us in San Francisco or Live Online for SANS San Francisco Spring 2022 (March 21-26), and learn from experienced industry practitioners.SANS San Francisco Spring 2022 Features In-Person or Live Online training (see Available Courses for details...

New to cybersecurity, looking for a career change, or just want to enhance your skillset? We can help! Cybersecurity offers some of the most challenging and well-paying careers around, and by some estimates, up to 35% of cybersecurity jobs openings go unfilled. The SANS New2Cyber Summit will get you started with the skills you need to succeed in the industry. This free online event brings together leading experts eager to share the fundamental...

Threat hunting in ICS environments must consider safety. IT and ICS systems have different missions, objectives, impacts during an incident, and different assets like embedded operating systems, and engineering devices speaking non-traditional industrial protocols. Adversaries targeting ICS must use different attack tactics and techniques for access, execution, collection, and persistence, etc., to degrade safety, manipulate control, damage ph...

The state of cloud security is evolving. Many organizations are implementing new and more advanced cloud security services that offer cloud-focused controls and capabilities, including services and tools that provide network connectivity and security for end users and office locations, security monitoring and policy controls, and identity services, among others. The SANS 2022 Cloud Security Survey explores the types of services organizations a...

Protecting critical infrastructure through Operational Technology (OT)/Industrial Control System (ICS) cyber defense is an ever-changing and evolving field required to continually adapt cybersecurity strategics to meet new challenges and threats—all while maintaining the safety and reliability of facilities and production operations. The purpose of this survey is to poll organizations that operate OT systems– this includes ICS, OT,...

Our 2022 Survey on infrastructure operations is designed to explore how organizations are utilizing cloud-native applications and integrating those applications within their security monitoring and response capabilities. We continue to see growth of adopting of cloud-native applications, but larger issues always remain. As we adopt and utilize more and more cloud-native applications, is the security team able to keep up with newer forms of tel...

Threat hunting in ICS environments must consider safety. IT and ICS systems have different missions, objectives, impacts during an incident, and different assets like embedded operating systems, and engineering devices speaking non-traditional industrial protocols. Adversaries targeting ICS must use different attack tactics and techniques for access, execution, collection, and persistence, etc., to degrade safety, manipulate control, damage ph...

Over the past year, the world continued to shift—remote work was extended, sometimes permanently, the workforce expanded in some places and contracted in others, and the concepts of essential work and services were redefined. Throughout all this change, cyber threat intelligence professionals needed to adapt, stay focused, and watch for similar changes in the threat landscape. The 2022 CTI Survey webcast tracks the changes in both the wo...

In 2021, the industry witnessed no shortage of API-related security incidents resulting from leaky APIs, vulnerable system APIs, authorization flaws, and more. Companies like Experian, Microsoft, and Peloton all made the news, and some impacts are still playing out. Data breaches aren’t the only area of concern for organizations. Account takeovers, privacy impacts, system compromises, and business logic abuse are equally damaging. Join...

Interactive Cyber Security Training Taught by Industry ExpertsJoin us Live Online for interactive training during SANS Cyber Security Mountain 2022 (Feb 14-19, MST) to learn directly from real-world practitioners and develop invaluable cyber security skills. Choose your course and register now for immersive training with hands-on labs, plus opportunities to network with your peers. SANS Cyber Security Mountain 2022 Features Practical cyber sec...