Unlock the full potential of your cybersecurity career at SANS San Francisco Winter 2025 (January 27 - February 1, PT). Guided by world-renowned instructors at the forefront of the field, this event provides exclusive access to live industry experts, ensuring you stay ahead of the curve. Immerse yourself in a learning environment that features industry-leading hands-on labs, simulations, and exercises, all geared towards practical application...

How does Continuous Attack Surface Management help disrupt Nation State hackers and cyber criminals? In this presentation we will discuss challenges traditional penetration testing faces and how new ideas and ways of thinking can help offensive services provide higher value and improved deliveries. We’ll explore the concept of an Offensive Security Operations Center and the technology, ideas and methodology behind it.

As cyber threats grow in sophistication and scale, organizations must rely on actionable, contextualized Cyber Threat Intelligence (CTI) to secure operations, mitigate risks, and meet evolving business or mission objectives. Yet, CTI professionals face significant challenges, from filtering actionable insights from overwhelming volumes of data to countering rapidly evolving threat tactics like AI-driven attacks and fileless malware. Limited sk...

As cyber threats grow in sophistication and scale, organizations must rely on actionable, contextualized Cyber Threat Intelligence (CTI) to secure operations, mitigate risks, and meet evolving business or mission objectives. Yet, CTI professionals face significant challenges, from filtering actionable insights from overwhelming volumes of data to countering rapidly evolving threat tactics like AI-driven attacks and fileless malware. Limited sk...

Join Our Webcast on Enhancing Water and Wastewater Utility Security This webcast will dive into the key findings of a critical survey assessing the safety and security challenges in the water and wastewater utility sector. With a focus on Industrial Control Systems (ICS), SCADA, and Distributed Control Systems (DCS) used in water treatment and distribution, we’ll explore emerging trends, highlight survey results, and share best practices...

Cloud enthusiasts often tout how using a public cloud service provider helps mitigate ransomware attacks. Unfortunately, this is not true by default. Regardless of where files are stored, an attacker can download them, make them inaccessible to the target organization, and demand a payment for restoring their mission-critical data. Why the misconception? The first time most people use "the cloud" is when they use OneDrive, Dropbox, iCloud, Goo...

Join Us for a Critical Webcast on Enhancing Water and Wastewater Utility Security on Thursday, 23 Jan 2025 at 1:00 PM EST.This webcast will dive deep into key findings from the latest survey assessing safety and security challenges in the water and wastewater utility sector. With a particular focus on Industrial Control Systems (ICS), SCADA, and Distributed Control Systems (DCS) used in water treatment and distribution, we’ll explore eme...

SANS Stay Sharp: Jan 2025 (January 21-23, ET) offers short courses designed to equip you with cybersecurity training you can implement immediately. Whether you are new to the industry, looking for a place to start, or are a seasoned professional looking to sharpen particular skills, SANS Stay Sharp training can help you achieve your goal. View the line-up of courses below, and register now to get targeted training designed to help you build sp...

SIEM's complicated evolution has resulted in unsustainable cost increases, scope creep, and the occasional declaration that the product space is essentially dead. Thanks to deep expertise in search and data management, access to OSINT and frontline intelligence, and AI-infused features, Google SecOps demonstrates that the SIEM still has plenty of gas in the tank. Discover how SecOps is ushering in the "SIEM's Third Act" by addressing the limit...

In this workshop, SANS instructor and lead author of SEC565: Red Team Operations and Adversary Emulation, Jean-Francois Maes, will walk the audience through a guided hands-on workshop where common Active Directory Privilege Escalation Attacks are going to be discussed and executed using Empire version 5. Attacks that will be conducted:KerberoastingDCSyncingHopping parent/child trust using SID historyAbusing Unconstrained DelegationAt the end o...