Beyond the Perimeter: Securing What You Don’t Control As software and hardware supply chains grow more complex and globally interconnected, they have also become prime targets for attackers. From deeply embedded vulnerabilities in third-party components to subtle software compromises and counterfeit hardware, today’s supply chain threats are stealthy, sophisticated, and increasingly difficult to detect. Join us for a focused 3-hour...

The annual ICS Security Summit brings together the industry's top practitioners and leading experts from around the globe to share actionable ideas, methods, and techniques for safeguarding critical infrastructure. In-depth talks and interactive sessions will deliver proven advances and approaches that make a real difference for the individuals engaged in this fight every day. Choose Your Experience: In-Person or Live OnlineWhether you're plan...

Security operations centers face relentless pressure to detect and respond to threats around the clock—often with limited staffing and growing alert fatigue. In this 30-minute webcast, SANS Certified Instructor Mark Jeanmougin will examine how Dropzone AI can integrate into existing security stacks, support analyst development, and help SOC teams stay focused on high-impact decisions.We’ll explore how Dropzone AI functions as a vir...

Graphical interfaces are great for quick tasks, but real cloud power users know that mastery of command-line interfaces (CLIs) unlock unparalleled efficiency, automation, and precision. Whether working with AWS CLI, Azure CLI, or Google Cloud CLI, having command-line expertise accelerates cloud operations and gives security professionals, developers, and sysadmins a competitive edge. In this webinar, we’ll demystify cloud CLIs and showca...

Attackers are increasingly targeting critical infrastructure — including power grids, water systems, heavy manufacturing, and oil and gas — with a deep and sophisticated knowledge of ICS components, industrial protocols, and engineering processes. Employing advanced techniques like Living Off The Land (LOTL) strategies, they repurpose legitimate ICS software for malicious purposes. These tactics, when combined with ransomware and I...

Becoming a successful consultant seems like a dream: high pay, freedom, and fascinating work. These can all be true yet there is more to the reality: as a consultant you are running a business, and you need clients! This talk covers what those considering consulting need to know, including getting clients, setting pricing and much more. Whether you aspire to consulting full time or you want to keep your job and consult on the side, we cover th...

Ransomware attacks are widespread because they are highly profitable and effective for cybercriminals. Many organizations are unprepared for such attacks, leading to serious financial and operational damage. The SANS Ransomware Summit brings together cybersecurity professionals to share insights on preventing, detecting, and recovering from ransomware. The Ransomware Summit will explore these topics:Ransomware intrusion emulationRansomware ini...

Modern cloud attacks are fast, stealthy, and constantly evolving—can your security strategy keep up? Join us for an eye-opening session that explores why traditional security tools are falling short and how runtime visibility is becoming a critical pillar of modern cloud defense. What You’ll Learn:Why detecting and responding to cloud attacks is more complex than everHow the dynamic nature of cloud infrastructure challenges traditi...

Implementing cloud security controls is hard. Implementing them at scale is harder. Tools like HashiCorp Terraform and its open-source forks, such as OpenTofu, help organizations consistently enforce security and compliance using Infrastructure-as-Code. Unfortunately, not every security professional knows how to use Terraform, let alone use it securely. Join Brandon to learn all of the Terraform concepts and idiosyncrasies you need to know to...