Digital Forensics and Incident Response, Cloud Security
Explore content featuring this instructor’s insights and expertise.
データの保管場所や方法が変わると、そのデータに関するフォレンジックが不要になったという思い込みが生じることがあるようです。しかしクラウドでは、オンプレミスの環境では存在しない新しいデジタルフォレンジックのケイパビリティや奥の深さが存在します。ただしクラウド環境における証拠保全のための正しい設定やセットアップの方法を理解しておく必要があります。
As vendors develop new software or tools for threat hunting, we need to remember that threat hunting is predominantly a human-based activity in looking for incidents that our automated tools have not yet found, or cannot yet detect. This year, our survey will focus on the hunters themselves and how their organizations support threat hunting. Are hunters asked to complete multiple tasks at once? How much focus is given to threat hunting compared with other cybersecurity tasks? We look further at the skills that threat hunters must hone as that are just starting out, to skillsets of those who have been hunting for many years. We again will compare year-on-year trends to see how organizations have shifted their perspectives on threat hunting.
There is a common tug-of-war between SOC staff, detection engineers and CSIRT/DFIR professionals when determining how important or severe an alert or detection is.
There is a common tug-of-war between SOC staff, detection engineers and CSIRT/DFIR professionals when determining how important or severe an alert or detection is. Detection engineers are continually pushed to find new and creative ways of catching threat actors, whereas SOC and CSIRT staff are on the receiving end of triaging alerts and actioning them.
In recent years, the cyber threat landscape has evolved significantly, blurring the lines between tactics, techniques, and procedures (TTPs) used by cybercrime and nation-state-sponsored attacks. On this webcast, SANS certified instructors Mat Fuchs and Josh Lemon will explore results of our 2024 Threat Hunting Survey, and reveal how organizations are changing their proactive hunting activities and their use of hunting for unusual patterns, behaviors, and artifacts within network traffic and endpoints to catch threat actors who continually try to side-step detections. Register for this webcast now, and you will automatically receive the companion white paper upon publication.
デジタルフォレンジック&インシデントレスポンス(DFIR)の素晴らしい新世界へようこそ! 人工知能(AI)は私たちの町に新しく配属された保安官であり、ハッカソン中のカフェイン中毒のプログラマーのようにいろいろなことをスピードアップさせることができます。
Welcome to the brave new world of Digital Forensics and Incident Response (DFIR), where Artificial Intelligence (AI) is the new sheriff in town, ready to speed things up like a caffeine-addicted programmer during a hackathon.
人工知能(AI)と進化し続けるサイバー脅威の時代において、セキュリティ運用の状況は変化しています。検知とレスポンスに関する調査(2024年)では、検知、対応、およびこれらの重要な機能の組織内での統合の重要な側面について、組織がどのように取り組んでいるかを掘り下げています。この講演では、SANS インストラクターのJosh Lemonが、組織が検出チームと対応チームを別々に維持していることの普及に関する洞察を提供し、そのような決定の背後にある理由と全体的なセキュリティ態勢への影響に光を当てます。
In the age of artificial intelligence (AI) and ever-evolving cyber threats, the landscape of security operations has witnessed a transformative shift. Our 2024 Detection & Response Survey delves into how organizations address critical aspects of detection, response, and the integration of these vital functions within organizations. On this webcast, SANS Certified Instructor Josh Lemon will provide insights into the prevalence of organizations maintaining separate detection and response teams, shedding light on the reasons behind such decisions and their implications for overall security posture. Register for this webcast now, and you will automatically receive the companion white paper upon publication.
In the age of artificial intelligence (AI) and ever-evolving cyber threats, the landscape of security operations has witnessed a transformative shift. Our 2024 Detection & Response Survey delves into how organizations address critical aspects of detection, response, and the integration of these vital functions within organizations. On this webcast, SANS Certified Instructor Josh Lemon will provide insights into the prevalence of organizations maintaining separate detection and response teams, shedding light on the reasons behind such decisions and their implications for overall security posture.
On this webcast, SANS Certified Instructor Josh Lemon will provide insights into the prevalence of organisations maintaining separate detection and response teams, shedding light on the reasons behind such decisions and their implications for overall security posture.
On this webcast, SANS Principal Instructor Josh Lemon will delve into results from the SANS 2025 Threat Hunting Survey. The 2025 survey will analyze how businesses enhance their threat detection capabilities amid an evolving threat landscape, characterized by increasingly sophisticated and rapid adversary tactics.
As cyber threats grow in complexity and frequency, organizations' strategies for detection and response must continuously evolve. The SANS 2025 Detection and Response Survey webcast will delve into the current state of cybersecurity operations, questioning whether the heavy emphasis on endpoint detection is creating new blind spots. By concentrating primarily on endpoints, organizations may narrow their scope and overlook threats emerging from other areas.
