Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Are you interested in context for your cloud or container environment when you investigate an event from last week, last month, or last year? Would it save you time to have IDS alerts that include the full context of the connection? Watch this SANSFIRE 2022 webcast and to see James Schweitzer demonstrate easy to understand, interlinked network evidence, available wherever you need it and which also enables orchestration.

We’ll also look at the past two years to see if global economic impacts have caused any industry changes that give us cause to rethink our approach to threat hunting.. Key topics will include operationalizing threat hunting, innovative threat hunting tactics and techniques, and new tools that can help threat hunting for both endpoints and networks.

Master threat hunting practices to resolve incidents before they impact mission critical assets Learn about threat hunting for all roles and skill levels from CrowdStrike, Humio and Corelight. Learn how modern log management helps quickly identify the root cause of an issue. Get tips on what to look for and best courses of action for prevention and remediation — resolving incidents before they impact your mission critical assets.

Security leaders protect their businesses by using analytics and insights to understand security needs, attack surfaces, and trends. Every company from ‘big box’ travel sites to powerhouse car manufacturers needs to optimize their SOCs, retain talent, and expand business opportunities securely.

As we’ve learned from events like Sunburst and Log4Shell, network telemetry provides essential evidence for catching threats that other tools miss. Watch Senior Director of Product - Cloud Security - Vijit Nair dive into real world use cases from the research team at Corelight -- the creators and maintainers of Zeek. You'll learn how the collection and analysis of cloud network traffic leads to better threat detection and faster response.

The only evidence-first threat investigation platform Investigator is a SaaS-based network detection and response (NDR) solution that combines comprehensive network evidence with machine learning and other analytics integrated into a fast, intuitive search platform to accelerate threat hunting and incident response and consolidates legacy toolsets.

As one of the hottest new buzzwords in the infosec space, XDR means many things to many people. This talk will discuss all of the possible components of an XDR solution through the lens of SOC operations, laying out the pros and cons of various approaches such as SaaS vs on-premise, specialized vs general tooling, etc. for organizations of different size, funding, and maturity levels. Best practice suggestions will be provided throughout, from general principles to specific integration code.

Unmanaged endpoints, vendor security appliances, cloud instances, and IoT devices often lack endpoint protection, creating hiding places that attackers exploit. Using Humio to correlate Falcon endpoint data with Corelight network evidence improves detection capabilities for all of your devices, and makes investigators and hunters faster.

XDR - Extended detection and response - promises to integrate data from any source to stop today's sophisticated and often automated attacks. The key is: Which source? Register for this exclusive session for insights on why network evidence must be a key part of your XDR strategy. Topics to be discussed include how to: Walk away with new ideas on how to stay ahead of ever-changing attacks by using a data-first strategy for detection and response.

The state of cloud security is evolving. Many organizations are implementing new and more advanced cloud security services that offer cloud-focused controls and capabilities, including services and tools that provide network connectivity and security for end users and office locations, security monitoring and policy controls, and identity services, among others.