00:32
DFIRCON 2024 Pre-Event Community Day
00:31
DFIRCON Miami 2024: Special Edition
01:52
SANS FOR518: Mac & iOS Forensic Analysis & Incident Response
01:50
Undecided about taking the new FOR589: Cybercrime Intelligence Course?
29:51
Automating incident response: scalable & fast, within minutes
29:09
Machine Learning for Enhanced Malware Detection & Classification
48:58
Keynote | Days of Future Past: The Impacts of GenAI on Cybersecurity
36:32
Llama: The Fast-File Processor with No Drama
35:01
The Tortured Responders Department: Scott & Rebekah's Version
34:34
How persistent is an APT? Battling Three Threat Actors in a Single Environment
34:51
Additional Microsoft Cloud Data Sets You May Not Be Looking At But Probably Should
30:45
Leveling Up Ghidra: Learn Ghidra Plugins with a Game Boy Game
34:24
Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs
32:31
Not All Androids Who Wonder Are Lost. Exploring Android's Find My Device System
25:18
Cutting Through the Chaos: File Detection and Analysis Using Strelka
31:45
Rise of the Drones: Modern Drone Forensic Opportunities
33:45
Forensic Analysis of Compromised VPN Appliances by Advanced Actors
31:12
Getting down and dirty with Mac imaging
33:28
Dormant Devices, Chatty Logs: Extracting Forensic Artifacts from Seemingly Idle iOS Devices
34:39
The Allure of The Hunt: Drawing New Talent Into DFIR
28:13
The SaaS-y Side of Incident Response
44:32
Ghost in Your Supply Chain
29:00
Cloud Kleptos: Lessons Learned Responding to Scattered Spider
52:23
Panel | Going Dark: DOS’ing Yourself for the Better
33:53
Atomic Ransomware Emulation
44:41
Keynote | Behind the Screens: Decrypting the Ransomware Diaries
26:59
Ransomware Data Leak Sites: The Uncomfortable Truths
32:35
Strategies for Active Defense against Pre-Ransomware and Ransomware Attacks
27:48
Evolution of Ransomware Tactics in 2023: Insights from The DFIR Report
33:30
Ransomware Running Wild in the Cloud
24:55
Unmasking Cyber Shadows: A Tactical Approach to Hunting Ransomware TTPs
02:17
Rob T. Lee - Federal officials warn of attacks on water utilities
05:09
FOR585: Smartphone Forensic Analysis In-Depth course overview
04:43
FOR578: Cyber Threat Intelligence Course Overview
01:03
Why take FOR578 OnDemand? with Robert M. Lee
02:17
Rob T. Lee - Could LockBit, ransomware provider have been behind Lurie hack?
02:26
Rob T. Lee Chicago's Lurie Children's Hospital RANSOMWARE ATTACK
05:47
FOR589: Cybercrime Intelligence Overview
22:38
FOR528: Ransomware & Cyber Extortion Course Overview
01:37:51
Thinking DFIRently From Entry to Specialty
39:19
How to Leverage Cloud Threat Intelligence Without Drowning: The Zero-Noise Approach
38:40
Beyond the Basics: The Role of LLM in Modern Threat Intelligence
35:52
Applying Threat Intelligence Practically to Meet the Needs of an Evolving Regulatory Environment
35:05
How an Info Sharing Analysis Center Works w/ its Members to Improve Cyber Defenses for Their Sector
37:47
Bridging the Intelligence Divide: Building CTI Blueprints for Value-Based Production
29:56
How Threat Intelligence Helped Us Defend and Respond to a Nation-State-Sponsored Threat Actor
35:03
Clustering Attacker Behavior: Connecting the Dots in the RaaS Ecosystem
37:52
Threat Intelligence is a Fallacy, but I May be Biased
38:13
Deep Dive into Supply Chain Compromise: Hospitality’s Hidden Risks
33:08
Beyond Cryptojacking: Studying Contemporary Malware in the Cloud
34:38
Why Won’t They Listen? – ConnectingYour CTI to Decision Makers
46:57
Cybersecurity is GeoPolitical: Lessons From the Fight Against Mercenary Spyware Proliferation
40:39
Intellimation: Guidance for Integrating Automation in Your Cyber Threat Intelligence Program
34:27
The Cyber-Hobbit:There and Back Again in CTI
37:32
Navigating the Digital Battlefield: A Framework for Geopolitical Cyber Risk Assessment
38:20
Sharing Compared: A Study on the Changing Landscape of CTI Networking
46:45
Let’s Be Honest About MITRE ATT&CK® Mappings and the “So What”
37:10
Zero to CTI: A Novice’s Journey into Threat Intelligence
47:09
Revisiting the Indicator: Towards a Threat Intelligence Ontology
58:21
OSINTer: Automating the CTI Heavy Lifting the Open Source Way!
X
About
Over 80% of all breach victims learn of a compromise from third-party notifications, not from internal security teams. In most cases, adversaries have been rummaging through your network undetected for months or even years.
Incident response tactics and procedures have evolved rapidly over the past several years. Data breaches and intrusions are growing more complex. Adversaries are no longer compromising one or two systems in your enterprise; they are compromising hundreds. Your team can no longer afford antiquated incident response techniques that fail to properly identify compromised systems, provide ineffective containment of the breach, and ultimately fail to rapidly remediate the incident.
A thorough understanding of many detailed areas is required for success, including a mastery of the following fundamental skills covered by the SANS Digital Forensics and Incident Response (DFIR) YouTube Channel.
Tags