Register Here
If you plan to attend virtually, do not submit your information below. Use the buttons within the agenda sections above to register for the virtual sessions
View Agendas and Register
Wednesday, 12th March 2025: 2 Expert Talks
Date: Wednesday, 12th March 2025
Location:
Grand Copthorne Waterfront Hotel
392 Havelock Rd
Singapore 1696636:00 – 6:30 pm
Registration6:30pm - 7:30 pm
Improving Windows Event Log Analysis With Yamato Security Tools
Zach Mathis, Certified Instructor7:45pm - 8:45pm
The Evolving Cyber Threat Landscape: A SANS Perspective
Rich Greene, Certified Instructor CandidateAbstracts:
Improving Windows Event Log Analysis With Yamato Security Tools
As approximately 75% of desktop computers are using Windows, this is still the main operating system that attackers will target and hence the main OS that incident responders have to respond to and figure out how the computer was compromised, what did the attackers do, what other systems were compromised, etc... Unfortunately, the default log settings are completely inadequate and do not provide enough details for the investigators. Furthermore, even when proper logging is enabled, analysts face various challenges such as Windows logs are mostly noise, logs are separated across hundreds of files, fields are not normalized, messages are often cryptic, etc... making log analysis traditionally a very tedious and unpleasant task. Zach Mathis, the project leader for the Yamato Security tools, will explain about how to properly configure your logs in a practical manner and how to perform easy and scalable analysis with Hayabusa and Takajo, two free open-source tools. Hayabusa is a fast forensics timeline generator and threat hunting tool utilizing over 4000+ open-source Sigma detection rules. It is currently the only free and open-source tool that fully supports the Sigma specification letting your analysts detect the most complex attacks with the highest precision and customization. Takajo will further automate the most common analysis tasks as well as provide a dynamic web report to quickly triage alerts and compromised computers.The Evolving Cyber Threat Landscape: A SANS Perspective
In “The Evolving Cyber Threat Landscape: A SANS Perspective,” we examine the leading cyber threats organisations face today and how adversaries exploit both technological and human vulnerabilities. From increasingly targeted ransomware and social engineering tactics to the misuse of AI-driven tools, we highlight the real-world impact of these attacks across critical industries. We then discuss proactive defenses such as Zero Trust architectures, threat hunting, and secure AI deployment to provide actionable steps for strengthening security postures in a rapidly changing threat environment.Wednesday, 19th March 2025: SANS 2024 Detection & Response Survey: Transforming Cybersecurity Operations: AI, Automation, and Integration in Detection and Response
Date: Wednesday, 19th March 2025
Location:
Grand Copthorne Waterfront Hotel
392 Havelock Rd
Singapore 1696636:00 – 7:00 pm
Registration7:00pm - 8:00 pm
SANS 2024 Detection & Response Survey: Transforming Cybersecurity Operations: AI, Automation, and Integration in Detection and Response
Josh Lemon, SANS Principal InstructorAbstract:
In the age of artificial intelligence (AI) and ever-evolving cyber threats, the landscape of security operations has witnessed a transformative shift. Our 2024 Detection & Response Survey delves into how organizations address critical aspects of detection, response, and the integration of these vital functions within organizations. On this webcast, SANS Certified Instructor Josh Lemon will provide insights into the prevalence of organizations maintaining separate detection and response teams, shedding light on the reasons behind such decisions and their implications for overall security posture.