Free webinars, training events, and CE credit opportunities for security professionals
This post discusses a 150-million-year-old fossil of a fish that choked to death on a belemnite rostrum, an extinct squid-like animal's shell. It also includes a link to the blog's new moderation policy, which is presented as a topic for discussion.
This article uses a humorous 'Jumbo Flying Squid' post as an opportunity to engage readers in discussing security news not covered by the author. It also mentions an updated blog moderation policy.
This article presents a curated list of the best hacker movies for security professionals. It chronologically lists films like "War Games" and "Sneakers," providing plot summaries, genres, and critical ratings for each.
Peru has increased its squid catch limit for artisanal fishing, with the author clarifying that the "giant squid" mentioned likely refers to a smaller species. The post also serves as an open forum for readers to discuss other security news not covered by the author and links to a new blog moderation policy.
This is a summary of the SANS Internet Storm Center's Stormcast podcast for February 19th, 2026. The Stormcast is a daily podcast providing a brief overview of current cybersecurity threats and vulnerabilities.
The article discusses the use of cyber ranges beyond skill assessment and training, highlighting their potential for advanced capabilities like testing threat hunting techniques, evaluating security controls, and conducting attack surface simulations. It emphasizes the role of cyber ranges in building and maintaining operational resilience by providing a realistic yet controlled environment for various security operations.
This BrightTALK InfoSec presentation discusses the key elements of establishing an effective threat detection and response program. It emphasizes proactive, intelligence-driven approaches, scalability, and the integration of people, processes, and technology for early threat detection and effective response.
The article highlights the shift from reactive incident response to proactive threat prevention through strategic Security Operations (SecOps) programs. It emphasizes the importance of integrating skilled personnel, advanced automation tools, and threat intelligence methodologies for enhanced security and operational efficiency. The session aims to teach businesses how to build a resilient SecOps program.
This BrightTALK InfoSec session explores the use of generative AI in SecOps to automate and enhance threat intelligence processes. It covers how generative AI tools can automate tasks like malware analysis and threat report generation, improving detection and response times.
The article discusses the increasing reliance on AI and machine learning to manage cyber threats, highlighting that 69% of organizations believe they need AI assistance. It emphasizes the importance of human-AI collaboration to improve threat detection accuracy and reduce false positives in threat intelligence operations. The article promotes a BrightTALK presentation by Charles Kolodgy on optimizing threat intelligence programs through human-AI collaboration.
This BrightTALK InfoSec session explores the use of AI in proactive cybersecurity defense. It focuses on how AI can predict and prevent attacks by analyzing patterns, identifying vulnerabilities, and automating preemptive actions using machine learning models, behavioral analytics, and anomaly detection.
This BrightTALK presentation, led by Alex Holden, discusses the strategic implementation of automation in cybersecurity defenses. It emphasizes the importance of balancing AI, automation, and human judgment to achieve optimal security outcomes, cautioning against blind trust in automated systems.
This NIST blog post introduces a series of Q&A style blogs for Cybersecurity Awareness Month in October. The series, titled 'Staff Stories Spotlight,' features NIST staff members discussing their backgrounds and projects in cybersecurity. The theme for Cybersecurity Awareness Month 2024 is 'Secure our World.'
This NIST blog post introduces a series of Q&A-style blogs for Cybersecurity Awareness Month in October 2024. The series, titled 'Staff Stories Spotlight,' will feature NIST staff members and their experiences in cybersecurity, focusing on the theme 'Secure our World'. The blog emphasizes the increasing centrality of technology in our lives.
This NIST blog post introduces a series of Q&A style articles for Cybersecurity Awareness Month 2024, focusing on staff stories and their perspectives on the theme 'Secure our World.' The series aims to highlight diverse backgrounds and projects within the cybersecurity field during October.
This NIST blog post is part of a series for Cybersecurity Awareness Month 2024, featuring Q&A sessions with NIST staff members. The series aims to highlight the diverse backgrounds and projects of individuals working in the field of cybersecurity and privacy.
This article promotes a WiCyS and Cisco webinar focused on online safety in an interconnected digital world. The webinar aims to teach attendees how to protect themselves from hidden online threats. A recording will be available for those who cannot attend the live session.
This article describes a session focused on designing a responsive security playbook for Security Operations Centers (SOCs). Key takeaways include defining fundamentals, aligning with best practices, simplifying communication, and integrating postmortems with the business environment.
This article is an announcement for a webinar hosted by BCyber focusing on lessons learned from past data breaches. The webinar aims to help attendees prepare for future security challenges by analyzing key breach themes and historical experiences.
This article is an announcement for a presentation by John Bambenek on BrightTALK InfoSec. The presentation's specific topic is not detailed, but its placement on an InfoSec platform indicates a focus on cybersecurity-related themes.
WiCyS and the National Cybersecurity Scholarship Foundation (NCSF) are launching a pilot program, Cyber FastTrack, for community colleges. The program aims to fund creative initiatives to engage cybersecurity students, offering scholarship opportunities and seeking innovative outreach strategies to attract diverse participants.
This article describes an upcoming webinar hosted by SentinelOne, a WiCyS Strategic Partner, focusing on the importance of curiosity in fostering a gender-equal world. The webinar aims to provide attendees with tangible steps to cultivate curiosity and advance others, particularly within the cybersecurity field.
This article discusses common failures in cybersecurity awareness training, often due to being boring, condescending, or inaccurate. It proposes a new approach that leverages principles from sales, marketing, ethical hacking, education theory, and creative writing to make training more engaging and impactful by generating empathy, tension, and emotional investment through storytelling.
This article discusses how to create a compelling proposal to speak at technical cybersecurity conferences. It highlights the value conference organizers place on new voices and offers advice on honing expertise to increase acceptance rates, drawing on the experiences of industry influencers who turned rejections into opportunities.
This article discusses the role and operations of a Security Operations Center (SOC) and highlights a session that offers insights from a woman's perspective within this male-dominated field. Attendees will learn about daily SOC activities, work-life balance challenges, and career growth strategies.
VERIS (Vocabulary for Event Recording and Incident Sharing) is a set of metrics and a framework designed to standardize the description and sharing of cybersecurity incidents and data breaches. The VERIS A4 Threat Model, comprising Actors, Actions, Assets, and Attributes, aids in threat modeling, intelligence analysis, and improving incident response.
This article emphasizes that simply having a Security Operations Center (SOC) is insufficient for robust organizational protection. It highlights the necessity of continuous validation and optimization of people, processes, and technology within a SOC to effectively counter evolving threats. The session aims to teach attendees about the importance of SOC validation, the components of a continuous improvement program, and how automated red teaming and breach and attack simulation (BAS) can facilitate this validation.
This article aims to demystify cloud security concepts for a non-technical audience by comparing complex cybersecurity jargon to magical spells from the Harry Potter universe. It proposes simplifying explanations of security issues, focusing on the root cause of unauthorized code execution rather than technical buzzwords.
