Overview
Explore
Labs
Services
Events
Partners
What's popular
Security Priorities for 2025
In this report, our security experts outline four key areas to focus on in 2025
Security Operations
This learning series provides knowledge pertaining to understanding Threat Detection and Incident Response fundamentals to enhance threat detection, response, and mitigation across diverse cyber security environments. In addition, you will learn the basics about network security and how next-generation firewalls (NGFW) fits in and establish a baseline knowledge to help aid you through the Next-Generation Firewall learning paths.
Elastic Endpoint Security Lab
Elastic Security provides a different approach to EDR by combing EDR and SIEM capabilities which leads to reduced mean time to detect and respond to threats. Elastic Security for endpoint prevents ransomware and malware, detects advanced threats and arms responders with vital investigative context, such as prioritized detections to help stop alert fatigue.
CrowdStrike Proving Ground Lab
WWT's ATC CrowdStrike Proving Ground Lab exists to showcase the CrowdStrike Falcon platform's web UI and ability to alert on, and prevent, breaches using cloud data and machine learning.
Next-Generation Firewall (NGFW)
This learning series will explore Next-Generation Firewalls (NGFW), which are advanced network security devices that combine traditional firewall capabilities with additional features such as intrusion prevention, application awareness and control, and advanced threat protection. These firewalls go beyond the capabilities of traditional firewalls by providing deeper inspection of network traffic and more granular control over applications and user activities.
What's new
Cyber Insights Report - May 12, 2025
A massive Oracle Cloud breach exposed 6 million records, highlighting vulnerabilities in SaaS supply chains and the urgent need for modernized SOCs. This incident challenges enterprises to rethink security strategies, emphasizing visibility, response and accountability in multi-cloud environments. How prepared is your organization for such a cyber threat?
CyberArk Privileged Account Management Lab
Explore the essential features of CyberArk Privileged Access Security (PAS) in this lab, showcasing its capabilities in managing and auditing privileged accounts across Windows and Linux environments. Discover how CyberArk PAS enhances security through automated password management and secure session monitoring.
CrowdStrike Proving Ground Lab
WWT's ATC CrowdStrike Proving Ground Lab exists to showcase the CrowdStrike Falcon platform's web UI and ability to alert on, and prevent, breaches using cloud data and machine learning.
SentinelOne Endpoint & AI SIEM Foundations Lab
Welcome to the SentinelOne Endpoint & AI SIEM Foundations lab provided by the WWT ATC! This lab provides you with a sample environment where you can gain hands-on experience with the SentinelOne solution.
Doomsday Prep: How to Keep Your Business Alive During a Ransomware Attack
With 88 percent of organizations facing at least one ransomware attack annually, the focus must shift from just prevention to survival.
The solution: Minimum Viable Recovery (MVR) — a practical approach to recovering just enough to keep the business running. This is about achieving Minimum Viable Business, not full restoration.
Understanding North Korea's Cyber Tactics
In this episode of the Privileged Exec podcast, Matt Berry interviews Steve Stone, SVP of Threat Discovery and Response at SentinelOne. They discuss Steve's military background, leadership style, mentorship, cybersecurity skills shortage, AI's evolving role, and fostering innovation through collaboration between experienced and younger professionals.
Five Considerations for Successful Identity and Access Management Architecture
Discover the five considerations needed to effectively incorporate Identity and Access Management (IAM) into your business.
How Palo Alto Networks is Revolutionizing Security Operations with XSIAM
Cortex XSIAM revolutionizes cybersecurity by integrating AI, automation, and comprehensive visibility into a unified platform. Experience an autonomous SOC that empowers teams to focus on strategic threat hunting and proactive protection.
Resetting the Foundation: Visibility, Control and Real-Time Action with Tanium
In today's fast-paced digital world, IT security and operations have become increasingly complex. However, there's a growing need to return to the fundamentals, emphasizing simplicity and focusing on what truly matters. This blog will explore the key areas where IT security and operations can benefit from getting back to basics.
Understanding the DPRK Remote Worker Threat
North Korean cyber operatives are increasingly sophisticated, using AI-enhanced deception and exploiting privileged roles to infiltrate global enterprises. This article explores their evolving tactics, critical vulnerabilities, and strategies to bolster cybersecurity defenses against these advanced persistent threats.
A CTO's Primer on Breach & Attack Simulation: Part 3 - Solution Comparison
Explore the cutting-edge advancements in breach and attack simulation (BAS) by AttackIQ and Mandiant Security Validation. Discover how AttackIQ's Informed Defense Architecture and Mandiant's intelligence-led approach, powered by Google Cloud, are revolutionizing security validation and empowering organizations to stay ahead of evolving cyber threats.
A CTO's Primer on Breach & Attack Simulation: Part 2 - Common Challenges
Breach and attack simulation (BAS) is vital for proactive security validation, yet faces distinct challenges in on-premise, cloud and hybrid environments. This report explores these challenges, including high costs, scalability issues, dynamic infrastructures and integration complexities, highlighting the need for tailored BAS approaches to ensure robust security across diverse infrastructures.
A CTO's Primer on Breach & Attack Simulation: Part 1 - Market Landscape
Breach and attack simulation (BAS) tools are revolutionizing cybersecurity by automating threat testing. While tools like AttackIQ and Mandiant Security Validation lead the market, organizations must prioritize their unique needs over flashy features. This article explores how to select the right BAS solution to align with strategic goals and optimize security.
Partner POV | Role-based views for every security team
Empowerment and speed for security teams without losing unified cloud context.
Hands-On Lab Workshop: LLM Security
In this event, you will gain the knowledge and tools to identify, mitigate, and prevent security risks, strengthening the reliability and security of your AI systems. WWT's Prompt Injection and Training Data Poisoning labs help users understand and defend against two major LLM security threats. The Prompt Injection Lab demonstrates how attackers manipulate LLMs with deceptive inputs to extract sensitive data or execute unintended actions, while the Training Data Poisoning Lab explores how corrupting training or retrieval data can introduce biases , vulnerabilities, or backdoors.
A Practitioner's Guide: SOC of the Future
Is the future here? Can we build a scalable, agile foundation that leverages robust data management and pipelines to enable real-time alerting? Can it leverage AI-augmentation and automated responses to proactively detect and mitigate threats? I think we may be close...
Securing AI Transformation with WWT's Jim Kavanaugh and Cisco's Jeetu Patel
As AI adoption accelerates across industries, businesses face unprecedented challenges in securing their AI-driven transformations. In this exclusive fireside chat, Cisco EVP and Chief Product Officer Jeetu Patel and WWT Co-founder and CEO Jim Kavanaugh discuss the latest breakthroughs in AI security and how enterprises can more confidently innovate while safeguarding their AI applications.
Jeetu and Jim will also explore the global landscape and its impact on the future of enterprise AI; provide practical guidance on how to craft an AI strategy that balances the need for speed with the necessity of caution; and talk about emerging AI solutions and how they can integrate into your IT strategy.
Hour of Cyber: Security Operations
As cyber threats grow in complexity, a resilient, high-performance Security Operations Center (SOC) is essential. Explore the core functions of security operations while examining the technologies shaping modern SOCs. Learn how AI, machine learning and high-performance computing improve detection speed, automate response and strengthen security posture.
Hour of Cyber: Platform Optimization
In an era of increasing complexity, platform optimization has emerged as a strategic approach to enhance operational efficiency and security. By unifying multiple functions into a single platform, organizations can simplify management, improve threat detection and achieve significant cost savings. Explore the benefits of enhanced visibility, reduced security complexity and operational agility.
A Practitioner's Guide: Detections within Security Operations
The analytics engine, sometimes referred to as a detection engine, is the core of a modern security operations center (SOC), generating high-fidelity alerts and adding context so responders can quickly identify and act on threats. In this article we discuss the evolution of security operations detections, and the major players in the space.