Special Events

SANS 2007 Vendor Welcome Reception

- Sunday, April 1st: 5:00pm-9:00pm

Please join us for refreshments, snacks and activities at the SANS 2007 Vendor Welcome Reception. There will be plenty of time to meet with your peers as well as visit with vendors' technical staff to get an up-close look at emerging technology and live interactive demonstrations. This is a great opportunity to network and have fun in a relaxed environment. You'll be surprised at how many people you will recognize throughout the week after meeting them at the reception!

Throughout SANS 2007 vendors will be hosting a number of events, including presentations, a two-day vendor solutions expo, and various receptions. Experience the latest in network security tools, meet industry leaders, and share your thoughts on developments you would like to see in the pipeline. Details of the vendor Special Events can be found on the Vendor Events page.

SANS 2007 Keynotes

- How to "S.C.O.R.E." - an opportunity to contribute to SANS/CIS.
(The SANS/CIS partnership and how you can join us)
- Darren L. Bennett - CISSP/Linux Expert/MCSE+I/MCSA/Member-SANS Advisory Board
- Friday, March 30th: 7:00pm-8:00pm

The SANS "SCORE" project wants YOU! Come learn how you can join the SCORE/CIS teams and be a part of writing new, technical Security Checklists and Study Guides. You will also have the opportunity to contribute to and code for security and research related projects. If you would like the opportunity to "get published" on the SANS website, get to know others in the security community, have early access to security tools and share your knowledge with others, then come to this short presentation and learn how.

- Corporate Response to Internet Crime
- Brian Krebs, Technology & Security Reporter for Washingtonpost.com
- Saturday, March 31st: 7:00pm - 9:00pm

Internet crime continues to escalate at alarming rates. It is imperative that information specialists learn more about the individuals and groups responsible for this crime. Participants will examine the profiles of those responsible for about 80% of the industry's spam, viruses, worms and botnet infestations. Discussions will focus on specialties of such cyber criminals, their intentions, and their victims. Large corporations positioned to disable such invasive activity will be identified as comparisons are made among the successes and failures of each.

- Cyber Issues: Internet Threats
- Cameron Malin, Los Angeles Cyber Squad, FBI
- Sunday, April 1st: 7:00pm - 9:00pm

This fast paced presentation by the FBI uses studies of actual intrusions to present a high-level view of hackers' targets, current investigations, and policy issues. Using a re-creation of an actual intrusion as a backdrop, the supervisor of the Los Angeles Cyber Squad will examine current and past cyber cases, discuss securing confidential information, and review the current issues faced by businesses in the US and around the world. He will provide a high-level view regarding hackers' specific targets, intrusion tools, and methodologies, global cyber crime trends, and policy issues. The presentation is framed by actual cases, past and current that have been investigated by the FBI.

- The Insider Threat
- Dr. Eric Cole, SANS Technology Institute
- Sunday, April 1st: 7:00pm - 9:00pm

The need for security is nothing new, and many organizations have been making significant efforts to combat attackers that pose harm to their critical assets. An organization may employ defensive measures such as firewalls, intrusion detection systems, and virtual private networks, just to name a few, as best practice. While organizations have spent significant money on network security, the problem is that most of it has been to prevent, detect and deter the external threat. While the external threat can cause harm and does need to be addressed, the internal threat can cause just as much harm and be devastating to an organization if not properly addressed. The key for an insider is access - this person has the means and methods to perform the attack. Therefore defensive measures that have been successful against the external attacker will not work against the insider. This presentation will look at the insider in detail, ad- dress the problem, and cover creative ways for dealing with and preventing a determined insider from succeeding.

- ADVENTURES...in Anti-Spyware Testing
- Ed Skoudis, Intelguardians
- Monday, April 2nd: 7:00pm - 9:00pm

Many organizations are evaluating and deploying anti-spyware applications to protect themselves from the burgeon- ing plague of spyware on the Internet today. But, comparing anti-spyware product features and protection is a difficult and time-intensive task. This presentation describes various measures of the effectiveness of anti-spyware tools in the enterprise as well as tools to use in evaluating anti-spyware products. We'll also look at the different methods used by anti-spyware and anti-virus tools for detection and examine the raging controversies arising from these different approaches among the vendors and testing community. Finally, we will discuss how various enterprise anti-spyware applications functioned during laboratory testing and provide tips for avoiding the gotchas of doing your own anti- spyware testing.

- Top 10 Oracle Security Risks
- Tanya Baccam, Baccam Consulting
- Monday, April 2nd: 7:00pm - 9:00pm

Database security is often overlooked in an organization's security plan and architecture. Organizations spend time and money securing the network infrastructure, operating systems, and even applications, but the databases are often missed and left wide open. The issue is that our databases often store one of our most important and critical business assets - data. Data provides information, information provides knowledge, and knowledge is power! Data must be protected. Database security is critically important, and organizations need to take a closer look at the key issues related to database security. This keynote is an introduction to some of the Oracle Database risks that exist and highlights the "Top 10" critical areas that organizations should address first when securing their Oracle Databases.

SANS Quiz Show

- Rob Kolstad, Quizmaster
- Tuesday, April 3rd: 6:00pm - 8:00pm

Please join quizmaster Rob Kolstad for a challenging and fast-paced evening of quiz-show action on Tuesday evening, April 3rd. Conference attendees will compete on-stage for fabulous prizes by answering questions about technology, general knowledge, and popular culture. Host Rob is a pro at comforting contestants who forget their first name; a good time will be had by all.

PaulDotCom Security Weekly: Live!

- Paul Asadoorian, Larry Pesce, Defensive Intuition/PaulDotCom, "The Mason" & "Twitchy", PaulDotCom
- Wednesday, April 4th: 5:30pm - 7:00pm

PaulDotCom Security Weekly is a weekly podcast that discusses the latest security news, vulnerabilities, and research in a lighthearted, fun, and entertaining environment. Come watch the show live as Larry and Paul record, participate in show topics, ask questions, and win free stuff! This is your chance to see us live and be a part of our show, contributing to the content and having fun along the way. Visit our web site http://pauldotcom.com for more information.