- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
select a course
Orlando, FL - April 18 - 25, 2008
- Event Location & Info
- General Info
- Faculty
- Vendor Expo
Excellent, relevant, immediately useful information. I can't wait to get back to the office to try it out.
-Steve Zehl, USGS
Vendor Events
Vendor Welcome Reception
Monday, April 21st: 5:00pm - 8:00pm
This informal reception allows you to visit exhibits and participate in some exciting activities. This is a great time to mingle with your peers and experience firsthand the latest in information security tools and solutions with interactive demonstrations.
During the reception you will see important tools and services in a relaxed environment, providing an opportunity to have one-on-one discussions with technical experts from these organizations.
Vendor Expo
Monday, April 21st: 12:00pm - 1:30pm and 5:00pm - 8:00pm
Tuesday, April 22nd: 12:00pm - 1:30pm
All attendees are invited to meet with leading providers of firewalls, intrusion detection/ prevention systems and enterprise security management who will be demonstrating their latest solutions. The SANS 2008 Vendor Expo showcases product offerings from key technology providers in the commercial tools and services market. Vendors arrive prepared to interact with SANS' technically savvy audience, presenting technical demonstrations and explanations. It's about having your questions answered!
LogLogic Student Breaks - Tabletop Exhibit
- Sunday, April 20th, 2008 * 10:00am - 4:00pm
Secure Passage Student Breaks - Tabletop Exhibit
- Sunday, April 20th, 2008 * 10:00am - 4:00pm
Core Security Lunch and Learn Presentation
- "Efficient Vulnerability Management with Penetration Testing"
- Speaker: Anthony Alves, CISSP and Sr. Systems Engineer
- Sunday, April 20th, 2008 * 12:30pm - 1:15pm
This talk will be an opportunity for attendees to see a live demonstration of automated penetration-testing. In just minutes attendees will see CORE IMPACT safely exploit vulnerabilities in a target network, replicating the kinds of access an intruder could achieve, and proving actual paths of attacks that must be eliminated.
Anthony Alves is a CISSP and a Sr. Systems Engineer for Core Security Technologies, providing pre-sales and post-sales support and training for the Core Security Technologies Impact user base. Mr. Alves has more than 8 years of experience working with network and computer security products and tools. He was a Systems Engineer with SonicWALL, Intel Corporation, and Shiva Corporation specializing in their firewall and VPN products.
Core Security Cocktail Brief
- "End-User Security Testing Made Easy"
- Speaker: Anthony Alves, CISSP and Sr. Systems Engineer
- Tuesday, April 22nd, 2008 * 6:00pm - 7:15pm
Client-side vulnerabilities are the weakest link of choice for many attackers today, leaving many security professionals asking questions about end-user security: "Is Bob in accounting opening emails from Nigeria? Are our interns running outdated, unsecure or unauthorized applications? Where are my real client-side risks?" Join Anthony Alves, lead systems engineer with Core Security, for a look at how you can easily assess your end-users' susceptibility to email-based attacks and identify exploitable vulnerabilities on their systems. The session will include a demonstration of client-side penetration testing with CORE IMPACT.
Anthony Alves is a Sr. Systems Engineer for Core Security Technologies, providing pre-sales and post-sales support and training for the Core Security Technologies Impact user base. Mr. Alves has 10 years of experience working with network and computer security products and tools. He was a Systems Engineer with SonicWALL, Intel Corporation, and Shiva Corporation specializing in their firewall and VPN products.
Net Optics, Inc. Evening Brief
- "Taps in IT Network Analysis and Security Monitoring"
- Speaker: Dan McCarthy, Reseller Channel Manager
- Tuesday, April 22nd, 2008 * 6:00pm - 7:15pm
Net Optics presents an overview on the value and features that are inherent to Test Access Port (Tap) technology and how Taps are used in network analysis and security monitoring. Learn how both IT network and security professionals can share a common point of access to network traffic.
Dan McCarthy manages the Reseller Channel at Net Optics. In this role he works with resellers to develop passive monitoring solutions for customer networks. He is well versed in the entire Net Optics product line and is a frequent speaker for Net Optics.
Sourcefire Cocktail Brief
- "The Evolution of Network Security Technologies"
- Speaker: Martin Roesch, CTO and Founder, Sourcefire®, Inc.
- Tuesday, April 22nd, 2008 * 6:00pm - 7:15pm
Mr. Roesch will explore what lies beyond IPS and how you can get there. He will address the importance of having context as part of real-time networking security monitoring. Mr. Roesch will also address the value of technologies such as Network Behavior Analysis, Vulnerability Assessment, and Network Access Control.
Martin Roesch founded Sourcefire in 2001 and serves as its CTO. An authority on intrusion prevention technology and forensics, he is responsible for the technical direction and product development efforts. Mr. Roesch is also the author and lead architect of the SNORTR Intrusion Prevention System that forms the foundation for the Sourcefire 3DT System.
StillSecure Student Breaks - Tabletop Exhibit
- Wednesday, April 23rd, 2008 * 10:00am - 4:00pm
Cenzic, Inc. Lunch and Learn Presentation
- Application Vulnerability Assessments Using a Non-Signature Based Approach
- Speaker: Douglas Simpson, Senior Systems Engineer
- Wednesday, April 23rd, 2008 * 12:30pm - 1:15pm
This will be a discussion on how application vulnerability assessments can be performed using Cenzic's Hailstorm line of products. Application security testing strategies will be discussed via the Hailstorm web and fat client interfaces. Attention will be paid to using available browser resources to uncover vulnerabilities and handling state during the testing process.
Douglas Simpson is a Senior Systems Engineer with Cenzic. With nearly a decade of hands-on experience in network and systems security, Douglas has helped clients on a variety of issues such as system audits, network vulnerabilities, risk assessments and employee security awareness. In his role at Cenzic, Douglas focuses on Web Application Security for Fortune 1000 organizations.
Norman Data Defense Systems Lunch and Learn Presentation
- Fighting Self-Defending Malware
- Speaker: Matt Allen, Technology & Forensics Analyst
- Wednesday, April 23rd, 2008 * 12:30pm - 1:15pm
The session will discuss self defending code techniques used in today's malware. Live malicious samples will be used to demonstrate solutions for dealing with advanced packers, rootkits, and encrypted data sent over the network.
Matt Allen: With backgrounds in computer and information sciences as well as business, Matt Allen has worked in a number of different roles at Norman over the past 5 years, varying from incident response to web and software development. Matt is currently working with the SandBox team on various projects ranging from development to marketing.
Rapid7, Inc. Lunch and Learn Presentation
- Web Application Vulnerability Scanning For Security Administrators
- Speaker: David Precopio, VP Product Management
- Wednesday, April 23rd, 2008 * 12:30pm - 1:15pm
Web Application exploits and breaches are increasingly more targeted and more costly to organization of all sizes. This presentation will outline the need for a powerful and intelligent all-in-one vulnerability management solution. Participants will leave with an understanding of how to protect their global assets, secure mission critical data and protect their customers from hackers and exploits.
David Precopio has over 20 years experience in security and web application companies such as Cisco, SSH Communications Security, and Citrix Systems. At Citrix, Mr. Precopio helped develop Citrix Secure Gateway and Application security solutions. While at SSH, Mr. Precopio was responsible for helping develop OpenSSH, SSL/TLS, IPSec and IPv6 standards. In addition, Mr. Precopio was called as a security expert to speak in front of the US Dept of Commerce on exporting security technologies.
Savant Protection Lunch and Learn Presentation
- The Last Line of Defense for a Multi-layered Security Strategy
- Speaker: Ken Steinberg, President & CTO
- Wednesday, April 23rd, 2008 * 12:30pm - 1:15pm
No security vendor can promise 100% protection from zero day attacks. Even multi-layered approaches cannot mitigate unknown or targeted attacks, until now.
Savant is the last line of defense in multi-layered security by containing and eliminating the ability of unknown or targeted crimeware attacks to spread from system to system.
Ken Steinberg is the founder, President and CTO of Savant Protection. He brings a track record of over two decades in computing and high technology. As founder of the company in 2004, Steinberg has responsibility for its day-to-day operations, overall direction, as well as its technological and business strategies. Prior to Savant, he held senior positions with DEC, Hughes, Hitachi, Softbank and at the John Von Neumann Super Computing Center for the National Science Foundation.
Sourcefire, Inc. Lunch and Learn Presentation
- "The Future of Snort"
- Speaker: Martin Roesch, CTO and Founder, Sourcefire®, Inc.
- Wednesday, April 23rd, 2008 * 12:30pm - 1:15pm
With over 3,000,000 downloads, Snort is the most widely deployed and trusted intrusion detection and prevention technology worldwide. How will Snort evolve over the next couple of years to keep up with the ever-changing network security landscape? Join Mr. Roesch as he shares his vision of future Snort features.
Martin Roesch founded Sourcefire in 2001 and serves as its CTO. An authority on intrusion prevention technology and forensics, he is responsible for the technical direction and product development efforts. Mr. Roesch is also the author and lead architect of the SNORTR Intrusion Prevention System that forms the foundation for the Sourcefire 3DT System.
Fortify Software Lunch and Learn Presentation
- Announcing Fortify 360 - supporting Business Software Assurance with the first integrated application security solution.
- Tom McKnight, Software Security Consultant
- Thursday, April 24th, 2008 * 12:30pm - 1:15pm
Nearly every major application today contains vulnerabilities ready to be exploited by skillful hackers. While experts agree that the majority of security breaches stem from software, the industry has been unable to find meaningful or practical solutions. Until now.
Fortify 360 is the first integrated solution redefining application security and setting the standard for safe computing. By identifying vulnerabilities in software quickly and precisely, Fortify 360 dramatically reduces the risk of catastrophe from cyber attacks.
Join us to learn how Fortify 360:
- Provides complete application security coverage for Development, QA and Production
- Finds the most vulnerabilities possible in the industry today
- Enables a new paradigm of collaboration amongst security teams, developers and executives.
Guardium Lunch and Learn Presentation
- Do You Know What it Takes to Secure Enterprise Databases & Pass Your Audits Effortlessly?
- Speaker: Ron Ben-Natan, Ph.D., Chief Technology Officer
- Thursday, April 24th, 2008 * 12:30pm - 1:15pm
Understand why databases are so hard to secure and what information you need to pass your audits effortlessly (SOX, PCI-DSS, SAS70, etc.). Learn best practices for database auditing, configuration assessment, change tracking, access control and securing multi-tier applications such as Oracle EBS, PeopleSoft & SAP - without hiring armies of consultants.
As Guardium CTO, Dr. Ben-Natan architected the industry's first solution for both protecting databases in real-time and creating a continuous audit trail of all database transactions, with 11 patents pending. Mr. Ben-Natan holds a Ph.D. in distributed computing and has authored 10 technical books on distributed applications and security, including Implementing Database Security and Auditing.
SenSage Lunch and Learn Presentation
- Using SenSage 4.0 and Cisco MARS for Security and Compliance at PFF Bank & Trust
- Speaker: Jim Lairmore, VP and Information Security Manager, PFF Bank & Trust
- Thursday, April 24th, 2008 * 12:30pm - 1:15pm
How PFF leverages the rich new features in SenSage's new 4.0 product to combine security information management and real time alerting to monitor the network and achieve compliance. Monitoring, audit and compliance challenges are greater than ever because of increased regulatory requirements, ever increasing complexity in technologies and IT environments, and a lack of predictability and visibility across infrastructures. Find out how PFF addressed these challenges and became compliant by monitoring:
- System configuration changes
- Group and user changes
- Remote network access
- Invalid log-on attempts
- New users and computers on the network
Jim Lairmore is a Vice President and Information Security Manager at PFF Bank & Trust with over 8 years of experience working with both software and hardware based security tools. He has a deep understanding of log management and monitoring, system administration, network administration, network auditing, operations, project management, and IT management. He has a bachelor's degree in IT security as well as several certifications including CISSP, GSEC and CCNA.