SANS Institute

Vendor Reception

- Friday, July 7th: 5:00pm - 7:00pm

Throughout SANSFIRE 2006 vendors will be hosting a number of events including presentations, a two-day vendor solutions expo and various receptions. Experience the latest in network security tools, meet industry leaders and share your thoughts on developments you would like to see in the pipeline.

Vendor Expo

- Thursday, July 6th: 12:00pm - 1:30pm; 5:00pm - 7:30pm
- Friday, July 7th: 12:00pm - 1:30pm; 5:00pm - 7:00pm

All attendees are invited to meet with leading providers of firewalls, intrusion detection/ prevention systems and enterprise security management who will be demonstrating their latest solutions. The SANSFIRE 2006 Vendor Expo showcases product offerings from key technology providers in the commercial tools and services market. Vendors arrive prepared to interact with SANS technically savvy audience, presenting technical demonstrations and explanations. It's about having your questions answered! For a list of exhibiting vendors see: www.sans.org/sansfire06/vendorexpo.php.

Check the most current listing of exhibiting vendors at: www.sans.org/sansfire2006/vendorexpo.php

Core Security Lunch & Learn Presentation

- Saturday, July 8th: 12:30pm - 1:15pm
- Salon 2
- Efficient Vulnerability Management with CORE IMPACT
- Alex Horan, Systems Engineering Manager

This talk will be an opportunity for attendees to see a live demonstration of automated penetration-testing. In just minutes attendees will see CORE IMPACT safely exploit vulnerabilities in a target network, replicating the kinds of access an intruder could achieve, and proving actual paths of attacks that must be eliminated.

ForeScout Lunch & Learn Presentation

- Saturday, July 8th: 12:30pm - 1:15pm
- Salon 3
- Successfully Deploying Network Access Control without Disruptions
- Chris Davis, Security Engineer

The emergence of Network Access Control (NAC) technologies have given network administrators the necessary tools to automatically enforce network and security policies, prevent network downtime, and maintain network integrity. To ensure a successful deployment, a NAC rollout strategy must be developed to minimize user disruption and maximize network uptime. During this lunch, Chris Davis will discuss the best practices for achieving successful implementation of NAC, including key success criteria for NAC implementation, methods for integrating into existing infrastructures, including a comparison of client vs. client based implementations, along with a recommended process for rolling out NAC.

Qualys Lunch & Learn

- Saturday, July 8th: 12:30pm - 1:15pm
- Salon 1
- Enterprise Vulnerability and Compliance Management Best Practices
- Eric Levin, Senior Director of Product Marketing

To face the never ending count of security threats and new regulatory challenges, corporations must identify, remediate and document vulnerabilities on critical assets. As CISOs and security officers scramble to face these challenges, building an integrated vulnerability and compliance framework becomes a necessity. This enables organizations to fix vulnerabilities within the ever changing network and to produce proof of compliance across multiple regulations.

This lunch and learn presentation will provide:

• An overview of enterprise requirements for vulnerability and compliance management
• Best practices for deploying an integrated vulnerability and remediation workflow within an enterprise
• Lessons learned from a real world implementation
• Hands on demonstration

TriGeo Lunch & Learn Presentation

- Saturday, July 8th: 12:30pm - 1:15pm
- Lincoln 4
- Using SIEM Technology to Defend Against Network Attacks and Insider Abuse
- Michelle Dickman, President

In this live presentation you'll see how SIEM technology can leverage its enterprise-wide perspective to capture, correlate and respond to business threats. You'll see the SIEM technology's real-time response to policy violations, insider threats, network attacks, virus attacks, unauthorized application usage, inappropriate web browsing and USB mass storage devices.

Watchfire Lunch & Learn Presentation

- Saturday, July 8th: 12:30pm - 1:15pm
- Lincoln 3
- Web Application Security 101: Minimizing Your Online Risk
- Dan Gravelle Security Consultant for Watchfire

Dan Gravelle will provide valuable insight into several web application hacking techniques - such as Cross-Site Scripting, Forceful Browsing and SQL Injection -- that are being used today to maliciously attack web-facing applications. Learn how Watchfire's AppScan(R) automated web application security testing solution helps enterprises manage and secure, web applications before hackers can exploit them.

Net Optics Hands-On TAPS Workshop

- Saturday, July 8th: 5:30pm 6:45pm
- Washington B-South
- Fred Jankowiak, Director of Marketing

Net Optics Learning Center presents a short overview of Test Access Point (TAP) technology and its place in the network. Immediately following will be an extended hands-on demonstration of a variety of innovative Net Optics Taps at work in a simulated network. Light refreshments will be provided.

Computer Associates Lunch & Learn Presentation

- Sunday, July 9th: 12:30pm - 1:15pm
- Salon 3
- Addressing Compliance and Risk...a practical plan to get started
- John Hawley, Director of Product Management

The CIO wants to you measure risk, the auditors want you to demonstrate compliance. It's easy to say, but how do you deliver it? Any way you slice it, this is a big project and hard requirements don't exist. We'll discuss how to establish, measure and monitor some key risk factors applicable to any environment. This getting started plan will address the basics of risk (host configuration and vulnerabilities) and compliance (identity and access management) to deliver an actionable dashboard, insightful reporting and timely violation alerting. With a solid auditing foundation and a quick win, you'll have some breathing room and an extensible platform to extend your depth and coverage.

Rippletech Lunch & Learn Presentation

- Monday, July 10th: 12:30pm - 1:15pm
- Salon 1
- IT Infrastructure and Database Security Log Management for Large Enterprises
- Michael Hoehl, CISM, ISSAP, ISSMP-CISSP: Head of IT Security Operations, Guardian Life Insurance Company

Attendees will listen and discuss the lifecycle a large enterprise goes through to secure their IT infrastructure and databases using Security Log Management. Michael Hoehl, will share his experiences (successes and failures) meeting compliance requirements, operational service level agreements, and corporate security standards with logging.

Stonesoft Lunch & Learn Presentation

- Monday, July 10th: 12:30pm - 1:15pm
- Virginia Suite AB
- Be Less of a Firefighter and More of a Firecracker: 6 Key Considerations for Agile Detection, Response and Remediation
- Mark Boltz, Stonesoft Solutions Architect, CISSP

The increased use of Web-enabled applications and the continued reliance on the Internet to transmit confidential data, voice and video traffic not only has IT managing more network traffic and complexity, but it also exposes the business to the risk of downtime and to the costs resulting from compromised data. As regulatory mandates are becoming stricter and network-born threats more sophisticated, todays network security professionals are under tremendous pressure to keep enterprise networks running securely, efficiently and honestly. This session will take a look at critical strategies for managing LAN/WAN security and lowering the risks of downtime.

Sourcefire Cocktail Brief

- Monday, July 10th: 5:30pm - 6:45pm
- Washington 5
- Snort(R)Its Past, Present, and Future Value
- Martin Roesch, Founder and CTO of Sourcefire, Creator of Snort

With over 3 million downloads, Snort is the most widely deployed intrusion detection and prevention technology in the world and is de facto standard for the industry. Join Martin Roesch as he discusses why Snort is so appealing and why it will continue to be so.

CipherTrust Lunch & Learn Presentation

- Tuesday, July 11th: 12:30pm - 1:15pm
- Salon 2
- The State of Messaging Security
- Robert Crawson, Security Engineer

The state of messaging security is strong, as the security industry has made the environment a difficult one for spammers and propagators of malware, who are always looking for ways to derive revenue from their efforts. This discussion will discuss the following: the state of various messaging threats including zombies, Instant Messaging and VoIP, as well as the current and future state of e-mail security.

Sourcefire Lunch & Learn Presentation

- Tuesday, July 11th: 12:30pm - 1:15pm
- Salon 1
- One-Click Compliance Enforcement: Is It Really That Easy?
- Martin Roesch, Founder and CTO of Sourcefire, Creator of Snort

More and more, auditors want to see compliance on a continuous basis to be assured of continuous network security. Join Martin Roesch as he discusses how it is possible to define and set network compliance policies with the click of a mouse and get immediate notification of any policy violation.