- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
select a course
Washington, DC - July 25 - August 3, 2007
The level of expertise is unprecedented. People like Ed are hard to find!
-Steve O'Brien, City of Bend
Work Study opportunities still available for SANSFIRE 2007. Please visit Work Study Facilitator Page to submit an application.
SANS @Night
Cyber Issues: Internet Threats
- SSA Brad Bleier
- Washington DC FBI Division
- July 26, 5:15pm - 6:45pm
This fast paced presentation by the FBI uses studies of actual intrusions to present a high-level view of hackers' targets, current investigations, and policy issues. Using a re-creation of an actual intrusion as a backdrop, the supervisor of the Los Angeles Cyber Squad will examine current and past cyber cases, discuss securing confidential information, and review the current issues faced by businesses in the US and around the world. He will provide a high-level view regarding hackers' specific targets, intrusion tools, and methodologies, global cyber crime trends, and policy issues. The presentation is framed by actual cases, past and current that have been investigated by the FBI.
"State of the Internet" Panel Discussion
- Saturday, July 28th, 7pm - 9pm
- Johannes Ullrich, Marc Sachs
Malware Problem (from an ISP Perspective)
- Donald Smith, Qwest - SANS ISC Handler
- Sunday, July 29: 7:00pm-8:00pm
Consumers frequently look to their ISP to prevent and mitigate malware infections. A common technology to provide this feature are "walled gardens". This talk will introduce the implementation of a walled garden at a major US ISP. Business goals, mitigation strategy and technical implementation of the walled garden are discussed. The results from a trial implementation will be presented.
The Many Faces of Malware
- Lorna Hutcheson, SANS ISC Handler
- Sunday, July 29: 8:00pm-9:00pm
The world of malware is an ever changing and increasing complex landscape. Sadly, the days of malware just being a pure virus or worm are nearing their end. Today, malware has many faces and some of those are becoming increasingly very dark and sinister. When most people think of malware, they usually associate it with something whose effect is limited to a computer. But what happens when malware and the real world collide...or can they? This presentation will explore the many faces of malware with specific focus on its potential convergence with the real world.
Enterprise Log Management with FOSS software: A Solution that Works!
- Dave Hoelzer
- Monday, July 30: 7pm-8pm
If you ask an IT auditor, CIO or IT security program manager what one technology they really need to fix in their enterprise, the most common answer is, "Our log management system." The reaction from the ones who didn't give this answer is usually, "You've got a log management system?"
Let's face it, everyone says that log management and analysis is important, most of us try to do it, but very few of us have a truly effective solution. This keynote will present a completely FOSS solution to this problem that will allow you to deploy in fifteen minutes or less (after you install the OS, of course!) a complete, centralized, log aggregation and management solution in your enterprise.
Fast Flux
- William Salusky and Robert Danford, SANS ISC Handlers
- Monday, July 30th: 7:00pm-8:00pm
We will overview a threat that is not terribly well understood in the by the security, investigative and response community which enables online criminal activity and maintains the anonymity of malicious hosting. Fast flux service networks represent an evolution in cybercrime that enables redirection of malicious/illegal/spamvertised website traffic through compromised machines around the world. We'll look at the problem, identify recent infection vectors, overview a case study of a flux network and identify network detection and mitigation methods.
"Implementing an Enterprise Incident Management Support Infrastructure"
- Adrien de Beaupre and Natasha Hellberg, SANS Internet Storm Center
- Bell Canada
- July 30, 8:00pm-9:00pm
Critical to the success of security incident management is the appropriate use of technology, processes, and people to perform the enormous task of monitoring for and mitigating incidents in an enterprise class organization.
There are many models, frameworks, best practices, guidelines, and architectures that exist for each of sensors, security devices, and incident management. However little guidance exists on the integration of these.
This presentation will address many of the challenges and issues in the implementation of an enterprise incident management support infrastructure.