- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
select a course
San Diego, CA - May 9 - 16, 2008
- Event Location & Info
- General Info
- Faculty
- Vendor Expo
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
SANS training gives me the tools I need to do my job.
-Michael Hiramoto, NCI
Vendor Events
Vendor Welcome Reception
Monday, May 12th: 5:00pm - 7:00pm
This informal reception allows you to visit exhibits and participate in some exciting activities. This is a great time to mingle with your peers and experience firsthand the latest in information security tools and solutions with interactive demonstrations.
During the reception you will see important tools and services in a relaxed environment, providing an opportunity to have one-on-one discussions with technical experts from these organizations.
Vendor Expo
Monday, May 12th: 12:00pm - 1:30pm and 5:00pm - 7:00pm
Throughout SANS Security West 2008 vendors will be hosting a number of events including presentations, a one-day vendor solutions expo and various receptions. Experience the latest in network security tools, meet industry leaders and share your thoughts on developments you would like to see in the pipeline.
Cenzic, Inc. Lunch and Learn Presentation- Application Vulnerability Assessments Using a Non-Signature Based Approach
- Speaker: Mike Kazmierczak, Sr. Sales Engineer
- Tuesday, May 13th, 2008 * 12:30pm - 1:15pm
This will be a discussion on how application vulnerability assessments can be performed using Cenzic's Hailstorm line of products. Application security testing strategies will be discussed via the Hailstorm web and fat client interfaces. Attention will be paid to using available browser resources to uncover vulnerabilities and handling state during the testing process.
Mike Kazmierczak has over 12 years of experience within the enterprise software and security market. Much of that experience has included deployments at many Fortune 50 companies.
As Sr. Sales Engineer at Cenzic, a Web application security software company, Mike has worked extensively with customers to deploy and protect their Web sites. Previously as Sr. System Engineer, Mike was the technical contact for Channel Sales at Proofpoint, a messaging security company. While at Netscape/AOL, Mike was a Principal Product Manager for the Netscape Directory Server in addition to being a Principal Consultant within their Professional Services group, deploying the Netscape SuiteSpot.
Core Security Lunch and Learn Presentation
- "Efficient Vulnerability Management with Penetration Testing"
- Speaker: Tim Byrne, Sr. Systems Engineer
- Tuesday, May 13th, 2008 * 12:30pm - 1:15pm
This talk will be an opportunity for attendees to see a live demonstration of automated penetration-testing. In just minutes attendees will see CORE IMPACT safely exploit vulnerabilities in a target network, replicating the kinds of access an intruder could achieve, and proving actual paths of attacks that must be eliminated.
Tim is a Sr. Systems Engineer for Core Security Technologies, providing pre-sales and post-sales support and training for the Core Security Technologies Impact user base. Mr. Byrne has over 10 years of experience working with network and software management tools in addition to over 5 years on Software Security Management. He was also a Systems Engineer with Primus, Groove Networks, and Hewlett Packard specializing in Network Traversal and Software Security management.
LogLogic Lunch and Learn Presentation
- 'Worst Practices' of Log Management
- Speaker: Dr. Anton Chuvakin, GCIA, GCIH, GCFA
- Tuesday, May 13th, 2008 * 12:30pm - 1:15 pm
Want to learn all the terrible mistakes and pitfalls that await you on the path to log management nirvana? Attend "'Worst Practices' of Log Management" presentation by LogLogic that covers all the things that can go wrong while planning, evaluating, deploying and running a log management solution. Insufficient planning, unrealistic expectations, choosing tools on price alone, lack of logging configuration guidance are among such "worst practices." Each common "worst practice" will be accompanied by suggestions to avoid the errors and do things correctly!
Dr Anton Chuvakin, GCIA, GCIH, GCFA is a recognized security expert and author. He is an author and contributor of several books including Security Warrior, Know Your Enemy II, Information Security Management Handbook and Hacker's Challenge 3. Chuvakin has published numerous papers on security issues. He participates in various security industry initiatives and standards organization.