Top 10 Summit Talks of 2018

SANS Summits bring together cyber security practitioners and leading experts to share and discuss case studies, lessons learned, new tools, and innovative strategies to improve cyber security and overcome challenges in a particular focus area or industry. Check out these top talks from 2018 and plan to join your cybersecurity community at a Summit in 2019.

1. Living in the Shadow of the Shadow Brokers

Presented by Jake Williams at SANS DFIR Summit | 2019 DFIR Summit & Training

Hear about the history of the Shadow Brokers and the implications of their actions for infosec and DFIR from one of the group's targets.

2. Finding and Decoding Malicious Powershell Scripts

Presented by Mari DeGrazia at SANS DFIR Summit | 2019 DFIR Summit & Training

Malicious PowerShell scripts are becoming the tool of choice for attackers. Although sometimes referred to as "fileless malware", they can leave behind forensic artifacts for examiners to find. In this presentation, learn how to locate and identify activity of these malicious PowerShell scripts.

3. SANS Secure DevOps Survey: Sneak Preview

Presented by Frank Kim at SANS Secure DevOps Summit

 In this talk, Frank Kim shares the 2018 Secure DevOps Survey results and key takeaways for developers and security practitioners.

4. The Most Dangerous Game: Hunting for Post-Exploitation attacks with Elastic Stack and the MITRE ATT&CK Framework

Presented by John Hubbard at SANS Security Operations Summit | 2019 Security Operations Summit & Training

John discusses the unique challenges of finding post-exploitation activity in our mountains of data. He also demonstrates using the open source Elastic Stack to identify the techniques enumerated in MITRE's ATT&CK framework.

5. Hunting Hidden Empires with TLS - Certified Hypotheses

Presented by Dave Herrald and Ryan Kovar at SANS Cyber Threat Intelligence Summit | 2019 Cyber Threat Intelligence Summit & Training

This talk focuses on expanding on techniques that have been researched and presented at various conferences by Mark Parsons, and specifically on his methods for using TLS certificates to find malicious malware infrastructure.

6. Fast Forward: Reflecting on a Life Watching Movies and a Career in Security

Presented by Jason Chan at SANS Secure DevOps Summit 

Netflix's VP of Information Security talks about some trends in the movie industry that relate well to similar changes in technology and security.

7. The Science of Security: The Psychological Impacts of Security Awareness Programs

Presented by Shayla Treadwell at SANS Security Awareness Summit | 2019 Security Awareness Summit

This presentation examines how through security awareness programs utilizing positive psychology principles – Engagement, Relationships, Meaning, Achievement, and Positive Emotions – we can directly impact the security risk appetite, behaviors and overall culture of our organizations and bring back the positivity in information security.

8. You're Probably Not Red Teaming (And Usually I'm Not, Either)

Presented by Deviant Ollam at SANS ICS Security Summit | 2019 ICS Security Summit

In this talk, Deviant offers up a straightforward metric for untangling these terms, and then share tips, stories, and advice on tools that can help you in future Pen Tests or (if you're truly performing them) Red Team Engagements.

9. Information Anarchy: A Survival Guide for the Misinformation Age

Presented by Rebekah Brown at SANS Cyber Threat Intelligence Summit | 2019 Cyber Threat Intelligence Summit & Training

This talk discusses how we got to the state we are in, and how to identify accurate information versus intentional misinformation and misinformation born of confusion.

10. The Challenge of Adversary Intent and Deriving Value Out of It

Presented by Robert M. Lee at SANS Cyber Threat Intelligence Summit | 2019 Cyber Threat Intelligence Summit & Training

One of the most challenging intelligence requirements is determining adversary intent. Understanding why the challenge exists, how to move towards understanding perceived intent, and the role it plays in satisfying intelligence requirements is vastly important to helping intelligence customers succeed. This presentation introduces use cases and case studies that show the value of going through this process correctly and helping others become more successful.


(Still) Stalking the Wily Hacker

Cliff Stoll was the keynote speaker at SANS Pen Test HackFest Summit in November. His keynote was this year's highest-rated talk. Since it is not yet published, we've included Cliff's talk from the 2017 SANS Cyber Threat Intelligence Summit.