Final Week to get a Free GIAC Cert Attempt or $350 Off with OnDemand and vLive Training!

Atlanta 2019

Atlanta, GA | Tue, May 28, 2019 - Sun, Jun 2, 2019
Event starts in 6 Days
 

Automating NIST Risk Management Framework (RMF) / 800-53

  • Peter Szczepankiewicz
  • Thursday, May 30th, 7:15pm - 8:15pm

Doing good Cybersecurity is so much more than inspection compliance. We've all seen it. You're 100% compliant and can still get hacked! But after decades of gathering security information from your global enterprise, measured in gross tonnage, the converse is also true. Weighed down with lakes of data, very interesting things start to happen when you view portions of your data through the lens of the NIST Risk Management Framework. You realize that there are phantom scripts running around in your network, written by our own staff. People on vacation have accounts that are somehow still actively logging in and out, from many VPNs! Your vulnerabilities, coupled with your outbound packets reveal file-less malware that doesn't use command and control. As a standard course of action, one should be detecting violations in real time, as well as searching with this lens. Come learn about specific real time correlation rules that your peers are using for NIST RMF and join in this discussion about what is working in the field. While not all of NIST RMF can be automated, what can be automated should be automated.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Tuesday, May 28
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Tuesday, May 28th, 8:00am - 8:30am Special Events
Moving Past Just Googling It: Harvesting and Using OSINT Micah Hoffman Tuesday, May 28th, 7:15pm - 8:15pm SANS@Night
Wednesday, May 29
Session Speaker Time Type
E-ISAC Overview and "Ask Me Anything" Sam Chanoski from the E-ISAC Wednesday, May 29th, 7:15pm - 8:15pm SANS@Night
Thursday, May 30
Session Speaker Time Type
Automating NIST Risk Management Framework (RMF) / 800-53 Peter Szczepankiewicz Thursday, May 30th, 7:15pm - 8:15pm SANS@Night