Last Day for MacBook Air, Dell XPS 13, or $600 Off with Online Training

Austin 2013

Austin, TX | Sun, May 19 - Fri, May 24, 2013
This event is over,
but there are more training opportunities.

Everything I know is wrong! How to lead a security team in a time of unprecedented change and challenge.

  • Stephen Northcutt
  • Monday, May 20th, 7:15pm - 8:15pm

Strong cryptography done correctly can't be defeated! Wrong: a practical attack was published in 2009 against 10 round AES 256, and a theoretical attack against 14 round was published in 2010; quantum key distribution first proved to be flawed in May 2010; and, new attacks continue to be developed. You have to have anti-virus! Well, fine, but it no longer works in a world that generates 30k new variations of malware some days. You should never have more than one service on a server. What about blades and virtualization? Data centers must have raised floors; funny, ours uses risers instead. If you are writing software, put all of your housekeeping such as getting file handles of input and opening scratch files into one function; because if those fail, your program will fail, and this way you can exit with a nice tidy error message. Of course, that introduces a number of TOC/TOU race conditions. If you are registering a domain name, be sure to also get the .net and .org ones to prevent people from using your brand. Okay, what about all the other domain extensions and country codes? The Blackberry is the only PDA that truly has enterprise class management tools and a securable configuration. Hmmm, we read about organizations switching to the iPhone/iPad all the time, Apple must have done something right.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Sunday, May 19
Session Speaker Time Type
General Session - Welcome to SANS Dr. Eric Cole Sunday, May 19th, 8:15am - 8:45am Special Events
APT: It is Time to Act Dr. Eric Cole Sunday, May 19th, 7:15pm - 9:15pm Keynote
Monday, May 20
Session Speaker Time Type
Vendor Showcase Monday, May 20th, 10:30am - 10:50am Vendor Event
Fortinet Next Generation Firewalls Troy Brueckner, CISSP, GISP, VP of Sales and Marketing for Infogressive Monday, May 20th, 12:30pm - 1:15pm Lunch and Learn
Vendor Showcase Monday, May 20th, 12:30pm - 1:15pm Vendor Event
Vendor Showcase Monday, May 20th, 3:00pm - 3:20pm Vendor Event
Everything I know is wrong! How to lead a security team in a time of unprecedented change and challenge. Stephen Northcutt Monday, May 20th, 7:15pm - 8:15pm SANS@Night
So What? The Most Important Question in Information Security Kevin Fiscus Monday, May 20th, 8:15pm - 9:15pm SANS@Night
Tuesday, May 21
Session Speaker Time Type
Evolving Threats Paul A. Henry Tuesday, May 21st, 7:15pm - 8:15pm SANS@Night
Privileged Domain Account Protection: How to Limit Credentials Exposure Mike Pilkington Tuesday, May 21st, 8:15pm - 9:15pm SANS@Night
Wednesday, May 22
Session Speaker Time Type
Risk Analysts are not Auditors Mark Williams Wednesday, May 22nd, 7:15pm - 8:15pm SANS@Night
GIAC Program Overview Stephen Northcutt Wednesday, May 22nd, 8:15pm - 9:15pm Special Events
SANS Technology Institute Open House Stephen Northcutt Wednesday, May 22nd, 8:15pm - 9:15pm Special Events