Become more effective at your job with hands-on cyber security training in Austin. Save $350 thru 9/25.

Boston 2015

Boston, MA | Mon, Aug 3 - Sat, Aug 8, 2015
This event is over,
but there are more training opportunities.
 

Hunting Your Adversary - How to Operate and Leverage an Incident Response Hunt Team

  • Rob Lee, Fellow, SANS Institute
  • Monday, August 3rd, 7:15pm - 9:15pm

Over 80% of all breach victims learn of a compromise from third-party notifications, not from internal security teams. In most cases, adversaries have been rummaging through your network undetected for months or even years. Incident response tactics and procedures have evolved rapidly over the past several years. Data breaches and intrusions are growing more complex. Adversaries are no longer compromising one or two systems in your enterprise; they are compromising hundreds. To counter this, many incident response teams are either responding to incidents or hunting for the next ones. As a result, Incident Response Hunt teams have become a dedicated component to most modern SOCs. Incident response techniques that collect, classify, and exploit knowledge about these adversaries - collectively known as cyber threat intelligence - enable network defenders to establish a state of information superiority that decreases the adversary's likelihood of success with each subsequent intrusion attempt. Learn how IR/Hunt teams are formed, operate, best practices, and how they engage their targets across the enterprise. Learn how to hunt your adversaries or simply become another victim.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Lunch & Learn: Short presentations given during the lunch break.
Monday, August 3
Session Speaker Time Type
General Session- Welcome to SANS Rob Lee Monday, August 3rd, 8:15am - 8:45am Special Events
Hunting Your Adversary - How to Operate and Leverage an Incident Response Hunt Team Rob Lee, Fellow, SANS Institute Monday, August 3rd, 7:15pm - 9:15pm Keynote
Tuesday, August 4
Session Speaker Time Type
Prevent - Detect - Respond Justin Kallhoff, CEO and Founder, Infogressive Tuesday, August 4th, 12:30pm - 1:15pm Lunch and Learn
iOS Game Hacking: How I Ruled the Worl^Hd and Built Skills For AWESOME Mobile App Pen Tests Josh Wright Tuesday, August 4th, 7:15pm - 8:15pm SANS@Night
Instant Expert: Legitimately and Ethically Ted Demopoulos Tuesday, August 4th, 8:15pm - 9:15pm SANS@Night
Wednesday, August 5
Session Speaker Time Type
Adopting an Attacker Mindset with Core Impact Pro® Joe DiGregorio, Customer Experience Engineer, Core Security Wednesday, August 5th, 12:30pm - 1:15pm Lunch and Learn
Identity is the New Perimeter Dean Thompson, VP of Technical Services Wednesday, August 5th, 12:30pm - 1:15pm Lunch and Learn
Instant Layered Security For Your Cloud Servers Michael Young, Cloud Security Evangelist Wednesday, August 5th, 12:30pm - 1:15pm Lunch and Learn
Uncovering "Unknown Unknowns": Detecting Compromise Before it Becomes a Crisis Jim Penrose, EVP of Cyber Intelligence Wednesday, August 5th, 12:30pm - 1:15pm Lunch and Learn
The 14 Absolute Truths of Security Keith Palmgren Wednesday, August 5th, 7:15pm - 8:15pm SANS@Night
The Internet of Evil Things Johannes Ullrich Wednesday, August 5th, 8:15pm - 9:15pm SANS@Night
Thursday, August 6
Session Speaker Time Type
Continuous Monitoring and Real-World Analysis Seth Misenar and Eric Conrad Thursday, August 6th, 7:15pm - 8:15pm SANS@Night
DFIR Advanced Smartphone Forensics Cindy Murphy Thursday, August 6th, 8:15pm - 9:15pm SANS@Night
This event is over,
but there are more training opportunities.
 
Downloads
Share
Latest Whitepapers

Elevating Enterprise Security with Fidelis Cybersecurity: Network and Deception
By Matt Bromiley

Exploring Osquery, Fleet, and Elastic Stack as an Open-source solution to Endpoint Detection and Response
By Christopher Hurless

A New Needle and Haystack: Detecting DNS over HTTPS Usage
By Drew Hjelm

Last 25 Papers »

Latest Tweets @SANSInstitute

Webcast Reminder | September 23rd at 1 PM ET: https://t.co/Q [...]
September 23, 2019 - 1:02 PM

Looking for #cybersecurity training in Maryland? Check out t [...]
September 23, 2019 - 12:02 PM

#Cybersecurity skills shortage soars near 3 million. Be pa [...]
September 23, 2019 - 10:45 AM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.

"SANS is a great place to enhance your technical and hands-on skills and tools. I thoroughly recommend it."
- Aaron Waugh, Datacom NZ Ltd

"SANS always provides you what you need to become a better security professional at the right price."
- Rasik Vekaria, BP