Forensic Campus - "Detecting Persistence Mechanisms"
- Alissa Torres
- Monday, December 10th, 8:15pm - 9:15pm
Often times, artifacts of persistence created by an attacker in order for their malware to survive on a system are important leads to unravel the adversary's methodologies. These techniques, including registry keys, scheduled tasks and other methods, can be excellent indicators for the signature creation used in enterprise scanning. How do you find these valuable artifacts? What tools can you use to aid in their discovery? This presentation covers the common persistence techniques used in today's malware and the forensic techniques and tools that can be used to uncover them.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
Monday, December 10
| Session |
Speaker |
Time | Type |
| Forensic Campus Open House inviting non-attendees to reception |
— |
Monday, December 10th, 6:00pm - 7:00pm |
Reception |
| Women in Technology Meet and Greet |
— |
Monday, December 10th, 6:30pm - 7:15pm |
Reception |
| Top 8 Steps for Effective Mobile Security |
Josh Wright, Ed Skoudis |
Monday, December 10th, 7:00pm - 8:00pm |
Special Events |
| Building a Portable Private Cloud |
Paul Henry |
Monday, December 10th, 7:15pm - 8:15pm |
SANS@Night |
| Forensic Campus - "Malware Analysis Essentials using REMnux" |
Lenny Zeltser |
Monday, December 10th, 7:15pm - 8:15pm |
SANS@Night |
| Gone In 60 Minutes |
David Hoelzer |
Monday, December 10th, 8:15pm - 9:15pm |
SANS@Night |
| Forensic Campus - "Detecting Persistence Mechanisms" |
Alissa Torres |
Monday, December 10th, 8:15pm - 9:15pm |
SANS@Night |
Tuesday, December 11
| Session |
Speaker |
Time | Type |
| Vendor Expo |
— |
Tuesday, December 11th, 12:00pm - 1:30pm
Tuesday, December 11th, 5:00pm - 7:00pm |
Vendor Event |
| Unleashing the Dogs of (cyber) War |
Ed Skoudis |
Tuesday, December 11th, 6:30pm - 8:30pm |
SANS@Night |
| SANS Technology Institute Open House |
Chancellor Toby Gouker |
Tuesday, December 11th, 7:15pm - 8:15pm |
Special Events |
| Knock-off Phone Forensics -Some Handsets Aren't What They Appear To Be |
Heather Mahalik |
Tuesday, December 11th, 7:15pm - 8:00pm |
SANS@Night |
| SANS Technology Institute Master's Presentation |
Jim Horwath |
Tuesday, December 11th, 8:15pm - 8:55pm |
Special Events |
| Gamification: Hacking Your Brain for Better Learning |
Yori Kvitchko |
Tuesday, December 11th, 8:30pm - 9:30pm |
SANS@Night |
Wednesday, December 12
| Session |
Speaker |
Time | Type |
| GIAC Certification Program Overview |
Scott Cassity |
Wednesday, December 12th, 6:15pm - 7:00pm |
Special Events |
| NetWars Tournament of Champions |
Ed Skoudis, Yori Kvitchko |
Wednesday, December 12th, 6:30pm - 9:30pm |
Special Events |
| Why Our Defenses Are Failing Us. One Click is All it Takes... |
Bryce Galbraith |
Wednesday, December 12th, 7:15pm - 8:15pm |
SANS@Night |
| Securing the Kids |
Lance Spitzner |
Wednesday, December 12th, 7:15pm - 8:15pm |
SANS@Night |
| Forensic Campus - "Intelligence-driven Response for Combating the Advanced Persistent Threat". |
Mike Cloppert |
Wednesday, December 12th, 7:15pm - 8:15pm |
SANS@Night |
| Information Assurance Metrics: Practical Steps to Measurement |
James Tarala |
Wednesday, December 12th, 8:15pm - 9:15pm |
SANS@Night |
| Tactical SecOps: A Guide to Precision Security Operations |
Kevin Johnson |
Wednesday, December 12th, 8:15pm - 9:15pm |
SANS@Night |
| Securing the Human |
Lance Spitzner |
Wednesday, December 12th, 8:15pm - 9:15pm |
SANS@Night |
| Forensic Campus - "How memory forensics will help you lose weight and look ten years younger" |
Jesse Kornblum |
Wednesday, December 12th, 8:15pm - 9:15pm |
SANS@Night |
