Live, interactive cybersecurity training available through SANS Live Online. View upcoming events.

Cyber Defense Initiative® 2012

Washington, DC | Fri, Dec 7 - Sun, Dec 16, 2012
This event is over,
but there are more training opportunities.
 

Forensic Campus - "Detecting Persistence Mechanisms"

  • Alissa Torres
  • Monday, December 10th, 8:15pm - 9:15pm

Often times, artifacts of persistence created by an attacker in order for their malware to survive on a system are important leads to unravel the adversary's methodologies. These techniques, including registry keys, scheduled tasks and other methods, can be excellent indicators for the signature creation used in enterprise scanning. How do you find these valuable artifacts? What tools can you use to aid in their discovery? This presentation covers the common persistence techniques used in today's malware and the forensic techniques and tools that can be used to uncover them.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
Sunday, December 9
Session Speaker Time Type
General Session - Welcome to SANS Dr. Eric Cole Sunday, December 9th, 8:15am - 8:45am Special Events
Future Trends in Network Security Eric Cole, Ph.D. Sunday, December 9th, 7:15pm - 9:15pm Keynote
Monday, December 10
Session Speaker Time Type
Forensic Campus Open House inviting non-attendees to reception Monday, December 10th, 6:00pm - 7:00pm Reception
Women in Technology Meet and Greet Monday, December 10th, 6:30pm - 7:15pm Reception
Top 8 Steps for Effective Mobile Security Josh Wright, Ed Skoudis Monday, December 10th, 7:00pm - 8:00pm Special Events
Building a Portable Private Cloud Paul Henry Monday, December 10th, 7:15pm - 8:15pm SANS@Night
Forensic Campus - "Malware Analysis Essentials using REMnux" Lenny Zeltser Monday, December 10th, 7:15pm - 8:15pm SANS@Night
Gone In 60 Minutes David Hoelzer Monday, December 10th, 8:15pm - 9:15pm SANS@Night
Forensic Campus - "Detecting Persistence Mechanisms" Alissa Torres Monday, December 10th, 8:15pm - 9:15pm SANS@Night
Tuesday, December 11
Session Speaker Time Type
Vendor Expo Tuesday, December 11th, 12:00pm - 1:30pm
Tuesday, December 11th, 5:00pm - 7:00pm		 Vendor Event
Unleashing the Dogs of (cyber) War Ed Skoudis Tuesday, December 11th, 6:30pm - 8:30pm SANS@Night
SANS Technology Institute Open House Chancellor Toby Gouker Tuesday, December 11th, 7:15pm - 8:15pm Special Events
Knock-off Phone Forensics -Some Handsets Aren't What They Appear To Be Heather Mahalik Tuesday, December 11th, 7:15pm - 8:00pm SANS@Night
SANS Technology Institute Master's Presentation Jim Horwath Tuesday, December 11th, 8:15pm - 8:55pm Special Events
Gamification: Hacking Your Brain for Better Learning Yori Kvitchko Tuesday, December 11th, 8:30pm - 9:30pm SANS@Night
Wednesday, December 12
Session Speaker Time Type
GIAC Certification Program Overview Scott Cassity Wednesday, December 12th, 6:15pm - 7:00pm Special Events
NetWars Tournament of Champions Ed Skoudis, Yori Kvitchko Wednesday, December 12th, 6:30pm - 9:30pm Special Events
Why Our Defenses Are Failing Us. One Click is All it Takes... Bryce Galbraith Wednesday, December 12th, 7:15pm - 8:15pm SANS@Night
Securing the Kids Lance Spitzner Wednesday, December 12th, 7:15pm - 8:15pm SANS@Night
Forensic Campus - "Intelligence-driven Response for Combating the Advanced Persistent Threat". Mike Cloppert Wednesday, December 12th, 7:15pm - 8:15pm SANS@Night
Information Assurance Metrics: Practical Steps to Measurement James Tarala Wednesday, December 12th, 8:15pm - 9:15pm SANS@Night
Tactical SecOps: A Guide to Precision Security Operations Kevin Johnson Wednesday, December 12th, 8:15pm - 9:15pm SANS@Night
Securing the Human Lance Spitzner Wednesday, December 12th, 8:15pm - 9:15pm SANS@Night
Forensic Campus - "How memory forensics will help you lose weight and look ten years younger" Jesse Kornblum Wednesday, December 12th, 8:15pm - 9:15pm SANS@Night
Thursday, December 13
Session Speaker Time Type
NetWars Tournament of Champions Ed Skoudis, Yori Kvitchko Thursday, December 13th, 6:30pm - 9:30pm Special Events
What's New in Server 2012 and Windows 8 Jason Fossen Thursday, December 13th, 7:15pm - 8:45pm SANS@Night
Security Onion: One Step Closer to a Safer Network with Almost no Budget Chris Mohan Thursday, December 13th, 7:15pm - 8:15pm SANS@Night
SANS Technology Institute Master's Presentation Michael Hoehl Thursday, December 13th, 7:15pm - 7:55pm Special Events
This event is over,
but there are more training opportunities.
 
Downloads
Share

#sanscdi

Latest Whitepapers

Improving the Bottom Line with Effective Security Metrics: A SANS Survey
By Barbara Filkins

60870-5-104 protocol snort rule customization
By Adrian Aron

Chaining Vulnerability Scans inTenable IO Using Python
By Jeff Holland

Last 25 Papers »

Latest Tweets @SANSInstitute

Learn how to make the most out of WLAN Event Log Artifacts i [...]
August 11, 2020 - 11:25 PM

Sure, it's tempting to use your free device from #SANSOnDema [...]
August 11, 2020 - 10:35 PM

Interesting information about our Introduction to #NetworkAn [...]
August 11, 2020 - 10:10 PM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.

"Expertise of the trainer is impressive, real life situations explained, very good manuals. Best training ever!"
- Jerry Robles de Medina, Godo CU