Fortune 100 InfoSec on a Budget
- Eric Capuano
- Sunday, December 17th, 7:15pm - 8:15pm
A common misconception is that it takes spending millions to be good at security. Not only is this untrue, but I will share ways that you can increase security posture while actually reducing spending. This talk outlines many of the tricks and mindsets to doing security well without breaking the bank. This is not the typical "Problem, problem, problem...." talk.... This is a solution-based talk that goes back to many of the basic challenges facing SOC teams everywhere.
Speaker bio:
Eric Capuano began his career in Information Security as a Tactics Developer for the United States Air Force, specializing later in intrusion detection signature development. Since departing active duty, Eric has lead cybersecurity operations in both private and government entities. He currently manages the Security Operations Center for the Texas Department of Public Safety, where he singlehandedly built the agency's first CSIRT. Eric routinely leverages Windows forensics skills in support of defensive and incident response operations as well as providing support to law enforcement. With this experience, Eric is able to provide real-world forensics experience not only for LE/investigative purposes, but also for identifying attack methods and infection timelines of compromised systems. Eric continues to serves part-time in the Texas Air National Guard as a Cyber Warfare Operator. He also teaches Cyber Patriot and is a member of the Packet Hacking Village / Wall of Sheep at DEFCON each year. In his spare time, Eric enjoys tinkering in Python, analyzing malware, authoring threat signatures/IOCs, and developing/maintaining honeypots and deception systems. He has a passion for detailed threat analysis and uses those skills to bolster defensive postures by leveraging defense-in-depth methodologies. Eric currently holds the following certifications: GIAC GCFE, Certified Ethical Hacker, Security+, Linux+, LPIC-1, PCNSE, A+. On his blog, he shares opinions and techniques mostly centered around information security, https://blog.ecapuano.com.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
- Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Wednesday, December 13
Session |
Speaker |
Time | Type |
Welcome Reception |
— |
Wednesday, December 13th, 5:00pm - 7:00pm |
Reception |
Thursday, December 14
Session |
Speaker |
Time | Type |
General Session - Welcome to SANS |
Bryan Simon |
Thursday, December 14th, 8:00am - 8:30am |
Special Events |
Visibility and Security in the age of Digital Transformation |
Gill Langston, Director of Product Management |
Thursday, December 14th, 12:30pm - 1:15pm |
Lunch and Learn |
The Power of the Pivot: Poking the Bear with DomainTools |
Taylor Wilkes-Pierce, Sales Engineer |
Thursday, December 14th, 12:30pm - 1:15pm |
Lunch and Learn |
Defeating Sandbox Evasion Techniques Used By Malware |
Ian Richardson, Sales Engineer |
Thursday, December 14th, 12:30pm - 1:15pm |
Lunch and Learn |
How Threat Intelligence Helps You Calculate Risk to Obtain the Security Resources You Really Need |
Levi Gundert, Vice President of Threat Intelligence |
Thursday, December 14th, 12:30pm - 1:15pm |
Lunch and Learn |
The Future of Cyber Security |
Dr.Tommy Gardner, PE, CTO of HP Federal |
Thursday, December 14th, 12:30pm - 1:15pm |
Lunch and Learn |
2017 Security Trends |
Joey Muniz, Technical Solultions Architect |
Thursday, December 14th, 12:30pm - 1:15pm |
Lunch and Learn |
APAC Student Reception at SANS Cyber Defense Initiative 2017 |
— |
Thursday, December 14th, 7:00pm - 8:00pm |
Reception |
Exploitation 101: Stacks, NX/DEP, ASLR and ROP! |
David Hoelzer |
Thursday, December 14th, 7:15pm - 9:15pm |
Keynote |
Friday, December 15
Session |
Speaker |
Time | Type |
Solutions Expo |
— |
Friday, December 15th, 12:00pm - 1:30pm |
Vendor Event |
Women's CONNECT Event |
Hosted by SANS COINS program and ISSA WIS SIG |
Friday, December 15th, 4:00pm - 9:15pm |
Special Events |
Solutions Expo |
— |
Friday, December 15th, 5:30pm - 7:30pm |
Vendor Event |
GIAC Program Presentation |
Scott Cassity |
Friday, December 15th, 6:15pm - 7:15pm |
Special Events |
Actionable Detects: Blue Team Cyber Defense Tactics |
Seth Misenar |
Friday, December 15th, 7:15pm - 8:15pm |
SANS@Night |
The Three C's to Building a Mature Awareness Program |
Lance Spitzner |
Friday, December 15th, 7:15pm - 8:15pm |
SANS@Night |
Using an Open Source Threat Model for Prioritized Defense |
James Tarala |
Friday, December 15th, 7:15pm - 8:15pm |
SANS@Night |
The 14 Absolute Truths of Security |
Keith Palmgren |
Friday, December 15th, 7:15pm - 8:15pm |
SANS@Night |
An Interactive Look at Defeating Advanced Adversaries and Implementing Kill Chain Controls |
Stephen Sims |
Friday, December 15th, 7:15pm - 8:15pm |
SANS@Night |
Botnet Resiliency via Private Blockchains |
Jonathan Sweeny- Master's Degree Candidate |
Friday, December 15th, 7:15pm - 7:55pm |
Master's Degree Presentation |
Securing Your Kids |
Lance Spitzner |
Friday, December 15th, 8:15pm - 9:15pm |
SANS@Night |
Control Things Platform |
Justin Searle |
Friday, December 15th, 8:15pm - 9:15pm |
SANS@Night |
Blockchain: the New Digital Swiss Army Knife? |
G. Mark Hardy |
Friday, December 15th, 8:15pm - 9:15pm |
SANS@Night |
Cloud Security Testing |
Edward Zamora- Master's Degree Candidate |
Friday, December 15th, 8:15pm - 8:55pm |
Master's Degree Presentation |
Saturday, December 16
Session |
Speaker |
Time | Type |
Coffee & Donuts with the Graduate Students |
— |
Saturday, December 16th, 7:30am - 9:00am |
Special Events |
How to Become a SANS Instructor |
Eric Conrad |
Saturday, December 16th, 12:30pm - 1:15pm |
Lunch and Learn |
Introducing DeepBlueCLI, a PowerShell Module for Hunt Teaming Via Windows Event Logs |
Eric Conrad |
Saturday, December 16th, 7:15pm - 8:15pm |
SANS@Night |
Malware Analysis for Incident Responders: Getting Started |
Lenny Zeltser |
Saturday, December 16th, 7:15pm - 8:45pm |
SANS@Night |
Building an Effective Security Monitoring Program |
Jake Williams |
Saturday, December 16th, 7:15pm - 8:15pm |
SANS@Night |
Three Keys for SecDevOps Success |
Frank Kim |
Saturday, December 16th, 7:15pm - 8:15pm |
SANS@Night |
Industrial Control System Active Defense and Threat Intelligence |
Robert M. Lee |
Saturday, December 16th, 8:15pm - 9:15pm |
SANS@Night |
7 Ways How Criminals Will Steal Your Cryptocoins |
Johannes Ullrich, Ph.D. |
Saturday, December 16th, 8:15pm - 9:15pm |
SANS@Night |
When IoT Attacks: Understanding the Safety Risks Associated With Connected Devices |
Billy Rios |
Saturday, December 16th, 8:15pm - 9:15pm |
SANS@Night |