5 Days Left to Save $200 on SANS Miami 2016

Cyber Guardian 2013

Baltimore, MD | Mon, Apr 15 - Sat, Apr 20, 2013

Why Our Defenses Are Failing Us. One Click Is All It Takes...

  • Bryce Galbraith
  • Wednesday, April 17th, 7:15pm - 8:15pm

Organizations are spending unprecedented amounts of money in an attempt to defend their assets...yet all too often, one click is all it takes for everything to come toppling down around them. Every day we read in the news about national secrets, intellectual property, financial records, and personal details being exfiltrated from the largest organizations on earth. How is this being done? How are they bypassing our defenses (e.g. strong passwords, non-privileged accounts, anti-virus, firewalls/proxies, IDS/IPS, logging, etc.)? And most importantly, what can we do about it? A keen understanding of the true risks we face in today's threatscape is paramount to our success...

This presentation will walk through an example spear-phishing campaign to demonstrate:

  • How attackers perform recon on key individuals in target organizations (e.g. admins, executives, engineers, help desk personnel, etc.)
  • How attackers craft and deliver payloads that bypass most detection mechanisms
  • How attackers elevate privileges to super-user levels - even on fully-patched systems
  • How attackers bypass strong passwords, smart cards, multi-factor, bio-metrics, and virtually all forms of strong authentication
  • How attackers move throughout the environment in search of their "prize" with minimal footprint or artifacts
  • How attackers exfiltrate secrets from the organization undetected

Many organizations are busy being busy, managing all kinds of projects and initiatives. They have the right products. They have more logs than they know what to do with. Yet the uncomfortable question persists, "Is it working?" If one click by a user is all it takes, we need to re-evaluate...

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
Monday, April 15
Session Speaker Time Type
General Session - Welcome to SANS Dr. Eric Cole Monday, April 15th, 8:15am - 8:45am Special Events
APT: It is Time to Act Dr. Eric Cole Monday, April 15th, 7:15pm - 9:15pm Keynote
Tuesday, April 16
Session Speaker Time Type
Vendor Showcase Tuesday, April 16th, 10:30am - 10:50am Vendor Event
Vendor Showcase Tuesday, April 16th, 12:30pm - 1:15pm Vendor Event
Vendor Showcase Tuesday, April 16th, 3:00pm - 3:20pm Vendor Event
GIAC Program Overview Dr. Eric Cole Tuesday, April 16th, 7:15pm - 8:15pm Special Events
Offensive Countermeasures, Active Defenses, and Internet Tough Guys John Strand Tuesday, April 16th, 7:15pm - 9:15pm SANS@Night
SANS Technology Institute Open House Dr. Eric Cole Tuesday, April 16th, 8:15pm - 9:15pm Special Events
Wednesday, April 17
Session Speaker Time Type
Why Our Defenses Are Failing Us. One Click Is All It Takes... Bryce Galbraith Wednesday, April 17th, 7:15pm - 8:15pm SANS@Night
Tactical SecOps: A Guide to Precision Security Operations Kevin Johnson Wednesday, April 17th, 8:15pm - 9:15pm SANS@Night
Thursday, April 18
Session Speaker Time Type
Windows Exploratory Surgery with Process Hacker Jason Fossen Thursday, April 18th, 7:15pm - 8:45pm SANS@Night