Get unparalleled cyber security training from real-world practitioners in Nashville. Save $200 thru 10/30.

DFIR Summit & Training 2019

Austin, TX | Thu, Jul 25, 2019 - Thu, Aug 1, 2019
This event is over,
but there are more training opportunities.

After the Attack: Automate and Accelerate Your Post-Breach Response

  • Shon Harris, Senior Cloud Engineer
  • Thursday, July 25th, 12:00pm - 1:20pm

When dealing with a data breach, minutes could mean the difference between stopping the threat or losing critical company data, revenue and customer trust. The new RESTful API from AccessData enables security teams to seamlessly integrate a companyâs SIEM platform with its forensic investigation platform, automating collections and dramatically speeding incident response by initiating the immediate preservation of evidence crucial in an investigation.

During this presentation, youâll learn how organizations can effectively use automation and forensic analysis solutions to:

* Reduce post-breach analysis time by up to 40 minutes per incident

* Initiate a collection job at a designated endpoint within moments of an attack, immediately preserving data relating to the root cause of the breach

* Reduce the risk and expense of passing data between platforms

And more!

AccessData Corp.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Thursday, July 25
Session Speaker Time Type
Vendor Showcase Thursday, July 25th, 10:00am - 10:30am Vendor Event
After the Attack: Automate and Accelerate Your Post-Breach Response Shon Harris, Senior Cloud Engineer Thursday, July 25th, 12:00pm - 1:20pm Lunch and Learn
Domain & DNS-based Adversarial Threat Intelligence in the SOC/CSIRT Corin Imai, Senior Security Advisor Thursday, July 25th, 12:00pm - 1:20pm Lunch and Learn
Incident Response and Investigation using Shadow Search - A Real World Example James Morin, Threat Intelligence Manager Thursday, July 25th, 12:00pm - 1:20pm Lunch and Learn
Chopping Down a Dense forest of Teleme-Trees: Making Telemetry Work for You Justin Ibarra, Security Researcher Thursday, July 25th, 12:00pm - 1:20pm Lunch and Learn
Vendor Showcase Thursday, July 25th, 3:15pm - 3:45pm Vendor Event
DFIR Summit Night Out in ATX! Thursday, July 25th, 7:00pm - 9:00pm Special Events
Friday, July 26
Session Speaker Time Type
Vendor Showcase Friday, July 26th, 9:45am - 10:15am Vendor Event
Vendor Showcase Friday, July 26th, 12:00pm - 1:15pm Vendor Event
Vendor Showcase Friday, July 26th, 2:50pm - 3:20pm Vendor Event
Saturday, July 27
Session Speaker Time Type
Enterprise DFIR with EnCase - Uncovering the Metaphorical Devil in the Details Jeff Hedlesky, Forensic Evangelist, OpenText & JJ Cranford, Sr. Product Mkting Mgr, OpenText Saturday, July 27th, 12:30pm - 1:15pm Lunch and Learn
Security Orchestration and Automation to respond to Insider Threats John Avendano, Technical Consultant Saturday, July 27th, 12:30pm - 1:15pm Lunch and Learn
An Update on the Current State of Windows Forensics David Cowen Saturday, July 27th, 6:30pm - 8:30pm Keynote
Sunday, July 28
Session Speaker Time Type
Come to the Dark Side: Python's Sinister Secrets Mark Baggett Sunday, July 28th, 6:30pm - 7:30pm SANS@Night
KAPE: Whatâs all the buzz about? Mark Hallman Sunday, July 28th, 7:30pm - 8:30pm SANS@Night
Monday, July 29
Session Speaker Time Type
Piecing the Digital Story Together Using Magnet AXIOM Tarah Melton, Forensic Consultant Monday, July 29th, 12:30pm - 1:15pm Lunch and Learn
DFIR Community Night Monday, July 29th, 6:00pm - 8:00pm Special Events