Houston 2015

Houston, TX | Mon, Mar 23 - Sat, Mar 28, 2015

DLP FAIL!!! Using Encoding, Steganography, and Covert Channels to Evade DLP and Other Critical Controls

  • Kevin Fiscus
  • Tuesday, March 24th, 8:15pm - 9:15pm

It's all about the information! Two decades after the movie Sneakers, the quote remains as relevant, if not more so. The fact that someone hacks into an environment is interesting but not that relevant. What is important is what happens after the compromise. If the data is destroyed or modified, organizations are negatively impacted but the benefits to an attacker for destruction or alteration are somewhat limited. Stealing information however, is highly profitable. Identity theft, espionage, and financial attacks involve the exfiltration of sensitive data. As a result, organizations deploy tools to detect and/or stop that data exfiltration. While these tools can be extremely valuable, many have serious weaknesses; attackers can encode, hide, or obfuscate the data, or can use secret communication channels. This session will talk about and demonstrate a range of these methods.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Lunch & Learn: Short presentations given during the lunch break.
Monday, March 23
Session Speaker Time Type
General Session - Welcome to SANS Johannes Ullrich, Ph.D. Monday, March 23rd, 8:15am - 8:45am Special Events
The Internet of Evil Things Johannes Ullrich, Ph.D. Monday, March 23rd, 7:15pm - 9:15pm Keynote
Tuesday, March 24
Session Speaker Time Type
Women in Technology Meet and Greet Tuesday, March 24th, 6:00pm - 7:00pm Reception
The 13 Absolute Truths of Security Keith Palmgren Tuesday, March 24th, 7:15pm - 8:15pm SANS@Night
DLP FAIL!!! Using Encoding, Steganography, and Covert Channels to Evade DLP and Other Critical Controls Kevin Fiscus Tuesday, March 24th, 8:15pm - 9:15pm SANS@Night
Wednesday, March 25
Session Speaker Time Type
Managing the Unmanageable: How to Secure the Enterprise Lee Milam, Citrix Enterprises Wednesday, March 25th, 12:30pm - 1:15pm Lunch and Learn
Sophos/Infogressive Lunch and Learn Justin Kallhoff, COO and Founder, Infogressive Wednesday, March 25th, 12:30pm - 1:15pm Lunch and Learn
Debunking the Complex Password Myth Keith Palmgren Wednesday, March 25th, 7:15pm - 8:15pm SANS@Night
Thursday, March 26
Session Speaker Time Type
Who is Attacking You and How? Sam Yoon, Systems Engineer, FireEye Thursday, March 26th, 12:30pm - 1:15pm Lunch and Learn
The Power of Threat Intelligence in your Cybersecurity Program Jason McEachin, Director, Sales Engineering Thursday, March 26th, 12:30pm - 1:15pm Lunch and Learn