Flexible Training for Today's Critical Cyber Skills - Available Now with Best Specials of the Year - Learn More

Nashville 2018

Nashville, TN | Mon, Dec 3 - Sat, Dec 8, 2018
This event is over,
but there are more training opportunities.

Effective Threat Hunting with Open-Source Solutions

  • Eric Capuano
  • Tuesday, December 4th, 7:15pm - 8:15pm

Everywhere you turn, there's a vendor trying to sell you the latest in "aIl-powered triple-next-gen threat detection." While some of these solutions may hold up to the claims, it's becoming more and more difficult to tell apart truly effective solutions from over-hyped marketing. Worst of all, the average cost for good or bad enterprise defense technologies is somewhere between 'unaffordable' and 'is that even a real number?'

This is the talk SIEM vendors don't want you to attend. We'll explore some incredible open-source solutions that you can implement to not only add significant value to your detection efforts, but even provide active defense capabilities. I encourage you to reach out to your vendor of choice and get a quote for "magic box that can detect and then automatically defend from attacks." Take the amount they quote you and use it to hire 4 new FTEs, get a new RedBull machine for the SOC, send your entire team to SANSFIRE, buy yourself something nice, and then donate the rest to the open-source projects I'll share with you in this deep dive.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, December 3
Session Speaker Time Type
General Session - Welcome to SANS Jorge Orchilles Monday, December 3rd, 8:00am - 8:30am Special Events
Tracking and Communicating About Threats: Intelligence for All Robert M. Lee Monday, December 3rd, 7:15pm - 9:15pm Keynote
Tuesday, December 4
Session Speaker Time Type
Effective Threat Hunting with Open-Source Solutions Eric Capuano Tuesday, December 4th, 7:15pm - 8:15pm SANS@Night