Network Security 2011

Las Vegas, NV | Sat, Sep 17 - Mon, Sep 26, 2011

Adding Rich Access Control and Audit Logging to Windows Applications

  • Andy Milford and Andy Hopper
  • Wednesday, September 21st, 12:30pm - 1:15pm

Do you have an application that is managing potentially sensitive information? Oftentimes, merely granting a user access to an application is not enough: you may also need the ability to set permissions on individual objects as well as track when people access those items. This talk will cover how applications that target the Windows platform can incorporate the ability to manage highly granular access control and automate audit logging by using the security subsystems in the Windows operating system. Topics covered include discretionary access control lists, system access control lists, the Windows audit log and the Windows Authorization APIs.

Andy Milford -Product Manager, Log Management, Ipswitch Network Management Division Andy Milford joined Ipswitch in 2009 after the log management company he founded, Dorian Software Creations, Inc was acquired by Ipswitch. He holds a patent relating to log management, and the U.S. Army recently awarded the Certificate of Networthiness to the flagship utility he created, WhatsUp Event Archiver.

Andy Hopper-Senior Software Architect, Ipswitch, Inc. Andy is a Senior Software Architect in Ipswitch's Alpharetta office working on the infrastructure of the Log Management and WhatsUp Gold product lines.

Ipswitch, Inc.
 

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Monday, September 19
Session Speaker Time Type
The Dark Side of Social Networks: Malware & Fraud Dr. Paul Judge, Chief Research Officer Monday, September 19th, 12:30pm - 1:15pm Lunch and Learn
Spear Phishing: The truth behind Night Dragon, Aurora, and APT Rohyt Belani, CEO, PhishMe Inc. Monday, September 19th, 12:30pm - 1:15pm Lunch and Learn
Unified Security Monitoring Serge Nadon, Sales Engineer Monday, September 19th, 12:30pm - 1:15pm Lunch and Learn
Eyes on the Prize: Protecting Your Valuable Assets Shawn Munoz, Senior Sales Engineer, ArcSight - an HP Company Monday, September 19th, 12:30pm - 1:15pm Lunch and Learn
There Has To Be a Better Way. Will Irace, Director of Research & Services Monday, September 19th, 12:30pm - 1:15pm Lunch and Learn
How to Become a SANS Instructor Eric Conrad Monday, September 19th, 12:30pm - 1:15pm Special Events
Tuesday, September 20
Session Speaker Time Type
Vendor Expo Tuesday, September 20th, 12:00pm - 1:30pm
Tuesday, September 20th, 5:00pm - 7:00pm
Vendor Event
Vendor Sponsored Lunch Session Tuesday, September 20th, 12:00pm - 1:30pm Vendor Event
Vendor Welcom Reception Tuesday, September 20th, 5:00pm Vendor Event
Book Signing - SANS Published Authors Tuesday, September 20th, 6:00pm - 6:30pm Vendor Event
Securing The Kids Lance Spitzner Tuesday, September 20th, 7:15pm - 8:15pm SANS@Night
Securing The Human Lance Spitzner Tuesday, September 20th, 8:15pm - 9:15pm SANS@Night
Wednesday, September 21
Session Speaker Time Type
Building Trusted Clouds Ravi Kumar, Group Manager Wednesday, September 21st, 12:30pm - 1:15pm Lunch and Learn
Efficient Vulnerability Management with Penetration Testing Alex Horan, Project Manager Wednesday, September 21st, 12:30pm - 1:15pm Lunch and Learn
Building an APT Protection Plan Joshua McCarthy, Systems Consulting Engineer Wednesday, September 21st, 12:30pm - 1:15pm Lunch and Learn
Adding Rich Access Control and Audit Logging to Windows Applications Andy Milford and Andy Hopper Wednesday, September 21st, 12:30pm - 1:15pm Lunch and Learn
Network Security Evolved: Enabling DNSSEC Johannes Ullrich, Ph.D. Wednesday, September 21st, 6:15pm - 7:15pm SANS@Night
Windows Exploratory Surgery with Process Hacker Jason Fossen Wednesday, September 21st, 8:15pm - 9:15pm SANS@Night
Thursday, September 22
Session Speaker Time Type
GIAC Program Overview Jeff Frisk Thursday, September 22nd, 6:00pm - 7:00pm Special Events
Big Brother Forensics: You Can Run but You Can't Hide! Chad Tilbury Thursday, September 22nd, 6:15pm - 8:45pm SANS@Night
NetWars Thursday, September 22nd, 6:30pm - 9:30pm Special Events
SANS Technology Institute Brief Stephen Northcutt Thursday, September 22nd, 7:00pm - 7:45pm Special Events
Emerging Trends in the Law of Information Security and Investigations Ben Wright Thursday, September 22nd, 7:15pm - 8:15pm SANS@Night
How to Steal a Million: Exploitation in a Web-connected World Kevin Johnson Thursday, September 22nd, 8:15pm - 9:15pm SANS@Night
Friday, September 23
Session Speaker Time Type
NetWars Friday, September 23rd, 6:30pm - 9:30pm Special Events
Iron Fan III Friday, September 23rd, 7:00pm Special Events
Who is Watching the Watchers? Mike Poor Friday, September 23rd, 7:15pm - 8:15pm SANS@Night
Pentesting Web Apps with Python Justin Searle Friday, September 23rd, 7:15pm - 8:15pm SANS@Night