SANS Technology Institute Master's Presentation
- Holistically Evaluating and Improving Web-based Authentication Requirements
- Courtney Imbert
- Tuesday, September 17th, 7:15pm - 7:55pm
Internet-facing web applications don't exist in a vacuum; attackers can perform reconnaissance and pivot through compromised accounts both within and outside an organization to gain access to a target. This talk focuses on evaluating web application authentication requirements holistically to identify potential weak points, and will provide approaches to raise the level of assurance of a user's identity
Courtney Imbert is a Technical Director at GIAC, where she develops certification exams. Previously, she has worked as a member of a security team at a multinational food manufacturing company and as an IT contractor. Courtney holds an undergraduate degree in Business Administration from the State University of New York at Buffalo. She is a Masterās Candidate with the SANS Technology Institute, where she is completing requirements for a Masterās Degree in Information Security Engineering. She has participated in the information security community since 2001, when she was delighted to discover her hobby could become a career.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
Monday, September 16
Session | Speaker | Time | Type |
---|---|---|---|
General Session - Welcome to SANS | Dr. Eric Cole | Monday, September 16th, 8:15am - 8:45am | Special Events |
APT: It is Time to Act | Dr. Eric Cole | Monday, September 16th, 7:15pm - 9:15pm | Keynote |
Tuesday, September 17
Session | Speaker | Time | Type |
---|---|---|---|
How to Become a SANS Instructor | Eric Conrad, Certified Instructor | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
Fortinet Next Generation Firewalls | Justin Kallhoff, CEO, Infogressive | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
Making the GRC Grade - How to Realize Continuous Compliance NAC Real-time Visibility and Automated Control Applied to IT-GRC | William Chitty, Dir. Of Technology ā Partner Enablement, ForeScout Technologies | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
Beatings by Phishers Will Continue Until Awareness Improves | Aaron Higbee; PhishMe Co-Founder & CTO | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
Vulnerability Management Programs - The Good, the Bad and the Broken | Bill Olson, Director, Vulnerability Management (SME), Qualys | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
Delivering Situational Awareness - Putting the Critical Security Controls to Work | Brian Mehlman, Senior Director of Product Management, EiQ Networks | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
Defending Against APTs - Challenges & What to Look for in a Solution | Kangwarn Chinthammit, Sr. Staff Technical Marketing Manager, FireEye | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
Tenable, the SANS 20 Critical Security Controls, and You; The Basics and Beyond | Jack Daniel, Product Manager, Tenable Network Security | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
DDoS in the Enterprise: Defending against an evolving threat landscape | Stephen Gates, Chief Technology Evangelist, Corero | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
Have no fear - DFIR is here! | Rob Lee, Chad Tilbury, Alissa Torres, and Lenny Zeltser | Tuesday, September 17th, 6:45pm - 8:15pm | SANS@Night |
Effective Phishing that Employees Like | Lance Spitzner | Tuesday, September 17th, 7:15pm - 8:15pm | SANS@Night |
SANS Technology Institute Master's Presentation | Courtney Imbert | Tuesday, September 17th, 7:15pm - 7:55pm | Special Events |
Windows Exploratory Surgery with Process Hacker | Jason Fossen | Tuesday, September 17th, 8:15pm - 9:30pm | SANS@Night |
Securing The Kids | Lance Spitzner | Tuesday, September 17th, 8:15pm - 9:15pm | SANS@Night |
SANS Technology Institute Master's Presentation | George Khalil | Tuesday, September 17th, 8:15pm - 8:55pm | Special Events |
'Open Mic Night' | — | Tuesday, September 17th, 9:30pm - 11:30pm | Special Events |
Wednesday, September 18
Session | Speaker | Time | Type |
---|---|---|---|
Solutions Expo | — | Wednesday, September 18th, 12:00pm - 1:30pm | Vendor Event |
Solutions Expo | — | Wednesday, September 18th, 5:00pm - 7:00pm | Vendor Event |
InfoSec Vertigo: Small Medical Lab Wages War Against InfoSec Vendor, US Government, and Big DC Law Firm | Benjamin Wright and Michael Daugherty, President of LabMD | Wednesday, September 18th, 7:15pm - 8:15pm | SANS@Night |
Active Defense, Crime, and Punishment: New Tools to Find Bad People | John Strand | Wednesday, September 18th, 7:15pm - 8:15pm | SANS@Night |
SANS Technology Institute Master's Presentation | Trenton Bond | Wednesday, September 18th, 7:15pm - 7:55pm | Special Events |
Industrial (In)Security ā How we got here and where to go next | Graham Speake | Wednesday, September 18th, 7:15pm - 8:15pm | SANS@Night |
The Security Impact of IPv6 | Johannes Ullrich | Wednesday, September 18th, 8:15pm - 9:15pm | SANS@Night |
Information Assurance Metrics: Practical Steps to Measurement | James Tarala | Wednesday, September 18th, 8:15pm - 9:15pm | SANS@Night |
SANS Technology Institute Master's Presentation | Mason Pokladnik | Wednesday, September 18th, 8:15pm - 8:55pm | Special Events |
Thursday, September 19
Session | Speaker | Time | Type |
---|---|---|---|
Live Attack Visualization and Analysis for the Enterprise SOC | Bill Gardner, Sr. Director of Products at Bromium | Thursday, September 19th, 12:30pm - 1:15pm | Lunch and Learn |
Targeted, Wire-speed Yara Analysis for Real-time Malware Prevention | Mike Nichols, Senior Product Manager, General Dynamics Fidelis Cybersecurity | Thursday, September 19th, 12:30pm - 1:15pm | Lunch and Learn |
Party Like it's 1999 - Retina Vulnerability Scanner: Then and Now | Morey Haber, Sr. Director, Program Management, BeyondTrust | Thursday, September 19th, 12:30pm - 1:15pm | Lunch and Learn |
The Power of Lossless Packet Capture (1G-100G) & Real-time Netflow | Boni Bruno, Senior Sales Engineer, Emulex | Thursday, September 19th, 12:30pm - 1:15pm | Lunch and Learn |
GIAC Program Overview | Jeff Frisk, GIAC Director | Thursday, September 19th, 6:00pm - 6:30pm | Special Events |
SANS Technology Institute Open House | Dr. Toby Gouker, Provost | Thursday, September 19th, 6:30pm - 7:00pm | Special Events |
Crayons Never Uploaded Our Stuff to the Internet! | Kevin Johnson | Thursday, September 19th, 7:15pm - 8:15pm | SANS@Night |
Hacker Guard Quarterly Briefing | John Strand | Thursday, September 19th, 7:15pm - 8:45pm | SANS@Night |
Hacking Your Friends and Neighbors For Fun | Joshua Wright | Thursday, September 19th, 8:15pm - 9:15pm | SANS@Night |
How the West was Pwned | G. Mark Hardy | Thursday, September 19th, 8:15pm - 9:15pm | SANS@Night |
Friday, September 20
Session | Speaker | Time | Type |
---|---|---|---|
Connecting Security to the Business using SANS 20 CSC | Katherine Brocklehurst, Senior Product Marketing Manager, Tripwire | Friday, September 20th, 12:30pm - 1:15pm | Lunch and Learn |
Sick Anti-analysis Mechanisms in the Wild | Alissa Torres | Friday, September 20th, 7:15pm - 8:15pm | SANS@Night |
Introducing the CompTIA CASP Exam | Seth Misenar | Friday, September 20th, 7:15pm - 8:15pm | SANS@Night |
Applying the 32 Zombieland Rules to IT Security | Larry Pesce | Friday, September 20th, 8:15pm - 9:15pm | SANS@Night |