SANS Technology Institute Master's Presentation
- Holistically Evaluating and Improving Web-based Authentication Requirements
- Courtney Imbert
- Tuesday, September 17th, 7:15pm - 7:55pm
Internet-facing web applications don't exist in a vacuum; attackers can perform reconnaissance and pivot through compromised accounts both within and outside an organization to gain access to a target. This talk focuses on evaluating web application authentication requirements holistically to identify potential weak points, and will provide approaches to raise the level of assurance of a user's identity
Courtney Imbert is a Technical Director at GIAC, where she develops certification exams. Previously, she has worked as a member of a security team at a multinational food manufacturing company and as an IT contractor. Courtney holds an undergraduate degree in Business Administration from the State University of New York at Buffalo. She is a Masterās Candidate with the SANS Technology Institute, where she is completing requirements for a Masterās Degree in Information Security Engineering. She has participated in the information security community since 2001, when she was delighted to discover her hobby could become a career.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
Monday, September 16
| Session | Speaker | Time | Type |
|---|---|---|---|
| General Session - Welcome to SANS | Dr. Eric Cole | Monday, September 16th, 8:15am - 8:45am | Special Events |
| APT: It is Time to Act | Dr. Eric Cole | Monday, September 16th, 7:15pm - 9:15pm | Keynote |
Tuesday, September 17
| Session | Speaker | Time | Type |
|---|---|---|---|
| How to Become a SANS Instructor | Eric Conrad, Certified Instructor | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
| Fortinet Next Generation Firewalls | Justin Kallhoff, CEO, Infogressive | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
| Making the GRC Grade - How to Realize Continuous Compliance NAC Real-time Visibility and Automated Control Applied to IT-GRC | William Chitty, Dir. Of Technology ā Partner Enablement, ForeScout Technologies | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
| Beatings by Phishers Will Continue Until Awareness Improves | Aaron Higbee; PhishMe Co-Founder & CTO | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
| Vulnerability Management Programs - The Good, the Bad and the Broken | Bill Olson, Director, Vulnerability Management (SME), Qualys | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
| Delivering Situational Awareness - Putting the Critical Security Controls to Work | Brian Mehlman, Senior Director of Product Management, EiQ Networks | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
| Defending Against APTs - Challenges & What to Look for in a Solution | Kangwarn Chinthammit, Sr. Staff Technical Marketing Manager, FireEye | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
| Tenable, the SANS 20 Critical Security Controls, and You; The Basics and Beyond | Jack Daniel, Product Manager, Tenable Network Security | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
| DDoS in the Enterprise: Defending against an evolving threat landscape | Stephen Gates, Chief Technology Evangelist, Corero | Tuesday, September 17th, 12:30pm - 1:15pm | Lunch and Learn |
| Have no fear - DFIR is here! | Rob Lee, Chad Tilbury, Alissa Torres, and Lenny Zeltser | Tuesday, September 17th, 6:45pm - 8:15pm | SANS@Night |
| Effective Phishing that Employees Like | Lance Spitzner | Tuesday, September 17th, 7:15pm - 8:15pm | SANS@Night |
| SANS Technology Institute Master's Presentation | Courtney Imbert | Tuesday, September 17th, 7:15pm - 7:55pm | Special Events |
| Windows Exploratory Surgery with Process Hacker | Jason Fossen | Tuesday, September 17th, 8:15pm - 9:30pm | SANS@Night |
| Securing The Kids | Lance Spitzner | Tuesday, September 17th, 8:15pm - 9:15pm | SANS@Night |
| SANS Technology Institute Master's Presentation | George Khalil | Tuesday, September 17th, 8:15pm - 8:55pm | Special Events |
| 'Open Mic Night' | — | Tuesday, September 17th, 9:30pm - 11:30pm | Special Events |
Wednesday, September 18
| Session | Speaker | Time | Type |
|---|---|---|---|
| Vendor Solutions Expo | — | Wednesday, September 18th, 12:00pm - 1:30pm | Vendor Event |
| Vendor Solutions Expo | — | Wednesday, September 18th, 5:00pm - 7:00pm | Vendor Event |
| InfoSec Vertigo: Small Medical Lab Wages War Against InfoSec Vendor, US Government, and Big DC Law Firm | Benjamin Wright and Michael Daugherty, President of LabMD | Wednesday, September 18th, 7:15pm - 8:15pm | SANS@Night |
| Active Defense, Crime, and Punishment: New Tools to Find Bad People | John Strand | Wednesday, September 18th, 7:15pm - 8:15pm | SANS@Night |
| SANS Technology Institute Master's Presentation | Trenton Bond | Wednesday, September 18th, 7:15pm - 7:55pm | Special Events |
| Industrial (In)Security ā How we got here and where to go next | Graham Speake | Wednesday, September 18th, 7:15pm - 8:15pm | SANS@Night |
| The Security Impact of IPv6 | Johannes Ullrich | Wednesday, September 18th, 8:15pm - 9:15pm | SANS@Night |
| Information Assurance Metrics: Practical Steps to Measurement | James Tarala | Wednesday, September 18th, 8:15pm - 9:15pm | SANS@Night |
| SANS Technology Institute Master's Presentation | Mason Pokladnik | Wednesday, September 18th, 8:15pm - 8:55pm | Special Events |
Thursday, September 19
| Session | Speaker | Time | Type |
|---|---|---|---|
| Live Attack Visualization and Analysis for the Enterprise SOC | Bill Gardner, Sr. Director of Products at Bromium | Thursday, September 19th, 12:30pm - 1:15pm | Lunch and Learn |
| Targeted, Wire-speed Yara Analysis for Real-time Malware Prevention | Mike Nichols, Senior Product Manager, General Dynamics Fidelis Cybersecurity | Thursday, September 19th, 12:30pm - 1:15pm | Lunch and Learn |
| Party Like it's 1999 - Retina Vulnerability Scanner: Then and Now | Morey Haber, Sr. Director, Program Management, BeyondTrust | Thursday, September 19th, 12:30pm - 1:15pm | Lunch and Learn |
| The Power of Lossless Packet Capture (1G-100G) & Real-time Netflow | Boni Bruno, Senior Sales Engineer, Emulex | Thursday, September 19th, 12:30pm - 1:15pm | Lunch and Learn |
| GIAC Program Overview | Jeff Frisk, GIAC Director | Thursday, September 19th, 6:00pm - 6:30pm | Special Events |
| SANS Technology Institute Open House | Dr. Toby Gouker, Provost | Thursday, September 19th, 6:30pm - 7:00pm | Special Events |
| Crayons Never Uploaded Our Stuff to the Internet! | Kevin Johnson | Thursday, September 19th, 7:15pm - 8:15pm | SANS@Night |
| Hacker Guard Quarterly Briefing | John Strand | Thursday, September 19th, 7:15pm - 8:45pm | SANS@Night |
| Hacking Your Friends and Neighbors For Fun | Joshua Wright | Thursday, September 19th, 8:15pm - 9:15pm | SANS@Night |
| How the West was Pwned | G. Mark Hardy | Thursday, September 19th, 8:15pm - 9:15pm | SANS@Night |
Friday, September 20
| Session | Speaker | Time | Type |
|---|---|---|---|
| Connecting Security to the Business using SANS 20 CSC | Katherine Brocklehurst, Senior Product Marketing Manager, Tripwire | Friday, September 20th, 12:30pm - 1:15pm | Lunch and Learn |
| Sick Anti-analysis Mechanisms in the Wild | Alissa Torres | Friday, September 20th, 7:15pm - 8:15pm | SANS@Night |
| Introducing the CompTIA CASP Exam | Seth Misenar | Friday, September 20th, 7:15pm - 8:15pm | SANS@Night |
| Applying the 32 Zombieland Rules to IT Security | Larry Pesce | Friday, September 20th, 8:15pm - 9:15pm | SANS@Night |
