The Law of Offensive Countermeasures, Active Defense or Whatever You Wanna Call It
- Benjamin Wright
- Thursday, October 23rd, 7:15pm - 8:15pm
The range of steps that a good guy might take relative to a bad guy is limited only by imagination. As our imagination invents new steps, we use metaphors like 'honeypot,' 'sinkhole' and 'hacking back' to describe what's going on. But when we try to fit these metaphors into law, confusion erupts. This presentation will only compound the confusion. Come join the raucous discussion."
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
- Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Sunday, October 19
| Session | Speaker | Time | Type |
|---|---|---|---|
| Registration Welcome Reception | — | Sunday, October 19th, 5:00pm - 7:00pm | Special Events |
| Women in Technology Meet and Greet | — | Sunday, October 19th, 7:00pm - 8:00pm | Reception |
Monday, October 20
| Session | Speaker | Time | Type |
|---|---|---|---|
| General Session - Welcome to SANS | Dr. Eric Cole | Monday, October 20th, 8:15am - 8:45am | Special Events |
| Breaking and Fixing Critical Infrastructure | Justin Searle, Managing Partner - UtiliSec | Monday, October 20th, 12:30pm - 1:15pm | Lunch and Learn |
| SANS Technology Institute Open House | Bill Lockhart, Executive Director, SANS Technology Institute | Monday, October 20th, 6:00pm - 7:00pm | Special Events |
| APT: It is Time to Act | Dr. Eric Cole | Monday, October 20th, 7:15pm - 9:15pm | Keynote |
Tuesday, October 21
| Session | Speaker | Time | Type |
|---|---|---|---|
| Beyond the Breach - A Look Into the Latest Threat Trends | Marshall Heilman, Managing Director, Mandiant, a FireEye Company | Tuesday, October 21st, 12:30pm - 1:15pm | Lunch and Learn |
| Simplify Your Security Operations with One Solution for Detecting Advanced Malware and Exploitable Vulnerabilities | Speaker: Narayan Makaram, Product Marketing Manager, Tenable Network Security, Inc. | Tuesday, October 21st, 12:30pm - 1:15pm | Lunch and Learn |
| Fortinet Next Generation Firewalls | Justin Kallhoff, Founder, Infogressive | Tuesday, October 21st, 12:30pm - 1:15pm | Lunch and Learn |
| Continuous Monitoring & Mitigation | Eric Vanderbur, Systems Engineer, ForeScout Technologies | Tuesday, October 21st, 12:30pm - 1:15pm | Lunch and Learn |
| Continuous Security Intelligence with the SANS Critical Security Controls | Vijay Basani, President/CEO, EiQ Networks | Tuesday, October 21st, 12:30pm - 1:15pm | Lunch and Learn |
| Expose the Underground: Malware from the eyes of the Attacker | Erik Yunghans, Consulting Engineer, PaloAlto Networks | Tuesday, October 21st, 12:30pm - 1:15pm | Lunch and Learn |
| Predictive Threat Intelligence: Connecting the Dots to Block Unknown Perimeter Threats | Presented by Chris Jacob, WEBROOT Strategic Alliances | Tuesday, October 21st, 12:30pm - 1:15pm | Lunch and Learn |
| Malware Analysis Essentials Using REMnux | Lenny Zeltser | Tuesday, October 21st, 7:15pm - 8:15pm | SANS@Night |
| An Introduction to PowerShell for Security Assessments | James Tarala | Tuesday, October 21st, 7:15pm - 8:15pm | SANS@Night |
| The 13 Absolute Truths of Security | Keith Palmgren | Tuesday, October 21st, 7:15pm - 8:15pm | SANS@Night |
| Straddling the Next Frontier: How Quantum Technologies Have Already Begun Impacting the Cyber Security Landscape. | Eric Jodoin - Master's Degree Candidate | Tuesday, October 21st, 7:15pm - 7:55pm | Master's Degree Presentation |
| The Great Browser Schism: How to Analyze IE10 & IE11 | Chad Tilbury | Tuesday, October 21st, 8:15pm - 9:15pm | SANS@Night |
| Evolving Threats | Paul A. Henry | Tuesday, October 21st, 8:15pm - 9:15pm | SANS@Night |
| Risky Business | Robert Sorensen - Master's Degree Candidate | Tuesday, October 21st, 8:15pm - 8:55pm | Master's Degree Presentation |
Wednesday, October 22
| Session | Speaker | Time | Type |
|---|---|---|---|
| Vendor Solutions Expo | — | Wednesday, October 22nd, 12:00pm - 1:30pm | Vendor Event |
| Vendor Solutions Expo | — | Wednesday, October 22nd, 5:30pm - 7:30pm | Vendor Event |
| How Not to Suck at Pentesting | John Strand | Wednesday, October 22nd, 7:15pm - 8:15pm | SANS@Night |
| Weaponizing Digital Currency | G. Mark Hardy | Wednesday, October 22nd, 7:15pm - 8:15pm | SANS@Night |
| Debunking the Complex Password Myth | Keith Palmgren | Wednesday, October 22nd, 7:15pm - 8:15pm | SANS@Night |
| Finding the Wolf in Sheepâs Clothing: Integrating Identity into Intrusion Detection | Courtney Imbert - Master's Degree Candidate | Wednesday, October 22nd, 7:15pm - 7:55pm | Master's Degree Presentation |
| SANS 8 Mobile Device Security Steps | Chris Crowley | Wednesday, October 22nd, 8:15pm - 9:15pm | SANS@Night |
| Know Thyself: Brian Krebs is a Nice Guy But You Don't Want Him Writing About You | Ryan Johnson | Wednesday, October 22nd, 8:15pm - 9:15pm | SANS@Night |
| The Cost of Bad Project Management | George Khalil - Master's Degree Candidate | Wednesday, October 22nd, 8:15pm - 8:55pm | Master's Degree Presentation |
Thursday, October 23
| Session | Speaker | Time | Type |
|---|---|---|---|
| Connecting Your Business to the Unsecured Internet - The DDoS Threat | Stephen Gates, Security Evangelist, Corero | Thursday, October 23rd, 12:30pm - 1:15pm | Lunch and Learn |
| Stay Ahead of the Adversary with Network Security Analytics | H. Michael Nichols, Senior Manager, Sales Engineering, General Dynamics Fidelis Cybersecurity Solutions | Thursday, October 23rd, 12:30pm - 1:15pm | Lunch and Learn |
| Retina Vulnerability Management: The Best-Kept Secret in Security | Jason Williams, Security Engineer, BeyondTrust | Thursday, October 23rd, 12:30pm - 1:15pm | Lunch and Learn |
| Automated Attack Simulation â Network Pen-Testing the Easy Way | Sean Keef, Director, Sales Engineering, Skybox Security | Thursday, October 23rd, 12:30pm - 1:15pm | Lunch and Learn |
| All Your Metadatas Are Belong To Me: Reverse Engineering Emails on an Enterprise Level | Ronnie Tokazowski, Senior Researcher, PhishMe | Thursday, October 23rd, 12:30pm - 1:15pm | Lunch and Learn |
| The Law of Offensive Countermeasures, Active Defense or Whatever You Wanna Call It | Benjamin Wright | Thursday, October 23rd, 7:15pm - 8:15pm | SANS@Night |
| Windows Exploratory Surgery with Process Hacker- | Jason Fossen | Thursday, October 23rd, 7:15pm - 8:45pm | SANS@Night |
| Compli-promised: Balancing with Risk Mgt | My-Ngoc Nguyen | Thursday, October 23rd, 7:15pm - 8:15pm | SANS@Night |
| Analysis of Meterpreter During Post-Exploitation | Kiel Wadner - Master's Degree Candidate | Thursday, October 23rd, 7:15pm - 7:55pm | Master's Degree Presentation |
| GIAC Program Overview | Jeff Frisk | Thursday, October 23rd, 8:15pm - 8:45pm | Special Events |
| Sushi-grade Smartphone Forensics on a Ramen Noodle Budget | Heather Mahalik | Thursday, October 23rd, 8:15pm - 9:15pm | SANS@Night |
| Logs, Logs, Every Where / Nor Any Byte to Grok | Phil Hagen | Thursday, October 23rd, 8:15pm - 9:15pm | SANS@Night |
Friday, October 24
| Session | Speaker | Time | Type |
|---|---|---|---|
| The Bot Inside the Machine | Johannes Ullrich | Friday, October 24th, 7:15pm - 8:15pm | SANS@Night |
| Security Awareness Metrics: Measuring Human Behavior | Lance Spitzner | Friday, October 24th, 7:15pm - 8:15pm | SANS@Night |
| Securing The Kids | Lance Spitzner | Friday, October 24th, 8:15pm - 9:15pm | SANS@Night |
