Four Days Left to Get an iPad (32G), Galaxy Tab A, or $250 Off Online Training!

Network Security 2018

Las Vegas, NV | Sun, Sep 23 - Sun, Sep 30, 2018
This event is over,
but there are more training opportunities.
 

Anatomy of how stolen data appears on the dark web (and why you should care)

  • Tyler Carbone, Chief Product Officer
  • Monday, September 24th, 12:30pm - 1:15pm

The dark web is a structured economy which hosts various marketplaces, some dedicated exclusively to trading and selling stolen data. Security organizations are responsible for specific data that is important and valuable to their companies, as well as to criminals who look to monetize that same data. This includes everything from personal data (PII and account credentials) to financial data (payment card details, payroll records) to broader corporate data (employee, executive, and board member personal information, proprietary data, intellectual property, and source code).

How data is sold, how it appears, and how it is valued on the dark web are key factors to consider when updating security measures at a network level. With a comprehensive understanding of how illegal marketplaces are structured and operated, organizations can proactively place the right assets under monitoring and reactively confirm if detected data under monitoring leaked from their systems or from a third party, speeding up the remediation time and decreasing overall damage. You canāt stop everything, but by using data intelligence, organizations can have visibility into their exposure on the dark web, helping to reduce the risk of the inevitable data exposure.

Key takeaways:

- Examples of how stolen data appears for sale on the dark web

- How to confirm if data found on the dark web came from your system or from a third party

- How criminals monetize each type of listing

- How to use dark web data with log data to aide in the investigation process

Terbium Labs

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
Sunday, September 23
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Sunday, September 23rd, 8:00am - 8:30am Special Events
WMI Attacks - What You Don't Know CAN Hurt You Chad Tilbury Sunday, September 23rd, 7:15pm - 9:15pm Keynote
Monday, September 24
Session Speaker Time Type
Adaptive Defense 360: Differentiating Values in Endpoint Visibility and Control Rui Lopes, North America Pre-Sales Engineering Manager Monday, September 24th, 12:30pm - 1:15pm Lunch and Learn
The Art of Collaboration Joe Gehrke, Senior Sales Engineer Monday, September 24th, 12:30pm - 1:15pm Lunch and Learn
Tapping Wires: Easy DNS Security Analysis Lennart Koopmann, Founder Monday, September 24th, 12:30pm - 1:15pm Lunch and Learn
Anatomy of how stolen data appears on the dark web (and why you should care) Tyler Carbone, Chief Product Officer Monday, September 24th, 12:30pm - 1:15pm Lunch and Learn
Risk IQ Product Test Drive Monday, September 24th, 6:00pm - 8:00pm Vendor Event
Traveling Paranoid (but not too Paranoid) Philip Hagen and Chris Crowley Monday, September 24th, 7:15pm - 8:15pm SANS@Night
So, You Wanna be a Pentester? Adrien de Beaupre Monday, September 24th, 7:15pm - 8:15pm SANS@Night
Continuous Security: Monitoring & Active Defense in the Cloud Eric Johnson Monday, September 24th, 7:15pm - 8:15pm SANS@Night
Could We Have Stopped This? Attack Simulations for Blue Team Hardening Alissa Torres Monday, September 24th, 7:15pm - 8:15pm SANS@Night
Hacking Dumberly, Just Like the Bad Guys Tim Medin Monday, September 24th, 8:15pm - 9:15pm SANS@Night
Let's Go Hunting Bad Guys John Strand Monday, September 24th, 8:15pm - 9:15pm SANS@Night
Stuck in the Box, a SIEM's Tale Justin Henderson Monday, September 24th, 8:15pm - 9:15pm SANS@Night
Tuesday, September 25
Session Speaker Time Type
Coffee & Donuts with the Graduate Students Tuesday, September 25th, 7:30am - 9:00am Reception
Vendor Solutions Expo Tuesday, September 25th, 12:00pm - 1:30pm Vendor Event
Vendor Solutions Expo Tuesday, September 25th, 5:15pm - 7:15pm Vendor Event
GIAC Overview Presentation Jeff Frisk Tuesday, September 25th, 6:30pm - 7:15pm Special Events
APAC Student Reception at Network Security 2018 Tuesday, September 25th, 6:30pm - 7:30pm Reception
Responding to the European Union's new General Data Protection Regulation Ben Wright Tuesday, September 25th, 7:15pm - 8:15pm SANS@Night
Defense Is Doable - Breaking The Cyber Kill Chain Erik Van Buggenhout & Stephen Sims Tuesday, September 25th, 7:15pm - 8:15pm SANS@Night
Women's Connect & SANS Summits Workshop: How to Write Presentation Proposals for Cybersecurity Conferences Alissa Torres, Heather Mahalik, My-Ngoc Nguyen, Phil Hagen, and Sarah Edwards Tuesday, September 25th, 7:15pm - 8:15pm Special Events
An Evening of Hacking the Internet of Things (IoT) Stephen Sims, James Lyne, Tim Medin, & Jim Shewmaker Tuesday, September 25th, 7:15pm - 10:00pm Special Events
What is NetWars? Why play? Feel intimidated? Jeff McJunkin Tuesday, September 25th, 7:15pm - 8:15pm SANS@Night
Nation State LevelHoneypotting: Emulating Vulnerable Applications at Scale Dr. Johannes Ullrich Tuesday, September 25th, 8:15pm - 9:15pm SANS@Night
Blockchain 101 G. Mark Hardy Tuesday, September 25th, 8:15pm - 9:15pm SANS@Night
Wednesday, September 26
Session Speaker Time Type
Creating a Self-Service AppSec Program: Automate Testing During Development Ed Arnold, Solution Architect Wednesday, September 26th, 12:30pm - 1:15pm Lunch and Learn
Defense against targeted custom malware with Deep Learning For whom the malware tolls: Introduction to Deep Learning Cameron Byers, Sales Engineer Wednesday, September 26th, 12:30pm - 1:15pm Lunch and Learn
The Real Deal About AI Allan Klein, Sales Engineer Wednesday, September 26th, 12:30pm - 1:15pm Lunch and Learn
Achieving SOC-sess with Security Orchestration and Automation Nimmy Reichenberg Wednesday, September 26th, 12:30pm - 1:15pm Lunch and Learn
Saturday, September 29
Session Speaker Time Type
GSE Lab Examination Saturday, September 29th, 8:00am - 5:30pm Special Events
Sunday, September 30
Session Speaker Time Type
GSE Lab Examination Sunday, September 30th, 8:00am - 5:30pm Special Events
This event is over,
but there are more training opportunities.
 
Downloads
Share
Latest Whitepapers

Threat Hunting and Discovery: A SANS Review of Vectra Cognito
By Dave Shackleford

Lateral traffic movement in Virtual Private Clouds
By Andy Huang

Defense in Depth: Can Geolocation Help Prevent Tax Fraud?
By Jon Glas

Last 25 Papers »

Latest Tweets @SANSInstitute

In-person #cybersecurity training events in Virginia: #SAN [...]
January 19, 2020 - 8:15 PM

#SANSSecEast 2020 is right around the corner! Choose from [...]
January 19, 2020 - 12:30 AM

In-person #cybersecurity training events in the Western US: [...]
January 18, 2020 - 11:30 PM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"As a security professional, this info is foundational to do a competent job, let alone be successful."
- Michael Foster, Providence Health and Security

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.