Moving Left: Driving Proactive Defense through Threat Investigation
- Jackie Abrams
- Tuesday, September 22nd, 12:30pm - 1:15pm
In the SOC, defenders are often true to their name playing defense to manage detections, assess risk, and protect the network from an ever-evolving barrage of threats. Doing this assessment and response faster is often the main goal of most IR teams. However, attacks don't start with alerts they start with the infrastructure that attackers set up to deliver the attack.
In this Lunch and Learn, DomainTools VP of Product, Jackie Abrams, will use real-world attacks to show you how to create repeatable processes for not just assessing indicator risk to support faster triage and more effective threat escalation, but also for investigating threat actor infrastructure and creating profiles that you can use to hunt externally for threats relevant to your organization moving left in attack detection by finding threats before they find you.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, September 21
| Session | Speaker | Time | Type |
|---|---|---|---|
| Influencing a Software Vendor's Roadmap | James Nixon | Monday, September 21st, 12:30pm - 1:15pm | Special Events |
| Back to the (Cyber) Future: Tomorrow's Cybersecurity Relies on Today's Asset Management | Andrew Senko | Monday, September 21st, 12:30pm - 1:15pm | Special Events |
| Network Security Monitoring vs Encryption | Richard Bejtlich | Monday, September 21st, 12:30pm - 1:15pm | Special Events |
| SANS@Mic PowerShell 2020: State of the Art / Hack / Infection | Jason Fossen | Monday, September 21st, 7:30pm - 9:30pm | Keynote |
Tuesday, September 22
| Session | Speaker | Time | Type |
|---|---|---|---|
| SANS.edu Undergraduate & Graduate Programs Information Session | — | Tuesday, September 22nd, 8:00am - 8:30am | Special Events |
| Solving Network and Security Challenges with SASE | Nitin Kumar, Eric Trolan | Tuesday, September 22nd, 12:30pm - 1:15pm | Special Events |
| Defense Against the Dark Arts: Dissecting Sandbox Evasion Techniques | Ben Abbott | Tuesday, September 22nd, 12:30pm - 1:15pm | Special Events |
| Moving Left: Driving Proactive Defense through Threat Investigation | Jackie Abrams | Tuesday, September 22nd, 12:30pm - 1:15pm | Special Events |
Wednesday, September 23
| Session | Speaker | Time | Type |
|---|---|---|---|
| Automating Event Triage in the Cloud | Jay Spann | Wednesday, September 23rd, 12:30pm - 1:15pm | Special Events |
| Confidence in Security Intelligence | John Wetzel | Wednesday, September 23rd, 12:30pm - 1:15pm | Special Events |
| The Myths of Network Security | Matt Cauthorn | Wednesday, September 23rd, 12:30pm - 1:15pm | Special Events |
| SANS@Mic - OSINT Geolocation Techniques and How to Prevent Them | Micah Hoffman | Wednesday, September 23rd, 7:30pm - 8:30pm | SANS@Night |
Thursday, September 24
| Session | Speaker | Time | Type |
|---|---|---|---|
| Leveraging Asset Visibility to Enhance Security Operations | Mehul Revankar | Thursday, September 24th, 12:30pm - 1:15pm | Special Events |
