Monitoring and Incident Response on a Shoestring Budget
- Joff Thyer
- Thursday, January 18th, 7:15pm - 8:15pm
As pen testers, we are familiar with the techniques used to attack an environment. Knowing these techniques informs us with respect to various methods of potential detection. In fact, we are often asked by our clients what they could have done to detect the methods we used to successfully compromise their environment. There are so many great community projects out there that allow defenders to assemble their own toolkit for tactical, and focused environment monitoring. In talk, I will cover a continuing evolution of how you can use free and open source tools to help detect potential attackers in your network.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Wednesday, January 17
Session |
Speaker |
Time | Type |
Kill Chain |
Paul Henry |
Wednesday, January 17th, 7:15pm - 8:15pm |
SANS@Night |