One Day Left to Get an iPad Pro w/ Smart Keyboard, HP ProBook, or $350 Off with OnDemand and vLive Training!

Northern Virginia- Alexandria 2018

Alexandria, VA | Mon, Aug 13 - Sat, Aug 18, 2018
This event is over,
but there are more training opportunities.

The Answer is on the Endpoint

  • Alissa Torres
  • Monday, August 13th, 7:15pm - 9:15pm

With an estimated 80% of today‚s malicious code employing anti-detection and anti-analysis mechanisms, security teams are in an intractable arms race. Attackers build or buy evasive malware to extend dwell time and accomplish their cyber objectives. In response, security teams roll out next-gen technologies and adapt their investigative methods to catch up. Despite executive teams‚ hyper-focus and increased spending on incident response capabilities, a critical and overlooked success factor in many incident investigations is the analyst‚s ability to detect attacker activity and analyze the host-based trace artifacts left behind. Analysts need to know where to look for attacker presence and activity when the most obvious artifacts are gone.

Learning Objectives

  1. Gain actionable insight into trace endpoint artifacts that reveal threat actors‚ lateral movement and evasion techniques.
  2. Learn key endpoint indicators of compromise to increase the fidelity of your threat hunting strategies.
  3. Prepare a training plan for upping the skills of your incident response team to detect and analyze critical tells of adversary.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, August 13
Session Speaker Time Type
General Session - Welcome to SANS Adrien de Beaupre Monday, August 13th, 8:00am - 8:30am Special Events
The Answer is on the Endpoint Alissa Torres Monday, August 13th, 7:15pm - 9:15pm Keynote
Tuesday, August 14
Session Speaker Time Type
HTTPdeux Adrien de Beaupre Tuesday, August 14th, 7:15pm - 8:15pm SANS@Night
Wednesday, August 15
Session Speaker Time Type
Zero Trust Networks Randy Marchany Wednesday, August 15th, 7:15pm - 8:15pm SANS@Night