No Budget Implementation of the SANS 20 Security Controls
- Russell Eubanks
- Tuesday, June 10th, 8:15pm - 9:15pm
A consensus of defensive and offensive security practitioners developed the SANS 20 Security Controls. In their implementation of this program, the United States Department of State demonstrated an 85 percent reduction in vulnerabilities in the first year alone. Small businesses can use practical and often no-cost ways to leverage existing security and administration tools to bolster their information security posture. Each control is paired with pragmatic ways for small business to rapidly deploy a continuous monitoring program. By leveraging and leaning into existing tools, the small business can develop a robust continuous monitoring program that is positioned to better recognize and respond to threats.
Russell Eubanks has been a security leader in several financial and health care organizations. He has developed information security programs from the ground up and actively seeks opportunities to measurably increase their overall security posture.
Russell is enrolled in the SANS Technology Institute and has a Bachelor of Science in Computer Science. He holds several security certifications including the CISSP, CISM, GCIA, GCIH, GPEN, GISP, GSEC and GWAPT. He is a leader of the Atlanta OWASP chapter and is instrumental in helping it grow. http://www.securityeverafter.com
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
|SANS Technology Institute Open House||—||Special Events|
Monday, June 9
Tuesday, June 10
|Continuous Ownage: Why you Need Continuous Monitoring||Seth Misenar||Tuesday, June 10th, 7:15pm - 8:15pm||SANS@Night|
|No Budget Implementation of the SANS 20 Security Controls||Russell Eubanks||Tuesday, June 10th, 8:15pm - 9:15pm||SANS@Night|
Wednesday, June 11
|Vendor Showcase||—||Wednesday, June 11th, 10:30am - 10:50am||Vendor Event|
|Fortinet Next Generation Firewalls||—||Wednesday, June 11th, 12:30pm - 1:15pm||Lunch and Learn|
|Taking Your Training to Work : A Practical Approach to Operationalizing SANS Critical Security Control for Information Security Management||Chuck Mackey, Sequris Group||Wednesday, June 11th, 12:30pm - 1:15pm||Lunch and Learn|
|The User is the Target: Spear-phishing, Watering Hole Attacks, Drive-by Downloads||Shawn Munoz, Sales Engineer, Invincea||Wednesday, June 11th, 12:30pm - 1:15pm||Lunch and Learn|
|Vendor Showcase||—||Wednesday, June 11th, 12:30pm - 1:15pm||Vendor Event|
|Vendor Showcase||—||Wednesday, June 11th, 3:00pm - 3:20pm||Vendor Event|
|Selling Security to Decision Makers||Doc Blackburn||Wednesday, June 11th, 7:15pm - 8:15pm||SANS@Night|
|SQL Injection Exploited||Micah Hoffman||Wednesday, June 11th, 8:15pm - 9:15pm||SANS@Night|
Thursday, June 12
|An Introduction to PowerShell for Security Assessments||James Tarala||Thursday, June 12th, 7:15pm - 8:15pm||SANS@Night|
Friday, June 13
|DLP FAIL!!! Using Encoding, Steganography and Covert Channels to Evade DLP and Other Critical Controls||Kevin Fiscus||Friday, June 13th, 7:15pm - 8:15pm||SANS@Night|