SANS Cyber Defense Initiative® 2020 Live Online: 30+ Interactive Courses | Virtual NetWars Tournaments. Save $300 thru 11/18

Rocky Mountain 2015

Denver, CO | Mon, Jun 22 - Sat, Jun 27, 2015
This event is over,
but there are more training opportunities.

Why Our Defenses Are Failing Us. One Click Is All It Takes...

  • Bryce Galbraith
  • Tuesday, June 23rd, 7:15pm - 8:15pm

Organizations are spending unprecedented amounts of money in an attempt to defend their assets...yet all too often, one click is all it takes for everything to come toppling down around them. Every day we read in the news about national secrets, intellectual property, financial records, and personal details being exfiltrated from the largest organizations on earth. How is this being done? How are adversaries bypassing our defenses (e.g. strong passwords, non-privileged accounts, anti-virus, firewalls/proxies, IDS/IPS, logging, etc.)? And most importantly, what can we do about it? A keen understanding of the true risks we face in today's threatscape is paramount to keeping your ones and zeros where they belong...

This presentation will walk through an example spear-phishing campaign to demonstrate:

  • How attackers perform recon on key individuals in target organizations (e.g. admins, executives, engineers, help desk personnel, etc.)
  • How attackers craft and deliver payloads that bypass most detection mechanisms
  • How attackers elevate privileges to super-user levels - even on fully-patched systems
  • How attackers bypass strong passwords, smart cards, multi-factor, bio-metrics, and virtually all forms of strong authentication
  • How attackers move adroitly throughout the environment in search of their "prize" with minimal footprint or artifacts
  • How attackers exfiltrate secrets from the organization undetected

Many organizations are busy being busy, managing all kinds of projects and initiatives. They have the right products. They have more logs than they know what to do with. Yet the uncomfortable question persists, "Is it working?" If one click by a user is all it takes, we need to re-evaluate...

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Lunch & Learn: Short presentations given during the lunch break.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Monday, June 22
Session Speaker Time Type
General Session - Welcome to SANS Mike Poor Monday, June 22nd, 8:15am - 8:45am Special Events
Who's Watching the Watchers? Mike Poor Monday, June 22nd, 7:15pm - 9:15pm Keynote
Tuesday, June 23
Session Speaker Time Type
Instant Layered Security For Your Cloud Servers Amir Rehman, Cloud Security Evangelist Tuesday, June 23rd, 12:30pm - 1:15pm Lunch and Learn
SANS Technology Institute Lunch & Learn Matthew Scott, Director, Institutional Effectiveness; School Certifying Official (SCO) Tuesday, June 23rd, 12:30pm - 1:15pm Lunch and Learn
Jailbreak / Root Workshop for Mobile Devices Chris Crowley Tuesday, June 23rd, 5:30pm - 7:00pm SANS@Night
Why Our Defenses Are Failing Us. One Click Is All It Takes... Bryce Galbraith Tuesday, June 23rd, 7:15pm - 8:15pm SANS@Night
Wednesday, June 24
Session Speaker Time Type
Prevent - Detect - Respond Will Tipton, Security Engineer, Infogressive Wednesday, June 24th, 12:30pm - 1:15pm Lunch and Learn
The 13 Absolute Truths of Security Keith Palmgren Wednesday, June 24th, 7:15pm - 8:15pm SANS@Night
Security Dashboards - Metrics That Help You Manage Risk Dean Sapp - Master's Degree Candidate Wednesday, June 24th, 7:15pm - 8:15pm Master's Degree Presentation
Debunking the Complex Password Myth Keith Palmgren Wednesday, June 24th, 8:15pm - 9:15pm SANS@Night