Rocky Mountain 2016

Denver, CO | Mon, Jul 11 - Sat, Jul 16, 2016
This event is over,
but there are more training opportunities.
 

Quality not Quantity: Continuous Monitoring's Deadliest Events

  • Eric Conrad
  • Wednesday, July 13th, 8:15pm - 9:15pm

Most Security Operations Centers are built for compliance, not security. One well-known retail firm suffered the theft of over a million credit cards. 60,000 true positive events were reported to their SOC during that breach... and missed: lost in the noise of millions. If you are bragging about how many events your SOC "handles" each day: you are doing it wrong.

During this talk we will show you how to focus on quality instead of quantity, and provide an actionable list of the deadliest events that occur during virtually every successful breach.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Monday, July 11
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Monday, July 11th, 8:15am - 8:45am Special Events
Using an Open Source Threat Model for Prioritized Defense James Tarala Monday, July 11th, 7:15pm - 9:15pm Keynote
Tuesday, July 12
Session Speaker Time Type
Women's CONNECT Event Hosted by SANS COINS program and ISSA WIS SIG Tuesday, July 12th, 6:00pm - 9:15pm Special Events
HTTPDeux Adrien de Beaupre Tuesday, July 12th, 7:15pm - 8:15pm SANS@Night
Offensive Countermeasures, Active Defenses, and Internet Tough Guys John Strand Tuesday, July 12th, 8:15pm - 9:15pm SANS@Night
Wednesday, July 13
Session Speaker Time Type
Vendor Showcase Wednesday, July 13th, 10:00am - 10:20am Vendor Event
Taking your Log Management Strategy from Good to GREAT!! Gene McGowan, CISSP, Senior Sales Engineer Wednesday, July 13th, 12:30pm - 1:15pm Lunch and Learn
Vendor Showcase Wednesday, July 13th, 3:00pm - 3:20pm Vendor Event
How Not to Suck at Cyber Attack Attribution Jake Williams Wednesday, July 13th, 7:15pm - 8:15pm SANS@Night
Hardware Keyloggers: Attack and Defense Glen Roberts - Master's Degree Candidate Wednesday, July 13th, 7:15pm - 7:55pm Master's Degree Presentation
Quality not Quantity: Continuous Monitoring's Deadliest Events Eric Conrad Wednesday, July 13th, 8:15pm - 9:15pm SANS@Night
OPM vs. APT: How Proper Implementation of Key Controls Could Have Prevented a Disaster David Kennel - Master's Degree Candidate Wednesday, July 13th, 8:15pm - 8:55pm Master's Degree Presentation
Thursday, July 14
Session Speaker Time Type
How to Commit Card Fraud G. Mark Hardy Thursday, July 14th, 7:15pm - 8:15pm SANS@Night
Implementing Secure HTTP Headers Serge Borso Thursday, July 14th, 8:15pm - 9:15pm SANS@Night
Friday, July 15
Session Speaker Time Type
Advancing the Security Agenda- Compelling Leadership to Support Security Doc Blackburn Friday, July 15th, 7:15pm - 8:15pm SANS@Night
This event is over,
but there are more training opportunities.
 
Downloads
Share
Latest Whitepapers

Threat Hunting with Consistency
By Matt Bromiley

Threat Hunting and Incident Response in a post-compromised environment
By Rukhsar Khan

Assisted Security Investigations Using Cognitive Computing
By Lori Stroud

Last 25 Papers »

Latest Tweets @SANSInstitute

#SANSTraining teaches you to see new aspects of #cybersecuri [...]
December 11, 2019 - 2:45 AM

Register by tomorrow to save $150 on #cybersecurity training [...]
December 11, 2019 - 12:15 AM

Looking for #cybersecurity training in California? Check out [...]
December 10, 2019 - 10:30 PM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"As a security professional, this info is foundational to do a competent job, let alone be successful."
- Michael Foster, Providence Health and Security

"Just amazing content and instruction, it's really a 'must do' for any info sec professional."
- Mark Austin, PHH Mortgage

"Expertise of the trainer is impressive, real life situations explained, very good manuals. Best training ever!"
- Jerry Robles de Medina, Godo CU