Two weeks of training and 14 courses available in San Francisco - Mar. 16-27. Save $300 thru 1/22!

Rocky Mountain 2016

Denver, CO | Mon, Jul 11 - Sat, Jul 16, 2016
This event is over,
but there are more training opportunities.
 

Quality not Quantity: Continuous Monitoring's Deadliest Events

  • Eric Conrad
  • Wednesday, July 13th, 8:15pm - 9:15pm

Most Security Operations Centers are built for compliance, not security. One well-known retail firm suffered the theft of over a million credit cards. 60,000 true positive events were reported to their SOC during that breach... and missed: lost in the noise of millions. If you are bragging about how many events your SOC "handles" each day: you are doing it wrong.

During this talk we will show you how to focus on quality instead of quantity, and provide an actionable list of the deadliest events that occur during virtually every successful breach.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Monday, July 11
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Monday, July 11th, 8:15am - 8:45am Special Events
Using an Open Source Threat Model for Prioritized Defense James Tarala Monday, July 11th, 7:15pm - 9:15pm Keynote
Tuesday, July 12
Session Speaker Time Type
Women's CONNECT Event Hosted by SANS COINS program and ISSA WIS SIG Tuesday, July 12th, 6:00pm - 9:15pm Special Events
HTTPDeux Adrien de Beaupre Tuesday, July 12th, 7:15pm - 8:15pm SANS@Night
Offensive Countermeasures, Active Defenses, and Internet Tough Guys John Strand Tuesday, July 12th, 8:15pm - 9:15pm SANS@Night
Wednesday, July 13
Session Speaker Time Type
Vendor Showcase Wednesday, July 13th, 10:00am - 10:20am Vendor Event
Taking your Log Management Strategy from Good to GREAT!! Gene McGowan, CISSP, Senior Sales Engineer Wednesday, July 13th, 12:30pm - 1:15pm Lunch and Learn
Vendor Showcase Wednesday, July 13th, 3:00pm - 3:20pm Vendor Event
How Not to Suck at Cyber Attack Attribution Jake Williams Wednesday, July 13th, 7:15pm - 8:15pm SANS@Night
Hardware Keyloggers: Attack and Defense Glen Roberts - Master's Degree Candidate Wednesday, July 13th, 7:15pm - 7:55pm Master's Degree Presentation
Quality not Quantity: Continuous Monitoring's Deadliest Events Eric Conrad Wednesday, July 13th, 8:15pm - 9:15pm SANS@Night
OPM vs. APT: How Proper Implementation of Key Controls Could Have Prevented a Disaster David Kennel - Master's Degree Candidate Wednesday, July 13th, 8:15pm - 8:55pm Master's Degree Presentation
Thursday, July 14
Session Speaker Time Type
How to Commit Card Fraud G. Mark Hardy Thursday, July 14th, 7:15pm - 8:15pm SANS@Night
Implementing Secure HTTP Headers Serge Borso Thursday, July 14th, 8:15pm - 9:15pm SANS@Night
Friday, July 15
Session Speaker Time Type
Advancing the Security Agenda- Compelling Leadership to Support Security Doc Blackburn Friday, July 15th, 7:15pm - 8:15pm SANS@Night
This event is over,
but there are more training opportunities.
 
Downloads
Share
Latest Whitepapers

Threat Hunting and Discovery: A SANS Review of Vectra Cognito
By Dave Shackleford

Lateral traffic movement in Virtual Private Clouds
By Andy Huang

Defense in Depth: Can Geolocation Help Prevent Tax Fraud?
By Jon Glas

Last 25 Papers »

Latest Tweets @SANSInstitute

SANS Certified Instructor @0sm0s1z picks a personal goal, ma [...]
January 17, 2020 - 5:15 PM

Take the SANS 2020 Automation and Integration Survey and tel [...]
January 17, 2020 - 5:03 PM

Many #SANSTraining events are open for registration, includi [...]
January 17, 2020 - 3:45 PM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.

"Just amazing content and instruction, it's really a 'must do' for any info sec professional."
- Mark Austin, PHH Mortgage