Quality not Quantity: Continuous Monitoring's Deadliest Events
- Eric Conrad
- Wednesday, July 13th, 8:15pm - 9:15pm
Most Security Operations Centers are built for compliance, not security. One well-known retail firm suffered the theft of over a million credit cards. 60,000 true positive events were reported to their SOC during that breach... and missed: lost in the noise of millions. If you are bragging about how many events your SOC "handles" each day: you are doing it wrong.
During this talk we will show you how to focus on quality instead of quantity, and provide an actionable list of the deadliest events that occur during virtually every successful breach.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
- Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Wednesday, July 13
Session |
Speaker |
Time | Type |
Vendor Showcase |
— |
Wednesday, July 13th, 10:00am - 10:20am |
Vendor Event |
Taking your Log Management Strategy from Good to GREAT!! |
Gene McGowan, CISSP, Senior Sales Engineer |
Wednesday, July 13th, 12:30pm - 1:15pm |
Lunch and Learn |
Vendor Showcase |
— |
Wednesday, July 13th, 3:00pm - 3:20pm |
Vendor Event |
How Not to Suck at Cyber Attack Attribution |
Jake Williams |
Wednesday, July 13th, 7:15pm - 8:15pm |
SANS@Night |
Hardware Keyloggers: Attack and Defense |
Glen Roberts - Master's Degree Candidate |
Wednesday, July 13th, 7:15pm - 7:55pm |
Master's Degree Presentation |
Quality not Quantity: Continuous Monitoring's Deadliest Events |
Eric Conrad |
Wednesday, July 13th, 8:15pm - 9:15pm |
SANS@Night |
OPM vs. APT: How Proper Implementation of Key Controls Could Have Prevented a Disaster |
David Kennel - Master's Degree Candidate |
Wednesday, July 13th, 8:15pm - 8:55pm |
Master's Degree Presentation |