Get an 11" iPad Pro w/ Apple Pencil or other Special Offers with OnDemand Training thru 8/19

Rocky Mountain 2016

Denver, CO | Mon, Jul 11 - Sat, Jul 16, 2016
This event is over,
but there are more training opportunities.
 

Quality not Quantity: Continuous Monitoring's Deadliest Events

  • Eric Conrad
  • Wednesday, July 13th, 8:15pm - 9:15pm

Most Security Operations Centers are built for compliance, not security. One well-known retail firm suffered the theft of over a million credit cards. 60,000 true positive events were reported to their SOC during that breach... and missed: lost in the noise of millions. If you are bragging about how many events your SOC "handles" each day: you are doing it wrong.

During this talk we will show you how to focus on quality instead of quantity, and provide an actionable list of the deadliest events that occur during virtually every successful breach.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Monday, July 11
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Monday, July 11th, 8:15am - 8:45am Special Events
Using an Open Source Threat Model for Prioritized Defense James Tarala Monday, July 11th, 7:15pm - 9:15pm Keynote
Tuesday, July 12
Session Speaker Time Type
Women's CONNECT Event Hosted by SANS COINS program and ISSA WIS SIG Tuesday, July 12th, 6:00pm - 9:15pm Special Events
HTTPDeux Adrien de Beaupre Tuesday, July 12th, 7:15pm - 8:15pm SANS@Night
Offensive Countermeasures, Active Defenses, and Internet Tough Guys John Strand Tuesday, July 12th, 8:15pm - 9:15pm SANS@Night
Wednesday, July 13
Session Speaker Time Type
Vendor Showcase Wednesday, July 13th, 10:00am - 10:20am Vendor Event
Taking your Log Management Strategy from Good to GREAT!! Gene McGowan, CISSP, Senior Sales Engineer Wednesday, July 13th, 12:30pm - 1:15pm Lunch and Learn
Vendor Showcase Wednesday, July 13th, 3:00pm - 3:20pm Vendor Event
How Not to Suck at Cyber Attack Attribution Jake Williams Wednesday, July 13th, 7:15pm - 8:15pm SANS@Night
Hardware Keyloggers: Attack and Defense Glen Roberts - Master's Degree Candidate Wednesday, July 13th, 7:15pm - 7:55pm Master's Degree Presentation
Quality not Quantity: Continuous Monitoring's Deadliest Events Eric Conrad Wednesday, July 13th, 8:15pm - 9:15pm SANS@Night
OPM vs. APT: How Proper Implementation of Key Controls Could Have Prevented a Disaster David Kennel - Master's Degree Candidate Wednesday, July 13th, 8:15pm - 8:55pm Master's Degree Presentation
Thursday, July 14
Session Speaker Time Type
How to Commit Card Fraud G. Mark Hardy Thursday, July 14th, 7:15pm - 8:15pm SANS@Night
Implementing Secure HTTP Headers Serge Borso Thursday, July 14th, 8:15pm - 9:15pm SANS@Night
Friday, July 15
Session Speaker Time Type
Advancing the Security Agenda- Compelling Leadership to Support Security Doc Blackburn Friday, July 15th, 7:15pm - 8:15pm SANS@Night
This event is over,
but there are more training opportunities.
 
Downloads
Share
Latest Whitepapers

Measuring and Improving Cyber Defense Using the MITRE ATT&CK Framework
By John Hubbard

Benefits and Adoption Rate of TLS 1.3
By Ben Weber

Browser Isolation: A SANS Review of Cyberinc's Isla
By Matt Bromiley

Last 25 Papers »

Latest Tweets @SANSInstitute

In this week's episode of the #BlueprintPodcast, @Microsoft [...]
August 7, 2020 - 12:40 AM

Get advice from the pros on how you can get the most out of [...]
August 6, 2020 - 11:35 PM

Learn crucial #cybersecurity skills to more effectively secu [...]
August 6, 2020 - 10:30 PM

Contact Us

Mon-Fri: 9am-8pm ET (phone/email)
Sat-Sun: 9am-5pm ET (email only)
301-654-SANS(7267)
info@sans.org

"It was a great learning experience that helped open my eyes wider. The instructor's knowledge was fantastic."
- Manuja Wikesekera, Melbourne Cricket Club

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"Just amazing content and instruction, it's really a 'must do' for any info sec professional."
- Mark Austin, PHH Mortgage