OnDemand Training - Best Special Offers of the Year Ending Soon - Learn More

San Francisco Fall 2018

San Francisco, CA | Mon, Nov 26, 2018 - Sat, Dec 1, 2018
This event is over,
but there are more training opportunities.

The Answer is on the Endpoint.

  • Alissa Torres
  • Monday, November 26th, 7:15pm - 9:15pm

With an estimated 80% of today's malicious code employing anti-detection and anti-analysis mechanisms, security teams are in an intractable arms race. Attackers build or buy evasive malware to extend dwell time and accomplish their cyber objectives. In response, security teams roll out next-gen technologies and adapt their investigative methods to catch up. Despite executive teams' hyper-focus and increased spending on incident response capabilities, a critical and overlooked success factor in many incident investigations is the analyst‚s ability to detect attacker activity and analyze the host-based trace artifacts left behind. Analysts need to know where to look for attacker presence and activity when the most obvious artifacts are gone.

Learning Objectives

  1. Gain actionable insight into trace endpointartifacts that reveal threat actors‚ lateral movement and evasion techniques.
  2. Learn key endpoint indicators of compromise to increase the fidelity of your threat hunting strategies.
  3. Prepare a training plan for upping the skills of your incident response team to detect and analyze critical tells of adversary.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Lunch & Learn: Short presentations given during the lunch break.
Monday, November 26
Session Speaker Time Type
General Session - Welcome to SANS Jeff McJunkin Monday, November 26th, 8:00am - 8:30am Special Events
The Answer is on the Endpoint. Alissa Torres Monday, November 26th, 7:15pm - 9:15pm Keynote
Tuesday, November 27
Session Speaker Time Type
What Every Security Pro Should Know About Cloud Hacking Madhu Somu, Director of Technology Tuesday, November 27th, 12:30pm - 1:15pm Lunch and Learn
Building Your Own Kickass Home Lab Jeff McJunkin Tuesday, November 27th, 7:15pm - 8:15pm SANS@Night
Wednesday, November 28
Session Speaker Time Type
Oh, You Got This? Practical Attacks on Modern Infrastructure Moses Frost Wednesday, November 28th, 7:15pm - 8:15pm SANS@Night
Thursday, November 29
Session Speaker Time Type
Passing GIAC Exams for Fun and Profit Jon Gorenflo Thursday, November 29th, 7:15pm - 8:15pm SANS@Night