Stop Spear-Phishing and Watering Hole Attacks
- Put the User in a Bubble
- Chadd Milton
- Tuesday, March 12th, 12:30pm - 1:15pm
Your employees are the primary target of attack by a variety of adversaries bent on doing your organization harm. This is a fact that simply cannot be challenged based on the last 24-36 months worth of breach disclosures. Spear-phishing and watering hole attacks have been at the root of virtually every major attack disclosed during this time - whether the RSA breach, the campaign disclosed by Kaspersky labeled "Red October," the "Nitro" attacks, attacks against the energy sector, The New York Times, The Washington Post, The Wall Street Journal, The White House, Facebook, Apple, etc, etc, etc.
We've got a user problem on our hands that we need to rapidly solve. We're currently losing the battle to our adversaries because the endpoint has become the new perimeter and our endpoint defenses are largely antiquated.
However, innovation is here that you must take a look at...come hear why the NSA recently won a SANS National Security Award for its work with Invincea in combatting APTs and user-targeted attacks.
Join Chadd Milton of Invincea for an informative discussion that will cover:
- Recent examples of user targeted attacks and thoughts on why they've succeeded
- How advances in virtualization enable the creation of segregated environments for your users to run highly targeted applications such as the web browser, PDF reader, Office suite, etc.
- How behavioral based malware detection is being used in these segregated environments to spot and kill zero-days - including the recently announced Java 7 exploit
- Methods for turning thwarted attacks into rich forensic information that can feed your entire infrastructure and extend its usefulness
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
Sunday, March 10
|General Session - Welcome to SANS||Dr. Eric Cole||Sunday, March 10th, 8:15am - 8:45am||Special Events|
|There's a reason they're called persistent.||H. Michael Nichols, Technical Product Manager||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Dream Big||Suliman Al-Mazroua||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Fortinet Next Generation Firewalls||Infogressive Founder & CEO Justin Kallhoff||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|The Good, the Bad and the Broken||Bill Olson, CISSP - Subject Matter Expert for VM||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Splunk Lunch & Learn||—||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|Rapid7 Lunch & Learn||Paul Chu||Sunday, March 10th, 12:30pm - 1:15pm||Lunch and Learn|
|APT: It is Not Time to Pray, It is Time to Act||Dr. Eric Cole||Sunday, March 10th, 7:15pm - 9:15pm||Keynote|
|Project Management Approach to Yearly PCI Compliance Validation||Michael Hoehl||Sunday, March 10th, 7:15pm - 7:55pm||Special Events|
|Phish Stories: Technical Intervention when Humans Fail||Rich Graves||Sunday, March 10th, 8:00pm - 8:40pm||Special Events|
|Small Business: The New Target -- What Can They Do?||Robert L Comella||Sunday, March 10th, 8:45pm - 9:30pm||Special Events|
Monday, March 11
|Vendor Solutions Expo||—||Monday, March 11th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Monday, March 11th, 5:00pm - 7:00pm||Vendor Event|
|Social Zombies: Rise of the Mobile Dead||Kevin Johnson & Tom Eston||Monday, March 11th, 7:15pm - 8:15pm||SANS@Night|
|Knock-off Phone Forensics -Some Handsets Aren't What They Appear To Be||Heather Mahalik||Monday, March 11th, 7:15pm - 8:15pm||SANS@Night|
|Please Keep Your Brain Juice Off My Enigma: a True Story||Ed Skoudis & Josh Wright||Monday, March 11th, 7:15pm - 8:15pm||SANS@Night|
|Over-Zealous Social Media Investigations: Beware the Privacy Monster||Ben Wright||Monday, March 11th, 8:15pm - 9:15pm||SANS@Night|
|Introduction to Windows Kernel Exploitation||Stephen Sims||Monday, March 11th, 8:15pm - 9:15pm||SANS@Night|
Tuesday, March 12
|How to Become a SANS Instructor||Eric Conrad||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|Making the GRC Grade - How to Realize Continuous Compliance||Wallace Sann, Director of Systems Engineering||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|The Evolution of Vulnerability Management||Jack Daniel, Product Manager||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|The Windows Desktop: A Hackerās Best Friend? It Doesnāt Have To Be.||Derek Melber, Microsoft MVP||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|APTs As a Threat||Aaron Ansari, Director, Eastern US & Canada||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|Stop Spear-Phishing and Watering Hole Attacks||Chadd Milton||Tuesday, March 12th, 12:30pm - 1:15pm||Lunch and Learn|
|Women in Technology Meet and Greet||Karen Fioravanti||Tuesday, March 12th, 5:30pm - 6:30pm||Special Events|
|GIAC Program Overview||Jeff Frisk, GIAC Program Director||Tuesday, March 12th, 7:15pm - 8:15pm||Special Events|
|Hacking Your Friends and Neighbors For Fun||Joshua Wright||Tuesday, March 12th, 7:15pm - 8:15pm||SANS@Night|
|Panel - How Do We Secure The Human||Panel Members||Tuesday, March 12th, 7:15pm - 8:15pm||SANS@Night|
|Securing the Kids||Lance Spitzner and Rich Wistocki||Tuesday, March 12th, 8:15pm - 9:15pm||SANS@Night|
|InfoSec in the Financial World: War Stories and Lessons Learned||Bryan Simon||Tuesday, March 12th, 8:15pm - 9:15pm||SANS@Night|
|Open Mic Night||Brought to you by SANS Online Training||Tuesday, March 12th, 8:30pm - 10:30pm||Special Events|
Wednesday, March 13
|SANS Technology Institute Open House||Ray Davidson||Wednesday, March 13th, 7:15pm - 8:15pm||Special Events|
|Who's Watching the Watchers?||Mike Poor||Wednesday, March 13th, 7:15pm - 8:15pm||SANS@Night|
|Human Nature and Information Security: Irrational and Extraneous Factors That Matter||Lenny Zeltser||Wednesday, March 13th, 7:15pm - 8:15pm||SANS@Night|
|Why Our Defenses Are Failing Us. One Click Is All It Takes...||Bryce Galbraith||Wednesday, March 13th, 8:15pm - 9:15pm||SANS@Night|
|You Can Panic Now. Host Protection is (Mostly) Dead.||Rob Lee||Wednesday, March 13th, 8:15pm - 9:15pm||SANS@Night|
|"Hall of Shame" Apps in the Apple App Store and Google Play||Tom Eston||Wednesday, March 13th, 8:15pm - 9:15pm||SANS@Night|
Thursday, March 14
|Tales from the Crypt: TrueCrypt Analysis||Hal Pomeranz||Thursday, March 14th, 7:15pm - 8:15pm||SANS@Night|
|Finding Unknown Malware||Alissa Torres||Thursday, March 14th, 7:15pm - 8:15pm||SANS@Night|
|Honeypots For Home Use||James Leyte-Vidal||Thursday, March 14th, 7:15pm - 8:15pm||SANS@Night|
|Physical Repair of Mobile Devices - Practical Tips & Tricks For When Good Evidence Gets Broken||Det. Cindy Murphy||Thursday, March 14th, 8:15pm - 9:15pm||SANS@Night|
|Hunting and Sniper Forensics||Jason Lawrence||Thursday, March 14th, 8:15pm - 9:15pm||SANS@Night|