Hacking Back, Active Defense and Internet Tough Guys
- John Strand
- Wednesday, April 15th, 8:15pm - 9:15pm
In this presentation John Strand will demonstrate the Active Defense Harbinger Distribution, a DARPA funded, free Active Defense virtual machine. He will debunk many of the myths, outright lies, and subtle confusions surrounding taking active actions against attackers. From this presentation, you will not only know how to take action against attackers, you will learn how to do it legally.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
- Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Sunday, April 12
| Session | Speaker | Time | Type |
|---|---|---|---|
| Registration Welcome Reception | — | Sunday, April 12th, 5:00pm - 7:00pm | Reception |
Monday, April 13
| Session | Speaker | Time | Type |
|---|---|---|---|
| General Session - Welcome to SANS | Dr. Eric Cole | Monday, April 13th, 8:15am - 8:45am | Special Events |
| SANS Technology Institute Reception and Information Session | Bill Lockhart, Executive Director, SANS Technology Institute | Monday, April 13th, 5:30pm - 7:00pm | Special Events |
| Understanding the Offense to Build a Better Defense | Dr. Eric Cole | Monday, April 13th, 7:15pm - 9:15pm | Keynote |
Tuesday, April 14
| Session | Speaker | Time | Type |
|---|---|---|---|
| How to Become a SANS Instructor | Eric Conrad | Tuesday, April 14th, 12:30pm - 1:15pm | Lunch and Learn |
| Fight Cyber Adversaries with Controlled Collaboration | Trevor Welsh, Cyber Engineering Architect | Tuesday, April 14th, 12:30pm - 1:15pm | Lunch and Learn |
| Protecting the Things, Including the Ones You Already Have (and don't know about) | Tom Byrnes, CEO and Founder | Tuesday, April 14th, 12:30pm - 1:15pm | Lunch and Learn |
| Advanced Threats Need Comprehensive Defense | Anubhav Arora, System Architect, R&D, General Dynamics Fidelis Cybersecurity | Tuesday, April 14th, 12:30pm - 1:15pm | Lunch and Learn |
| Continuous Security Intelligence with the SANS Critical Security Controls | Justin Pennock, North America Sales Leader, EiQ Networks | Tuesday, April 14th, 12:30pm - 1:15pm | Lunch and Learn |
| Expose the Underground: Prevent Advanced Persistent Threats | Mike Milholland, Network Security Engineer, Palo Alto Networks | Tuesday, April 14th, 12:30pm - 1:15pm | Lunch and Learn |
| The Power of Threat Intelligence in your Cybersecurity Program | Jason McEachin - Director, Sales Engineering, Lookingglass | Tuesday, April 14th, 12:30pm - 1:15pm | Lunch and Learn |
| Women in Technology Meet and Greet | — | Tuesday, April 14th, 5:30pm - 6:30pm | Reception |
| Online Training Pool Party | — | Tuesday, April 14th, 6:15pm - 7:15pm | Reception |
| Using an Open Source Threat Model for Prioritized Defense | James Tarala | Tuesday, April 14th, 7:15pm - 8:15pm | SANS@Night |
| The 13 Absolute Truths of Security | Keith Palmgren | Tuesday, April 14th, 7:15pm - 8:15pm | SANS@Night |
| Self-Education: Using the Pull Method for Security Awareness Training | Lance Spitzner | Tuesday, April 14th, 7:15pm - 8:15pm | SANS@Night |
| Cyber Leadership Reception | — | Tuesday, April 14th, 7:15pm - 8:15pm | Reception |
| Router Vulnerabilities and Backdoors: Can You Trust Your Vendor? | Christoph Eckstein - Master's Degree Candidate | Tuesday, April 14th, 7:15pm - 7:55pm | Master's Degree Presentation |
| Preparing for PowerShellmageddon - Investigating Windows Command Line Activity | Chad Tilbury | Tuesday, April 14th, 8:15pm - 9:15pm | SANS@Night |
| iOS Game Hacking: How I Ruled the Worl^Hd and Built Skills For AWESOME Mobile App Pen Tests | Josh Wright | Tuesday, April 14th, 8:15pm - 9:15pm | SANS@Night |
| Securing The Kids | Lance Spitzner | Tuesday, April 14th, 8:15pm - 9:15pm | SANS@Night |
| Using Sysmon to Enrich Security Onion's Host-Level Capabilities | Josh Brower - Master's Degree Candidate | Tuesday, April 14th, 8:15pm - 8:55pm | Master's Degree Presentation |
Wednesday, April 15
| Session | Speaker | Time | Type |
|---|---|---|---|
| Vendor Solutions Expo | — | Wednesday, April 15th, 12:00pm - 1:30pm | Vendor Event |
| Vendor Solutions Expo | — | Wednesday, April 15th, 5:30pm - 7:30pm | Vendor Event |
| Malware Analysis for Incident Responders: Getting Started | Lenny Zeltser | Wednesday, April 15th, 7:15pm - 9:15pm | SANS@Night |
| Gone In 60 Minutes | David Hoelzer | Wednesday, April 15th, 7:15pm - 8:15pm | SANS@Night |
| Windows Exploratory Surgery with Process Hacker | Jason Fossen | Wednesday, April 15th, 7:15pm - 8:45pm | SANS@Night |
| It's Time To Make a Case | Moses Hernandez | Wednesday, April 15th, 7:15pm - 8:15pm | SANS@Night |
| A 0-Budget Approach to the Containment of Malware Traffic for Small Organizations | Paul Ackerman - Master's Degree Candidate | Wednesday, April 15th, 7:15pm - 7:55pm | Master's Degree Presentation |
| GIAC Program Overview | Jeff Frisk | Wednesday, April 15th, 8:15pm - 9:15pm | Special Events |
| Enterprise PowerShell for Remote Security Assessment | James Tarala | Wednesday, April 15th, 8:15pm - 9:15pm | SANS@Night |
| Hacking Back, Active Defense and Internet Tough Guys | John Strand | Wednesday, April 15th, 8:15pm - 9:15pm | SANS@Night |
| Security Data Visualization | Balaji Balakrishnan - Master's Degree Candidate | Wednesday, April 15th, 8:15pm - 8:55pm | Master's Degree Presentation |
Thursday, April 16
| Session | Speaker | Time | Type |
|---|---|---|---|
| Tackling Application Security Challenges Through Progressive Scanning | Tom Cline, Technical Account Manager | Thursday, April 16th, 12:30pm - 1:15pm | Lunch and Learn |
| Rapid Visibility and Compliance with CloudPassage Halo | Ryan Thomas, Director of Product & Chad Gasaway, Sr. Sales Engineer | Thursday, April 16th, 12:30pm - 1:15pm | Lunch and Learn |
| Reverse Engineering Emails for Threat Indicators | Ronnie Takazowski, Senior Research Engineer, PhishMe | Thursday, April 16th, 12:30pm - 1:15pm | Lunch and Learn |
| Anatomy of An Attack - It Takes an Expert to Stop Attackers | Stephen Coty, Chief Security Evangelist, Alert Logic | Thursday, April 16th, 12:30pm - 1:15pm | Lunch and Learn |
| Bit9 Connect IR Partner Enablement | James Darby, Director of IR/MSSP Operations | Thursday, April 16th, 12:30pm - 1:15pm | Lunch and Learn |
| Prevent - Detect - Respond | Justin Kallhoff, Founder, Infogressive | Thursday, April 16th, 12:30pm - 1:15pm | Lunch and Learn |
| Debunking the Complex Password Myth | Keith Palmgren | Thursday, April 16th, 7:15pm - 8:15pm | SANS@Night |
| The Law of Offensive Countermeasures, Active Defense or Whatever You Wanna Call It | Benjamin Wright | Thursday, April 16th, 7:15pm - 8:15pm | SANS@Night |
| Raising the Bar with Security Skills Assessment and Training | Paul Hershberger - Master's Degree Candidate | Thursday, April 16th, 7:15pm - 7:55pm | Master's Degree Presentation |
| Let's Face It, You Are Probably Compromised. What Next? | Joff Thyer | Thursday, April 16th, 8:15pm - 9:15pm | SANS@Night |
| Defense Needed, Superbees Wanted | Malik Mesellem | Thursday, April 16th, 8:15pm - 9:15pm | SANS@Night |
