Register now for SANS Cyber Defense Initiative 2016 and save $400.

SANS 2015

Orlando, FL | Sat, Apr 11 - Sat, Apr 18, 2015

Security Data Visualization

  • Balaji Balakrishnan - Master's Degree Candidate
  • Wednesday, April 15th, 8:15pm - 8:55pm

This presentation provides guidelines on information security data visualization and insights with repeatable process and examples on visualizing (communicating) information security data. One of the key strengths of security teams is access to enterprise log data, meta-data, network traffic data, and netflow data. The challenge is finding and isolating the bad actors from legitimate traffic. The human mind, by evolution, is trained to identify patterns and anomalies using visualization. Security professionals can benefit by visualizing enterprise data to find anomalies and identify patterns which will be helpful in isolating events which might indicate compromise. Security data visualization can be used in many areas in information security. Security metrics, security monitoring, anomaly detection, forensics, and malware analysis are examples where security data visualization can play a vital role and make us better security professionals. Hopefully some of the examples will be useful to generate more ideas in this space and will be a valuable guidance for all information security practitioners.

Speaker Bio: Balaji Balakrishnan has more than 15 years of experience in IT and information security domain specializing in security operations management and incident response. He has worked in major financial services organizations and has managed 24/7 SOCs/incident response teams.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Sunday, April 12
Session Speaker Time Type
Registration Welcome Reception Sunday, April 12th, 5:00pm - 7:00pm Reception
Monday, April 13
Session Speaker Time Type
General Session - Welcome to SANS Dr. Eric Cole Monday, April 13th, 8:15am - 8:45am Special Events
SANS Technology Institute Reception and Information Session Bill Lockhart, Executive Director, SANS Technology Institute Monday, April 13th, 5:30pm - 7:00pm Special Events
Understanding the Offense to Build a Better Defense Dr. Eric Cole Monday, April 13th, 7:15pm - 9:15pm Keynote
Tuesday, April 14
Session Speaker Time Type
How to Become a SANS Instructor Eric Conrad Tuesday, April 14th, 12:30pm - 1:15pm Lunch and Learn
Fight Cyber Adversaries with Controlled Collaboration Trevor Welsh, Cyber Engineering Architect Tuesday, April 14th, 12:30pm - 1:15pm Lunch and Learn
Protecting the Things, Including the Ones You Already Have (and don't know about) Tom Byrnes, CEO and Founder Tuesday, April 14th, 12:30pm - 1:15pm Lunch and Learn
Advanced Threats Need Comprehensive Defense Anubhav Arora, System Architect, R&D, General Dynamics Fidelis Cybersecurity Tuesday, April 14th, 12:30pm - 1:15pm Lunch and Learn
Continuous Security Intelligence with the SANS Critical Security Controls Justin Pennock, North America Sales Leader, EiQ Networks Tuesday, April 14th, 12:30pm - 1:15pm Lunch and Learn
Expose the Underground: Prevent Advanced Persistent Threats Mike Milholland, Network Security Engineer, Palo Alto Networks Tuesday, April 14th, 12:30pm - 1:15pm Lunch and Learn
The Power of Threat Intelligence in your Cybersecurity Program Jason McEachin - Director, Sales Engineering, Lookingglass Tuesday, April 14th, 12:30pm - 1:15pm Lunch and Learn
Women in Technology Meet and Greet Tuesday, April 14th, 5:30pm - 6:30pm Reception
Online Training Pool Party Tuesday, April 14th, 6:15pm - 7:15pm Reception
Using an Open Source Threat Model for Prioritized Defense James Tarala Tuesday, April 14th, 7:15pm - 8:15pm SANS@Night
The 13 Absolute Truths of Security Keith Palmgren Tuesday, April 14th, 7:15pm - 8:15pm SANS@Night
Self-Education: Using the Pull Method for Security Awareness Training Lance Spitzner Tuesday, April 14th, 7:15pm - 8:15pm SANS@Night
Cyber Leadership Reception Tuesday, April 14th, 7:15pm - 8:15pm Reception
Router Vulnerabilities and Backdoors: Can You Trust Your Vendor? Christoph Eckstein - Master's Degree Candidate Tuesday, April 14th, 7:15pm - 7:55pm Master's Degree Presentation
Preparing for PowerShellmageddon - Investigating Windows Command Line Activity Chad Tilbury Tuesday, April 14th, 8:15pm - 9:15pm SANS@Night
iOS Game Hacking: How I Ruled the Worl^Hd and Built Skills For AWESOME Mobile App Pen Tests Josh Wright Tuesday, April 14th, 8:15pm - 9:15pm SANS@Night
Securing The Kids Lance Spitzner Tuesday, April 14th, 8:15pm - 9:15pm SANS@Night
Using Sysmon to Enrich Security Onion's Host-Level Capabilities Josh Brower - Master's Degree Candidate Tuesday, April 14th, 8:15pm - 8:55pm Master's Degree Presentation
Wednesday, April 15
Session Speaker Time Type
Vendor Solutions Expo Wednesday, April 15th, 12:00pm - 1:30pm Vendor Event
Vendor Solutions Expo Wednesday, April 15th, 5:30pm - 7:30pm Vendor Event
Malware Analysis for Incident Responders: Getting Started Lenny Zeltser Wednesday, April 15th, 7:15pm - 9:15pm SANS@Night
Gone In 60 Minutes David Hoelzer Wednesday, April 15th, 7:15pm - 8:15pm SANS@Night
Windows Exploratory Surgery with Process Hacker Jason Fossen Wednesday, April 15th, 7:15pm - 8:45pm SANS@Night
It's Time To Make a Case Moses Hernandez Wednesday, April 15th, 7:15pm - 8:15pm SANS@Night
A 0-Budget Approach to the Containment of Malware Traffic for Small Organizations Paul Ackerman - Master's Degree Candidate Wednesday, April 15th, 7:15pm - 7:55pm Master's Degree Presentation
GIAC Program Overview Jeff Frisk Wednesday, April 15th, 8:15pm - 9:15pm Special Events
Enterprise PowerShell for Remote Security Assessment James Tarala Wednesday, April 15th, 8:15pm - 9:15pm SANS@Night
Hacking Back, Active Defense and Internet Tough Guys John Strand Wednesday, April 15th, 8:15pm - 9:15pm SANS@Night
Security Data Visualization Balaji Balakrishnan - Master's Degree Candidate Wednesday, April 15th, 8:15pm - 8:55pm Master's Degree Presentation
Thursday, April 16
Session Speaker Time Type
Tackling Application Security Challenges Through Progressive Scanning Tom Cline, Technical Account Manager Thursday, April 16th, 12:30pm - 1:15pm Lunch and Learn
Rapid Visibility and Compliance with CloudPassage Halo Ryan Thomas, Director of Product & Chad Gasaway, Sr. Sales Engineer Thursday, April 16th, 12:30pm - 1:15pm Lunch and Learn
Reverse Engineering Emails for Threat Indicators Ronnie Takazowski, Senior Research Engineer, PhishMe Thursday, April 16th, 12:30pm - 1:15pm Lunch and Learn
Anatomy of An Attack - It Takes an Expert to Stop Attackers Stephen Coty, Chief Security Evangelist, Alert Logic Thursday, April 16th, 12:30pm - 1:15pm Lunch and Learn
Bit9 Connect IR Partner Enablement James Darby, Director of IR/MSSP Operations Thursday, April 16th, 12:30pm - 1:15pm Lunch and Learn
Prevent - Detect - Respond Justin Kallhoff, Founder, Infogressive Thursday, April 16th, 12:30pm - 1:15pm Lunch and Learn
Debunking the Complex Password Myth Keith Palmgren Thursday, April 16th, 7:15pm - 8:15pm SANS@Night
The Law of Offensive Countermeasures, Active Defense or Whatever You Wanna Call It Benjamin Wright Thursday, April 16th, 7:15pm - 8:15pm SANS@Night
Raising the Bar with Security Skills Assessment and Training Paul Hershberger - Master's Degree Candidate Thursday, April 16th, 7:15pm - 7:55pm Master's Degree Presentation
Let's Face It, You Are Probably Compromised. What Next? Joff Thyer Thursday, April 16th, 8:15pm - 9:15pm SANS@Night
Defense Needed, Superbees Wanted Malik Mesellem Thursday, April 16th, 8:15pm - 9:15pm SANS@Night