GSE Lab Examination
- Saturday, March 12th, 8:00am - 5:30pm
Sunday, March 13th, 8:00am - 5:30pm
Pre-registration and approval is required for attendance.
The GIAC Security Expert certification is the most prestigious in the IT Security industry. The current exam was developed by subject matter experts and top industry practitioners. The GSE's performance based, hands-on nature sets it apart from any other IT security certification. The GSE will determine if a candidate has truly mastered the wide variety of skills required by top security consultants and individual practitioners.
The skills required to successfully complete the GSE exams can be broken up into three major groups:
- General security skills
- Incident handling skills
- Intrusion detection and analysis skills
The GSE exam has two parts:
Part 1: Multiple Choice Exam:
Candidates must hold the appropriate pre-requisite certifications to qualify for the GSE multiple choice exam.
The GSE multiple choice exam must be taken at a proctored location, just like any other GIAC exam. Passing this exam qualifies a person to sit for the GSE hands-on lab.
Once you successfully complete Part 1, you are qualified to sit for the GSE lab within 18 months of the date of completion.
Part 2: Two-day GSE Lab Exam:
Day 1 of the GSE lab consists of an incident response scenario that requires the candidate to analyze data and report their results in a written report.
Day 2 consists of a rigorous battery of hands-on exercises.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
- Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Saturday, March 12
|GSE Lab Examination||—||Saturday, March 12th, 8:00am - 5:30pm||Special Events|
Sunday, March 13
Monday, March 14
|General Session - Welcome to SANS||Bryan Simon||Monday, March 14th, 8:15am - 8:45am||Special Events|
|Women in Technology Meet and Greet||—||Monday, March 14th, 6:00pm - 7:00pm||Special Events|
|Analyzing the Ukrainian Power Grid Cyber-Attacks||Jake Williams||Monday, March 14th, 7:15pm - 9:15pm||Keynote|
Tuesday, March 15
|SSL & TLS Nuts, Bolts, and Best Practices||Brian McHenry, Security Solutions Architect||Tuesday, March 15th, 12:30pm - 1:15pm||Lunch and Learn|
|Applying the Cyber Kill Chain to Enterprise Defense||George Ressopoulos, Senior Security Consultant||Tuesday, March 15th, 12:30pm - 1:15pm||Lunch and Learn|
|Navigating Today's Threat Landscape||Matt Hickey, Director, Sales Engineering||Tuesday, March 15th, 12:30pm - 1:15pm||Lunch and Learn|
|Improving the Threat Intelligence Management Process||Trevor Welsh, Director of Sales Engineering||Tuesday, March 15th, 12:30pm - 1:15pm||Lunch and Learn|
|How to Become a SANS Instructor||Eric Conrad||Tuesday, March 15th, 12:30pm - 1:15pm||Special Events|
|SANS Technology Institute Lunch and Learn||—||Tuesday, March 15th, 12:30pm - 1:15pm||Lunch and Learn|
|The PC-Malware Zoo: We Promise You Won't Like It||Speaker: Paul Schofield, Director of Customer Experience||Tuesday, March 15th, 12:30pm - 1:15pm||Lunch and Learn|
|GIAC Program Reception||Presented by Jeff Frisk||Tuesday, March 15th, 6:15pm - 7:15pm||Special Events|
|Using an Open Source Threat Model for Prioritized Defense||James Tarala||Tuesday, March 15th, 7:15pm - 8:15pm||SANS@Night|
|Data Theft in the 21st Century||Mike Poor||Tuesday, March 15th, 7:15pm - 8:15pm||SANS@Night|
|Making Awareness Stick||Lance Spitzner||Tuesday, March 15th, 7:15pm - 8:15pm||SANS@Night|
|Next Gen Patch Management for Microsoft Windows - A Call for Improved Tools||Jason Simsay - Master's Degree Candidate||Tuesday, March 15th, 7:15pm - 7:55pm||Master's Degree Presentation|
|The Current State of Cyber Security||Justin Searle||Tuesday, March 15th, 7:15pm - 8:15pm||Special Events|
|Making Deception a Thing for Things||Dr. Johannes Ullrich||Tuesday, March 15th, 8:15pm - 9:15pm||SANS@Night|
|Windows Exploratory Surgery with Process Hacker||Jason Fossen||Tuesday, March 15th, 8:15pm - 9:15pm||SANS@Night|
|PKI Trust Models: Whom do you trust?||Blaine Hein - Master's Degree Candidate||Tuesday, March 15th, 8:15pm - 8:55pm||Master's Degree Presentation|
Wednesday, March 16
|Vendor Solutions Expo||—||Wednesday, March 16th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Wednesday, March 16th, 5:30pm - 7:30pm||Vendor Event|
|Smartphone and Network Forensics Goes Together Like Peas and Carrots||Heather Mahalik and Phil Hagen||Wednesday, March 16th, 7:15pm - 8:15pm||SANS@Night|
|The Crazy New World of Cyber Investigations: Law, Ethics and Evidence||Ben Wright||Wednesday, March 16th, 7:15pm - 8:15pm||SANS@Night|
|Enforcing Application Security||Michael Matthee - Master's Degree Candidate||Wednesday, March 16th, 7:15pm - 7:55pm||Master's Degree Presentation|
|The 14 Absolute Truths of Security||Keith Palmgren||Wednesday, March 16th, 8:15pm - 9:15pm||SANS@Night|
|Beyond the Pentest: How C2, Internal Pivoting, and Data Exfiltration Show True Risk||Beau Bullock||Wednesday, March 16th, 8:15pm - 9:15pm||SANS@Night|
|Intrusion Detection with PowerShell||Michael Weeks - Master's Degree Candidate||Wednesday, March 16th, 8:15pm - 8:55pm||Master's Degree Presentation|
Thursday, March 17
|Automating the Hunt for Attackers||Dan Mitchell, Solutions Engineer||Thursday, March 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Beyond Who is: See Threats Coming||Steve Butt, Technical Sales Engineer||Thursday, March 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Flipping the Economics of Attacks||Etay Nir, Malware and Threat Intelligence CE||Thursday, March 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Using Splunk to visualize Vulnerability data||Jeff Leggett, Director, Cloud Services, API, and Integrations for Qualys||Thursday, March 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Inventive and Productive Ways to Engage Employees on Cyber Skills Development||Aaron Cohen, Director of Product Management||Thursday, March 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Malware Analysis for Incident Responders: Getting Started||Lenny Zeltser||Thursday, March 17th, 7:15pm - 9:15pm||SANS@Night|
|Card Fraud 101||G. Mark Hardy||Thursday, March 17th, 7:15pm - 8:15pm||SANS@Night|
|Custom Digital Forensics Tools in Python||Evan Dygert||Thursday, March 17th, 7:15pm - 8:15pm||SANS@Night|
|Exploits of Yesteryear Are Never Truly Gone||Marsha Miller - Master's Degree Candidate||Thursday, March 17th, 7:15pm - 7:55pm||Master's Degree Presentation|
|Debunking the Complex Password Myth||Keith Palmgren||Thursday, March 17th, 8:15pm - 9:15pm||SANS@Night|
|Uncovering Indicators of Compromise (IoC) Using PowerShell, Event Logs, and Nagios||Dallas Haselhorst - Master's Degree Candidate||Thursday, March 17th, 8:15pm - 8:55pm||Master's Degree Presentation|