Security Outliers: Special Operations Edition
- Gal Shpantzer
- Friday, June 21st, 7:15pm - 8:15pm
The Security Outliers project focuses on Layer 8 and the importance of leadership, teamwork, and communications in managing information security teams. The Outliers project kicked off with a presentation at RSA 2010, after a year of academic research, scouring journals and books as well as conducting interviews with leaders in high-risk professions, both in and out of infosec.
Christophe Veltsos (@DrInfoSec) and I collaborated on the academic piece for over two years but in 2011, we decided that books and interviews were a great foundation, but we had to kick the project into the "Experiential" phase... I decided to find a way to get as close as possible to the selection and training of special operations units and report back. After looking far and wide, I found a retired US Navy Senior Chief (SEAL), who spent over two decades in the SEAL Teams and was running a pre-BUD/S training course for aspiring SEAL candidates, called The Extreme SEAL Experience.
We will begin this entertaining yet educational session with a very quick explanation of who the SEALs are and what they are tasked with doing by the highest levels of the US government, then proceed through a synopsis of the course I completed and how I've used the lessons learned since then. This will include representative hilarious (and pathetic) visuals from the Extreme SEAL Experience, freezing in and out of the river then getting really dirty, jumping out of helicopters, rappelling, shooting, etc. Once the obligatory SEAL pr0n is presented, we'll dive into the general leadership and infosec-specific lessons learned from the academic research on the SEALs, as well as the experiential learning of how SEALs build teamwork and plan/rehearse/execute/debrief complex and risky missions. The session will close with practical advice on managing risk and burnout through teamwork, including some basic mind-hacks that are applicable on and off the job site.
Gal Shpantzer is a trusted advisor to CSOs of Fortune 500 corporations, technology startups, large universities and non-profits/NGOs (EnergySec). Gal has been involved in multiple SANS Institute projects, including co-editing the SANS Newsbites from 2002-2008, revising the E-Warfare course and presenting SANS@Night talks on cyberstalking, CAPTCHAs, and endpoint security. In 2009, Gal founded the privacy subgroup of the NIST Smart Grid cybersecurity task group, resulting in the privacy chapter of NIST IR 7628. He is a co-author of the Managing Mobile Device Security chapter in the 6th ed. Vol 4 of the Information Security Management Handbook (2010). Most recently Gal collaborated with Dr. Christophe Veltsos (@DrInfosec) to present the Security Outliers project at RSA, CSI, and other conferences. He is particularly proud of his ongoing contributions to productive snark in the community, including the Shpantzer Coma Scale of Vendor Lameness and FUD (SCSoVLF), #TSAsongs and ridiculous themes for most excellent conferences such as BSides, DojoCon, and Baythreat. Gal is involved in the Infosec Burnout research project and co-presented on this topic at BSides Las Vegas (2011) and RSA 2012. Gal is currently leading the Publicly Accessible Control Systems Working Group (PACS-WG) effort for EnergySec.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
Monday, June 17
|General Session - Welcome to SANS||Dr. Eric Cole||Monday, June 17th, 8:15am - 8:45am||Special Events|
|Fortinet Next Generation Firewalls||Troy Brueckner, CISSP, GISP, VP of Sales and Marketing, Infogressive||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|"Security Intelligence Through Endpoint Analytics: Deriving Insight from Chaos"||Roger Andras, Sr. Solutions Consultant, Guidance||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Building Risk Visibility intoYour Firewall Management Process||Richard Porter, Senior Systems Engineer, FireMon||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Tenable, the SANS 20 Critical Security Controls and You ... the Basics and Beyond||Speaker: Jack Daniel, Technical Product Manager, Tenable Network Security||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Smartphone Drill-Down: OS Extraction, Decoding & Analysis||Ronen Engler, Cellebrite||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Connecting the Dots:Protecting Your Enterprise and Your Career||Mike Nichols, Technical Product Manager||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Top 20 CSC Survey Results Panel||John Pescatore||Monday, June 17th, 6:00pm - 7:00pm||Vendor Event|
|State of the Internet Panel Discussion||Moderators: Dr. Johannes Ullrich, ISC Director and Marcus Sachs, ISC Director Emeritus||Monday, June 17th, 7:15pm - 9:15pm||Keynote|
Tuesday, June 18
|Vendor Solutions Expo||—||Tuesday, June 18th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Tuesday, June 18th, 5:00pm - 7:00pm||Vendor Event|
|Memory Analysis with Volatility||Russ McRee||Tuesday, June 18th, 7:15pm - 8:15pm||SANS@Night|
|Offensive Digital Forensics||Alissa Torres||Tuesday, June 18th, 7:15pm - 8:15pm||SANS@Night|
|Avoiding Cyberterrorism Threats Inside Hydraulic Power Generation Plants||Manuel Humberto Santander Palaez||Tuesday, June 18th, 8:15pm - 9:15pm||SANS@Night|
|Introducing the CompTIA CASP Exam||Eric Conrad and Seth Misenar||Tuesday, June 18th, 8:15pm - 9:15pm||SANS@Night|
Wednesday, June 19
|Security Analytics: What Matters in Your Chatter||Westley McDuffie||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Securing the Virtual Datacenter||Chip Copper, Global Solutions Architect||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Good COP, Bad COP||Speaker: Rob Mathieson, CISSP ECSA,Solutions Architect, Intel / DoDHP, Enterprise Security Products,ArcSight - TippingPoint - Fortify||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Effective Defense Against Todayâs Advanced Persistent Threats||Paul Bartruff||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Continuous Diagnostics & Mitigation (CDM): How to Achieve Cyber Security Readiness||Wallace Sann, CISSP-ISSEP, CIPP/G||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Stop Spear-Phishing and Watering Hole Attacks - Put the User in a Bubble||Join Nick Keller and Jason Shupp of Invincea||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Online Training Social Hour||—||Wednesday, June 19th, 6:00pm - 7:00pm||Special Events|
|GIAC Program Overview||Jeff Frisk||Wednesday, June 19th, 6:30pm - 7:15pm||Special Events|
|SANS Technology Institute Open House||Toby R. Gouker - Provost||Wednesday, June 19th, 7:15pm - 8:15pm||Special Events|
|Automated Analysis of Android Malware||Jim Clausing||Wednesday, June 19th, 7:15pm - 8:15pm||SANS@Night|
|Women in Technology Meet and Greet||—||Wednesday, June 19th, 7:15pm - 8:15pm||Special Events|
|Securing the Human - Phishing Launch||—||Wednesday, June 19th, 7:30pm - 8:30pm||Special Events|
|Windows Exploratory Surgery with Process Hacker||Jason Fossen||Wednesday, June 19th, 7:30pm - 9:00pm||SANS@Night|
|Fiber Channel - Your **Other** Datacenter Network||Rob VandenBrink||Wednesday, June 19th, 8:15pm - 9:15pm||SANS@Night|
Thursday, June 20
|Accelerating Speed to Intelligence with ioMemory||Christian Shrauder, CTO, Fusion-io Federal||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Phishing your Employees: Lessons Learned from Phishing over 3.5 million People||Jim Hansen, PhishMe||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Emerging Technology: WildFire Enables Organizations to Detect and Prevent Advanced Persistent Threats||Alfred Lee||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Active Security Strategies for Destructive Malware and Advanced Persistent Threats||Brian Vosburgh, Principal Security Architect||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Dynamic Defenses against Dynamic Threats...ThreatSTOP takes DShield to the Next Level||Tom Byrnes||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Active Defense, Crime and Punishment: New Tools to Find Bad People||John Strand||Thursday, June 20th, 7:15pm - 8:15pm||SANS@Night|
|Investigating Employees: BYOD, COPE, and Online/Social Media||Ben Wright||Thursday, June 20th, 7:15pm - 8:15pm||SANS@Night|
|Evolving Threats||Paul A. Henry||Thursday, June 20th, 7:15pm - 9:15pm||SANS@Night|
|Defensive Reading: Understanding Online News||Richard Porter||Thursday, June 20th, 8:15pm - 9:15pm||SANS@Night|
Friday, June 21
|âBig Dataâ & Security: How to Apply Advanced Analytics to Solve Mission Challenges||Kiran Rathod, Chief Technology Officer, Paragon Technology Group (Moderator)â€¢ Michael Carleton, Former Chief Information Officer, Department of Health & HumanServices (HHS) and General Services Administration (GSA)â€¢ Dr. Peter Aiken, President||Friday, June 21st, 12:30pm - 1:15pm||Lunch and Learn|
|Securing the Kids||Lance Spitzner||Friday, June 21st, 7:15pm - 8:15pm||SANS@Night|
|Security Outliers: Special Operations Edition||Gal Shpantzer||Friday, June 21st, 7:15pm - 8:15pm||SANS@Night|
|Securing the Human||Lance Spitzner||Friday, June 21st, 8:15pm - 9:15pm||SANS@Night|