"Security Intelligence Through Endpoint Analytics: Deriving Insight from Chaos"
- Roger Andras, Sr. Solutions Consultant, Guidance
- Monday, June 17th, 12:30pm - 1:15pm
Every day, massive activity is being generated by the endpoint and servers across your enterprise. Employees are creating, deleting and editing files; individual devices are connecting to other devices both inside and outside the firewall; programs are opening and closing throughout the day; and malware is silently propagating beneath it all.
In this session we will discuss how this vast wealth of ever-changing data from the endpoints and servers scattered across the enterprise can be harnessed as a source for big data security analytics. We will demonstrate how this data can be captured and leveraged for security analytic purposes in order to expose hidden threats lurking underneath the deluge of endpoint activity. By the end of this session, you will understand:
- How complex relationships across disparate pieces of endpoint data can be used to expose a breach
- Requirements to ensure a high degree of accuracy and value in this approach to data-centric security
- Examples of various artifacts that ‚ by themselves ‚ present no insight into risk, but when combined with seemingly unassociated data through an analytic capability present use cases enabling you to expose a potential data breach before damage can be done.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
|General Session - Welcome to SANS||Dr. Eric Cole||Monday, June 17th, 8:15am - 8:45am||Special Events|
|Fortinet Next Generation Firewalls||Troy Brueckner, CISSP, GISP, VP of Sales and Marketing, Infogressive||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|"Security Intelligence Through Endpoint Analytics: Deriving Insight from Chaos"||Roger Andras, Sr. Solutions Consultant, Guidance||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Building Risk Visibility intoYour Firewall Management Process||Richard Porter, Senior Systems Engineer, FireMon||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Tenable, the SANS 20 Critical Security Controls and You ... the Basics and Beyond||Speaker: Jack Daniel, Technical Product Manager, Tenable Network Security||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Smartphone Drill-Down: OS Extraction, Decoding & Analysis||Ronen Engler, Cellebrite||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Connecting the Dots:Protecting Your Enterprise and Your Career||Mike Nichols, Technical Product Manager||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Top 20 CSC Survey Results Panel||John Pescatore||Monday, June 17th, 6:00pm - 7:00pm||Vendor Event|
|State of the Internet Panel Discussion||Moderators: Dr. Johannes Ullrich, ISC Director and Marcus Sachs, ISC Director Emeritus||Monday, June 17th, 7:15pm - 9:15pm||Keynote|
|Vendor Solutions Expo||—||Tuesday, June 18th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Tuesday, June 18th, 5:00pm - 7:00pm||Vendor Event|
|Memory Analysis with Volatility||Russ McRee||Tuesday, June 18th, 7:15pm - 8:15pm||SANS@Night|
|Offensive Digital Forensics||Alissa Torres||Tuesday, June 18th, 7:15pm - 8:15pm||SANS@Night|
|Avoiding Cyberterrorism Threats Inside Hydraulic Power Generation Plants||Manuel Humberto Santander Palaez||Tuesday, June 18th, 8:15pm - 9:15pm||SANS@Night|
|Introducing the CompTIA CASP Exam||Eric Conrad and Seth Misenar||Tuesday, June 18th, 8:15pm - 9:15pm||SANS@Night|
|Security Analytics: What Matters in Your Chatter||Westley McDuffie||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Securing the Virtual Datacenter||Chip Copper, Global Solutions Architect||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Good COP, Bad COP||Speaker: Rob Mathieson, CISSP ECSA,Solutions Architect, Intel / DoDHP, Enterprise Security Products,ArcSight - TippingPoint - Fortify||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Effective Defense Against Today‚s Advanced Persistent Threats||Paul Bartruff||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Continuous Diagnostics & Mitigation (CDM): How to Achieve Cyber Security Readiness||Wallace Sann, CISSP-ISSEP, CIPP/G||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Stop Spear-Phishing and Watering Hole Attacks - Put the User in a Bubble||Join Nick Keller and Jason Shupp of Invincea||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Online Training Social Hour||—||Wednesday, June 19th, 6:00pm - 7:00pm||Special Events|
|GIAC Program Overview||Jeff Frisk||Wednesday, June 19th, 6:30pm - 7:15pm||Special Events|
|SANS Technology Institute Open House||Toby R. Gouker - Provost||Wednesday, June 19th, 7:15pm - 8:15pm||Special Events|
|Automated Analysis of Android Malware||Jim Clausing||Wednesday, June 19th, 7:15pm - 8:15pm||SANS@Night|
|Women in Technology Meet and Greet||—||Wednesday, June 19th, 7:15pm - 8:15pm||Special Events|
|Securing the Human - Phishing Launch||—||Wednesday, June 19th, 7:30pm - 8:30pm||Special Events|
|Windows Exploratory Surgery with Process Hacker||Jason Fossen||Wednesday, June 19th, 7:30pm - 9:00pm||SANS@Night|
|Fiber Channel - Your **Other** Datacenter Network||Rob VandenBrink||Wednesday, June 19th, 8:15pm - 9:15pm||SANS@Night|
|Accelerating Speed to Intelligence with ioMemory||Christian Shrauder, CTO, Fusion-io Federal||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Phishing your Employees: Lessons Learned from Phishing over 3.5 million People||Jim Hansen, PhishMe||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Emerging Technology: WildFire Enables Organizations to Detect and Prevent Advanced Persistent Threats||Alfred Lee||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Active Security Strategies for Destructive Malware and Advanced Persistent Threats||Brian Vosburgh, Principal Security Architect||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Dynamic Defenses against Dynamic Threats...ThreatSTOP takes DShield to the Next Level||Tom Byrnes||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Active Defense, Crime and Punishment: New Tools to Find Bad People||John Strand||Thursday, June 20th, 7:15pm - 8:15pm||SANS@Night|
|Investigating Employees: BYOD, COPE, and Online/Social Media||Ben Wright||Thursday, June 20th, 7:15pm - 8:15pm||SANS@Night|
|Evolving Threats||Paul A. Henry||Thursday, June 20th, 7:15pm - 9:15pm||SANS@Night|
|Defensive Reading: Understanding Online News||Richard Porter||Thursday, June 20th, 8:15pm - 9:15pm||SANS@Night|
|‚Big Data‚ & Security: How to Apply Advanced Analytics to Solve Mission Challenges||Kiran Rathod, Chief Technology Officer, Paragon Technology Group (Moderator)â¢ Michael Carleton, Former Chief Information Officer, Department of Health & HumanServices (HHS) and General Services Administration (GSA)â¢ Dr. Peter Aiken, President||Friday, June 21st, 12:30pm - 1:15pm||Lunch and Learn|
|Securing the Kids||Lance Spitzner||Friday, June 21st, 7:15pm - 8:15pm||SANS@Night|
|Security Outliers: Special Operations Edition||Gal Shpantzer||Friday, June 21st, 7:15pm - 8:15pm||SANS@Night|
|Securing the Human||Lance Spitzner||Friday, June 21st, 8:15pm - 9:15pm||SANS@Night|