Stop Spear-Phishing and Watering Hole Attacks - Put the User in a Bubble
- Join Nick Keller and Jason Shupp of Invincea
- Wednesday, June 19th, 12:30pm - 1:15pm
Your employees are the primary target of attack by a variety of adversaries bent on doing your organization harm. This is a fact that simply cannot be challenged based on the last 24-36 months‚ worth of breach disclosures. Spear-phishing and watering hole attacks have been at the root of virtually every major attack disclosed during this time - whether the RSA breach, the campaign disclosed by Kaspersky labeled "Red October," the "Nitro" attacks, attacks against the energy sector, The New York Times, The Washington Post, The Wall Street Journal, The White House, Facebook, Apple, etc, etc, etc.
We've got a user problem on our hands that we need to rapidly solve. We're currently losing the battle to our adversaries because the endpoint has become the new perimeter and our endpoint defenses are largely antiquated.
However, innovation is here that you must take a look at...come hear why the NSA recently won a SANS National Security Award for its work with Invincea in combatting APTs and user-targeted attacks.
Join Nick Keller and Jason Shupp of Invincea for an informative discussion that will cover:
- Recent examples of user targeted attacks and thoughts on why they've succeeded
- How advances in virtualization enable the creation of segregated environments for your users to run highly targeted applications such as the web browser, PDF reader, Office suite, etc.
- How behavioral based malware detection is being used in these segregated environments to spot and kill zero-days - including the recently announced Java 7 exploit
- Methods for turning thwarted attacks into rich forensic information that can feed your entire infrastructure and extend its usefulness
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
|General Session - Welcome to SANS||Dr. Eric Cole||Monday, June 17th, 8:15am - 8:45am||Special Events|
|Fortinet Next Generation Firewalls||Troy Brueckner, CISSP, GISP, VP of Sales and Marketing, Infogressive||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|"Security Intelligence Through Endpoint Analytics: Deriving Insight from Chaos"||Roger Andras, Sr. Solutions Consultant, Guidance||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Building Risk Visibility intoYour Firewall Management Process||Richard Porter, Senior Systems Engineer, FireMon||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Tenable, the SANS 20 Critical Security Controls and You ... the Basics and Beyond||Speaker: Jack Daniel, Technical Product Manager, Tenable Network Security||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Smartphone Drill-Down: OS Extraction, Decoding & Analysis||Ronen Engler, Cellebrite||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Connecting the Dots:Protecting Your Enterprise and Your Career||Mike Nichols, Technical Product Manager||Monday, June 17th, 12:30pm - 1:15pm||Lunch and Learn|
|Top 20 CSC Survey Results Panel||John Pescatore||Monday, June 17th, 6:00pm - 7:00pm||Vendor Event|
|State of the Internet Panel Discussion||Moderators: Dr. Johannes Ullrich, ISC Director and Marcus Sachs, ISC Director Emeritus||Monday, June 17th, 7:15pm - 9:15pm||Keynote|
|Vendor Solutions Expo||—||Tuesday, June 18th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Tuesday, June 18th, 5:00pm - 7:00pm||Vendor Event|
|Memory Analysis with Volatility||Russ McRee||Tuesday, June 18th, 7:15pm - 8:15pm||SANS@Night|
|Offensive Digital Forensics||Alissa Torres||Tuesday, June 18th, 7:15pm - 8:15pm||SANS@Night|
|Avoiding Cyberterrorism Threats Inside Hydraulic Power Generation Plants||Manuel Humberto Santander Palaez||Tuesday, June 18th, 8:15pm - 9:15pm||SANS@Night|
|Introducing the CompTIA CASP Exam||Eric Conrad and Seth Misenar||Tuesday, June 18th, 8:15pm - 9:15pm||SANS@Night|
|Security Analytics: What Matters in Your Chatter||Westley McDuffie||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Securing the Virtual Datacenter||Chip Copper, Global Solutions Architect||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Good COP, Bad COP||Speaker: Rob Mathieson, CISSP ECSA,Solutions Architect, Intel / DoDHP, Enterprise Security Products,ArcSight - TippingPoint - Fortify||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Effective Defense Against Today‚s Advanced Persistent Threats||Paul Bartruff||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Continuous Diagnostics & Mitigation (CDM): How to Achieve Cyber Security Readiness||Wallace Sann, CISSP-ISSEP, CIPP/G||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Stop Spear-Phishing and Watering Hole Attacks - Put the User in a Bubble||Join Nick Keller and Jason Shupp of Invincea||Wednesday, June 19th, 12:30pm - 1:15pm||Lunch and Learn|
|Online Training Social Hour||—||Wednesday, June 19th, 6:00pm - 7:00pm||Special Events|
|GIAC Program Overview||Jeff Frisk||Wednesday, June 19th, 6:30pm - 7:15pm||Special Events|
|SANS Technology Institute Open House||Toby R. Gouker - Provost||Wednesday, June 19th, 7:15pm - 8:15pm||Special Events|
|Automated Analysis of Android Malware||Jim Clausing||Wednesday, June 19th, 7:15pm - 8:15pm||SANS@Night|
|Women in Technology Meet and Greet||—||Wednesday, June 19th, 7:15pm - 8:15pm||Special Events|
|Securing the Human - Phishing Launch||—||Wednesday, June 19th, 7:30pm - 8:30pm||Special Events|
|Windows Exploratory Surgery with Process Hacker||Jason Fossen||Wednesday, June 19th, 7:30pm - 9:00pm||SANS@Night|
|Fiber Channel - Your **Other** Datacenter Network||Rob VandenBrink||Wednesday, June 19th, 8:15pm - 9:15pm||SANS@Night|
|Accelerating Speed to Intelligence with ioMemory||Christian Shrauder, CTO, Fusion-io Federal||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Phishing your Employees: Lessons Learned from Phishing over 3.5 million People||Jim Hansen, PhishMe||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Emerging Technology: WildFire Enables Organizations to Detect and Prevent Advanced Persistent Threats||Alfred Lee||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Active Security Strategies for Destructive Malware and Advanced Persistent Threats||Brian Vosburgh, Principal Security Architect||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Dynamic Defenses against Dynamic Threats...ThreatSTOP takes DShield to the Next Level||Tom Byrnes||Thursday, June 20th, 12:30pm - 1:15pm||Lunch and Learn|
|Active Defense, Crime and Punishment: New Tools to Find Bad People||John Strand||Thursday, June 20th, 7:15pm - 8:15pm||SANS@Night|
|Investigating Employees: BYOD, COPE, and Online/Social Media||Ben Wright||Thursday, June 20th, 7:15pm - 8:15pm||SANS@Night|
|Evolving Threats||Paul A. Henry||Thursday, June 20th, 7:15pm - 9:15pm||SANS@Night|
|Defensive Reading: Understanding Online News||Richard Porter||Thursday, June 20th, 8:15pm - 9:15pm||SANS@Night|
|‚Big Data‚ & Security: How to Apply Advanced Analytics to Solve Mission Challenges||Kiran Rathod, Chief Technology Officer, Paragon Technology Group (Moderator)â¢ Michael Carleton, Former Chief Information Officer, Department of Health & HumanServices (HHS) and General Services Administration (GSA)â¢ Dr. Peter Aiken, President||Friday, June 21st, 12:30pm - 1:15pm||Lunch and Learn|
|Securing the Kids||Lance Spitzner||Friday, June 21st, 7:15pm - 8:15pm||SANS@Night|
|Security Outliers: Special Operations Edition||Gal Shpantzer||Friday, June 21st, 7:15pm - 8:15pm||SANS@Night|
|Securing the Human||Lance Spitzner||Friday, June 21st, 8:15pm - 9:15pm||SANS@Night|