Consulting from Virtual Island
- Rob VandenBrink
- Wednesday, June 25th, 8:15pm - 9:15pm
In this session, we'll discuss using a virtualization in a consulting practice. We'll discuss how typical data center concerns "scale down" in this environment, topics such as:
- Assessing the various security tools in use, and allocating appropriate CPU and memory for each workload over the course of various simultaneous engagements
- Estimating and managing bandwidth requirements over time
- How to manage and avoid being blacklisted
- Using native ESXi functions to segregate stored data (data at rest) and network traffic (data in transit) between various clients
- Over the course of an engagement, providing customer data back to them in a secure fashion
- The importance of change control and testing is doubly important in a small software defined data center such as this, even if the data center administrator is also the only user on the system - segregation of test and experimental functions from "production" will also be covered in some detail.
In addition, we'll discuss considerations, workarounds, and pitfalls when splitting workload off for remote workload execution, using commodity server hardware, remote laptops or providing virtual appliances for execution within your customer's virtual environment.
Rob VandenBrink is a consultant with Metafore LLP in Ontario, Canada. His areas of specialization include Network Infrastructure design, Network Security and Virtualization. Rob has developed tools for ensuring policy compliance for VPN Access users, and a variety of networking tools native to Cisco IOS (http://sourceforge.net/projects/iostools/). He is an STI Masters Degree student with the SANS Technology Institute (http://www.sans.edu), and holds a variety of current SANS and Cisco Certifications.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Vendor: Events hosted by external vendor exhibitors.
- Lunch & Learn: Short presentations given during the lunch break.
Monday, June 23
|General Session - Welcome to SANS||Johannes Ullrich||Monday, June 23rd, 8:15am - 8:45am||Special Events|
|SANS Technology Institute Open House||William Lockhart||Monday, June 23rd, 6:00pm - 7:00pm||Special Events|
|State of the Internet Panel Discussion||Dr. Johannes Ullrich, ISC Director and Marcus Sachs, ISC Director Emeritus||Monday, June 23rd, 7:15pm - 9:15pm||Keynote|
Tuesday, June 24
|Resurrection of the Data Entry Attack||Aaron Higbee, Chief Technology Officer & Co-Founder, PhishMe||Tuesday, June 24th, 12:30pm - 1:15pm||Lunch and Learn|
|Using Intelligence Methods in Mobile Forensic Exams||Lee Papathanasiou, Sales Engineer, Cellebrite||Tuesday, June 24th, 12:30pm - 1:15pm||Lunch and Learn|
|Continuous Monitoring & Mitigation||Tim Jones, Systems Engineer, Forescout||Tuesday, June 24th, 12:30pm - 1:15pm||Lunch and Learn|
|The Power of Lossless Packet Capture (1G-100G) & Real-time Netflow||Sam Cook, Senior Sales Engineer||Tuesday, June 24th, 12:30pm - 1:15pm||Lunch and Learn|
|Understanding the Threat: A Model to Enable Active Response||Finn Ramsland, Solutions Architect, Federal - FireEye||Tuesday, June 24th, 12:30pm - 1:15pm||Lunch and Learn|
|Looking Beyond Layers: Why Authentication Security Matters Most||Brian Kelly, Principal Product Marketing Manager at Duo Security||Tuesday, June 24th, 12:30pm - 1:15pm||Lunch and Learn|
|Online Training Reception||—||Tuesday, June 24th, 6:00pm - 8:00pm||Reception|
|Security Awareness Metrics: Measuring Human Behavior||Lance Spitzner||Tuesday, June 24th, 7:15pm - 8:15pm||SANS@Night|
|Avoiding Cyberterrorism Threats Inside Electrical Substations||Manuel Humberto Santander Pel√°ez||Tuesday, June 24th, 7:15pm - 8:15pm||SANS@Night|
|Securing The Kids||Lance Spitzner||Tuesday, June 24th, 8:15pm - 9:15pm||SANS@Night|
|C3CM ‚ Defeating the Command, Control, and Communications of Digital Assailants||Russ McRee||Tuesday, June 24th, 8:15pm - 9:15pm||SANS@Night|
Wednesday, June 25
|Vendor Solutions Expo||—||Wednesday, June 25th, 12:00pm - 1:30pm||Vendor Event|
|Vendor Solutions Expo||—||Wednesday, June 25th, 5:00pm - 7:00pm||Vendor Event|
|An Introduction to PowerShell for Security Assessments||James Tarala||Wednesday, June 25th, 7:15pm - 8:15pm||SANS@Night|
|Setting up Splunk for Event Correlation in Your Home Lab||Aron Warren - Master's Degree Candidate||Wednesday, June 25th, 7:15pm - 7:55pm||Special Events|
|Consulting from Virtual Island||Rob VandenBrink||Wednesday, June 25th, 8:15pm - 9:15pm||SANS@Night|
Thursday, June 26
|Vile Vulnerabilities, Rampant Rights, and Pervasive Passwords||Paul Harper, Product Manager, Beyond Trust||Thursday, June 26th, 12:30pm - 1:15pm||Lunch and Learn|
|Operationalize Open Intelligence ‚ YARA + Fidelis XPS||Mike Nichols, Sr. Product Manager, General Dynamics Fidelis Cybersecurity||Thursday, June 26th, 12:30pm - 1:15pm||Lunch and Learn|
|Effective Forensics Analytics for Actionable Incident Response||Narayan Makaram, Sr. Product Manager, Tenable Network Security||Thursday, June 26th, 12:30pm - 1:15pm||Lunch and Learn|
|Fortinet Next Generation Firewalls||Rob Frickel, Security Analyst, Infogressive||Thursday, June 26th, 12:30pm - 1:15pm||Lunch and Learn|
|Insider Threat Kill Chain: Detecting Human Indicators Of Compromise||Bryce G. Schroeder, Sr. Director of Systems Engineering - Tripwire||Thursday, June 26th, 12:30pm - 1:15pm||Lunch and Learn|
|Innovations in End Point Threat Detection (EDTR),||Chad Fulgham, PerCredo CEO and former FBI CIO||Thursday, June 26th, 12:30pm - 1:15pm||Lunch and Learn|
|Penetration Testing Corporate Mobile Applications and BYOD Environments||Dmitry Dessiatnikov||Thursday, June 26th, 7:15pm - 8:15pm||SANS@Night|
|How to Spy on your Employees with Memory Forensics||Alissa Torres||Thursday, June 26th, 7:15pm - 8:15pm||SANS@Night|
|GIAC Program Overview||Jeff Frisk||Thursday, June 26th, 8:15pm - 8:45pm||Special Events|
|Bust a Cap in a Web App With ZAP||Adrien de Beaupre||Thursday, June 26th, 8:15pm - 9:15pm||SANS@Night|
Friday, June 27
|The "Insider Threat" Revised: Crime, Understanding, and Prediction||Richard Porter||Friday, June 27th, 7:15pm - 8:15pm||SANS@Night|
|Creating a Covert Channel in Wifi||Ronald Hamann||Friday, June 27th, 7:15pm - 8:15pm||SANS@Night|