Register by tomorrow to save $300 on cutting-edge cyber security training at SANS Miami 2020!

SANSFIRE 2018

Washington, DC | Sat, Jul 14 - Sat, Jul 21, 2018
This event is over,
but there are more training opportunities.

NOC/SOC Integration: Opportunities for Increased Efficiency in Incident Response within Cyber-Security

  • Nelson Hernandez
  • Wednesday, July 18th, 7:15pm - 7:55pm

This presentation is on research that discusses whether Network Operation Centers (NOC) and Security Operation Centers (SOC) should integrate at the first tiers of support. Operating, managing and defending enterprise infrastructures with siloed NOCs and SOCs is a challenge. Both teams normally run 24/7 incident response, event monitoring/correlation and trouble tickets escalation. This presentation will discuss integrating through cross-training, rewriting procedures, standardizing shared coordinated communications and sharing integrated dashboards. This presentation will look at the adoption of integration as an industry best practice, capitalizing on federated data, improving communication, increasing situational awareness, optimizing resources and increasing efficiencies within cybersecurity.

Speaker Bio: Nelson Hernandez is the founder of CyberOps Defenders a cyber-security consultancy. He has been in the security/IT operations industry since 1990. Nelson managed a NOC for over 12 years at a leading hedge funds in Chicago and also was an information security manager responsible for a group of security operation center analysts within the same company. He worked in the publishing and insurance industries in support of IT Operations with an emphasis on information security. Additionally, while working in the corporate world, Nelson was a member of the US Air Force Reserves for 33 years. His last position was as a security forces manager. Managing a large group of security forces airmen, handling various police and physical security issues on numerous assets around the world. Nelson has a passion for learning cybersecurity, in particular, the blue team aspects focusing on incident response. Nelson is a candidate for the Masters of Science degree in Information Security Engineering from the SANS Technology Institute. The SANS Technology Institute is the only graduate program that combines SANS technical training, recognized as the industry's best, with leadership and management curriculum specifically developed for the unique needs of aspiring leaders. Learn more at www.sans.edu.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
  • Lunch & Learn: Short presentations given during the lunch break.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Monday, July 16
Session Speaker Time Type
General Session - Welcome to SANS Dr. Johannes Ullrich, ISC Director Monday, July 16th, 8:00am - 8:30am Special Events
State of the Internet Panel Discussion Dr. Johannes Ullrich, ISC Director, Marcus Sachs, and Internet Storm Center Handlers Monday, July 16th, 7:15pm - 9:15pm Special Events
Tuesday, July 17
Session Speaker Time Type
Today's Mobility and Cloud Cybersecurity Mission Loay Oweis, Federal Mobility Specialist Tuesday, July 17th, 12:30pm - 1:15pm Lunch and Learn
The Intelligence Driven Response Process Teddy Powers, Senior Cyber Security Architect Tuesday, July 17th, 12:30pm - 1:15pm Lunch and Learn
The Next Evolution of Protection: Introduction to Deep Learning Ryan Archer, Director of Sales Engineering, East Tuesday, July 17th, 12:30pm - 1:15pm Lunch and Learn
Evolving Enterprise Defenses Jason Luttrell, Sr. Solutions Engineer Tuesday, July 17th, 12:30pm - 1:15pm Lunch and Learn
Preparing today for the cyberthreats of tomorrow Joe Hamblin, Federal Security CTO, IBM Federal Tuesday, July 17th, 12:30pm - 1:15pm Lunch and Learn
Nessus turns 20 Years Old this Year! Jim O'Neill, Channel System Engineer Tuesday, July 17th, 12:30pm - 1:15pm Lunch and Learn
SANS CyberTalent Ice Cream Social Tuesday, July 17th, 5:30pm - 6:30pm Special Events
Responding to the European Union's new General Data Protection Regulation Ben Wright Tuesday, July 17th, 7:15pm - 8:15pm SANS@Night
Threat Hunting via Windows Event Logs Eric Conrad Tuesday, July 17th, 7:15pm - 8:15pm SANS@Night
War Stories on Automated Threat Intelligence for Defense John Bambenek, ISC Handler Tuesday, July 17th, 7:15pm - 8:15pm SANS@Night
Exploring a P2P Transient Botnet - From Discovery to Enumeration Renato Marinho, ISC Handler Tuesday, July 17th, 7:15pm - 8:15pm SANS@Night
So, You Wanna be a Pentester? Adrien de Beaupre Tuesday, July 17th, 8:15pm - 9:15pm SANS@Night
Product Management of Security Solutions: What's It Like and How to Do It? Lenny Zeltser Tuesday, July 17th, 8:15pm - 9:15pm SANS@Night
Dynamic Analysis and Reconstructing an Infection Chain Brad Duncan, ISC Handler Tuesday, July 17th, 8:15pm - 9:15pm SANS@Night
Commitment Issues: Can You Really Trust What Your Tools Are Telling You? Heather Mahalik, Domenica Crognale Tuesday, July 17th, 8:15pm - 9:15pm SANS@Night
Detecting Penetration Testers on a Windows Network with Splunk Fred Speece Tuesday, July 17th, 8:15pm - 8:55pm Master's Degree Presentation
Wednesday, July 18
Session Speaker Time Type
Coffee & Donuts with the Graduate Students Wednesday, July 18th, 7:30am - 9:00am Reception
Vendor Solutions Expo Wednesday, July 18th, 12:00pm - 1:30pm Vendor Event
Vendor Solutions Expo Wednesday, July 18th, 5:15pm - 7:15pm Vendor Event
GIAC Overview Presentation Jeff Frisk Wednesday, July 18th, 6:30pm - 7:30pm Special Events
Blockchain: the New Digital Swiss Army Knife? G. Mark Hardy Wednesday, July 18th, 7:15pm - 8:15pm SANS@Night
Defense Is Doable - Breaking The Cyber Kill Chain Erik Van Buggenhout & Stephen Sims Wednesday, July 18th, 7:15pm - 8:15pm SANS@Night
2FA Authentication in Mobile Applications: Challenges and Opportunities Bojan Zdrnja, ISC Handler Wednesday, July 18th, 7:15pm - 8:15pm SANS@Night
What does it take to be a l337 Cyber Analyst? Lorna Hutcheson- ISC Handler Wednesday, July 18th, 7:15pm - 8:15pm SANS@Night
NOC/SOC Integration: Opportunities for Increased Efficiency in Incident Response within Cyber-Security Nelson Hernandez Wednesday, July 18th, 7:15pm - 7:55pm Master's Degree Presentation
Introduction to NetWars Tim Medin Wednesday, July 18th, 7:15pm - 7:45pm SANS@Night
Industrial Control System Active Defense and Threat Intelligence Robert M. Lee Wednesday, July 18th, 8:15pm - 9:15pm SANS@Night
How to Create/Share Indicators and SOC Metrics Efficiently Tom Webb, ISC Handler Wednesday, July 18th, 8:15pm - 9:15pm SANS@Night
Full Packet Capture for the Masses Xavier Mertens, ISC Handler Wednesday, July 18th, 8:15pm - 9:15pm SANS@Night
Hacking Dumberly, Just Like the Bad Guys Tim Medin Wednesday, July 18th, 8:15pm - 9:15pm SANS@Night
System Security Engineering Approach in Evaluating Commercial and Open Source Software Products Jesus Abelarde Wednesday, July 18th, 8:15pm - 8:55pm Master's Degree Presentation
Russian hackers, the DNC, and the missing server, oh my! Jake Williams Wednesday, July 18th, 8:15pm - 9:15pm SANS@Night
Thursday, July 19
Session Speaker Time Type
How to Become a SANS Instructor Eric Conrad Thursday, July 19th, 12:30pm - 1:15pm Lunch and Learn
How IT Security can be the new corporate ‚yes men" Dan Dearing, Senior Director of Product Marketing Thursday, July 19th, 12:30pm - 1:15pm Lunch and Learn
A Threat Analyst's Perspective on Malware & Ransomware Attack Techniques Mike Parker, Director of Customer Success Thursday, July 19th, 12:30pm - 1:15pm Lunch and Learn
DNS For Good & Evil, How Adversaries Use Your Network Against You Chris Usserman, Principal Security and Threat Intelligence Advisor Thursday, July 19th, 12:30pm - 1:15pm Lunch and Learn