Don't Miss the Best Specials of the Year with Online Training! Learn More!

Seattle 2012

Seattle, WA | Sun, Oct 14 - Fri, Oct 19, 2012
This event is over,
but there are more training opportunities.

SANS Technology Institute Master's Presentation

  • Russ McRee
  • Thursday, October 18th, 6:00pm - 6:40pm

TITLE: Evil Through the Lens of Web Logs


Web logs can be analyzed with specific attention to Internet Background

Radiation (IBR). Two bands of the IBR spectrum include scanning and

misconfiguration where details about attacker and victim patterns are

readily available. This discussion will analyze attacks exhibiting traits,

trends, and tendencies from the attacker and victim perspectives via web

application specific examples.


Russ McRee has been with Microsoft Corporation for five years and has worked

in the field for nine years. Russ manages the Security Analytics team

(security incident management, penetration testing, monitoring) for the

Microsoft Online Services Security & Compliance organization. He writes

toolsmith, a monthly column for the ISSA Journal, and has written for

numerous other publications including Information Security, (IN)SECURE,

SysAdmin, Linux Magazine, and TechTarget. Russ also speaks regularly at

events such as DEFCON, Black Hat, RSA, FIRST, and RAID and is a SANS

Internet Storm Center handler. Russ' research includes web application

security and malware analysis. As an advocate for a holistic approach to the

practice of information assurance, Russ maintains IBM's

ISS X-Force cited Russ as the 6th ranked Top Vulnerability Discoverers of

2009. He serves in the Washington State Guard as the Cybersecurity Advisor

to the Washington Military Department. Russ holds an undergraduate degree in

English and is nearing completion of a Master of Science Degree in

Information Security Engineering with SANS Technology Institute (STI).

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Vendor: Events hosted by external vendor exhibitors.
Sunday, October 14
Session Speaker Time Type
General Session: Welcome to SANS Jason Fossen Sunday, October 14th, 8:15am - 8:45am Special Events
Everything They Told Me About Security Was Wrong John Strand Sunday, October 14th, 7:15pm - 9:00pm Keynote
Monday, October 15
Session Speaker Time Type
Vendor Expo Monday, October 15th, 10:30am - 3:30pm Vendor Event
Vendor Lunch and Learn Monday, October 15th, 12:15pm - 1:30pm Vendor Event
Burppppp Chris Christianson Monday, October 15th, 7:15pm - 8:15pm SANS@Night
Assessing Deception Mike Murr Monday, October 15th, 8:15pm - 9:15pm SANS@Night
Tuesday, October 16
Session Speaker Time Type
SANS Technology Institute Open House Tanya Baccam Tuesday, October 16th, 8:15am - 8:45am Special Events
GIAC Program Overview Tuesday, October 16th, 7:15pm - 8:00pm Special Events
Wednesday, October 17
Session Speaker Time Type
COINS Reception Jason Fossen Wednesday, October 17th, 6:15pm - 7:15pm Reception
What's New in Windows 8 and Server 2012? Jason Fossen Wednesday, October 17th, 7:15pm - 8:45pm SANS@Night
Thursday, October 18
Session Speaker Time Type
SANS Technology Institute Master's Presentation Russ McRee Thursday, October 18th, 6:00pm - 6:40pm Special Events