You Can Panic Now. Host Protection is (Mostly) Dead.
- An Incident Response and Forensics analysis of an APT attack
- Rob Lee
- Saturday, January 19th, 7:15pm - 8:45pm
Is host-based detection dead? No one has been able to see the APT circumvent common defenses because victims rarely share specific attack details. Until now. A real-world APT attack reveals how surprisingly ineffective sophisticated host-based defenses are. Starting from an initial attack through data exfiltration, this presentation will cover several of the tactics and techniques used by attackers to bypass host-based controls used in numerous organizations today.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.