5 Days Left to Save $400 on Cyber Threat Intelligence Summit 2017

Security East 2016

New Orleans, LA | Mon, Jan 25 - Sat, Jan 30, 2016
This event is over,
but there are more training opportunities.

Using an Open Source Threat Model for Prioritized Defense

  • James Tarala
  • Wednesday, January 27th, 8:15pm - 9:15pm

Threat actors are not magic and there is not an unlimited, unique list of threats for every organization. Enterprises face similar threats from similar threat sources and threat actors - so why does every organization need to perform completely unique risk assessments and prioritized control decisions? This presentation will show how specific, community-driven threat models can be used to prioritize an organization's defenses - without all the confusion. In this presentation James Tarala will present a new, open, community-driven threat model that can be used by any industry to evaluate the risk that faces them. Then he will show how to practically use this model to prioritize enterprise defense and map to existing compliance requirements facing organizations today. Whether you are in the Department of Defense or work for a small mom-and-pop retailer, you will be able to use this model to specifically determine a prioritized defense for your organization.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Lunch & Learn: Short presentations given during the lunch break.
  • Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.
Monday, January 25
Session Speaker Time Type
General Session - Welcome to SANS Bryan Simon Monday, January 25th, 8:15am - 8:45am Special Events
Data Theft in the 21st Century Mike Poor Monday, January 25th, 7:15pm - 9:15pm Keynote
Tuesday, January 26
Session Speaker Time Type
Continuous Ownage: Why you Need Continuous Monitoring Eric Conrad, Seth Misenar Tuesday, January 26th, 7:15pm - 8:15pm SANS@Night
Card Fraud 101 G. Mark Hardy Tuesday, January 26th, 8:15pm - 9:15pm SANS@Night
Wednesday, January 27
Session Speaker Time Type
DLP FAIL!!! Using Encoding, Steganography, and Covert Channels to Evade DLP and Other Critical Controls Kevin Fiscus Wednesday, January 27th, 7:15pm - 8:15pm SANS@Night
Using an Open Source Threat Model for Prioritized Defense James Tarala Wednesday, January 27th, 8:15pm - 9:15pm SANS@Night
Thursday, January 28
Session Speaker Time Type
SANS CyberTalent Lunch and Learn Jim Michaud, Director of CyberTalent, SANS Institute Thursday, January 28th, 12:30pm - 1:15pm Lunch and Learn
Understanding Your ICS Topologies Robert M. Lee Thursday, January 28th, 7:15pm - 8:15pm SANS@Night
Friday, January 29
Session Speaker Time Type
Configuration Management with Windows PowerShell Desired State Configuration (DSC) Brian Quick - Master's Degree Candidate Friday, January 29th, 7:15pm - 7:55pm Master's Degree Presentation