Register Now for Online Training and get a GIAC Cert Attempt Included or $350 Off

Security Operations Summit

New Orleans, LA | Mon, Jul 30, 2018 - Mon, Aug 6, 2018
This event is over,
but there are more training opportunities.

Security Operations Summit

We strive to present the most relevant, timely and valuable content. As a result, this agenda is subject to change. Please check back frequently for changes and updates.

Monday, July 30th
Time Presentation Speaker
9:00-9:15 am

Welcome & Introductions

Chris Crowley (@CCrowMontance), Summit Chair, SANS Institute

9:15-10:00 am

Keynote
Measure Yo Bad Self

Carson Zimmerman, Cyber Security Operations Center (CSOC) Engineering Team Lead, Microsoft

10:00-10:20 am Networking Break
10:20-11:00 am

"Oops!": Internal IR Communications & Why We Are Still Failing During Incident Response

  • Brad Garnett, Team Lead - Incident Response, Cisco
  • Shelly Giesbrecht, Team Lead - Incident Response, Cisco
11:00-11:40 am

Give Your SOC a SOUL

  • Alissa Torres (@sibertor), Certified SANS Instructor, DFIR
11:40 am-noon

SANS SOC Survey

Chris Crowley (@CCrowMontance), Summit Chair, SANS Institute

12:00-1:00 pm Networking Lunch
1:00 - 1:40 pm

Panel

Apples and Oranges?: A CompariSIEM

Moderator: Chris Crowley (@CCrowMontance), Summit Chair, SANS Institute
Panelists:

  • Craig L. Bowser, Sr. Security Engineer, Dept. of Energy
  • Justin Henderson, Instructor & Course Author, SANS Institute
  • Dave Herrald (@daveherrald), Staff Security Strategist, Splunk
1:40-2:20 pm

How Your SOC Can Nourish Your Organization with FOOD, Not FUD

My-Ngoc Nguyen, CEO/Principal, Security IT Solutions, LLC; Instructor, SANS Institute

2:20-3:00 pm

What to Follow? The Sun or the Stars

Kevin Garvey, Manager - Incident Response and Threat Management, Time Warner

3:00-3:20 pm Networking Break
3:20-4:00 pm Hacking your SOEL: SOC Automation and Orchestration

Rob Gresham, Security Solutions Architect, Splunk

4:00-4:40 pm

It's All About Your Assets: Inline Vulnerability and Event Management

David Hazar, Advisory Senior Manager, Deloitte

4:40-5:20 pm The Healthy SOC: A Case Study
  • Richard Noel, Manager – MSSP, Mayo Clinic
  • Chad Sadosty, CISSP, Senior Manager - CSOC, Mayo Clinic
5:20-6:30 pm Networking Reception
Tuesday, July 31st
Time Presentation Speaker
9:00-9:45 am What the CISO REALLY Wants Out of Your SOC Russell Eubanks, CISO, Federal Reserve Bank of Atlanta
9:45-10:25 am Building The SecOps Use Case Don Murdoch, Assistant Director - Cyber Range, Regent University
10:25-10:50 am Networking Break and Vendor Expo
10:50-11:30 am

There is No Security Without Systems Integrity; There is No Trusted Computing Without Security

Scott Alldridge, CEO, IP Services

11:30 am - 12:10 pm

Getting SecOps Foundations Right with Techniques, Tactics, and Procedures Zero (TTP0)

  • Rob Gresham, Security Solutions Architect, Splunk
  • Ismael Valenzuela (@aboutsecurity), SANS Certified Instructor, GSE #132; Principal Engineer at McAfee
12:10-1:30 pm Networking Lunch & Vendor Expo
1:30-2:10 pm

Panel

Moving on Up(?): Making the Leap from Technical to Managerial Positions

Moderator: Chris Crowley (@CCrowMontance), Summit Chair, SANS Institute

Panelists:

  • John Hubbard, SOC Manager, GlaxoSmithKline
  • John Pescatore, Director - Emerging Technologies, SANS Institute
  • Ismael Valenzuela (@aboutsecurity, SANS Certified Instructor, GSE #132; Principal Engineer at McAfee
2:10-2:50 pm

How to Turn Your Security Operations Center Into a Threat Hunting "Tour de Force"

Joe Moles, Director of Detection Ops, Red Canary

2:50-3:30 pm Networking Break and Vendor Expo
3:30-4:10 pm Burning Down the Haystack

Tim Frazier, Senior Security Engineer, Splunk

4:10-4:50 pm

The Most Dangerous Game: Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework

John Hubbard, SOC Manager, GlaxoSmithKline

4:50-5:00 pm Closing Remarks Chris Crowley (@CCrowMontance), Summit Chair, SANS Institute