Final Week to get an iPad Pro or Surface Pro with Online Training!

SIEM & Tactical Analytics Summit

Scottsdale, AZ | Tue, Nov 28, 2017 - Tue, Dec 5, 2017
Event starts in 10 Days
 

Siem Summit

We strive to present the most relevant, timely and valuable content. As a result, this agenda is subject to change.
Please check back frequently for changes and updates.

Tuesday, November 28, 2017

Time Presentation Speaker
9:00-9:15 am Opening Remarks & Introductions
9:15-10:00 am

Keynote: Tactical Acceleration

Doug Burks (@dougburks), CEO, Security Onion Solutions LLC
10:00-10:35 am Lesser-Used Logs: Why You *NEED* To Be Looking at Them Mick Douglas (@BetterSafetyNet), DFIR Practice Lead, Binary Defense Systems; SANS Instructor, SEC504
10:35-11:00 am Networking Break
11:00-11:35 am

Modern Phishing Defeated by Plain Old Logs

Art Azarenko, Security Analyst, TDS Inc.
11:35-12:10 pm Actionable Detects: Blue Team Cyber Defense Tactics Seth Misenar (@sethmisenar), Principal Consultant, Context Security; Senior Instructor, Author, SEC511 and SEC542, SANS Institute
12:10-1:30 pm Lunch Panel
1:30-2:05 pm SIEMple Simon Met a WMIman Craig L. Bowser, Sr. Security Engineer, Dept. of Energy
2:05-2:40 pm Deploying Windows Advanced Auditing: Deploying One Incident Responder's Wish List of Events Mike Lombardi, President, Vertigrate
2:40-3:00 pm Networking Break
3:00-3:35 pm Exit Night, Enter Light David Mashburn (@d_mashburn), IT Security Manager
3:35-4:10 pm Ten Holiday Gift Ideas for the SOC Who Has Everything
4:10-4:45 pm

Taking Your SIEM to the Next Level with 3rd Party Tools and Scripts

Austin Taylor (@HuntOperator), GSE #79, Senior Security Researcher, IronNet Cybersecurity; Mentor, SANS Institute
4:45-5:00 pm Day 1 Wrap-Up & Closing Remarks
6:30-9:30 pm

SIEM NetWars

SIEM NetWars is a hands-on, interactive learning scenario that enables security professionals to develop and master real-world, in-depth skills they need to efficiently and effectively leverage their SIEM to gain actionable intelligence and defend their organization. Participants learn in a cyber range while working through various challenge levels with a focus on mastering the skills information security professionals can use in their jobs every day.

Wednesday, November 29, 2017
Time Presentation Speaker
9:00-9:45 am Keynote: This Is Not Your Grandfather's SIEM Carson Zimmerman, Cyber Security Operations Center (CSOC) Engineering Team Lead, Microsoft
9:45-10:20 am

Stashing the SIEM

Kevin Wilcox (@kmwilcox_), Information Security Specialist, Appalachian State University
10:20-10:40 am Networking Break
10:40-11:15 am

Defeating Advanced Attacks with Simple Detects

Justin Henderson (@SecurityMapper), Systems and Security Architect, GSE # 108, Cyber Guardian Red/Blue; Summit Co-Chair
11:15-11:50am Active Defense via a Labyrinth of Deception Nathanial Quist, Incident Response Engineer, LogRhythm
11:50 am - 1:15 p.m Lunch
1:15-1:50 pm Sinkhole all the Things!: Using a (DNS) Sinkhole to Detect and Respond to Malicious Activity Stefan Hazenbroek, Cyber Defense Analyst, Shell
1:50-2:25 pm Panel - SIEMtervention
2:40-3:15 pm Cracking the Upper Management Code Kevin Garvey, Senior Analyst IT Security Operations, Corporate Information Security, Time Warner
3:15-3:35 pm Networking Break
3:35-4:10 pm

The Most Dangerous Game: Hunting for Post-Exploitation Stage Attacks with Elastic Stack and the MITRE ATT&CK Framework

John Hubbard, SOC Manager, GlaxoSmithKline
4:10-4:45 pm

Open CNA (Collection, Normalization, and Analysis) Using rastrea2r and Machine Learning

Ismael Valenzuela (@aboutsecurity), SANS Certified Instructor, GSE #132; Global Director of Foundstone Consulting Services
4:45-5:00 pm

Closing Remarks

6:30-9:30 pm

SIEM NetWars

SIEM NetWars is a hands-on, interactive learning scenario that enables security professionals to develop and master real-world, in-depth skills they need to efficiently and effectively leverage their SIEM to gain actionable intelligence and defend their organization. Participants learn in a cyber range while working through various challenge levels with a focus on mastering the skills information security professionals can use in their jobs every day.