You Can Panic Now. Host Protection is (Mostly) Dead--
- An Incident Response and Forensics analysis of an APT attack.
- Rob Lee
- Thursday, October 31st, 6:30pm - 8:00pm
6:30pm - 7:00pm: Registration and Networking
7:00pm - 8:00pm: Presentation
Is host-based detection dead? No one has been able to see the APT circumvent common defenses because victims rarely share specific attack details. Until now. A real-world APT attack reveals how surprisingly ineffective sophisticated host-based defenses are. Starting from an initial attack through data exfiltration, this presentation will cover several of the tactics and techniques used by attackers to bypass many of the host-based controls used in numerous organizations today.
This presentation is co-sponsored by HTCIA and the Association of Information Security Professionals (AISP) and is free of charge. However seating is limited and will be allocated on a first-registered basis.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
Thursday, October 24
|Pen Testing the Smart Grid||Justin Searle||Thursday, October 24th, 5:30pm - 7:15pm||SANS@Night|
Thursday, October 31
|You Can Panic Now. Host Protection is (Mostly) Dead--||Rob Lee||Thursday, October 31st, 6:30pm - 8:00pm||SANS@Night|