Everything They Told Me About Security Was Wrong
- John Strand
- Tuesday, August 21st, 7:15pm - 8:15pm
If you were to believe the vendors and the trade shows, you would think everything was "OK" with IT security. You would think AV works. You would think "plug and play" IDS was effective. You would think that Data Loss Prevention would prevent data loss. Why, then, is it that very large organizations are still getting compromised? Organizations with very large budgets and staff still get compromised in advanced and persistent ways. Something is very wrong in this industry.
Let's find out what is wrong and how we can fix it.
In this presentation we will cover many of the common misconceptions about computer security. A few misconceptions we will destroy with harsh words and live demos are:
- AV will keep malware off my system
- Firewalls will keep the attackers out
- If my system is patched, I cannot be hacked
- Apple computers are far safer than Windows
- Linux is more secure than Windows
- My users are dumb
In this presentation we will have multiple live demonstrations including: hacking a Mac, and hacking a Linux system and bypassing AV. However, the most important thing about this presentation is that we will cover how we need to change our defensive mindset.
After all, if information security was easy it would not take six days to cover the essentials.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, August 20
Tuesday, August 21
|Everything They Told Me About Security Was Wrong||John Strand||Tuesday, August 21st, 7:15pm - 8:15pm||SANS@Night|
Wednesday, August 22
|Assessing Deception||Mike Murr||Wednesday, August 22nd, 7:15pm - 8:15pm||SANS@Night|
Thursday, August 23
|SANS Technology Institute Brief||Dave Hoelzer and President Stephen Northcutt||Thursday, August 23rd, 7:15pm - 8:15pm||Special Events|
Friday, August 24
|GIAC Program Overview||Eric Cole and Stephen Northcutt||Friday, August 24th, 12:30pm - 1:15pm||Special Events|
Sunday, August 26
Monday, August 27
|Information Assurance Metrics: Practical Steps to Measurement||James Tarala||Monday, August 27th, 7:15pm - 8:15pm||SANS@Night|
|Failure to Operate||Chris Crowley||Monday, August 27th, 8:15pm - 9:15pm||SANS@Night|
Tuesday, August 28
|Who's Watching the Watchers||Mike Poor||Tuesday, August 28th, 7:15pm - 8:15pm||SANS@Night|