Everything They Told Me About Security Was Wrong
- John Strand
- Tuesday, August 21st, 7:15pm - 8:15pm
If you were to believe the vendors and the trade shows, you would think everything was "OK" with IT security. You would think AV works. You would think "plug and play" IDS was effective. You would think that Data Loss Prevention would prevent data loss. Why, then, is it that very large organizations are still getting compromised? Organizations with very large budgets and staff still get compromised in advanced and persistent ways. Something is very wrong in this industry.
Let's find out what is wrong and how we can fix it.
In this presentation we will cover many of the common misconceptions about computer security. A few misconceptions we will destroy with harsh words and live demos are:
- AV will keep malware off my system
- Firewalls will keep the attackers out
- If my system is patched, I cannot be hacked
- Apple computers are far safer than Windows
- Linux is more secure than Windows
- My users are dumb
In this presentation we will have multiple live demonstrations including: hacking a Mac, and hacking a Linux system and bypassing AV. However, the most important thing about this presentation is that we will cover how we need to change our defensive mindset.
After all, if information security was easy it would not take six days to cover the essentials.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
|General Session - Welcome to SANS||Dr. Eric Cole||Monday, August 20th, 8:15am - 8:45am||Special Events|
|Why Do Organizations Get Compromised?||Dr. Eric Cole||Monday, August 20th, 7:15pm - 9:15pm||Special Events|
|Everything They Told Me About Security Was Wrong||John Strand||Tuesday, August 21st, 7:15pm - 8:15pm||SANS@Night|
|Assessing Deception||Mike Murr||Wednesday, August 22nd, 7:15pm - 8:15pm||SANS@Night|
|SANS Technology Institute Brief||Dave Hoelzer and President Stephen Northcutt||Thursday, August 23rd, 7:15pm - 8:15pm||Special Events|
|GIAC Program Overview||Eric Cole and Stephen Northcutt||Friday, August 24th, 12:30pm - 1:15pm||Special Events|
|General Session - Welcome to SANS||Dr. Eric Cole||Sunday, August 26th, 8:15am - 8:45am||Special Events|
|Why Do Organizations Get Compromised?||Dr. Eric Cole||Sunday, August 26th, 8:15am - 9:15pm||Special Events|
|Information Assurance Metrics: Practical Steps to Measurement||James Tarala||Monday, August 27th, 7:15pm - 8:15pm||SANS@Night|
|Failure to Operate||Chris Crowley||Monday, August 27th, 8:15pm - 9:15pm||SANS@Night|
|Who's Watching the Watchers||Mike Poor||Tuesday, August 28th, 7:15pm - 8:15pm||SANS@Night|
|GIAC Program Overview||Eric Cole and Stephen Northcutt||Wednesday, August 29th, 7:15pm - 8:15pm||Special Events|
|SANS Technology Institute Brief||Dave Hoelzer and President Stephen Northcutt||Wednesday, August 29th, 8:15pm - 9:15pm||Special Events|