Two Days Left to Get an iPad Air with Smart Keyboard, or Surface Go, or $300 Off with OnDemand or vLive Training ends tomorrow!

Virginia Beach 2018

Virginia Beach, VA | Mon, Aug 20 - Fri, Aug 31, 2018
This event is over,
but there are more training opportunities.

Due to a high demand for security training at SANS Virginia Beach 2018, courses will be held at both the Hilton Virginia Beach Oceanfront and Hilton Garden Inn Virginia Beach Oceanfront. The hotels are less than a five minute walk from one another, and are accessible from both the Boardwalk and Atlantic Avenue. SEC503, SEC555, SEC573, SEC575, MGT514, and DEV540 will be hosted at the Hilton Garden Inn Virginia Beach Oceanfront.

Stuck in the Box, a SIEM's Tale

  • Justin Henderson
  • Monday, August 27th, 7:15pm - 8:15pm

Organizations often spend excessive amounts of money on SIEM products only to end up with a log collection box when they thought they purchased a tactical detection system. Most organizations find themselves with a SIEM but unsure how to use its capabilities. Point solutions are quick to defend deficiencies by stating each environment is different so you, the customer, must tell them what you want the SIEM to do and then they'll help with professional services or by replacing your current SIEM with something "better and more advanced." This is complete hogwash. Organizations tend to have a lot of overlap such as the use of Windows systems or network protocols such as DNS. As such there are high fidelity detects that can be implemented in every organization.

Enough is enough. If you are looking for techniques and methods to get value out of your current SIEM or are interested in seeing how a new open source big data solution such as the Elastic Stack, formerly ELK, most likely can beat what you have today then this talk is for you. Fact is that it is time to think outside the box. Come find out how one organization spent fourteen months deploying a top magic quadrant SIEM solution to have it beaten by ELK in two weeks.


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, August 20
Session Speaker Time Type
General Session - Welcome to SANS Keith Palmgren Monday, August 20th, 8:00am - 8:30am Special Events
Infosec State of the Union Jake Williams Monday, August 20th, 7:15pm - 9:15pm Keynote
Tuesday, August 21
Session Speaker Time Type
Continuous Security: Monitoring & Active Defense in the Cloud Eric Johnson Tuesday, August 21st, 7:15pm - 8:15pm SANS@Night
Wednesday, August 22
Session Speaker Time Type
Blockchain 101 G. Mark Hardy Wednesday, August 22nd, 7:15pm - 8:15pm SANS@Night
Red Team Apocalypse Derek Banks Wednesday, August 22nd, 8:15pm - 9:15pm SANS@Night
Sunday, August 26
Session Speaker Time Type
General Session - Welcome to SANS Justin Henderson Sunday, August 26th, 8:00am - 8:30am Special Events
Actionable Detects: Blue Team Cyber Defense Tactics Seth Misenar Sunday, August 26th, 7:15pm - 9:15pm Keynote
Monday, August 27
Session Speaker Time Type
Stuck in the Box, a SIEM's Tale Justin Henderson Monday, August 27th, 7:15pm - 8:15pm SANS@Night
Tuesday, August 28
Session Speaker Time Type
OODA Security: Taking Back the Advantage Kevin Fiscus Tuesday, August 28th, 7:15pm - 8:15pm SANS@Night
Automating NIST Risk Management Framework (RMF) / 800-53 Peter Szczepankiewicz Tuesday, August 28th, 8:15pm - 9:15pm SANS@Night