To Attend In-Person, Register Below
If you plan to attend virtually, do not submit your information below. Use the buttons within the agenda sections above to register for the virtual sessions
View Agendas and Register
Register to attend in-person or virtually using the respective buttons after each agenda
-
Thank you for your interest in our community nights. The in-person option for this event is at capacity – please send an email to anz@sans.org to confirm if spots are available. Alternatively, you can go on our waitlist.
5:30pm - 6:00pm
Registration, drinks and canapes.
6:00pm to 7:00pm AEDT
Presentation: The Changing Role of a Security Leader and What It Means to You
Speaker: Lenny Zeltser
7:15pm to 8:15pm AEDT
Presentation: Cyber Security is Great. What about Physical Security?
Speaker: Nick Mitropoulos
Abstracts:
The Changing Role of a Security Leader and What It Means to You
As the world of information technology continues to change, so does the role of the security leader. Whether you're a CISO, Director of Security, or someone aspiring for such a position, you should consider how the current trends in IT and business affect your professional journey.
Does your current approach to security leadership set you up for success? Attend this session to learn how experienced CISOs:
- Align their security strategy to the business it aims to support
- Ask the right questions to excel in challenging situations
- Gain support of their efforts from non-security stakeholders
- Use technical and communication skills to their advantage
Those of us whose professional roots are grounded in technology often look at enterprise defenses from the perspective of the threats. While understanding the relationship between attacks and defenses is important, it's no longer sufficient. Attend this session to learn how to think about the role of a modern security leader to succeed in today's business environment.
Cyber Security is Great. What about Physical Security?
Cyber Security focuses on several methods that attackers use to infiltrate networks and obtain access to machines, often leveraging sophisticated attack vectors.
However, even the most fortified network can be brought down by a physical attack. This talk aims to cover numerous angles of physical security and go over related technologies that can be applied today to protect our physical infrastructure from determined attackers. This can be anything from a small home office to corporate infrastructure with hundreds of devices. Although some of these techniques appear as science fiction, they're actually applicable in our current environments.
In-Person Location
The Rex Hotel
150 Northbourne Ave
Braddon ACT2612 -
5:30pm - 6:00pm AEDT
Registration, drinks and canapes.
6:00pm to 7:00pm AEDT
Presentation: Detecting & Hunting Ransomware Operator Tools: It's Easier Than You Think!
Speaker: Ryan Chapman
Abstract:
Detecting & Hunting Ransomware Operator Tools: It's Easier Than You Think!
Join us in this Community Night talk as Ryan Chapman, author of SANS FOR528: Ransomware for Incident Responders, provides an overview of tools leveraged often by ransomware operators. Though a multitude of ransomware operations and affiliate groups exist, we see a great deal of overlap between the tools leveraged by these groups (and that's an understatement!). Are you following and utilizing projects such as Living Off Trusted Sites (LOTS) and Bring Your Own Vulnerable Driver (BYOVD)? Are you looking for Bloodhound/SharpHound? Do you know how PsExec-like tools work at a forensic level (e.g., smbexec)? Are you hunting for rogue installations of Remote Monitoring & Maintenance (RMM) tools? Did you know that data exfiltration tools like Winzip, 7Zip, WinSCP, FileZilla, Rclone, and MEGAsync often leave forensic artifacts that are absolute snitches that are just phenomenal for us cyber defenders? Join us in this session so that we can discuss these tools, show you how they work, and share tips & tricks related to preventing, detecting, and hunting them!
In-Person Location
The Rex Hotel
150 Northbourne Ave
Braddon ACT2612