Develop invaluable cybersecurity skills through interactive training during SANS 2021 - Live Online. Register now.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Sorry, the slides for this webcast are not available for download.

Continuous Monitoring, Real World Analysis and Strategies to Mitigate Targeted Attacks; Bonus Story Behind The Top 4 Mitigations

  • Wednesday, May 27, 2015 at 10:00 PM EDT (2015-05-28 02:00:00 UTC)
  • Seth Misenar, Alan Paller

You can now attend the webcast using your mobile device!



We're pleased to invite you to join us for this next very special session in the SANS-APAC webcast series. Alan Paller, SANS Founder, President of the SANS Technology Institute and Director of Research at the SANS Institute joins forces with Seth Misenar, SANS course author and Senior Instructor for a unique, not-to-be-missed webcast for anyone interested in cyber defence.

Topic 1: What to do first: The Top 4 Mitigations
Presenter: Alan Paller, SANS Founder, President of the SANS Technology Institute and Director of Research, SANS Institute

Topic 2: Continuous Monitoring & Real World Analysis
Presenter: Seth Misenar, SANS Senior Instructor

Date: Thursday, May 28, 2015
Time: 12:00 pm Canberra / 10:00 am Singapore / 7:30 am Bangalore

Note: This webcast is free of charge however a SANS portal account is required (see webcast link for details)

What to do first: The Top 4 Mitigations

A few years ago the Australian Secretary of the Department of Resources, Energy and Tourism was negotiating a huge uranium sale to a large country to the north of China when he discovered the other nation's negotiators had access to the secret documents stored only on Australian government computers. Upon returning to Canberra, he asked then Secretary of Defence Ian Watt to find out what happened. The ensuing initiative -- isolation of the attack techniques, identification or the kill chain, sequential culling of defensive techniques and finally identification of four key defenses -- is one of the greatest cybersecurity stories in the world and its impact touches government and industry around the world. Alan will share that story, identify the key players and roles, and most importantly illuminate the lessons learned during that incident and ensuing developments that are now shaping security strategies in smart organisations everywhere.

Continuous Monitoring and Real World Analysis

Repeat after me, I will get breached. Most organisations realise this fact too late; usually after a third party informs them - months after the initial compromise. Treating security monitoring as a quarterly auditing process means most compromises will go undetected for weeks or months. The attacks are continuous, and the monitoring must match.

Modern threats require a paradigm shift in the way we perform our analysis and monitoring. This talk will help you face the problems and describe how to move your organisation to a more defensible security architecture that enables continuous security monitoring.

Speaker Bios

Alan Paller

Alan Paller is the director of research for the SANS Institute, responsible for projects ranging from the Internet Storm Center (the Internet's early warning system with 500,000 sensors around the world) to the Top Ten Security Menaces of the coming year. He also edits NewsBites, the twice-weekly summary of the most important news stories in security. But he says his most satisfying responsibility is finding people who have solved important security problems and helping SANS 85,000 alumni in 60 countries learn about those people and their discoveries.

Alan earned degrees in computer science and engineering from Cornell and MIT. He wrote hundreds of articles on computer graphics, EIS and computer security, and authored two books, The EIS Book: Information Systems for Top Managers and How to Give the Best Presentation of Your Life.

He has testified before the House and Senate, and in 2001 the President named Alan as one of the original members of the National Infrastructure Assurance Council. In 2005 the Federal CIO Council chose him as its annual Azimuth Award winner recognizing his singular vision and outstanding service to government information technology.

His degrees are from Cornell University and the Massachusetts Institute of Technology.

Seth Misenar

When not watching zombie films, Seth Misenar serves as Founder/Lead Consultant for Context Security, which provides information security though leadership, independent research, security training, and security consulting services. His background includes network and web application penetration testing, vulnerability assessment, regulatory compliance efforts, security architecture design, as well as general security consulting. He has previously served as both a physical and network security consultant for Fortune 100 companies as well as the HIPAA and Information Security Officer for a state government agency.

In his former life, Seth received a B.S. in Philosophy from Millsaps College where he was twice selected for a Ford Teaching Fellowship. Also, Seth is no stranger to certifications and thus far has achieved credentials which include, but are not limited to, the following: CISSP, GSEC, GCIA, GCIH, GCWN, GCFA, GHTQ, GWAS, and MCSE credentials. He has previously taught numerous SANS classes including SEC401: Security Essentials, SEC504: Hacker Techniques, and SEC542: Web Application Penetration Testing. In addition to serving SANS in an teaching capacity, Seth also serves as both an OnDemand Subject Matter Expert and Technical Director for SANS OnDemand.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.