Webcasts

Using an Attacker Technique-Based Approach for Prevention

  • Wednesday, August 24th, 2016 at 1:00 PM (13:00:00 EDT/US Eastern)
  • Dave Shackleford and Mike Nichols
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Endgame

You can now attend the webcast using your mobile device!

Overview

Although quick detection and remediation is vital to mitigating security breaches, let's not give up on prevention! In this webcast, SANS senior instructor Dave Shackleford will discuss how threat intelligence can be used to help prevent incidents and unknown attacks.

For example, focusing on the attacker techniques can be used to block entire classes of exploits, adversary behaviors and classes of malware from executing anything malicious on the network.

Attend this webcast and learn:
  • What to look for in specific phases of attack campaigns
  • How to recognize and reuse malware and exploit indicators, such as credential theft, process injection, and persistence
  • How threat hunting changes the protect/detect/response scenario
  • Processes for automating intelligence feeds into detection and response systems

Those who register for this webcast will also receive advance access to an associated whitepaper developed by Dave Shackleford.

View the associated whitepaper here.

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.


Mike Nichols

Mike Nichols is the Principal Product Manager at Endgame, managing the Endgame cyber operations platform. Mike leverages years of commercial and federal product development experience, as well his time as an Army cyber intelligence analyst, to ensure the product not only has a superior workflow to existing methods but also optimizes the analyst's time. He divides his time between internal engagement with engineering and customer support, and external engagement with existing customers and new sales prospects in order to best understand the needs of the customer and ensure proper translation to mission enabling features. Prior to working at Endgame, Mike served in a variety of technical leadership roles at Fortscale, General Dynamics Fidelis Cybersecurity Solutions, and Deloitte. Mike served in the US Army as military intelligence specialist, supporting Operation Iraqi Freedom and Operation Enduring Freedom.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.