Develop invaluable cybersecurity skills through interactive training during SANS 2021 - Live Online. Register now.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Discover and Eliminate Cyberattack Pathways to Critical Assets with Illusive Networks Attack Surface Manager

  • Wednesday, February 12, 2020 at 10:30 AM EST (2020-02-12 15:30:00 UTC)
  • Wade Lance, Dave Shackleford


  • Illusive Networks

You can now attend the webcast using your mobile device!



Nearly all high-impact cyberattacks have a phase in which the attacker must conduct lateral movement from their initial landing point to their ultimate target. For the attacker, the path of least resistance is to leverage a combination of credentials and available connections between one system and another natively available within the network, often referred to as "living off the land."

As organizations work to reduce such risks from their attack surface, most have a vulnerability management program in place to proactively remediate software weaknesses and system configuration issues before attackers can exploit thembut even with such a program, security teams struggle to discover and patch vulnerabilities in a timely manner, a lag which leaves their organizations network open to attack. Further complicating the issue is the escalation of excessive account privileges and the challenge to properly provision and monitor. 

Combined, these are especially dangerous blind spots since attackers have sophisticated means of rapidly harvesting credentials throughout the environment and elevating privileges of regular users.

Join SANS Analyst Dave Shackleford and Wade Lance, Principal Solutions Architect from Illusive Networks, as they outline methods for improving the process of monitoring and managing threats as well as how to better control identity access management (IAM) and privileged accounts by utilizing the Illusive Networks Attack Surface Manager (ASM).

Register today to be among the first to receive the associated analyst papers written by security expert Dave Shackleford:

Using Illusive Networks' Attack Surface Manager to Enhance Vulnerability Management and Using Illusive Networks' Attack Surface Manager to Enhance Vulnerability Management

Speaker Bios

Dave Shackleford

Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Wade Lance

Wade Lance, Principal Solutions Architect at Illusive Networks, has been productizing new technologies in education, healthcare and information security for over 20 years. He has diverse experience in solution design for global 1000 cyber security teams, with an extensive background in advanced cyber attack detection, and a specialty in cyber deception methods and platforms. Prior to his career in information technology, Lance was a professional mountain guide. As Program Director at Appalachian Mountaineering, he developed a new method for technical rock and ice climbing instruction that is still used today to teach advanced skills for the most dangerous environments.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.