Last Day to Save $400 on DFIR Summit

Webcasts: Archive

Below you can find all webcasts that have already been presented in the past three years. You can view these webcasts and download the slides by logging into your SANS Portal Account or creating an Account. Once you have logged in, click the Register Now button on your webcast of choice to view the Webcast and download slides.
Date Title Sponsor Speaker
Dec 27, 2010Anatomy of the Advanced Persistent Threat (This webcast is a re-release of a previously aired webcast)Tom Cross, Will Gragido, Jon Larimer
Dec 21, 2010The Virtualization Movement: Trends and Risks in Virtualization System Security and How to Prepare EffectivelyTom Cross, Bryan Williams
Dec 20, 2010Securing Services at the Network Edge - Combining Security Enforcement and GovernanceSachin Gadre, Blake Dournaee
Dec 17, 2010CDI2010 - Security 580: Metasploit Kung Fu for Enterprise Pen Testing
Dec 17, 2010CDI2010 - Security 577: Virtualization Security Fundamentals
Dec 16, 2010Countdown to Compliance: Building Blocks for a PCI/PA DSSJohn Jacott
Dec 15, 2010Detect Data Loss and Fraud with Application Monitoring and SIEMMichael Leland
Dec 14, 2010LIVE WEBCAST DIRECT FROM SANS Cyber Defense Initiative 2010! Core Security Lunch & Learn Presentation Efficient Vulnerability Management with Penetration Testing
Dec 13, 2010Continuous Vulnerability Testing and Remediation: The 20 Critical Security Controls Perspective
Dec 13, 2010Scared Straight: A Real-World Web App Attack and How to Prevent ItRyan C. Barnett, Frank Kim
Dec 12, 2010Knock, Knock! How Attackers Use Social Engineering to Bypass Your Defenses
Dec 11, 2010Indicators of Compromise: ABCs of IOCs
Dec 10, 2010Securing the Human
Dec 10, 2010Beyond AV: Total Endpoint Security For Multi-Regulatory Compliance and Better SecurityKimber Spradlin
Dec 9, 20107 Things You Didn't Know You Could Do With SIEM: Demonstrating How Organizations are Moving from SIEM to Security IntelligenceIven Connary
Dec 8, 2010Internet Storm Center Update
Dec 7, 2010Taming the Social Network BeastWade Williamson, Eric Cole, PhD.
Dec 2, 2010Endpoint Security: Stopping Stuxnet and other Blended Threats in the Real WorldMark Ehr
Nov 26, 2010Special Webcast: What's Old is (Virtually) New: Secure virtual environments with established security practices and virtual-specific solutions (This webcast is a re-release of a previously aired webcast)David Abercrombie
Nov 17, 2010Breaking Out of Restricted Windows DesktopsPieter Danhieux
Nov 16, 2010PCI 2.0: What's new? What's important? What's missing?Eric Browning
Nov 16, 2010Social Engineering with Frame ControlMichael Murr
Nov 12, 2010Advanced Warning - Network Early Warning Systems Part IIMike Poor
Nov 10, 2010
Nov 8, 2010What every Network Forensics Analyst needs to know about IPv6Johannes Ullrich
Nov 4, 2010WhatWorks in Vulnerability Management: Seeking Out Big Bugs in the State of MinnesotaAlan Paller, Chris Buse, Neal Dawson
Nov 3, 2010Building a Better Bunker: Securing Energy Control Systems Against Terrorists and CyberwarriorsJonathan Pollet, Eric D. Knapp, Michael Knapp
Nov 2, 2010Microsoft Patch Analysis and ExploitationStephen Sims
Nov 2, 2010Browser Exploitation for Fun and ProfitRaul Siles
Oct 29, 2010An inside look at StuxnetJon Larimer
Oct 28, 2010Firewall Change Management - Don't let one error change everything Michelle Johnson Cobb, Ravid Circus
Oct 27, 2010Securing Services at the Network Edge - Combining Security Enforcement and GovernanceSachin Gadre, Blake Dournaee
Oct 26, 2010WhatWorks in Vulnerability Management: Wrangling Vulnerabilities in the Wild West of WebsitesAlan Paller
Oct 26, 2010Cyberwar or Business as Usual? - The State of International Cyber Security EffortsJames Tarala
Oct 26, 2010Super Timeline AnalysisRob Lee
Oct 21, 2010
Oct 21, 2010How to Implement Practical Security with SEC401 - Solutions that WorkDr. Eric Cole
Oct 20, 2010Baselines not Barriers: How Cross-Functional IT Baselines can create the Foundation for a Unified Security StrategyWalker White
Oct 19, 2010Building a Better Bunker: Securing Energy Control Systems Against Terrorists and CyberwarriorsJonathan Pollet, Eric D. Knapp, Michael Knapp
Oct 19, 2010Pen-Testing a Proprietary Target
Oct 7, 2010Establishing real-time continuous visibility and control over all of your network endpoints in daysNate Howe, Sandy Hawke
Oct 5, 2010Magic Numbers: An In-depth guide to the five key metrics for application securityRafal Los
Sep 29, 2010What to Know about Laptop Encryption to Save Yourself from Future HasslesJim Fulton
Sep 29, 2010Modern Web Application AttacksJohannes Ullrich, PhD
Sep 23, 2010IPS in the Real World: Stopping the Latest Threats Without Sacrificing PerformanceVikram Phatak, Wade Williamson
Sep 22, 2010The Security Risks and Trends You Must Consider in 2010: Highlights from the IBM X-Force 2010 Mid-Year Trend and Risk ReportJamie Licitra
Sep 22, 2010Contextual Encoding is the new Input ValidationJames Manico
Sep 15, 2010
Sep 14, 2010Continuous Monitoring: What You Need to Know A. N. Ananth
Sep 3, 2010Examining the Global Underground of Malicious ActorsThomas J. Holt, Ph.D.
Sep 2, 2010Operationalizing Security - Making the top 10 SIEM best practices work; Metrics, Processes and TechnologiesAnton Chuvakin, William Sieglein, Tim Mather - CISSP, CISM, Jamie Sanbower - CISSP, CCIE, Randolph Barr, Scott Gordon
Sep 1, 2010Bad Boys, Bad Boys, Whatcha Gonna DoChris Poulin
Aug 31, 2010Electronic Records Retention PolicyBenjamin Wright
Aug 25, 2010The New Requirements for Your Network IPS SolutionsVikram Phatak, Dave Ostrowski
Aug 23, 2010PCI & Encryption: Limiting Legal Exposure & Maintaining ComplianceDavid Hoelzer
Aug 12, 2010Detecting Advanced Threats and Malware with SIEMJeremy Conway
Jul 30, 2010Virtualization and PCI: 5 Things to Know and CheckDavid Hoelzer
Jul 28, 2010Predictive Cyber Security-Using Risk Modeling and Attack Simulation to Reduce Network Security Exposures and Avoid Cyber AttacksGidi Cohen
Jul 27, 2010The Emergence of Content Aware SIEMMel Shakir
Jul 26, 2010How Outsiders become Insider Threats: Client-Side and Content-Focused AttacksDavid Dewey
Jul 22, 2010Measuring Network Performance, Security and Stability Under Hostile Conditions: SANS Network Security Survey Results James Tarala, Dennis Cox, David Rice
Jul 20, 2010Making the Case for SIEMAarij M. Khan
Jul 15, 2010Moving 100 percent into the Cloud...SecurelyAlan Paller, Matt Reidy
Jul 14, 2010
Jul 13, 2010Hardening your Virtual Linux and Solaris AssetsJamie Adams, Hal Pomeranz
Jul 8, 2010Live Forensic 4Cast Awards Ceremony
Jul 8, 2010SANS Forensic Challenge Winners PresentationJonathan Ham, Sherri Davidoff
Jul 7, 2010Sequencing the IT Genome: Agent-less IT Asset Visibility for an Enhanced Security StrategyWalker White
Jun 30, 2010A Primer to Compliance and Security in the CloudScott Chasin, Michael Berman
Jun 29, 2010Advanced Network Forensics: Finding the Needle in the HaystackJonathan Ham, Rich Bakos
Jun 25, 2010A Revolution in Federal Cyber Security: Continuous Automated FISMA Reporting - What's Required By OMB? What Works?Alan Paller
Jun 22, 2010Trust and verify: securing client side code in web services oriented applications.Danny Allan, Johannes Ullrich, PhD
Jun 17, 2010Web Application Threats: Combining XSS and CSRF to own the world!Paul Kaspian
Jun 17, 2010Reserved for Andy
Jun 16, 2010Innovation in Application Security: Application Risk ManagementJohn Sapp
Jun 15, 2010Industry Analysts Program - A Guide to Virtual Hardening GuidesCharu Chaubal, Hemma Prafullchandra
Jun 9, 2010
Jun 8, 2010Identifying Patterns in Events: Reducing Risk and Improving SecurityMark Seward
Jun 4, 2010elm test 2
Jun 4, 2010elm test
Jun 3, 2010Report: The State of Software SecurityChris Eng
Jun 1, 2010WhatWorks in Log Management and Security Information and Event Management: Log Management and SIEM for the Rest of Us (Non-Fortune 100s)Alan Paller, Jim Beechey
Jun 1, 2010Prioritizing an Audit Program Using the Consensus Audit Guidelines (CAG)James Tarala
May 28, 2010Anatomy of the Advanced Persistent Threat - Recording
May 28, 2010Ann's Aurora: The 2010 Digital Forensics and IR Summit Challenge!
May 27, 2010Evolve or Die - Trends in Malware DevelopmentTom Liston, Thomas Chimento, PhD
May 27, 2010What's new for security in Windows 7 and Windows Server 2008-R2?Jason Fossen
May 26, 2010Introduction to Malware AnalysisLenny Zeltser
May 26, 2010Privileged Users: Compliance Dictates Their Monitoring, Even with Separation of DutiesTrent Heisler
May 25, 2010Prioritizing an Audit Program Using the Consensus Audit Guidelines (CAG)James Tarala
May 24, 2010Operating System Security ... a "Fireside Chat"Ed Hammersla, Jamie Adams
May 20, 2010Improved Database Threat Management with Oracle Audit Vault and ArcSight Enterprise Security ManagerRoxana Bradescu, Ryan Kalember
May 20, 2010Introducing Fuzzing to your Pen-Testing Regimen
May 19, 2010Anatomy of the Advanced Persistent ThreatTom Cross, Will Gragido, Jon Larimer
May 18, 2010iPhone InsecurityJim Herbeck
May 13, 2010A Revolution in Federal Cyber Security: Continuous Automated FISMA Reporting - What's Required By OMB? What Works?Alan Paller
May 12, 2010
May 11, 2010What's New for Security in Windows 7 and Windows Server 2008-R2Jason Fossen
May 11, 2010Simplifying Fine-Grained Security for Enterprise Applications with Entitlements ManagementBob Blakley, Roger Wigenstam
May 8, 2010Emerging Trends Panel Discussion (SANS Security West 2010)
May 7, 2010The State of Security Architecture Practices TodayJohn Strand, Michele Guel
May 6, 2010Moving Beyond Archival - Tips and Tricks for Taking the Next Step with Log ManagementJason Arrington
Apr 29, 2010The Growing Threat and Impact of Web-Based MalwareJohannes Ullrich, Neil Daswani
Apr 28, 2010Catching Hackers Through Network Log ForensicsJonathan Ham, Rich Bakos
Apr 28, 2010Defending Web Applications: Going Back to First PrinciplesJohannes Ullrich, Jason Lam
Apr 27, 2010Cisco TrustSec Technical OverviewJason Halpern
Apr 27, 2010SQL Injection for the Penetration TesterEric Conrad
Apr 26, 2010Pen Test & Vuln Assessment Summit Preview: Essential Crypto for Pen Testers: No Math Required!Joshua Wright, Ed Skoudis
Apr 21, 2010What's Old is (Virtually) New: Secure virtual environments with established security practices and virtual-specific solutionsDavid Abercrombie
Apr 19, 2010Manipulating Web Application InterfacesFelipe Moreno
Apr 14, 2010
Apr 13, 2010Application Whitelisting: Stop Tomorrow's Malware TodayTom Murphy
Apr 8, 2010SANS Sixth Annual Log Management Survey, Part II: Deriving More Value from More DataAndy Morris, Debbie Umbach, Tracy Hulver
Apr 7, 2010Database Monitoring - Beyond Compliance to Pro-active Information ProtectionMehlam Shakir
Apr 7, 2010Top 7 Trends in Incident Response and Computer Forensics Rob Lee
Apr 6, 2010SANS Sixth Annual Log Management Survey, Part I More Log Data, More UsesSunil Bhargava
Mar 29, 2010State of the Hack Rob Lee
Mar 25, 2010Automating firewall assessment and audits- Keep your firewalls secure and compliant in a fraction of the time Joseph Ford, Michelle Johnson Cobb
Mar 24, 2010Social Zombies: Your Friends Want to Eat your Brains
Mar 24, 2010Fighting Back with Computer ForensicsJess Garcia
Mar 23, 2010Automated Operating System Lockdown: Security Blanket 4.0 ReviewGeorge Kamis
Mar 19, 2010Digging Deeper Into The Advanced Persistent ThreatAlan Paller, Kevin Mandia
Mar 18, 2010Calculating TCO with Adaptive IPSEugene Schultz, Ph.D., CISM, CISSP, Steve Piper
Mar 17, 2010Privileged user monitoring - Automating compliance and managing riskTrent Heisler
Mar 16, 2010Monitoring Administrators Activity in a Virtual EnvironmentMike Foley, Scott Crawford
Mar 11, 2010Security Architecture Disasters: And what you can do to avoid them!John Strand, Michele Guel
Mar 10, 2010
Mar 9, 2010Smart Strategies for Securing Extranet AccessEric Leach
Mar 9, 2010A Peek into Linux Forensic AnalysisJess Garcia
Mar 2, 2010The Internet is Evil!! And what you can do about it.John Strand, Michele Guel
Feb 25, 2010Mobile Application Security: Challenges and OpportunitiesChris Clark, Chris Eng
Feb 24, 2010Identifying and Understanding Advanced Persistent ThreatsJeremy Conway
Feb 16, 2010Oracle Database Security: A Defense in Depth ApproachTanya Baccam, Roxana Bradescu
Feb 11, 2010Cybersecurity: Back to the FutureMary Ann Davidson
Feb 10, 2010
Feb 9, 2010Prioritizing an Audit Program Using the Consensus Audit Guidelines (CAG)Bill Niester, James Tarala
Feb 3, 2010WhatWorks in Intrusion Prevention and Detection: Tapping Unexpected Benefits of IPS + Next-Gen Firewall at Farm Credit Financial PartnersAlan Paller, Carl Boyer
Jan 27, 2010Advanced Methods for Finding Malware Dr. Eric Cole
Jan 26, 2010Using Scapy to Test a Snort RuleJudy Novak
Jan 26, 2010The Wireless Threat: Introducing Wireless Security Misconceptions, Attacks and Vulnerabilities
Jan 26, 2010Reserved - Katrina
Jan 22, 2010The Impact of BSI-MM in Software Development ProgramsDavid Rice, Gary McGraw
Jan 20, 2010Memory Analysis for Incident Responders and Forensic AnalystsChad Tilbury
Jan 18, 2010The Porous Castle: Next Generation Application AttacksChris Wysopal, Nitesh Dhanjani
Jan 14, 2010Novell Sentinel Log Manager ReviewJason Arrington
Jan 13, 2010
Jan 12, 2010Federal Desktop Core Configuration (FDCC): What is It? Should Enterprises Adopt It?Sandy Hawke

Note to Vendors:If you are interested in sponsoring a future SANS Webcast, email for more information.