| Date (in UTC) |
Title |
Sponsor |
Speaker |
| Sep 27, 2016 | Sneak Peek for the European Security Awareness Summit | Lance Spitzner, Masha Sedova, Chris Boyd |
| Sep 26, 2016 | Going Mobile: Are Your Apps Putting You at Risk? | Eric Johnson |
| Sep 22, 2016 | Compliance Automation with OpenSCAP | Robin Price II |
| Sep 22, 2016 | Monitoring the Most Interesting Network in the World: Insights from the Black Hat NOC | Neil R. Wyler, Scott Carter |
| Sep 21, 2016 | Hardening Microservices Security: Building a Layered Defense Strategy | David Hoelzer, Matthew Silverlock |
| Sep 21, 2016 | Process Hunting with Microsoft AppLocker: Application Whitelisting is the Killer App | James Tarala |
| Sep 21, 2016 | Welcome Threat Hunters, Phishermen, and Other Liars | Rob Lee |
| Sep 20, 2016 | SOC Fundamentals for Your Threat Intelligence Program | Chris Crowley, Glenn Wong |
| Sep 20, 2016 | Threat Intelligence: What It Is, and How to Use It Effectively | Matt Bromiley, Stephen Gates |
| Sep 19, 2016 | Evasive malware is everywhere: Learn how it works and how to prevent it. | John Pescatore, Omri Moyal |
| Sep 16, 2016 | How to Target Critical Infrastructure: The Adversary Return on Investment from an Industrial Control System | Matthew Hosburgh |
| Sep 15, 2016 | Injecting a node.js app using NoSQL and Query Selector Injection | Aaron Cure |
| Sep 13, 2016 | Breach Detected! Could It Have Been Prevented? | Scott Simkin, Barbara Filkins |
| Sep 9, 2016 | Real World Phishing & Exploitation | Phillip Bosco |
| Sep 8, 2016 | Hunting 101 - Back to Basics: Implementing a Proactive Cyber Hunting Approach | Dave Shackleford, Brad Mecha |
| Sep 8, 2016 | Navigating SANS Pen Test Cheat Sheets for Fun and Profit | Ed Skoudis |
| Sep 7, 2016 | CISO Hot Topic Lunch Session: Communicating Cybersecurity Effectively to CEOs and Boards of Directors | Alan Paller, John Pescatore |
| Sep 7, 2016 | 2016 Threat Landscape Survey Report: Europe Edition | Lee Neely, Polomi Batra |
| Sep 6, 2016 | Incorporating ICS Cybersecurity Into Water Utility Master Planning | Jason Dely |
| Aug 31, 2016 | Top Office 365 Mail Vulnerabilities: Attacks on your Users Right Now | Michael Landewe, Kip James |
| Aug 30, 2016 | National Cyber Security Awareness Month Toolkit | Lance Spitzner, Cathy Click |
| Aug 29, 2016 | CISO Success Strategies | Frank Kim |
| Aug 26, 2016 | Prioritizing Cybersecurity with the Critical Security Controls | Wes Whitteker |
| Aug 25, 2016 | Intelligent Network Security | Jake Williams, Tom Byrnes |
| Aug 24, 2016 | Using an Attacker Technique-Based Approach for Prevention | Dave Shackleford, Mike Nichols |
| Aug 23, 2016 | Cyber-Hygiene and Standards of Care: Practical Defenses for Healthcare | James Tarala |
| Aug 23, 2016 | A Credit Union Detected LAN Turtle Attacks in Seconds with Network Access Control from Great Bay Software Beacon | John Pescatore, Jeremy Taylor |
| Aug 18, 2016 | Practical Open Source Intelligence: Six Tips for Starting an Effective Investigation | Micah Hoffman |
| Aug 18, 2016 | In Detection, the Only Thing That Matters Is Results | Dave Shackleford, David Thompson, Kasey Cross |
| Aug 17, 2016 | The State of Cyber Threat Intelligence: Part 2: The Value of CTI | Dave Shackleford, Mark Doering, Rebekah Brown, Aaron Shelmire |
| Aug 17, 2016 | Designing and Building a SOC: Management Fundamentals | Christopher Crowley |
| Aug 16, 2016 | The State of Cyber Threat Intelligence: Part 1: How Cyber Threat Intelligence Is Consumed and Processed | Arabella Hallawell, Dave Shackleford, Javvad Malik, Chip Witt |
| Aug 15, 2016 | Establishing Street Cred: Fundamental Security Concepts (Hint: Its Not About Technology) | Ted Demopoulos |
| Aug 12, 2016 | SANS Threat Intelligence Vendor Briefing | Robert M. Lee |
| Aug 11, 2016 | 2016 Threat Landscape Survey Report | Lee Neely, Polomi Batra |
| Aug 10, 2016 | Running a Better Red Team Through Understanding ICS/SCADA Adversary Tactics | Robert M. Lee |
| Aug 10, 2016 | Time is on your side: username harvesting via timing attacks | Eric Conrad |
| Aug 9, 2016 | A Sneak Peek at Pokémon Go Forensic Artifacts | Cindy Murphy |
| Aug 5, 2016 | Designing and Building a SOC: Management Fundamentals | Christopher Crowley |
| Aug 2, 2016 | Demystifying Cyber Attacks on ICS: How They Work and How to Use Engineered and Cyber Layer of Protections | Bryan L. Singer, CISSP, CAP |
| Jul 29, 2016 | Pokémon Go - What To Tell Employees | Lance Spitzner, Jennifer Miller, Thomas McHahon, Jacob Wilson |
| Jul 28, 2016 | Get Ready for NCSAM 2016 | Lance Spitzner, Michael Kaiser |
| Jul 28, 2016 | Illuminate Your Network with Security Analytics | Andrew Wild |
| Jul 26, 2016 | ICS-Houston Security Briefing | |
| Jul 21, 2016 | Health Care Provider Breaches and Risk Management Roadmaps: Part 2 - Health Care Security from the Top Down | Christopher Strand, Barbara Filkins, Ed Cabrera, Sandeep Kumar |
| Jul 20, 2016 | Health Care Provider Breaches and Risk Management Roadmaps: Part 1 - Health Care Security from the Bottom Up | Hugh Njemanze, Barbara Filkins, Mike Goldgof, Ty Powers |
| Jul 19, 2016 | Incident or Breach? | Benjamin Wright, Hal Pomeranz |
| Jul 19, 2016 | Why Layered Security Strategies Do Not Work and What You Can Do About It | Navneet Singh |
| Jul 14, 2016 | Ransomware & Malvertising: Dominating the Threat Landscape | John Pescatore, Dana Torgersen, Adam Kujawa |
| Jul 14, 2016 | Case Study: See How Aruba Networks Uses Bug Bounties to Discover Vulnerabilities, Faster | John Pescatore, Jon Green, Leif Dreizler |
| Jul 13, 2016 | Decision Criteria and Analysis for Hardware-Based Encryption | John Grimm, Eric Cole |
| Jul 12, 2016 | Beyond Infiltration: Conquering all Stages of the Attack Lifecycle | John Pescatore, Lotem Guy |
| Jul 7, 2016 | Taking Control of Your Application Security | Eric Johnson |
| Jul 5, 2016 | Internet of Things (IoT) and Embedded Device Security Research - A Primer | Billy Rios |
| Jun 30, 2016 | What You Need to Know: iOS 10 Security | Joshua Wright |
| Jun 30, 2016 | Going Mobile: Are your apps putting you at risk? | Gregory Leonard |
| Jun 29, 2016 | Where Are We Now?: The SANS 2016 ICS Survey | Arabella Hallawell, Christopher Strand, Jason Trost, Bengt Gregory-Brown, Derek Harp, David Meltzer |
| Jun 29, 2016 | Continuous Opportunity: DevOps & Security | Ben Allen |
| Jun 22, 2016 | The End of IOCs: A Case Study on Resolving Persistent Attacks Using Tactics, Techniques, and Procedures (TTPs) | Dave Shackleford, Israel Barak |
| Jun 21, 2016 | Bridging the Insurance/InfoSec Gap: The SANS 2016 Cyber Insurance Survey | Benjamin Wright, Barbara Filkins, Dave Bradford, Julian Waits |
| Jun 20, 2016 | Malware Analysis and Adversary Infrastructure Mapping: A One-Two Punch | Alissa Torres, Tim Helming |
| Jun 20, 2016 | What we all need to learn from recent ICS incidents | Tim Conway, Mike Assante |
| Jun 15, 2016 | Warning: Email may be Hazardous to your business | John Devenyns |
| Jun 15, 2016 | MobileIron Mobile Security and Risk Review Research Results | David Schwartzberg |
| Jun 14, 2016 | The Case for PIM/PAM in Today's Infosec | Barbara Filkins, Ken Ammon |
| Jun 10, 2016 | How is User Risk Mitigation achieved? Achieving user risk mitigation-stopping the insider threat | Dr. Eric Cole, Daniel Velez |
| Jun 10, 2016 | No Python Allowed: learning a whole new language to sell the Critical Security Controls | Paul Hershberger |
| Jun 9, 2016 | Incident Response Capabilities in 2016 - Part 2: Emerging Trends in Incident Response and Survey Results | Arabella Hallawell, Mark Painter, Rob Lee, Matt Bromiley, Ryan Sommers, Jack Doyle |
| Jun 8, 2016 | Incident Response Capabilities in 2016 - Part 1: The Current Threat Landscape and Survey Results | Ann Sun, Ismael Valenzuela, Rob Lee, Matt Bromiley, Tamar Shafler, Don Shin |
| Jun 7, 2016 | ICS Network Segmentation | Brett Young, Dan Morrow |
| Jun 3, 2016 | (Am)Cache rules everything around me | Eric Zimmerman |
| Jun 2, 2016 | The Remediation Ballet: Performing the Delicate Dance of Cleanup | Matt Linton |
| Jun 2, 2016 | A Blueprint to Secure SAP Applications Using CIS Controls As a Guide | Alex Horan, Barbara Filkins |
| May 31, 2016 | Sneak Peek for the 2016 Security Awareness Summit | Lance Spitzner |
| May 26, 2016 | Effective Monitoring and Defense in Financial Services | David Hoelzer, Lawrence Chin |
| May 26, 2016 | What Works in Threat Prevention: Detecting and Stopping Attacks more Accurately and Quickly with Threatstop | John Pescatore, Kenneth Compres |
| May 25, 2016 | Why So Many Endpoint Attacks Are Still Going Undetected - And What You Can Do About It | John Pescatore, Chris Ahearn, Mark Stacey |
| May 24, 2016 | A New Perspective on Patch Management | John Pescatore, Marcelo Pereira |
| May 24, 2016 | iOS Location Forensics | Sarah Edwards |
| May 20, 2016 | Next Level in Cyber Threat Intelligence Training: New FOR578 | Robert M. Lee |
| May 19, 2016 | How to Negotiate a Cyber Insurance Policy | Benjamin Wright, Amy Elizabeth Stewart |
| May 19, 2016 | systemd and You! | Hal Pomeranz |
| May 18, 2016 | Scapy and Snort, Packet Peanut Butter and Jelly | Mike Poor, Judy Novak |
| May 18, 2016 | Are you serious? Now I have to worry about BYoD and IoT threats? | John Pescatore, Paul Paget, Yolonda Smith |
| May 17, 2016 | 2016 Security Awareness Report (Special APAC Edition) | Lance Spitzner |
| May 17, 2016 | Practical and Open Source Threat Intelligence | James Tarala |
| May 17, 2016 | Windows Exploratory Surgery with Process Hacker | Jason Fossen |
| May 16, 2016 | Shell items, More than Meets the Eye | David Cowen |
| May 13, 2016 | Know Normal, Find Evil: Windows 10 Memory Forensics Overview | Alissa Torres |
| May 12, 2016 | Why Train and Who to Train for Education and Government | Lance Spitzner, Randy Marchany |
| May 11, 2016 | Using the Critical Security Controls to Prevent Ransomware in Healthcare | James Tarala, Matthew Mellen |
| May 11, 2016 | This phish goes to 11, w/ Guest: SNOW [DEF CON 22 Social Engineering CtF - Black Badge Winner] | Stephanie Carruthers |
| May 10, 2016 | Connecting the Dots Between Your Threat Intelligence Tradecraft and Business Operations | John Pescatore, Adam Meyer |
| May 3, 2016 | Learn to Trust Your Insecure ICS Networks | Lisa Lorenzin, David Mattes |
| Apr 28, 2016 | Cracking the Code on SaaS Security & Compliance | Brandon Cook |
| Apr 28, 2016 | Analyzing Analytics: Turning Big Data into Security Intelligence | Tim (TK) Keanani |
| Apr 27, 2016 | How to Produce a World-Class Threat Intelligence Capability From Scratch | John Pescatore, Levi Gundert |
| Apr 27, 2016 | Managing Applications Securely: A SANS Survey | Johannes Ullrich, Tim Jarrett, Amit Ashbel, Ryan O'Leary |
| Apr 27, 2016 | Stopping CEO Fraud | Lance Spitzner, FBI, Special Agent Cyber Crimes Division |
| Apr 26, 2016 | 2016 Security Awareness Report Findings - How STH is Helping You | Lance Spitzner, Dan deBeaubien, Lisa Murray-Johnson, Danielle Ventre-Olson |
| Apr 26, 2016 | Overcome Privilege Management Obstacles with CSC v. 6 | John Pescatore, Jon Wallace |
| Apr 25, 2016 | Are network-centric practices undermining your SOC? | Brandie Anderson |
| Apr 22, 2016 | DNS Evidence: You Dont Know What Youre Missing | Philip Hagen |
| Apr 20, 2016 | Securing the Internet of Old Things (IoOT) | G.W. Ray Davidson, PhD, Dana Torgersen, Jean-Philippe Taggart |
| Apr 20, 2016 | SANS Asia-Pacific Webcast Series- Basic Mobile Application Reverse Engineering and a Free Trip to Vegas | Tim Medin |
| Apr 19, 2016 | Security Leadership: How to Increase the Success of Your Projects | Jeff Frisk |
| Apr 15, 2016 | Open Season on Cyberthreats: Part 2- Threat Hunting Methodologies and Tools | Eric Cole, Tim Helming, Mike Nichols, Ely Kahn |
| Apr 14, 2016 | 2016 Awareness Report - Lessons Learned for Education and State / Local Government | Lance Spitzner, Mark Evans, Ashley Sudderth |
| Apr 14, 2016 | Open Season on Cyberthreats: Part I- Threat Hunting 101 | Eric Cole, Mark Painter, Ryan Cason, Dana Torgersen |
| Apr 13, 2016 | BadLock: What you need to know | Johannes Ullrich, PhD, Chris Wysopal |
| Apr 13, 2016 | HTTP/2 & Websockets Are Gonna Change the Pen Test World. Are You Ready? | Justin Searle, Adrien de Beaupre |
| Apr 12, 2016 | LIVE from THIR Summit in New Orleans: The Most Dangerous Game; Evolving Threat Hunting to Keep Up with Skilled Adversaries | |
| Apr 8, 2016 | To trust or not to trust: The relationship between you & your mobile forensics tool | Heather Mahalik |
| Apr 7, 2016 | Gamification of a Fortune 20 SOC | Marcel Hoffmann, Josh Stevens |
| Mar 31, 2016 | Mapping Attack Infrastructure: Leave Your Foe With Nowhere to Hide | John Pescatore, Stephen Ginty |
| Mar 29, 2016 | Evolving from cyber Gatherers to cyber Hunters - Darwin was wrong about APTs | John Pescatore, Darren Anstee |
| Mar 29, 2016 | 2016 Security Awareness Report Key Findings | Lance Spitzner, Bob Rudis, Lance Hayden |
| Mar 24, 2016 | Expect the Unexpected, Preparing for the Inevitable Cyber Breach | Joseph Muniz |
| Mar 24, 2016 | Mobile Data Loss - Threats & Countermeasures | Michael T. Raggo |
| Mar 24, 2016 | Facilitating Fluffy Forensics 2.0 | Andrew Hay |
| Mar 23, 2016 | What Works: Inspecting Encrypted Traffic with the Blue Coat SSL Visibility Appliance | John Pescatore, Michael Weinstein |
| Mar 22, 2016 | Ensuring Compliance and Detecting Suspicious Activity with Promisec Endpoint Manager | Dave Shackleford, Noel Slane |
| Mar 18, 2016 | SANS 2016 Endpoint Security Survey Part 2: Can We Say Next-Gen Yet? | G.W. Ray Davidson, PhD, Anthony Di Bello, Marty Ward |
| Mar 17, 2016 | SANS 2016 Endpoint Security Survey Part 1: The Evolving Definition of Endpoints | G.W. Ray Davidson, PhD, Dana Torgersen, Lee Wei, Sara Lofgren |
| Mar 16, 2016 | Bring Your Own Collaboration Technical Control Tradeoffs | Scott Gordon, Dave Shackleford |
| Mar 15, 2016 | Benchmarking AppSec: A Metrics Pyramid | Jim Bird, Tim Jarrett |
| Mar 14, 2016 | Analyzing the Ukrainian Power Grid Cyber-Attacks | Jake Williams |
| Mar 10, 2016 | 10 Quick Win, Industry Agnostic SIEM Dashboards | Craig Bowser |
| Mar 10, 2016 | Is Active Breach Detection the Next-Generation Security Technology? | Dave Shackleford, Paul Kraus |
| Mar 9, 2016 | Security Awareness: Understanding and Managing Your Top Seven Human Risks | Lance Spitzner |
| Mar 8, 2016 | A DevSecOps Playbook | Dave Shackleford, Amrit Williams |
| Mar 8, 2016 | Passive DNS Logs: The Pulse of the Network | Philip Hagen |
| Mar 2, 2016 | How To Become A SANS Instructor | Eric Conrad |
| Feb 26, 2016 | SIFT and REMnux: Wonder Twin Powers Activate! | Rob Lee, Lenny Zeltser |
| Feb 26, 2016 | Predicting Future Attacks and Breaches: Analytics in Action | Dave Shackleford, Christopher Smith |
| Feb 26, 2016 | Security Leadership For Everyone: Personal Authority and Beyond | Ted Demopoulos |
| Feb 25, 2016 | SANS VetSuccess Academy sponsored by Solutionary - open now! | Arlin Halstead, Maxwell Shuftan |
| Feb 24, 2016 | Hunting and Farming : Concepts and Strategies to Improve Your Cyber Defenses | Ben Johnson |
| Feb 24, 2016 | Making Risk Assessment Useful | David Hoelzer |
| Feb 23, 2016 | The Effectiveness of Microsoft's EMET | Stephen Sims |
| Feb 23, 2016 | iPhone Forensics - Separating the Facts from Fiction. A Technical Autopsy of the Apple/FBI Debate | Heather Mahalik, Sarah Edwards, Cindy Murphy |
| Feb 19, 2016 | GHOST 2.0: What do you need to know about the glibc getaddrinfo vulnerability | Chris Eng, Johannes Ullrich, PhD |
| Feb 19, 2016 | GHOST 2.0: What do you need to know about the glibc getaddrinfo vulnerability | Chris Eng, Johannes Ullrich, PhD |
| Feb 18, 2016 | Dizzy New World of Cyber Investigations: Law, Ethics and Evidence | Benjamin Wright |
| Feb 18, 2016 | How to bring some Advanced Persistent Trickery to your fight against Advanced Persistent Threats... | Bryce Galbraith |
| Feb 17, 2016 | Case Study: How the City of Lewiston Improved Threat Detection with AlienVault USM | Dave Shackleford |
| Feb 12, 2016 | Implementing a Successful Continuous Monitoring program with Open Source / Free Tools | Ismael Valenzuela |
| Feb 11, 2016 | Getting Started with Web Application Security | Gregory Leonard, Joseph Feiman |
| Feb 9, 2016 | CISO Hot Topic: Communicating to and Influencing CEOs and Boards of Directors: What Works and What to Avoid | Alan Paller, John Pescatore |
| Feb 9, 2016 | Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Devices | Lee Neely, Mic McCully |
| Feb 8, 2016 | Risky Business: Evaluating the True Risk to your Security Program | Johannes Ullrich, PhD, Demetrios Lazarikos (Laz) , Mike Goldgof, Jenna McAuley |
| Feb 5, 2016 | Scaling Big Data Analytics: SANS Review of LogRhythm 7 Analytics and Intelligence Upgrades | Erick Ingleby, Dave Shackleford |
| Feb 4, 2016 | Security Leadership: Strategies for Success | Frank Kim |
| Feb 3, 2016 | SANS 2016 IT Security Spending Strategies Survey | Gary Sockrider, Barbara Filkins, G. Mark Hardy, Simon Gibson |
| Feb 2, 2016 | Threat Hunting | Rob Lee, Robert M. Lee, Luis Maldonado |
| Jan 28, 2016 | Why You Need Application Security | Johannes Ullrich, Joseph Feiman |
| Jan 27, 2016 | The Frankenstein Framework - Assembling the Pieces to Enhance ICS Security Without Creating a Monster | Justin Opatny |
| Jan 21, 2016 | An Analysis of the Sandworm Team in Ukraine | Robert M. Lee |
| Jan 21, 2016 | Security Program Development, Maturity Models and Security Dashboards that help you manage risk | Dean Sapp |
| Jan 19, 2016 | Data-Driven Threat Intelligence: Metrics on Indicator Dissemination and Sharing | Alex Pinto |
| Jan 19, 2016 | How to Leverage The Critical Controls in 2016 | Randy Marchany |
| Jan 18, 2016 | Threat Intelligence Awakens | Rick Holland |
| Jan 14, 2016 | WhatWorks in AppSec: ASP.NET Web API Security | |
| Jan 13, 2016 | From the Front Lines: Practical Application of DNS Threat Intel Data | Robert M. Lee, Tim Helming |
| Jan 12, 2016 | Intelligent Intelligence: Secrets to Threat Intel Success | David Bianco |
| Jan 12, 2016 | Know Before You Go: Key AWS Security Considerations | Dave Shackleford, Matt Keil |
| Jan 12, 2016 | Smartphone Forensics Moves Fast. Stay Current or You May Miss Relevant Evidence! | Heather Mahalik |
| Jan 11, 2016 | What's New for Security in Windows 10 and Server 2016? | Jason Fossen |
| Jan 6, 2016 | Are You Ready for Threat Intelligence? Behind the Scenes with FOR578 | Robert M. Lee, Mike Cloppert |
| Jan 5, 2016 | Deconstructing the Reports of Iranian Activity Against the Power Grid and New York Dam | Robert M. Lee, Mike Assante |
