Last Day to Save $400 on 4-6 Day Courses at SANS Cyber Defense Initiative 2017!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

SANS Asia-Pacific Webcast Series- Standard Logs Made into Actionable Detects

  • Wednesday, October 4, 2017 - 9:00 am Singapore / 12:00 pm Sydney (1:00am Wednesday, October 4 UTC)
  • Tim Garcia and Justin Henderson
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

Security vendors are constantly finding new ways to catch evil. The problem is there is too much reliance on security products. Some of the most effective detects today use standard logs you already have. This webcast will show you high fidelity methods of catching evil while minimizing the number of logs necessary to collect.

This includes techniques to collect chatty logs such as DNS as well as logs you may feel are too high volume to collect such as desktop logs. The focus will be on detection techniques that are easy to setup and have low false positives.

Note: This webcast is free of charge however a SANS portal account is required

Speaker Bios

Tim Garcia

Timothy Garcia is a seasoned security professional who loves the challenge and continuously changing landscape of defense. Tim started his career as an engineer in IT and after working on a few security incidents related to Code Red and Nimda; he realized he had found his calling. Tim currently works as an Information Security Engineer for a Fortune 100 financial institution where he provides security consulting to project teams to ensure security of IT operations and compliance with policies and regulations. Tim also leads the team that is tasked with Firewall review, SIEM management and privileged access monitoring and policy compliance. Tim has worked as a Systems Engineer and DBA and has expertise in systems engineering, project management and information security principles and procedures/compliance. Tim previously worked for Intel and served in the United States Navy. Tim also works with the OnDemand team as an SME, is a mentor for the Vet Success program and provides consulting and content review for the Securing the Human project within SANS. Tim is a contributor to the Arizona Cyber Warfare Range and works with the local security community giving monthly talks, when not teaching for SANS, on information security tools and techniques.

Tim is as passionate about teaching security as he is performing it and receives the greatest joy when he sees the look in a student's eye when something they never quite understood finally makes sense.

Tim holds the CISSP, GSEC, GSLC, GISF, GMON, GAWN, GCCC, and GCED as well as the NSA-IAM certifications. He has extensive knowledge of security procedures and legislation such as Sarbanes-Oxley, GLBA, CobiT, COSO, and ISO 1779.


Justin Henderson

Justin is a passionate security architect and researcher with over decade of experience working in the Healthcare industry as well as consulting. He has had multiple opportunities to work on government contracts specializing in network monitoring systems and intrusion analysis. Justin was the 13th GSE to become both a red and blue SANS Cyber Guardian and holds over around 60 industry certifications.

Justin is a SANS instructor and the author of SEC555, the industry's first vendor neutral SIEM analytics course.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.