One More Day for OnDemand Cybersecurity Training Special Offer - Your Choice, Learn More


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Think Like an Attacker: What You Must Know About Targeted Attack Techniques

  • Tuesday, November 17, 2015 at 3:00 PM EST (2015-11-17 20:00:00 UTC)
  • John Pescatore


  • LightCyber

You can now attend the webcast using your mobile device!



It's clear that even the best-protected network will be compromised, leading security professionals to focus more attention on how to find an attacker once they have broken through their defenses. It's also clear that these attackers can generally go about their business while being completely invisible to your security or IT team. This webinar will reveal many of the operational techniques of a hidden attacker to which most companies are blind. John Pescatore, director of SANS Institute, will describe the move from a prevention-only strategy to one with detection based on behavioral profiling from both network and endpoint visibility. The webinar includes a live demonstration of a new Cyber Attack Training System (CATS), including a simulated external attack. We will also unveil the results of the Hacker Simulation Challenge, where participants used the CATS environment to break into a network to locate and exfiltrate a target data set.

Attend the webinar and learn practical insight and detail on:

  • How intruders move from a single compromised host or account to multiple points of control and full access to data and other resources completely undetected
  • How attackers can be pinpointed through their operational activities
  • How to detect only malicious anomalies
  • How to spot risky or improper internal behavior or the workings of a malicious insider

Speaker Bio

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013, bringing with him over 35 years of experience in computer, network and information security. Prior to SANS, he was Gartner's lead security analyst for more than 13 years, working with Global 5000 corporations, government agencies and major technology and service providers. In 2008, John was named one of the top 15 most influential people in security and has frequently testified before Congress on issues relating to cybersecurity.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.