Using an Attacker Technique-Based Approach for Prevention
- Wednesday, August 24th, 2016 at 1:00 PM EDT (17:00:00 UTC)
- Dave Shackleford and Mike Nichols
You can now attend the webcast using your mobile device!
Although quick detection and remediation is vital to mitigating security breaches, let's not give up on prevention! In this webcast, SANS senior instructor Dave Shackleford will discuss how threat intelligence can be used to help prevent incidents and unknown attacks.
For example, focusing on the attacker techniques can be used to block entire classes of exploits, adversary behaviors and classes of malware from executing anything malicious on the network.
Attend this webcast and learn:
- What to look for in specific phases of attack campaigns
- How to recognize and reuse malware and exploit indicators, such as credential theft, process injection, and persistence
- How threat hunting changes the protect/detect/response scenario
- Processes for automating intelligence feeds into detection and response systems
Those who register for this webcast will also receive advance access to an associated whitepaper developed by Dave Shackleford.
View the associated whitepaper here.
Dave Shackleford, a SANS analyst, instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.
Mike Nichols is the Principal Product Manager at Endgame, managing the Endgame cyber operations platform. Mike leverages years of commercial and federal product development experience, as well his time as an Army cyber intelligence analyst, to ensure the product not only has a superior workflow to existing methods but also optimizes the analyst's time. He divides his time between internal engagement with engineering and customer support, and external engagement with existing customers and new sales prospects in order to best understand the needs of the customer and ensure proper translation to mission enabling features. Prior to working at Endgame, Mike served in a variety of technical leadership roles at Fortscale, General Dynamics Fidelis Cybersecurity Solutions, and Deloitte. Mike served in the US Army as military intelligence specialist, supporting Operation Iraqi Freedom and Operation Enduring Freedom.