Ending Soon! Get an iPad Air with Smart Keyboard, Surface Go, or $300 Off thru Dec 11 with OnDemand or vLive Training!


To attend this webcast, login to your SANS Account or create your Account.

You Canít Respond If You Canít See: Building Sophisticated Detection Mechanisms Leveraging Patterns of Compromise

  • Thursday, August 20th, 2015 at 3:00 PM EDT (19:00:00 UTC)
  • Dave Shackleford
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • Carbon Black

You can now attend the webcast using your mobile device!


In the last several years, information security forensics and incident response teams have been fighting a losing battle. The attacks are coming more frequently, they're getting more sophisticated, and we always seem to be a step behind our adversaries. Despite this, we're learning some lessons along the way. The use of specific indicators of compromise (IOCs) to look for intrusion evidence has helped us, and we're getting better all the time. Unfortunately, we're not getting better fast enough, and we need to adopt some new approaches in order to be more effective at combating the advanced attacks we're seeing today. In this webcast, Dave Shackleford, senior SANS instructor and founder and principal consultant of Voodoo Security, will discuss the following:

  • How indicators of compromise (IOCs) are proving useful in helping defenders discover and respond to advanced attacks
  • Why we need to build on IOCs with the concept of "patterns of compromise" to develop more effective defense tactics
  • How information sharing and threat intelligence will enable information security teams to detect and respond faster and more effectively than ever

Speaker Bio

Dave Shackleford

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, possessing extensive experience designing and configuring secure infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies. Dave is the author of the Sybex book Virtualization Security, the coauthor of Hands-On Information Security from Course Technology, and currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.