Get an iPad Air w/ Smart Keyboard, Pixel 4a Smartphone, or Take $350 Off with Online Training! Offer Ends Soon!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Detecting the Deceivers through Deception

  • Wednesday, April 08, 2020 at 1:00 PM EDT (2020-04-08 17:00:00 UTC)
  • Tony Cole, Kevin Fiscus


  • Attivo Networks

You can now attend the webcast using your mobile device!



Almost every cyber-attack uses some form of deception to deceive your users. Whether it's spearphishing, a waterhole attack, or most others, attackers typically use a ruse to convince someone to click a link or open an attachment. It's high time we use those same tactics on the adversary when they visit our enterprise. Enterprise deception provides a fabric of fast high-fidelity detection across an enterprise. Now through cutting-edge new capabilities far beyond traditional honeypots deception can sow false information back to our attacking foe. Suddenly their advantage is gone when they can't trust the data they're trying to collect in your environment. In this webinar well discuss where deception is today, and why its having a major impact in the defensive fight for companies large and small with mature security capabilities or those just starting to focus on the threat. Please Kevin Fiscus from SANS Institute, and Tony Cole CTO at Attivo Networks.

Speaker Bios

Tony Cole

Tony Cole is the CTO at Attivo Networks, the leader in the Cyber Deception space working to deceive, detect, and defend enterprises from cyber-attacks.

Prior to joining Attivo Networks, Mr. Cole held executive positions at FireEye, McAfee and Symantec. He’s retired from the U.S. Army, where he worked in intelligence, communications, cryptography, around the world including building out the Network Security Services at the Pentagon.

He previously advised Wall Street on security technology and was on the advisory board for Secure Elements prior to its sale to Fortinet. Mr. Cole has served on the US President’s National Security Telecommunications Advisory Committee’s IoT security subcommittee. He also served on the Federal Communications Commission’s (FCC) Communications Security, Reliability and Interoperability Council (CSRIC-V). Mr. Cole served previously on the Board of Directors for Silent Circle, and today serves on Bayshore Networks Advisory Board. In 2017, he was elected by (ISC)˛ constituents to serve on their Board of Directors and was also appointed by the NASA Administrator to the NASA Advisory Council (NAC). He is a former president of the Information Systems Security Association -District of Columbia.

Mr. Cole speaks at security conferences across the globe such as the G20, RSA Conference, World Economic Forum, Munich Security Conference, CyberTech, and has been a contributing author to the SANS Institutes’ publications and classes. He’s been featured online and on TV and radio, such as CNN, BBC, Politico, the Hill, Washington Business Journal, ABC, USA Today, and the Washington Times.

Kevin Fiscus

Kevin Fiscus, a principal instructor for the SANS Institute, regularly teaches SANS SEC504 Hacker Tools, Techniques, Exploits and Incident Handling and SEC560 Network Penetration Testing and Ethical Hacking and is the author of an upcoming class on cyber deception. Kevin has founded two consultancies through which he conducts security and risk assessments, compliance gap analysis, penetration testing, security policy development, security program design, and security roadmap development, including planning and implementing cyber deception as part of a larger security program, for client organizations. Kevin currently holds multiple SANS certifications, including the prestigious GIAC Security Expert, and was named a SANS Cyber Guardian for both red and blue teams.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.