Finding Advanced Threats Before They Strike: Advanced Threat Protection and Containment
- Tuesday, March 18th, 2014 at 1:00 PM EDT (17:00:00 UTC)
- Jerry Shenk and Stephen Newman
You can now attend the webcast using your mobile device!
APTs and related malware present some of security's biggest challenges. Enterprises should do everything possible to prevent infections; but, the reality is advanced threats will get through. Once the network becomes infected, it becomes a resource-intensive race to uncover the infection and mitigate the damage.
This webcast, based on a new SANS product review, will examine Damballa's approach to automating breach defense to hasten mitigation. Damballa Failsafe actively examines network traffic in real-time and documents historical behavior. Using multiple detection and risk profilers, Failsafe collects and analyzes evidence and presents precise information about infected devices. Responders can quickly prioritize their response to high-risk devices and block others until they can get to them.
In the webcast, SANS Analyst Jerry Shenk reviews how Damballa Failsafe can be the last line of defense to alert you when devices have been compromised and can provide a forensic trail to show when the attack happened; what evidence there is that the attack was successful; and often, where the attack came from.
Click here to view the associated whitepaper.
Jerry Shenk currently serves as a senior analyst for the SANS Institute and is senior security analyst for Windstream Communications, working out of the company's Ephrata, Pa., location. Since 1984, he has consulted with companies and financial and educational institutions on issues of network design, security, forensic analysis and penetration testing. His experience spans networks of all sizes, from small home-office systems to global networks. Along with some vendor-specific certifications, Jerry holds six Global Information Assurance Certifications (GIACs), all completed with honors: GIAC-Certified Intrusion Analyst (GCIA), GIAC- Certified Incident Handler (GCIH), GIAC-Certified Firewall Analyst (GCFW), GIAC Systems and Network Auditor (GSNA), GIAC Penetration Tester (GPEN) and GIAC-Certified Forensic Analyst (GCFA). Five of his certifications are Gold certifications. He also holds the CISSP certification.
Stephen Newman brings over 17 years of product management leadership to Damballa. He has designed products and product strategies for leading, innovative technologies throughout his career. Since joining Damballa in 2009, his team has successfully built upon the company's 16 patented/patent-pending innovations to create advanced threat detection solutions that harness big data science. Specific contributions include the creation of contextual-based detection engines; the Case Analyzer, an intelligence platform that makes automatic decisions about the status of infected devices; and Risk Profilers, which prioritize compromised assets so incident responders can take immediate action on incidents. Today, Damballa's enterprise and ISP solutions are the industry's most mature and sophisticated, protecting more than half a billion devices globally.
Prior to joining Damballa, Stephen developed a range of security products for companies like EarthLink, MegaPath, Secure Computing, and McAfee. Stephen is a frequent speaker at industry conferences and unique user groups, including the Federal Reserve Bank and the US Embassy in Canada. His passion is to jointly whiteboard with prospects and customers to attack challenges and find solutions. Stephen holds a Master's Degree in Electrical Engineering from Georgia Tech and a Bachelor's Degree in Electrical Engineering from Johns Hopkins University.