Stay ahead of cyber threats with immersion-style training in Reston, VA! Save $150 thru 1/29.


To attend this webcast, login to your SANS Account or create your Account.

Hacked, or Human Error in Fifteen Minutes or Less

  • Tuesday, October 6th, 2015 at 3:00 PM EDT (19:00:00 UTC)
  • Stephen Northcutt and Chris Crowley
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!


United Airlines, The New York Stock Exchange, The Wall Street Journal all had significant outages within a few hours of each other. What happened? How did they find out? What do you tell the public? This webcast covers a well-researched, cutting edge methodology for managing the response to a similar incident and quickly determine root cause. The core concept is using pre-developed checklists that have markers for what you would expect to find if it was an internal human factors error or if it was malicious. We know your time is valuable, this will be a short webcast, 15 minutes with 5 minutes allotted for questions. The slides and scenario will be available for download.

Additional Resources:

Speaker Bios

Stephen Northcutt

Stephen Northcutt founded the GIAC certification and is the former president of the SANS Technology Institute, a postgraduate college focusing on IT security. He is the author or co-author of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security (2nd edition), IT Ethics Handbook, SANS Security Essentials, SANS Security Leadership Essentials and Network Intrusion Detection (3rd edition). He was the original author of the Shadow intrusion detection system before accepting the position of chief for information warfare at the Ballistic Missile Defense Organization. Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crew member, whitewater raft guide, chef, martial arts instructor, cartographer and network designer.

Chris Crowley

Mr. Crowley has 15 years of industry experience managing and securing networks. He currently works as an independent consultant in the Washington, DC area. His work experience includes penetration testing, computer network defense, incident response, and forensic analysis.

Mr. Crowley is the course author for SANS Management 535 - Incident Response Team Management and holds the GSEC, GCIA, GCIH (gold), GCFA, GPEN, GREM, GMOB, and CISSP certifications. His teaching experience includes SEC401, SEC503, SEC504, SEC560, SEC575, SEC580, FOR585, and MGT535; Apache web server administration and configuration; and shell programming. He was awarded the SANS 2009 Local Mentor of the year award. "The Mentor of the Year Award is given to SANS Mentors who excel in leading SANS Mentor Training classes in their local communities."

"Chris really knew his stuff and presented ideas that made me change my mind on some policies and configs we employ ." - William Jeskey, Tarrant County College
"Chris was one of the best instructors I have ever had in any training environment in almost 24 years of service." - Anonymous

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.