SANSFIRE is right around the corner June 13-20 - Live Online, Register today!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right.Once you register, you can download the presentaion slides below.

High Fidelity Alerts: Alert vs Anomaly A sibling rivalry

  • Tuesday, July 24, 2018 at 10:30 AM EDT (2018-07-24 14:30:00 UTC)
  • Justin Henderson, Tim Garcia

You can now attend the webcast using your mobile device!

  

Overview

Alerts and anomalies may be related, but they are not the same. Alerts identify unauthorized activity. Anomalies identify something outside normal. Both are helpful when used together properly. Failure to use each properly leads to vast amounts of time and money poured down the drain. This webcast focuses on identifying the differences between alerts and anomalies and how one properly uses them.

Speaker Bios

Justin Henderson

Justin is a passionate security architect and researcher with over decade of experience working in the Healthcare industry as well as consulting. He has had multiple opportunities to work on government contracts specializing in network monitoring systems and intrusion analysis. Justin was the 13th GSE to become both a red and blue SANS Cyber Guardian and holds over around 60 industry certifications.

Justin is a SANS instructor and the author of SEC555, the industry's first vendor neutral SIEM analytics course.


Tim Garcia

Timothy Garcia is a seasoned security professional who loves the challenge and continuously changing landscape of defense. Tim started his career as an engineer in IT and after working on a few security incidents related to Code Red and Nimda; he realized he had found his calling. Tim currently works as an Information Security Engineer for a Fortune 100 financial institution where he provides security consulting to project teams to ensure security of IT operations and compliance with policies and regulations. Tim also leads the team that is tasked with Firewall review, SIEM management and privileged access monitoring and policy compliance. Tim has worked as a Systems Engineer and DBA and has expertise in systems engineering, project management and information security principles and procedures/compliance. Tim previously worked for Intel and served in the United States Navy. Tim also works with the OnDemand team as an SME, is a mentor for the Vet Success program and provides consulting and content review for the Securing the Human project within SANS. Tim is a contributor to the Arizona Cyber Warfare Range and works with the local security community giving monthly talks, when not teaching for SANS, on information security tools and techniques.

Tim is as passionate about teaching security as he is performing it and receives the greatest joy when he sees the look in a student's eye when something they never quite understood finally makes sense.

Tim holds the CISSP, GSEC, GSLC, GISF, GMON, GAWN, GCCC, and GCED as well as the NSA-IAM certifications. He has extensive knowledge of security procedures and legislation such as Sarbanes-Oxley, GLBA, CobiT, COSO, and ISO 1779.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.