4 Months Access with OnDemand Content + Special Offers Available Now: iPad mini, Surface Go 2, or $300 Off


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Beyond Infiltration: Conquering all Stages of the Attack Lifecycle

  • Tuesday, July 12, 2016 at 1:00 PM EDT (2016-07-12 17:00:00 UTC)
  • Lotem Guy , John Pescatore


  • Cybereason

You can now attend the webcast using your mobile device!



While breaches make the news regularly, there are many enterprises who don't show up on the front page having to notify all of their customers that their information has been exposed. The successful security programs behind those companies keeping their customers safe don't always spend more on security but they invariably have learned to balance their security resources across prevent more, detect faster, mitigate more accurately, and minimize damage.

Attackers will always find a way through defenses. While their initial network penetration takes a few minutes and is hard to detect, the attackers' have to perform a series of actions once they are inside the network, offering a window of opportunity for detection early in the attack life-cycle - giving enterprise defenders a chance to quickly act to forestall or minimize business impact. Doing this effectively takes a mix of mature security processes, analyst skill and "force multiplier" tools.

In our upcoming webinar, SANS Director, John Pescatore and Head of Cybereason Labs, Lotem Guy, will discuss the attack lifecycle post-penetration and will offer an approach for successful detection.

Join us to learn:
  • Avoiding pitfalls that cause detection of network infiltration to fail
  • The stages of an attack lifecycle
  • An effective approach for accurate detection throughout the attack lifecycle

Speaker Bios

Lotem Guy

Lotem Guy leads Cybereason's research and development team in Tel Aviv. He has more than 15 years of experience in software development and information security. Prior to joining Cybereason, Lotem worked at IBM where he was a security researcher.

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.