Top Cybersecurity Training Protects Your Assets - Learn From the BEST and Apply New Knowledge Immediately!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Prevent-DETECT-Response - How to Win at Security Part 2 - Timely Detection Tips and Tricks from SEC401

  • Thursday, October 26, 2017 at 3:30 PM EDT (2017-10-26 19:30:00 UTC)
  • Eric Cole

You can now attend the webcast using your mobile device!



Organizations often spend a lot of money on security but still fail to properly detect attacks. The reason is organizations often focus on doing good things but not focused on the right things that really matter. The newly updated and rewritten Security Essentials: SEC 401, shows you how to win by having a proper approach to Detection. With advanced threats, no organization will be able to prevent all attacks, therefore detection is critical but often not implemented correctly by organizations. The old problem was that organizations were not performing proper monitoring and not having the visibility needed to do timely detection. While this is still true in some cases, most organizations have gone to the other extreme, where they are generating way to much information and the critical alerts get buried in the noise. In some large scale breaches, organizations security devices properly detected the attacks, but the analysts failed to respond and take action. For detection to be successful, any detective device must have 24/7 monitoring and timely response. Without these two key elements, detection has minimal value. Learn from cyber security expert and SEC401 course author, Dr. Eric Cole, on how to design, implement, verify and validate a proper approach to detection. Learn how to use metrics to proper measure, assess and improve your overall defensive approach to security. No matter your experience or background, this webcast will not only show you how to properly perform detection, but also how SEC401 can help improve your skills and take your career to the next level. In this webcast you will learn:

  • How to proper design and implement effective defensive measures
  • Balancing false positive and false negatives
  • The key metrics for implementing effective defensive solutions
  • Removing the noise to focus in on what really matters

Speaker Bio

Eric Cole

Eric Cole, PhD, is a SANS faculty fellow, course author and instructor who has served as CTO of McAfee and chief scientist at Lockheed Martin. He is credited on more than 20 patents, sits on several executive advisory boards and is a member of the Center for Strategic and International Studies' Commission on Cybersecurity for the 44th Presidency. Eric's books include Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible and Insider Threat. As founder of Secure Anchor Consulting, Eric puts his 20-plus years of hands-on security experience to work helping customers build dynamic defenses against advanced threats.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.