Cybersecurity training without home or office distractions: 11 courses | San Francisco | Dec 2-7


To attend this webcast, login to your SANS Account or create your Account.

Preventing Persistent Attacks With Linux Micro Virtualization

  • Thursday, November 9th, 2017 at 1:00 PM EDT (18:00:00 UTC)
  • John Pescatore and Tom Gillis
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • Immutable Systems

You can now attend the webcast using your mobile device!


Online threats have evolved. In the early days hackers were just a nuisance. Today online breaches cost companies Billions of dollars, permanent damage to their reputation and even impact national security. Most of the recent high profile breaches in the news such as HBO and Equifax have one thing in common: persistence.

Join John Pescatore of Sans Institute and Tom Gillis, CEO at Bracket Computing for an interactive discussion about the reasons behind the meteoric rise in Linux malware attacks. You will also hear how micro virtualization for Linux servers stop persistent malware from carrying out malicious attacks once a host has been compromised.

During this webcast you will learn:

  • Why signature based solutions aren't enough
  • Remediation strategies for each of the stages of the attack chain after the compromise
  • How to stop in-memory privilege escalation, rootkits and file-level persistence

Speaker Bios

John Pescatore

John Pescatore joined SANS as director of emerging security trends in January 2013 after more than 13 years as lead security analyst for Gartner, running consulting groups at Trusted Information Systems and Entrust, 11 years with GTE, and service with both the National Security Agency, where he designed secure voice systems, and the U.S. Secret Service, where he developed secure communications and surveillance systems and "the occasional ballistic armor installation." John has testified before Congress about cybersecurity, was named one of the 15 most-influential people in security in 2008 and is an NSA-certified cryptologic engineer.

Tom Gillis

Tom Gillis co-founded Bracket Computing with the goal of delivering enterprise computing driven by business needs, not hardware limitations. Prior to Bracket, Tom was VP/GM of Cisco's Security Technology Group, leading business units responsible for Cisco's entire Network and Content Security product portfolio.

Prior to Cisco, Tom was VP Marketing and part of the founding team at IronPort Systems, acquired by Cisco in 2007 for $830M. Previously, he was VP/GM of Media at IBEAM Broadcasting, which went public on NASDAQ in 2000. He has held leadership roles at Silicon Graphics, the Boston Consulting Group, and Raytheon Corporation. Tom holds a BSEE from Tufts, an MSEE from Northwestern, and an MBA from Harvard. His Forbes blog is widely followed by CIOs and global IT professionals.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.