Agenda | August 25, 2023 | 10:30AM - 1:30PM EDT
Timeline (EDT) | Session Details |
---|---|
10:30 AM | Welcome & Opening RemarksTerrence Williams, Certified Instructor, SANS Institute |
10:45 AM | Unmasking Linux Malware in the Cloud: A Journey from Theory to PracticeJoin us as we address the challenges and opportunities of threat hunting in Linux-based cloud environments. 96.3% of the top one million web servers globally use Linux, which makes Linux malware sandboxing an essential tool for identifying and understanding threats specific to the cloud environment. This helps preemptively hunt potential threats and minimize risks associated with cloud services. This webinar will delve into Linux-specific threats such as IoT botnets, crypto-mining, and ransomware, highlighting how cloud environments alter our perspective of the threat landscape. You'll also gain insights from a typical cloud threat-hunting scenario, where in-depth threat analysis is a crucial capability in the threat hunter's arsenal. The session will conclude with an in-depth look at a Linux malware analysis, providing a clear view for threat hunters in the cloud. Fatih Akar, Security Product Manager, VMRay Ertugrul Kara, Sr. Product Marketing Manager, VMRay |
11:20 AM | The Threat Hunter's Playbook: Mastering Cyber Defense StrategiesGreetings, Cyber Defenders and Security Champions! Are you prepared to defend your cyber turf against the threats lurking in every corner? In this session, our threat researchers will explore the world of weaponized cloud automation and other cunning tactics used by attackers. Learn how automation empowers attackers in lightning-fast cyber-attacks and discover the importance of reconnaissance alerts as your first line of defense. Unveil the secrets of cloud complexity and intercept hacker strategies with an aggressive defense. Equip yourself with Threat Hunter skills, navigate the cloud-native landscape, and bolster your organization's cyber defense. Ready to level up your cyber defense game? Don't miss this opportunity to stay one step ahead of the ever-evolving threat landscape. Remember, the Threat Hunter's Playbook awaits you! Michael Clark, Director of Threat Research, Sysdig Crystal Morin, Cybersecurity Strategist, Sysdig |
11:55 AM | Break |
12:05 PM | Demystifying Cloud Forensics: Investigating Virtual Machines, Containers, and Serverless ResourcesCloud computing has become increasingly popular in recent years, and with it, the need for cloud forensics. But what is cloud forensics? There is a widely perceived perception that it's just log analysis - the cloud sure does have a lot of logs! While logs are important, they aren't everything when it comes to performing forensics in the cloud. Further, there are key differences to consider when responding in cloud, container, and serverless environments versus on premises. In this session, Chris Doman, CTO & Co-Founder of Cado Security will dig into the ins and outs of cloud forensics and how security teams can leverage the scale and speed of the cloud to expedite incident response without compromising on critical context. Chris Doman, CTO & Co-Founder, Cado Security |
12:40 PM | Panel: Navigating Cloud Complexity: Modern Threat Hunting in AWS, Azure, and Google CloudThe ever-evolving landscapes of AWS, Azure, and Google Cloud continually redefine the challenges faced by threat hunters. With rapid service introductions and deprecations, along with varied logging levels under the Shared Responsibility Model, the journey of a threat hunter is intricate and demanding. This panel delves into these complexities, exploring critical decisions on data ingestion across multi-cloud environments, especially for businesses that aren't cloud-native. With adversaries constantly lurking, how do you strike a balance between automating mundane tasks and focusing on sophisticated threats? Uncover the vital log sources across different providers and the building blocks to craft an effective multi-cloud threat hunting program. Moderator: Terrence Williams, Certified Instructor, SANS Institute Panelist: Michael Clark, Director of Threat Research, Sysdig Kenneth Westin, Field CISO, Panther Chris Doman, CTO & Co-Founder, Cado Security |
1:25 PM | Wrap-UpTerrence Williams, Certified Instructor, SANS Institute |