Last Day to Save $400 on SANS Minneapolis 2017

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Securing SSH Itself with the Critical Security Controls

  • Wednesday, November 18th, 2015 at 1:00 PM EST (18:00:00 UTC)
  • Barb Filkins, Gavin Hill and Dave Hoelzer (Moderator)
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • Venafi, Inc

You can now attend the webcast using your mobile device!

Overview

SSH is a de facto standard in securing communications through an encrypted link and elevating privileges, but what happens when SSH is itself not properly secured? What vulnerabilities are inherent in the protocol and how do organizations remediate them? Does the protection of the keys used by SSH affect the trust placed in this protocol? Despite the importance of SSH, organizations often neglect to pay attention to best practices related to configuration, especially in the area of adequate controls over SSH keys and key associations. One way to address this is through the Critical Security Controls.

Sign up for this webcast and be among the first to receive an advance copy of a SANS whitepaper discussing the vulnerabilities of SSH and how the Critical Security Controls provide a roadmap to remediating those flaws.

Please send questions about this webcast to q@sans.org.

View the associated whitepaper here.

Speaker Bios

Barbara Filkins

Barbara Filkins, a senior SANS analyst who holds the CISSP and SANS GSEC (Gold), GCIH (Gold), GSLC (Gold), GCCC (Gold), GCPM (Silver) and GLEG (Gold) certifications, has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. She is deeply involved with HIPAA security issues in the health and human services industry, with clients ranging from federal agencies (Department of Defense and Department of Veterans Affairs) to municipalities and commercial businesses. Barbara focuses on issues related to automation--privacy, identity theft and exposure to fraud, as well as the legal aspects of enforcing information security in today's mobile and cloud environments.


Gavin Hill

With over a 15 years of experience in product development and product marketing in the cyber security space, Gavin Hill has been responsible for helping enterprises identify where they are at risk and leading the strategy for products that mitigate the risks related to evolving cyber threats. At Venafi he is responsible for the threat intelligence, focusing on Next-Generation Trust Protection and product marketing.


David Hoelzer

David Hoelzer is a SANS fellow instructor, courseware author and dean of faculty for the SANS Technology Institute. In addition to bringing the GIAC Security Expert certification to life, he has held practically every IT and security role during his career. David is a research fellow in the Center for Cybermedia Research, the Identity Theft and Financial Fraud Research Operations Center (ITFF/ROC), and the Internet Forensics Lab. Currently, David serves as the principal examiner and director of research for a New York/Las Vegas-based incident response and forensics company and is the chief information security officer for an open source security software solution provider.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.