Tracking and Observation-How-To and What To Watch For
- Wednesday, July 29th, 2015 at 1:00 PM EDT (17:00:00 UTC)
- J. Michael Butler, Jason Trost, and special moderator Stephen Northcutt
You can now attend the webcast using your mobile device!
In a landscape where attackers roam corporate networks seemingly at will, are the existing ways of monitoring adversaries enough? Enhancing internal visibility through the use of honeynets and technologies such as targeted web crawling can make a difference in organizational readiness and response. This webcast discusses the various paradigms of tracking and observation, how methods in use reflect these paradigms, and ways organizations can avoid ethical and legal pitfalls.
Sign up for this webcast and be among the first to receive an advance copy of a SANS whitepaper discussing tracking and observation.
Please send questions about this webcast to email@example.com.
View the associated whitepaper here.
J. Michael Butler
J. Michael Butler is an information security consultant with a leading provider of technical services for the mortgage industry. Butler's responsibilities have included computer forensics, information security policies (aligned to ISO and addressing federal and state disclosure laws), enterprise security incident management planning, internal auditing of information systems and infrastructure, service delivery and distributed systems support. He has also been involved in authoring SANS security training courseware, position papers, articles and blogs.
Jason Trost, vice president of Threat Research at Anomali, has worked in security for more than 10 years, including several years of experience leveraging big data technologies for security data mining and analytics. Jason is currently focused on building highly scalable systems for processing, analyzing and visualizing high-speed network/security events in real time, as well as systems for analyzing massive amounts of malware. He is a regular attendee at big data and security conferences and has spoken at Blackhat, BSidesSF, BSidesLV, FloCon, and Hadoop Summit. Jason has contributed to several security- and big-data–related open source projects.
Stephen Northcutt founded the GIAC certification and is the former president of the SANS Technology Institute, a postgraduate college focusing on IT security. He is the author or co-author of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security (2nd edition), IT Ethics Handbook, SANS Security Essentials, SANS Security Leadership Essentials and Network Intrusion Detection (3rd edition). He was the original author of the Shadow intrusion detection system before accepting the position of chief for information warfare at the Ballistic Missile Defense Organization. Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crew member, whitewater raft guide, chef, martial arts instructor, cartographer and network designer.