SANS Threat Hunting and Incident Response Summit 2017
2017-04-18 - 2017-04-25
Event contact title
Event contact first name
Event contact last name
Event contact telephone number
+65 69 339 540
Save 400 USD when purchasing the Summit & a 4-6 day SANS course. Discount automatically applied at registration. Or Save 400 USD off any 4-6 day course or save up to 200 USD off the Summit. Enter code "EarlyBird17" & pay by February 22 (offers cannot be combined)
The Threat Hunting & Incident Response Summit will focus on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting your networks. SANS and our Founding Partner Carbon Black are pleased to invite you to the Summit where you will have the opportunity to directly learn from and collaborate with incident response and detection experts who are uncovering and stopping the most recent, sophisticated, and dangerous attacks against organizations. Chances are very high that hidden threats already exist inside your organization's networks. Organizations can't afford to assume that their security measures are impenetrable, no matter how thorough their security precautions might be. Prevention systems alone are insufficient to counter focused human adversaries who know how to get around most security and monitoring tools. The key is to constantly look for attacks that get past security systems, and to catch intrusions in progress rather than after attackers have attained their objectives and done worse damage to the organization. For the incident responder, this process is known as "threat hunting." Threat hunting uses known adversary behaviors to proactively examine the network and endpoints and identify new data breaches. The Summit will explore the following: The effectiveness of threat hunting in reducing the dwell time of adversaries Threat hunting - Buzzword or Actionable Strategy? Automated threat hunting: Fact or fiction Threat hunting tools, tactics, and techniques that can be used to improve the defense of your organization Case studies on the application of threat hunting to security operations Innovative threat hunting tactics and techniques New tools that can help threat hunting for both endpoints and networks Perspectives and case studies that challenge threat hunting assumptions and can result in a shift in understanding In addition to two days of in-depth threat hunting discussions, you'll have the opportunity to network with fellow attendees at breaks and social events. Attendees tell us time and again that one of the greatest takeaways from these events is the many industry connections they forge or deepen during their time with us. Last year's networking event was held at the House of Blues, where attendees enjoyed food, drinks, and live music performed by a New Orleans Jazz band!
Who Should Attend: Threat Hunters who are seeking to understand threats more fully and how to learn from them in order to more effectively hunt threats and counter the tradecraft of adversaries. Incident Response Team Members who regularly respond to complex security incidents and intrusions by advanced persistent threat (APT) adversaries and need to know how to detect, investigate, remediate, and recover from compromised systems across an enterprise. Security Operations Center Personnel and Information Security Practitioners who support hunting operations that aim to identify attackers in their network environments. Digital Forensic Analysts who want to consolidate and expand their understanding of filesystem forensics, investigations of technically advanced adversaries, incident response tactics, and advanced intrusion investigations. System Administrators who are on the front lines defending their systems and responding to attacks Federal Agents and Law Enforcement Officials who want to master advanced intrusion investigations and incident response, as well as expand their investigative skills beyond traditional host-based digital forensics.