[oagitm] FREE SANS Webcasts in October (National Cyber Security Awareness Month!) and Nov. & Dec.
- From: "MASSE Theresa A * CIO" <theresa.a.masse@xxxxxxxxxxx>
- To: "oagitm@xxxxxxxxxxxxx" <oagitm@xxxxxxxxxxxxx>
- Date: Mon, 24 Sep 2012 15:58:54 +0000
OAGITM Members:
Following is a list of 22 free SANS webcasts throughout October -- National
Cyber Security Awareness Month! -- and November & December. Please mark your
calendars and share this info with appropriate folks in your organization.
Regards,
Theresa A. Masse
Chief Information Security Officer
State of Oregon
Department of Administrative Services
Enterprise Security Office
503-378-4896
Data Classification 2 - Limited
Confidentiality Notice: This message, including any attachments or links, may
contain privileged, confidential and/or legally protected information. Any
distribution or use of this communication by anyone other than the
intended recipient(s) is strictly prohibited. If you have received this
communication in error, please notify the sender immediately by replying to
this message and then delete all copies of the original communication,
including any attachments and/or links.
Upcoming SANS Webcasts:
WEBCAST 1
Special Webcast: Finding Unknown Malware
WHEN: Monday, September 24, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Alissa Torres
https://www.sans.org/webcasts/finding-unknown-malware-95614
If you have ever been given the mission to "Find Evil" on a compromised system,
you understand the enormity of that tasking. In this one-hour webcast, we will
make use of sound methodology for identifying malware, using strategies based
on "Knowing Normal", "Data Reduction" and "Least Frequency of Occurrence" in
order to identify malicious software and common methods of persistence. The
skills and tools presented here will aid in efficient identification of
anomalous files in order to narrow further analysis and facilitate the creation
of indicators of compromise, used in enterprise-wide scanning.
WEBCAST 2
SANS Asia-Pacific Series: How Attackers Exploit Modern, Secure Wireless Networks
WHEN: Tuesday, September 25, 2012 at 18:30 Sydney / 17:30 Seoul-Tokyo /
16:30 Singapore / 14:00 Bangalore
Featuring: Lawrence Pesce, SANS Certified Instructor
https://www.sans.org/webcasts/attackers-exploit-modern-secure-wireless-netwo
rks-95642
Sponsored By: Australian Computer Society, http://www.acs.org.au/
We hope that network professionals are beginning to do a better job
understanding the technological risks of implementing wireless networks.
We now see appropriate encryption, authentication and all of the technical
pieces that go along with it. The problem is, attackers and penetration testers
are still getting in. We'll take a look at some often forgotten vectors, the
pitfalls and how they relate to pineapples, free hugs, bitcoin mining, and
human psychology enter into the equation.
WEBCAST 3
Special Webcast: Spear Phishing to Change Employee Behavior: Obvious and
Non-Obvious Benefits
WHEN: Tuesday, September 25, 2012 at 2:01 PM EDT (1801 UTC/GMT)
Featuring: Aaron Higbee, CTO and Co-Founder, PhishMe, Inc.
https://www.sans.org/webcasts/spear-phishing-change-employee-behavior-obviou
s-non-obvious-benefits-95530
Sponsored By: PhishMe, http://www.phishme.com/
Cyber-crime and electronic espionage, most commonly, initiate with an employee
clicking a link to a website hosting malware, opening a file attached to an
email and laden with malware, or just simply giving up corporate credentials
when solicited via phishing websites. Technical controls presented as silver
bullets provide false hope and a false sense of security. These threats can be
mitigated significantly by training the workforce to identify, thwart, and
report such attacks in a timely manner.
How resilient are your employees?
WEBCAST 4
Special Webcast: Own Your Own Network: Continuous Monitoring
WHEN: Wednesday, September 26, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Jerry Shenk and Michael Thelander
https://www.sans.org/webcasts/network-continuous-monitoring-95574
Sponsored by: Tripwire, http://www.tripwire.com
Continuous monitoring has been defined by NIST and the SANS 20 Critical
Security Controls as key to reducing risk in IT environments. Under these
definitions, continuous monitoring encompasses at lot of moving parts!
Change management, configuration management, vulnerability assessment, patch
management, threat assessment - all are included in a comprehensive continuous
monitoring program.
Where do organizations start? What does continuous really mean? How can these
efforts be coordinated to improve audit, compliance and risk posture without
blowing a gasket trying to connect all the dots? In this webcast, learn how to
inventory and assess your systems and network devices, audit and manage
configuration and patches, and combine this data with threat assessments for
better risk management, accurate response, and improved compliance.
WEBCAST 5
Analyst Webcast: User Provisioning and Compliance: SANS Institute Product
Review of Oracle Identity Governance Solutions
WHEN: Thursday, September 27, 2012 at 9:00 AM PDT / 1:00 PM EDT (1700
UTC/GMT)
Featuring: Dave Shackleford and security experts from Wyndham Worldwide, Oracle
and PricewaterhouseCoopers
https://www.sans.org/webcasts/user-provisioning-compliance-institute-product
-review-oracle-identity-governance-solut-95404
Sponsored By: Oracle, http://www.oracle.com
Translating the IT-centric, directory based view of access and authorization
into the process-driven concerns of business users inevitably creates unique
challenges-particularly when determining which users have access to what
resources and what they are doing with that access. Enforcing governance
controls to manage access, while simplifying the process for users, is critical
to reduce the risk of an employee or malicious third party with excessive
access taking advantage of that access.
In this webcast, learn first-hand from Wyndham Worldwide and
PricewaterhouseCoopers about the key issues associated with implementing
self-service user provisioning while maintaining appropriate controls on
critical applications and data. Also providing commentary will be Oracle's
product management director, Viresh Garg, and senior SANS Analyst Dave
Shackleford, who will cover highlights of his review of Oracle Identity
Governance Solutions User Provisioning capabilities, including the product's
unique online "shopping cart" model for self-service setup of user access.
WEBCAST 6
Special Webcast: Network Forensics - What Are Your Investigations Missing?
WHEN: Friday, September 28, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Phil Hagen
https://www.sans.org/webcasts/network-forensics-investigations-missing-95619
Traditionally, computer forensic investigations focused exclusively on data
from the seized media associated with a system of interest.
Recently, memory analysis has become an integral part of forensic analysis,
resulting in a new and significantly different way for digital examiners and
investigators to perform their craft. Now another evolution in computer
forensics is at hand - one that includes data collected from network devices as
well as the from wires themselves.
Every day, more and more network-enabled products hit the market.
Incorporating network data from those devices during the analytic process is
critical for providing a complete understanding of the event under
investigation. Even in traditional data-at-rest examinations, the network may
hold the only clues left behind by a diligent attacker that has covered his or
her tracks. We'll discuss how network-based evidence can support traditional
data-at-rest computer forensic analysis. Other topics will include the sources
and methodologies for collecting network evidence. By knowing what existing
data to ask for and what additional data to collect during an investigation, we
can provide a more comprehensive analysis of the event at hand.
WEBCAST 7
Special Webcast: Memory Forensics for Incident Response
WHEN: Monday, October 01, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Hal Pomeranz
https://www.sans.org/webcasts/memory-forensics-incident-response-95647
Modern malware has become extremely adept at avoiding detection by traditional
endpoint analysis tools. Memory Forensics gives the investigator multiple
solutions for detecting typical malware techniques such as code injection, API
hooking, and process hiding. This talk is an overview of Memory Forensics
including how to acquire memory images and tools and techniques for analyzing
them.
Hal Pomeranz is the founder and technical lead for Deer Run Associates, a
consulting company focusing on Digital Forensics and Information Security.
He provides forensic analysis services through his own consulting firm and by
special arrangement with MANDIANT. He has consulted on several major cases for
both law enforcement and commercial clients. Hal is a SANS Faculty Fellow and
and instructor in the SANS Forensics curriculum.
WEBCAST 8
Special Webcast: Why Security Awareness Matters - 1st in Series
WHEN: Tuesday, October 2, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Lance Spitzner
https://www.sans.org/webcasts/security-awareness-matters-1st-series-95534
Sponsored By: Core Security, http://www.coresecurity.com
Many people do not understand the value of security awareness, especially how
it dramatically reduces risk. In this short webinar we will explain to you the
value of security awareness and give you to the tools to communicate that
value. Key areas we will cover include:
Why humans are so vulnerable and how threats are exploiting those
vulnerabilities.
What security awareness is and how it addresses human vulnerabilities.
Common misconceptions of security awareness.
Moving awareness beyond just prevention to detection and response.
Security Awareness Maturity Model.
How to build stakeholder and management support of your security awareness
program.
WEBCAST 9
ISC Threat Update
WHEN: Wednesday, October 10, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Johannes Ullrich, PhD
https://www.sans.org/webcasts/isc-threat-update-20121010-95049
Sponsored By: Core Security, http://www.coresecurity.com
The SANS Internet Storm Center (ISC) uses advanced data correlation and
visualization techniques to analyze data collected from thousands of sensors in
over sixty countries. Experienced analysts constantly monitor the Storm Center
data feeds searching for trends and anomalies in order to identify potential
threats. When a threat is identified, the team immediately begins an intensive
investigation to gauge the threat's severity and impact. This monthly webcast
discusses recent threats observed by the Internet Storm Center, and discusses
new software vulnerabilities or system exposures that were disclosed over the
past month. The general format is about 30 minutes of presentation by senior
ISC staff, followed by a question and answer period.
WEBCAST 10
Analyst Webcast: Beyond Continuous Monitoring: Threat Modeling for Real-time
Response
WHEN: Thursday, October 11, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: G. Mark Hardy and Tiffany Jones
https://www.sans.org/webcasts/continuous-monitoring-threat-modeling-real-tim
e-response-95579
Sponsored By: Symantec, http://www.symantec.com
Threat agents to federal systems run the gamut from state-sponsored attacks
emanating from countries like China, to social rebels including Anonymous and
Wiki Leaks, to spies for hire in espionage, or to common criminals working to
access financial data that could be used in identity theft. The threat has yet
to spill over into the realm of cybercombat, but vulnerabilities have been
demonstrated in military drones and other connected mechanical and
communications systems, making security of all connected systems a priority for
multiple Federal regulatory bodies.
As it turns out, most successful intrusions are the result of vulnerabilities
(known or unknown) left open by the system owners-whether these be leaving
unpatched systems, running vulnerable ports and services, using default and
shared passwords, or end users making mistakes. This is why FISMA, which
originally mandated periodic enterprise audits and reports, ultimately upgraded
requirements from point-in-time audits and reports to continuous monitoring to
discover and repair these types of vulnerabilities before they become a huge
security event to the enterprise.
In its purest sense, continuous monitoring is inwardly focused on such
activities as vulnerability assessment and patch management, which provides
valuable situational awareness of systems and potential vulnerabilities.
Continuous assessment of the security posture of network devices and security
systems will help prevent incidents from being successful. But in the case of
an event, monitoring is nothing without the ability to respond accurately and
in a timely manner.
In this webcast, G. Mark Hardy, an instructor with the SANS Institute and the
founder of National Security Corporation, will discuss how continuous
monitoring can go beyond compliance to create a real-time threat model that
enables active response with situational awareness.
By reducing the latency in sensor feeds, we can begin to defend our networks in
real-time, rather than playing catch-up. (But even real-time isn't as
continuous as it seems.) If used to continuously repair vulnerabilities,
continuous assessments will result in improved network security and compliance
over time.
Register for this webcast and be among the first to receive an advanced paper
on the same topic.
WEBCAST 11
Special Webcast: Harvesting the Rotten Fruit III: Killer Tomatoes Attacking the
Client!
WHEN: Monday, October 15, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Kevin Johnson
https://www.sans.org/webcasts/harvesting-rotten-fruit-iii-killer-tomatoes-at
tacking-client-95419
With the rise of hactivism and other types of attackers, it becomes very
important for organizations to understand what their applications expose them
too. In our work and classes we find that many of the current attacks are
focused on the low hanging fruit our web application contain. So in this the
third part of this trilogy, we will explore how XSS and XSRF are rife through
applications and how to find it before the attackers do!
WEBCAST 12
Special Webcast: Security Awareness: Planning for Success
WHEN: Tuesday, October 16, 2012 at 1:00PM EDT (1700 UTC/GMT)
Featuring: Lance Spitzner
https://www.sans.org/webcasts/security-awareness-planning-success-95544
Sponsored By: Core Security, http://www.coresecurity.com
Once an organization is committed to a security awareness program they often
wonder what next, where do they start. We will walk organizations through the
planning process, including using the Security Awareness Roadmap for planning,
executing and maintaining a high impact awareness program. Key areas we will
cover include:
Overview of Security Awareness Maturity Model and Roadmap Gaining stakeholder
support, developing a Project Charter and defining key expectations.
Building your Steering Committee
Identifying WHO are the key targets of your awareness program Identifying WHAT
key behaviors you want to change and the relevant content/topics you will teach
them Identifying HOW you will communicate those key topics Developing an
execution plan Long term sustainment Metrics
WEBCAST 13
Special Webcast: Understanding Chinese APT Hackers: Attribution, Attack Trends
and Why It Matters
WHEN: Wednesday, October 17, 2012 at 11:25 AM EDT (1525 UTC/GMT)
Featuring: Greg Hoglund
https://www.sans.org/webcasts/understanding-chinese-apt-hackers-attribution-
attack-trends-matters-95604
Sponsored By: HB Gary, http://www.hbgary.com/
Chinese hackers have a long history. Many of the hackers know each other, have
social links, potentially trade malware and tools, etc. As HBGary has expanded
its threat intelligence around Chinese APT, it has become very clear that the
actionable data has nothing to do with the number of groups.
Chinese APT is an emulsion of largely similar intentions, tools, and
backstories. In this webinar, Greg Hoglund, CTO ManTech CSI and VP of HBGary,
will present surprising new research findings about Chinese APT threat actors,
trends in Chinese APT attacks and why it matters. Leveraging new HBGary's link
analysis tool, traditional computer forensics, and other resources, Mr. Hoglund
will discuss how HBGary's threat intelligence team has been able to make
significant advances in attribution for specific Chinese APT attacks, as well
as provide an overview of what incident response professionals should look for
in their investigations to correlate attacks and attribute them to a particular
actor or group.
WEBCAST 14
Ask The Expert Webcast: Not So Private Browsing
WHEN: Thursday, October 18, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Rob Lee and Jad Saliba
https://www.sans.org/webcasts/private-browsing-95520
Sponsored By: Magnet Forensics
Let's face it -- the web browser is used more than any other application on our
computers. We connect via the browser to read email, chat with friends, post to
Facebook, tweet, and much more. Browser data has become more secure recently,
but most of it is still recoverable in a variety of ways. Using standard
forensic techniques, we will walk through some of the cutting-edge methods that
an investigator can use to determine where someone was browsing
- even if they were using the latest privacy enhanced features such as "Private
Browsing" or "Incognito". This talk will cover artifacts left behind in
Firefox, IE, and Chrome browsers, and the tools and techniques analysts can use
to recover hidden artifacts long after browsing history has been cleared from a
computer.
WEBCAST 15
Analyst Webcast: SANS Mobility Policy and Management Survey, Part of the SANS
Mobility Survey Series, Part I
WHEN: Tuesday, October 23, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: SANS Mobility Expert Kevin Johnson
https://www.sans.org/webcasts/mobility-policy-management-survey-mobility-sur
vey-series-95429
Sponsored By: Box https://www.box.com/, F5 http://www.f5.com/, McAfee
http://www.mcafeesecurity.com, Oracle http://www.oracle.com, Mobile Iron
https://www.mobileiron.com/, RSA http://www.emc.com/domains/rsa/index.htm
SANS released its First Mobility Security Survey on April 12. In it, more than
60 percent of 651 respondents allowed BYOD in their mobile policies, but only 9
percent felt they were fully aware of the devices accessing corporate
resources. The majority lacks policy to manage this risk, and those that are
attempting to do so are throwing multiple point technologies at the problem and
hoping they stick.
In this webcast, learn about results from our second survey on policy and
management of BYOD/mobility that is now underway. In it, senior SANS analyst
Kevin Johnson will reveal what enterprises are considering in their mobile/BYOD
risk management policies and how their management practices stand up in major
categories such as malware protection, mobile device management, access and
application controls, and user policy.
Register for this webcast and be among the first to receive an advanced copy of
the associated Mobility Survey Policy and Management Survey whitepaper report.
WEBCAST 16
Analyst Webcast: SANS Mobility Policy and Management Survey, Part of the SANS
Mobility Survey Series, Part II
WHEN: Tuesday, October 25, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: SANS Mobility Expert Kevin Johnson
https://www.sans.org/webcasts/mobility-policy-management-survey-mobility-sur
vey-series-95434
Sponsored By: Box https://www.box.com/, F5 http://www.f5.com/, McAfee
http://www.mcafeesecurity.com, Oracle http://www.oracle.com, Mobile Iron
https://www.mobileiron.com/, RSA http://www.emc.com/domains/rsa/index.htm
SANS released its First Mobility Security Survey on April 12. In it, more than
60 percent of 651 respondents allowed BYOD in their mobile policies, but only 9
percent felt they were fully aware of the devices accessing corporate
resources. The majority lacks policy to manage this risk, and those that are
attempting to do so are throwing multiple point technologies at the problem and
hoping they stick.
In this webcast, learn about results from our second survey on policy and
management of BYOD/mobility that is now underway. In it, senior SANS analyst
Kevin Johnson will reveal what enterprises are considering in their mobile/BYOD
risk management policies and how their management practices stand up in major
categories such as malware protection, mobile device management, access and
application controls, and user policy.
Register for this webcast and be among the first to receive an advanced copy of
the associated Mobility Survey Policy and Management Survey whitepaper report.
WEBCAST 17
Special Webcast: How to Create an Engaging Program People Want To Take
WHEN: Tuesday, October 30, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Will Pelgrin, Chair of the MS-ISAC, President and CEO of the Center
for Internet Security
https://www.sans.org/webcasts/create-engaging-program-people-95539
Sponsored By: Core Security, http://www.coresecurity.com
One of the biggest challenges is getting people to take the training.
We will explain how to create a program so engaging employees will be asking
how their families can take it. Key areas we will cover include:
Marketing 101: "What Is In It For Me" approach.
Avoiding FUD, instead focusing on enabling people and technology Most effective
ways to communicate Primary & Reinforcement training Case studies of effective
engagement Enforcement vs. Rewarding
WEBCAST 18
ISC Threat Update
WHEN: Wednesday, November 14, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Johannes Ullrich, PhD
https://www.sans.org/webcasts/isc-threat-update-20121114-95054
Sponsored By: Core Security, http://www.coresecurity.com
The SANS Internet Storm Center (ISC) uses advanced data correlation and
visualization techniques to analyze data collected from thousands of sensors in
over sixty countries. Experienced analysts constantly monitor the Storm Center
data feeds searching for trends and anomalies in order to identify potential
threats. When a threat is identified, the team immediately begins an intensive
investigation to gauge the threat's severity and impact. This monthly webcast
discusses recent threats observed by the Internet Storm Center, and discusses
new software vulnerabilities or system exposures that were disclosed over the
past month. The general format is about 30 minutes of presentation by senior
ISC staff, followed by a question and answer period.
WEBCAST 19
Special Webcast: How to Develop a Bring-Your-Own-Device Policy
WHEN: Thursday, November 15, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Benjamin Wright
https://www.sans.org/webcasts/develop-bring-your-own-device-byod-policy-9556
4
As mobile devices like tablets, laptops and smartphones have become the typical
tools for professionals to do their work, many employers have allowed and even
encouraged employees to use their own devices. Some employers today subsidize
the cost of mobile devices that employees purchase and then use part time for
work. But setting policy on employee-owned devices can be really hard. This
webinar will examine case law and policy options related to such topics as
security and record retention and destruction. It will offer sample language as
a starting place for drafting policy, while explaining the risks and benefits
of wording a policy one way or another. Mr. Wright will give practical tips and
suggestions on how to develop a policy that everyone in an enterprise can (more
or less) live with, while explaining pitfalls and suggestions for employee
training and education.
WEBCAST 20
ISC Threat Update
WHEN: Wednesday, December 12, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Johannes Ullrich, PhD
https://www.sans.org/webcasts/isc-threat-update-20121212-95059
Sponsored By: Core Security, http://www.coresecurity.com
The SANS Internet Storm Center (ISC) uses advanced data correlation and
visualization techniques to analyze data collected from thousands of sensors in
over sixty countries. Experienced analysts constantly monitor the Storm Center
data feeds searching for trends and anomalies in order to identify potential
threats. When a threat is identified, the team immediately begins an intensive
investigation to gauge the threat's severity and impact. This monthly webcast
discusses recent threats observed by the Internet Storm Center, and discusses
new software vulnerabilities or system exposures that were disclosed over the
past month. The general format is about 30 minutes of presentation by senior
ISC staff, followed by a question and answer period.
WEBCAST 21
Analyst Webcast: SANS Survey on Application Security Policies in Enterprises
WHEN: Thursday, December 13, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Frank Kim
https://www.sans.org/webcasts/survey-application-security-policies-enterpris
es-95622
Sponsored By: NT Objectives www.ntobjectives.com<http://www.ntobjectives.com>,
Qualys http://www.qualys.com/, WhiteHat Security https://www.whitehatsec.com/
Applications are hard to monitor, full of vulnerabilities and easy to
manipulate. It's no surprise that applications have become the top vector of
attack. But what may surprise IT professionals is what organizations are doing
about the risks posed by their web, database, mobile and cloud applications.
What application security policies are emerging in organizations with sensitive
data to protect? Register for this webcast to hear the findings of a new SANS
Survey on Security Policies in the Enterprise.
Questions of interest include (but are not limited to):
Are any organizations managing their applications securely throughout their
lifecycles?
Who's responsible for application security?
What are the most critical applications and perceived threats?
How integrated is organizational application security management with the
overall risk management program?
The data gathered from this survey can help shape the industry. So, join us for
this webcast and be among the first to receive a complimentary copy of the
associated whitepaper citing survey results.
WEBCAST 22
Special Webcast: The Role of Email and Other E-messages in Modern
Contracts: How to Get the Terms You Want
WHEN: Thursday, December 27, 2012 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Benjamin Wright
https://www.sans.org/webcasts/role-email-e-messages-modern-contracts-terms-9
5559
E-commerce is not your grandfather's commerce. Contracts negotiated, formed and
amended through electronic means behave differently from contracts written on
paper and signed in ink. Today, the communication of legal terms and conditions
by way of email, instant message, world wide web and other electronic channels
has become the norm, even when some paper is exchanged.
Savvy players know how to use these electronic channels to advantage, whereas,
clueless chumps get taken to the cleaners. Through this webinar, Mr. Wright
will illuminate you on numerous leading edge cases. He will explain tips,
tricks and strategies for improving the changes that you and your organization
get the terms you desire and avoid unexpected pratfalls.
If you are involved in sales or procurement, you will learn invaluable lessons
that even your organization's own lawyer will either not know or neglect to
tell you.
Other related posts:
- » [oagitm] FREE SANS Webcasts in October (National Cyber Security Awareness Month!) and Nov. & Dec. - MASSE Theresa A * CIO
