New Orleans , LA 70130 Location map
New Orleans Downtown Marriott at the Convention Center
SANS Threat Hunting and Incident Response Summit 2017
Will you be the Hunter or the Prey?
The Threat Hunting & Incident Response Summit will focus on specific hunting and incident response techniques and capabilities that can be used to identify, contain, and eliminate adversaries targeting your networks. SANS and our Founding Partner Carbon Black are pleased to invite you to the Summit where you will have the opportunity to directly learn from and collaborate with incident response and detection experts who are uncovering and stopping the most recent, sophisticated, and dangerous attacks against organizations.
Chances are very high that hidden threats already exist inside your organization's networks. Organizations can't afford to assume that their security measures are impenetrable, no matter how thorough their security precautions might be. Prevention systems alone are insufficient to counter focused human adversaries who know how to get around most security and monitoring tools.
The key is to constantly look for attacks that get past security systems, and to catch intrusions in progress rather than after attackers have attained their objectives and done worse damage to the organization. For the incident responder, this process is known as "threat hunting." Threat hunting uses known adversary behaviors to proactively examine the network and endpoints and identify new data breaches.
The Summit will explore the following:
- The effectiveness of threat hunting in reducing the dwell time of adversaries
- Threat hunting - Buzzword or Actionable Strategy?
- Automated threat hunting: Fact or fiction
- Threat hunting tools, tactics, and techniques that can be used to improve the defense of your organization
- Case studies on the application of threat hunting to security operations
- Innovative threat hunting tactics and techniques
- New tools that can help threat hunting for both endpoints and networks
- Perspectives and case studies that challenge threat hunting assumptions and can result in a shift in understanding
In addition to two days of in-depth threat hunting discussions, you'll have the opportunity to network with fellow attendees at breaks and social events. Attendees tell us time and again that one of the greatest takeaways from these events is the many industry connections they forge or deepen during their time with us. Last year's networking event was held at the House of Blues, where attendees enjoyed food, drinks, and live music performed by a New Orleans Jazz band!
After the two-day Summit, choose from seven hands-on, immersion-style SANS courses to help you expand your information security expertise. SANS courses are taught by experienced industry practitioners who are among the best cybersecurity instructors in the world. They will provide you with the guidance and skills you need to defend your organization from ever-evolving threats.
Who Should Attend?
- Threat Hunters who are seeking to understand threats more fully and how to learn from them in order to more effectively hunt threats and counter the tradecraft of adversaries.
- Incident Response Team Members who regularly respond to complex security incidents and intrusions by advanced persistent threat (APT) adversaries and need to know how to detect, investigate, remediate, and recover from compromised systems across an enterprise.
- Security Operations Center Personnel and Information Security Practitioners who support hunting operations that aim to identify attackers in their network environments.
- Digital Forensic Analysts who want to consolidate and expand their understanding of filesystem forensics, investigations of technically advanced adversaries, incident response tactics, and advanced intrusion investigations.
- System Administrators who are on the front lines defending their systems and responding to attacks
- Federal Agents and Law Enforcement Officials who want to master advanced intrusion investigations and incident response, as well as expand their investigative skills beyond traditional host-based digital forensics.
MGT517: Managing Security Operations: Incident Response and Intelligence - Christopher Crowley
SEC550: Active Defense, Offensive Countermeasures and Cyber Deception - Chris Pizor
FOR508: Advanced Digital Forensics and Incident Response - Jake Williams
FOR526: Memory Forensics In-Depth - Alissa Torres
FOR572: Advanced Network Forensics and Analysis - Philip Hagen
FOR578: Cyber Threat Intelligence - Robert M. Lee
FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - Hal Pomeranz
Threat Hunting & Incident Response Summit - Staff
Not sure if you want to exhibit at or attend the SANS Threat Hunting and Incident Response Summit 2017? See the panels below to get the information you need to make an informed decision.
Law enforcement officers, federal agents, or detectives
Information security professionals
Media exploitation analysts
Incident Response Team Leaders and Members
Security Operations Center (SOC) personnel and Information Security Practitioners
Red Team Members, Penetration Testers, and Exploit Developers
- Register with discount code "EarlyBird17" and receive a discount of up to 400 USD for any 4-6 day course or up to 300 USD off the Summit, paid for by Wednesday, February 22, 2017.
- Register with discount code "EarlyBird17" and receive a discount of up to 200 USD for any 4-6 day course or up to 150 USD off the Summit, paid for by Wednesday, March 8, 2017.
- EarlyBird Discounts cannot be combined with any other discount offer.
- If the order is not paid by the early registration deadline the discount amount will automatically be reduced to the next valid early registration discount amount.
- No refunds available after Tuesday, March 28, 2017.
Exhibitor Information +