Presented by Zoher Anis SANS

8:00 AM - 4:30 PM, $149.00

Session sponsored by the Upper Midwest Security Alliance

Morning Session: This session will give system administrators up-to-date tools and techniques to illuminate evidence of potentially malicious activity on their systems and to look deeper to determine whether problems are real. Because attackers are increasingly focusing on database and application software, we will also cover some up-to-date modules on finding hackers in specific software applications and Web sites. This session will help sysadmins better understand how they can do what is required by security teams and auditors without wasting a lot of time. We will cover a few of the tools and techniques that system administrators need to meet audit and security requirements.

Afternoon Session: This overview will show you proven techniques and tools needed to implement and audit the Top Twenty Most Critical Security Controls. These Top 20 Security Controls are rapidly becoming accepted as the highest priority list of what must be done and proven before anything else at nearly all serious and sensitive organizations. These controls were selected and defined by the US military and other government and private organizations (including NSA, DHS, GAO, and many others) who are the most respected experts on how attacks actually work and what can be done to stop them. They defined these controls as their consensus for the best way to block the known attacks and the best way to help find and mitigate damage from the attacks that get through. For security professionals, this session will give you an overview of how to put the controls in place in your existing network though effective and widespread use of cost-effective automation. For auditors, CIOs, and risk officers, this session will help you understand how you will measure whether the Top 20 controls are effectively implemented. It closely reflects the Top 20 Critical Security Controls found at www.sans.org/cag.