From: The SANS Institute (Webcastsans.org)
Date: Mon May 08 2006 - 12:49:23 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

********************************************************
Please join us this week for two FREE SANS Webcasts that you won't
want to miss:
Ask The Expert Webcast: "Who's Guarding the Guards? Employing a
Privileged User Monitoring Strategy" and
Internet Storm Center: "Threat Update: +DNS Configuration & PHP
Hardening."

You can now download or subscribe to the SANS webcast calendar -
http://www.sans.org/webcasts/calendar.ics

SANS live webcasts allow you to hear a knowledgeable speaker while
viewing presentation slides you can download in advance. If you've
never tuned in to a SANS webcast before, see the simple instructions
at the end of this message to learn how to connect to the SANS Portal
and join us for these free educational webcasts.

********************************************************
WEBCAST 1
Ask The Expert Webcast: "Who's Guarding the Guards? Employing a
Privileged User Monitoring Strategy"
Tuesday, May 9, 2006 at 1:00 PM EDT (1700 UTC/GMT)
Featuring: Dave Shackleford and Kristin Gallina Lovejoy
Sponsored by: Consul Risk Management
https://www.sans.org/webcasts/show.php?webcastid=90724

Webcast Overview:
Featuring: Dave Shackleford and Kristin Gallina Lovejoy.
In today's world of information security and regulatory compliance,
a number of pervasive problems "just won't go away". One of the most
serious is the extensive use of privileged accounts for performing
activities within computing environments. Time and time again, this one
issue has been linked to many of the worst security breaches and data
compromise scenarios. Traditional approaches have not worked well,
and the time is right for new approaches and new technologies. In
this webcast, you will learn up-to-the-minute information about
security events seen in most environments, the regulatory compliance
statutes related to this, and a case study examining the shortcomings
of traditional approaches. The session will conclude with some new
insights into real-time user-level monitoring, and how new technologies
can be put to good use in this area.

Dave Shackleford, Director of Security Solutions and Assessment
Services: Dave Shackleford has been involved in Information Technology,
particularly the arenas of networking and security, for over nine
years. Dave has worked as a security architect and manager for a number
of large companies, and has also run his own consulting practice
for several years. He currently works as the Director of Security
Solutions and Assessment Services for Vigilar, and his areas of
specialty include incident handling and response, intrusion detection
and traffic analysis, and vulnerability assessment and penetration
testing. He is also the co-author of "Hands On Information Security"
from Course Technology.

Kristin Gallina Lovejoy, Chief Technology Officer: Kristin Lovejoy is
responsible for Consul's customer support and services organization,
as well as product management activities. Prior to Consul, Ms. Lovejoy
held senior positions at TruSecure Corporation, where she successfully
overhauled TruSecure's worldwide service delivery processes and quality
control measures. Ms. Lovejoy holds a U.S. patent for Object Oriented
Risk Management Model and Methodology.

********************************************************
WEBCAST 2
Internet Storm Center: "Threat Update: + DNS Configuration & PHP
Hardening."
Featuring: Johannes Ullrich and A.N. Ananth
Wednesday, May 10 at 1:00 PM EDT (1700UTC/GMT)
Sponsored by Prism Microsystem
https://www.sans.org/webcasts/show.php?webcastid=90621

Webcast Overview:
Featuring: Johannes Ullrich and A.N. Ananth
We will cover one critical vulnerability in Microsoft Exchange, as
well at least one critical vulnerability in Microsoft Windows. In
addition, we will discuss methods to prepare for and fight denial of
service attacks.

All agree that the critical assets of the enterprise (data and
applications) are resident on hosts inside the intranet and not at the
perimeter. Best practices dictate a defense in depth strategy. Logging
in depth to the application level to a central location, is an
essential component. Attend this webcast to learn how centralized event
monitoring with correlation can enable real time threat detection.

A. N. Ananth, President, Prism Microsystems, Inc. is a leading expert
in IT compliance with over 20 years experience in IT-control and
operation. He has consulted for many companies on their compliance
strategy, audit policy and automated reporting processes. He is
responsible for strategic product direction at Prism.

Johannes Ullrich, Chief Research Officer: Johannes is currently
responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold
program. He founded DShield.org in 2000, which is now the data
collection engine behind the ISC. His work with the ISC has been
widely recognized, and in 2004, Network World named him one of the 50
most powerful people in the networking industry. Prior to working for
SANS, Johannes worked as a lead support engineer for a web development
company and as a research physicist. Johannes holds a Ph.D. in Physics
from SUNY Albany and is located in Jacksonville FL.

 **************UPCOMING WEBCASTS************

May 16, 2006: WhatWorks in Log Management: "Judging Log Management
with San Bernardino County Superior Court"
Featured Speaker: Kevin Arden
Sponsored By: Prism Microsystems
https://www.sans.org/webcasts/show.php?webcastid=90681

May 17, 2006: "Ask the Expert: Remote Access and Security Gateways
(Part 2) "
Featured Speaker: Dave Shackleford
Sponsored By: BlueCoat Systems
https://www.sans.org/webcasts/show.php?webcastid=90721

********************************************************************

For additional information on any of the above webcasts, please go to
http://www.sans.org/webcasts

********************************************************************
TRAINING UPDATE SANSFIRE 2006 IN WASHINGTON DC
July 5-13 - Bring your family for the fireworks and stay for SANS
largest conference in Washington.

The industry's best security courses - extraordinary faculty;
authoritative up-to-the-minute material - shows you how to do the job
and gives you the confidence to go back and do it immediately.

"Jacked my paranoia level up around my ears, and then gave me the tools
to manage the threat." (Don Geiger, DCPS Division of Technology)

Offers every one of SANS' 17 immersion training courses plus 12 short
courses and a big exposition: SANS Security Essentials, Hacker
Exploits, System Forensics, Intrusion Detection, Auditing, plus training
for CISSP exam and all Technical certification required for DoD 8570 and
more. Plus special evening sessions by the global security leaders who
staff the Internet Storm Center.

http://www.sans.org/sansfire06/

********************************************************************

In order to access the webcasts, you will need a SANS portal
account and either Real Audio Player or Windows Media Player (free
downloads are available at our website). If you do not already
have a portal account, just go to http://portal.sans.org and
fill in the simple registration form, it's free! Your account
gives you access to the archive of past webcasts. Log on to
http://www.sans.org/webcasts/archive.php

********************************************************************
To change your subscription, address, or other information, visit
http://portal.sans.org. If you wish to have your name removed from
our mailing list, visit the site above, click on "update your account"
and check the box "Do not send any email."

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]