From: The SANS Institute (Webcastsans.org)
Date: Mon Mar 17 2008 - 08:48:41 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Please join us the upcoming weeks for the following informative, free
SANS webcasts that you won't want to miss!

WEBCAST 1

WhatWorks Webcast: PaulDotCom's Penetration Testing Dojo: Core IMPACT Style
WHEN: Tuesday, March 18, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURED SPEAKERS: Alan Paller and Paul Asadoorian
http://www.sans.org/info/24748
Sponsored By: Core Security Technologies http://www.coresecurity.com/

When beginning a security process at a consortium of non-profits, senior
network security engineer, Paul Asadoorian of Pauldotcom began looking
for a penetration testing tool that did network, web application and
social engineering tests. The tool he purchased is low on manpower use,
mostly self-maintaining and reliably proves the existence of network
vulnerabilities. Please attend this webcast to find out why Paul
selected CORE IMPACT and learn how it can help you safely perform
network, web application and end-user penetration testing.

WEBCAST 2

SANS Special Webcast: Monthly Series: Security Insights with Dr. Eric Cole
This Month's Topic: Encryption
WHEN: Wednesday, March 19, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Dr. Eric Cole
http://www.sans.org/info/24753

Based on first-hand experience, this talk will look at areas where
encryption should be used and how to avoid common mistakes. Dr. Cole
will also identify areas where encryption should not be deployed.
Overall, this talk will provide expert knowledge of the landscape of
encryption, proper uses and common pitfalls. Register now for this free
webcast!

WEBCAST 3

Ask the Expert: Malcode Analysis and Response: Proficiency vs. Complexity
WHEN: Thursday, March 20, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURED SPEAKERS: Matt Allen and Russ McRee
http://www.sans.org/info/24758
Sponsored By: Norman Data Defense Systems http://www.norman.com/

The threat landscape changes constantly, driven in part by the "bot
economy" and changing malcode techniques. In response, incident handler
techniques must keep pace. This presentation will cover the use of
RAPIER, a security tool built to facilitate first response procedures
for incident handling. It is designed to acquire commonly requested
information and samples during an information security event, incident,
or investigation. RAPIER automates the entire process of data collection
and delivers the results directly to the hands of a skilled security
analyst. From detection and discovery, capture and containment, count
on a useful discussion meant to further your incident response
practices.

WEBCAST 4

Tool Talk Webcast: Are You Naked? Why virtualization and service processors
are leaving traditional log management customers naked.
WHEN: Tuesday, March 25, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Bill Johnson
http://www.sans.org/info/24763
Sponsored By: TDi http://www.tditx.com/

Virtualization and on board service processors are making log management
systems obsolete and opening their customers to huge compliance issues.
All existing log management systems are based on an 'inside out' agent
based, SYSLOG and SNMP architecture. This model is obsolete in today's
datacenter. Traditional log management systems do not log all events or
watch the data center all the time, opening the door to Sarbanes Oxley,
HIPAA and other compliance risks.

WEBCAST 5

Tool Talk Webcast: Analyzing Pen Testing Tools: Shootout at the Blackbox
Corral
WHEN: Wednesday, March 26, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Larry Suto
http://www.sans.org/info/24768

All black box testing tools are not created equal. In the Fall of 2007,
security consultant Larry Suto published a report that evaluates the
coverage and balance between false positives and false negatives of
three popular penetration testing tools. His findings, which some found
surprising, prompted official responses from a number of tool vendors
that called into question areas of the experiment that could have led
to shaky results.

WEBCAST 6

SANS Special Webcast: Stephen Northcutt Presents: Managing Vulnerability
Situational Awareness
WHEN: Wednesday, April 2, 2008 at 2:00 PM EDT (1800 UTC/GMT)
FEATURING: Stephen Northcutt
http://www.sans.org/info/24779
Sponsored By: Core Security Technologies http://www.coresecurity.com/

Stephen Northcutt challenges leaders to move past "Security Theater",
practices like confiscating nail files in airport security or running
vulnerability scans and taking no action or pretending a SIEM "partial
implementation" actually helps create effective security. If we want to
get better and actually implement security well one of the atomic keys
is to configure the system correctly and maintain that configuration.
Stephen will discuss the three views, the inside view, outside view and
user view that give us the information we need to assess the
configuration of our system. We can use tools like the Center for
Internet Security toolsets to create the inside view, vulnerability
scanners and exploitation tools like CORE for the outside view and to
get the user view we need to run a number of tests to determine the
level of awareness and practice. The data from all three views gives us
the ability to accurately assess our exposure to threat.

WEBCAST 7

SANS Special Webcast: Data Leakage Landscape
WHEN: Thursday, April 3, 2008 at 1:00 PM EDT (1800 UTC/GMT)
FEATURED SPEAKERS: Barb Filkins, Robert Hemeryck and Malte Pollmann
http://www.sans.org/info/24784
Sponsored By: TrendMicro and Utimaco Software

Data leakage occurs everywhere computing is conducted - whether it be
hand-helds, USB tokens or even protected internal computers where cut,
copy and paste functions are difficult to control. Organizations need a
map of these leakage points so they can plug them and protect themselves
against regulatory violations.

This Webcast discusses where and how data leaks, what types of privacy
violations these leakage points present, and what to do about them.

WEBCAST 8

Tool Talk Webcast: A Blueprint for Successful NAC Deployments
WHEN: Wednesday, April 16, 2008 at 1:00 PM EDT (1800 UTC/GMT)
FEATURING: John Curry
http://www.sans.org/info/24618
Sponsored By: StillSecure http://www.stillsecure.com/

This webinar will discuss the challenges associated with NAC deployments
and provide organizations with a blueprint on how to cost-effectively
take advantage of this critical technology. Learn first hand how your
organization can benefit from this ground-breaking technology.

WEBCAST 9

SANS Special Webcast: Log Management Part II: Real-Time Event Management
WHEN: Thursday, April 17, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURED SPEAKERS: Dave Shackleford and Sunil Bhargava
http://www.sans.org/info/25554
Sponsored By: Intellitactics, Inc. http://www.intellitactics.com/int/

This Webcast discusses how logs and event correlation should be managed
for compliance purposes and how auditors, working closely with security
and operations teams, can help develop processes that leverage logging
and event data to measure the effectiveness of their controls.

WEBCAST 10

SANS Special Webcast: Security Insights with Dr. Eric Cole
This Month's Topic: DLP
WHEN: Tuesday, April 22, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Dr. Eric Cole
http://www.sans.org/info/25559
Sponsored By: Code Green Networks

Cyber security is all about reducing risk to critical assets.
Protecting and controlling data flow is a critical part of an
organizations security arsenal. Therefore data loss prevention would
seem like a perfect solution for reducing risk. However, just because a
product is called a data loss prevention solution, does not necessarily
mean that it properly reduces risk. Before purchasing or deploying a
solution it is critical to understand the key risks you are trying to
reduce and make sure the solution is the most cost effective way to
reduce risk. This talk will provide insight into what product features
are most valuable and which solutions should be avoided. To accomplish
this it will provide a detail understanding of the landscape and the
best way to protect data at an organization. Register now for this free
webcast!

WEBCAST 11

Analyst Webcast: Security and Performance on Converged Networks
WHEN: Thursday, April 24, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Dave Shackleford
http://www.sans.org/info/25568
Sponsored By: NIKSUN http://www.niksun.com/

Events from security and monitoring devices fire off an unmanageable
number of alarms with no way of telling how they're related, or how they
impact performance. As networks converge their video, voice and data
traffic over IP networks, these alarms will only increase, while
providing less visibility into what set them off. This Webcast discusses
what will be needed of security monitoring tools as these data, voice,
video convergence becomes ubiquitous.

WEBCAST 12

SANS Special Webcast: The Little Hybrid Web Worm That Could
*** Previously scheduled for 3/6/08***
WHEN: Wednesday, April 30, 2008 at 1:00 PM EDT (1700 UTC/GMT)
FEATURING: Billy Hoffman
http://www.sans.org/info/24614
Sponsored By: HP

This Webcast examines the possibility of hybrid web worms which use
several methods to overcome the limitations of current web worms.
Specifically the authors examine how a hybrid web worm: mutates itself
to evade defenses; updates itself with new attack vectors while in the
wild; and finds and exploits targets regardless of whether they are
client web browsers or web servers.

********************************************************************
SANS is pleased to announce our new Training and Events Calendar - an
easy way to see what opportunities are available to you during the
coming month! The current calendars are now available for download from
http://www.sans.org/info/7926.

To change your subscription, address, or other information, visit
http://portal.sans.org. If you wish to have your name removed from our
mailing list, visit the site above, click on "update your account" and
check the box "Do not send any email."
********************************************************************

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]