Detecting APT with NAC, Sandboxing & SIEM-Part I + Malware detection with Yara

Monday November 4th, 2019 / 6 PM - 9 PM

WHO: Southwest CyberSec Forum

WHEN: 1st Monday of each month 6:00 PM - 9:00 PM

WHERE: UAT theater at 2625 W Baseline Rd, Tempe, AZ 85283

WHY: To stay current with new cyber threats, explore new security technologies, and network with your peers.

FREE: No membership fees, no RSVP’s, food and drinks provided by our sponsors.

 

Sponsor: Fortinet 

Our thanks to Fortinet for sponsoring this months meeting!

Fortinet Logo
Fortinet

 

Debbie Lite Trauter
Channel Account Manager - Mountain Desert
E: dlite@fortinet.com
M: 714.336.9695
Skype: Debbie Lite Trauter
NSE Certified : Level 3
899 Kifer Road | Sunnyvale, CA 94086

[7:15-8 PM]

Detecting APT with NAC, Sandboxing and SIEM - Part 1

Bio Placeholder Pic
Image Pending

by Cory  Sober, Systems Engineering Manager, Fortinet

Join Cory for the first in a two part series on Advanced Persistent Threats and how to detect them is something every large organization struggles with.  Yes, you have a wide variety of tools but how do you get them to all work together to get rapid answers to the time critical question of "Do I have a compromise and what is my exposure?"   Join Cory in this first of a two part series where he does a deep dive in how to use modern commercial tools including Network Access Control, Sandbox technology and full fledged Security Information and Event Management (SIEM) to detect Advanced Persistent Threats so you can quickly isolate and remediate compromises.

Cory is a Systems Engineering Manager at Fortinet with decades of hands on experience and holds several technical certifications relating to security, networking and systems.

In addition to being a security and networking expert, Cory is a graduate of the Reserve Officers Law Enforcement Academy and a member of Infragard

[8-8:45 PM]

Maleware detection with the Yara pattern matching utility

Tim Garcia Profile Pic

by Tim Garcia, SANS instructor (Tool Time with Tim) VP-CISSP,GSEC,GCDA,GCCC,GMON,GCED

Tim Garcia will review the capabilities and use of the open source Yara utility.  Primarily used to identify and classify malware through signatures, it has a wide variety of uses and integration possibilities for the security analyst.

Tim is SANS Instructor primarily focused on blue team activities, ethical hacking, incident handling, security management and general information security principles.   Instructor in Information Systems Security, Systems Analysis and Project Management for several local universities in the Phoenix area.

Leave a Reply