SANS Penetration Testing

Breach-Zilla: Lessons Learned from Large-Scale Breaches - Slides

[As promised, here are the slides from the presentation I did on Friday in New York City regarding large-scale breaches and lessons learned. I hope you find them useful. The description of the talk follows. The slides have more details.

By the way, if you are interested in this kind of thing, specifically the in-depth details behind modern computer attacks, I'll be teaching my SANS 560 course on Network Penetration Testing and Ethical Hacking in New York City November 7-12. This course will be taught community style, which is really cool. With community-style SANS, you'll get:

- Extra hands-0n exercises in bootcamp form to help hammer home vital concepts.

- Smaller class sizes... often, I have 50 to 80 folks in the room. For this class, we'll have 20 to 30, letting the instructor get more time with students.

- A lower price... this is the lowest price SANS has for me teaching my course all year round.

- Fun nights out... I'll be going out with students for dinners at least two nights that week. While I can't pay for your meal, I can promise you that we'll have a lot of fun over some truly wonderful dinners.

This is gonna be a lot of fun. What's not to like? If you are interested, you can sign up here by clicking on the Register button: http://www.sans.org/new-york-2011-cs-3/description.php?cid=9117

-Ed.]

By Ed Skoudis

Skoudis-BreachZilla - LessonsLearnedFromBreaches 4Q11r

We've all seen the blaring headlines and news stories providing a glimpse into large-scale enterprise breaches of millions accounts. But, the accompanying news articles typically lack enough details for security personnel to learn lessons that can help them avoid a similar fate. In this presentation, Ed Skoudis will fill the gap by discussing in-depth lessons learned from the over one hundred large-scale breach cases he has worked. In particular, this session will focus on strategies and tactics, with an emphasis on real-world applicability to enterprise environments of various scales. What are the most common breach vectors analysts should focus on? What are some of the salient issues in these investigations? These questions and more are addressed in this lively talk.

Post a Comment






Captcha


* Indicates a required field.