Despite our best efforts, security practitioners are finding the same attacker return to their systems at least twice. Why is this happening? Are our detection methods working and if not, why not? This SANS webcast and associated whitepaper will look at the evolution of attackers, whether existing defenses are working and how to improve our stance.
Attendees will learn techniques used to identify, remediate and eradicate attackers as well as tips for successfully using deception techniques, including traps and lures. A case study will illustrate key recommendations.
is a SANS Certified Digital Forensics and Incident Response instructor, teaching Advanced Digital Forensics, Incident Response, and Threat Hunting (FOR508) and Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response (FOR572), and a GIAC Advisory Board member. He is also a principal incident response consultant at a major incident response and forensic analysis company, combining experience in digital forensics, incident response/triage and log analytics. His skills include disk, database, memory and network forensics, as well as network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.
is General Manager, Vice President of Products at TrapX Security. He is a veteran of the fight against fraud and cybercrime working for leading companies such as IBM Trusteer, NICE—Actimize and government entities such as the Israel Ministry of Justice and the Israel Defense Force (IDF).