Sign Up

Your Profile will be reviewed by Admin
TODAY : Advance Search
Apr 2015
May 2015


Crystal City Marriott at Reagan National Airport 1999 Jefferson Davis Highway Arlington , Virginia 22202
Tel: (301) 654-7267
Google Map


SANS SOC Summit:
SANS Security Operations Center (SOC) Summit. As we see regularly in the news, the number of successful data breaches continues to increase. Adversaries seem to have the upper hand, as many organizations fail to effectively detect and quickly respond to these breaches. Over 80% of all breach victims learn of a compromise from third-party notifications, not from internal security teams, and are often caught by surprise. As a result, executives are demanding that their security teams provide enhanced security posturing, monitoring, and detection to stop these threats. All of this is driving the need for organizations to put in place more formal and aggressive security operations, including a more robust and well-organized focus on security infrastructure, pre-breach posturing, detection, and response to attacks, and a more proactive approach to hunting for breaches. Many organizations are looking to either set up or outsource a Security Operations Center (SOC) and formalize Computer Incident Response Teams (CIRTs) in order to accurately and effectively detect and respond to data breaches.

The Opportunity:
Cybersecurity in organizations is often a silo distributed across different internal business units. The IT help-desk/operations support group, log management team, pen testing team, and forensics and incident response team are often ad-hoc or under different management, and do not always talk or work together. Many organizations do not even have an advance warning group such as a cyber threat team. To make matters worse, in many organizations, incident response plans are not routinely tested with the entire security team.

For security to work effectively, teams must be integrated across the entire organization, and they must work in concert when the detection team identifies a potential incident. Creating, developing, and formalizing a SOC provides a central command environment for all of the security teams to work together, share information and intelligence, and respond to breaches as a single effective group.

SOC Summit
The SOC Summit brings together industry experts and peers to discuss ideas and solutions to facilitate effective security operations for any organization - from small businesses with limited IT security personnel to larger enterprises with a dedicated operations center. You'll learn from the best in the industry, and SANS' hands-on and participatory approach will enable you to immediately apply what you've learned and start implementing effective security solutions the first day you return to the office.

Every organization faces the challenge of how to properly monitor and analyze security. At the SOC Summit, professionals and experts will share their experiences with building out organizations' security operations and increasing the effectiveness of security as a whole. Attendees will learn not only what mistakes to avoid in implementing and running a SOC, they'll also come to understand the processes and capabilities that other SOCs are using to help create more wins against a variety of threat groups.

It is time that we do what the adversaries and threat groups have been doing for years: share information. A single organization or individual alone cannot figure out everything that needs to be done for effective security. You'll take away news ideas from the SOC Summit not only from the best minds in the business, but also from others who have faced similar challenges in increasing their enterprise's situational awareness and monitoring and responding to threats.

You will learn to:
    Take a more integrated approach to security using the tips and tricks presented at the Summit.
    Integrate the SOC so that it works effectively with the IT help-desk, IT operations, and management
    Automate detection and response inside your SOC
    Reduce chaos and increase effectiveness during a crisis
    Properly identify, train, challenge, and retain SOC personnel and operators
    Discuss how policies need to reflect operations and reality
    Build trust inside the organization
    Operationalize your security processes, reporting, metrics, and policies - that is, what works and what doesn't
    Evaluate the tools and capabilities needed to make cybersecurity work effectively

Topics will include:
    Continuous monitoring
    Active defense
    Security metrics
    Critical security controls
    Integrated security defenses
    Proactive forensics
    Enterprise network and host monitoring
    Security reporting
    Threat intelligence utilization and usefulness
    Incident response team operations and management

Who should attend?
    Cybersecurity Professionals
    Cybersecurity Engineers
    Threat Analysts
    Incident Responders
    Chief Information Security Officers (CISO)
    Chief Technology Officers (CTO)
    Chief Information Officers (CIO)

Available Courses:
SEC511: Continuous Monitoring and Security Operations - Eric Conrad
SEC503: Intrusion Detection In-Depth - Johannes Ullrich, Ph.D.
FOR508: Advanced Digital Forensics and Incident Response - Alissa Torres
Security Operations Center (SOC) Summit - Staff




MORE events +