Date: Wednesday, March 12th
Time: 1:00-2:00pm EDT
Topic: Dramatically Improving Incident Response & Network Visibility

Playback and Listen

Topic Description:

Many successful attacks today fly way under the radar of intrusion detection and security countermeasures that you have in place. Targeted spear phishing techniques combined with “designer” application exploits can gain a foothold inside of your network without any alerts from your IDS, or SIEM products. Once these exploits occur, attackers maintain access to victim networks by installing simple, but effective code that “beacons” to one or more hosts outside of the organization under the control of the adversary.

Well, there are ways to effectively detect this designer malware and keep it from spreading, and to monitor your network for unwanted exploit traffic that may be invisible or misunderstood by your current security countermeasures. This session provides all the information you need to be able to build a monitoring and alerting function to cope with designer malware, beacon Trojans, and advanced data exfiltration techniques.

In less than one hour you will learn:

• Definition and technology profile of designer malware, beacon Trojans, and advanced exfiltration techniques

• How to use network forensics techniques to investigate designer malware and beacon Trojan activity to understand impact and damage in the case of a breach

• How to build a technology architecture to detect and monitor your network more effectively

• How to improve the overall performance and response time of security operations

Meet our speakers:

Shawn Carpenter | Principal Forensics Analyst | NetWitness Corporation

Shawn Carpenter is Principal Forensics Analyst at NetWitness Corporation. A U.S. Navy veteran, Shawn has extensive knowledge and expertise in cyber threat analysis and computer forensics. Before joining NetWitness, Shawn worked for ManTech as a Senior Computer Security Analyst as part of the Department of State’s Cyber Threat Analysis team. Shawn’s work in network forensics is well known throughout the industry. Shawn assisted in tracking a Chinese cyber-espionage ring, code-named Titan Rain. Shawn frequently briefs and interacts with cyber security experts at numerous U.S. Government agencies, including the Executive Office of the President, National Security Agency, Federal Bureau of Investigation, and Department of Defense. He has delivered invited presentations on the topic of cyber terrorism to international conferences, and is a sought-after by media for his comments on matters associated with state-sponsored intrusions, cyber-warfare, data exfiltration, and network forensics.

Eddie Schwartz | Chief Security Officer | NetWitness Corporation

Eddie Schwartz is Chief Security Officer at NetWitness Corporation. He has 25 years of experience as an information security and privacy expert, specializing in the financial services and federal government sectors. Prior to joining NetWitness, Eddie was Chief Technology Officer for ManTech Security Technologies Corporation. Amongst his numerous roles, Eddie served as a technology management consultant for a number of large commercial and U.S. Government entities, such as Bristol-Meyers Squibb, Citigroup, JP Morgan Chase, Marriott Corporation, McDonald’s Corporation, and the U.S. Departments of Justice and State. A regular contributor to numerous trade journals and industry publications, he is a national-level thought leader in the area of Information Security Strategy and Data Privacy Compliance.