Online Training Special Offer: iPad Pro w/ Smart Keyboard, Surface Pro or $350 Off

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

Pinpoint and Remediate Unknown Threats: SANS Review of EnCase Endpoint Security 6

  • Thursday, March 15th, 2018 at 1:00 PM EST (17:00:00 UTC)
  • Jake Williams and Charles Choe
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

  • OpenText Corporation

You can now attend the webcast using your mobile device!

Overview

With the increasing prevalence of security incidents that can lead to data breaches, security teams are learning quickly that the endpoint is involved in almost every targeted attack. Recent trends in the SANS 2017 endpoint security survey indicate that despite the best efforts of security teams, employees are more likely than ever to fall victim to phishing and ransomware attacks, putting enterprise data at risk.

With so many warning signs coming in by way of security alerts, why are these attacks getting through and spreading on the network? Simple: Security alert volume is higher than ever and InfoSec time and resources are at a premium. The solution lies in contextual data and automation to help security analysts quickly validate and respond to real threats in their environments. 

This is the purpose of EnCase Endpoint Security, which released its version 6.02. Endpoint Security works with leading security tools to ingest alerts and then apply threat intelligence and scoring so security teams can focus their response on the most critical incidents.

In this webcast, SANS analyst Jake Williams will review his testing results, including how he used EnCase Endpoint Security to:

  • Detect unknown threats through anomalous behavior analysis
  • Validate threats with data enrichment and contextualization
  • Triage alerts and identify gaps in coverage
  • Forensically remediate threats (delete files, reset or delete registry keys, kill processes) without taking down servers

Register for this webcast and receive early access to the whitepaper written by Jake Williams.

View the associated whitepaper here.

Speaker Bios

Jake Williams

Jake Williams is a SANS analyst, certified SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development and digital counterespionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud data exfiltration, and the tools and guidance to secure client data against sophisticated, persistent attack on-premises and in the cloud.


Charles Choe

Charles Choe is a Senior Product Marketing Manager at Guidance Software (now OpenText) responsible for the OpenText EnCase Forensic Security suite of products. He brings almost 10 years of product management and marketing experience, with advanced degrees in both law and business, to the table. Charles provides insight about market trends, industry challenges and solutions to Guidance Software and its customers in the areas of cybersecurity, risk management and forensic investigations.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.