Threat Hunting & IR Summit & Training 2019October 2-7 | #ThreatHuntingSummit @sansforensics

VenueNew Orleans Marriott 555 Canal Street | New Orleans, LA 70130 504-581-1000

Event Check-InStudios Foyer (2nd Floor)Wed, October 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7:00am – 9:00am

Registration SupportIberville (4th Floor)Wed, October 2 – Mon, October 7 . . . . . . . . . . . . . .9:00am – 5:00pm

Course BreaksMorning Break . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10:30am – 10:50am Lunch (on your own) . . . . . . . . . . . . . . . . . . . . . . . . 12:15pm – 1:30pm Afternoon Break . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3:00pm – 3:20pm

GENERAL INFORMATION

SEC504 Hacker Tools, Techniques, Exploits, and Incident Handling

Instructor: Richard Fifarek . . . . . . . . . . . . . . . . . . . . . . . . . Studio 10 (2ND FLOOR) Extended Hours: 5:00pm - 7:15pm (Course day 1)

FOR498 Battlefield Forensics & Data AcquisitionInstructor: Kevin Ripa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Studio 6 (2ND FLOOR)

FOR508 Advanced Incident Response, Threat Hunting, and Digital Forensics

Instructor: Matt Bromiley . . . . . . . . . . . . . . . . . . . . . . . . . Studio 4/5 (2ND FLOOR)

FOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response

Instructors: David Bianco, Philip Hagen . . . . . . . . . . . . . . Studio 9 (2ND FLOOR)

FOR578 Cyber Threat IntelligenceInstructor: Robert M . Lee . . . . . . . . . . . . . . . . . . . . . . . . . . . Studio 2 (2ND FLOOR)

FOR610 Reverse-Engineering Malware: Malware Analysis Tools and Techniques

Instructor: Anuj Soni . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Studio 8 (2ND FLOOR)

MGT512 Security Leadership Essentials for ManagersInstructor: Kenton Smith . . . . . . . . . . . . . . . . . . . . . . . . . . . Studio 7 (2ND FLOOR)

CLASS INFORMATION All courses will run 9:00am – 5:00pm (unless noted)

LUNCH&LEARN:

DIY Software Supply Chain Monitoring Speaker: Robert Perica, Principal Engineer, ReversingLabs Wed, October 2 | 12:30pm – 1:15pm | Studio 6 (2ND FLOOR)

LUNCH&LEARN:

Network-Based Threat Hunting: A Case Study in Analyzing an Advanced Threat Speaker: Matt Pieklik, Sr . Consulting Analyst Thu, October 3 | 12:30pm – 1:15pm | Studio 6 (2ND FLOOR)

SPECIAL EVENT:

Product Test Drive: Regaining Control of Your Attack Surface Speakers: Justin Swisher, MDR Threat Hunting and Charles Twardowski, Manager, Incident Response Wed, October 2 | 6:30pm – 8:30pm | Studio 6 (2ND FLOOR)

KEYNOTE: Malware Analysis: A Deep Dive Experience Speaker: Anuj Soni Thu, October 3 | 6:00pm – 8:00pm | Studio 4/5 (2ND FLOOR)

SPECIAL EVENT: DFIR Community Night House of Blues, The Prayer Room | Fri, October 4 | 6:00pm – 8:00pm

Please join DFIR instructors and fellow students on a night out in NOLA! Enjoy light hors d’oeuvres, drinks and the best of live music .

SPECIAL EVENT: DFIR NetWars Tournament Hosted by: Matt Bromiley, Philip Hagen Sat, October 5 & Sun, October 6 | 6:00pm – 9:00pm Studio 3/4/5 (2ND FLOOR)

BONUS SESSIONS

HOTEL FLOOR PLAN

Interested in adding a GIAC Certification or an OnDemand Bundle?To receive the discounted rate, you must sign up before Monday, October 14th at 8:00pm EDT

Add to your order via your Portal Account: www.sans.org/account Call or e-mail SANS Registration: 1-301-654-SANS (7267) | registration@sans.org

SEC504

FOR498

FOR508

FOR572FOR578

FOR610

MGT512

Event Check-In

Registration Support