A Visual Summary of SANS Blue Team Summit 2021

On September 9 & 10, thousands from around the globe tuned in for the SANS Blue Team Summit. Industry’s top practitioners and leading experts from near and far shared their latest security defense research, solutions, tools, and case studies. It was a great opportunity for cybersecurity professionals and those new to the field.

We invited Ashton Rodenhiser of Mind's Eye Creative to create graphic recordings of our Summit presentations. If you missed a talk or are looking to view the SANS Blue Team Summit through a visual lens, take a look at the recordings below.

In addition to graphic recordings, PDFs of Summit presentations are available on the SANS Summit Archives page (SANS account required) and videos will be posted to YouTube over the next several months.

*If you registered for the Summit, video recordings will be available on your Summit Access page in your SANS Portal shortly after the conclusion of the event.

Keynote: Zero Trust Architecture: Applying ZTA in Today’s Environment 

Justin Henderson, Certified Instructor, SANS Institute Ismael Valenzuela, Senior Instructor, SANS Institute

Modern Authentication for the Security Admin

Mark Morowczynski, Principal Program Manager, Microsoft Grace Picking, Senior Program Manager, Microsoft

Blue-Team-as-Code: Lessons From Real-World Red Team Detection Automation Using Logs

Oleg Kolesnikov, Vice President, Securonix; Cybersecurity Instructor, Northeastern University Den Iuzvyk, Senior Security Researcher, Securonix

DeTT&CT(ing) Kubernetes ATT&CK(s) with Audit Logs

Magno Logan, Information Security Specialist, Trend Micro

Panel: Threats and Challenges 2021: What Cyber Defenders Need to Know – and Do

Moderator: John Hubbard, Certified Instructor, SANS Institute

Panelists: Ryan Chapman, Associate Instructor, SANS Institute Grace Picking, Senior Program Manager, Microsoft Ismael Valenzuela, Senior Instructor, SANS Institute

Measuring Detection Engineering Teams

Kyle Bailey, Staff Security Engineer, Panther Labs

Adversary Simulation: Measure and Close the Gaps in Your Security Posture

Don Murdoch, SANS Instructor

Ransomware Preparation, Containment and Recovery Strategies

Anurag Khanna, Manager – Incident Response & Consulting Services, Crowdstrike Services

Monitoring and Incident Response in Azure AD

Thomas Detzner, Senior Program Manager, Microsoft Yochana Henderson, Identity Program Manager, Microsoft

Data Science for SOC: A Practical Example of Detecting Advanced Credential Attacks

Igor Kozlov, Data Scientist, Bell Canada

Keynote: Can we REALLY 10X the SOC?

Anton Chuvakin, Head of Solution Strategy Chronicle, Google Cloud

Threat Sightings: The Power of Observation for Driving Cyber Threat Detection Improvements

Alejandro Houspanossian, Detection Engineer/Threat Hunting Specialist, McAfee 

Agustin March, Data Engineer, McAfee

YARA for Mere Mortals

Tony Drake, Senior Engineer, Security Intelligence, Intercontinental Exchange (ICE)

The Yellow Brick Road: Where Lions and Tigers and Bears Meet

Aaron Lancaster, Cyber Security Consultant

Panel: Scaling Security Operations to Cope with Exponentially Increasing Data

Moderator: Justin Henderson, Certified Instructor, SANS Institute

Panelists: Anton Chuvakin, Head of Solution Storage Chronicles, Google Cloud 

Jon Hencinski, Director of Global Operations, Expel

A River Runs Through IT: What Whitewater Rafting Taught Me About Incident Response

Stef Rand, Incident Response Consultant, FireEye/Mandiant

Knocking on Clouds Door: Threat Hunting Powered by Azure AD Reports and Azula

Mangatas Tondang, Senior Consultant, EY Canada

If you’re interested in seeing other free virtual events SANS has lined up, visit the current listing.