I’m happy to announce that I’ve been fortunate enough to convince four of the absolute top information security professionals to participate in a discussion about Advanced Persistent Threat. Yes, we can all agree the term APT is over-used and it is often severely misused, but that should not take away from what these professionals deal with on a daily basis. APT is real, and certainly not everything an Incident Responder deals with is APT, but let’s have the experts tell us what they see, how they deal with it and how they describe it.
Here is the participant list as it stands today - Discussion moderated by Rocky DeStefano
- Richard Bejtlich (Taosecurity Blog)
- Shawn Carpenter (NetWitness, or check Wikipedia)
- Mike Cloppert Personal Blog - Sans Blog
- Rob Lee (Mandiant, SANS)
If you don’t know who these guys are you really should read more :)
Summary: No hidden agenda’s, no marketing, there is nothing being sold here… this is simply a way to share information and broaden the discussion on Incident Response and APT. I want to provide you (the audience) with the opportunity to ask/refine the line of discussion ahead of time. If you were a fly on the wall with these four people in a room at the same time what topics would you be most interested in hearing?
Time: TBD we are working out schedules - The Podcast/Webcast will be broadcast in early April 2010. So get your input to me ASAP.
Action Required: Provide your input - ideas, questions, comments, concerns and anything else you want to know about with regards to Incident Response and APT and I’ll do everything I can to incorporate those topics into the discussion. At a minimum I’ll provide a list of the questions to each participant ahead of time for them to consider.
1. View/comment on this post.
2. Email firstname.lastname@example.org or
3. Follow and then DM me on Twitter: @visiblerisk
Disclaimer: Any opinions expressed by participants are their personal views and do not necessarily reflect the views or stances of their respective employers.