Vendor Events

Vendor Welcome Reception

Tuesday, March 3rd: 5:00pm - 7:30pm

This informal reception allows you to visit exhibits and participate in some exciting activities. This is a great time to mingle with your peers and experience firsthand the latest in information security tools and solutions with interactive demonstrations. During the reception you will see important tools and services in a relaxed environment, providing an opportunity to have one-on-one discussions with technical experts from these organizations.

During these hours expo attendees are encouraged to visit the SANS Technology Pavilion, a vendor sponsored learning resource dedicated to specific INFOSEC technologies that are helping organizations successfully address their unique security challenges. For SANS 2009 the Technology Pavilion will focus on encryption solutions. Enjoy food and drink in a relaxed atmosphere while hearing brief presentations from vendors in this critical and evolving market. Hear questions and comments from your peers and schedule 1-on-1 time with providers for personal demonstrations of these market leading and emerging solutions.

Vendor Expo

Tuesday, March 3rd: 12:00pm - 1:30pm and 5:00pm - 7:30pm
Wednesday, March 4th: 7:00am - 8:30am

All attendees are invited to meet with new and established companies as they reveal the latest tools and technologies critical to info security. The SANS 2009 Vendor Expo showcases product offerings from key technology providers in the commercial tools and services market. Vendors arrive prepared to interact with SANS' technically savvy audience, presenting technical demonstrations and explanations. From IDS to log management to the latest vulnerability assessment tools, you'll find it all on the SANS 2009 expo floor.

Vendor Sponsored Breakfast & Prize Raffle

Wednesday, March 4th: 7:00am - 8:30am NEW TIME!
Join sponsoring vendors for continental breakfast.

Before classes begin, rise and shine on the expo floor with coffee, breakfast and raffle prizes! This morning session offers a continental breakfast brought to you by sponsoring vendors (attendees will be asked to have their badges scanned). Vendors are available to answer questions and demonstrate their latest offerings. Attendees take their latest knowledge about the solutions they have seen back to their classrooms to cut through the vendor hype and determine the exact features/functionality required by their organization to maintain safer, more secure environments and policies.

This expo session concludes with a prize raffle sponsored by participating vendors and SANS. The more vendors you visit, the more chances to win!

Rapid7 Lunch and Learn Presentation
- Security vs. Compliance: Complimentary or Competitive?
- Speaker: Holly Shea, Director of Presales, CISSP
- Wednesday, March 4th 2009* 12:30pm - 1:15pm

Security and compliance are necessary objectives for many organizations but many confuse the two. This presentation will discuss the differences between security and compliance, how do you choose security products that help achieve these goals and the use of compliance benchmarks to improve security and your organization's overall risk posture.

Holly Shea, Director of Presales for Rapid7. Shea is responsible for all presales support to the company's extensive prospect base. Working with security personnel across industries such as healthcare, finance, government and higher education, she serves as a trusted resource providing guidance that enables them to select vulnerability assessment solutions that meet their organization's unique needs.

Core Security Lunch and Learn Presentation
- Efficient Vulnerability Management with Penetration Testing
- Speaker: Tim Byrne, Senior Systems Engineer
- Wednesday, March 4th 2009* 12:30pm - 1:15pm

This talk will be an opportunity for attendees to see a live demonstration of automated penetration-testing. In just minutes attendees will see CORE IMPACT safely exploit vulnerabilities in a target network, replicating the kinds of access an intruder could achieve, and proving actual paths of attacks that must be eliminated.

Tim is a Sr. Systems Engineer for Core Security Technologies, providing pre-sales and post-sales support and training for the Core Security Technologies Impact user base. Mr. Byrne has over 10 years of experience working with network and software management tools in addition to over 5 years on Software Security Management. He was also a Systems Engineer with Primus, Groove Networks, and Hewlett Packard specializing in Network Traversal and Software Security management.

NitroSecurity, Inc. Lunch and Learn Presentation
- More Visibility for Better Security and Total Compliance
- Speaker: Mohan Ramanathan, Senior Security Engineer
- Wednesday, March 4th 2009* 12:30pm - 1:15pm

As threats become more complex, and compliance regulations become more severe, security analysts need to collect and manage more information from more sources. Instead of looking for "needles-in-a-haystacks" and throwing away excess event noise, analysts now need to access larger amounts of historical data for analysis.

Mohan Ramanathan is a Senior Security Engineer for NitroSecurity, Inc. He works with Enterprise and Higher Education customers throughout the US to help design and implement security and compliance solutions for network, host and database security. Mohan has nineteen years of IT industry experience.

TriGeo Lunch and Learn Presentation
- Forensics are Not Enough! Case Studies in Proactive Network Defense Using Security Information
and Event Management (SIEM) Technology
- Speaker: Michelle Dickman, President and CEO
- Wednesday, March 4th 2009* 12:30pm - 1:15pm

Session Description: Learn how SIEM and real-time, in memory, analytics combine to capture, correlate and respond to network attacks and insider abuse. See automated responses to network attacks, policy violations, inappropriate web browsing and USB device usage. Hear how mid-sized enterprises use SIEM to meet regulatory compliance initiatives and gain network control

Michelle Dickman is president and chief executive officer of TriGeo Network Security. Ms. Dickman has spent over 20 years in the software and financial industries combined. Much of her extensive management, sales and marketing experience has been focused on the midsize enterprise which is TriGeo's core market. Dickman also brings considerable business development and management skills to TriGeo. As the co-founder and President of an ERP software company, Dickman grew that organization from ten to nearly one hundred employees, with four regional offices, and annual growth ranging from 20 to 60 percent. Her leadership ultimately led to the organization's acquisition by a public company

Hands-On Demo Session Featuring Ed Skoudis
- Secrets of America's Top Pen Testers
- Speaker: Ed Skoudis
- Wednesday, March 4th 2009 * 6:00pm - 7:00pm followed by a Hands-On Demo w/
Core Security Technologies * 7:00pm - 8:00pm

Ed will share 7 secrets employed by the best penetration testers in the industry. This session will cover some little-known but extremely helpful technical and procedural tips for maximizing the effectiveness of pen tests. These secrets can help testers save huge amounts of time, improve the likelihood of successful compromise, and lower the chance of negatively impacting target systems during a test. Based on experiences learned from in-the-trenches tests by a dozen pen testers over the past year, Ed will examine crucial secrets associated with scanning, password attacks, exploitation, and many other aspects that attendees will be able to apply immediately in their own penetration testing regimen.

Catch up with friends over food and beverages, and try your hand at penetration testing with CORE IMPACT Pro, the most comprehensive software solution for assessing the security of network systems, endpoint systems, email users and web applications. During the event, you'll receive a complimentary trial version of IMPACT Pro to install on your own laptop, run against our lab environment, and take home to test your own systems. You'll also gain hands-on, guided instruction from the experts at Core, enabling you to quickly tap into the power of commercial-grade penetration testing.

Sourcefire, Inc. Cocktail Brief
- Your Network Security Isn't Good Enough Anymore:
Highlights of the Verizon Business 2008 Data Breach Investigation Report
- Speaker: Martin Roesch, CTO and Founder of Sourcefire®, Inc. and the Creator of SNORT®
- Wednesday, March 4th 2009 * 6:00pm - 7:15pm

Today's threats are dynamic. Unfortunately, most security offered to date has been static. Using findings from the Verizon Business report, Mr. Roesch will point out why network security must be intelligent to be effective - providing full network visibility, relevant context, and automated impact assessment and IPS tuning in real time.

Martin Roesch founded Sourcefire in 2001 and serves as its CTO. An authority on intrusion prevention technology and forensics, he is responsible for the technical direction and product development efforts. Mr. Roesch is also the author and lead architect of the SNORT® Intrusion Prevention System that forms the foundation for the Sourcefire 3DT System.

Norman Data Defense Lunch and Learn Presentation
- Assessing Security Threats Instantaneously & Defending Your Network
- Speaker: Matt Allen, Technology & Forensic Analyst
- Thursday, March 5th 2009 * 12:30pm - 1:15pm

Companies and their customers are increasingly vulnerable to severe data and financial losses due to increasingly complex malware. With traditional solutions becoming ineffective and expensive to maintain, the computer security market is evolving. Organizations demand simpler, better performing and more cost-effective solutions. This session will introduce a new generation of high-performance and proactive security technologies from Norman that allow you to analyze and protect your infrastructure in real time against known and unknown malware attacks.

Matt Allen: With backgrounds in computer and information sciences as well as business, Matt Allen has worked in a number of different roles at Norman over the past 7 years, varying from incident response and software development to sales and marketing activities.

As Technology & Forensic Analyst, Matt currently works primarily with the SandBox & Technology team on a range of projects.

Palo Alto Networks Lunch and Learn Presentation
- It's Time to Fix the Firewall
- Speaker: Nir Zuk, Founder and CTO
- Thursday, March 5th 2009* 12:30pm - 1:15pm

Legacy firewalls focus only on ports and protocols, and are no longer effective to secure today's networks. In this presentation, Nir Zuk will outline several critical new requirements for next generation firewalls that can empower and protect today's Internet-centric organizations.

Nir Zuk is CTO of Palo Alto Networks. Prior to Co-founding Palo Alto Networks, Nir was CTO at NetScreen Technologies. He was also co-founder and CTO at OneSecure, a principal engineer at Check Point, and was one of the developers of stateful inspection technology.

Sourcefire, Inc. Lunch and Learn Presentation
- The Future of Snort
- Speaker: Martin Roesch, CTO and Founder of Sourcefire®, Inc. and the Creator of SNORT®
- Thursday, March 5th 2009 * 12:30pm - 1:15pm

With over 3,000,000 downloads, Snort is the most widely deployed and trusted intrusion detection and prevention technology worldwide. How will Snort evolve over the next couple of years to keep up with the ever-changing network.

Martin Roesch founded Sourcefire in 2001 and serves as its CTO. An authority on intrusion prevention technology and forensics, he is responsible for the technical direction and product development efforts. Mr. Roesch is also the author and lead architect of the SNORT® Intrusion Prevention System that forms the foundation for the Sourcefire 3DT System.