Return-path: <[log in to unmask]> Received: from 97755797.law.msu.edu (gwavix.law.msu.edu [35.8.206.12]) by mail.law.msu.edu; Sun, 16 Jul 2006 23:48:39 -0400 Received: (qmail 481 invoked by uid 504); 17 Jul 2006 03:48:39 -0000 Received: from [log in to unmask] by 97755797.law.msu.edu by uid 501 with the Gwavix Scanner (Scanned in 2.250016 secs); 17 Jul 2006 03:48:39 -0000 X-Spam-Status: No, hits=-2.6 required=2.0 Received: from unknown (HELO stinger1.sans.org) (65.173.218.117) by 0 with SMTP; 17 Jul 2006 03:48:36 -0000 Return-Path: <[log in to unmask]> Received: by stinger1.sans.org (detq) id QHE06066 for [log in to unmask]; Mon, 17 Jul 2006 3:44:51 +0000 Date: Mon, 17 Jul 2006 3:44:51 +0000 Message-Id: <[log in to unmask]> From: The SANS Institute <[log in to unmask]> Reply-To: [log in to unmask] Subject: Ask The Expert: "The Law of IT System Logs" and WhatWorks: "Justifying the Security Budget You Need Using Automated Penetration Testing" Webcasts Precedence: bulk Errors-To: <[log in to unmask]> Sender: <[log in to unmask]> To: <[log in to unmask]> X-Bounce: === SD547004 === [log in to unmask] === X-Mailing: Webcast Please join us this week for TWO informative, FREE SANS Webcasts that you won't want to miss: 1) Ask The Expert: Tuesday, July 18, 2006 "The Law of IT System Logs" 2) WhatWorks: Thursday, July 20, 2006 Deep IMPACT: "Justifying the Security Budget You Need Using Automated Penetration Testing" You can now download or subscribe to the SANS webcast calendar - http://www.sans.org/webcasts/calendar.ics SANS live webcasts allow you to hear a knowledgeable speaker while viewing presentation slides you can download in advance. If you've never tuned in to a SANS webcast, see the simple instructions at the end of this message to learn how to connect to the SANS Portal and join us for these free educational webcasts. ************************************************************************** WEBCAST 1 Ask The Expert: "The Law of IT System Logs" Tuesday, July 18, 2006 at 1:00 PM EDT (1700 UTC/GMT) Featuring: Benjamin Wright and Andrew Lark https://www.sans.org/webcasts/show.php?webcastid=90731 Sponsored by: LogLogic The legal community is not sure what to make of system logs. Documented cases show logs can store very valuable evidence, but logs are so poorly understood that lawyers and regulators have been hard pressed to say anything useful about their creation and retention. In this webcast Mr. Wright will survey and interpret what particular regulations, investigations and lawsuits have said about system logs. He will then introduce a framework for managing logs from a legal perspective. Speakers Bios: Benjamin Wright: One of the world's leading technology lawyers, Mr. Wright is the author of several law books, the most recent being Business Law and Computer Security, published by the SANS Institute. During 20 years of private practice, he has delivered over 600 speeches on e-commerce, privacy, e-mail discovery and computer security and been quoted in publications around the globe, from the Wall Street Journal to the Sydney Morning Herald. The journal of the Information Systems Audit and Control Association has recently published Mr. Wrights latest peer-reviewed article, "The Costs of Not Securing Personally Identifiable Data". Andrew Lark: Mr. Lark's 18 years experience in technology, Internet, telecommunications and consumer sectors spans leading award-winning programs and teams for Fortune and Times 100 companies, global brands, start-ups and the world's hottest advertising and communications agencies. During his career he has worked and lived in the majority of the world's major markets and developed a reputation as a highly creative marketer and thought leader on participatory marketing. As chief marketing officer for LogLogic, Andrew oversees all aspects of marketing including media and analyst relations, channel, inbound and outbound marketing, positioning and branding, and eMarketing. Prior to joining LogLogic, Andrew was vice president, global marketing and communications for Sun Microsystems. Prior to joining Sun he led all corporate marketing and communications at Nortel Networks and was chief marketer for Asia Pacific. Andrew joined Nortel from Fleishman-Hillard, the world's largest public relations agency, where he was a senior vice president and partner consulting to global leaders such as Dell, Microsoft, IBM, and Sony. ************************************************************************** WEBCAST 2 WhatWorks Webcast: Deep IMPACT: "Justifying the Security Budget You Need Using Automated Penetration Testing." Thursday, July 20, 2006 at 8:00 AM EDT (1200 UTC/GMT) Featuring: Alan Paller and Nikk Gilbert https://www.sans.org/webcasts/show.php?webcastid=90729 Sponsored by: Core Security Do you need help justifying your IT security budget or new security investments? If so then don't miss this What Works Webcast. Learn how automated penetration testing helped Alstom Transport obtain a multi-million dollar security budget and dramatically improve the security of their network. Alstom Transport is a Train/Signal manufacturing company (TGV/AGV) (High Speed Trains) based in Paris, France with approximately 28,000 users across 60 countries. Speaker Bios: Alan Paller: Alan is the Director of Research for the SANS Institute, responsible for overseeing all research projects ranging from the SANS Step-by-Step guides to the SANS digests to the Top Twenty Internet Security Threats. He the founder of the CIO Institute, and earned his degrees in Computer Science and Engineering from Cornell and MIT. Alan is the author of the EIS Book: Information Systems for Top Managers and How to Give the Best Presentation of Your Life. Nikk Gilbert is the first IT Security Director for the Transport division of Alstom and has worked there nearly 9 months. He is responsible for providing IT security for the entire company, as well as meeting the needs of 28,000 users in 60 countries. ******************************************************************** Additional FREE SANS Webcasts for July 2006 Educational Presentation Webcast: "Web Browser Attacks - What happens at the Endpoint?" Tuesday, July 25, 2006 at 1:00 PM EDT (1700 UTC/GMT) Featuring: Dave Jaros and Lenny Zeltser https://www.sans.org/webcasts/show.php?webcastid=90733 Sponsored by: Blue Coat WhatWorks Webcast: "WhatWorks in Log Management: Meeting Compliance Needs with Tractor Supply Company" Wednesday, July 26, 2006 at 1:00 PM EDT (1700 UTC/GMT) Featuring: Alan Paller, Don Marsee, and Sacha Dawes https://www.sans.org/webcasts/show.php?webcastid=90723 Sponsored by: netIQ ******************************************************************** For additional information on any of the above webcasts, please go to http://www.sans.org/webcasts ******************************************************************** In order to access these webcasts, you will need a SANS portal account and either Real Audio Player or Windows Media Player (free downloads are available at our website). If you do not already have a portal account, just go to http://portal.sans.org and fill in the simple registration form, it's free! Your account gives you access to the archive of past webcasts. Log on to http://www.sans.org/webcasts/archive.php ******************************************************************* Summer Security Training Extravaganza Over the next two months, you may attend one or more of 50 SANS courses in 20 cities on four continents. And if you cannot make those events, because of travel restrictions, you may attend live SANS courses with the best teachers in the world, without leaving your home. You can even take SANS courses online at your own schedule. Attendance at SANS educational events is experiencing the largest growth spurt in half a decade. Pick your class and register early to get a seat. http://www.sans.org ******************************************************************** To change your subscription, address, or other information, visit http://portal.sans.org. If you wish to have your name removed from our mailing list, visit the site above, click on "update your account" and check the box "Do not send any email".