At this event, we’ll bring together our top security experts across the globe to showcase their latest research and insights, concluding with a presentation from special guest Mikko Hypponen our Chief Research Officer.
Attendees will also see demonstrations of the latest tooling we’re developing to help improve your cyber security strategy and can engage with some of our Detection and Response experts.
8:30am - 9:30am: Registration and Breakfast
9:30am - 4:30pm: Sessions and Networking Lunch
4:30pm - 6:30pm: Networking and Cocktail Reception
Keynote Talk: Securing the Future – Mikko Hypponen
Threat Landscape Briefing
- The Cyber Threat Landscape is rapidly evolving growing exponentially in size and scope. As a global leader in both specialized cyber consulting as well as traditional cyber security for over 30 years, F-Secure, with the inclusion of MWR InfoSecurity, is uniquely positioned to assess and digest recent developments. In this session, we will provide an insight into the current challenges faced by our clients and all organizations here in the USA as well as abroad.
- Detection and Response have become the two aspects of the security continuum that demand a CISO’s time. But how does the market define which tools, processes, and people fit into the Detection and Response bracket? How do we as security professionals ensure that our budgets are allocated appropriately? Should an organization be investing in threat hunting activities and how do we define our incident response process?
Questions like these are top of mind for CISO’s in any organization and the market “noise” around EDR, Threat Hunting, AI, Machine Learning are only making the decisions more difficult. Our panel of Detection and response experts will be available to answer any of your D&R questions.
Predicting Attack Paths in Real-Time - Jacques Louw
- Anticipating how threat actors are likely to attack an organization - often called attack paths - has proven extremely useful to assessing risk and designing organizational defenses. Recently, attackers have made significant advances identifying and navigating attack paths in large complex IT environments by using tools like Bloodhound and thus greatly decreasing the time to compromise highly privileged systems. This talk will explore the latest way to predict attack paths and how to adapt offensive techniques to support their identification in an efficient, automated way. We’ll also look at how this can be done in real-time, giving blue teams a fighting chance against modern threats.
Demystifying the Cloud: Applying Old Tricks to New Problems - Craig Koorn
- With 4000+ distinct permissions - and counting - understanding how access is managed within an AWS environment is often a daunting and time-consuming task requiring expert capability. Developing a comprehensive understanding of its intricacies can be a costly endeavor, while not doing so could prove more expensive. This talk explores new challenges cloud-based technologies present and how they can be approached by applying traditional offensive security testing concepts. Craig will showcase tooling we are actively developing to equip organizations with situational context.
Rethinking Response: Overcoming Challenges with Continuous Response – Jordan LaRose
- Today’s threat landscape has proven that it's inevitable organizations will be the target of a cyberattack. To combat this, most enterprise environments have sophisticated attack detection technologies in place, but almost every organization struggles with creating and maintaining a team capable of leveraging these technologies in an emergent incident. In this discussion, we’ll cover the challenges current IR teams face, how to solve those problems, and the new Continuous Response methodology. Come prepared to challenge what you know as an investigator and be ready to respond.
Attack Aware Applications- Ben Knutson
- The first step along the road to security is visibility. Attack aware applications offer a vision of how to build that crucial first step, and a framework for what comes next. Rather than building a firewall around an application, attack aware applications integrate detection and response into the core of an application's code. We'll be discussing the benefits and logistics of adopting this approach to application development, as well as looking at some of the first steps developers can take to build attack awareness into existing applications.
8:30 AM - Breakfast and Registration
9:30 AM - Welcome Remarks
9:45 AM - Threat Landscape Briefing
10:15 AM - Predicting Attack Paths in Real-time
11:00 AM - Coffee Break
11:20 AM - Demystifying the Cloud: Applying old tricks to new problems
12:00 PM - Attack Aware Applications
12:45 PM - Lunch
1:30 PM - Rethinking Response – Overcoming challenges with Continuous Response
2:00 PM - Panel Discussion: Attack Detection and Response
2:45 PM - Coffee Break
3:00 PM - United States Department of Homeland Security
3:30 PM - Securing the Future
4:30 PM - Closing Remarks & Networking Cocktail Reception
Due to the limited number of places available, please note that your registration is subject to approval and will be confirmed via email by a member of our team.
We hope to see you there!