homepage
Open menu
Contact Sales

Threat Exposure Management Solutions Forum

  • Friday, 02 Dec 2022 11:00AM EST (02 Dec 2022 16:00 UTC)
  • Speaker: Chris Dale

Threat Exposure Management (TEM) is a new approach to security designed to help organizations identify, prioritize and manage unexpected risks or exposures. This approach differs from standard threat management practices by taking a contextual view of threats, focusing on establishing a process for how information is collected and integrated together to inform better and faster decision making. 

Though the term, threat exposure management, is new, the concepts behind it are not. Threat exposure management is about combining an organization’s existing asset and vulnerability management capabilities with a new suite of tools. This process is designed to close gaps and develop a process for determining attackability and reducing risk in a quick and logical way. 

This half-day event will bring together thought leaders, subject matter experts and practitioners to discuss, share and discover best practices for addressing the operational challenges associated with work-from-home transitions, cloud migrations, M&A, shadow IT and the rise of ransomware attacks.

Topics include:

  • Understanding Threat Exposure Management 
  • External Attack Surface Management
  • Eliminating Shadow IT 
  • Integrating ASM with SOAR, SIEM & TIP Platforms
  • Managing Third Party Risk

REGISTER AND WIN A CHANCE AT A FREE SANS COURSE!

As an added bonus, one lucky registrant will be chosen as the recipient of a SANS Course valued at $8200!! *** All event registrants will be entered in a drawing for a complementary SANS Course of your choice sponsored by Randori.*** (Travel & hotel expenses not included).

Join the SANS Solutions Forum Interactive Slack Workspace for this event (and all SANS Forums)! Connect once and you're set for all events in 2022!
Login to Register
Threat_Exposure_Management_Solutions_Forum_-_Reg_Page_(1).png

Sponsor

Randori_an_IBM_Company_secondary_lockup_pos_RGB_(9).png

Agenda | December 2, 2022 | 11:00 AM - 2:45 PM EST

Timeline (EST)

Session Details

11:00 AM

Welcome & Opening Remarks

Chris Dale, Principal Instructor, SANS Institute

11:20 AM

Exposure Management - The Integration of Threat Intelligence, Attack Surface and Vulnerability Management into Threat Management Programs

Threat management programs aiming to establish visibility, detection, investigation and response are becoming more complex as infrastructure and workforces expand and adapt. This not only makes threat management more challenging, but can also dramatically increase our exposure to attack. So how can we do a better job of proactively understanding and reducing the risks and exposures associated with this disparate environment, while simultaneously significantly reducing the stress on our threat management systems and teams? Join us to hear what we have learned from thousands of engagements in this developing field, which we are referring to as Exposure Management. This approach has the goal helping organizations reduce risk and inefficiencies and get the most out of the tools, processes and people that they have. All while enabling the business to evolve and thrive.

Sanara Marsh, Director, Product Marketing, Randori, an IBM Company

11:55 AMBreak
12:15 PM
Automating the Attacker’s Perspective - An Inside Look Into How Hackers Prioritize Targets at Scale

Join, Evan Anderson, Co-Founder & Principal Technologist at Randori, an IBM Company, for an exciting session that dives into the fast-paced world of offensive security. It’s clear from talking with hundreds of organizations that attackers and defenders often come to dramatically different conclusions around risk - even when looking at the same information. In this session, switch teams for a day as we pull back the curtain behind the system that keeps one of the world’s most advanced attack platforms on target 24/7/365. Through examples, Evan will show how Randori, IBM X-Force Red, (and real attackers) are leveraging AI and decades of experience to discover, classify and prioritize millions of targets daily across some of the world’s largest organizations. He’ll break down the 6 “tempting” factors every vulnerability team should be using to prioritize risk.

Evan Anderson, Principal Technologist, Randori, an IBM Company

12:50 PM
Shadow IT Elimination: 5 Workflows Every Security Team Needs

In this practical session, Randori Director of Product Marketing, Sanara Marsh, will break down 5 proven workflows, taken from most effective security teams, you can adopt to minimize your Shadow IT Risk. Attendees will gain in-depth insight into how to integrate ASM with vulnerability management, asset management, ticketing, threat intelligence and cloud providers. Each will include real-world examples of how companies like Air Canada, Lionbridge, NOV, and more are using these workflows to eliminate Shadow IT.

Isabella Rocha, Technical Product Marketing Manager, Randori, an IBM Company

1:25-1:40 PM
Closing Remarks

Chris Dale, Principal Instructor, SANS Institute

 

Related Content

Blog
N2C_blog_image.png
Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)
A Visual Summary of SANS New2Cyber Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024
370x370-person-placeholder.png
Alison Kim
read more
Blog
cti_blog.png
Cyber Defense, Digital Forensics, Incident Response & Threat Hunting, Industrial Control Systems Security, Penetration Testing and Red Teaming
A Visual Summary of SANS CTI Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS CTI Summit 2024
370x370-person-placeholder.png
Alison Kim
read more
Blog
Top_10_SANS_Summits_Talks_of_2021.png
Cybersecurity Insights, Digital Forensics, Incident Response & Threat Hunting, Cyber Defense, Cloud Security, Open-Source Intelligence (OSINT), Cybersecurity Leadership, Security Awareness, Artificial Intelligence (AI)
Top 15 SANS Summit Talks of 2023
This year, SANS hosted 16 Summits with 209 talks. Here were the top-rated talks of the year.
370x370-person-placeholder.png
Alison Kim
read more