2023 Spring Cyber Solutions Fest

FREE VIRTUAL EVENT Friday, June 9, 2023 Explore the latest cyber security solutions, tools, and techniques being used by professionals of all levels to combat today’s threats at this free virtual event. Join us Live Online.

Event Agenda | Insider Threat, Phishing & Malware Track

Join us virtually from 10:30AM - 2:30PM ET to access all of the sessions and live chats that we have in-store for this event!
Timeline (EDT)Session Details
10:30AMWelcome & Opening Remarks
Chris Dale, Event Chair, SANS Institute
10:45AMSession One | Defending the Perimeter Within: Understanding and Combating Insider-Driven Malware Threats
This session will explore the complex interplay between insider threats and malware attacks. We will start by examining the different types of insider threats and how they contribute to the spread of malware, touching on negligent and malicious insiders. Then, we will explore the behavior of prevalent malware distributed via phishing emails and USB media devices. By analyzing real-world malware in a sandbox environment, attendees will clearly understand these threats' behavior.By attending this session, you will learn the following:
  • How the insider threats contribute to the spread of malware
  • What analysts should look for when analyzing the behavior of real-world malware samples
  • How to extract valuable threat intelligence from malware samples to respond to insider threats more effectively
Ben Abbott, Security Solutions Engineer, US Team Lead,VMRay
Fatih Akar, Security Product Manager, VMRay
11:25AMSession Two | Who’s Attacking Whom? Learn How to Prevent and Mitigate Insider Threats
External attacks aren’t the only threats to your business. Malicious, negligent, and compromised employees also create significant risk. Many security teams lack the visibility and tools they need to rapidly detect and mitigate insider threats.
Join Devo to learn how to:
  • Identify the different types of insider threats so you can increase awareness throughout the organization
  • Understand how attacks such as phishing and malware impact everyone in the business
  • Apply best practices to detect and mitigate insider threats by leveraging SIEM, SOAR, UEBA, and AI
Chaz Lever, Senior Director of Security Research, Devo Technology, Inc.
12:05PMBreak
12:20PMSession Three | How to Use Anomaly Detection for Better Threat Detection—Especially in the Cloud
What’s the advantage of anomaly-based threat detection? We're sharing examples of things anomaly detections catch, but rules-based detections are blind to. Learn how Uptycs engineers detections for scaling cloud environments and ways to hone them. We'll discuss security examples that show how anomaly detections outperform traditional methods of threat detection, including a cloud supply chain incident, and associated third party risks that are increasingly prevalent in cloud accounts.
You'll learn how to:-Uncover alerts found using anomaly detections that were missed by traditional detection methods-Use anomaly frameworks to secure supply chain and address insider threats and third-party access use cases
Craig Chamberlain, Director of Algorithmic Threat Detection, Uptycs
12:50PMSession Four | Automating Your Response to Phishing Attacks
Phishing scams are an ongoing, persistent problem for security teams as today's most pernicious cyberattacks, including ransomware and credential theft, are delivered via a phishing email. To underline this, the latest FBI Internet Crime Complaint Center (IC3) report, identifies phishing as the top incident reported in 2022, with an associated dollar loss of $52 million. Join us for this session to find out how you can streamline response to phishing attacks and leverage machine learning to predict and anticipate future attacks. Life is short, so don't waste it chasing phish, and spending needless hours dealing with phishing incident cleanup. Let us show you how you can drastically cut the time spent on phishing incidents by up to 80 percent.

Emran Mazumder, Technical PMM, Palo Alto Networks
1:20PMBreak
1:35PMPanel | Beyond Firewalls: Navigating the Complexities of Cybersecurity
As cyber threats continue to evolve, traditional approaches to cybersecurity are less and less efficient. While firewalls have long been a cornerstone of network security, they are just one piece of a larger puzzle. Today's organizations must contend with a wide range of threats, from phishing and malware to insider attacks and sophisticated cybercriminals. This panel discussion will explore the complexities of modern cybersecurity and offer insights into the latest strategies and technologies for defending against cyber threats. Join us as we go beyond firewalls and delve into the cutting-edge approaches that are driving the future of cybersecurity.
Moderator:
Chris Dale, Event Chair, SANS Institute
Panelists:

Fatih Akar, Security Product Manager, VMRay
Chaz Lever, Senior Director of Security Research, Devo Technology, Inc.

2:20PMClosing Remarks
Chris Dale, Event Chair, SANS Institute

Event Agenda | Zero Trust Track

Join us virtually from 10:30AM - 1:45PM ET to access all of the sessions and live chats that we have in-store for this event!
Timeline (EDT)Session Details
10:30AMWelcome & Opening Remarks
Matt Bromiley, Event Chair, SANS Institute
10:45AMSession One | Why Full Packet Capture Data is the Ultimate Verification for Zero Trust
Zero-trust is one of the most talked about policies or cyber security best-practises in the industry, but in reality organizations are trying to figure out what it really means for their business.

What exactly is the zero-trust model all about? And how can we simplify it down to make it meaningful for our teams and implement realistic processes and tools around it?

We will cover some of the most important concepts and some suggestions for your team to walk away with.
Michael Morris, Director of Technology Alliances, Endace
11:25AMSession Two | The Ultimate Guide to Zero Trust Access for the Hybrid Workforce
The hybrid workforce is here to stay, but so are the security challenges that come with it. How can you protect your users, devices, and data from threats that can originate from anywhere and anyone? The answer is Zero Trust access, where trust is never assumed and connections are established based on context. In this session, you will learn
:

  • What Zero Trust access is and why it is essential for the hybrid workforce
  • How to implement Zero Trust access principles leveraging a Security Access Service Edge (SASE) architecture

  • How to start your SASE journey with SSE, the fastest growing category of cloud-based security solutions

  • Where to prioritize Zero Trust access and how to continue it’s maturity and effectiveness

Register now and learn how to achieve secure and productive hybrid work with SASE and become a zero trust expert.

John Spiegel, Director of Strategy and Field CTO, Axis Security
Jaye Tillson, Director of Strategy, Axis Security
Darren Tidwell, Solutions Architect, Axis Security
12:05PMBreak
12:20PMSession Three | Least Privilege Access: The Most Important, Yet Out of Reach, Pillar of Zero Trust
The principle of least privilege is the north star for workforce access management, but can feel out of reach for most. In this session we’ll break down why it’s the most important yet underrated pillar of zero trust and the steps you can take to implement it right now. Join Alex Bovee, CEO and cofounder of ConductorOne, to dive into 3 practical steps towards least privilege:
  1. Know WTH is Going On: Recurring audits to understand identity and permissions as your business changes
  2. Marie Kondo It: Have less stuff by migrating from standing to just-in-time access
  3. Right Size Your Permissions: Establish guardrails for new and existing roles, groups, and apps
Alex Bovee, CEO and cofounder, ConductorOne
12:50PMSession Four | Unifying Security for the Hybrid Workforce: A Paradigm Shift with Versa Zero Trust Everywhere

As our workforce evolves to a hybrid model, security organizations are grappling with how to manage secure network access for users who split time between home and office. While cloud-delivered Zero Trust Network Access (ZTNA) solutions are being widely adopted to secure remote users, onsite branches and campuses continue to utilize a less-secure/more implicit trust model using legacy Network Access Control (NAC) solutions. Come learn: 

  • Challenges with today’s “two model” system for securing network access 
  • Zero Trust requirements for ONSITE workers 
  • Approaches for deploying Zero Trust for onsite workers 
  • Benefits of adopting a Zero Trust Everywhere approach
Dan Maier, CMO, Versa Networks

Jon Taylor, Director and Principal of Security, Versa Networks

1:20PMSession Five| 5 Stage Approach to Zero Trust Security in OT
Zero Trust Architecture (ZTA) is a powerful yet often misunderstood concept and its suitability for OT environments like ICS and SCADA is often unclear to practitioners. However, as these concepts start to make their way to OT-relevant regulations and standards like the TSA Security Directives and NIST SP 800-82, it is becoming more important for OT security practitioners and leaders to get up to speed and consider this approach in their OT security strategy. This session covers the applicability of ZTA in Industrial OT environments and a 5-stage approach to realizing this powerful framework.

Del Rodillas, Senior Director of Product Management, Industrial Cybersecurity, Palo Alto Networks
1:50PMBreak
2:05PMZero Trust Panel
Moderator:
Matt Bromiley, Event Chair, SANS Institute
Panelists:
Michael Morris, Director of Technology Alliances, Endace
John Spiegel, Director of Strategy and Field CTO, Axis Security
Jaye Tillson, Director of Strategy, Axis Security
2:50PMClosing Remarks
Matt Bromiley, Event Chair, SANS Institute

Platinum Sponsors

Thank you to our sponsors who are making a difference in the cybersecurity community.

What 2022 Attendees Say

"You all at SANS have done a smashing job putting this together! I am learning and having a great time with all of it."
"This was so informative thank you very much SANS for this wonderful first day of the event! Looking forward to the second day!"
"I don't remember all the people that I have seen, but everyone get's 5 stars. I have really enjoyed all the presenters (SOC & SOAR, Cloud-Security) where I participated in. I've really had an awesome experience."

    Cyber Solutions Fest 2023 | Fall

    In 2023, we are hosting two Cyber Solutions Fests. Get ahead of the game and learn more about the five fabulous tracks that will be featured during this three-day virtual event on October 25 -27. Click the button below to register now.