Fall Cyber Solutions Fest 2024: Emerging Technologies Track

  • Wednesday, 06 Nov 2024 8:30AM EDT (06 Nov 2024 13:30 UTC)
  • Speaker:

Join us for the inaugural year of SANS Fall Cyber Fest Emerging Technologies Track! Are you interested in learning more about new cutting-edge technology in the cybersecurity industry? This is the place for you!

Learn from the best and brightest in the industry as selected organizations review their latest tools and solutions that will better equip you for your battle with the bad guys and assist you as your team works hard to keep networks safe from intrusions.

This one day track will feature a comprehensive collection of use cases, demos, and solutions for everyday cyber professionals looking to take their arsenal of tools and solutions to the next level. Don't miss this track on November 6, register now! 

What to Expect:

  • Expert-Led Sessions
  • Hands on Demos and Use Cases
  • Practical Solutions for Immediate Impact
  • Stay Ahead of Emerging Threats
  • Exclusive Access to Industry Leaders
  • CPE Credits

Additional Fall Cyber Fest Tracks:

Why Register?

  • Expert-Led Sessions
  • Flexible Attendance (Attend live or watch on your own time!)
  • On-Demand Access (Revisit sessions at your convenience!)
  • Connect with Industry Leaders
  • Build Your Professional Network
  • Exclusive Insights
  • Earn CPE Credits

SANS Slack:

  • Get connected with our event chairs, guest speakers, and fellow attendees for our 2024 events --> GET CONNECTED

Emerging Technologies.jpg

Thank You to Our Sponsors!

AB-Logo_Horz_rgb@2x.pngEndor Labs Logo - Vertical - Teal.pnglasso_logo_compressed.pngVanta_logo_filled_rgb_dark_purple.pngWitness AI Black Solid - Final.pngLogo_dark_RGB_(1).jpgFull Logo - 4 Color On Light@2x (1).png

Agenda | November 6, 2024 | 8:30AM - 1:00PM EDT

Timeline
(EDT)

Session Description

8:30 AM

Kickoff & Welcome

Chris Dale, Event Chair, SANS Instructor

8:45 AM

Session One | Dark Side of Open Source

There is a dark side to productivity with open source. In modern applications, the majority of code on which an application is built isn’t code written by your team. Modern applications are built on the backs of volunteer communities and open-source software. These volunteers and their software delivery practices all become potential attack vectors. The truth is that most organizations do not factor open-source supply chain attacks into their organization’s threat models today. To spread awareness on supply chain attacks so that organizations can scalably handle them, we propose baking supply chain attacks into existing threat modeling procedures and software development culture so that organizations can champion supply chain management of open source in the places where they are most impactful, at development time. We will present a clear and straightforward classification of attack vectors, based on hundreds of real-world incidents and reviewed by experts in the field. Then, we'll discuss various defenses you can implement to detect and respond to these attacks, tailored to your organization's level of maturity.

Darren Meyer, Staff Research Engineer, Endor Labs

9:15 AM

Session Two | Innovate or Integrate: The IGA Dilemma

While many organizations are eager to harness the benefits of generative AI for enhancing employee efficiency and improving customer experiences, their security and privacy departments often face challenges in balancing safety with innovation. Companies aim to enable their employees to work more effectively using AI while safeguarding confidential IP, customer data, and avoiding copyright violations. Simultaneously, they seek to deploy AI chatbots to better serve customers without the risk of providing incorrect information, being jailbroken, leaking internal data, or addressing unwanted topics. This session will explore these concerns and demonstrate how WitnessAI can address them effectively. Primary concerns include:

  1. Lack of Visibility: IT departments often struggle to track which AI systems their employees are accessing and how these systems are being used. The rapid proliferation of AI tools and projects further complicates maintaining an overview of AI activities within the organization.
  2. Lack of Control: AI technologies introduce new privacy and compliance challenges. These include ensuring training data from one client is not used for another, preventing unauthorized access to sensitive customer data within AI models, and blocking the sharing of company intellectual property with public AI systems. Addressing these issues requires robust governance measures.
  3. Lack of Protection: AI systems create new attack surfaces, increasing the risk of data breaches and financial loss. Common security threats include prompt injection attacks, jailbreaking of AI models, and the generation of incorrect or harmful outputs (hallucinations) by AI systems.

Abel Morales, Principal Security Engineer, WitnessAI

9:45 AM

Break

10:00 AM

Session Three | Welcome to the AI Wild West - Proactive Security Strategies for GenAI Deployments

As the adoption of Generative AI surges with 65% of organizations already integrating it into at least one business function, the race to harness its potential has never been more intense. However, this rapid deployment brings a new wave of security challenges that many companies are unprepared for. Lasso Security’s advanced AI Firewall and Shadow LLM monitoring are designed with your needs in mind, offering protection for your GenAI applications. Whether you're looking to safeguard sensitive data, maintain compliance, or ensure the resilience of your AI-driven initiatives, our solutions provide the peace of mind you need to confidently deploy and manage GenAI in your organization. This session and live demo will explore: The importance of a GenAI-specific security approach for LLMs

  1. How to deploy Lasso’s solution suite for GenAI Chatbots and AI Firewall to block and
  2. Mitigate existing and emerging attacks
  3. Strategies for enhanced RAG security with Lasso’s Context-Based Access Control (CBAC)
  4. Best practices for monitoring and securing generative GenAI interactions in real-time.

Elad Schulman, CEO and Co-Founder, Lasso Security
Ophir Dror, CPO & Co Founder

10:30 AM

Session Four | Confronting Cyber Risk as a Connected Organization

This session will explore the evolving cyber risk landscape, organizational collaboration to address issues, the roadblocks to progress, and keys to creating a risk-aware culture. The demonstration will cover: - Using a unified risk taxonomy to provide end-to-end visibility and a single language for enterprise risk. - Creating a common controls library to drive efficiency. - How connected control assessment/testing results provide a more complete and accurate view of control effectiveness and residual risk. - How to leverage evidence requests across SOX, IT compliance, and internal audit to reduce burden on the business and save time. - Using shared issues to improve visibility and provide a better understanding of the full impact of issues across various risk domains. - Enabling inventory-level visibility for stakeholders to facilitate a more risk-aware culture.

Richard Marcus, CISO, AuditBoard

John Duffield, Manager of Product Solutions, AuditBoard

11:00 AM

Session Five | The New Way to GRC: Leveraging Automation and AI

Gone are the days of manual audit evidence collection and point-in-time compliance status checks. Join this session to see how you can automatically collect evidence, continuously monitor controls, and showcase your security and compliance achievements in real time. Gain best practices to meet your compliance needs fast and effectively, and see real-world examples for frameworks like SOC 2, HIPAA, ISO 27001, and more.

Lauren Wade, Senior Manager, Product Marketing, Vanta

11:30 AM

Break

11:45 AM

Session Six | Validity Details Coming Soon!

Session Details Coming Soon!

12:15 PM

Session Seven | Sponsor in Stealth Mode! Announcement Coming Soon!

Session Details Coming Soon!

12:45PM

Session Eight | MirrorTab Details Coming Soon!

Session Details Coming Soon!

1:15 PM

Closing Remarks

Chris Dale, Event Chair, SANS Instructor