Agenda | April 18, 2024 | 8:30AM-5:15 PM EDT
Timeline | Session Description |
---|---|
8:30 AM | Kickoff & WelcomeDave Shackleford, Event Chair, SANS Instructor |
8:45 AM | Session One | Planning and Operationalizing Microsoft CNAPPThe first step to a successful CNAPP adoption is to ensure that all design considerations applicable to your environment are included in the planning phase. In this presentation, you will learn the design principles of Microsoft CNAPP and how to plan this solution's adoption. You will also learn about the main use case CNAPP scenarios and how to operationalize those scenarios using Microsoft Defender for Cloud. Yuri Diogenes, Principal PM Manager, Microsoft |
9:25 AM | Session Two | Active Cloud Risk. How to Combat the Most Critical ThreatsCloud has changed the way we develop, deploy, and scale apps. Traditional perimeter and end-point security does not address the distributed and ephemeral nature of cloud and has huge blind spots for adversaries to go undetected. Active cloud risk is the most imminent threat security teams need to address. Even purpose-built Cloud Security Posture Management (CSPM) tools, relying on point-in-time assessments, fall short in detecting and mitigating these active risks. Alex Lawrence, Field CISO, Sysdig Puneet Kulshrestha, Security Engineering Lead, Amazon |
10:05 AM | Break |
10:20 AM | Session Three: SSE: Secure Access Everywhere. Even the CloudIn today's digital landscape, the cloud is no longer a new frontier, but a new normal. As businesses navigate this shift, the challenge of securing access to resources and applications becomes increasingly complex. This session will not only introduce you to the innovations of a Security Service Edge (SSE) platform, but also to a new perspective on cloud security. SSE is more than just a tool; it directly responsds to the paradigm shift in how we approach security in the cloud and datacenter. By enhancing user experience and simplifying security measures, SSE helps break down barriers and redeifines what's possible in the realm of cloud security, and secure aceess as a whole. Join us as we explore these complexities, challenge the status quo, and envision a future where secure access is a given, not a challenge. This is more than just an opportunity to stay ahead in the cloud security landscape - it's a chance to lead the way. John Spiegel, Director, Network Transformation (Field CTO), HPE Aruba Networking Darren Tidwell, Sr. System Engineer, HPE Aruba Networking |
10:50 AM | Session Four | Rethinking Least Privilege: How to Slash Your Cloud Risk OvernightIn practice, achieving true least privilege at scale is not just daunting; it's practically impossible. There are over 40,000 possible permissions across the major clouds; trying to build policies around them all is not sustainable. It’s time to redefine least privilege, by focusing on protecting only the most sensitive and impactful permissions. By concentrating on what truly matters—the permissions that, if misused, could cause the most significant damage— makes the principle of least privilege achievable for teams to implement. This approach avoids overly restrictive least privilege policies that strip developers of low-impact access they need to keep your applications moving. Join us as we dive into: * Which permissions pose the greatest risk to your own cloud * Practical strategies for focusing on the permissions that truly matter * Easing friction between Development and Cloud Operations Sandy Bird, CTO & Co-Founder, Sonrai Security |
11:20 AM | Session Five | Say Goodbye to Silos: Unify Your Cloud Security and Enterprise SecOpsAs more business-critical workloads are migrated to cloud environments, cloud security and security operations teams struggle to gain visibility and insight into the cloud risks that could jeopardize their business. Operational silos and disconnected tooling make it difficult to proactively identify high-risk issues and efficiently take the necessary steps to remediate them. But what if we could converge cloud security and SecOps into a single platform, with a single view of security events and data, to break down silos and manage the full lifecycle of cloud risks? Join us to learn how proactive and reactive cloud security practices are coming together, enabled by converged platforms that unite security and SecOps teams so that more experts can act on cloud issues. See how Google Cloud’s Security Command Center can identify risks in multi-cloud environments, prioritize the most serious ones, and get them into the hands of the right teams for quick remediation. By bringing cloud security and SecOps together we can make the cloud safer. Jason Sloderbeck, Group Product Manager, Google Cloud Security |
11:50 AM | Break |
12:00 PM | Keynote Session | Navigating Your Cybersecurity Career PanelAs the digital landscape evolves at an unprecedented pace, challenges and opportunities lie ahead for cybersecurity professionals. How will emerging technologies and artificial intelligence shape our industry? Will Artificial Intelligence take over cybersecurity jobs in the future? Join us for an engaging keynote panel featuring distinguished guests Candace Williams and Marie Galloway, as we navigate through the dynamic landscape of cybersecurity careers in the age of innovation. Gain valuable insight and advice on navigating your cybersecurity career as we delve into these compelling questions and more, offering a roadmap for success in this ever-evolving field. Speakers: Naomi Buckwalter, Executive Director, Cybersecurity Gatebreakers Foundation Candace Williams, Founder, Cyb(her) Ally Mari Galloway, CEO, Cyberjutsu |
1:00 PM | Session Six | Protecting your APIs from design to runtime with Defender for APIsAPIs are at the heart of modern application development and a prime target for cyber threats. During the session, we will explore the risks associated with APIs in today's cloud applications, identify best practices to protect APIs against vulnerabilities and data breaches, and early detection and remediation of vulnerabilities in pre-deployment and runtime. By the end of the session, you'll learn how to leverage Microsoft Defender for APIs for in-depth security posture assessment and real-time threat detection, ensuring a secure and resilient API ecosystem for your applications. Preetham Anand Naik, Senior Product Manager, Microsoft |
1:20 PM | Session Seven | Combat Active Cloud Risk in Your EnvironmentIn the cloud, two types of risk emerge - static, encompassing misconfigurations and policy violations, and active, including user activity, dynamic config changes, and permissions. This session will cover analyzing both static and active risk to prevent advanced cloud attacks, correlating events to prioritize imminent risks and mitigate real-time threats, and include a live demo showcasing strategies to combat active cloud risk. Jake Walker, Enterprise Sales Engineer, Sysdig |
1:40 PM | Session Eight | Cloud-Native with Confidence: Securing your Containers & KubernetesIn the ever-evolving realm of cloud-native development, prioritizing strong security measures is essential. With a growing number of organizations embracing containers and Kubernetes to run their applications, comprehending the expanded attack surface and implementing effective security measures is critical. This session confronts this challenge directly, offering best practices for establishing secure container and Kubernetes deployments. Attendees will acquire valuable insights and actionable strategies to strengthen their cloud-native infrastructure, enabling their applications to flourish securely and confidently. Martijn Baecke, Sr. Product Marketing Manager, Prisma Cloud |
2:10 PM | Session Nine | Securing the Skies: Navigating Cloud Chaos with Protective DNSEmbark on a journey through the intricacies of cloud application risks as we unveil the often-overlooked dangers associated with unsanctioned usage in the workplace. This talk discusses the challenges unsanctioned cloud applications present and ways DNS can be used to enforce application-level policies and further be a solution to fortify your digital defenses. Key Points: -Security at Stake: Delve into the potential security vulnerabilities and data breaches stemming from unauthorized cloud app usage. -Operational Turbulence: Examine the operational challenges organizations face due to the lack of centralized control and lack of policy enforcement of unapproved cloud app usage. -Unmasking the Phishing Threat: Explore how deceptive phishing tactics open the door to digital mayhem and how DNS can be used to strengthen defenses against these and other threats. -Compliance and Security Frameworks: Recognize that Protective DNS isn’t just a nice-to-have; it’s increasingly essential for staying compliant with big cybersecurity standards like ISO 27001, CMMC and NIST. Richie Wade, Sales Engineering Lead, DNSFilter |
2:40 PM | Break |
2:55 PM | Session Ten | Cloud Data Breaches - Leading Cause in 2023 & Prevention
We will start by exploring the leading cause of cloud data security breaches in 2023, shedding light on the vulnerabilities that threaten modern cloud infrastructure. From there, we'll walk-through prevention mechanisms in-terms of early risk assessments and the implementation of cloud-native security layers. We will discuss the critical nature of protecting cloud environments at the network and application layers and dive into how cloud-native security should integrate seamlessly with DevOps repositories and help foster team alignment and empower your different teams to proactively address security concerns without sacrificing agility or speed. Ava Chawla, Director of Cloud Security, AlgoSec Inc. |
3:25 PM | Session Eleven | Positioning Puzzles: The Detection & Response EditionOver the years, you’ve collected a significant number of tools for detection and response (D&R) – and you are likely to add in more. Fitting them all together ends up looking like trying to solve a giant jigsaw puzzle… albeit one where the pieces aren’t quite perfectly cut for the perfect solution to fit them all together! SIEM, EDR, UEBA… so many options. Some of the tools detect some of the threats some of the time. Sometimes there are gaps. Most of the time there is a great deal of overlap! Cloud complicates the problem by opening new territory for defense emplacement and more choice for detection approaches. Concepts related to “endpoint” and “edge” become less useful when considering this far larger, less well-defined surface area. The consequence of the right detections in the wrong place (or the wrong detections in the right place!) is not just a messy, unsolved puzzle. Instead it means you are vulnerable to attacks that may have otherwise been prevented. Join Dr. Anton Chuvakin, Security Advisor at Office of the CISO, Google Cloud, and Jay Lillie, VP of Customer Success at CardinalOps, as they look at a variety of threats and associated vectors in hybrid environments in order to help outline a set practices for getting the best fit out of the mixed pieces in your D&R inventory. Dr. Anton Chuvakin, Security Advisor at Office of the CISO, Google Cloud Jay Lillie, VP of Customer Success, CardinalOps |
3:55 PM | Session Twelve | Bringing DFIR Into the Cloud AgeWhile IT has seen unprecendented increases in the need for speed and scale, DFIR has not kept pace. Today's DFIR teams are forced to shoe-horn their current incident response processes for use in today's investigations across endpoints, servers, and the cloud. However a better and faster way to investigate and respond to cloud threats exists. This webinar explores the role of automation in amplifying your incident response strategy to incorporate a strategy for repeatable, automated investigations across endpoints, servers and the cloud. We'll discuss best practices for automating triage collection and full disk acquisition to increase efficiency and drastically reduce time to cloud investigation and response. Paul Stamp, VP of Products, Cado Security |
4:25 PM | Cloud Security Panel
Dave Shackleford, Event Chair, SANS Instructor Panelists: Yuri Diogenes, Principal PM Manager, Microsoft Preetham Anand Naik, Senior Product Manager, Microsoft Anna Belak, Director, Office of Cybersecurity Strategy, Sysdig Jamie Butler, Head of Runtime Protection & Response Strategy, Sysdig |
5:10 PM | Closing RemarksDave Shackleford, Event Chair, SANS Instructor |