Spring Cyber Solutions Fest 2024: Emerging Technologies Track

8:30 AM

Kickoff & Welcome

Dave Shackleford, Event Chair, SANS Institute

8:45 AM

Session One | What Happens When Security Operations Meets the Cloud?

For security operations and incident response teams, modern multi-cloud infrastructures – AWS, Azure, GCP, Okta, and more – bring increased complexity, massive scale, and the need for specialized skills which are in short supply.

Leveraging the cloud’s centralized control plane, attackers can now rapidly execute multi-step attack chains using stolen or exposed credentials to escalate privileges, create new instances and buckets, delete backups, and exfiltrate data - all with just a few API calls.

In this session, led by the CTO and co-founder of Gem Security, we’ll discuss how the cloud changes our mindset and tooling for security operations and incident response. We'll explore:

-Why the scale and diversity of cloud services require new approaches to log ingestion, monitoring, and correlation; detection engineering; noise reduction; and forensic investigation.
-The need to define automated playbooks and cross-functional processes
-Why Cloud Security Posture Management (CSPM) alone is not enough
-How to shift your SecOps team's mindset and prepare for threats in the cloud

Register to join us for a live demo and so much more!

Ron Konigsberg, CTO & Co-Founder, Gem Security

Session Two | Scaling your GRC Program with Automation & AI

For security professionals, gone are the days of managing audits and security reviews out of spreadsheets. Over 7,000 organizations use Vanta to automate compliance, unify risk management, and streamline security reviews with AI. Learn how to successfully scale your program with automated evidence collection, AI-powered security reviews, and intelligent reporting.

Natalie Hurd, Sr. Technical Product Marketing Manager, Vanta

9:45 AM

Break

10:00 AM

Session Three | Tactical Attack Surface Intelligence - What, Why, How

Often understaffed, security teams are overwhelmed by volumes of threats, false alarms, and exposures concerning assets under management and often unknown, at risk devices, systems, and connections. Despite all the countermeasures and controls, security analysts assemble tools and threat intelligence feeds to ascertain their attack surface, and then examine multiple data points and make inferences to initiate appropriate corrective and preventative actions - often too little and too late to effect impact or prevent damage. The lack of validated, pertinent, and transparent tactical attack surface intelligence also makes it problematic to effectively assess one's actual security posture, and by extension, understand true third-party cyber risk.

Cogility TacitRed™ empowers security analysts to take immediate, decisive actions to mitigate impactful cyber exposures by taking advantage of unparalleled, always-on tactical attack surface intelligence - fully curated, prioritized, specific, and detailed. This is next-level.

This session and live demo will explore:

- The advantage of on-demand curated intelligence vs. query-based inference

- Means to instantly examine compromised and at-imminent-risk assets

- Depth of threat scoring, prioritization, attack chain stage, and exposure contextualization

- How to expedite incident response and reduce supply chain risk

- Evidence required for proactive mitigation and breach blast radius reduction

Jeremy Turner, Cogility TacitRed, Head of Cyber and Risk

10:30 AM

Session Four | Browsers are the New Battleground: How MirrorTab Protects Web Apps and Customer Trust

Your customers rely on your business and online services, trusting in the safety of their interactions with your web app, yet every interaction is vulnerable.

What if customers knew that attackers could easily interject themselves between your web application and their browser interactions for every login, business transaction, and engagement? Would you protect them from these growing client-side attacks if you could? Customers trust you to protect them, yet all of their interactions are at risk. Hackers can easily interject themselves to view sessions, all data entered or viewed, credentials, sensitive and personal information, through client-side attacks with just a few lines of harmful code in a browser extension or on their client device. But, what if you could immediately remove this entire attack surface using advanced technology?

This session will explain how hackers hijack customer sessions with bad extensions or malicious code, viewing sensitive data, credentials, credit card information, and any data passed into your web application as plain-text. We will demonstrate the latest technology available to protect web applications and customer interactions without writing or adjusting any code from these web-based threats. Hackers are able to sit between your web application and customers' interactions, interjecting themselves into sessions to pry into all information and data as plain-text by manipulating the Document Object Model (DOM). Browsers are the new battlegrounds; discover how MirrorTab’s advanced technology can help protect web apps and maintain customer trust.

Brian Silverstein, Founder and CEO, MirrorTab

11:00 AM

Session Five | I Scream, You Scream, We All Scream For Third-Party IOCs

When I was a security analyst for a major US bank, it took entirely too long to scope and remediate risks posed by breached third-party apps that were connected to my employer’s systems. I had no central place to manage all those app connections, nor tools to monitor their behavior—let alone something that helped me remediate those issues quickly. It was not fun.

Join Lauren Lee, a former security analyst, as she demonstrates how she is able to discover and investigate IOCs in the third-party applications your org has connected to one another. Lauren will then go on to demonstrate how the issues can be remediated within as few as two clicks.

You’ll learn how to:

- Determine which apps are connected to a breached third-party app

- Quickly spot IOCs in API Logs without becoming an expert in hundreds of apps

- Analyze IP Addresses with enhanced threat intelligence

- Quickly share recommended remediation steps via your ITSM and via Slack/Teams messages with an app business owner

Lauren Lee, Product Marketing Manager, Vorlon

11:30 AM

Break

11:45 AM

Session Six | DDR – Will the real response platform, please standup. The need for data security with real-time remediation.

As companies are modernizing their business process, moving enormous amounts of data into the cloud, this creates significant gaps in visibility and controls on who is exposed to private data and where sensitive data lands. Traditional technology stacks assume data follows linear paths and mainly tackle static stored data. Also, most “response” technologies sound the alarm bell without actually automating remediation.

Votiro’s first-of-its-kind Data Detection & Response remediates Privacy and CyberSecurity risks in real-time anywhere data moves. This alternative to existing data security solutions remediates the problem immediately, and lets you proactively prevent these threats instead of fixing data exposures after the fact.

This session with in-depth demos includes:

-Privacy and cybersecurity risk prevention in real-time – anywhere data moves including through collaboration tools like MS Teams, via uploads, browser downloads, and third-party applications (Github, ATS Systems, SFDC).

-How to discover blind spots in your data and prioritize where your crown jewels are at risk.

-Learn how adjacent technologies such as EDR, XDR, SSE, email security & Cloud security become more effective when sitting side by side with Data Detection & Response.

-How to protect data throughout its journey (from its entry to your network – to being shared throughout your organization)

Eric Avigdor, VP of Product, Votiro

Session Seven | Generative AI Rocks! How to Safeguard Tomorrow's Innovations

Organizations worldwide are embracing the transformative power of Generative AI (GenAI) to drive innovation, with an astonishing 79% already leveraging these technologies. The swift rise of Large Language Models (LLMs) signals a shift in innovation, establishing them as a disruptive force across all sectors.

However Growing concerns surrounding security, risk, trust, and compliance accompany this technological progression. From prompt injection, sensitive data leakage, model poisoning, and supply chain vulnerability, a new exotic threat landscape emerges. Are you prepared for what's in store?

Get ready to ride along with Lasso Security into emerging trends of Large Language Models (LLMs) Security:

-Top threats in GenAI and LLM security

 -Why conventional security tools fall short in safeguarding LLMs

-Best practices for effectively securing your organization in the new GenAI era

Elad Schulman, CEO and Co-Founder, Lasso Security

12:45 PM

Closing Remarks

Dave Shackleford, Event Chair, SANS Institute