2022 SANS Solutions Forum - A Practical Journey Towards Zero Trust Adoption

There is no doubt that Zero Trust has become one of the main topics in the cybersecurity industry. Since the US Federal Government mandated agencies to accelerate the adoption of Zero Trust and issued detailed guidelines on implementing a Zero Trust Architecture in the second half of 2021, Zero Trust has become both the ‘de facto’ cybersecurity approach and a controversial concept used by some as a marketing ploy.

But what is Zero Trust really about? The broad theme of Zero Trust is about reducing implicit trust throughout the enterprise. It is a model that can be best described as a journey towards better information security. A journey to takes organizations from an old non-defensible architecture based on compliance, controls, and a static protection oriented mindset, to a defensible security architecture based on continuous, contextual verification, dynamic threat informed defense, and risk-based adaptive trust.

Join Ismael Valenzuela, author and lead instructor of Security 530: “Defensible Security Architecture and Engineering: Implementing Zero Trust for the Hybrid Enterprise”, as he chairs the 2022 SANS Zero Trust Forum, where we will address tools, solutions and technologies that can provide the telemetry, detection, automation, orchestration and intelligence needed to support a journey towards adopting a Zero Trust model.



Anjuna logoAxis_Wordmark.pngLogoLockup_Horz_RGB_Blue_190103.pngCorelight_Transparent.pngCyolo_Logo_Colors-Green_and_Black.pngDelinea_Logo_-_Purple.pngNEW-duoLogo-web.pngEclypsium_Logo_Full_Color.pngJuniperOne_logo_2.pngLookout-Logo-RGB_®_Primary-Horizontal-Logo.pngPerimeter81_logo.pngrapid7.pngsophos logoCopy_of_Styra_Logo_Horizontal_Blue_1000px_RGB_72dpi-01.pngsysdig_logo-black_with_tagline.pngZscaler_BrandAssets_LogoLockup_Blue.png

Agenda | November 18, 2022 | 9:30 AM - 5:00 PM EST

Timeline (EST)

Session Details

9:30 AM

Welcome & Opening Remarks

Ismael Valenzuela, Senior Instructor, SANS Institute

9:45 AM

Sharing Security Signals: Improving Access Control by Working Together

In this talk, we’ll revisit a fundamental component of workforce access: the session. Sessions dictate just how long a user maintains their privileges – making it a core part of access control. Unfortunately, security vendors often can't communicate their information effectively or dynamically to decisions regarding the session. There is network context that doesn’t affect identity decisions or device signals that don’t affect workload decisions. Join us to learn a method for sharing relevant security signals across different access and detection points in real time. Moreover, you’ll learn how sharing signals will improve security resiliency via use case demonstration.

Nancy Cam-Winget, Fellow, Cisco Secure

10:20 AM

Data Sensitivity Impacts on Zero Trust Implementation

Not all zero trust is created equal.  In this talk, Andy will discuss how organizations are implementing a zero trust framework, and how the importance of data classification applies to implementing the proper level of control in a modern environment.

Andrew Olpin, Cyber Solutions Architect, Lookout

10:55 AM

How to secure a modern remote workforce, VPN vs. ZTNA

As businesses large and small look to evolve their digital and remote access strategies, the technology supporting cybersecurity has to evolve, too. That’s why organizations worldwide are shifting towards adopting Zero Trust Network Access (ZTNA), giving them the ability to increase security while enabling flexible remote work with modern remote access technologies.

You probably have questions, starting with “How does ZTNA compare to VPN?”

Join us as our cyber experts take a deep dive into ZTNA to address:
● What ZTNA is and how it works
● Why ZTNA is critical to the future of cybersecurity
● What to look for in a ZTNA remote access solution for your organization

Andrew Mundell, Principal Security Engineer, Sophos

Chris McCormack, Director, Product Marketing Sophos

Rob Andrews, Director of Product Management, Sophos

11:30 AM


11:50 AM

Understanding the One True Zero Trust Architecture

Essential to any business and is revolutionizing how they connect users and devices, protect data, and access tools and applications. However, understanding zero trust and its true architecture can get confusing since security vendors are falsely claiming to deliver zero trust architecture to be able to retrofit their point products or legacy architectures. In this session we’ll walk through:

  • What zero trust is and how it has evolved
  • Seven elements of a highly successful zero trust architecture
  • Why a comprehensive zero trust architecture matters
  • The unique approach to deliver Zero Trust effectively

Ankit Gupta, Senior Product Marketing Manager, Zscaler

12:25 PM

The Journey to SSE/Zero Trust 2.0

Due to the growth of “Cloud” over the past ten years, organizations have moved from the data center to “centers of data”. As applications are now distributed, the networks and security solutions have become more complex and brittle. Adding fuel to this fire of complexity, network and security solutions must now address the demands of the hybrid workforce. In this talk, John and Jaye will discuss how you can use Security Service Edge in a simple way to solve some of the complex network security problems no matter how large your organization.

John Spiegel, Director of Strategy, Axis Security
Jaye Tillson, Director of Strategy, Axis Security

1:00 PM

Why Microservices Authorization Is Critical To Achieving Zero Trust

The proliferation of cloud-native technologies creates a significantly more complex attack surface for enterprises to defend, making a zero-trust security strategy more crucial than ever. In building defense in depth, there is great value in applying policy-as-code authorization to microservices applications, which enables continuous authorization checks based on contextual data across a multitude of application components. In this session, you’ll gain valuable insights into:

  • Policy-as-code authorization concepts and best practices
  • How authorization can be implemented to govern both application east-west traffic and north-south traffic
  • How authorization satisfies core Zero Trust requirements

Sandy Kapoor, Senior Director of Engineering, Styra

1:35 PM


1:45 PM

The Zero Trust Advantage for Medium-Sized Companies

In this session we will cover how medium-sized companies can leverage Zero Trust principles to successfully meet the digital transformation and remote work challenges. On one hand, the shift to hybrid work models is requiring secure employee connectivity from all possible locations: office, home, and on the road. On the other hand is the shift of applications to the cloud, requiring consistent security across physical, public cloud and SaaS environments. The right Zero Trust approach can help medium-sized companies to simply and securely transition to the future.

Amit Bareket, Co-Founder and CEO, Perimeter81

2:20 PM

Who Watches the Watchers? Why Zero Trust Requires Uncompromising Network Visibility

On the road to Zero Trust you've taken steps like segmenting your network, implementing multi-factor authentication, and instrumenting least access privileges.  Zero Trust, however, is not a destination, but a continuous practice and one that "requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses" according to NIST cybersecurity guidance. Attend this webinar to learn about the crucial role network monitoring plays in establishing this operational picture and how you can best leverage it to ensure ongoing compliance with your Zero Trust goals.

John Gamble, Sr. Director of Product Marketing, Corelight

2:55 PM


3:05 PM

Hybrid Mesh Security: Your secret weapon on the path to Zero Trust

Every environment is unique. Most use both on-premises and cloud-based architectures to distribute edge and data center networking and to provide security. The processes and tools used to implement zero trust principles must accommodate hybrid networks and span architectures to protect data, access, and infrastructure simultaneously. This is the concept behind hybrid mesh security.

In this session, learn what hybrid mesh security is and see examples of how this new security architecture helps implement zero trust for users, devices, workloads, and network environments.

Mike Spanbauer, Field CTO, Security, Juniper Networks

3:40 PM

Zero-trust Should Extend to Security Vendors, Right?

We all get it, we need a zero-trust strategy. But why do security vendors, and their tools, require us to trust them? What happens if they are breached? This session will cover common ways your data could be exposed by a 'trusted' vendor during your zero-trust journey.

Samuel Hill, Director of Product Marketing, Cyolo

4:15 PM

Align Your Cloud Security Plan with the Cyber Security Exec Order

The timeline to modernize cybersecurity for both the public and private sectors is accelerating because of the growing number of global security breaches. Over 98% of organizations have experienced at least one cloud data breach in the past 18 months, costing an average of $4.2M. The Cybersecurity Executive Order is a critical indicator that the US takes this seriously and understands how important it is to be proactive in securing the cloud. The way applications are developed and deployed (in the cloud and on containers), means looking at cloud security, Zero Trust architectures, and regulatory compliance in order to meet the mandates, keep moving ahead of the hackers and reduce risk.

Join Sysdig’s Branden Wood, federal ambassador and Technical Engineer, Ryan O’Daniel, as they discuss:

  • The security measures outlined in the Executive Order for containers and cloud
  • Implementing a Zero Trust approach with Kubernetes network security
  • Steps to set up and continuously validate a compliant, cloud-native environment
  • The importance of incident detection, response, and forensics for your cloud-native workloads.

Branden Wood, Senior Director, Federal Ambassador, Sysdig

4:50 PM


Ismael Valenzuela, Senior Instructor, SANS Institute