Asset Management & Intelligence Solutions Forum

  • Thursday, 04 Nov 2021 11:00AM EDT (04 Nov 2021 15:00 UTC)
  • Speakers: Matt Bromiley, Lenny Zeltser, Chris Cochran, Jerich Beason, Ronald Eddings

As IT and security teams struggle to manage a complex sprawl of devices, users, cloud services, and software, there's one certainty we can rely on (thanks to the second law of thermodynamics): things will only get more complex.

But there's good news! What we previously thought of as "asset management" has evolved. Today, we have “asset intelligence”, which moves from a spreadsheet approach — focused on getting an inventory of devices — to an API-driven, always up-to-date way of seeing all assets through integrations of existing tools, data correlation at scale, and querying capabilities to find and respond to gaps.

Join this forum to learn how this new approach to asset intelligence and the emerging Cyber Asset Attack Surface Management (CAASM) category helps IT and security teams improve security hygiene, reduce manual work, and remediate gaps.




Agenda | 11:00 AM - 3:00 PM EDT



Session Description

11:00 AM

Welcome & Opening Remarks

Matt Bromiley, SANS Instructor

11:20 AM

What Do We Mean by Asset Intelligence?

As threats become more sophisticated, security programs and teams must evolve from reactive to proactive. This involves having a complete understanding of every asset and how it relates to the organization's security policy. Asset intelligence enables teams to aggregate, normalize, and query asset data to ask the questions required to keep an organization safe. Join this session to learn how asset intelligence improves security posture, promotes automation, and takes teams from reactive to proactive.

Chris Cochran, Creative Director, Media, Axonius

11:55 AM

Ready for a New Acronym? CAASM (What is it and Why it Matters)

Even with an overwhelming array of tools, IT and security teams struggle to manage and secure a complex sprawl of devices, users, cloud services, and software. Teams can move beyond the chaos of the asset challenge with a new approach - Cyber Asset Attack Surface Management (CAASM). CAASM enables organizations to maintain a comprehensive always-up-to-date asset inventory through API integrations with existing tools. In addition, organizations can leverage CAASM to query against the consolidated data, identify the scope of vulnerabilities and gaps in security controls, and remediate issues. Join this session to learn about how to approach this pervasive problem and how to reduce manual work so security and IT teams can focus on what’s important.

Matt Bromiley, SANS Instructor

Jerich Beason, Sr. Vice President, CISO, Epiq

12:30 PM


12:40 PM

Measuring The Effectiveness of Your Cybersecurity Program

There are endless variables and possibilities when it comes to measuring cybersecurity programs. And there's no shortage of data that security teams have at their disposal to inform metrics. So... where to start? How do you not only select metrics to track, but have confidence in the data that informs them? And once you have your foundation, what’s next?

Join this session with Lenny Zeltser, CISO of Axonius and SANS Faculty Fellow, to learn more about:

  • Common security metrics challenges
  • How to overcome measurement challenges and gain greater confidence in what you're measuring
  • Metrics frequently used to track progress across security domains such as vulnerability management, security operations and incident response, and more

Lenny Zeltser, CISO, Axonius

1:15 PM

What You Can Accomplish with a System of Record for Infrastructure

Despite the fact that every major cybersecurity framework lists asset management as the most foundational element, security teams still struggle with the downstream impact of incomplete, inaccurate, and outdated asset data. Without an accurate understanding of everything in an environment, all other initiatives suffer. However, It doesn't have to be this way.

Join this session to learn:

  • How security frameworks like the CIS 20 and industry-specific mandates like NIST and HIPAA approach asset management requirements
  • How previous approaches to solving asset management fall short
  • How cybersecurity initiatives like incident response, vulnerability management, and CMDB reconciliation are impacted
  • A new approach that leverages existing data to solve the asset management challenge for cybersecurity

Ronald Eddings, Creative Director - Education, Axonius

1:50 PM

Panel Session

Asset management is foundational to cybersecurity. Without an accurate understanding of everything in your environment, it’s impossible to see the bigger picture. But traditional approaches to compiling an asset inventory are manual and error-prone. They're time consuming — and as soon as you have one, it quickly becomes obsolete. Join this session for an interactive panel discussion on how getting the cybersecurity fundamentals right — including asset management — lays the foundation for success across the organization.

Matt Bromiley, SANS Instructor


Chis Cochran, Creative Director, Media, Axonius
Jerich Beason, Sr. Vice President, CISO, Epiq
Lenny Zeltser, CISO, Axonius
Ronald Eddings, Creative Director - Education, Axonius

2:35 PM


Matt Bromiley, SANS Instructor