At this year’s CloudSecNext Summit, you’ll have the chance to learn, connect, and share with thousands of cybersecurity professionals in attendance from around the globe. No matter your background or skill level, you’ll walk away from CloudSecNext Summit with interesting perspectives and case studies that challenge assumptions and result in a shift in your understanding.
Continuing Professional Education (CPE) Credits are earned by participation in the event!
- 6 CPEs are earned each day you attend the Cloud Summit
- 6 CPEs are earned for attending the Cloud Solutions Track on May 4th
- 1 CPE is earned for attending each Cloud Bonus Session on May 3rd and May 4th
Agenda | May 4th, 2022 | 8:00 AM - 6:00 PM PDT
Check-In Opens (and goes ALL DAY)
LOCATION IN HOTEL: HARBOR BALLROOMS G, H, I
Get checked in for the action-packed full day ahead and grab a bite to eat during our morning networking event and free breakfast!
FREE Breakfast Includes:
Welcome & Opening Remarks
AJ Yawn, SANS Instructor & Subject Matter Expert
The Largest Threat to Your Data You’re Not Aware of is Lurking in the Shadows
Shadow data is the new shadow IT and it's leaving undue risk and breaches in its wake. CISO anxiety comes from the fear of the unknown and data security teams have lost visibility to where their sensitive data is in the cloud. In this session you will learn...
Andy Smith, Chief Marketing Officer, Laminar
Understanding the 3 Essential Pillars: Cloud Native Security
With many organizations now deploying cloud native applications based on micro-services, using containers, VMs and serverless functions, they are faced with new security challenges and threats. Based on Aqua's experience with hundreds of cloud native implementations since 2016, we've come to the realization that any cloud native security strategy must address these three areas - the build phase of applications, the infrastructure on which applications run, and the workloads themselves. In this talk we will show how this holistic approach creates an opportunity to automate and improve security to previously unattainable levels, and the agility and acceleration it enables to drive digital transformation and cloud enablement initiatives.
Paul Romanek, Solution Architect, Aqua Security
Refreshments and Snacks Served:
You’re Not Looking for a Ransomware Solution
Ransomware has become one of the biggest challenges for every organization, and is now one of the most talked-about topics in the security industry. IT and security teams are being asked about how they’re protecting against ransomware, but the answer isn’t always straightforward. This is because there is no one silver bullet solution for taking on ransomware. Join Hank Schless from Lookout as he takes a step back and looks at the ransomware problem from a pragmatic standpoint. By breaking down the killchain and aligning its steps with broader initiatives you’re already working on, you can take care of this challenge piece by piece without feeling overwhelmed with questions from your executives and noise from the market.
Hank Schless, Sr. Security Solutions Manager, Lookout
Effective API Security Demands Application Context and Behavioral Analysis
Micro-services, cloud-native architectures, and API-driven applications have not only changed the speed of business innovation, they’ve changed what it takes to properly secure your applications. It’s no longer enough to secure apps by observing from the outside (like doctor’s did in Colonial times). Highly effective API security requires deeper knowledge about the applications and its users. Join Dan Gordon, API Security Evangelist @ Traceable AI to learn how to effectively secure against API attacks at scale.
Dan Gordon, Technical Evangelist, Traceable AI
Extending Endpoint Detection and Response to the Cloud
With the rapid adoption of cloud computing, cloud workloads are in the crosshairs like never before. To protect cloud assets, SecOps teams need to expand their traditional scope to also monitor cloud activity, block cloud attacks, and speed enterprise-wide investigation and response. Attend this session to learn how leading SecOps teams secure corporate resources across a dynamic and distributed environment.
Josh Zelonis, Field CTO & Evangelist, Palo Alto Networks
Converse with fellow cybersecurity attendees over a delicious lunch including assorted carving stations and sweet treats!
FREE Lunch Includes:
The Remote Access Security Landscape
With the rapid transition to remote work, the industry is racing to meet a variety of use-cases and requirements. Whether users connect over VPNs, zero-trust portals, or to public cloud applications, the expectations rarely change: responsive applications, efficient sign-on, and consistent access. This session will explore how remote workers are connecting to resources and the many ways the industry is securing those connections.
Christian Clasen, Technical Leader - Cloud Security, Cisco Secure
Why Wait? Find Cloud Risks and Threats in Real Time with Stream Detection
Cloud service providers offer cost effective and efficient collection and storage of cloud logs, which is a rich source of data for devops and security teams. Copying logs out of the cloud to query them later is expensive and complex to manage. With stream detection you can find risks and threats in real time and fix issues faster while saving time and money. Join us to learn how you can utilize Falco's real-time telemetry in your cloud native environment to enable smarter alerts faster and stay ahead of bad actors and malicious attacks.
Alexander Lawrence, Principal Security Architect, Sysdig
IT/OT Convergence: How to Leverage and Secure Cyber Physical Systems in the Cloud
Migrating IT applications to the cloud has become a relatively routine process, but, as more and more critical infrastructure becomes automated and digitized, cloud hosting and security of cyber physical data and applications pose different challenges. Data from Industrial IoT processes, surveillance cameras, point of sale systems, medical instruments or other process sensors and actuators can benefit from cloud-level economies of scale, but raise different sets of issues and benefits. After this session, you’ll walk away with an understanding of how to leverage and secure cyber physical systems and data in the cloud.
Gary Kinghorn, Senior Director, Nozomi Networks
Refreshments and Snacks Served:
Real world Use Cases for NDR in the Cloud
As we’ve learned from events like Sunburst and Log4Shell, network telemetry provides essential evidence for catching threats that other tools miss. Join us as we dive into real world use cases from the research team at Corelight -- the creators and maintainers of Zeek. You'll learn how the collection and analysis of cloud network traffic leads to better threat detection and faster response.
Vijit Nair, Senior Director of Product - Cloud Security, Corelight
Understanding and Prioritizing "True" Risks From an Attackers' Perspective
If you have a few hundred workloads running in the cloud, then you are most likely dealing with thousands of vulnerabilities and hundreds of misconfigurations. Given the volume of these security findings, it has become very challenging to prioritize the remediations. A single-dimensional view - the severity of the finding - is insufficient and will not reduce the overall risk of an asset. For example, fixing a remote code vulnerability on an asset not exposed to the internet may not reduce your risk. You need a multidimensional approach that combines threat vectors and asset relationships for effective prioritization. This session will discuss two concepts - external attack surface and attack path - that provide attackers’ view of your security. We will also discuss how you use these concepts for prioritizing your security findings.
Parag Bajaria, VP Cloud and Container Security, Qualys
Wrap-UpAJ Yawn, SANS Instructor & Subject Matter Expert
Happy Hour Reception
Enjoy some beverages (adult and otherwise) and small bites on us! Chat with fellow attendees and invited industry experts from the CloudSecNext and Security West events and enter for prize giveaways!
FREE Drinks & Food Served: