Cyber Solutions Fest: Level Cloud Security

  • Webcast Scheduled to Air Friday, 22 Oct 2021 8:30AM EST (22 Oct 2021 12:30 UTC)
  • Speaker: Shaun McCullough

You are entering Level Cloud Security at the SANS Cyber Solutions Fest 2021.

This full-day session, led by SANS cloud expert Shaun McCullough, will explore innovative cybersecurity solutions that can help security teams adapt to cloud deployments in areas such as network security, threat intelligence, container and serverless security, and many more. The focus we need to look at is what comes next in Cloud Security?

Day 2 Keynote: Diversify and Conquer with Diana Kelley will be presented on this level.




Agenda | 8:30 AM - 5:00 PM ET

Featured Presentations
Get in Shape to Fight Cloud Attacks - Posture Assessment and Beyond

The pandemic and digital transformation-driven accelerated cloud migration has created a new attack surface for cybercriminals. Fast-paced migration, lack of cloud skills, and the agility of DevOps have made it difficult for organizations to maintain visibility, compliance, and threat defense capabilities. Multi-cloud and multi-platform complexity has made this even harder, with each cloud having its own jargon, services, naming, and architectural differences.

Many on-premises security tools are anti-patterns in the cloud and cannot be easily shoehorned in. In response, organizations have been deploying a new suite of posture assessment tools that aim to minimize attack surface with periodic static checks on the cloud control plane and in some cases vulnerabilities. However, modern cloud threats with complex, multi-stage kill chains and supply chain code injection cannot be mitigated just by compliance and configuration checks. It is also common knowledge that vulnerabilities remain in production workload weeks and months after being known and even more so in instances that are not publicly reachable. To get in fighting-fit shape to tackle cloud attacks today’s cloud ninjas have to go beyond the basics of posture management.

In this talk, we discuss how security can be injected into the build-ship-run cloud-lifecycle with automated guardrails to maintain visibility, compliance and threat detection. How to do this despite multi-cloud complexity and without adding onerous requirements on developers and DevOps. We show how this approach that focuses not just on configuration but also runtime behavior empowers DevOps and SecOps to maximize coverage based on the MITRE ATT&CK framework for IaaS, Serverless, Containers and Linux/Windows cloud platforms.

Security-as-Code: A New Approach to Cloud Security

Security organizations are facing the existential threat that their security and compliance practices are quickly becoming obsolescent in the face of rapid cloud deployments. Legacy security tools were simply not designed to secure modern cloud environments. They fail to keep pace with agile cloud DevOps practices and neglect cloud-native technologies including Infrastructure-as-Code, containers and Kubernetes. A new approach to cloud security is needed.

Join John Steven, Concourse Labs CTO and co-author of the BSIMM study, as he shares his hands-on experience implementing security-as-code architectures and demonstrates best practices for developing security policy and controls, to automate DevSecOps and runtime cloud security.

Expect insight on how to:

  • Create security policies as code.
  • Seamlessly integrate security guardrails into CI/CD pipelines.
  • Continuously monitor cloud runtime to detect drift, attack and misuse.
6 Cloud Security Risks Hiding Inside Your Cloud Estate

Public cloud providers like AWS, Azure, and GCP enable you to deliver new products and capabilities at breakneck speeds, but how do you balance speed to market against compliance mandates and risk – do you have to choose? Join Patrick Pushor, Technical Evangelist at Orca Security, for a fast-paced session as he takes you through best practices, and pitfalls to avoid in securing public cloud infrastructure.

We'll explore:

  • 6 risks hiding inside every public cloud estate
  • How to get instant-on, workload-level visibility across 100% of your AWS, Azure, and GCP assets
  • The power of addressing both the control plane and data plane at once
  • Pros and cons of different cloud security tools: traditional agent-based tools and scanners, CWPP (cloud workload protection platforms), and CSPM (cloud security posture management)
Let's Face It. Shift Happens

The emergence of the cloud has resulted in significant changes in the development process. Traditional monolithic application architectures have given way to more agile cloud-native applications. With this transformation, security teams are left wondering how to protect their ever-changing environments.

In this session, attendees will learn how security teams can continuously integrate into the development lifecycle while gaining visibility into vulnerabilities, misconfigurations, and malicious code in real-time. Shift happens, however with the right approach it is possible to find solid ground.

Resilient Incident Response: Effective strategies for blocking ransomware attacks

In this session, Brad Garnett (GM of Cisco Talos Incident Response) will discuss practical incident response strategies that every CISO and business leader faces with a hybrid workforce. Brad will share his insights from the front-lines in the fight against ransomware and why organizations need to re-evaluate existing incident response plans and share how Talos is fighting the good fight against evolving adversaries.

With Cisco Umbrella as the underlying framework, Garnett will touch on ways to block sophisticated ransomware attacks at the DNS level. Cisco Umbrella’s cloud-based firewall, interactive threat intel, secure web gateway and other tools protect networks from an onslaught of malware, ransomware, trojans and other attacks from unsanctioned and insecure cloud apps.

Keynote: Diversify and Conquer

Turn diversity into power.

Joined by Nicola Whiting, Alyssa Miller, Natasha Barnes, and Seema Kathuria, Diana Kelley will lead this enlightening panel discussion and share how organizations can thrive with a powerfully diverse workforce.

Attend this engaging and thought-leading keynote by registering for a level on day 2 of SANS Cyber Solutions Fest 2021.

Level Cloud Security with Shaun McCullough

Hear from Level Cloud Security's chairperson Shaun McCullough on what you can expect from his track in the upcoming SANS Cyber Solutions Fest! 

Cybersecurity Solutions for Today's Challenges

The 2nd annual SANS Cyber Solutions Fest aims to connect cybersecurity professionals of all levels with the latest solutions, tools, and techniques to combat today's cybersecurity threats.

  • Featuring 4 unique levels: Threat Hunting & Intel, SOC & SOAR, MITRE ATT&ACK®, and Cloud Security
  • Network in real-time with over 30 sponsors and learn from top industry experts
  • Join interactive panel discussions, discover job opportunities, compete in games for multiple prizes, and more