Ready for Anything: SaaS Management and Security Solutions Forum

  • Friday, 22 Apr 2022 11:00AM EDT (22 Apr 2022 15:00 UTC)
  • Speaker: Matt Bromiley

The rapid increase in SaaS adoption has pushed technology innovation to an incredible speed. With all the advantages that come with SaaS applications, it’s essential for companies to onboard providers as efficiently as possible. But SaaS adoption also introduces new cybersecurity risks, vulnerabilities, and policy changes.

Want to learn how to equip your team with the necessary tools to control the complexity, cost, and risk associated with managing SaaS apps — and cultivate a proactive and capable security culture?

Join us in the SaaS Management and Security Forum. We’ll dive deep into how your organization and security program can benefit from:

  • Gaining comprehensive visibility into all SaaS apps
  • Identifying misconfigurations that can lead to data leaks
  • Managing, optimizing, and reducing SaaS spend across apps
  • Addressing the highly probable, high-impact risks associated with technology innovation
  • Asking the right questions when time is of the essence

>>>>Download a copy of the presentations here!




Agenda | April 22, 2022 | 11:00 AM - 2:45 PM EDT



11:00 AM

Welcome & Opening Remarks

Matthew Bromiley, SANS Instructor & Subject Matter Expert

11:20 AM

How to Solve SaaS Complexity (The Comprehensive Way)

The software as a service (SaaS) model was a major paradigm shift in the history of IT — and has since become a go-to for many organizations. 

SaaS models offer unquestionable benefits, like increased flexibility, accessibility, and cost savings. But as SaaS adoption continues to skyrocket, it's creating more complexity for IT and security teams. Tasks like gaining visibility into SaaS apps, monitoring spend, and managing configuration and licensing can feel complicated. Impossible, even. 

Join the session and learn: 
- The key SaaS challenges — including shadow SaaS and SaaS spend — and how it impacts IT and security teams
- Current approaches to SaaS management — and their limitations
- How a modern, comprehensive approach to SaaS management can help

Amir Ofek, CEO, AxoniusX

11:55 AM

Measuring the Effectiveness of Your Cybersecurity Program

There are endless variables and possibilities when it comes to measuring cybersecurity programs. And there's no shortage of data that security teams have at their disposal to inform metrics.

So...where to start? How do you not only select metrics to track, but have confidence in the data that informs them? And once you have your foundation, what’s next?

Join this session with Axonius CISO and SANS Faculty Fellow Lenny Zeltser to learn more about:

  • Common security metrics challenges
  • Metrics frequently used to track progress across security domains
  • How to overcome measurement challenges and gain greater confidence in what you're measuring

Lenny Zeltser, Chief Information Security Officer, Axonius

12:30 PM


12:40 PM

Security That Empowers the Business

Security has long been seen as the "department of no", known for phrases like, "You can't do that," and "You can't use that application." But what if we told you it's possible to change this mindset? And that security could be the business enabler it was meant to be? Join the session and learn:

  • How security enables both innovation and speed
  • What obstacles could impede the security and business relationship
  • The essentials for overcoming any business-related friction

Chris Cochran, Creative Director of Media, Axonius
Chris Hughes, CISO & Co-Founder, Aquia

1:15 PM

Cover Your SaaS: Managing Misconfigurations, Shadow Users, and Excessive Spending

SaaS adoption at organizations usually starts slow. Applications are managed by a few team members that may be responsible for spinning up your Salesforce, Slack, and a few other applications that boost productivity for your team. Through all the benefits that SaaS applications offer, it’s almost become a necessity to onboard providers as fast as possible. While the growth of SaaS offers many positives, it also drives an exponential increase in IT, security, and business complexity.  

In this session, Jerich Beason and Ron Eddings of Axonius will go over the relationship between SaaS apps and IT and security teams, along with the challenges at hand and several actionable solutions. You'll learn how by focusing on SaaS security posture management, your team can accomplish the following:

  • Discover both known and unknown SaaS apps
  • Uncover and mitigate various security risks that put sensitive customer and business data at risk — including identifying misconfigured SaaS settings and suspicious or malicious behavior
  • Deliver the insights on user access and app utilization needed for better IT management and cost optimization across all SaaS apps

Ron Eddings, Creative Director of Education, Axonius
Jerich Beason
, Advisor, Axonius

1:50 PM

PANEL: Deep Dive into your SaaS Discovery and Security

During this session the panel will address the following questions: 

1. When it comes to SaaS Security, how do teams measure if they are performing well?
2. For an organization rebuilding IT/Security from the ground up where's the best place to start with SaaS application discovery?
3. What are automation use cases with SaaS Management and Security?
4. Do SaaS applications fall under the "cyber asset" category?

Matthew Bromiley, SANS Instructor & Subject Matter Expert
Jerich Beason, Advisor, Axonius
Chris Cochran, Creative Director of Media, Axonius
Ron Eddings, Creative Director of Education, Axonius
Amir Ofek, CEO, AxoniusX
Lenny Zeltser, Chief Information Security Officer, Axonius

2:35 PM

Wrap-Up and Closing Remarks

Matthew Bromiley, SANS Instructor & Subject Matter Expert