Shrink the Attack Surface Solutions Forum

  • Friday, 04 Nov 2022 11:00AM EDT (04 Nov 2022 15:00 UTC)
  • Speaker: Matt Bromiley

Discovering, identifying, inventorying, and assessing all digital assets — a continuous process known as Attack Surface Management (ASM) — is essential for organizations to secure their environment. After all, you can’t protect what you don’t know about.

External threats, vulnerabilities, shadow IT, and cloud misconfigurations are a few critical areas that may sneakily pose risks to organizations. The goal for IT and security teams looking to protect against these potential adversaries? Managing and shrinking the attack surface. This can be accomplished by focusing on asset visibility.

Join our Shrink the Attack Surface Forum and equip your team with the tools they need to create an ASM strategy. The forum will provide you a new perspective on:

  1. How your existing technology can work together to discover all of your digital assets
  2. Techniques for identifying, categorizing, and normalizing digital assets
  3. Using an asset inventory to identify external threats, misconfigurations, shadow IT, and policy violations
  4. Where to use automation to continuously assess your assets for threats
  5. The future of ASM: Cyber Asset Attack Surface Management (CAASM) and External Attack Surface Management (EASM)

Join the SANS Solutions Forum Interactive Slack Workspace for this event (and all SANS Forums)! Connect once and you're set for all events in 2022!




Agenda | November 4, 2022 | 11:00 AM - 2:45 PM ET



11:00 AM

Welcome & Opening Remarks

Matthew Bromiley, SANS Instructor & Subject Matter Expert

11:20 AM

SaaS Security Best Practices

"Cloud security is the center of attention of your organization. IT and security teams put a lot of focus on securing their Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) environments but overlook their SaaS technology stack. The truth is organizations use dozens — if not hundreds — of SaaS applications that are prone to misconfigurations, shadow users, and excessive spending on unused licenses. By looking at Cyber Asset Attack Surface Management, teams can gain visibility into their entire cloud environments to identify, inventory, and assess all digital assets. Join this session to gain a new perspective on:

  • How to dynamically discover managed and unmanaged SaaS apps
  • How to uncover and mitigate various security risks that put sensitive customer and business data at risk Why collecting insights on user access and app utilization is needed to improve IT management and cost optimization across all SaaS apps
    Amir Ofek, CEO, AxoniusX

11:55 AM

Time to PIVOT: Doing the Seemingly Impossible in Cybersecurity

In cybersecurity, we have adversaries that are doing all that they can to undermine our work. Our expanding attack surfaces also make things harder for us. As they say, we have to be right all the time. But a bad hacker only needs to be right once. What can we do to stay ahead of the opposition and live in the adjacent possible to make something new? It's time to PIVOT. PIVOT is a framework created by Chris Cochran that enables leaders and practitioners to do more with what we have — and even do what hasn't been done before. From SaaS adoption, to building new solutions, and everything in between, join this session to:

  • Learn why passion alone isn't enough to protect an organization
  • Understand the role of intention with complex cyber initiatives
  • Adopt a philosophy for placing smart technical bets — and how to know it was a bad one
  • Get the help and resources you need to be successful and enable focus
  • Facilitate confidence while entering into the unknown

Chris Cochran, Creative Director and Cybersecurity Advocate, Axonius

12:30 PM


12:40 PM

Managing and Shrinking The Attack Surface With Asset Intelligence

The amount of context that cybersecurity analysts and engineers require for assessing security events is overwhelming. But here’s the good news: Asset intelligence can help. an asset intelligence strategy is the process of collecting, processing, and analyzing data to help teams understand the motives, targets, and behaviors of cybersecurity threats and your technology environment. Investing in a strategy to collect and curate asset intelligence should be a necessity for every cybersecurity team. Combining asset intelligence and automation is a tactic that teams can employ to scale their efforts while reducing team burnout. This is done by keeping an asset inventory and translating team tradecraft into logic that a machine can perform on the team’s behalf.

Ron Eddings, Creative Director of Education, Axonius

1:15 PM

Cloud Games - Level CISO

Let’s talk about day 1-100 of a CISO in a cloud first organization. Apart from the leadership challenges that come with a new role, there are complexities of cloud security that are under-rated when it comes to managing risks. With every new service introduced in the cloud, new blindspots and opportunities for the threat are also created. In this session, Ashish will share common blindspots and risks that your team should consider while minimizing the attack surface in your cloud environment. Ashish will share stories of his first 100 days of a CISO that may include laughs and tears that other CISOs have also shared.Ashish Rajan, Former CISO Host, Cloud Security Podcast

1:50 PM
PANEL: Deep Dive Into Your Attack Surface

Deep Dive Into Your Attack Surface 1. When it comes to ASM, how do teams measure if they are performing well? 2. For an organization rebuilding IT/Security from the ground up where's the best place to start with shrinking the attack surface? 3. What are automation use cases with ASM? 4. How does CAASM differ from other acronyms like EASM?

Matthew Bromiley, SANS Instructor & Subject Matter Expert
Chris Cochran, Creative Director of Media, Axonius
Ron Eddings, Creative Director of Education, Axonius
Amir Ofek, CEO, AxoniusX
Ashish Rajan, Former CISO Host, Cloud Security Podcast

2:35 PM

Wrap-Up and Closing Remarks

Matthew Bromiley, SANS Instructor & Subject Matter Expert