Solutions Forum 2022: Is Your SecOps Ready for Cloud and Containers? EMEA

  • Wednesday, 09 Nov 2022 5:00AM EST (09 Nov 2022 10:00 UTC)
  • Speakers: Jake Williams, Janet Matsuda, Michael Isbitski, Daniella Pontes, Nigel Douglas, Stefano Chierici, Sr., Asha Ramakrishna, Xavier Mendez, Anna Belak
Skyscanner and Sysdig Join SANS to Share Insights

You likely have existing security capabilities to support threat detection and response in your organization, but are those capabilities designed for cloud and cloud-native environments? “Endpoint” or “host” concepts fade in favor of containers, serverless, and service interactions. Traditional security approaches can’t address the range of potential problems. What is your plan for maintaining visibility and control as IT teams evolve their technology stacks? Attend this forum to understand the types of threats impacting cloud and containers and hear from other industry veterans on topics including:

  • How to mitigate newer threats in cloud and container environments, such as compromised container images and cryptojacking
  • What’s needed to correlate events, map to MITRE ATT&CK, investigate incidents, and trigger appropriate response
  • How remediation must include “as-code” approaches and automation in cloud-native designs
Cloud_and_Containers_Solutions_Forum_-_EMEA_-_Reg_Page.png

Sponsor

sysdig_logo-black_with_tagline.png

Partner

Skyscanner Logo

Schedule

Description

5:00 AM EDT
10:00 AM GMT

Welcome & Opening Remarks

Jake Williams, Senior Instructor, SANS Institute
Janet Matsuda, Chief Marketing Officer, Sysdig

5:10 AM EDT
10:10 AM GMT

Evolve Your SecOps Strategy for the Cloud Era

Traditional endpoint security approaches and tools like EDR aren't enough to secure cloud and cloud-native environments. Gaps in security monitoring or lost audit trails are inevitable, making forensics and incident response challenging, if not impossible. In this session, learn how:

  • Endpoint security tools can leave you exposed to cloud threats
  • Added context is needed for containers, Kubernetes, and cloud services
  • Remediation must use “as-code” approaches and automation in order to be effective

Michael Isbitski, Director of Cybersecurity Strategy, Sysdig

5:25 AM EDT
10:25 AM GMT

DEMO: Applying EDR-like Workflows to Containers and Kubernetes

In this 10 minute demo, we will demonstrate how Sysdig provides an EDR-like experience and enables rapid response for cloud, containers, and Kubernetes environments.

Daniella Pontes, Sr. Product Marketing Manager, Sysdig

5:35 AM EDT
10:35 AM GMT

The Right Time and Place for Machine Learning Pixie Dust

Moving to the cloud changes how we think about security, but we still want the most sophisticated detection and response systems money can buy. What’s the right formula for the best coverage against new threats? In this session, we will:

  • Learn about the nuances of machine learning in security
  • Identify security use cases where ML shines or falls short
  • Show how cryptojacking can be mitigated with carefully tailored ML

Anna Belak, Director of Thought Leadership Engineering, Sysdig

5:50 AM EDT
10:50 AM GMT

DEMO: Detecting Crytojacking in the Cloud with Machine Learning

In this 10 minute demo, we will show you how Sysdig can automatically detect cryptojacking patterns with 99% precision using ML.

Nigel Douglas, Technical Marketing Manager, Sydig

6:00 AM EDT
11:00 AM GMT

Accelerate Cloud Detection and Response Using the MITRE ATT&CK Framework

As cloud threats continue to rise, understanding an adversary’s tactics, techniques and procedures (TTPs) is critical to strengthening cloud security. How can you pull together a unified and simplified approach to speed up detection and response for your SOC team? In this session, we will: Dive into a comprehensive view of the MITRE ATT&CK for Cloud Matrix Explore real attack scenarios and best practices to detect them Share how open source tools like Falco power threat detection and response

Stefano Chierici, Sr., Security Researcher, Sysdig

6:15 AM EDT
11:15 PM GMT

DEMO: Cloud Detection and Response Using MITRE

In this five minute demo, we will demonstrate how to detect and respond to threats across cloud and containers using the MITRE ATT&CK framework.

Daniella Pontes, Sr. Product Marketing Manager, Sysdig

6:20 AM EDT
11:20 PM GMT

Fireside Chat: What Does Effective Cloud Detection and Response Look Like?

Hear from a panel of industry veterans on how environments have changed with adoption of cloud and container services, and how it's necessitated changes to threat detection and response. The panel will address real-world impacts to SecOps strategies in modern architecture and how processes and tooling must evolve.

Moderator: Jake Williams, Senior Instructor, SANS Institute
Panelists:
Michael Isbitski, Director of Cybersecurity Strategy, Sysdig for TL
Xavier Mendez, Head of Security, Skyscanner
Asha Ramakrishna, VP of Engineering, Sysdig

6:50 AM EDT
11:50 PM GMT

Wrap-Up and Closing Remarks

Jake Williams, Senior Instructor, SANS Institute