Archives: Seminar

Easy Information Gathering

  Presented by High Point Networks

The first step of a Penetration test is often called Reconnaissance or Information Gathering. During this step, Penetration testers attempt to gather as much information as they can about a target environment by using publicly available information. Unfortunately, this step is often ignored or not completed thoroughly.

In this presentation, we will discuss how an attacker may conduct reconnaissance against a target, and what specific information they might be interested in gathering. We will cover specific tools including theHarvester, Shodan, Recon-ng and more.

Master the Edge: How to Achieve Context-Aware, Secure Access in a Mobile Era

  Presented by Aruba, a HPE Company & Structured Communication

Are you juggling disparate security platforms and struggling to make sense of the data? Do you need to share information and insights across teams but lack a cohesive way to do that? If so, attend this session. Learn how to deploy an open, multi-vendor Enterprise security framework that gives security and IT teams an integrated way to gain visibility, control and advanced threat defense. See how security prioritization and machine learning helps organizations leverage existing third-party solutions to better protect investments and implement proactive risk controls.

How to Solve the Toughest Challenges in Cloud Security

  Presented by Sophos & Pine Cove Consulting

In an ever-changing, auto-scaling environment, continuous visibility of your public cloud infrastructure is vital. Join Pine Cove Consulting and Sophos Security as we discuss how you can use the power of AI and automation to simplify compliance, governance and security monitoring in the cloud.

Visibility is the foundation on which all public cloud security policies and activities are built. We will discuss how to monitor multiple cloud provider environments including Amazon Web Services (AWS) accounts, Microsoft Azure subscriptions, Google Cloud Platform (GCP) projects, Kubernetes clusters, and development code repositories. With superior visibility, layered with compliance and DevSecOps policies controls and alerts, teams can take control and build on their cloud security strategy with confidence.

Join us to learn how building a complete picture of architecture, including a full inventory and real-time network topology visualization including hosts, networks, user accounts, storage services, containers, and serverless functions, can help you improve your cloud security challenges.

The Whole Is Greater Than the Sum of Its Parts

  Presented by Tim Bottenfield • CIO for the State of Montana

Join our keynote in a discussion about the status of the State IT in Montana, and his three E’s for an effective and efficient enterprise (Engagement, Empathy and Empowerment).

Tim Bottenfield serves as CIO of the State of Montana. He joined the Department of Administration in July of 2018 after serving nearly seven years with the Department of Revenue. He came to Montana from Auburn University in Auburn, Alabama, where he worked for 25 years, primarily as IT manager in the School of Forestry and Wildlife Sciences. He has 10 years of experience in operating a computer and networking services consulting business. He earned a Bachelor of Science degree in Forest Management in 1983 and a Master of Science degree in Forest Biometrics in 1986, both from Michigan Technological University in Houghton, Michigan.

In his first year as State CIO, Tim has focused on building relationships across the enterprise. His ongoing initiatives are in the areas of fiscal responsibility, optimization of shared services and support, cybersecurity, unified digital government and promoting a service first driven organization.

Tim was born in Pennsylvania and grew up in Michigan. He resides in Essex, Montana with his wife, Gigi. Their three sons and daughter-in-law are electrical engineers having attended the University of Pittsburgh, Auburn University and Georgia Tech. Tim enjoys hiking and all that the mountains of Montana offer recreationally.

Fileless Attacks: A Look into Several Techniques Used by APT32

  Presented by BlackBerry Cylance & Structured Communications

Fileless attacks have grown in popularity resulting in the decline of more traditional executable malware. While fileless attacks are not executable files, the vast majority actually come from a file; weaponized documents. Come see this session to get a deep understanding of several techniques being used today by APT32/OceanLotus to attack their victims. You will learn how to replicate their techniques to better test your defenses.

If You Don’t Protect the Key, Don’t Encrypt the Data

  Presented by nCipher Security

For over 2000 years, governments, armies, businesses and lovers have been encrypting messages. For the same amount of time, the keys used to perform the encryption have been the weakest link in the chain. After 2000 years, technology has advanced such that the keys can be protected but many companies don’t understand how important it really is. Mr. Beutlich will explain in an entertaining (and sometimes graphic) fashion why protecting the encryption key is more important than the encryption itself.

The Power Grid and NERC Critical Infrastructure Protection

  Presented by Allen Kent • NERC CIP Reliability Specialist for the NAES Corporation

This presentation will cover the elements of the power industry, the development of the NERC standards, and an overview of the CIP physical and cybersecurity requirements that currently apply to Bulk Electric System Facilities. The presentation will also highlight differences faced by Operations Technology (OT) and Information Technology (IT) groups as well as the challenges of auditable compliance over normal IT operations.

Adapting to Fight Back: How Cyber AI Neutralizes Never-Before-Seen Threats

  Presented by Darktrace

In a world that is increasingly digital, cyber-attack has become the most significant risk confronting today’s businesses, smart cities, and critical infrastructure. Online crime cost the world more than half a trillion dollars last year, while recent attacks have managed to influence the U.S. presidential election and disrupt the Ukrainian power supply. This troubling state of affairs is the product of several fundamental weaknesses with the traditional approach to cyber defense, which relies on predefining what threats look like at a time when criminals launch never-before-seen attacks daily. Moreover, these attacks increasingly strike at machine-speed, preventing security professionals from responding before their damage is done.

Mitigating Cybercrime in your Enterprise

  Presented by Fortinet

The attack surface that enterprises much protect is expanding dramatically. How do you maintain visibility and security of your traffic from IoT to the cloud. We’ll explore the threat vectors that cyber criminals use to penetrate your defenses and the security tools you can use to defend against those attacks.

The Current Malware Threat Landscape & Enterprise Grade Remediation

  Presented by Malwarebytes

Malware has become one of the biggest threat challenges faced by security and IT teams. Malwarebytes Labs conducts extensive proprietary research and analysis. The findings are periodically published to help security teams better understand the nature and evolution of these threats.

This presentation will cover key findings from our newly released annual report. It will highlight malware category trends and discuss new and emerging threats to be on the watch for. There will also be a discussion of industry best practices and technologies that can help your business to prevent, detect, and remediate these threats.

Attendees will leave with insight into the current malware threat landscape, as well as an understanding of steps they can take to mitigate breaches.