Presented by Check Point Software
In this session, you will learn why Gartner says, “Through 2022, at least 95% of cloud security failures will be the customers fault.” You will learn to find the best defense against these potential failures by enabling continuous compliance and security of your public cloud workloads and assets.
Presented by Sophos & Pine Cove Consulting
In an ever-changing, auto-scaling environment, continuous visibility of your public cloud infrastructure is vital. Join Pine Cove Consulting and Sophos Security as we discuss how you can use the power of AI and automation to simplify compliance, governance and security monitoring in the cloud.
Visibility is the foundation on which all public cloud security policies and activities are built. We will discuss how to monitor multiple cloud provider environments including Amazon Web Services (AWS) accounts, Microsoft Azure subscriptions, Google Cloud Platform (GCP) projects, Kubernetes clusters, and development code repositories. With superior visibility, layered with compliance and DevSecOps policies controls and alerts, teams can take control and build on their cloud security strategy with confidence.
Join us to learn how building a complete picture of architecture, including a full inventory and real-time network topology visualization including hosts, networks, user accounts, storage services, containers, and serverless functions, can help you improve your cloud security challenges.
Presented by High Point Networks
The first step of a Penetration test is often called Reconnaissance or Information Gathering. During this step, Penetration testers attempt to gather as much information as they can about a target environment by using publicly available information. Unfortunately, this step is often ignored or not completed thoroughly.
In this presentation, we will discuss how an attacker may conduct reconnaissance against a target, and what specific information they might be interested in gathering. We will cover specific tools including theHarvester, Shodan, Recon-ng and more.
Presented by IVOXY Consulting
Being able to control access to systems & applications based on identity has been an ideal for many, many years. It’s only been recently that we’ve gotten the ability to control access to/from any system and/or any application. Microsegmentation technology can be deployed without downtime & without service interruption (well, if you do it right!). Anyone who has been through a pen test knows that our on-prem & cloud datacenters are largely wide-open: There’s nothing to stop malware from a PC or infected server from spreading.
Join IVOXY Consulting to learn how microsegmentation works & how your datacenter can benefit from one of the hottest trends in information security today.
Presented by CompuNet
Developing an effective security program is a complex undertaking. Let’s jumpstart the process! We’ll discuss leveraging the Center for Information Security’s Critical Security Control framework to identify and prioritize security controls based on efficacy and business impact. After a brief overview of the CIS CSC, we’ll discuss the ongoing measurement and reporting necessary to organize a diverse set of tools into a well-managed information security program. We’ll also demonstrate and share freely available tools to help organizations perform internal assessments and leverage benchmark configuration guides.
Presented by Malwarebytes
Malware has become one of the biggest threat challenges faced by security and IT teams. Malwarebytes Labs conducts extensive proprietary research and analysis. The findings are periodically published to help security teams better understand the nature and evolution of these threats.
This presentation will cover key findings from our newly released annual report. It will highlight malware category trends and discuss new and emerging threats to be on the watch for. There will also be a discussion of industry best practices and technologies that can help your business to prevent, detect, and remediate these threats.
Attendees will leave with insight into the current malware threat landscape, as well as an understanding of steps they can take to mitigate breaches.
Presented by nCipher Security
For over 2000 years, governments, armies, businesses and lovers have been encrypting messages. For the same amount of time, the keys used to perform the encryption have been the weakest link in the chain. After 2000 years, technology has advanced such that the keys can be protected but many companies dont understand how important it really is. Mr. Beutlich will explain in an entertaining (and sometimes graphic) fashion why protecting the encryption key is more important than the encryption itself.
Presented by Fortinet
The attack surface that enterprises much protect is expanding dramatically. How do you maintain visibility and security of your traffic from IoT to the cloud. We’ll explore the threat vectors that cyber criminals use to penetrate your defenses and the security tools you can use to defend against those attacks.
Presented by Check Point Software
The growth of and use of public clouds has been unprecedented, with no signs of abating. Today, the use of public clouds for enterprise datacenters is mainstream. And for good reason; the advantages are significant and the gained agility undisputable. However, the number of services and options being offered by the public cloud providers today can be daunting. The breadth and depth of services and choice is increasing daily.
With these choices come consequences; it is a ‘one strike and you’re out’ environment. Just one misconfiguration can potentially put your entire organization at risk…or worse. It is this combination of seemingly endless choice along with the ease of access and use that creates the potential for catastrophe. Moreover, just imagine trying to find out if any of your S3 buckets are exposed or misconfigured when you have thousands of them. It’s like finding a needle in a stack of needles.
While most everyone will agree the public cloud environments being offered today are extremely comprehensive and very powerful, in unskilled hands, one fat-finger can have dire consequences. And, as you expand your use and implement ephemeral cloud-native services such as Amazon Lambda functions and other cloud-native platform components (RSDA, Redshift, ELF, ALB, ECS) new challenges will arise when conducting threat-detection and attribution.
In this session you will learn why Gartner says, “Through 2022, at least 95% of cloud security failures will be the customer’s fault.”
Presented by Darktrace
In a world that is increasingly digital, cyber-attack has become the most significant risk confronting today’s businesses, smart cities, and critical infrastructure. Online crime cost the world more than half a trillion dollars last year, while recent attacks have managed to influence the U.S. presidential election and disrupt the Ukrainian power supply. This troubling state of affairs is the product of several fundamental weaknesses with the traditional approach to cyber defense, which relies on predefining what threats look like at a time when criminals launch never-before-seen attacks daily. Moreover, these attacks increasingly strike at machine-speed, preventing security professionals from responding before their damage is done.