Fall Cyber Solutions Fest 2024: Emerging Technologies Track

8:30 AM

Kickoff & Welcome

Chris Dale, Event Chair, SANS Instructor

8:45 AM

Session One | Dark Side of Open Source

There is a dark side to productivity with open source. In modern applications, the majority of code on which an application is built isn’t code written by your team. Modern applications are built on the backs of volunteer communities and open-source software. These volunteers and their software delivery practices all become potential attack vectors. The truth is that most organizations do not factor open-source supply chain attacks into their organization’s threat models today. To spread awareness on supply chain attacks so that organizations can scalably handle them, we propose baking supply chain attacks into existing threat modeling procedures and software development culture so that organizations can champion supply chain management of open source in the places where they are most impactful, at development time. We will present a clear and straightforward classification of attack vectors, based on hundreds of real-world incidents and reviewed by experts in the field. Then, we'll discuss various defenses you can implement to detect and respond to these attacks, tailored to your organization's level of maturity.

Darren Meyer, Staff Research Engineer, Endor Labs

Session Two | How to Safeguard AI Access in Your Enterprise

While many organizations are eager to harness the benefits of generative AI for enhancing employee efficiency and improving customer experiences, their security and privacy departments often face challenges in balancing safety with innovation. Companies aim to enable their employees to work more effectively using AI while safeguarding confidential IP, customer data, and avoiding copyright violations. Simultaneously, they seek to deploy AI chatbots to better serve customers without the risk of providing incorrect information, being jailbroken, leaking internal data, or addressing unwanted topics. This session will explore these concerns and demonstrate how WitnessAI can address them effectively. Primary concerns include:

1. Lack of Visibility: IT departments often struggle to track which AI systems their employees are accessing and how these systems are being used. The rapid proliferation of AI tools and projects further complicates maintaining an overview of AI activities within the organization.
2. Lack of Control: AI technologies introduce new privacy and compliance challenges. These include ensuring training data from one client is not used for another, preventing unauthorized access to sensitive customer data within AI models, and blocking the sharing of company intellectual property with public AI systems. Addressing these issues requires robust governance measures.
3. Lack of Protection: AI systems create new attack surfaces, increasing the risk of data breaches and financial loss. Common security threats include prompt injection attacks, jailbreaking of AI models, and the generation of incorrect or harmful outputs (hallucinations) by AI systems.

Abel Morales, Principal Security Engineer, WitnessAI

9:45 AM

Break

10:00 AM

Session Three | Welcome to the AI Wild West - Proactive Security Strategies for GenAI Deployments

As the adoption of Generative AI surges with 65% of organizations already integrating it into at least one business function, the race to harness its potential has never been more intense. However, this rapid deployment brings a new wave of security challenges that many companies are unprepared for. Lasso Security’s advanced AI Firewall and Shadow LLM monitoring are designed with your needs in mind, offering protection for your GenAI applications. Whether you're looking to safeguard sensitive data, maintain compliance, or ensure the resilience of your AI-driven initiatives, our solutions provide the peace of mind you need to confidently deploy and manage GenAI in your organization. This session and live demo will explore: The importance of a GenAI-specific security approach for LLMs

1. How to deploy Lasso’s solution suite for GenAI Chatbots and AI Firewall to block and
2. Mitigate existing and emerging attacks
3. Strategies for enhanced RAG security with Lasso’s Context-Based Access Control (CBAC)
4. Best practices for monitoring and securing generative GenAI interactions in real-time.

Elad Schulman, CEO and Co-Founder, Lasso Security
Ophir Dror, CPO & Co Founder

10:30 AM

Session Four | Confronting Cyber Risk as a Connected Organization

This session will explore the evolving cyber risk landscape, organizational collaboration to address issues, the roadblocks to progress, and keys to creating a risk-aware culture. The demonstration will cover: - Using a unified risk taxonomy to provide end-to-end visibility and a single language for enterprise risk. - Creating a common controls library to drive efficiency. - How connected control assessment/testing results provide a more complete and accurate view of control effectiveness and residual risk. - How to leverage evidence requests across SOX, IT compliance, and internal audit to reduce burden on the business and save time. - Using shared issues to improve visibility and provide a better understanding of the full impact of issues across various risk domains. - Enabling inventory-level visibility for stakeholders to facilitate a more risk-aware culture.

Richard Marcus, CISO, AuditBoard

John Duffield, Manager of Product Solutions, AuditBoard

11:00 AM

Session Five | The New Way to GRC: Leveraging Automation and AI

Gone are the days of manual audit evidence collection and point-in-time compliance status checks. Join this session to see how you can automatically collect evidence, continuously monitor controls, and showcase your security and compliance achievements in real time. Gain best practices to meet your compliance needs fast and effectively, and see real-world examples for frameworks like SOC 2, HIPAA, ISO 27001, and more.

Lauren Wade, Senior Manager, Product Marketing, Vanta

11:30 AM

Break

11:45 AM

Session Six | Navigating FedRAMP: Common Pitfalls, Opportunities and the Latest Updates

-An explanation of FedRAMP and the steps involved in achieving different compliance statuses.

-A description of the various stakeholders involved in the process and their specific responsibilities.

-A summary of common challenges organizations face throughout the journey.

-How FedRAMP can increase your revenue and open up new markets

-How to manage your FedRAMP documentation

Mike Schreiner, COO, Paramify

12:15 PM

Session Seven | Securing the Data & AI Lifecycle From Development to Production

The Data & AI Lifecycle is the foundation for embedding AI into applications, but is a major blind spot for application security teams. Data engineering, data science, and AI teams operate separately from software development teams, and traditional AppSec tools don’t provide coverage across the new development environments (i.e., Jupyter Notebooks), tools (i.e., data pipelines & MLOps tools), open source components, and runtime considerations (i.e. prompts and responses) it introduces. In this session, we’ll:

- Compare the Data & AI lifecycle with the traditional software lifecycle

- Explore the unique components and attack surface of the data & AI supply chain

- Dive into risks tied to custom ML models, open source LLMs, and AI-as-a-Service (e.g., OpenAI)

- Share best practices for a proactive and real-time approach to securing the Data & AI Lifecycle

Niv Braun, Co-founder & CEO, Noma Security

12:45PM

Session Eight | Browser Wars: Defend Against Bots, MitB Attacks, and Malware

Browser threats are evolving rapidly. Attackers use evasive bots, Man-in-the-Browser (MitB) attacks, and malicious extensions to compromise web apps and APIs that affect end-users. These tactics automate credential stuffing, click fraud, and session hijacking by exploiting the browser's Document Object Model (DOM) to manipulate customer interactions and steal sensitive data.

In this session, discover how MirrorTab addresses these web security risks by taking advanced isolation technology to render customer sessions in a secure environment, eliminating the browser attack surface. This accretive enhancement stacks with existing defenses like WAFs and CDNs as a defensive multiplier, ensuring robust protection for web apps and APIs, especially for unmanaged endpoints.

We’ll demonstrate how to integrate MirrorTab with your web infrastructure, including WAFs and CDNs, and show how to use Cloudflare Workers to create a protective bubble around your web app and APIs —keeping end-user sessions secure without requiring user action. Join us to learn about these emerging browser-based risks and see a live demo of MirrorTab’s capabilities in action.

Brian Silverstein, CEO and Founder, MirrorTab

1:15 PM

Break

1:30 PM

Session Nine | Adaptive Noise Cancelling Meets Code Scanning

Shifting-left with low signal alerts will negatively impact productivity and quickly erode developer trust. Semgrep delivers powerfully simple code scanning with the controls you need to quickly surface the issues that matter while minimizing interruptions. Now, with the AI-powered Semgrep Assistant, you can easily introduce context about internal services, common code patterns, or custom frameworks. Developer feedback automatically tunes the system to cancel noise, prioritize high-risk bugs, and generate remediation guidance with code suggestions to boost developer productivity. In this session we’ll discuss how Semgrep provides high-context code scanning for SAST, SCA, and Secrets along with how AI is dramatically reducing developer friction.

David Whitlow, Solutions Engineer, Strategic Accounts, Semgrep

2:00 PM

Closing Remarks

Chris Dale, Event Chair, SANS Instructor