IN-PERSON Registration for CloudSecNext Summit Solutions Track 2022

  • Wednesday, 04 May 2022 8:00AM PST (04 May 2022 15:00 UTC)
  • Speakers: AJ Yawn, Paul Romanek, Christian Clasen, Vijit Nair, Andy Smith, Hank Schless, Gary Kinghorn, Josh Zelonis, Parag Bajaria, Alexander Lawrence, Dan Gordon

Attend the CloudSecNext Summit Solutions Track IN-PERSON or Virtually on May 4th!

Join this SANS Cloud Security Solutions Summit as we explore how organizations store sensitive data and resources in the cloud. Protecting these assets is top of mind for executives and security professionals. The speed and simplicity of the cloud allow companies to build applications faster than ever before. Unfortunately, this speed often comes with a cost - a lack of focus on security. Presentations will focus on technical case studies and thought leadership using specific examples relevant to helping companies improve the security of their cloud environment through automation.

Event Location: Manchester Grand Hyatt | San Diego, CA
In-Person Event Overview

*Check-In Begins at 8:00 AM PDT and goes ALL DAY

>>> Join us on Slack here!

CloudSecNext_-_In_Person_-_Reg_Page.png

Sponsors

Anjuna logoappaegis_logo.pngAqua Security LogoCado-Logo-Color.pngLogoLockup_Horz_RGB_Blue_190103.pngCorelight_Transparent.pngLaminar LogoLookout-Logo-TM-Pref-16L-Full-Pos-RGB.pngnozomi-networks-logo-color.pngPalo_Alto_Networks.png1280px-Logo-Qualys.svg.pngrapid7.pngsysdig_logo-black_with_tagline.pngTraceable logoLight_background_logo.pngNew_Logo_Blue.png
CloudSecNext Summit Bonus Sessions

Attendee Information

At this year’s CloudSecNext Summit, you’ll have the chance to learn, connect, and share with thousands of cybersecurity professionals in attendance from around the globe. No matter your background or skill level, you’ll walk away from CloudSecNext Summit with interesting perspectives and case studies that challenge assumptions and result in a shift in your understanding.

Continuing Professional Education (CPE) Credits are earned by participation in the event!

  • 6 CPEs are earned each day you attend the Cloud Summit
  • 6 CPEs are earned for attending the Cloud Solutions Track on May 4th
  • 1 CPE is earned for attending each Cloud Bonus Session on May 3rd and May 4th

Agenda | May 4th, 2022 | 8:00 AM - 6:00 PM PDT

Schedule

Description

8:00 AM

Check-In Opens (and goes ALL DAY)

LOCATION IN HOTEL: HARBOR BALLROOMS G, H, I

Get checked in for the action-packed full day ahead and grab a bite to eat during our morning networking event and free breakfast!

FREE Breakfast Includes:
  • Coffee Station
  • Assorted Juices
  • Breakfast Burritos
    • Cage Free Scrambled Eggs, Chorizo, Potatoes, Poblano Peppers, Cojita Cheese, Spinach Wrap
    • Includes House-Made Roasted Tomato Salsa (VG, GF, DF) and Avocado Crema (V, GF)
  • Mini Doughnuts Made Fresh and Hot
    • Cinnamon Sugar Dusted
    • Powdered Sugar Dusted
    • Custard and Jelly Filled Doughnuts

9:00 AM

Welcome & Opening Remarks
AJ Yawn, SANS Instructor & Subject Matter Expert

9:15 AM

The Largest Threat to Your Data You’re Not Aware of is Lurking in the Shadows

Shadow data is the new shadow IT and it's leaving undue risk and breaches in its wake. CISO anxiety comes from the fear of the unknown and data security teams have lost visibility to where their sensitive data is in the cloud. In this session you will learn...

  • What is shadow data?
  • How does it occur?
  • Where is your shadow data?
  • How to shine a light on the shadows
Andy Smith, Chief Marketing Officer, Laminar

9:50 AM

Understanding the 3 Essential Pillars: Cloud Native Security

With many organizations now deploying cloud native applications based on micro-services, using containers, VMs and serverless functions, they are faced with new security challenges and threats. Based on Aqua's experience with hundreds of cloud native implementations since 2016, we've come to the realization that any cloud native security strategy must address these three areas - the build phase of applications, the infrastructure on which applications run, and the workloads themselves. In this talk we will show how this holistic approach creates an opportunity to automate and improve security to previously unattainable levels, and the agility and acceleration it enables to drive digital transformation and cloud enablement initiatives.

Paul Romanek, Solution Architect, Aqua Security

10:25 AM

Morning Break

Refreshments and Snacks Served:

  • Coffee & Tea Assortment
  • Soda and Juice Assortment
  • Yogurt Parfaits with Fresh Seasonal Berries & Granola
  • Fruits: Bananas and Apples

10:40 AM

You’re Not Looking for a Ransomware Solution

Ransomware has become one of the biggest challenges for every organization, and is now one of the most talked-about topics in the security industry. IT and security teams are being asked about how they’re protecting against ransomware, but the answer isn’t always straightforward. This is because there is no one silver bullet solution for taking on ransomware. Join Hank Schless from Lookout as he takes a step back and looks at the ransomware problem from a pragmatic standpoint. By breaking down the killchain and aligning its steps with broader initiatives you’re already working on, you can take care of this challenge piece by piece without feeling overwhelmed with questions from your executives and noise from the market.

Hank Schless, Sr. Security Solutions Manager, Lookout

11:15 AM

Effective API Security Demands Application Context and Behavioral Analysis

Micro-services, cloud-native architectures, and API-driven applications have not only changed the speed of business innovation, they’ve changed what it takes to properly secure your applications. It’s no longer enough to secure apps by observing from the outside (like doctor’s did in Colonial times). Highly effective API security requires deeper knowledge about the applications and its users. Join Dan Gordon, API Security Evangelist @ Traceable AI to learn how to effectively secure against API attacks at scale.

Dan Gordon, Technical Evangelist, Traceable AI

11:50 AM

Extending Endpoint Detection and Response to the Cloud

With the rapid adoption of cloud computing, cloud workloads are in the crosshairs like never before. To protect cloud assets, SecOps teams need to expand their traditional scope to also monitor cloud activity, block cloud attacks, and speed enterprise-wide investigation and response. Attend this session to learn how leading SecOps teams secure corporate resources across a dynamic and distributed environment.

Josh Zelonis, Field CTO & Evangelist, Palo Alto Networks

12:25 PM

Networking Reception

Converse with fellow cybersecurity attendees over a delicious lunch including assorted carving stations and sweet treats!

FREE Lunch Includes:
  • Lemonade and Iced Tea
  • Chef Attended Carving Station
    • Herb Crusted NY Strip
  • California Flatbreads
    • Wild Mushroom: Sautéed Mushrooms, Garlic, Red Onion, Spinach, Goat Cheese Truffle Oil (V)
    • Sausage: Andouille, Italian, Chorizo, Red Bell Pepper
    • Chicken: BBQ, Red Onion, Bacon, Pineapple, Scallions
  • Salad Station
    • Caesar Salad (V): Crisp Heart of Romaine Leaves and Radicchio, Parmesan Cheese, Focaccia Croutons, Caesar Style Dressing
    • Spinach Salad (V, GF, N): Baby Spinach, Strawberry, Brioche Croutons, Toasted Walnuts, Crumbled Goat Cheese, White Balsamic Vinaigrette
  • Build Your Own Shortcake Station
    • Vanilla Pound Cake (V), Almond Angel Food Cake (V, N) and Decadent Chocolate Brownie (GF)
    • Toppings: Fresh Berries, Toasted Almonds, Pomegranate Syrup, Citrus Roasted Cranberries, Vanilla Bean Chantilly, Chocolate Sauce and Strawberry Sauce

1:40 PM

The Remote Access Security Landscape

With the rapid transition to remote work, the industry is racing to meet a variety of use-cases and requirements. Whether users connect over VPNs, zero-trust portals, or to public cloud applications, the expectations rarely change: responsive applications, efficient sign-on, and consistent access. This session will explore how remote workers are connecting to resources and the many ways the industry is securing those connections.

Christian Clasen, Technical Leader - Cloud Security, Cisco Secure

2:15 PM

Why Wait? Find Cloud Risks and Threats in Real Time with Stream Detection

Cloud service providers offer cost effective and efficient collection and storage of cloud logs, which is a rich source of data for devops and security teams. Copying logs out of the cloud to query them later is expensive and complex to manage. With stream detection you can find risks and threats in real time and fix issues faster while saving time and money. Join us to learn how you can utilize Falco's real-time telemetry in your cloud native environment to enable smarter alerts faster and stay ahead of bad actors and malicious attacks.

Alexander Lawrence, Principal Security Architect, Sysdig

2:50 PM

IT/OT Convergence: How to Leverage and Secure Cyber Physical Systems in the Cloud

Migrating IT applications to the cloud has become a relatively routine process, but, as more and more critical infrastructure becomes automated and digitized, cloud hosting and security of cyber physical data and applications pose different challenges. Data from Industrial IoT processes, surveillance cameras, point of sale systems, medical instruments or other process sensors and actuators can benefit from cloud-level economies of scale, but raise different sets of issues and benefits. After this session, you’ll walk away with an understanding of how to leverage and secure cyber physical systems and data in the cloud.

Gary Kinghorn, Senior Director, Nozomi Networks

3:25 PM

Afternoon Break

Refreshments and Snacks Served:

  • Coffee & Tea Assortment
  • Soda and Juice Assortment
  • Jumbo Brownies and Jumbo Blondies
  • Fruit: Grapes

3:40 PM

Real world Use Cases for NDR in the Cloud

As we’ve learned from events like Sunburst and Log4Shell, network telemetry provides essential evidence for catching threats that other tools miss. Join us as we dive into real world use cases from the research team at Corelight -- the creators and maintainers of Zeek. You'll learn how the collection and analysis of cloud network traffic leads to better threat detection and faster response.

Vijit Nair, Senior Director of Product - Cloud Security, Corelight

4:15 PM

Understanding and Prioritizing "True" Risks From an Attackers' Perspective

If you have a few hundred workloads running in the cloud, then you are most likely dealing with thousands of vulnerabilities and hundreds of misconfigurations. Given the volume of these security findings, it has become very challenging to prioritize the remediations. A single-dimensional view - the severity of the finding - is insufficient and will not reduce the overall risk of an asset. For example, fixing a remote code vulnerability on an asset not exposed to the internet may not reduce your risk. You need a multidimensional approach that combines threat vectors and asset relationships for effective prioritization. This session will discuss two concepts - external attack surface and attack path - that provide attackers’ view of your security. We will also discuss how you use these concepts for prioritizing your security findings.

Parag Bajaria, VP Cloud and Container Security, Qualys

4:50 PM

Wrap-Up
AJ Yawn, SANS Instructor & Subject Matter Expert

5:00 PM

Happy Hour Reception

Enjoy some beverages (adult and otherwise) and small bites on us! Chat with fellow attendees and invited industry experts from the CloudSecNext and Security West events and enter for prize giveaways!

FREE Drinks & Food Served:
  • Beer and Wine Assortment
  • Slider Station
    • Garden Black Bean
    • All Natural Beef
    • Fried Chicken
  • French Fries with Assorted Dipping Sauces
    • Sriracha Ketchup (VG, GF, DF)
    • Furikake (GF, DF)
    • Togarashi (VG, DF)
    • Wasabi Aioli (GF)
    • Hoisin Sauce (VG, DF)
Prize Giveaways:
  • Oculus Quest 2 VR Headset
  • Holy Stone GPS Drone
  • Hundreds of $$ in Amazon Gift Cards
  • And More!