Agenda | November 4, 2022 | 11:00 AM - 2:45 PM ET
Schedule | Description |
---|---|
11:00 AM | Welcome & Opening RemarksMatthew Bromiley, SANS Instructor & Subject Matter Expert |
11:20 AM | SaaS Security Best Practices"Cloud security is the center of attention of your organization. IT and security teams put a lot of focus on securing their Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) environments but overlook their SaaS technology stack. The truth is organizations use dozens — if not hundreds — of SaaS applications that are prone to misconfigurations, shadow users, and excessive spending on unused licenses. By looking at Cyber Asset Attack Surface Management, teams can gain visibility into their entire cloud environments to identify, inventory, and assess all digital assets. Join this session to gain a new perspective on:
|
11:55 AM | Time to PIVOT: Doing the Seemingly Impossible in CybersecurityIn cybersecurity, we have adversaries that are doing all that they can to undermine our work. Our expanding attack surfaces also make things harder for us. As they say, we have to be right all the time. But a bad hacker only needs to be right once. What can we do to stay ahead of the opposition and live in the adjacent possible to make something new? It's time to PIVOT. PIVOT is a framework created by Chris Cochran that enables leaders and practitioners to do more with what we have — and even do what hasn't been done before. From SaaS adoption, to building new solutions, and everything in between, join this session to:
Chris Cochran, Creative Director and Cybersecurity Advocate, Axonius |
12:30 PM | Break |
12:40 PM | Managing and Shrinking The Attack Surface With Asset IntelligenceThe amount of context that cybersecurity analysts and engineers require for assessing security events is overwhelming. But here’s the good news: Asset intelligence can help. an asset intelligence strategy is the process of collecting, processing, and analyzing data to help teams understand the motives, targets, and behaviors of cybersecurity threats and your technology environment. Investing in a strategy to collect and curate asset intelligence should be a necessity for every cybersecurity team. Combining asset intelligence and automation is a tactic that teams can employ to scale their efforts while reducing team burnout. This is done by keeping an asset inventory and translating team tradecraft into logic that a machine can perform on the team’s behalf. Ron Eddings, Creative Director of Education, Axonius |
1:15 PM | Cloud Games - Level CISOLet’s talk about day 1-100 of a CISO in a cloud first organization. Apart from the leadership challenges that come with a new role, there are complexities of cloud security that are under-rated when it comes to managing risks. With every new service introduced in the cloud, new blindspots and opportunities for the threat are also created. In this session, Ashish will share common blindspots and risks that your team should consider while minimizing the attack surface in your cloud environment. Ashish will share stories of his first 100 days of a CISO that may include laughs and tears that other CISOs have also shared.Ashish Rajan, Former CISO Host, Cloud Security Podcast |
1:50 PM | PANEL: Deep Dive Into Your Attack Surface
Matthew Bromiley, SANS Instructor & Subject Matter Expert |
2:35 PM | Wrap-Up and Closing RemarksMatthew Bromiley, SANS Instructor & Subject Matter Expert |