Solutions Forum 2022: Is Your SecOps Ready for Cloud and Containers?

Thursday, 20 Oct 2022 11:00AM EDT (20 Oct 2022 15:00 UTC)
Speakers: Jake Williams, Janet Matsuda, Michael Isbitski, Anna Belak, Stefano Chierici, Daniella Pontes, Xavier Mendez, Asha Ramakrishna

Skyscanner and Sysdig Join SANS to Share Insights

You likely have existing security capabilities to support threat detection and response in your organization, but are those capabilities designed for cloud and cloud-native environments? “Endpoint” or “host” concepts fade in favor of containers, serverless, and service interactions. Traditional security approaches can’t address the range of potential problems. What is your plan for maintaining visibility and control as IT teams evolve their technology stacks? Attend this forum to understand the types of threats impacting cloud and containers and hear from other industry veterans on topics including:

How to mitigate newer threats in cloud and container environments, such as compromised container images and cryptojacking
What’s needed to correlate events, map to MITRE ATT&CK, investigate incidents, and trigger appropriate response
How remediation must include “as-code” approaches and automation in cloud-native designs

Join the SANS Solutions Forum Interactive Slack Workspace for this event (and all SANS Forums)! Connect once, and you're set for all events in 2022!

REGISTER FOR A CHANCE TO WIN A FREE SANS COURSE!
As an added bonus, one lucky registrant will be chosen to receive a SANS Cloud Security Course valued at $8,200!! *** All event registrants will be entered in a drawing for a complementary SANS Cloud Course of your choice sponsored by Sysdig.*** (Travel & hotel expenses not included).

Login to Register

Sponsor

Partner

Agenda | October 20, 2022 | 11:00AM - 1:00PM ET

Schedule (EDT)	Description
11:00 AM	Welcome & Opening Remarks Jake Williams, Senior Instructor, SANS Institute Janet Matsuda, Chief Marketing Officer, Sysdig
11:10 AM	Evolve Your SecOps Strategy for the Cloud Era Traditional endpoint security approaches and tools like EDR aren't enough to secure cloud and cloud-native environments. Gaps in security monitoring or lost audit trails are inevitable, making forensics and incident response challenging, if not impossible. In this session, learn how: Endpoint security tools can leave you exposed to cloud threats Added context is needed for containers, Kubernetes, and cloud services Remediation must use “as-code” approaches and automation in order to be effective Michael Isbitski, Director of Cybersecurity Strategy, Sysdig
11:25 AM	DEMO: Applying EDR-like Workflows to Containers and Kubernetes In this 10 minute demo, we will demonstrate how Sysdig provides an EDR-like experience and enables rapid response for cloud, containers, and Kubernetes environments. Daniella Pontes, Sr. Product Marketing Manager, Sysdig
11:35 AM	The Right Time and Place for Machine Learning Pixie Dust Moving to the cloud changes how we think about security, but we still want the most sophisticated detection and response systems money can buy. What’s the right formula for the best coverage against new threats? In this session, we will: Learn about the nuances of machine learning in security Identify security use cases where ML shines or falls short Show how cryptojacking can be mitigated with carefully tailored ML Anna Belak, Director of Thought Leadership Engineering, Sysdig
11:50 AM	DEMO: Detecting Crytojacking in the Cloud with Machine Learning In this 10 minute demo, we will show you how Sysdig can automatically detect cryptojacking patterns with 99% precision using ML. Nigel Douglas, Technical Marketing Manager, Sydig
12:00 PM	Accelerate Cloud Detection and Response Using the MITRE ATT&CK Framework As cloud threats continue to rise, understanding an adversary’s tactics, techniques and procedures (TTPs) is critical to strengthening cloud security. How can you pull together a unified and simplified approach to speed up detection and response for your SOC team? In this session, we will: Dive into a comprehensive view of the MITRE ATT&CK for Cloud Matrix Explore real attack scenarios and best practices to detect them Share how open source tools like Falco power threat detection and response Stefano Chierici, Sr., Security Researcher, Sysdig
12:15 PM	DEMO: Cloud Detection and Response Using MITRE In this five minute demo, we will demonstrate how to detect and respond to threats across cloud and containers using the MITRE ATT&CK framework. Daniella Pontes, Sr. Product Marketing Manager, Sysdig
12:20 PM	Fireside Chat: What Does Effective Cloud Detection and Response Look Like? Hear from a panel of industry veterans on how environments have changed with adoption of cloud and container services, and how it's necessitated changes to threat detection and response. The panel will address real-world impacts to SecOps strategies in modern architecture and how processes and tooling must evolve. Moderator: Jake Williams, Senior Instructor, SANS Institute Panelists: Michael Isbitski, Director of Cybersecurity Strategy, Sysdig for TL Xavier Mendez, Head of Security, Skyscanner Asha Ramakrishna, VP of Engineering, Sysdig
12:50 PM	Wrap-Up and Closing Remarks Jake Williams, Senior Instructor, SANS Institute

Related Content

blog image - ransomware summit.png

Digital Forensics, Incident Response & Threat Hunting

A Visual Summary of SANS Ransomware Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS Ransomware Summit 2024

Cyber Defense, Digital Forensics, Incident Response & Threat Hunting, Industrial Control Systems Security, Penetration Testing and Red Teaming

January 29, 2024

A Visual Summary of SANS CTI Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS CTI Summit 2024

CTI_Blog_part_1_(1).png

Digital Forensics, Incident Response & Threat Hunting

January 12, 2024

Helping CTI Analysts Approach and Report on Emerging Technology Threats and Trends (Part 2)

How to approach, research, and develop analytic assessments on emerging technologies and threat trends (Part 2)