In an era where "assume breach" is the status quo, organizations are working on the maturity of threat detection and incident response programs to mitigate the barrage of incoming malware and ransomware attacks.
This event delves into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.
SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit brings together security practitioners from around the world to share war stories on breaches and the murky world of high-end cyberattacks.
May 22, 2024 11:00
We're all unfortunately aware of Ransomware groups using Exchange vulnerabilities to gain a foothold into organizations, but I bet you can't guess what other software they've been targeting lately! Come hear about recent Ransomware detection stories discovered by SentinelOne's threat-hunting team, Watchtower.
Jake Mowrer
SentinelOne, Office of the Field CISO - Security Specialist
May 22, 2024 11:30
In today's complex and ever-changing cybersecurity landscape, effective collaboration between threat intelligence and incident response teams is paramount. This session explores the symbiotic relationship between these two critical functions, delving into the challenges posed by emerging threats and providing insights into how SOC teams can strengthen their defenses against bad actors. Through real-world examples and best practices, attendees will gain practical strategies for integrating threat intelligence into incident response processes, leveraging automation and AI, and preparing for future trends in cybersecurity.
Key Takeaways:
John Pirc
NetWitness, Director, Product Line Management
Steve Baer
NetWitness, Global VP, Field Sales & Service
Arthur Fontaine
NetWitness, Head, Product Marketing
May 22, 2024 12:15
Please visit our sponsors in the Exhibit Hall and explore the resources in their booths. They're standing by to answer your questions now.
May 22, 2024 12:30
It’s no secret that the threat landscape has continued to evolve and successful attackers are no longer hacking in, but logging in. As Zero Trust becomes the new security paradigm, what does this really mean in a digital landscape where it feels like you can’t trust anyone or anything anymore? When considering the role that identity plays within Zero Trust, it’s helpful to think of verifying Identity as a continuous process rather than a discrete event. A robust identity platform needs to provide the means to not only manage identity, verify users at every stage, but also continuously evaluate the validity of that users session.
Join us to hear more about:
Eila Shargh
Okta, Director, Solutions Product Marketing-Workforce
May 22, 2024 13:00
In today's ever-evolving cyber landscape, incident response and network protection are paramount for organizations of all sizes. This session delves into the strategies and tactics essential for safeguarding networks from vulnerabilities and efficiently mitigating threats. From identifying potential weaknesses to implementing robust incident response plans, attendees will gain insights into practices proven effective, and practical approaches to fortify their organization's defenses. Join us to explore real-life use cases from the frontline of cyber defense and learn how to arm yourself with the knowledge needed to defend against emerging threats.
Key points to be covered:
James Sobel
NetWitness, Global Pre-Sales Lead, Incident Response
Marco Faggian
NetWitness, Principal Consultant
May 22, 2024 13:30
The cloud brings unprecedented opportunities - but also some challenges. Automation is essential or we won’t survive, and we need to completely change the way our organizations think about DFIR.
Paul Stamp
Cado, VP of Products
May 22, 2024 13:50
Please visit our sponsors in the Exhibit Hall and explore the resources in their booths. They're standing by to answer your questions now.
May 22, 2024 14:05
Today’s businesses are faced with an exponentially growing number of files that need to be effectively analyzed without slowing down operations. SOC teams must constantly worry about malicious files flowing into and around their network, be it from email, web downloads, cloud services, mobile devices, supply chain, or other sources. Not only does the sheer volume of files pose a challenge for analysts, but so does the increasing size and complexity of files. Adversaries have become adept at developing sophisticated malware hidden inside complex file structures to circumvent detection by traditional security tools, including endpoint security, email protection, and sandbox environments, which are limited in their depth and speed of analysis, as well as their inability to analyze large file sizes and certain file types. Learn how ReversingLabs’ high-speed binary analysis overcomes these challenges:
Jason Valenti
ReversingLabs, Director of Product Management - Malware Analysis and Threat Hunting
May 22, 2024 14:25
Credentials, made up of passwords and usernames, serve as the keys to our online existence. According to Lastpass, professionals manage up to 200 sets of credentials on average, emphasizing the need for strong, unique passwords that are regularly updated. When credentials are compromised, cyber attackers gain frictionless entry into sensitive systems and can often move laterally to find your crown jewels. Attend this webinar to understand:
Tim Chase
Lacework, Field CISO
James Condon
Lacework
May 22, 2024 14:55
The Open Source Security Foundation (OpenSSF) has introduced the OpenSSF Siren, a community data-sharing initiative aimed at bolstering the defenses of open source projects worldwide. In this fireside chat, OpenSSF Ecosystem Strategist Bennett Pursell discusses the origins and goals of OpenSSF Siren, exploring transparent access to data that can help small- and medium-sized businesses during active incidents. Pursell also shares insights on the value of threat intelligence, the shelf life of IOC (indicators of compromise) and how businesses with limited resources can mitigate exposure to risk.
Bennett Pursell
OpenSSF, Ecosystem Strategist
Ryan Naraine
SecurityWeek, Editor-at-Large
May 22, 2024 15:25
In this demonstration, SentinelOne showcases how to fortify your environment against evolving threats using the Singularity™ Platform. Watch to see the critical importance of having visibility across endpoints, cloud, data, and identities for understanding and responding to these threats. During the demonstration, SentinelOne covers:
May 22, 2024 15:40
Okta FastPass: Zero Trust Authentication For Phishing Resistant, Passwordless Access Sr. Technical Marketing Manager, Harish Chakravarthy demonstrates how Okta FastPass offers phishing resistance to advanced phishing attacks such as adversary-in-the middle.
May 22, 2024 15:45
Cado Security is the first investigation & response automation platform focused on revolutionizing IR for the hybrid world. Cado reduces response times & empowers security teams to add critical context to everyday security investigations.
May 22, 2024 16:05
Import, develop, test, and deploy YARA rules at scale. Perform enterprise-wide YARA scanning with custom rule matching and targeted retro-hunts against thousands of object characteristics from any file or email source.
May 22, 2024 16:25
Lacework was founded on the principle that security is a data problem, so we built our platform to ingest various cloud data sources from AWS, Azure, and GCP activity in a visual way. Lacework Polygraph automates detections at scale and enables organizations to reduce complexity and focus valuable resources more effectively by alerting only on the events that matter.
Okta FastPass: Zero Trust Authentication For Phishing Resistant, Passwordless Access Sr. Technical Marketing Manager, Harish Chakravarthy demonstrates how Okta FastPass offers phishing resistance to advanced phishing attacks such as adversary-in-the middle.
In this demonstration, SentinelOne showcases how to fortify your environment against evolving threats using the Singularity™ Platform. Watch to see the critical importance of having visibility across endpoints, cloud, data, and identities for understanding and responding to these threats. During the demonstration, SentinelOne covers:
Cado Security is the first investigation & response automation platform focused on revolutionizing IR for the hybrid world. Cado reduces response times & empowers security teams to add critical context to everyday security investigations.
Lacework was founded on the principle that security is a data problem, so we built our platform to ingest various cloud data sources from AWS, Azure, and GCP activity in a visual way. Lacework Polygraph automates detections at scale and enables organizations to reduce complexity and focus valuable resources more effectively by alerting only on the events that matter.
Import, develop, test, and deploy YARA rules at scale. Perform enterprise-wide YARA scanning with custom rule matching and targeted retro-hunts against thousands of object characteristics from any file or email source.