In an era where "assume breach" is the status quo, organizations are working on the maturity of threat detection and incident response programs to mitigate the barrage of incoming malware and ransomware attacks.

This event delves into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit brings together security practitioners from around the world to share war stories on breaches and the murky world of high-end cyberattacks.

SecurityWeek’s Ransomware Resilience and Recovery Summit was designed to help businesses to plan, prepare, and recover from a ransomware incident.

Sponsors

Diamond Sponsor

Platinum Sponsors

Gold Sponsor

Agenda

Agenda

May 22, 2024 11:00

Ransomware's Favorite Back Office Products

We're all unfortunately aware of Ransomware groups using Exchange vulnerabilities to gain a foothold into organizations, but I bet you can't guess what other software they've been targeting lately! Come hear about recent Ransomware detection stories discovered by SentinelOne's threat-hunting team, Watchtower.

  • Learn about a recent trend of abuse targeting another popular back office software.
  • Understand how to prevent, detect, and respond to these threats.
speaker headshot

Jake Mowrer
SentinelOne, Office of the Field CISO - Security Specialist

May 22, 2024 11:30

Fortifying Cyber Defense: The Synergy of Threat Intel & Incident Response

In today's complex and ever-changing cybersecurity landscape, effective collaboration between threat intelligence and incident response teams is paramount. This session explores the symbiotic relationship between these two critical functions, delving into the challenges posed by emerging threats and providing insights into how SOC teams can strengthen their defenses against bad actors. Through real-world examples and best practices, attendees will gain practical strategies for integrating threat intelligence into incident response processes, leveraging automation and AI, and preparing for future trends in cybersecurity.

Key Takeaways:

  • Understand the role of threat intelligence in enhancing incident response capabilities.
  • Learn strategies for effective collaboration between threat intelligence and incident response teams.
  • Explore emerging technologies and trends shaping the future of cybersecurity defense.

May 22, 2024 12:15

BREAK

Please visit our sponsors in the Exhibit Hall and explore the resources in their booths. They're standing by to answer your questions now.

May 22, 2024 12:30

Establishing Trust in a Zero Trust world is a Continuous Process

It’s no secret that the threat landscape has continued to evolve and successful attackers are no longer hacking in, but logging in. As Zero Trust becomes the new security paradigm, what does this really mean in a digital landscape where it feels like you can’t trust anyone or anything anymore? When considering the role that identity plays within Zero Trust, it’s helpful to think of verifying Identity as a continuous process rather than a discrete event. A robust identity platform needs to provide the means to not only manage identity, verify users at every stage, but also continuously evaluate the validity of that users session.

Join us to hear more about:

  • Why Zero Trust is more than a buzzword with a look at the global trends from our annual Zero Trust report
  • What the three stages of Identity verification are, the potential threats at each stage, and how to stop them.
  • How to safeguard your ecosystem with continuous risk assessment with Identity-centric threat detection and response
speaker headshot

Eila Shargh
Okta, Director, Solutions Product Marketing-Workforce

May 22, 2024 13:00

Building Your Ransomware Preparedness Plan

In today's ever-evolving cyber landscape, incident response and network protection are paramount for organizations of all sizes. This session delves into the strategies and tactics essential for safeguarding networks from vulnerabilities and efficiently mitigating threats. From identifying potential weaknesses to implementing robust incident response plans, attendees will gain insights into practices proven effective, and practical approaches to fortify their organization's defenses. Join us to explore real-life use cases from the frontline of cyber defense and learn how to arm yourself with the knowledge needed to defend against emerging threats.

Key points to be covered:

  • Proactive approaches to identifying and addressing network vulnerabilities
  • Effective incident response strategies to contain and mitigate cyber threats
  • Collaboration techniques to enhance incident response efforts and strengthen network resilience
  • Real-life use case from a global, frontline incident response team
speaker headshot

James Sobel
NetWitness, Global Pre-Sales Lead, Incident Response

speaker headshot

Marco Faggian
NetWitness, Principal Consultant

May 22, 2024 13:30

Bringing IR into the Cloud Age

The cloud brings unprecedented opportunities - but also some challenges Automation is essential or we won’t survive Need to completely change the way our organizations think about DFIR

speaker headshot

Paul Stamp
Cado, VP of Products

May 22, 2024 13:50

BREAK

Please visit our sponsors in the Exhibit Hall and explore the resources in their booths. They're standing by to answer your questions now.

May 22, 2024 14:05

AI-Driven Binary Analysis: Next Generation Malware Detection at Speed & Scale

Today’s businesses are faced with an exponentially growing number of files that need to be effectively analyzed without slowing down operations. SOC teams must constantly worry about malicious files flowing into and around their network, be it from email, web downloads, cloud services, mobile devices, supply chain, or other sources. Not only does the sheer volume of files pose a challenge for analysts, but so does the increasing size and complexity of files. Adversaries have become adept at developing sophisticated malware hidden inside complex file structures to circumvent detection by traditional security tools, including endpoint security, email protection, and sandbox environments, which are limited in their depth and speed of analysis, as well as their inability to analyze large file sizes and certain file types. Learn how ReversingLabs’ high-speed binary analysis overcomes these challenges:

  • Inspect thousands to hundreds of thousands of files per day in real-time
  • Analyze large file sizes up to 100GB
  • Identify advanced malware missed by other tools
  • Reduce dependency on sandboxes
speaker headshot

Jason Valenti
ReversingLabs, Director of Product Management - Malware Analysis and Threat Hunting

May 22, 2024 14:35

Compromised Credentials in 2024: What to know about the world’s #1 attack vector

TBD

speaker headshot

Tim Chase
Lacework, Field CISO

speaker headshot

James Condon
Lacework

[On-Demand] Okta FastPass: Zero trust authentication for phishing resistant, passwordless access

Okta FastPass: Zero Trust Authentication For Phishing Resistant, Passwordless Access Sr. Technical Marketing Manager, Harish Chakravarthy demonstrates how Okta FastPass offers phishing resistance to advanced phishing attacks such as adversary-in-the middle.

[On-Demand] SentinelOne Demo: Enhancing Cybersecurity with the AI-Powered Singularity Platform

Modern threats don't respect the boundaries of traditional security - they move laterally as quickly as possible, finding the path of least resistance to gain credentials and access to data or infrastructure. For the analyst; visibility across endpoint, cloud, data, and identities is critical to understanding posture and rapidly responding to attacks. Learn about our vision and how the Singularity Platform can protect your business from threats like ransomware during this live demonstration.

[On-Demand] Cado Security Demo

Cado Security is the first investigation & response automation platform focused on revolutionizing IR for the hybrid world. Cado reduces response times & empowers security teams to add critical context to everyday security investigations.

[On-Demand] Lacework Demo: Polygraph Data Platform

Lacework was founded on the principle that security is a data problem, so we built our platform to ingest various cloud data sources from AWS, Azure, and GCP activity in a visual way. Lacework Polygraph automates detections at scale and enables organizations to reduce complexity and focus valuable resources more effectively by alerting only on the events that matter.

[On-Demand] ReversingLabs Demo: Advanced Hunting with YARA at Scale

Import, develop, test, and deploy YARA rules at scale. Perform enterprise-wide YARA scanning with custom rule matching and targeted retro-hunts against thousands of object characteristics from any file or email source.