Simon Crosby

Simon Crosby - Keynote

Founder and CTO, Bromium

The rapid adoption of cloud computing has been paralleled by profound changes in end-user computing: Mobility, consumerization, and the “untrusted web” lead inexorably toward a stark reality: IT is losing control over enterprise computing. Users need to access enterprise-hosted applications as well as SaaS apps and the consumer web, but today’s end points are impossible to defend – making them the perfect vector for a sophisticated attacker seeking access to enterprise applications and networks. When a device is compromised all data on the device and every cloud-hosted application to which the client connects can be attacked. The end-point is the easy way into a “secure” cloud. This talk will present an architecture for secure mobility that can make any device (PC, Mac, tablet) secure by design, on any network, and when accessing any application. Our approach is based on micro-virtualization – which uses a specialized hypervisor, called a Microvisor, together with CPU features for virtualization, to hardware-isolate individual user tasks (each domain or document accessed). The talk will describe the specialized Xen® hypervisor, called a Microvisor, required to deliver on our goals, and will cover components for multi-domain security, secure mobility and safe collaboration. In our architecture, hardware-isolated micro-VMs ensure security and privacy of the system overall, and for each domain. Malware is unable to escape isolation into the system as a whole or to gain access to any high value networks or applications. Micro-VMs are unaware of each other, and execute in a least- privilege environment, with no access to data or sites other than those specifically required for their task. They are automatically erased when the user ends the task, eliminating all malware. Sharing between tasks requires user direction that can be precisely controlled by policy. A key benefit of the approach is that it not only secures the device, without any need to detect malware, but it also allows the device to attest to its secure posture during authentication, as the user connects to an enterprise network or application, for example using the FIDO protocol or IF-MAP. In addition it has an ability to ensure continued compliance with enterprise policy – controlling access to enterprise content based on arbitrary policies, while providing continued assurance to IT departments.


Read more

Dan Geer - Keynote

CISO, In-Q-Tel

Let us consider, for the moment, that we solve the problem of cybersecurity. What would that look like? Is such an outcome really in the cards, or is the future more like the Hundred Years' War -- with an ebb and flow of successes and setbacks no matter which side you are on? If conflict is the most reliable source of history-changing innovations, then is it possible to anticipate not only what winning would look like but who might be the winner? Is this a "good war" or something else again?


Read more

rick howard

Rick Howard - Keynote

CSO, Palo Alto Networks


Read more

Shelley Westman

Shelley Westman - Keynote

Vice President, Operations & Strategic Integration Initiatives , IBM

Change isn’t coming. It’s already here. More devices. More access points. More valuable data in the cloud. In this new digital era, perimeter controls and traditional security practices are not enough to safeguard your enterprise. You need security for the way the world works. Security intelligence and integrated controls are today’s essentials to gain visibility and get to a higher level of maturity. Learn how cloud, collaboration and cognitive will define the next era of security to help you outthink attackers and proactively protect your most critical assets.


Read more

cassio

Cassio Goldschmidt

Vice President-Security Science Practise , Stroz Friedberg

Bitcoin is not only a currency. It's a system, a platform and an invention. Many human activities that previously required centralized institutions or organizations to function as authoritative or trusted points of control can now be decentralized. This has profound implications for security. To take full advantage of this new paradigm, traditional security concepts need to be redefined.
This presentation will review and dissect some of bitcoin’s core components and their security controls. The speaker will analyze and explain the controls and how they could be repurposed in other domains.


Read more

Andrew Wicker

Andrew Wicker

Machine Learning Engineer, Microsoft

Developing signals that reliably detect security events in the cloud is a nontrivial task fraught with nuances between malicious and benign behavior. In order to make the leap from an uninteresting anomaly to an actionable security event, we take advantage of the full range of resources available, such as threat intelligence data, behavioral analytics, and human analysts. In this talk, I will discuss how Microsoft is tackling these challenges to protect identities in the cloud.


Read more

 ANTHONY BRADDY

Anthony Braddy

Senior Principal Security Program Manager, Veracode

Managing the risk surrounding a 3rd party supply chain while providing testing services provides unique challenges. In particular, ensuring alignment of objectives and communications amongst the various Enterprise, Vendor, and Veracode teams requires an active, healthy partnership. As more Vendors already using Veracode have been identified to participate in and conform to Wells Fargo’s more mature program requirements, we have developed several tips and techniques to ensure the mutual success of all parties. We and our colleagues at Wells Fargo would like to share those with you. Anthony Braddy, Veracode; Damien McCall, Wells Fargo


Read more

Damien McCall

Vendor Application Security Testing Program Engagement Manager, Wells Fargo

Managing the risk surrounding a 3rd party supply chain while providing testing services provides unique challenges. In particular, ensuring alignment of objectives and communications amongst the various Enterprise, Vendor, and Veracode teams requires an active, healthy partnership. As more Vendors already using Veracode have been identified to participate in and conform to Wells Fargo’s more mature program requirements, we have developed several tips and techniques to ensure the mutual success of all parties. We and our colleagues at Wells Fargo would like to share those with you. Anthony Braddy, Veracode; Damien McCall, Wells Fargo


Read more

Dan Cornell

Principal of Denim Group, Ltd., Denim Group

A web application’s attack surface is the combination of URLs it will respond to as well as the inputs to those URLs that can change the behavior of the application. Understanding an application’s attack surface is critical to being able to provide sufficient security test coverage, and by watching an application’s attack surface change over time security and development teams can help target and optimize testing activities. This presentation looks at methods of calculating web application attack surface and tracking the evolution of attack surface over time. In addition, it looks at metrics and thresholds that can be used to craft policies for integrating different testing activities into Continuous Integration / Continuous Delivery (CI/CD) pipelines for teams integrating security into their DevOps practices.


Read more

Edson Sierra

IT Security Analyst, Duke Energy

Cyber threats are constantly evolving and becoming more frequent and sophisticated. While there are many traditional incident response methodologies, we will be focusing specifically on the Cyber Kill Chain (CKC) methodology using the Intelligence Driven Defense(IDD) framework as this will be part of Duke Energy’s CSOC implementation. The intelligence collected from various sources and the more knowledge you have about a certain campaign or adversary, the better you can proactively drive your defense using the CKC model. We will present a campaign and decompose the threat applying the CKC model while leveraging the IDD framework from different data points.


Read more

GUILLERMO TAIBO

Guillermo Taibo

IT Security Analyst, Duke Energy

Cyber threats are constantly evolving and becoming more frequent and sophisticated. While there are many traditional incident response methodologies, we will be focusing specifically on the Cyber Kill Chain(CKC) methodology using the Intelligence Driven Defense(IDD) framework as this will be part of Duke Energy’s CSOC implementation. The intelligence collected from various sources and the more knowledge you have about a certain campaign or adversary, the better you can proactively drive your defense using the CKC model. We will present a campaign and decompose the threat applying the CKC model while leveraging the IDD framework from different data points. Guillermo Taibo, Edson Sierra, Duke Energy


Read more

Igor Matlin

Senior Solutions Architect, Checkmarx

Secure coding is crucial when it comes to mobile applications. Unfortunately it seems that most applications are still exposing themselves to risks which can be mitigated by employing secure coding practices from the start.
Research by Checkmarx and AppSec-Labs reveals a troubling picture where applications expose an average of three or more critical application vulnerabilities.
During this session we will:
• Review the findings of the “State of Mobile Application Security” Report
• Understand the limitations of mobile application security solutions
• Discuss the risks introduced by hybrid application development
• Examine the importance of security at the code level


Read more

Jack Freund

Senior Manager | Cyber Risk and Controls, TIAA

This session will review a process for integrating threat intelligence data into Cyber Risk Management. Topics to be reviewed include normalized terminology, threat categorization, risk taxonomy, and measurement. Practical application of Open Source Intelligence (OSINT) and incident data will be covered. Finally, the session will review visualization for reviewing threat-risk integration with management.


Read more

James Peterman

Director, Product Security, Oracle Communications

Telecommunications Service Providers manage the critical communications infrastructure that enables today’s advanced mobile networks providing consumers with an always connected user experience. Security concerns abound and suppliers of equipment, software and services to the telecom industry are peppered with many questions. Jim Peterman and Don Ross, from Oracle’s Communications Global Business Unit, will explore some of the unique security challenges in protecting this highly valuable “middle ground” between consumers and the services they desire to use.


Read more

JOHN MELTON

John Melton

Principal Product Security Engineer, NetSuite

Microservices have recently become a very popular technique for application development. The paradigm brings significant value for certain types of applications, and the community certainly seems to be trending in this direction over the last few years. As with any development or architectural style, there are trade-offs. While there are many benefits to the microservices architecture, there are also drawbacks. When considering security, there are some unique benefits and challenges associated with this style. This talk will look at some of the interesting issues that arise when securing microservices and give some practical advice for those dealing with this task.


Read more

Micah Williams

Senior Software Security Engineer, Oracle Communications

Telecommunications Service Providers manage the critical communications infrastructure that enables today’s advanced mobile networks providing consumers with an always connected user experience. Security concerns abound and suppliers of equipment, software and services to the telecom industry are peppered with many questions. Jim Peterman and Don Ross, from Oracle’s Communications Global Business Unit, will explore some of the unique security challenges in protecting this highly valuable “middle ground” between consumers and the services they desire to use.


Read more

Richard Sheinis

Partner in the Charlotte Office of Hall Booth Smith, P.C., Hall Booth Smith

As cloud adoption moves forward, privacy and security risks in application coding need to be recognized and addressed. This discussion will focus on lessons learned as new cloud solutions are becoming available with the promise of reduced IT infrastructure costs, improved integration, and the capability of data analytics. The privacy and security challenge is to go beyond the historical approach of relying on contractual risk controls and effectively manage the risks of using these new types of third party services. In order to take this approach, it is essential to understand the typical business arrangements of many new cloud services and the importance of mitigating application security vulnerabilities. Learn about the latest challenges in Cloud migration for companies operating in the service sector and what important mitigation steps should be taken.


Read more

Ryan Kazanciyan

Chief Security Architect, Tanium

"Hunting" is a key phase of the incident response lifecycle that aims to identify, on a proactive basis, unknown threats lurking in an environment. In practice, many hunting teams focus on searching for public or purchased IOCs¬ often representing intelligence that has already been burned. Hunting without specific leads is difficult, and every environment (and incident) has its own unique characteristics. This presentation will provide analytic techniques that can identify generic evidence of post¬-compromise activity, with focus on the contemporary approaches that targeted attackers employ for credential harvesting, persistence, and lateral movement in Windows environments. It will illustrate sources of evidence that are ideal for large¬-scale anomaly analysis, and provide examples of how to effectively collect data, reduce noise, and minimize dependencies on external threat feeds.


Read more

Tom Pore

Director of IT & Services, Plixer

Your organization is valuable and the cyber criminals know it. Malicious actors constantly make attempts to exploit users for privileged access to your enterprise network. The biggest challenge is revealing network behavior using disparate data to identify when threats breach traditional security architecture. In this session, learn about security practices that reduce the complexity involved with advanced threat protection. Leverage the network as a sensor to manage the entire attack continuum. Find out how deeper insight into the extended network is gained by exporting Cisco AVC flows. Visualize and verify traffic policy and security of your IWAN deployment. Acquire insight into DNS communications and the Cisco ASA with FirePOWER that allows the security team to maintain continuous control and visibility during a targeted attack. Find out how to decrease time to network remediation with Cisco ISE, Splunk, Elasticsearch, and ArcSight integration.


Read more

Tony Ucedavelez

Tony Ucedavelez, Founder and CEO , Versprite

As cloud adoption moves forward, privacy and security risks in application coding need to be recognized and addressed. This discussion will focus on lessons learned as new cloud solutions are becoming available with the promise of reduced IT infrastructure costs, improved integration, and the capability of data analytics. The privacy and security challenge is to go beyond the historical approach of relying on contractual risk controls and effectively manage the risks of using these new types of third party services. In order to take this approach, it is essential to understand the typical business arrangements of many new cloud services and the importance of mitigating application security vulnerabilities. Learn about the latest challenges in Cloud migration for companies operating in the service sector and what important mitigation steps should be taken.


Read more

Christopher Houser

Christopher Houser

SVP, Cyber Threat Intelligence, Wells Fargo Corporation


Read more

Todd Inskeep

Principal, Commercial Consulting, Booz Allen Hamilton , Booz Allen Hamilton


Read more

Sam Phillips

VP, GM, CISO , Samsung Business Services

Mobility has unique needs and requirements for security. This session will discuss what should be considered when implementing or rearchitecting mobility in an enterpise environment.


Read more

Ehab Al-Shaer

Professor and Director of Cyber Defense and Network Assurability Center (CyberDNA), University of Charlotte at North Carolina


Read more

Roger Callahan

Managing Director , Information Assurance Advisory, LLC


Read more

Tim Bhatt

Chief Information Security Officer, Ally Financial


Read more