Agenda

Your business is moving data to the cloud without all the security controls mandated for on-prem. After all, the promised economics and business agility are far too attractive for business leaders to ignore. But attackers are after data, auditors demand evidence, and Security is still responsible for protecting data. You need to catch up with that data before attackers and auditors find it, and you need to catch up right now.

Join Imperva to learn how to reconcile Security’s need for visibility with the business’s need for speed and agility—in minutes.

This session will include:

• Learn the fast path to getting control of your data already in the cloud
• What capabilities you will have to bring to make cloud DBaaS secure and audit-ready
• How cloud-native data security can be frictionless to the business’s need for speed

Red team is a commonly misunderstood offensive security discipline. Red team has been used as a general term for all areas of offensive security, just as blue team for defensive security. True red teaming goes beyond pentesting and into more adversarial emulation. While there are overlapping skills, there are differences that will be discussed as Phillip shares his experience of going from a pentester to a red teamer. In this talk, you will learn about the different areas that make up red team operations, common tools, and the path to becoming a red teamer.

Attendees will learn the following:

• What is offensive security
• Domains of offensive security from pentesting to red teaming
• Differences between pentesting and red team
• How the threat actor mindset is important for exposing possible breaches
• Learning resources and how to become a red teamer

We are living in different times that demand different ways of thinking. Many existing Information Security tools have lost some visibility and viability. How has your thinking changed about your Information Security program? Maybe more importantly, what are you thinking the future will look like and how are you posturing your next purchase, hire, or action to be prepared for the next pivot? We will talk about some questions you should be asking yourself, your team, your peers, and your executives.

The attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing.

Does your company use Windows or is most of the environment Windows? Come to this session to specifically learn the ins and outs of what are the most critical things needed in order to establish a respectable blueteam program at your organization. Do you know what Windows security event log 4688 mean? What about others? What are the event logs that you should know by hand or have a cheat-sheet for? What are some tools that you should be using and how can you automate them to help detect lateral movement. Also, we will be leveraging opensource tools. No, additional $ is not required. Trying harder, building your technical skills and doing proactive threat hunting will help you and your team. “Don’t worry all of this information will be useful for all no matter what level.” Per time permitting, we might also quickly talk about incident response as well, initially. Also, bring your technical questions too during our Q&A session.
Presentation Level: TECHNICAL (deeper dive including TTPs)

Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.