Agenda

The SentinelOne platform unifies Prevention (EPP), Detection & Response (ActiveEDR), Fast Recovery, Incident Response Threat Hunting, and Security Suite features into a single-agent solution for modern Windows, Mac Linux and Kubernetes.

In this overview we touch upon these high-level capabilities:

• Prevention: Delivered using pre-execution Static AI technologies that replace signatures. Used to detect file-based malware in PE, PDF, and Microsoft Office files.
• Detection: Delivered using on-execution Behavioral AI technologies that detect anomalous actions in real time at the endpoint without cloud reliance. Used to detect fileless attacks, exploits, bad macros, evil scripts, cryptominers, ransomware and other attacks.
• Response: Delivered in milliseconds to shutdown attacks thereby reducing dwell time to near zero. Includes alert, kill, quarantine, and network containment.
• Recovery: One-click reversal (remediation) of unwanted changes, Windows rollback to recover data, remote shell.
• Hunting: Delivered as a supplement to Prevention/Detection/Response for organizations that need advanced IoC and artifact hunting capability.

The promise of the Security Data Lake is to provide a centralized, massively scalable repository for ALL data relevant for the Security Operations team, enabling many core functions required by the modern enterprise -- monitoring and alerting, threat hunting, advanced persistent threat protection, DDoS mitigation and many others.  

But the quest to achieve it has been a rocky one, as infrastructure complexity has prevented most teams from achieving the vision.  

This session will explain the benefits of achieving a true security data lake, explain the previous barriers that companies have faced, and describe a new approach which is allowing companies to achieve the vision, and finally put the Security Data Lake at the heart of their overall Security Architecture.  

Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.

In this session, you will learn what the CIS Controls are, why people use them, and how they can be used to grade the maturity of your security program. This will help you shape your security budget for the next few years.

Presentation Level: MANAGERIAL (security and business leaders)

Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.

The attack on SolarWinds and ensuing trojaning of the Orion Network Management product had a potential effect on every organization on the planet. IT teams scrambled to determine if Orion was installed on their infrastructure, whether they’d upgraded to the trojaned version at any point, and if the attackers had targeted them for second stage compromise. Even today, BitSight is observing signs that organizations still haven’t reconciled their security posture, and we’re working with organizations to identify their exposure.

Join us to learn where organizations could have better prepared for a supply chain attack and the practices you need to put in place to be able to respond to incidents ranging from a global supply chain attack to nuisanceware.

Most organizations have a hybrid implementation of cloud and on-prem services. With the rapid adoption of business digitalization and expanding remote work force, how do we consolidate controls and enhance the security of the systems?

In this hybrid mode, enterprises need speed, visibility, security, and reliability without compromise. Enter the secure access service edge, better known as SASE. It’s inevitable that SASE implementations and Zero Trust implementations will provide a more comprehensive security capability to truly support digital transformation. How can your organization best position itself for the transition?

In this session, James Christianson will discuss:
·  How to migrate your security controls to take advantage of SASE
·  Reducing cost while increasing your security posture
·  Implementing a road map for SASE / Zero Trust

Nothing has been more disruptive to the landscape of the financial services industry than digital transformation, defined as “the process of using digital technologies to create new—or modify existing—business processes, culture, and customer experiences to meet changing business and market requirements.” In this session, we’ll demonstrate how all digital transformation efforts rely, ultimately, on machines, whether those are virtual and serverless systems, containers and applications, or IoT and end-user devices.

We’ll also show how a whole new security category has arisen—what Gartner calls Machine Identity Management—to instantly and dynamically protect the tens of thousands of machine identities driving digital transformation. Lastly, we’ll show how Visibility, Intelligence, and Automation are the building blocks you need to design and implement a Machine Identity Management program that bridges current practices and the emerging technologies of the future.

Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.

We all must acknowledge that we are in a pandemic of cyberattacks, in a world of an ever-increasing attack surface, with no one single technological vaccine.

In this session by Gigamon, we will discuss practical, real-world approaches to providing continuous visibility in your complex attack surface, allowing you to combat the threat landscape and therefore increase your confidence in your security posture.

Visit the Exhibitor Hall for vendor displays or connect in the Networking Lounge.