Denver, CO

Threat-informed defense is a strategic approach to cybersecurity that combines threat intelligence with traditional security measures and threat analysis. During this presentation you’ll learn how to form a strategy that can proactively identify threats before they can cause damage or disruption.

You wouldn’t play poker blind, so why search for cyberthreats without analytics?

Searching data lakes for cybersecurity threats or vulnerable assets without using scaled analytics is like playing a round of poker while blindfolded! You always want the upper hand, so in this talk, you’ll learn how security related content including pre-built reports, dashboards, and visualizations can handle common security and compliance requirements. Analytics ensure sound security postures so organizations don’t fold to cyber threats.

By simplifying the review of an enterprise data lake using easily implemented data science with scaled analytics, you can eliminate blind spots and significantly improve your organization’s cybersecurity framework. We’ll also show you how the SOC can extract the most value from security data, plus we’ll share many more stealth tips for your advantage.

API’s have exploded over the last couple of years as the pandemic changed the way organizations do business and how they relate to their users. This has served to drastically increase the number of doors open to the Data. But what hasn’t changed is the target. With Data still in the crosshairs, the challenge of protecting that data has increased accordingly.

Learn what organizations are doing today to mitigate the threat to Data from the exponential increase in access to that data via the explosion of API’s and API access points.

In today’s interconnected world, the digital and device supply chain has become increasingly complex, making it more vulnerable to security threats and attacks. As organizations rely on a myriad of devices and software to drive their operations, ensuring the integrity and security of the supply chain is paramount.

In this session, we will cover:

• Introduction to the digital and device supply chain: Understanding the interconnected ecosystem of hardware, software, and services

• Understanding the Attack Surface Below the OS: Identifying potential weak points and vulnerabilities in the supply chain

• Best practices for supply chain security: Proactive measures to strengthen security, including risk assessments, secure sourcing, verification and authentication processes, and supply chain visibility.

Every business desires to be unhackable. Even air-gapped environments have data leakage, but there are proven steps that can significantly limit your exposure without causing undue irritation to your staff. In this session, we will review these proven solutions and which ones must be implemented today.

There’s never a dull moment in the Security Operations Center (SOC). In this session, Daniel Smallwood shares some of the most interesting security incidents he’s encountered during his 20-year career as a threat researcher and engineer in the federal and private sectors. These include:

• The Case of the Missing Hard Drive: Lessons Learned from Handling an Insider Threat
• From the UK to Aliens to Pink Floyd: The British Hacker Story
• The Network is Overrun with Coin Miners: How to Approach an Overwhelming Breach

Daniel discusses not only the story of what happened, but the tools and techniques used and developed that brought success.