Nashville Cybersecurity Conference

Mike Sci is going to introduce you to the MITRE ATT&CK framework as a comprehensive tool for understanding adversary behavior to create defenses against these tactics and techniques.

• Definition and purpose of the MITRE ATT&CK framework.
• Explanation of how MITRE ATT&CK catalogs tactics, techniques, and procedures used by adversaries during cyber-attacks.
• Overview of the MITRE ATT&CK matrix structure
• How Adlumin uses MITRE and other frameworks to create a product and service to defend against adversaries to prevent business disruption

With automation changing the landscape, global cyber losses attributable to bot attacks now average between $68-$116B annually. We will examine data from the Imperva Threat Research team to investigate the scope of the challenge, review real-world examples and provide practical steps you can take to prepare for the inevitable security incident.

We will dive into the increasing threat posed by ransomware and why it’s critical to address this challenge head-on. Myriad360 will explain the value of a Reference Architecture in building a strong defense against these attacks. They will also explore how ransomware tactics are continuously evolving, requiring organizations to stay agile in their security approach. Lastly, they touch on other key factors that should be considered when planning a comprehensive cybersecurity strategy to protect against ransomware and other threats.

High-value executives face risks in their personal digital lives that cascade risk to their corporate infrastructure. In this session, we unpack the sophisticated methodologies employed by adversaries aiming to exploit personal vulnerabilities to orchestrate corporate breaches.

Organizations must detect and respond to cyber-attacks before the attacker’s objective is completed. Managed XDR is central to the job. AI is poised to be the force multiplier we’ve been awaiting. But is it a near-term reality? This presentation will cover:

• Typical attack sequence and observable signals
• Why is it so hard to catch the bad guys?
• What is the detection and response process?
• Historical AI in cyber, changes with LLMs
• The next wave of AI: Agents
• Whether to be bullish or bearish on SOC AI near-term potential

Application security testing (AST) in pre-prod can be highly effective but robust regimens for doing so are shockingly rare. What you see instead are a few underutilized tools introduced mostly to check a compliance box without significantly reducing actual risk. On the other hand,  current tools and techniques for doing AST in production are very limited.This talk explores technology and techniques to do it effectively in production which in turn fundamentally changes the economics of being able to do it well in pre-prod.The parallel is that over the last decade or so, application performance and load testing moved from pre-prod to production with the introduction of efficient APM agents and practices like canary deploys. The motivations are the same. Production is the REAL context, not mocked or assumed. User behavior is also REAL, not simulated with automated or manual tests.What are the equivalent technology and techniques so we can create an application vulnerability monitoring (AVM) movement? How close are we to perfecting them? What can you do to accelerate their adoption?

Understanding what an attack looks like and how the recovery process works for multiple ‘disaster’ situation

As organizations increasingly migrate to the cloud, the landscape of cybersecurity is evolving at a rapid pace. The advent of Artificial Intelligence (AI) brings both unprecedented opportunities and challenges, making it imperative for cloud security strategies to advance accordingly. Join this session to hear from Wiz why organizations are adopting AI-SPM (AI- Security Posture Management) into their CNAPP strategy and how you can effectively secure AI workloads in the cloud while accelerating AI innovation securely.​