Washington, D.C.

In today’s world of hybrid work, multicloud environments, and BYOD, employees are connecting to new and multiple types of endpoints. Meanwhile, the sophistication of cyber-attacks continues to rise, making it more difficult to ensure the security of all endpoints across your organization.

In this presentation, learn how to create a strategy to bridge the gap between end-users and their workspaces, apps, and data, while providing a secure endpoint and seamless user experience.

There’s never a dull moment in the Security Operations Center (SOC). In this session, Daniel Smallwood shares some of the most interesting security incidents he’s encountered during his 20-year career as a threat researcher and engineer in the federal and private sectors. These include:

·        The Case of the Missing Hard Drive: Lessons Learned from Handling an Insider Threat

·        From the UK to Aliens to Pink Floyd: The British Hacker Story

·        The Network is Overrun with Coin Miners: How to Approach an Overwhelming Breach

For as little as $10, unsophisticated threat actors can steal information that allows them to impersonate a victim’s browser fingerprint, gain access to hundreds of unique logins stored in the browser, and potentially bypass corporate 2FA Controls. Seems like a steal?

With that level of access and quality data, the Infected Device Markets continue to grow on the dark web, clear web, and illicit Telegram channels. On February 14th at 11 am EST, join Flare Director of Marketing, Eric Clay, and Threat Intelligence Researcher, Guillaume Joly as they dissect the dark web supply chain. You should expect:

– A detailed walkthrough of a complex and interconnected dark web supply chain ranging from MaaS vendors selling malware variants to Initial Access Brokers selling access to compromised environments
– A deep dive into the specialized markets that sell infostealer malware including Russian Market, Genesis Market, as well as specific Telegram channels
– Insights into how Stealer Malware is distributed, collected, and data is exfiltrated
– Best practices to mitigate the risk of stealer malware to your organization & improve detection capabilities for listings that may contain logins unique to you

Good security requires a defense-in-depth strategy. Ensuring user trust, password managers, MFA, EDR and SSO tools all work together in concert. But, human error is often the weakest link in the security chain, you must ensure that other layers are in place to close this final link in the chain and mitigate against all modern attacks.

This talk will share a practitioner’s hard won insight from real-world implementations at two Fortune 500 enterprises and the journey those companies are on. We will share the vision that led these organizations down the path of a defense-in-depth strategy that included Zero Trust and Security Services Edge (SSE).

Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

This presentation will explore:

• The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
• Four attributes of a successful insider threat program
• How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster
• An automated investigation experience that replaces manual routines and effectively guides new insider threat teams

As the cybersecurity landscape continues to evolve, protecting organizations from daily cyber threats is becoming increasingly difficult. According to the Verizon Data Breach Investigation Report, over 90% of successful Windows breaches occur due to users having privileged access. To avoid being included in this year’s report, it’s important to take a major step in cybersecurity planning by removing local Admin rights from end-users. However, this can be challenging as it may result in end-users becoming frustrated when they need to request updates.

CyberFOX Vice President, Jason Samples, provides a solution called “The Best of Both Worlds”, which aims to increase security while reducing end-user frustration. Learn more about this solution and how it can help you protect your organization from cyber threats.