Attack Surface Management Summit

Attack Surface Management Summit

As security teams look to foundational strategies to protect corporate assets, the reduction of attack surface throughout the organization takes center stage.

In this focused summit, SecurityWeek brings together expert defenders to share best practices around reducing attack surfaces in modern computing.

This virtual event will pick apart the various components of the attack surface management strategy, the push to mandate continuous asset visibility and inventory tools, and the use of red-teaming, bug bounties and pen-tests in modern security programs.

Register for Virtual Events

2023 Presenting Sponsor

Bishop Fox

Gold SponsorsNoetic Cyber

Cyberpion

SynerComm

February 22, 2023

February 22, 2023 11:00 am

What Our 2022 Data Reveals About the Most Pressing Exposures on Your Attack Surface

Wes Hutcherson
Bishop Fox, Director of Product Strategy and Market Insights

Join offensive security experts from Bishop Fox as they share insights gleaned from an analysis of twelve months of findings captured in Cosmos, their award-winning attack surface management platform. Discover which exposures are plaguing modern attack surfaces and which ones pose the greatest risk based on true business impact. We’ll explore:

  •  Types, severity, and the nature of prevalent exposures, broken down by attack surface footprint and industry considerations 
  • What post-exploitation reveals about the real-world business impact of these exposures 
  • Commonly ignored exposures that can lead to complex, high-risk attacks 
  • Recommendations for proactive identification and remediation 

Our offensive security roots run deep with two decades of experience. We invite you to leverage the attack surface knowledge captured from thousands of testing engagements to go on the offense and proactively improve your security posture.

February 22, 2023 11:45 am

You Can’t Protect What You Can’t See: Asset Intelligence as the Core of an Effective Attack Surface Management Strategy

Allen Rogers
Noetic Cyber, Co-Founder & CPO

Decreasing visibility, growing attack surfaces, and limited resources have combined to create the perfect storm for security teams trying to protect against attackers. Organizations today can have millions of different assets, not just traditional compute devices but also networks, containers, mobile devices, code repositories, personal data, and people scattered across their organization. And despite dozens of security and risk tools, security teams still face crippling challenges when it comes to protecting the unknown.  

In this session, Noetic’s co-founder and Chief Product Officer Allen Rogers will showcase why asset visibility and intelligence should be at the core of an effective Attack Surface Management strategy. You will walk away with:

  • 5 core capabilities of an effective attack surface management strategy
  • The value not only of asset visibility, but also the importance of relationships between those assets to get a full 360-degree view of your security and IT estate
  • How Cyber Asset Attack Surface Management (CAASM) platforms like Noetic can offer you unparalleled asset visibility, real-time insights and continuous security posture improvement to reduce your attack surface 

February 22, 2023 12:15 pm

BREAK

Please visit our sponsors in the Exhibit Hall. They're standing by now to answer your questions.

February 22, 2023 12:30 pm

Attack Surface Management: Why you should be going further to discover exploitable risks

Marc Gaffan
Cyberpion, CEO

SaaS, cloud service, and the reliance on vendors have made organization’s attack surfaces more complex and difficult to manage. But the risk doesn’t stop there. Attackers will exploit any exposure; across your assets and digital supply chains. Beating attackers to these exposed risks requires a systematic approach.

Cyberpion is the attack surface management solution that uses patented Connection Intelligence to provide laser focus into exploitable risks across your entire attack surface – and its digital supply chain. With machine learning-powered discovery engine, contextual risk assessment and prioritization, and end-to-end remediation workflow Cyberpion helps our customers rapidly address exploitable risks and improve their overall security posture.

February 22, 2023 01:00 pm

Why All Roads Lead Back to the Cloud – and Why It’s So Easily Compromised

Nate Robb
Bishop Fox, Cosmos Operator

79% of companies have experienced at least one cloud data breach in the last 18 months, often due to unknown vulnerabilities.  As cloud infrastructure grows, so do vulnerabilities and misconfigurations. While many organizations spend a lot of time fixing issues they can easily identify with tools, those tools have limitations and don't operate the way a real-world attacker does.  Luckily, an offensive security approach can help surface high-value attack paths so you can proactively identify, understand, and mitigate the most impactful vulnerabilities lurking in your cloud environment.  Join the Adversarial Operators from Bishop Fox as they share real-world examples and explore: 

  •  How hackers gain access to cloud environments (even when they aren’t targeting them) 
  • Methodologies for exploiting vulnerabilities and escalating privileges 
  • Insights gained from compromising additional services and uncovering pathways to sensitive information
  • Recommendations for reducing risk in your cloud environment 

Come see how our team's findings can sharpen your cloud security strategy!

February 22, 2023 01:30 pm

Leadership Panel: Mitigating Risk While Attack Surfaces Expand

Ryan Naraine
SecurityWeek, Editor-at-Large

Vinnie Liu
Bishop Fox, CEO

Matthew Honea
Chief Information Security Officer

Jason Shockey
Cenlar FSB, Chief Information Security Officer

February 22, 2023 02:15 pm

BREAK

Please visit our sponsors in the Exhibit Hall.

February 22, 2023 02:30 pm

Fireside Chat: Jason Chan, Former Netflix Security Chief

Jason Chan
Former Netflix Security Chief

Ryan Naraine
SecurityWeek, Editor-at-Large

Join us for a fireside chat with Jason Chan, former head of information security at Netflix and operating advisor, Bessemer Venture Partners. Jason joins SecurityWeek editor-at-large Ryan Naraine for a frank discussion on the state of vulnerability management and software development, multi-cloud deployments and expanding attack surfaces, the cyber startup vendor ecosystem, Microsoft's booming cybersecurity business, and some areas still ripe for innovation.

ON-DEMAND: Bishop Fox Demo

Bishop Fox Demo

ON-DEMAND: Noetic Cyber Demo

Watch a 15 minute overview of Noetic Cyber's Cyber Asset Attack Surface Management (CAASM) platform from Andrew Wadsworth, Sr. Security Sales Engineer from Noetic Cyber.

February 22, 2023 03:30 pm

Networking & Virtual Expo

Enterprise network defenders are adopting Attack Surface Management (ASM) tools to continuously discover, inventory, classify, prioritize, and monitor digital assets for signs of weaknesses.

Join this event to hear from a wide range of prominent CISOs, cloud software engineers, network architects, and security response engineers sharing best practices, defense frameworks and actionable data and to reduce risk from exposed
attack surfaces.

With fast pace of digital transformation, security teams are turning to continuous Attack Surface Management to bolster a holistic risk management program.

Topics Include:

  • What is attack surface sprawl?
  • Securing work-from-home cloud deployments at scale
  • What are the foundational blocks of a good attack surface management strategy?
  • Continuous monitoring of known digital assets
  • What approaches can I use to continuously discover, inventory, classify, prioritize, and monitor digital assets for signs of weaknesses.
  • Ransomware resilience and recovery
  • The evolution of the pen-test and bug bounty
    approaches
  • Third-party/vendor risk management
  • Threat intelligence and the value of offensive security programs
  • Automating vulnerability and patch management at scale
Event Details
  • Start Date
    February 22, 2023 3:09 pm

  • End Date
    February 22, 2023 3:09 pm