CISO Forum

SecurityWeek CISO Forum

2021 SecurityWeek CISO Forum, Presented by Cisco

September 14-15, 2021 

Virtual Event – Login Now

Presenting Sponsor

SecurityWeek CISO Forum, Presented by Cisco

Designed for senior level security leaders to discuss, share and learn innovative information security and risk management strategies, Securityweek’s CISO Forum, Presented by Cisco,  will take place in 2021 as a virtual event. The forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise. (SecurityWeek’s CISO Forum has been running since 2014 as a live event at the Ritz-Carlton, Half Moon Bay.)

Login/Register Now

2021 Diamond Sponsors

Synack

2021 Platinum Sponsors

Okta

Recorded Future

2021 Gold Sponsors

Proofpoint

Eclypsium

Synopsys

WinZip

Abnormal Security

Cymulate

ReversingLabs

SecurityScorecard

 

Silver Sponsors

VirusTotal

While the world has slowed down during the pandemic, Umbrella has been racing at full speed with the release of many new features in our Secure Internet Gateway! Learn about our latest innovation that customers are already adopting, including Remote Browser Isolation, Inline DLP, and various CASB-related features and controls for securing your data and applications. Gain insight into a day in the life of a security professional and how these latest offerings in Umbrella can solve various use-cases for securing their remote and office-based users with proven customer testimonials too.

Recent increase in attacks on virtualization environments has major implications for cloud migrations and cloud-native systems. Security in the cloud is fundamentally different from on-prem, and its inherent shared responsibility model can be challenging when we have a mix of IaaS, PaaS, and SaaS - each with different security requirements. Furthermore, multi-cloud compounds the complexity since each cloud provider has different policies. Since 2014, Synack has been helping F500 clients secure their cloud against hackers. And we’ve learned quite a bit. Join us for a session on cloud challenges faced by CISOs, best practices in penetration testing, and leveraging a trusted community of researchers to secure our cloud.

Let’s face it, we’re all tired of passwords. Memorizing passwords, using easy-to-guess passwords, and writing passwords down all lead to both a terrible end user experience, and a lack of security. That’s why Okta is excited to announce Okta FastPass – the first truly passwordless login experience across all devices. Okta FastPass finally helps us to do what we’ve always wanted to do with passwords—not use them.

Given the spate of software supply chain attacks, organizations need to do more to secure their code repository and control what code commits make it into their production branch. The notorious SolarWinds attack has helped highlight some of the broader and pervasive software supply chain vulnerabilities that impact most organizations today. Complex, shared code bases combined with organization productivity targets have gradually eroded trust and trustworthiness of our software development lifecycle. It’s crucial to verify the identity of the software developer committing code changes and prevent unauthorized users from injecting malicious code. To do so proactively or automatically, a Zero Trust philosophy can be applied to code signing to ensure code has not been compromised, among other techniques. Join our conversation where we will learn how code provenance and identity have become fundamental requirements; explore ways to track and record code changes; and implement code signing at the organizational level, without causing friction for developers.

Simply collecting data from a variety of sources isn't sufficient to enhance an organization's overall security posture. Rather, intelligence applied appropriately is iterative, starting with hypotheses, processing collected data, drawing conclusions, and then disseminating that data to tactical tools and teams. Accurately viewing the outside world through this lens and process allows for organizations to be more adept at either preempting threats or ultimately detecting and responding to threats.

In this demo, you’ll get a chance to see WinZip Enterprise in action, and how it provides the following benefits:

• Simple, easy security at file point through WinZip Apps.
• Policy enforcement for corporate deployments, including sharing, backup, and single pane of glass for multi-STaaS.
• Windows Information Protection and FIPS 140-2 validated encryption.
• A “break the glass” approach for encrypted files at rest and in transit.
• One-click file encryption.
• Email attachment encryption.

You may be confident in your own email security infrastructure, but the truth is that your security is only as good as the security of those you work with. Attackers know this and they have pivoted their strategy to focus on exploiting the trusted relationships between organizations, vendors, and partners to launch supply chain attacks including payment and invoice fraud. In many cases, they do so by compromising a vendor account and launching attacks from that email address—a type of attack that is notoriously difficult to detect.

ReversingLabs assists companies in mitigating software supply chain attacks with our Managed Software Assurance Service. Watch this demo to understand our approach for detecting the next supply chain attack by analyzing binaries without requiring source code. We will walk-through an interactive sample report to see how you can:

Identify supply chain attacks and software tampering that have not been easy to spot before now
Verify that your software release behaves as you intend Audit and verify components of a software bill of materials Simplify prioritization based on severity, exploit prevalence and level of remediation effort

Code Dx enables you to implement DevSecOps in your organization by automating application security processes throughout the entire SDLC. Our platform automatically determines the appropriate tests to execute at scale (SAST, DAST, SCA, etc.). It then automatically prioritizes your most exploitable vulnerabilities by correlating thousands of results from multiple AppSec tools. As a result, you get a complete picture of risk visibility for your organization’s entire software portfolio from one centralized hub.

Code Dx offers:

- Test execution
- Automated prioritization
- Risk visibility

Click to Login

Event Details