Threat Detection and Incident Response Summit

Threat Detection & Incident Response Summit

May 22, 2024 – Register

Register for Virtual Events

In an era where “assume breach” is the status quo, organizations are working on the maturity of threat detection and incident response programs to mitigate the barrage of incoming malware and ransomware attacks.

This event delves into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit brings together security practitioners from around the world to share war stories on breaches and the murky world of high-end cyberattacks.

Sponsorship Information

2024 Diamond Sponsor

NetWitness

Platinum Sponsors

Okta

Gold Sponsors

 

Cado Security

Lacework

time iconMay 22, 2024 11:00

Ransomware's Favorite Back Office Products

We're all unfortunately aware of Ransomware groups using Exchange vulnerabilities to gain a foothold into organizations, but I bet you can't guess what other software they've been targeting lately! Come hear about recent Ransomware detection stories discovered by SentinelOne's threat-hunting team, Watchtower.

  • Learn about a recent trend of abuse targeting another popular back office software.
  • Understand how to prevent, detect, and respond to these threats.
speaker headshot

Jake Mowrer
SentinelOne, Office of the Field CISO - Security Specialist

time iconMay 22, 2024 11:30

Fortifying Cyber Defense: The Synergy of Threat Intel & Incident Response

In today's complex and ever-changing cybersecurity landscape, effective collaboration between threat intelligence and incident response teams is paramount. This session explores the symbiotic relationship between these two critical functions, delving into the challenges posed by emerging threats and providing insights into how SOC teams can strengthen their defenses against bad actors. Through real-world examples and best practices, attendees will gain practical strategies for integrating threat intelligence into incident response processes, leveraging automation and AI, and preparing for future trends in cybersecurity.

Key Takeaways:

  • Understand the role of threat intelligence in enhancing incident response capabilities.
  • Learn strategies for effective collaboration between threat intelligence and incident response teams.
  • Explore emerging technologies and trends shaping the future of cybersecurity defense.
time iconMay 22, 2024 12:15

BREAK

Please visit our sponsors in the Exhibit Hall and explore the resources in their booths. They're standing by to answer your questions now.

time iconMay 22, 2024 12:30

Establishing Trust in a Zero Trust world is a Continuous Process

It’s no secret that the threat landscape has continued to evolve and successful attackers are no longer hacking in, but logging in. As Zero Trust becomes the new security paradigm, what does this really mean in a digital landscape where it feels like you can’t trust anyone or anything anymore? When considering the role that identity plays within Zero Trust, it’s helpful to think of verifying Identity as a continuous process rather than a discrete event. A robust identity platform needs to provide the means to not only manage identity, verify users at every stage, but also continuously evaluate the validity of that users session.

Join us to hear more about:

  • Why Zero Trust is more than a buzzword with a look at the global trends from our annual Zero Trust report
  • What the three stages of Identity verification are, the potential threats at each stage, and how to stop them.
  • How to safeguard your ecosystem with continuous risk assessment with Identity-centric threat detection and response
speaker headshot

Eila Shargh
Okta, Director, Solutions Product Marketing-Workforce

time iconMay 22, 2024 13:00

Building Your Ransomware Preparedness Plan

In today's ever-evolving cyber landscape, incident response and network protection are paramount for organizations of all sizes. This session delves into the strategies and tactics essential for safeguarding networks from vulnerabilities and efficiently mitigating threats. From identifying potential weaknesses to implementing robust incident response plans, attendees will gain insights into practices proven effective, and practical approaches to fortify their organization's defenses. Join us to explore real-life use cases from the frontline of cyber defense and learn how to arm yourself with the knowledge needed to defend against emerging threats.

Key points to be covered:

  • Proactive approaches to identifying and addressing network vulnerabilities
  • Effective incident response strategies to contain and mitigate cyber threats
  • Collaboration techniques to enhance incident response efforts and strengthen network resilience
  • Real-life use case from a global, frontline incident response team
speaker headshot

James Sobel
NetWitness, Global Pre-Sales Lead, Incident Response

speaker headshot

Marco Faggian
NetWitness, Principal Consultant

time iconMay 22, 2024 13:30

Bringing IR Into the Cloud Age

The cloud brings unprecedented opportunities - but also some challenges Automation is essential or we won’t survive Need to completely change the way our organizations think about DFIR.

speaker headshot

Paul Stamp
Cado, VP of Products

time iconMay 22, 2024 13:50

BREAK

Please visit our sponsors in the Exhibit Hall and explore the resources in their booths. They're standing by to answer your questions now.

time iconMay 22, 2024 14:05

AI-Driven Binary Analysis: Next Generation Malware Detection at Speed & Scale

Today’s businesses are faced with an exponentially growing number of files that need to be effectively analyzed without slowing down operations. SOC teams must constantly worry about malicious files flowing into and around their network, be it from email, web downloads, cloud services, mobile devices, supply chain, or other sources. Not only does the sheer volume of files pose a challenge for analysts, but so does the increasing size and complexity of files. Adversaries have become adept at developing sophisticated malware hidden inside complex file structures to circumvent detection by traditional security tools, including endpoint security, email protection, and sandbox environments, which are limited in their depth and speed of analysis, as well as their inability to analyze large file sizes and certain file types. Learn how ReversingLabs’ high-speed binary analysis overcomes these challenges:

  • Inspect thousands to hundreds of thousands of files per day in real-time
  • Analyze large file sizes up to 100GB
  • Identify advanced malware missed by other tools
  • Reduce dependency on sandboxes
speaker headshot

Jason Valenti
ReversingLabs, Director of Product Management - Malware Analysis and Threat Hunting

time iconMay 22, 2024 14:35

Compromised Credentials in 2024: What to Know About the World’s #1 Attack Vector

TBD

speaker headshot

Tim Chase
Lacework, Field CISO

speaker headshot

James Condon
Lacework

Solutions Theater (On-demand)

time icon

[On-Demand] Okta FastPass: Zero Trust Authentication for Phishing Resistant, Passwordless Access

Okta FastPass: Zero Trust Authentication For Phishing Resistant, Passwordless Access Sr. Technical Marketing Manager, Harish Chakravarthy demonstrates how Okta FastPass offers phishing resistance to advanced phishing attacks such as adversary-in-the middle.

time icon

[On-Demand] SentinelOne Demo: Enhancing Cybersecurity with the AI-Powered Singularity Platform

Modern threats don't respect the boundaries of traditional security - they move laterally as quickly as possible, finding the path of least resistance to gain credentials and access to data or infrastructure. For the analyst; visibility across endpoint, cloud, data, and identities is critical to understanding posture and rapidly responding to attacks. Learn about our vision and how the Singularity Platform can protect your business from threats like ransomware during this live demonstration.

time icon

[On-Demand] Cado Security Demo

Cado Security is the first investigation & response automation platform focused on revolutionizing IR for the hybrid world. Cado reduces response times & empowers security teams to add critical context to everyday security investigations.

time icon

[On-Demand] Lacework Demo: Polygraph Data Platform

Lacework was founded on the principle that security is a data problem, so we built our platform to ingest various cloud data sources from AWS, Azure, and GCP activity in a visual way. Lacework Polygraph automates detections at scale and enables organizations to reduce complexity and focus valuable resources more effectively by alerting only on the events that matter.

time icon

[On-Demand] ReversingLabs Demo: Advanced Hunting with YARA at Scale

Import, develop, test, and deploy YARA rules at scale. Perform enterprise-wide YARA scanning with custom rule matching and targeted retro-hunts against thousands of object characteristics from any file or email source.

SecurityWeek's Threat Detection and Incident Response (TDIR) Summit will dive into Threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

This must-attend forum is designed to delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Expect robust debate on the use of AI/LLMs in incident response tooling, the cost (and) curse of the “log-everything” movement, the value of threat intelligence, and the blending of sophisticated APTs with cybercrime activities.

Key topics to be addressed:

  • The extension of Endpoint Detection and Response (EDR) systems beyond traditional parameters, advancing into the network layers to provide more robust defense mechanisms.
  • Detailed examination of various threat hunting tools and frameworks, including a look at the latest technologies and methodologies being used in modern security programs.
  • The critical role of threat intelligence data and trends around monetization of feeds and government-controlled data release.
  • Best practices in logging and monitoring to spot malware infections and sharing of IOCs (indicators of compromise) artifacts to secure the ecosystem.

In this keynote at SecurityWeek's 2021 Threat Intelligence Summit, John Lambert, GM of the Microsoft Threat Intelligence Center, discusses how it’s more important than ever for defenders and organizations to come together and better share information that can help the entire ecosystem protect against emerging threats. Lambert shares specific examples of how community resources such as GitHub, MITRE’s ATT&CK Framework, Sigma rules, CodeQL queries and Jupyter notebooks have all been used in recent months to “open-source” security to better defend against sophisticated threats such as NOBELIUM and others.

Register Now

Event Details