Threat Detection and Incident Response Summit

We're all unfortunately aware of Ransomware groups using Exchange vulnerabilities to gain a foothold into organizations, but I bet you can't guess what other software they've been targeting lately! Come hear about recent Ransomware detection stories discovered by SentinelOne's threat-hunting team, Watchtower.

• Learn about a recent trend of abuse targeting another popular back office software.
• Understand how to prevent, detect, and respond to these threats.

In today's complex and ever-changing cybersecurity landscape, effective collaboration between threat intelligence and incident response teams is paramount. This session explores the symbiotic relationship between these two critical functions, delving into the challenges posed by emerging threats and providing insights into how SOC teams can strengthen their defenses against bad actors. Through real-world examples and best practices, attendees will gain practical strategies for integrating threat intelligence into incident response processes, leveraging automation and AI, and preparing for future trends in cybersecurity.

Key Takeaways:

• Understand the role of threat intelligence in enhancing incident response capabilities.
• Learn strategies for effective collaboration between threat intelligence and incident response teams.
• Explore emerging technologies and trends shaping the future of cybersecurity defense.

Please visit our sponsors in the Exhibit Hall and explore the resources in their booths. They're standing by to answer your questions now.

It’s no secret that the threat landscape has continued to evolve and successful attackers are no longer hacking in, but logging in. As Zero Trust becomes the new security paradigm, what does this really mean in a digital landscape where it feels like you can’t trust anyone or anything anymore? When considering the role that identity plays within Zero Trust, it’s helpful to think of verifying Identity as a continuous process rather than a discrete event. A robust identity platform needs to provide the means to not only manage identity, verify users at every stage, but also continuously evaluate the validity of that users session.

Join us to hear more about:

• Why Zero Trust is more than a buzzword with a look at the global trends from our annual Zero Trust report
• What the three stages of Identity verification are, the potential threats at each stage, and how to stop them.
• How to safeguard your ecosystem with continuous risk assessment with Identity-centric threat detection and response

In today's ever-evolving cyber landscape, incident response and network protection are paramount for organizations of all sizes. This session delves into the strategies and tactics essential for safeguarding networks from vulnerabilities and efficiently mitigating threats. From identifying potential weaknesses to implementing robust incident response plans, attendees will gain insights into practices proven effective, and practical approaches to fortify their organization's defenses. Join us to explore real-life use cases from the frontline of cyber defense and learn how to arm yourself with the knowledge needed to defend against emerging threats.

Key points to be covered:

• Proactive approaches to identifying and addressing network vulnerabilities
• Effective incident response strategies to contain and mitigate cyber threats
• Collaboration techniques to enhance incident response efforts and strengthen network resilience
• Real-life use case from a global, frontline incident response team

The cloud brings unprecedented opportunities - but also some challenges. Automation is essential or we won’t survive, and we need to completely change the way our organizations think about DFIR.

Please visit our sponsors in the Exhibit Hall and explore the resources in their booths. They're standing by to answer your questions now.

Today’s businesses are faced with an exponentially growing number of files that need to be effectively analyzed without slowing down operations. SOC teams must constantly worry about malicious files flowing into and around their network, be it from email, web downloads, cloud services, mobile devices, supply chain, or other sources. Not only does the sheer volume of files pose a challenge for analysts, but so does the increasing size and complexity of files. Adversaries have become adept at developing sophisticated malware hidden inside complex file structures to circumvent detection by traditional security tools, including endpoint security, email protection, and sandbox environments, which are limited in their depth and speed of analysis, as well as their inability to analyze large file sizes and certain file types. Learn how ReversingLabs’ high-speed binary analysis overcomes these challenges:

• Inspect thousands to hundreds of thousands of files per day in real-time
• Analyze large file sizes up to 100GB
• Identify advanced malware missed by other tools
• Reduce dependency on sandboxes

Credentials, made up of passwords and usernames, serve as the keys to our online existence. According to Lastpass, professionals manage up to 200 sets of credentials on average, emphasizing the need for strong, unique passwords that are regularly updated. When credentials are compromised, cyber attackers gain frictionless entry into sensitive systems and can often move laterally to find your crown jewels. Attend this webinar to understand:

• Execution methods behind compromised credential attacks
• What the bad actors do with stolen identities
• Preventative best practices to implement today

The Open Source Security Foundation (OpenSSF) has introduced the OpenSSF Siren, a community data-sharing initiative aimed at bolstering the defenses of open source projects worldwide. In this fireside chat, OpenSSF Ecosystem Strategist Bennett Pursell discusses the origins and goals of OpenSSF Siren, exploring transparent access to data that can help small- and medium-sized businesses during active incidents. Pursell also shares insights on the value of threat intelligence, the shelf life of IOC (indicators of compromise) and how businesses with limited resources can mitigate exposure to risk.

In this demonstration, SentinelOne showcases how to fortify your environment against evolving threats using the Singularity™ Platform. Watch to see the critical importance of having visibility across endpoints, cloud, data, and identities for understanding and responding to these threats. During the demonstration, SentinelOne covers:

• The impact of modern threats on traditional security measures
• The significance of visibility across various aspects of an organization's IT infrastructure
• How the SentinelOne Singularity™ Platform can protect your business from ransomware and other advanced threats.

Okta FastPass: Zero Trust Authentication For Phishing Resistant, Passwordless Access Sr. Technical Marketing Manager, Harish Chakravarthy demonstrates how Okta FastPass offers phishing resistance to advanced phishing attacks such as adversary-in-the middle.

Cado Security is the first investigation & response automation platform focused on revolutionizing IR for the hybrid world. Cado reduces response times & empowers security teams to add critical context to everyday security investigations.

Import, develop, test, and deploy YARA rules at scale. Perform enterprise-wide YARA scanning with custom rule matching and targeted retro-hunts against thousands of object characteristics from any file or email source.

Lacework was founded on the principle that security is a data problem, so we built our platform to ingest various cloud data sources from AWS, Azure, and GCP activity in a visual way. Lacework Polygraph automates detections at scale and enables organizations to reduce complexity and focus valuable resources more effectively by alerting only on the events that matter.

Okta FastPass: Zero Trust Authentication For Phishing Resistant, Passwordless Access Sr. Technical Marketing Manager, Harish Chakravarthy demonstrates how Okta FastPass offers phishing resistance to advanced phishing attacks such as adversary-in-the middle.

In this demonstration, SentinelOne showcases how to fortify your environment against evolving threats using the Singularity™ Platform. Watch to see the critical importance of having visibility across endpoints, cloud, data, and identities for understanding and responding to these threats. During the demonstration, SentinelOne covers:

• The impact of modern threats on traditional security measures
• The significance of visibility across various aspects of an organization's IT infrastructure
• How the SentinelOne Singularity™ Platform can protect your business from ransomware and other advanced threats.

Cado Security is the first investigation & response automation platform focused on revolutionizing IR for the hybrid world. Cado reduces response times & empowers security teams to add critical context to everyday security investigations.

Lacework was founded on the principle that security is a data problem, so we built our platform to ingest various cloud data sources from AWS, Azure, and GCP activity in a visual way. Lacework Polygraph automates detections at scale and enables organizations to reduce complexity and focus valuable resources more effectively by alerting only on the events that matter.

Import, develop, test, and deploy YARA rules at scale. Perform enterprise-wide YARA scanning with custom rule matching and targeted retro-hunts against thousands of object characteristics from any file or email source.