<img src="http://www.shrfbdg004.com/63997.png" style="display:none;">

Cybersecurity Breakout Sessions

 You've Been Hacked:
Now What


Sex, Lies, & Mobile Devices:
The Seedy Underworld of
Mobile Security


Think Like a Hacker:
Why the Breach of Yesterday is that
of Today & Tomorrow

Dan Didier, GreyCastle Security


Reg Harnish, GreyCastle Security


Michelangelo Sidagni, NopSec

This session will present an in-depth look at several recent databreach victims and how their incident response processes led to effective business resumption or epic failure. Attendees will learn best practices for responding to incidents, from law enforcement, forensics, and legal considerations to compliance and public relations. The presentation will also cover the standards and compliance regulations - from NIST and US-CERT to HIPAA and the NYS Information Security Breach and Notification Act - that should be considered when developing Incident Response policies and procedures. Attendees will take away actionable information for implementing an effective Incident Response program.


Oct. 17  |  12:00 PM


 The smartphone in your pocket has transformed, quite literally, every facet of your life. From commerce and communications to entertainment and awareness, mobile devices have become our most prized possessions, almost overnight. But along with these amazing advances in technology have come very serious security and privacy risks, many of which go unnoticed, unmanaged or even unknown. The device in your pocket has become the Big Brother we always feared, and the worst part is this - you agreed to it. Join GreyCastle Security as we demystify the security and privacy risks of your smartphone and provide practical tips for dealing with this new phenomena.


Oct. 17  |  1:15 PM


A major data breach hits the headlines almost daily, and no organization gets a free pass. Enormous complexity, combined with non-integrated tools, and lack of organizational mind-sharing all contribute to breaches. Security teams are challenged with understanding how well their defenses are performing, and where their true risks are when they have a portfolio of point products, all with unique management systems, configuration, and logs. In this presentation, we’ll “think like a hacker” and share tips to anticipate the behaviors that are used to compromise the weakest parts of the network. After all, if hackers are challenging your security defenses every day, then shouldn’t you be doing the same?


Oct. 17  |  2:30 PM
type-breakout-icon-strategy.svg levels-200.svg takeaway-guide.svg    type-breakout-icon-strategy.svg  levels-200.svg  takeaway-guide.svg    type-breakout-icon-strategy.svg  levels-200.svg takeaway-tool.svg 

An In-depth Look at PKI & 
How it Can Improve your 
Security Posture



Cyber Threat Landscape
& Forensics


Using "Defense & Depth" to Secure Your Network

Mike Hurley, Annese


Jason Forcht, FireEye


 Paul Centanni, Annese

Many people have heard of Public Key Infrastructure (PKI) but do not understand how it works, and can therefore be intimidated by it. In this session, we’ll explain how PKI works and look at the differences between a public and private Certificate Authority (CA), as well as how SSL decryption functions. We’ll also discuss the variety of ways certificates can be used, including secure website transmission (like e-commerce), site-to-site VPNs, secure network access, and secure email, among others. You'll walk away with a series of tips you can apply to enhance your security posture. 

Oct. 18  |  2:00 PM


In this presentation, we will explore today's threat landscape and provide an introduction to SOC operations with FireEye Helix. Attendees will have visibility into our Network Forensics Lab with FireEye Endpoint to see first-hand how an attacker exploits the endpoint and moves around a network.

Oct. 18  |  2:00 PM


 In this session, we will discuss what a Defense-in-Depth approach to security really looks like and explore point products that can be installed throughout the network (including Firewall, IPS, Content Filter, Spam Filter, AV, and AD Privileges, among others). We will highlight some Common Vulnerabilities and Exposures (CVEs) and provide context and specificity around real-world threat examples. You will walk away with actionable steps to apply a defense-in-depth approach across your organization.


Oct. 17  |  3:45 PM
 type-breakout-icon-discussion.svg levels-300.svg  takeaway-paper.svg   type-breakout-icon-demo.svg  levels-100.svg   takeaway-paper.svg   type-breakout-icon-discussion.svg  levels-200.svg  takeaway-guide.svg 



Web App Attacks  – Protecting Against the Number One Source of Cyber Attacks


Artificial Intelligence – Real Threat Prevention



Paul Fletcher, Alert Logic


Paul Ritter, Cylance


In this session, we'll provide a global perspective of the current state of web application vulnerabilities, and you'll gain a better understanding of how web apps become vulnerable, and how reconnaissance is used by attackers to discover and pinpoint systems to compromise.  We'll discuss attack methodologies and how vulnerable web apps can be leveraged for attackers to gain privileged access, then we'll provide our remediation strategies to help you protect your web apps from being attacked.

Oct. 18  |  11:30 AM


The cyber security industry is now over 30 years old. And just like people, with each passing decade, we realize that what worked for us in our 20s, simply won’t work for us now or going forward. Bad guys have the advantage with more resources and time to outwit the various detection schemes of security vendors. We as an industry must evolve from this outlived model to a new and ever-evolving technique; one that abandons signatures and blind trust; one that relies on a mathematical, algorithmic, and scientific approach to better effectiveness and measurable accuracy. During this presentation, Cylance will demonstrate how they leverage artificial intelligence and machine learning techniques to predict and block the execution of zero-day malware, ransomware, and other advanced threats with speed and accuracy not available from any other next-generation endpoint security solution.

Oct. 18  |  10:15 AM


 type-breakout-icon-discussion.svg levels-200.svg  takeaway-tool.svg   type-breakout-icon-demo.svg  levels-100.svg  takeaway-guide.svg