IANS facilitates and connects clients-to-experts and experts-to-experts. Our Faculty of industry experts provides the breadth and depth of information to guide you on your information security journey. Through a regional delivery model, our events gather
all members of the security function.
Two-day events with keynotes, breakout sessions, technology spotlight sessions, and networking breaks.
One-day roundtables designed exclusively for CISOs and senior level InfoSec executives to learn and share insights in a confidential setting.
Half-day, deep-dive explorations of technical and operational information security topics, free of vendor presence.
Hour-long interactive discussions examining hot topics in information security.
IANS has run multiple workshops on threat hunting, purple teaming and tool selection, but MITRE ATT&CK has opened up a new range of possibilities for how to approach these areas.
Dave is the Founder and Owner of TrustedSec, an information security consulting firm, and Binary Defense, a Managed Security Service Provider (MSSP) that detects attackers early to prevent large-scale invasions. In addition to creating several widely popular open-source tools, including 'The Social-Engineer Toolkit' (SET), PenTesters Framework (PTF), and Artillery. David has also released security advisories, including zero-days, with a focus on security research.
Prior to his work in the private sector, Dave served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. He also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.
In an environment where everyone is working remotely, how might mainframe access and management change? IANS Faculty member Philip Young explores what has changed already and how to adapt for the future.
Philip is senior vice president of an offensive security research
group at a multinational, Fortune 500 financial services company. He is a
leading expert and thought leader in mainframe cyber security with a
special focus on the z/OS platform. Philip
has built mainframe security programs for multiple Fortune 100
organizations using both vendor and public toolsets. Philip also
develops information security coursework to educate the next generation
of practitioners, raises awareness about mainframe
security, and encourages more organizations to effectively
prioritize their risk profiles.
With a ratio of 100/10/1 for Development, Operations, and Security, security now needs to concentrate on creating tools, processes and opportunities for dev and ops that result in more-secure products, instead of trying to do it all themselves like they did in days past.
Tanya Janca, also known as ‘SheHacksPurple’, is the founder of We Hack Purple, a tech startup specializing in security training for IT professionals. Tanya has been coding since she was a teen, has worked in IT for over twenty years, has won numerous awards, and has done everything from starting her own company several times and being a public servant, to working for tech giants such as Microsoft, Adobe, and Nokia. She has been a pentester, CISO, CEO, AppSec Engineer, Sys and Network Admin, but mostly a software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless projects and achievements.
This roundtable at the Minneapolis Virtual Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.
This one-day event is designed for security practitioners to gain actionable technical solutions and leadership insights focused on current and emerging challenges. Engage virtually with IANS Faculty members and network with peers who are tackling similar challenges.
George is Chief Security Officer at Sumo Logic, a secure, cloud-native, machine data analytics service provider. George has extensive experience in board and executive communications serving as a Board Member for ANTIVIUM, Inc., a cloud monitoring and analytic startup, and VENZA, a data protection company. Likewise, George is an Adjunct Faculty member at University of Denver and Cloud Academy, in addition to a Participant in the US Technical Advisory Group: Privacy by Design, which aims to define an international standard for consumer protection as part of ISO Project Committee 317.
Chris is the Co-Founder and CEO of LARES Consulting, an information
security consulting firm that leverages a blend of assessment, testing,
and coaching. He also serves on the Board of Directors at CREST, an
international not-for-profit accreditation
and certification body that represents and supports the technical
information security market.
Mike is the President of Securosis, an information security research and advisory firm, as well as Co-Founder and President of DisruptOps, a cloud detection and response company. His breadth of experience in the information security space and bold perspectives are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape. Mike started practicing and advising on security topics over 25 years ago, and he’s been trying to get out of the business ever since…to no avail.
Aaron Turner is the President & Chief Security Officer of HighSide, a distributed identity and secure collaboration technology company. He is also President and CEO of Integricell, an information security consulting firm which focuses on helping customers better manage the risks associated with global-scale business. Aaron also serves on the RSA Program Committee, helping select the educational content presented at the yearly RSA Conference.
Small teams are stuck at the ground level for cloud security and need to mature. Large teams keep making rookie mistakes when designing cloud architecture, managing apps and configuring systems.
Rich is the CEO and an Analyst for Securosis, an information security
research and advisory firm, in addition to Founder and Vice President
of Product at DisruptOPS, a cloud environment monitoring platform. Prior
to founding Securosis, he was Research
Vice President for Gartner’s security team where he also served as
Research Co-Chair for the Gartner Security Summit. Additionally,Rich has
served as an independent consultant, web application developer,
software development manager, and a systems
and network administrator.
Recent attacks against Zoom and other collaboration tools illustrated the failure of developers to threat model their software as they built it. Remote collaboration is here to stay, and those behind the tools must put threat modeling front and center. In this webinar, IANS Faculty member Adam Shostack offers step-by-step guidance for getting there.
Adam is a leading expert on threat modeling, and a consultant, entrepreneur, technologist, author and game designer. He currently helps organizations improve their security via his independent information security solutions firm, Shostack & Associates, focused on delivering high-impact training and consulting in threat modeling, secure development, and DevSecOps. He also serves as a MACH37™ Stars Network Mentor and an advisor to many startups including NTrepid, Continuum, and Judo Security. Previously, he worked at Microsoft where he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and creator of the "Elevation of Privilege" game.
This roundtable at the Chicago/Columbus Virtual Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.
Dave is the Founder and Principal Consultant with Voodoo Security, an
information security consulting firm with broad expertise. He is also a
Senior Instructor, Analyst, and Course Author for the SANS Institute and
a VMware vExpert with extensive experience designing and configuring
secure virtualized infrastructures. In addition, Dave has served as
Co-Chair of the Cloud Security Alliance (CSA) Top Threats Working Group
and founded the CSA Atlanta Chapter. Dave has consulted with hundreds of
organizations in the areas of security, regulatory compliance, network
architecture, and engineering. He has also worked as a security
architect, analyst, and manager for several Fortune 500 companies.
Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 20,000 cybersecurity professionals. He is a SANS Faculty Fellow and Instructor. His courses distill the essence of real-world, front-line case studies he accumulates because he is consistently one of the first experts brought in to provide after-attack analysis on major breaches where credit card and other sensitive financial data is lost.
Ed led the team that built NetWars, the low-cost, widely used cyber training and skills assessment ranges relied upon by military units and corporations with major assets at risk. His team also built CyberCity, the fully authentic urban cyber warfare simulator that was featured on the front page of the Washington Post. He was also the expert called in by the White House to test the security viability of the Trusted Internet Connection (TIC) that now protects US Government networks and lead the team that first publicly demonstrated significant security flaws in virtual machine technology. He has a rare capability of translating advanced technical knowledge into easy-to-master guidance as the popularity of his step-by-step Counter Hack books testifies. Ed earned an M.S. in Information Networking from Carnegie Mellon University, and his B.S. in Electrical Engineering from the University of Michigan, summa cum laude.
Jake is the Founder, President, and Principal Analyst of Rendition
Infosec, an information security consultancy. He also sits on the
Vulnerability Review Board at Peerlyst, a startup social networking
platform exclusively for security professionals. Jake
is a prolific speaker and instructor on a variety of information
security topics such as reverse engineering malware, memory forensics,
threat intelligence, and advanced exploit development.
The Zero Trust vendor bandwagon is spilling over and organizations can’t keep up. They need help understanding which technologies fit into the concept and how best to configure them.
Wolf is an Advisory CISO of Duo Security, the leading provider of
unified access security and multi-factor authentication delivered
through the cloud. He has held senior management roles in IT and IT
security in the financial services and healthcare verticals.
In addition, Wolf has held senior leadership roles in consulting
firms specializing in identity and access management, governance risk
and compliance, and security programs. Wolf advises clients primarily in
risk management, incident response, business
continuity, and secure development.
This roundtable at the New York Virtual Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.
This roundtable at the Philadelphia/Washington, DC Virtual Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.
This roundtable at the Los Angeles/Seattle Virtual Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.
This roundtable at the Boston Virtual Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.
This roundtable at the Toronto Virtual Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.
This roundtable at the Atlanta Virtual Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.
This roundtable at the Charlotte/Nashville Virtual Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.
This roundtable at the Dallas/Houston Virtual Forum is designed exclusively for CISOs and senior level information security executives to learn and share insights in a confidential setting.