<p>Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.</p>

Technology Group 2

Technology Group 2-1

<p>Fortune 1000 organizations have a complex legacy of platforms, software and networks, and there&rsquo;s no single playbook to move it all to a new platform because each piece of infrastructure is so different. But there are ways to achieve success. This
    session will show you how by addressing:</p>
<div class="hung_list">
    <ul>
        <li>The proper sequence of events?</li>
        <li>Problems to expect in different industries and from different data types</li>
        <li>Regulatory considerations</li>
        <li>Tools of note</li>
        <li>How Hashicorp and the Shared Responsibility Model can help</li>
    </ul>
</div>

Achieving Cloud Migration

<p>Kevin is the Founder, CEO, and Principal Security Consultant of Secure Ideas, an information security consulting company that focuses on penetration testing services and training. He is also a founder and contributor of many open source projects including the Samurai Web Testing Framework (SamuraiWTF), a web penetration testing and training environment, and the Basic Analysis and Security Engine (BASE) project, a web front-end for Snort Analysis
</p>

Morning Roundtable How-To Sessions

<p>There are too many vendors, an over-saturated market and confusion over the security requirements that truly matter vs. the vendor fluff. In this session, you&rsquo;ll learn how cut through the confusion and address:</p><div class="hung_list"><ul><li>What the cloud provider landscape look like </li><li>When to go with a big player as opposed to smaller players </li><li>Questions you should ask internally before looking at potential providers</li><li>The right (or wrong) questions to ask prospective cloud providers</li></ul></div>

Choosing a Cloud Provider

<p>Dave is the Founder and Principal Consultant with Voodoo Security, an 
information security consulting firm with broad expertise. He is also a 
Senior Instructor, Analyst, and Course Author for the SANS Institute and
 a VMware vExpert with extensive experience designing and configuring 
secure virtualized infrastructures. In addition, Dave has served as 
Co-Chair of the Cloud Security Alliance (CSA) Top Threats Working Group 
and founded the CSA Atlanta Chapter. Dave has consulted with hundreds of
 organizations in the areas of security, regulatory compliance, network 
architecture, and engineering. He has also worked as a security 
architect, analyst, and manager for several Fortune 500 companies.
</p>

<p>Fortune 1000 problem: Companies spin up containers quickly, then set them loose with no security due diligence. It&rsquo;s a process problem as much as a technology issue. Questions to address:</p><div class="hung_list"><ul><li>How can a company create a more deliberate process to determine when containers are necessary?</li><li>What is some specific automation or orchestration tools? (Docker Swarm, Kubernates)</li><li>How does one optimize such tools as AppArmor and SELinuxbecause to prevents a misconfiguration or bug at the container daemon level?</li><li>What is Docker Notary and how can it add a layer of trust?</li><li>What are some of the more recent attacks to exploit unsecured containers?</li></ul></div>

Getting Control of Container Security

Technology Group 1

Technology Group 1-2

<p>Security Operations Centers remain rooted in the same tech, procedures and mindsets that existed before the cloud. They need to adapt to life in the cloud, and this session will explore how to get there. Issues addressed include:</p><div class="hung_list"><ul><li>How an old-world SOC differs from one in the cloud</li><li>Changes you need to make with your SOC</li><li>How to make that transition without dropping the ball in either world</li><li>Skills that need to be picked up in the new cloud-based SOC</li><li>Examples of cloud detection and response</li></ul></div>

Adapting the SOC to a Cloud Environment

<p>Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in the technology and security. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics, incident response, cyber threat intelligence, and offensive methodologies. Today, Jake is an IANS faculty member, an independent security consultant, and is performing security-focused research to benefit the broader community. He has had the honor of twice winning the DoD Cyber Crime Center (DC3) annual digital forensics challenge. You may also know Jake from one of his many conference talks, webcasts, media appearances, or his postings&nbsp;about cybersecurity.</p>

<p>Your Red Team does one thing, your Blue Team does the other, and they don&rsquo;t talk. Companies struggle to get them on the same page and achieve the true value of these exercises. What to do? This session will explore:</p><div class="hung_list"><ul><li>The most valuable KPIs to use for these activities</li><li>How to use automation testing to test the effectiveness of a response during an exercise</li><li>How to leverage balanced scorecards for direct tracking of capabilities</li></ul></div>

Bringing Red/Blue/Purple Teaming into Balance

<p>Dr. Ondrej Krehel is the Founder, CEO, and Digital Forensics Lead of LIFARS LLC, an international cybersecurity and digital forensics firm. He is also the Co-Founder and an Advisory Board Member of QuBit Conference, an events and training company dedicated to connecting the information security community. Ondrej is an accomplished speaker having lectured for FBI Training Academy and the National Executive Institute. He also serves as a member of New York Metro Infragard, as the Chapter Leader of OWASP NYC, and as a Distinguished Fellow with the Ponemon Institute.</p>

<p>The endpoint continues to grower wider and muddier as professionals access company resources from a growing array of mobile devices. This session looks at:</p><div class="hung_list"><ul><li>How VPNs are evolving</li><li>Vendors in the space and how they compare</li><li>Tools and techniques organizations can use to bolster secure remote access</li></ul></div>

Advancements in Secure Remote Access

<p>Aaron is a three-decade veteran of the cybersecurity community, having worked on projects covering every aspect of the industry, from helping build security technologies while at Microsoft to his work on offensive cyber projects for the U.S. government. He has spent the last 15 years on a series of cybersecurity startups, building technologies and developing companies to help teams solve some of the toughest cybersecurity problems.</p>

<p>Companies do not know whether to do manual or automated web app pen testing, or to go with the hybrid approach. To help find answers, this session will explore:</p><div class="hung_list"><ul><li>How the hybrid approach marks an improvement over the traditional approach</li><li>The limits of an automation-only approach</li><li>What you need in a toolkit -- examples: PortSwigger&rsquo;s Burp Suite Pro (commercial), OWASP Zed Attack Proxy (open source)</li><li>The ideal testing methodology</li></ul></div>

Hybrid Web App Pen Testing

Afternoon Roundtable How-To Sessions

Technology Group 2-2

<p>Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.</p>

Registration & Breakfast

Technology Group 1-1

<p>Phishing is an old social engineering technique and organizations have certainly tried to make employees aware of email links they shouldn&rsquo;t open. But phishing remains a highly successful technique for the bad guys. So what do we keep doing wrong?
    This session explores:</p><div class="hung_list"><ul><li>New phishing security tools that may help</li><li>What organizations can do to enhance security awareness among employees</li></ul></div>

Phishing and Social Engineering: New Solutions to an Old Problem

<p>Ransomware continues to be a significant problem for many organizations, and it has shown a ferocious ability to evolve. One reason is ransomware as a service, where people with little skill can buy ransomware-making kits online. This session explores:</p><div class="hung_list"><ul><li>Ways ransomware has evolved in the last 6-12 months</li><li>What ransomware as a service looks like and why it&rsquo;s such a problem</li><li>What vendors are doing to get ahead of the bad guys</li></ul></div>

The Changing Face of Ransomware

<p>Organizations want their SIEM to alert them in real time, but that&rsquo;s not happening. Instead, their SIEM only helps determine how a breach occurred after the fact. Practitioners have heard that UEBA and SOAR can be used to overcome the limits of
    their current SIEM set up, but they seek concrete answers about how it all works and what kind of training and investments are required. In this session, attendees will learn:</p><div class="hung_list"><ul><li>The specific actions they must take in order to fully understand where their SIEM is hitting the wall</li><li>A list of ways to tell if their MSSP is properly goaled/resourced/qualified to correlate and alert in real time</li><li>A clearer understanding of the small and well-defined situations AI/ML is best suited for</li></ul></div>

How to Fill SIEM Gaps with UEBA/SOAR

<p>IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.</p>

Tabletop Break

Tabletop Break 2

Many of today&rsquo;s companies are hesitant to adopt new security technologies &ndash; particularly AI.&nbsp; The truth is AI is successfully disrupting many areas of security operations. Chris will discuss autonomous security driven by AI, probability theory and advanced algorithms: apply reasoning, judgement and experience to identify threats with machines and freeing up our skilled analysts for investigation and response.

Lunch & Sponsor Keynote: The Power of AI to Disrupt Security Ops

<p>Chris Triolo serves as global Vice President of Customer Success at Respond Software, a Cyber Security start-up that leverages Artificial Intelligence to develop solutions for next-generation Security Operations.&nbsp;Chris Triolo has more than 20 years of information security industry experience.&nbsp; Starting as a practitioner and growing into leadership roles, Chris has held strategic positions in such industry stalwarts as Hewlett Packard Enterprise, IBM, and Northrop Grumman.&nbsp;Chris is a Certified Information Systems Security Professional.&nbsp;He is based in Denver, Colorado.&nbsp;</p>

Lunch & Sponsor Keynote

<p>Companies are usually unaware that a malicious insider is up to no good in their networks until it&rsquo;s too late. They need help knowing how to identify early red flags. To that end, this session will explore:</p><div class="hung_list"><ul><li>Early red flags to look for</li><li>Security controls you can put in place to detect and prevent insider threat activity</li><li>Top insider threat monitoring solutions, their strengths and weaknesses</li><li>Detection tool essentials</li></ul></div>

Insider Threats

Afternoon Roundtable Workshop Sessions

<p>Come network with your peers! Hors d'eouvres and cocktails will be served!</p>

Networking Reception

Tabletop Break 1

<p>Companies still struggle to get developers and security on the same page. They need case studies to show them where and how DevSecOps successes have happened. To that end, this session explores:</p><div class="hung_list"><ul><li>Case studies of DevSecOps done right</li><li>How to measure your maturity for DevSecOps -- Phase 1 to Phase 5, for example</li><li>How to put the &ldquo;Shift Left&rdquo; DevSecOps workflow in place</li><li>How DevSecOps leads to more secure cloud deployments</li><li>How to use DevSecOps to improve security in IoT technology when they are at the development stage</li></ul></div>

DevSecOps Business Cases

<p>With $472B under management, Blackstone is one of the world&rsquo;s largest and most successful alternative asset managers. Adam Fletcher is their CISO.</p><p>Join a discussion where Phil Gardner, IANS&rsquo; CEO, asks Adam about himself and his career &ndash; what makes him good, how he&rsquo;s progressed, and why he was selected as Blackstone&rsquo;s CISO &ndash; and what he&rsquo;s learned (to date) in the
    journey. </p>

Charting your Course:  A Keynote Discussion with Blackstone's CISO Adam Fletcher

<p>Adam Fletcher, CISM, is the Chief Information Security Officer for Blackstone. As a security professional with over 17 years of experience, Adam has worked with global security organizations large and small including McAfee, Nokia, VeriSign, ISS and Accuvant. Adam has a strong technical foundation, developed from roles in security architecture design and implementation, that is complemented by management experience gained from roles leading consulting engagements and global teams of information security professionals. Prior to joining Blackstone, Adam led the International Security team for Equifax, coordinating a global security program across 14 countries, each with different business, regulatory, and privacy requirements.</p>

Keynote Interview

<p>Come join us as we welcome you to the Forum.</p>

IANS Welcome and Perspective

DAY 1

2019 Chicago Forum Day 1

<p>Companies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that&rsquo;s right. This session will explore:</p>
<div class="hung_list">
    <ul>
        <li>Particular tools you should be using to create more automation</li>
        <li>How to use automation to move through the flaw finding and patching process more quickly</li>
        <li>Which companies have taken this to the next level</li>
        <li>What they did to move past the struggle most still find themselves in</li>
        <li>What the Vulnerability Management Process Workflow is and how will it help</li>
        <li>How can organizations can ensure data within their SQL Server, DB2 and Oracle databases are secure?</li>
        <li>Besides Shodan, some other tools that will cast a wider net for vulnerabilities</li>
    </ul>
</div>

Breaking a Failed Vulnerability Management Cycle

<p>Companies struggle enough with basic security tasks and don&rsquo;t truly know if deception/honeypots are worth trying or if they would provide the adequate ROI. To help them reach a better place, this session will explore:</p><div class="hung_list"><ul><li>What level of operational maturity one must have for honeypots/deception to make sense?</li><li>How to find balance when it comes to how many doors to leave open for snoopers and would-be thieves</li><li>The latest honeypot/deception technologies worth deploying</li><li>The management/technology overhang associated with them?</li><li>Buying versus building</li></ul></div>

Deception and Honeypots

<p>Cryptojacking malware and crypto mining are eating AWS resources, tying up CPU capacity and costing money. This session will help you fight back by exploring:</p><div class="hung_list"><ul><li>How to tell if cryptomining malware is in the system</li><li>How to get the malware out of your systems</li><li>How to keep it out</li><li>The most prolific cryptocurrency-based attacks targeting companies</li><li>How this malware differs from others, such as worms, ransomware and Trojans</li></ul></div>

Cryptojacking & Cryptocurrency Mining: Defensive Measures

<p>Incident response is a process that oftentimes isn't seen as relevant until it becomes necessary. While it's easy to justify building an initial IR capability, it's often difficult to understand whether your IR team is mature, how mature they are, and what you need to do to mature the capability. In this talk, Jake will cover actionable steps you can take to quickly and effectively mature your incident response program.</p>

IANS Faculty Keynote: Maturing Your Incident Response Team

<p>Vendors hype the benefits of AI/ML too broadly when it&rsquo;s really meant for small, well-defined situations. This session will address the following:</p><div class="hung_list"><ul><li>When we say AI/ML is for small or well-defined situations, what are examples of those?</li><li>What are specific examples of where AI/ML works, and where it doesn&rsquo;t?</li></ul></div>

Cutting Through the AI/ML Vendor Hype

<p>Attackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. It&rsquo;s time to get proactive &ndash; and that&rsquo;s where threat hunting comes into play. This session explores the latest techniques
    in that area, and how to:</p><div class="hung_list"><ul><li>Position hunt teams to directly increase the overall maturity (and ROI) of their monitoring and detection capabilities</li><li>Detect abnormal patterns of behavior</li></ul></div>

New Threat Hunting Techniques

<p>As IT infrastructure gets more complex and infrastructure-as-a-service (IaaS) becomes a reality, one of the few controls we have left is privileged user management (PUM). But it&rsquo;s difficult to get it right. To advance in the right direction, this
    session will explore:</p><div class="hung_list"><ul><li>How to link privileged access management to change management</li><li>How to identify what is happening with the use of these credentials</li><li>How to Identify the appropriate tools to use for privileged access management</li><li>How to handle insider threats related to privilege abuse/misuse</li></ul></div>

Prioritizing Privilege Management

<p>Companies don&rsquo;t understand how blockchain works inside their security vendor offerings. This session will arm attendees with a stronger foundation by exploring:</p><div class="hung_list"><ul><li>The use cases around how blockchain enhances security</li><li>Blockchain-related products that are actually viable</li><li>How blockchain increase the efficacy of things like vulnerability management and SIEM</li><li>What CISOs should tell their exec stakeholders about blockchain</li></ul></div>

Blockchain: What Your Vendors Have and How to Use It

The start of 2019 started with a huge uptick in activity across the globe, spanning from a massive increase in the number of IoT malware being distributed to an increase in geopolitical skirmishes between nation states. Couple that with a massive increase in the &ldquo;juicy middle&rdquo; (100Gbps &ndash; 400Gbps) of DDoS attacks and we have a threat landscape in constant turmoil. Gain some insight and a peak into this ever-churning battle-ground to increase your awareness of threats impacting your organization.

Lunch & Sponsor Keynote: Global Crime, Nation-state, and DDoS Trends

Richard Hummel has 11 years of experience in the intelligence field and is currently the Threat Intelligence Manager for Arbor Networks' ASERT Research Team. Previously, he served as Manager and Principal Analyst on the FireEye iSIGHT Intelligence’s Financial Gain team. He began his career as a Signals Intelligence Analyst with the United States Army. During the course of his service he became certified in Digital Network Intelligence and supported multiple operations overseas including a deployment to Iraq. After departing from the Army as an enlisted soldier, he began contracting work as a Computer Network Operations analyst in support of the Army. During his tenure as a contractor, he developed many methods and procedures for conducting Cyber Discovery and trained analysts at Army INSCOM HQ's. At FireEye iSIGHT Intelligence, he led a team of technical analysts in the tracking, reporting, and analysis of various cyber crime related malware families.

<p>It's difficult to choose and implement security tools that scale in an environment where multiple platforms have different settings, features and requirements. This session will address the technical remedies, including:</p><div class="hung_list"><ul><li>Differences to accounted for between one platform and the next during tool selection</li><li>Different vendor and tool categories and how do they compare</li><li>Pros and cons of multi-cloud access brokers?</li></ul></div>

Security Tools for a Multi-Platform Cloud Environment

<p>Join us for closing remarks and the chance to win prizes!</p>

Closing Ceremonies

DAY 2

2019 Chicago Forum Day 2

Default Calendar

Attendee Contact

Sponsor Contact

The IANS 2019  Chicago Information Security Forum delivers an immersive curriculum with 30+ sessions led by esteemed IANS Faculty, global information security thought leaders and solution providers.
Attend the two-day Forum to gain actionable technical solutions and leadership insights focused on current and emerging challenges facing enterprise security leaders.
Network with peers to benchmark your information security practices and engage with IANS Faculty during interactive sessions.

Onsite Questions

Sponsorship Questions

Registration Questions

General Information

Housing & Travel Questions

Register Now

Two-day event with keynotes, breakout sessions, technology spotlight sessions, and networking breaks.

<p>NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) assures digital business services against disruptions in availability, performance, and security. Our nGenius service assurance solutions provide real-time, contextual analysis of service, network, and application performance. Arbor security solutions protect against DDoS attacks that threaten availability and advanced threats that infiltrate networks to steal critical business assets. To learn more about improving service, network, and application performance in physical or virtual data centers, or in the cloud, and how NETSCOUT’s performance and security solutions, powered by service intelligence can help you move forward with confidence, visit www.netscout.com or follow @NETSCOUT and @ArborNetworks on Twitter, Facebook, or LinkedIn.</p>

NETSCOUT

<p>Respond Software delivers instant return on investment (ROI) to organizations in their battle against cyber-crime. With its patented intelligent decision engine, PGO®, Respond Software’s product uniquely combines the best of human expert judgement with the scale and consistency of software. Our quick-to-implement cybersecurity automation software delivers the equivalent of a virtual, best-of-breed analyst team that dramatically increases capacity and improves monitoring and triage capabilities at a fraction of the cost. Respond Software was founded in 2016 by security and software industry veterans. <a href="https://respond-software.com/" target="_blank">www.respond-software.com</a></p>

Respond

Platinum Sponsors

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed. Aqua customers are among the world’s largest enterprises in financial services, software, media, manufacturing and retail, with implementations across a broad range of cloud providers and modern technology stacks spanning containers, serverless functions, and cloud VMs.

Aqua Security

<p>Contrast Security enables applications to automatically detect and fix vulnerabilities, identify attacks, and defend themselves. Contrast employs security instrumentation to strengthen applications before they deploy, protect in production and provide visibility throughout the application lifecycle. More information can be found at <a href="https://www.contrastsecurity.com" target="_blank">www.contrastsecurity.com</a> or by following Contrast on Twitter at @ContrastSec.</p>

Contrast Security

Dragos, Inc. is an industrial cybersecurity company focused on some of the community's hardest problems. The ecosystem our team has built is specifically tailored for industrial environments such as those found in industrial control system (ICS), Supervisory Control and Data Acquisition (SCADA), and Distributed Control System (DCS) environments. Our software platform and services help operators protect infrastructure sites such as power grids, water distribution sites, oil refineries, gas pipelines, manufacturing, and more. The Dragos team exists to safeguard civilization.

Dragos

<p>Expanse helps organizations discover, track, and monitor their internet-exposed attack surface. Our outside-in approach can find previously unknown security exposures, and provides global visibility into communication between your assets and those that may be risky or out of policy.</p>

Expanse

<p>Hysolate is an OS Isolation-as-a-Service provide for remote-first companies with remote first-security.&nbsp;Hysolate makes it easy to strongly isolate corporate assets, both on corporate-owned devices and on non-corporate devices, allowing users to work freely without compromising corporate security. The virtual and isolated environments that are deployed on users’ endpoints are fully managed remotely with a robust and fine grained set of networking, clipboard and data security policies making. This allows file transfers,for example, only to the non-corporate environment on the host, to reduce the chance of copying an infected file into the corporate environment. Access control, application management and insights across the entire workforce and organization allow both users and businesses to continue to work from home in a secure manner.<br></p>

Hysolate

<p>SentinelOne, headquartered in Mountain View, California, is a provider of next-generation endpoint security, serving more than 2000 customers globally, including 3 of the Fortune 10. Leveraging a single autonomous agent architecture and cloud analytics platform – the SentinelOne solution enables customers to defend against the most advanced cyber threats, including malware, ransomware, and non-malware attacks. Deployed via the cloud, on premise or as a multi-tenant managed service, customers use SentinelOne to protect their servers, VDI, cloud and endpoint systems (including cross platform coverage for Windows, Windows legacy, macOS, and Linux), hunt threats, and replace legacy antivirus.  Visit <a href="https://www.sentinelone.com" target="_blank">sentinelone.com</a> to learn more.</p>

SentinelOne

<p>ZeroFox, the leader in external cybersecurity, provides enterprises external threat intelligence and protection to disrupt threats to brands, people, assets and data across the public attack surface in one, comprehensive platform. With complete global coverage across the surface, deep and dark web and an artificial intelligence-based analysis engine, the ZeroFox Platform identifies and remediates targeted phishing attacks, credential compromise, data exfiltration, brand hijacking, executive and location threats and more. The patented ZeroFox Platform technology processes and protects millions of posts, messages and accounts daily across the social and digital landscape, spanning LinkedIn, Facebook, Slack, Instagram, Pastebin, YouTube, mobile app stores, domains, cloud-based email and more.</p>

ZeroFox

Gold Sponsors

Deep Instinct is the first company to apply deep learning to cybersecurity. Deep learning is inspired by the brain’s ability to learn. Once a brain learns to identify an object, its identification becomes second nature. Similarly, as Deep Instinct’s artificial neural network brain learns to detect any type of cyber threat, its prediction capabilities become instinctive. As a result, any kind of malware, known and new, first-seen malware, zero-days, ransomware and APT attacks are predicted and prevented in real-time with unmatched accuracy.

Deep Instinct

<p>Guardicore is the segmentation company disrupting the legacy firewall market. Our software-only approach is decoupled from the physical network, providing a faster alternative to firewalls. Built for the agile enterprise, Guardicore offers greater security
    and visibility in the cloud, data-center and endpoint. For more information, please visit <a data-sf-ec-immutable="" href="https://www.guardicore.com/" target="_blank">www.guardicore.com</a> or go to <a data-sf-ec-immutable="" href="https://twitter.com/guardicore" target="_blank">Twitter</a> or
    <a data-sf-ec-immutable="" href="https://www.linkedin.com/company/guardicore/" target="_blank">LinkedIn</a>.</p>

Guardicore

<p>GuidePoint Security is an elite team of top certified cybersecurity experts. We help organizations minimize cyber gaps and vulnerabilities, understand the evolving threat landscape and optimize resources designed to create a safer, more secure cybersecurity ecosystem. Learn more at <a href="https://www.guidepointsecurity.com" target="blank">www.guidepointsecurity.com</a>.</p>

GuidePoint Security

<p>Intezer introduces a Genetic Malware Analysis technology, offering enterprises automated malware analysis for improving their security operations and accelerating incident response. Intezer’s platform provides a fast, in-depth understanding of any device or file by mapping its code DNA at the ‘gene’ level. By identifying the origins of every single piece of code within seconds, Intezer can quickly detect code reuse to known malware, as well as code that was seen in trusted applications. For more information, visit <a href="https://www.intezer.com" target="_blank">intezer.com</a>.</p>

Intezer

<p>Kenna Security is a leader in cyber risk management. The Kenna Security platform, powered by Cyber Risk Context Technology, tracks and predicts real-world exploitations, enabling organizations to work cross-functionally to mitigate cyber risk. Kenna counts among its customers many Fortune 100 companies, and serves nearly every major vertical. Kenna Security is headquartered in San Francisco.</p>

Kenna Security

Lastline’s Network Detection and Response platform detects and contains sophisticated threats before they disrupt your business, on premises and in the cloud.  We offer the industry’s MOST accurate detection, unmatched visibility into the attack chain and automated response to stop breaches. More than 20 million users turn to us for protection from cyber threats.

Lastline

<p>Malwarebytes business is protecting workplace productivity. We make it safe for your employees to connect from anywhere, using all the applications they need. Whether you’re a small business or a large enterprise, have an IT staff of one or a dedicated
    security team, Malwarebytes keeps your business moving. Our solutions support you with analytics-driven, multi-layer threat protection, industry-leading incident response, and endpoint security orchestration. It’s bold cybersecurity, built for
    people, by people who give a damn. We keep breaches from becoming catastrophes, avoiding operations downtime. We simplify and strengthen overall cybersecurity, so everyone—security professionals and employees alike—can focus on the important
    aspects of their work. Visit <a data-sf-ec-immutable="" target="_blank" href="http://malwarebytes.com">malwarebytes.com</a> to learn more.</p>

Malwarebytes

<p>Qualys, Inc. is a pioneer and leading provider of cloud-based security and compliance solutions that help organizations streamline and consolidate their security and compliance solutions and build security into digital transformation. The Qualys Cloud Platform and its integrated Cloud Apps deliver businesses critical security intelligence continuously across global IT assets.</p>

Qualys

<p>Tenable®, Inc. is the Cyber Exposure company. Over 24,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies.</p>

Tenable Inc.

Thales is a worldwide leader in data protection, providing everything an organization needs to protect and manage its data, identities and intellectual property – through encryption, advanced key management, tokenization, authentication and access management. Whether it’s securing the cloud, digital payments, or the Internet of Things. Security professionals rely on Thales to confidently accelerate their organization’s digital transformation. Thales Cloud Protection &amp; Licensing is part of Thales Group.<p></p><p><a data-sf-ec-immutable="" href="http://www.thalesgroup.com" target="blank"></a></p>

Thales

<p>Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification, and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.</p>

Varonis Systems Inc.

Vectra® uses artificial intelligence to automate real-time cyber attack detection and response – from network users and IoT devices to data centers and the cloud. All internal traffic is continuously monitored to detect hidden attacks in progress. Detected threats are instantly correlated with host devices that are under attack and unique context shows where attackers are and what they are doing. Threats that pose the biggest risk to an organization are automatically scored and prioritized based on their severity and certainty, which, enables security operations teams to quickly focus their time and resources on preventing and mitigating loss.

Vectra

<p>Votiro specializes in eliminating file born attacks carried through email attachments, web downloads, removable media and file sharing platforms. Our Zero-Trust CDR technology allows users to safely open any file type while keeping its functionality fully intact. Where Anti-virus and sandboxes fail, we succeed. Votiro provides its customers with high throughput and high security.</p>

Votiro

Silver Sponsors

Information Security Forum

This two-day Forum is designed for security practitioners to gain actionable technical solutions and leadership insights focused on current and emerging challenges. Network with peers to benchmark your information security practices and engage with IANS Faculty during interactive sessions.

2019 Chicago Information Security Forum

Chicago Marriott Downtown Magnificent Mile, 540 Michigan Ave, Chicago, IL 60611

Professional Development

Executive Competencies

Live Online Training

Online Training Library

Compensation & Budget

Take the Survey

Reports

Survey Visualization Tool

Executive Communications

Incident Command Center

Resource Center

Events

Forums

CISO Roundtables

Symposiums

Webinars

Vendor Assessment Community

Who We Are

About Us

Our Story

Careers

Contact Us

What We Do

InfoSec-Specific Executive Development for CISOs and Aspiring Security Leaders.

Live Faculty-led instruction and interactive labs to build you and your team"s InfoSec skills.

2019 Chicago

Information Security Forum

Who Should Attend?

Contact us at:

Contact us at:

Who Should Attend?