<p>Your Red Team does one thing, your Blue Team does the other, and they don&rsquo;t talk. Companies struggle to get them on the same page and achieve the true value of these exercises. What to do? This session will explore:</p><div class="hung_list"><ul><li>The most valuable KPIs to use for these activities</li><li>How to use automation testing to test the effectiveness of a response during an exercise</li><li>How to leverage balanced scorecards for direct tracking of capabilities</li></ul></div>

Bringing Red/Blue/Purple Teaming into Balance

<p>Dr. Ondrej Krehel is the Founder, CEO, and Digital Forensics Lead of LIFARS LLC, an international cybersecurity and digital forensics firm. He is also the Co-Founder and an Advisory Board Member of QuBit Conference, an events and training company dedicated to connecting the information security community. Ondrej is an accomplished speaker having lectured for FBI Training Academy and the National Executive Institute. He also serves as a member of New York Metro Infragard, as the Chapter Leader of OWASP NYC, and as a Distinguished Fellow with the Ponemon Institute.</p>

<p>Chris is the Co-Founder and CEO of LARES Consulting, an information 
security consulting firm that leverages a blend of assessment, testing, 
and coaching. He also serves on the Board of Directors at CREST, an 
international not-for-profit accreditation
    and certification body that represents and supports the technical 
information security market.</p>

Bringing Red/Blue/Purple Teaming into Balance: Ondrej Krehel and Chris Nickerson

IANS Tabletops gives you an opportunity to connect with information security leaders in a relaxed environment. Come stretch your legs and network with your peers and solution providers over snacks and coffee.

Tabletop Break

Tabletop Break 1

<p>Organizations want their SIEM to alert them in real time, but that&rsquo;s not happening. Instead, their SIEM only helps determine how a breach occurred after the fact. Practitioners have heard that UEBA and SOAR can be used to overcome the limits of
    their current SIEM set up, but they seek concrete answers about how it all works and what kind of training and investments are required. In this session, attendees will learn:</p><div class="hung_list"><ul><li>The specific actions they must take in order to fully understand where their SIEM is hitting the wall</li><li>A list of ways to tell if their MSSP is properly goaled/resourced/qualified to correlate and alert in real time</li><li>A clearer understanding of the small and well-defined situations AI/ML is best suited for</li></ul></div>

How to Fill SIEM Gaps with UEBA/SOAR

<p>Dave is the Founder and Owner of TrustedSec, an information security consulting firm, and Binary Defense, a Managed Security Service Provider (MSSP) that detects attackers early to prevent large-scale invasions. In addition to creating several widely popular open-source tools, including 'The Social-Engineer Toolkit' (SET), PenTesters Framework (PTF), and Artillery. David has also released security advisories, including zero-days, with a focus on security research. </p><p>Prior to his work in the private sector, Dave served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. He also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.
</p>

How to Fill SIEM Gaps with UEBA/SOAR: Dave Kennedy

<p>Network security and monitoring remains essential in light of increasing volumes of data and an ever-expanding threat landscape, but comprehensive network visibility is hard, and organizations need better guidance. This session aims to provide that by
looking at:</p>
<div class="hung_list">
<ul>
    <li>What organizations are missing and which vendors and techniques can help</li>
</ul>
</div>

Advances in Network Visibility

<p>Mike is the President of Securosis, an information security research and advisory firm, as well as Co-Founder and President of DisruptOps, a cloud detection and response company. His breadth of experience in the information security space and bold perspectives are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape. Mike started practicing and advising on security topics over 25 years ago, and he’s been trying to get out of the business ever since…to no avail.</p>

Advances in Network Visibility: Mike Rothman

<p>There are too many vendors, an over-saturated market and confusion over the security requirements that truly matter vs. the vendor fluff. In this session, you&rsquo;ll learn how cut through the confusion and address:</p><div class="hung_list"><ul><li>What the cloud provider landscape look like </li><li>When to go with a big player as opposed to smaller players </li><li>Questions you should ask internally before looking at potential providers</li><li>The right (or wrong) questions to ask prospective cloud providers</li></ul></div>

Choosing a Cloud Provider

<p>Dave is the Founder and Principal Consultant with Voodoo Security, an 
information security consulting firm with broad expertise. He is also a 
Senior Instructor, Analyst, and Course Author for the SANS Institute and
 a VMware vExpert with extensive experience designing and configuring 
secure virtualized infrastructures. In addition, Dave has served as 
Co-Chair of the Cloud Security Alliance (CSA) Top Threats Working Group 
and founded the CSA Atlanta Chapter. Dave has consulted with hundreds of
 organizations in the areas of security, regulatory compliance, network 
architecture, and engineering. He has also worked as a security 
architect, analyst, and manager for several Fortune 500 companies.
</p>

Afternoon Roundtable Workshop Sessions

Choosing a Cloud Provider: Dave Shackleford

Come join us as we welcome you to the Forum.

IANS Welcome and Perspective

Come network with your peers! Hors d'oeuvres and cocktails will be served!

Networking Reception

<p>Phishing is an old social engineering technique and organizations have certainly tried to make employees aware of email links they shouldn&rsquo;t open. But phishing remains a highly successful technique for the bad guys. So what do we keep doing wrong?
    This session explores:</p><div class="hung_list"><ul><li>New phishing security tools that may help</li><li>What organizations can do to enhance security awareness among employees</li></ul></div>

Phishing and Social Engineering: New Solutions to an Old Problem

<p>Jake Williams is the Executive Director of Cyber Threat Intelligence at SCYTHE. Williams is a cybersecurity expert who has more than two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. He has worked with many government agencies in information security at federal, state, and local levels. Williams is an IANS Faculty Member and also works as a SANS Analyst. He is a prolific speaker on topics in information security and has trained thousands of people on incident response, red team operations, reverse engineering, cyber threat intelligence, and other information security topics. Jake is the two time winner of the DC3 Digital Forensics Challenge, a recipient of the DoD Exceptional Civilian Service Award, and is one of only a handful of people to ever be certified as Master Network Exploitation Operator by the US Government.</p>

Phishing and Social Engineering: New Solutions to an Old Problem: Jake Williams

<p>Fortune 1000 problem: Companies spin up containers quickly, then set them loose with no security due diligence. It&rsquo;s a process problem as much as a technology issue. Questions to address:</p><div class="hung_list"><ul><li>How can a company create a more deliberate process to determine when containers are necessary?</li><li>What is some specific automation or orchestration tools? (Docker Swarm, Kubernates)</li><li>How does one optimize such tools as AppArmor and SELinuxbecause to prevents a misconfiguration or bug at the container daemon level?</li><li>What is Docker Notary and how can it add a layer of trust?</li><li>What are some of the more recent attacks to exploit unsecured containers?</li></ul></div>

Getting Control of Container Security

Afternoon Roundtable How-To Sessions

Getting Control of Container Security: Dave Shackleford

<p>Companies face challenges with how to run an effective bug bounty program and oftentimes don&rsquo;t know whether to do it in-house or through crowdsourcing. This session addresses ways to move forward by exploring:</p>
<div class="hung_list">
<ul>
    <li>How bug bounty programs translate into cost savings</li>
    <li>At what maturity level you should be at before taking on this challenge in-house</li>
    <li>The fundamentals for putting an internal program together</li>
    <li>The pros and cons of such outsourced services as those provided by Bugcrowd and HackerOne</li>
</ul>
</div>

Bug Bounties: Do-it-Yourself vs Crowdsourcing

Bug Bounties: Do-it-Yourself vs Crowdsourcing Jake Williams

Join the Technology Spotlight session where Sponsors will present their innovative technology. Each session will last 35 minutes and are both technical and educational in nature. This is your opportunity to stay current on emerging technologies and see what is going on in the space.

Technology Group 2

Technology Group 2-1

Technology Group 1

Technology Group 1-1

<p>The endpoint continues to grower wider and muddier as professionals access company resources from a growing array of mobile devices. This session looks at:</p><div class="hung_list"><ul><li>How VPNs are evolving</li><li>Vendors in the space and how they compare</li><li>Tools and techniques organizations can use to bolster secure remote access</li></ul></div>

Advancements in Secure Remote Access

<p>Aaron Turner is the VP of SSPM at Vectra AI. This followed the acquisition of Siriux Security, a SaaS posture management company which he founded and served as CEO. He is also a member of the board and security advisor to HighSide and CTO of Integricell. Aaron is a long-serving member of the RSA Conference Program Committee, helping select educational content presented at the annual RSA Conference.</p>

Advancements in Secure Remote Access: Aaron Turner

ITOps and SecOps have collaborated for years. However, many organizations are now looking at approaches that make the collaboration more formal. Many enterprises are adopting the concept of the &ldquo;Versatilist&rdquo; and replacing war room discussions with agile approaches to problem solving. This session will address the increasing complexity of our networks and the need for a common and consistent approach to visibility in the multicloud.

Lunch & Sponsor Keynote: Visibility and Collaboration in the Multicloud

As VP of Enterprise Strategy, Russ is responsible for working with enterprise customers, partners and field personnel to ensure that NETSCOUT’s products and solutions aremeeting the needs of our customers and the market. Russ has over 15 years working atNETSCOUT where he has held many technical and marketing roles. Prior to joiningNETSCOUT, Russ had worked in IT managing networks for Fidelity Investments and Digital Equipment Corporation where he installed some of the first production Ethernet networks.

Technology Group 1-2

<p>Attackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. It&rsquo;s time to get proactive &ndash; and that&rsquo;s where threat hunting comes into play. This session explores the latest techniques
    in that area, and how to:</p><div class="hung_list"><ul><li>Position hunt teams to directly increase the overall maturity (and ROI) of their monitoring and detection capabilities</li><li>Detect abnormal patterns of behavior</li></ul></div>

New Threat Hunting Techniques

New Threat Hunting Techniques: Dave Kennedy

Technology Group 2-2

<p>There are too many security vendors that have expanded offerings in a way that has created a lot of overlap and complexity within Fortune 1000 companies&rsquo; environments. This session will explore:</p><div class="hung_list"><ul><li>How to do an assessment and logically start pruning your stack</li><li>How one tool can replace several others without loss of functionality or controls coverage</li><li>The most important questions to ask your existing and prospective vendors in order to determine where the overlap exists</li><li>Specific examples of what you can kill?</li><li>Integrations between products that currently exist but are not being leveraged</li></ul></div>

Vendor Optimization: Thinning the Herd

Vendor Optimization: Thinning the Herd: Aaron Turner

<p>Security Operations Centers remain rooted in the same tech, procedures and mindsets that existed before the cloud. They need to adapt to life in the cloud, and this session will explore how to get there. Issues addressed include:</p><div class="hung_list"><ul><li>How an old-world SOC differs from one in the cloud</li><li>Changes you need to make with your SOC</li><li>How to make that transition without dropping the ball in either world</li><li>Skills that need to be picked up in the new cloud-based SOC</li><li>Examples of cloud detection and response</li></ul></div>

Adapting the SOC to a Cloud Environment

Adapting the SOC to a Cloud Environment: Jake Williams

<p>Ransomware continues to be a significant problem for many organizations, and it has shown a ferocious ability to evolve. One reason is ransomware as a service, where people with little skill can buy ransomware-making kits online. This session explores:</p><div class="hung_list"><ul><li>Ways ransomware has evolved in the last 6-12 months</li><li>What ransomware as a service looks like and why it&rsquo;s such a problem</li><li>What vendors are doing to get ahead of the bad guys</li></ul></div>

The Changing Face of Ransomware

The Changing Face of Ransomware: Ondrej Krehel

Come check in to receive your program and CPEs while enjoying a complimentary continental breakfast.

Registration & Breakfast

<p>Companies struggle with how to secure Office 365 apps that come from multiple online marketplaces, from the MS Store to MS Teams and a variety of third-party app stores. This session will explore:</p><div class="hung_list"><ul><li>How to confirm the security levels of various apps</li><li>Specific validation techniques for MS App Store, Teams Store and others</li><li>Warning signs that an app is problematic and shouldn&rsquo;t be downloaded</li><li>Advice the security team can give employees on what to watch out for</li></ul></div>

Email in the Cloud: Stress Testing Office 365 Apps

Email in the Cloud: Stress Testing Office 365 Apps: Aaron Turner

<p>Companies still struggle to get developers and security on the same page. They need case studies to show them where and how DevSecOps successes have happened. To that end, this session explores:</p><div class="hung_list"><ul><li>Case studies of DevSecOps done right</li><li>How to measure your maturity for DevSecOps -- Phase 1 to Phase 5, for example</li><li>How to put the &ldquo;Shift Left&rdquo; DevSecOps workflow in place</li><li>How DevSecOps leads to more secure cloud deployments</li><li>How to use DevSecOps to improve security in IoT technology when they are at the development stage</li></ul></div>

DevSecOps Business Cases

DevSecOps Business Cases: Mike Rothman

<p>Attackers continue to find new ways to access, steal and corrupt files. This means organizations need to up their game in protecting them. To that end, this session will explore:</p>
<div class="hung_list">
<ul>
    <li>Advancements vendors in the space have made and what&rsquo;s right for you</li>
    <li>The latest techniques to ensure files are only being accessed by those whose jobs require it</li>
</ul>
</div>

File Security: Tools and Techniques in 2019

Morning Roundtable How-To Sessions

File Security: Tools and Techniques in 2019: Dave Shackleford

Tabletop Break 2

<p>Join City National Bank&rsquo;s CISO Brian Fricke and IANS&rsquo; CEO Phil Gardner for a far-ranging keynote conversation that will tackle how to make infosec risk management real and tangible, where to find talent,&nbsp;the importance &lsquo;speaking business&rsquo; and Brian&rsquo;s view on AI&rsquo;s infosec utility.&nbsp;</p>

A Keynote Discussion with CNB’s Brian Fricke: Getting Real & Tangible Around Risk Management

<p>A business-centric technology professional, specializing in strategic Enterprise Information Security Policy and Risk Management, Brian is currently the Chief Information Security Officer of City National Bank. Formally establishing the first of its kind Information Security Programs at BBVA &amp; Bank OZK, he has overseen the information &amp; cyber security risk portfolio of over 600 sites, 30,000 Personnel, and 20,000 systems and endpoints across the globe for public and private entities.</p><p>Formerly a civil servant as the CISO and Cyber Security Branch Manager at the US Navy's Military Sealift Command (MSC) at the Washington Navy Yard in Washington, DC. Brian is a Certified Information Systems Security Professional (CISSP) and holds a variety of relevant certifications (CISM, CCSP, CSSLP etc.). In his role at MSC he was responsible for planning, organizing and managing the implementation of cyber security industry best practice, as well as DoD &amp; Federal cyber security mandates. A former active duty Marine, he has worked at the Joint Chiefs of Staff in the Pentagon, the US Agency for International Development (USAID), the Securities Exchange Commission (SEC) in Manhattan and was an officer of the Board of Directors of OutServe, a 501(c)(3) non-profit. He was Class President of the The George Washington University School of Business, World Executive MBA, Class of 2013, and also holds a Graduate Certificate in Strategic Cybersecurity Enforcement.</p>

DAY 1

2019 Atlanta Forum Day 1

<p>Vendors hype the benefits of AI/ML too broadly when it&rsquo;s really meant for small, well-defined situations. This session will address the following:</p><div class="hung_list"><ul><li>When we say AI/ML is for small or well-defined situations, what are examples of those?</li><li>What are specific examples of where AI/ML works, and where it doesn&rsquo;t?</li></ul></div>

Cutting Through the AI/ML Vendor Hype

Cutting Through the AI/ML Vendor Hype: Aaron Turner

<p>Companies struggle to find a successful recipe for their security culture and need a concrete example of what another company has done to get it right. This session will offer:</p><div class="hung_list"><ul><li>A case study for a company that has succeeded in growing a true security culture</li><li>Three things you can do to change that trajectory and actually make your program effective</li><li>Ways to expand the team with non-traditional security staff (i.e. ambassadors/champions)</li></ul></div>

Case Study: Building a Better Security Culture

Case Study: Building a Better Security Culture Mike Rothman

<p>Companies struggle enough with basic security tasks and don&rsquo;t truly know if deception/honeypots are worth trying or if they would provide the adequate ROI. To help them reach a better place, this session will explore:</p><div class="hung_list"><ul><li>What level of operational maturity one must have for honeypots/deception to make sense?</li><li>How to find balance when it comes to how many doors to leave open for snoopers and would-be thieves</li><li>The latest honeypot/deception technologies worth deploying</li><li>The management/technology overhang associated with them?</li><li>Buying versus building</li></ul></div>

Deception and Honeypots

Deception and Honeypots: Dave Kennedy

<p>As IT infrastructure gets more complex and infrastructure-as-a-service (IaaS) becomes a reality, one of the few controls we have left is privileged user management (PUM). But it&rsquo;s difficult to get it right. To advance in the right direction, this
    session will explore:</p><div class="hung_list"><ul><li>How to link privileged access management to change management</li><li>How to identify what is happening with the use of these credentials</li><li>How to Identify the appropriate tools to use for privileged access management</li><li>How to handle insider threats related to privilege abuse/misuse</li></ul></div>

Prioritizing Privilege Management

Prioritizing Privilege Management: Aaron Turner

<p>It's difficult to choose and implement security tools that scale in an environment where multiple platforms have different settings, features and requirements. This session will address the technical remedies, including:</p><div class="hung_list"><ul><li>Differences to accounted for between one platform and the next during tool selection</li><li>Different vendor and tool categories and how do they compare</li><li>Pros and cons of multi-cloud access brokers?</li></ul></div>

Security Tools for a Multi-Platform Cloud Environment

Security Tools for a Multi-Platform Cloud Environment: Dave Shackleford

Join us for closing remarks and the chance to win prizes!

Closing Ceremonies

<p>Companies have limited resources to keep up with an endless pile of vulnerabilities and patches and need to determine what they keep getting wrong and what others are doing that&rsquo;s right. This session will explore:</p><div class="hung_list"><ul><li>Particular tools you should be using to create more automation</li><li>How to use automation to move through the flaw finding and patching process more quickly</li><li>Which companies have taken this to the next level</li><li>What they did to move past the struggle most still find themselves in</li><li>What the Vulnerability Management Process Workflow is and how will it help</li><li>How can organizations can ensure data within their SQL Server, DB2 and Oracle databases are secure?</li><li>Besides Shodan, some other tools that will cast a wider net for vulnerabilities</li></ul></div>

Breaking a Failed Vulnerability Management Cycle

Breaking a Failed Vulnerability Management Cycle: Dave Shackleford

<p>Securing the cloud is fundamentally different from how it&rsquo;s done on-premises, yet there are very few guidebooks or clear methods to ensure adequate protection. This session will take you to the next level by exploring:</p><div class="hung_list"><ul><li>The Securosis/IANS Cloud Security Maturity Model</li><li>The difference between being a cloud native and a cloud tourist</li><li>Best practices to set up a secure cloud environment</li><li>How serverless functions enable continuous cloud security</li><li>How to implement guardrails around your Cloud</li></ul></div>

The Cloud Security Maturity Roadmap

The Cloud Security Maturity Roadmap: Mike Rothman

<p>Companies are usually unaware that a malicious insider is up to no good in their networks until it&rsquo;s too late. They need help knowing how to identify early red flags. To that end, this session will explore:</p><div class="hung_list"><ul><li>Early red flags to look for</li><li>Security controls you can put in place to detect and prevent insider threat activity</li><li>Top insider threat monitoring solutions, their strengths and weaknesses</li><li>Detection tool essentials</li></ul></div>

Insider Threats

Insider Threats: Jake Wiliams

Many of today&rsquo;s companies are hesitant to adopt new security technologies &ndash; particularly AI.&nbsp; The truth is AI is successfully disrupting many areas of security operations. Chris will discuss autonomous security driven by AI, probability theory and advanced algorithms: apply reasoning, judgement and experience to identify threats with machines and freeing up our skilled analysts for investigation and response.

Lunch & Sponsor Keynote: The Power of AI to Disrupt Security Ops

<p><strong>Respond Software, VP Product Strategy and Co-Founder</strong></p>
<p>Chris has over 30 years of experience in defensive information security: 14 years in the defense and intelligence community and 17 years in the commercial industry. He has worked on the Defense Department Joint Staff and held leadership positions in both large and small companies, including IBM and HPE. He has designed, built and managed global security operations centers and incident response teams for six of the global Fortune-50. As he often says, if you have complaints about today’s security operations model, you can partially blame him. It’s from his first-hand experience in learning the limitations of the man vs. data SecOps model that Chris leads product design and strategy for Respond Software.</p>

<p>Cryptojacking malware and crypto mining are eating AWS resources, tying up CPU capacity and costing money. This session will help you fight back by exploring:</p><div class="hung_list"><ul><li>How to tell if cryptomining malware is in the system</li><li>How to get the malware out of your systems</li><li>How to keep it out</li><li>The most prolific cryptocurrency-based attacks targeting companies</li><li>How this malware differs from others, such as worms, ransomware and Trojans</li></ul></div>

Cryptojacking & Cryptocurrency Mining: Defensive Measures

Cryptojacking & Cryptocurrency Mining: Defensive Measures: Jake Williams

<p>Companies don&rsquo;t understand how blockchain works inside their security vendor offerings. This session will arm attendees with a stronger foundation by exploring:</p><div class="hung_list"><ul><li>The use cases around how blockchain enhances security</li><li>Blockchain-related products that are actually viable</li><li>How blockchain increase the efficacy of things like vulnerability management and SIEM</li><li>What CISOs should tell their exec stakeholders about blockchain</li></ul></div>

Blockchain: What Your Vendors Have and How to Use It

Blockchain: What Your Vendors Have and How to Use It: Ondrej Krehel

<p>Organizations are continually trying to identify how effective their controls are to withstand specific attacks. Understanding threat modeling and risk becomes equally important in these concepts; however, there&rsquo;s so much noise out there, how do we actually prioritize and focus our security programs to become more effective? </p>
<p>In this talk, IANS Faculty member Dave Kennedy will dive down into the top five things that he sees as a consultant advising organizations across the globe on their security programs and ways to promote a better understanding around threats. He&rsquo;ll cover the current state of the industry and the effectiveness he personally sees while working with organizations, as well as how to best improve what he&nbsp;consistently sees as lacking across multiple industry verticals.</p>

IANS Faculty Keynote: The Five Things That Matter

DAY 2

2019 Atlanta Forum Day 2

Default Calendar

a13e2160-4385-49af-8378-332206e680e2,e6f66081-257d-41fa-8a15-03bdaa66f657

Attendee Contact

Sponsor Contact

The IANS 2019 Atlanta Information Security Forum delivers an immersive curriculum with 30+ sessions led by esteemed IANS Faculty, global information security thought leaders and solution providers.
Attend the two-day Forum to gain actionable technical solutions and leadership insights focused on current and emerging challenges facing enterprise security leaders.
Network with peers to benchmark your information security practices and engage with IANS Faculty during interactive sessions.

Onsite Questions

Sponsorship Questions

Registration Questions

General Information

Housing & Travel Questions

Register Now

Two-day event with keynotes, breakout sessions, technology spotlight sessions, and networking breaks.

<p>NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) assures digital business services against disruptions in availability, performance, and security. Our nGenius service assurance solutions provide real-time, contextual analysis of service, network, and application performance. Arbor security solutions protect against DDoS attacks that threaten availability and advanced threats that infiltrate networks to steal critical business assets. To learn more about improving service, network, and application performance in physical or virtual data centers, or in the cloud, and how NETSCOUT’s performance and security solutions, powered by service intelligence can help you move forward with confidence, visit www.netscout.com or follow @NETSCOUT and @ArborNetworks on Twitter, Facebook, or LinkedIn.</p>

NETSCOUT

<p>Respond Software delivers instant return on investment (ROI) to organizations in their battle against cyber-crime. With its patented intelligent decision engine, PGO®, Respond Software’s product uniquely combines the best of human expert judgement with the scale and consistency of software. Our quick-to-implement cybersecurity automation software delivers the equivalent of a virtual, best-of-breed analyst team that dramatically increases capacity and improves monitoring and triage capabilities at a fraction of the cost. Respond Software was founded in 2016 by security and software industry veterans. <a href="https://respond-software.com/" target="_blank">www.respond-software.com</a></p>

Respond

Platinum Sponsors

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed. Aqua customers are among the world’s largest enterprises in financial services, software, media, manufacturing and retail, with implementations across a broad range of cloud providers and modern technology stacks spanning containers, serverless functions, and cloud VMs.

Aqua Security

<p>Contrast Security enables applications to automatically detect and fix vulnerabilities, identify attacks, and defend themselves. Contrast employs security instrumentation to strengthen applications before they deploy, protect in production and provide visibility throughout the application lifecycle. More information can be found at <a href="https://www.contrastsecurity.com" target="_blank">www.contrastsecurity.com</a> or by following Contrast on Twitter at @ContrastSec.</p>

Contrast Security

<p>CyCognito
was founded by offensive security experts whose deep understanding of attacker
techniques led them to create a totally new approach to risk assessment. Our
mission is to help organizations identify and eliminate critical security risks
that are often unknown to them — the attackers’ paths of least resistance. The CyCognito
platform is an external attack surface management solution that fills a
fundamental security gap that has widened dramatically as organizations adopt
fluid IT ecosystems that span on-premises, cloud, partner and subsidiary
environments. CyCognito addresses this gap with a category-defining, attack
surface security platform that automates offensive cybersecurity operations to
provide reconnaissance capabilities superior to those of attackers.</p>

CyCognito

Gigamon is the first company to deliver complete network visibility and 
analytics on all information-in-motion, from raw packets to apps, across
 physical, virtual and cloud infrastructure. We aggregate, transform and
 analyze network traffic to solve for critical performance and security 
needs, including rapid threat detection and response, freeing your 
organization to drive digital innovation. In short, we enable you to run
 fast, stay secure and innovate. 

Gigamon

Illumio, the pioneer and market leader of Zero Trust Segmentation, stops breaches from becoming cyber disasters. Illumio Core and Illumio Edge automate policy enforcement to stop cyberattacks and ransomware from spreading across applications, containers, clouds, data centers, and endpoints. By combining intelligent visibility to detect threats with security enforcement achieved in minutes, Illumio enables the world’s leading organizations to strengthen their cyber resiliency and reduce risk.&nbsp; &nbsp;

Illumio

<p>Nyotron has turned the security paradigm upside down by focusing on the damage stage or the intended outcome behind the attack. Traditional as well as next-generation endpoint security technologies attempt to prevent attacker’s entry into the enterprise, whether at the perimeter or the endpoint, acting like gates that can be bypassed. We assume that given enough time targeted and unknown threats will bypass your existing security controls. Our engine has mapped legitimate operating system behavior, so when an attack attempts to delete, exfiltrate or encrypt files, we know the actions shouldn’t be allowed and stop the damage from executing.</p>
<p>
Founded in 2012, Nyotron is headquartered in Santa Clara, CA with R&amp;D in Israel. Nyotron has earned a top score of 5 stars from SC Magazine in its review of Endpoint Security Platforms, won GOLD in the 2017 IT World Awards for Endpoint Security and was designated as the 2017 HOT COMPANY in Endpoint Security by Cyber Defense Magazine.</p>

Nyotron

<p>SentinelOne, headquartered in Mountain View, California, is a provider of next-generation endpoint security, serving more than 2000 customers globally, including 3 of the Fortune 10. Leveraging a single autonomous agent architecture and cloud analytics platform – the SentinelOne solution enables customers to defend against the most advanced cyber threats, including malware, ransomware, and non-malware attacks. Deployed via the cloud, on premise or as a multi-tenant managed service, customers use SentinelOne to protect their servers, VDI, cloud and endpoint systems (including cross platform coverage for Windows, Windows legacy, macOS, and Linux), hunt threats, and replace legacy antivirus.  Visit <a href="https://www.sentinelone.com" target="_blank">sentinelone.com</a> to learn more.</p>

SentinelOne

<p>Tanium gives the world’s largest enterprises and government organizations the unique power to secure, control, and manage millions of endpoints across the enterprise within seconds. Serving as the “central nervous system” for enterprises, Tanium empowers security and IT operations teams to ask questions about the state of every endpoint across the enterprise in plain English, retrieve data on their current and historical state, and execute change as necessary, all within seconds. With the unprecedented speed, scale, and simplicity of Tanium, organizations now have complete and accurate information on the state of endpoints at all times to more effectively protect against modern day threats and realize new levels of efficiency in IT operations. Visit us at <a href="https://www.tanium.com" target="_blank">www.tanium.com</a> or follow us on Twitter at @Tanium.</p>

Tanium

<p>Can you trust the data and file content entering your organization? Votiro Cloud's Zero Trust open-API proactively disarms content of known, unknown, &amp; zero-day malware threats at scale without adding friction, interrupting user or application workflows, or impacting file fidelity. Votiro reduces work, alerts, &amp; risk for IT and security teams while enabling the seamless flow of safe files. </p><p>&nbsp;</p><p>Votiro’s market-leading Content Disarm and Reconstruction-as-a-Service (CDRaaS) sanitizes billions of files for global users and applications each year. Votiro is tool-agnostic, and provides virtually limitless auto-scale capabilities to handle any file throughput and the greatest span of file formats, preventing malicious files uploaded to web apps, portals, data management platforms, and cloud services.</p>

Votiro

<p>ZeroFox, the leader in external cybersecurity, provides enterprises external threat intelligence and protection to disrupt threats to brands, people, assets and data across the public attack surface in one, comprehensive platform. With complete global coverage across the surface, deep and dark web and an artificial intelligence-based analysis engine, the ZeroFox Platform identifies and remediates targeted phishing attacks, credential compromise, data exfiltration, brand hijacking, executive and location threats and more. The patented ZeroFox Platform technology processes and protects millions of posts, messages and accounts daily across the social and digital landscape, spanning LinkedIn, Facebook, Slack, Instagram, Pastebin, YouTube, mobile app stores, domains, cloud-based email and more.</p>

ZeroFox

Gold Sponsors

<p>Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.</p>

Armis

Cobalt’s Pen Testing as a Service (PTaaS) Platform transforms traditional pentesting into a data-driven vulnerability management engine. Fueled by a global talent pool of certified freelancers, our modern pentesting platform delivers actionable results that empowers agile teams to pinpoint, track, and remediate vulnerabilities.&nbsp;

Cobalt

<p>Code42 is the leader in data loss protection, visibility and recovery solutions. Native to the cloud, the Code42 Next-Gen Data Loss Protection solution rapidly detects insider threats, satisfies regulatory compliance requirements and speeds incident response — all without lengthy deployments, complex policy management or blocks on user collaboration. Security, IT and compliance professionals can protect endpoint and cloud data from loss, leak and theft while maintaining an open and collaborative culture for employees.</p>
<p>Founded in 2001, more than 50,000 organizations worldwide, including the most recognized brands in business and education, rely on Code42 to safeguard their ideas. The company is headquartered in Minneapolis, Minnesota, and backed by Accel Partners, JMI Equity, NEA and Split Rock Partners. For more information, visit code42.com, read Code42’s blog or follow the company on Twitter.</p>

Code42

<p> CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to protect against cyber threats before attacks can escalate and do irreparable damage. </p>

CyberArk

Deep Instinct is the first company to apply deep learning to cybersecurity. Deep learning is inspired by the brain’s ability to learn. Once a brain learns to identify an object, its identification becomes second nature. Similarly, as Deep Instinct’s artificial neural network brain learns to detect any type of cyber threat, its prediction capabilities become instinctive. As a result, any kind of malware, known and new, first-seen malware, zero-days, ransomware and APT attacks are predicted and prevented in real-time with unmatched accuracy.

Deep Instinct

<p>GuidePoint Security is an elite team of top certified cybersecurity experts. We help organizations minimize cyber gaps and vulnerabilities, understand the evolving threat landscape and optimize resources designed to create a safer, more secure cybersecurity ecosystem. Learn more at <a href="https://www.guidepointsecurity.com" target="blank">www.guidepointsecurity.com</a>.</p>

GuidePoint Security

Lastline’s Network Detection and Response platform detects and contains sophisticated threats before they disrupt your business, on premises and in the cloud.  We offer the industry’s MOST accurate detection, unmatched visibility into the attack chain and automated response to stop breaches. More than 20 million users turn to us for protection from cyber threats.

Lastline

<p>Malwarebytes business is protecting workplace productivity. We make it safe for your employees to connect from anywhere, using all the applications they need. Whether you’re a small business or a large enterprise, have an IT staff of one or a dedicated
    security team, Malwarebytes keeps your business moving. Our solutions support you with analytics-driven, multi-layer threat protection, industry-leading incident response, and endpoint security orchestration. It’s bold cybersecurity, built for
    people, by people who give a damn. We keep breaches from becoming catastrophes, avoiding operations downtime. We simplify and strengthen overall cybersecurity, so everyone—security professionals and employees alike—can focus on the important
    aspects of their work. Visit <a data-sf-ec-immutable="" target="_blank" href="http://malwarebytes.com">malwarebytes.com</a> to learn more.</p>

Malwarebytes

<p>NCC Group is a global expert in cyber security and risk mitigation, working with businesses to protect their brand, value and reputation against the ever-evolving threat landscape.</p>
<p>With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate &amp; respond to the risks they face.</p>
<p>We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.</p>
<p>Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide.</p>

NCC Group

<p>Tenable®, Inc. is the Cyber Exposure company. Over 24,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies.</p>

Tenable Inc.

Vectra® uses artificial intelligence to automate real-time cyber attack detection and response – from network users and IoT devices to data centers and the cloud. All internal traffic is continuously monitored to detect hidden attacks in progress. Detected threats are instantly correlated with host devices that are under attack and unique context shows where attackers are and what they are doing. Threats that pose the biggest risk to an organization are automatically scored and prioritized based on their severity and certainty, which, enables security operations teams to quickly focus their time and resources on preventing and mitigating loss.

Vectra

Silver Sponsors

Information Security Forum

This two-day Forum is designed for security practitioners to gain actionable technical solutions and leadership insights focused on current and emerging challenges. Network with peers to benchmark your information security practices and engage with IANS Faculty during interactive sessions.

2019 Atlanta

Information Security Forum

Who Should Attend?

Contact us at:

Contact us at:

Who Should Attend?