Loading…
ONLINE REGISTRATION IS NOW CLOSED. Please visit us on-site during registration hours next week to get a badge.

About the CONNECT Conference:                                                        

Today’s threat landscape is broad and sophisticated, and the consequences for failing to adequately protect against threats and respond appropriately when an attack is underway are far reaching. SecureAuth and Core Security deliver to enterprise-class organizations a discover, secure & protect, and respond capability that is only possible with vulnerability, endpoint, and network security fused with a strong identity protection framework.

Identity-based security automation is a new category that reflects the challenges of a silo’ed approach to enterprise security. Automation in the security operations center (SOC) is the inevitable result of increasingly sophisticated technologies and automation is only possible when false positive and negative results are minimal and the response action is precise and coordinated to minimize restrictions on legitimate access to enterprise resources.

SecureAuth and Core Security customers attending the CONNECT event will hear from company leaders, respected speakers, and industry peers on this new approach to the threat landscape. Product sessions will dive into details on current and future products, and research team members will be available to discuss new technologies. 

REGISTER TODAY

View analytic

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Monday, October 16
 

11:00am

Registration
Monday October 16, 2017 11:00am - 1:00pm
Ellington Ballroom Pre-Function Area
 
Tuesday, October 17
 

7:00am

Breakfast
Tuesday October 17, 2017 7:00am - 8:00am
Overlook East

7:00am

Registration
Tuesday October 17, 2017 7:00am - 4:00pm
Ellington Ballroom Pre-Function Area

8:00am

Welcome to CONNECT

You are CONNECT! The shared vision from Core Security and SecureAuth is a starting point for a better future. It starts now, with you. Over the next two days you will have an opportunity to learn how to break down the silos in your security strategy, and minimize the gaps where attackers thrive. With a strong identity layer as a foundation for endpoint and network security, visibility leads to prioritization and a real-time response.


Speakers
avatar for Jeff Kukowski

Jeff Kukowski

CEO, SecureAuth + Core Security
Jeff Kukowski is the Chief Executive Officer at SecureAuth and Core Security. Having established SecureAuth as the vanguard in next-generation identity security, Kukowski will continue to drive the strategy and momentum of the combined companies of SecureAuth and Core Security. Kukowski comes most recently from TASER International, where, as COO, he led growth in revenues from $90m to $165M while building the SaaS digital evidence management business from startup to $55m in ARR in three... Read More →


Tuesday October 17, 2017 8:00am - 8:30am
Ellington Salon D

8:30am

How We Got Here and Where We’re Going

Did you ever wonder how we arrived at a point where cybersecurity incidents are at an all-time high despite almost $100B of enterprise spending on the problem? Keith Graham, CTO, is driven by this problem and will share a brief history of cybersecurity as a precursor to a prediction about where it is going. Understanding the evolution of attacks and attackers is critical to framing the future state, Keith’s history as a pioneer in this industry enables him to look back while looking forward.


Speakers
avatar for Keith Graham

Keith Graham

CTO, SecureAuth
Keith Graham is the Chief Technology Officer at SecureAuth and Core Security. With 17 years in security, product management, product development and consulting, Graham is recognized as an industry leader in developing adaptive identity security and access control solutions. Before joining SecureAuth in 2014, Graham was the Senior Product Manager at Mandiant and managed the Mandiant for Intelligent Response (MIR) product, where he focused primarily on endpoint forensics. Following the acquisition of Mandiant by FireEye, Graham shifted to be the Principle Product Manager in charge of integration of the Mandiant product... Read More →


Tuesday October 17, 2017 8:30am - 9:00am
Ellington Salon D

9:00am

Product Vision
Speakers
avatar for Stephen Newman

Stephen Newman

SVP Products, Core Security & SecureAuth
Stephen Newman brings over 17 years of technology innovation and leadership to Core Security. He has designed products and product strategies for leading, innovative technologies throughout his career. Most recently as a CTO at Damballa, Stephen’s team successfully built upon the... Read More →


Tuesday October 17, 2017 9:00am - 9:30am
Ellington Salon D

9:30am

The Current Threat Environment

Tim Callahan, SVP and Global Chief Security Officer at Aflac, will review the current threat environment and how Aflac is deploying programs and systems to protect, detect and respond.


Speakers
avatar for Tim Callahan

Tim Callahan

CISO, Aflac
Tim joined Aflac in April 2014 and is responsible for the Aflac Global Security Program, which includes technology risk management, physical asset protection, the information security program, threat and vulnerability management, cybersecurity operations, information technology compliance, security engineering, crisis management, business resiliency and disaster recovery. He is responsible for the protection and availability of the information assets for the... Read More →


Tuesday October 17, 2017 9:30am - 10:00am
Ellington Salon D

10:00am

Break
Tuesday October 17, 2017 10:00am - 10:30am
Ellington Ballroom Pre-Function Area

10:30am

Customer Case Study: Mercy Health – An Upgrade Story

Managing Identity in a healthcare environment requires many jumps, through many hoops.  Therefore, the Identity and Access Management (IAM) solution implemented in such an environment is rife with customizations to make the IAM solution hum.  Now, stare down the barrel of the upgrade gun, and imagine the panic that sets in! 

Mercy Health engaged in an upgrade of their Core Security Access Assurance Suite with a well thought out plan of attack……  Which of course went without a hitch, right? 

This session will endeavor to share the Mercy Health upgrade story from AAS version 8.1 to 8.4, while providing some of the pain points they encountered.


Speakers
avatar for Penny Vanlerberg

Penny Vanlerberg

IAM Engineer III, Mercy Health
Penny Vanlerberg is a 5+ year veteran of Identity and Access Management (IAM) implementation and support.  With experience in Single Sign On, user provisioning, and IAM development, Penny has developed a rich supply of stories that encompass all aspects of IAM in a healthcare... Read More →


Tuesday October 17, 2017 10:30am - 11:00am
Ellington Salon D

11:00am

Customer Case Study: Bright Horizons

Bright Horizons, a leading early education provider, needed to secure access to its portal which is utilized by over 250,000 families.  Bright Horizons CISO Javed Ikbal will share how his organization used SecureAuth risk-based authentication to secure third-party access to their portal to detect the use of compromised credentials while providing a smooth user experience for their clients. 


Speakers
avatar for Javed Ikbal

Javed Ikbal

CISO, Bright Horizons
Javed Ikbal is the CISO at Bright Horizons, an early education and childcare company. His specialty is being the first CISO at organizations and building or re-engineering the information security program. He is also an adjunct professor of Information Security at Brandeis... Read More →


Tuesday October 17, 2017 11:00am - 11:30am
Ellington Salon D

11:30am

Lunch
Tuesday October 17, 2017 11:30am - 12:30pm
Overlook East

12:30pm

Identity Security Roadmap
Director of Product Management, Rich Gibsen will provide an overview of the SecureAuth's identity security roadmap. This is your opportunity to provide feedback and share the future of the product! 

Speakers
avatar for Rich Gibsen

Rich Gibsen

Director Product Management, SecureAuth
Rich Gibsen is a product management expert with over 20 years in the software industry, including 15 years of experience leading product management teams in designing and developing premise and cloud-based software for retail, healthcare and public sector market segments. Rich combines his unique experience in leading professional services and product management teams in technology companies... Read More →


Tuesday October 17, 2017 12:30pm - 1:15pm
Piedmont

12:30pm

Security Consulting Services - Which Is The Best Option For Me?
Vulnerability Assessments, Penetration Tests and Red Teaming – Do you know what these tactics are all about? In this session, we will present our understanding of these practices in terms of when to apply them and what to expect. Nowadays, organizations run on top of hundreds, if not thousands, of Information Technology assets with some of them on premise and others cloud based. Having control over all of this is a challenging task. Based on our extensive experience with securing our customers, I will show what real findings and attack trends look like while hopefully, shedding some light on how to be prepared to resist current attacks.

Speakers
DS

Diego Sor

SCS Director, Core Security


Tuesday October 17, 2017 12:30pm - 1:15pm
Ellington Salon B

12:30pm

Identity Governance Roadmap
Speakers
avatar for Michael Marks

Michael Marks

Product Manager - Identity, Core Security
Michael Marks is the Product Manager for the Identity products at Core Security. Prior to joining Core, he was the Identity and Access Management Architect at Coca-Cola Enterprises and a consultant in the IT Security and GRC practice with one of the Big 4. He recently received his MBA, and is trying to figure out what to do with his newly found free time. He enjoys running and golf, though... Read More →


Tuesday October 17, 2017 12:30pm - 2:00pm
Ellington Salon A

12:30pm

Vulnerability Roadmap
Speakers
avatar for Chris Scheels

Chris Scheels

Product Management, Core Security
Chris has been aligning people, process and technology to drive companies forward for over 15 years.  He has experience in product management, marketing and IT with an emphasis on technology. His passion is helping businesses succeed through the strategic and effective use of tec... Read More →


Tuesday October 17, 2017 12:30pm - 2:00pm
Ellington Salon C

1:15pm

Modern Authentication: Turn a Losing Battle into a Winning Strategy

Passwords, multi-factor authentication, knowledge-based questions/answers, and hard tokens are based on technologies that are now 20 years old. With organizations losing the battle against cyber attacks, it’s clearly time to move beyond these legacy technologies and adopt a modern approach in which awareness and flexibility are king.  Authentication must adapt based on the level of risk, so that it can deliver strong security yet be invisible to users most of the time.

Achieving that balance of strong security and appropriate user friction is the basis for modern authentication. This session will explore what modern authentication is and why using it across all users, devices, and services is vital to turning a losing battle into a winning strategy to stop cyber attacks.


Speakers
avatar for Robert Block

Robert Block

SVP Identity Strategy, SecureAuth
As a Senior Vice President of Identity Strategy at SecureAuth, Robert Block is responsible for executing on SecureAuth’s strategic vision of preventing the misuse of stolen credentials. Considered a thought leader in IAM with numerous focus areas, Robert will interact with custo... Read More →


Tuesday October 17, 2017 1:15pm - 2:00pm
Piedmont

1:15pm

The Wrong Kind of DevOps Talk
DevOps seems to be where all the cool kids in IT are hanging out these days. While not all of us get to work in DevOps shops, we can steal some of the toolset to up our game for lab and skills development purposes. In this talk, you'll not only learn about DevOps-y tools like packer, vagrant and ansible - but how you can use them to make it easier to build and share lab environments for testing, training and more.

Speakers
avatar for Bobby Kuzma

Bobby Kuzma

Security Researcher and Evangelist, Core Security
Bobby Kuzma is a security geek and retired IT consultant who accidentally acquired a CISSP at the tender age of 22. If it processes data, he’s probably tried to make it do bad things. He teaches, mentors, and explores (and occasionally explodes) technology. Four out of five cowor... Read More →


Tuesday October 17, 2017 1:15pm - 2:00pm
Ellington Salon B

2:00pm

Break
Tuesday October 17, 2017 2:00pm - 2:30pm
Ellington Ballroom Pre-Function Area

2:30pm

No More Silos: Connected Security

In 2016 alone, over 4000 cyber attacks were reported globally – with many more never reported or even detected. Enterprises deploy security point solutions in the hopes of stopping a data breach, while savvy attackers work to exploit the whitespace between them. This session will explore how a connected approach to security, one where vendors are joining forces to specifically address the data breach problem, will eliminate the silos that make it possible for breaches to happen. 


Speakers
avatar for Mike Desai

Mike Desai

SVP Corporate Development, SecureAuth
avatar for Ryan Rowcliffe

Ryan Rowcliffe

Manager, Solutions Architecture, SecureAuth
Ryan Rowcliffe is SecureAuth's Manager, Solution Architecture with a passionate focus on challenging the industry norm. His 16 years of experience span across IT operations, consulting, and solution architecture with a concentration on application performance management and deliv... Read More →


Tuesday October 17, 2017 2:30pm - 3:00pm
Piedmont

2:30pm

Data Access Governance: Foundations, Roadmap and Case Studies
ABSTRACT:
Understanding every time someone exports data to Excel they create risk for that information, means you know the need for Data Access Governance (DAG). We will cover the challenge unstructured data poses, the foundations of securing, monitoring, and governing access to that data, and walk through how some other organizations have succeeded in controlling their risks. You will gain the insight to start asking the right questions about how your organization is approaching DAG today, and how it may need to change that approach to meet security and compliance goals in the future.

Speakers
avatar for Jonathan Sander

Jonathan Sander

CTO, STEALTHbits


Tuesday October 17, 2017 2:30pm - 3:15pm
Ellington Salon B

2:30pm

Impact Roadmap
Speakers
avatar for Jesse Irvin

Jesse Irvin

Product Manager, Core Security
Jesse is a security professional with a background in Vulnerability Management and Assessments. He came to Core Security as the Product Manager for the Core Impact Penetration testing solution and is passionate about working with and delivering fantastic products that not only ge... Read More →


Tuesday October 17, 2017 2:30pm - 4:00pm
Ellington Salon C

2:30pm

Network Insight Roadmap
Speakers
avatar for Chris Scheels

Chris Scheels

Product Management, Core Security
Chris has been aligning people, process and technology to drive companies forward for over 15 years.  He has experience in product management, marketing and IT with an emphasis on technology. His passion is helping businesses succeed through the strategic and effective use of tec... Read More →


Tuesday October 17, 2017 2:30pm - 4:00pm
Ellington Salon A

3:00pm

SecureAuth Customer Roundtable
This PowerPoint-free session will allow customers to provide input on the actual challenges they are facing, what they would like to see from SecureAuth and Core Security from a portfolio perspective and what the future of identity, endpoint and network security coming together might mean to you.  Did we have you at "PowerPoint-free"?
 

Moderators
avatar for Robert Block

Robert Block

SVP Identity Strategy, SecureAuth
As a Senior Vice President of Identity Strategy at SecureAuth, Robert Block is responsible for executing on SecureAuth’s strategic vision of preventing the misuse of stolen credentials. Considered a thought leader in IAM with numerous focus areas, Robert will interact with custo... Read More →
avatar for Mike Desai

Mike Desai

SVP Corporate Development, SecureAuth

Tuesday October 17, 2017 3:00pm - 3:30pm
Piedmont

3:15pm

An Identity Evolution - IAM Eastman!

Eastman started its identity journey in 2013 when they looked to acquire an Identity Management (IDM) solution that ended with the purchase of Courion (Core Security).

The first objective was to replace an existing password synchronization product, roll out self-service password reset, and eliminate PII access from the Global Help Desk. 

Phase 2 was geared toward automation; onboarding and off-boarding of users.  In addition, Eastman set out to establish an authoritative source for third parties using SecZetta’s NE Profile solution. By implementing an authoritative source built for third parties, Eastman aimed to bring the same automation to third party, non-employees.

In this session, you will hear Eastman highlight the information collection processes, adoption techniques, result tracking, lessons learned, and future aspirations. 


Speakers
avatar for Justin Matthews

Justin Matthews

Security Analyst, Eastman Chemical
Justin Matthews has worked in the Security field at Eastman for the past 3 and half years.  He started off working on endpoint security, and quickly transitioned to identity and access management (IDM).  Justin transitioned to become the lead technical analyst on IDM in late... Read More →


Tuesday October 17, 2017 3:15pm - 4:00pm
Ellington Salon B

4:00pm

Brian Krebs Keynote
The infamous Krebs on Security author will join us for our first feature keynote. Known often for being the first to break security news, Krebs will dive into current security trends and what he sees shaping up for the future. This session will give you ideas and actions to take to make your security better in 2017. 

Speakers
avatar for Brian Krebs

Brian Krebs

Investigative Reporter, www.krebsonsecurity.com
Brian Krebs worked as a reporter for The Washington Post from 1995 to 2009, authoring more than 1,300 blog posts for the Security Fix blog, as well as hundreds of stories for washingtonpost.com and The Washington Post newspaper, including eight front-page stories in the dead-tree edition and a Post Magazine cover piece on botnet operators. In 2014... Read More →


Tuesday October 17, 2017 4:00pm - 5:00pm
Ellington Salon D

5:00pm

 
Wednesday, October 18
 

7:30am

Breakfast
Wednesday October 18, 2017 7:30am - 9:00am
Overlook East

7:30am

Registration
Wednesday October 18, 2017 7:30am - 3:00pm
Ellington Ballroom Pre-Function Area

9:00am

Housekeeping & Announcements
Speakers
avatar for Jeff Kukowski

Jeff Kukowski

CEO, SecureAuth + Core Security
Jeff Kukowski is the Chief Executive Officer at SecureAuth and Core Security. Having established SecureAuth as the vanguard in next-generation identity security, Kukowski will continue to drive the strategy and momentum of the combined companies of SecureAuth and Core Security. Kukowski comes most recently from TASER International, where, as COO, he led growth in revenues from $90m to $165M while building the SaaS digital evidence management business from startup to $55m in ARR in three... Read More →


Wednesday October 18, 2017 9:00am - 9:15am
Ellington Salon D

9:15am

CISO Panel
Speakers
avatar for Chris

Chris "Sully" Sullivan

CISO/CTO, Core Security
Chris Sullivan oversees all aspects of Core’s security principals, strategy and posture, and the overall technology strategy across business lines and partnerships. In addition, Chris helps drive CoreLabs, a center for cyber security research and innovation, which maximizes collaboration between developers and cyber defenders across all security... Read More →


Wednesday October 18, 2017 9:15am - 10:15am
Ellington Salon D

10:15am

Break
Wednesday October 18, 2017 10:15am - 10:45am
Ellington Ballroom Pre-Function Area

10:45am

Vulnerability Insight Case Study: Why and How to Leverage Technology for Continues Audit

Audit has been historically been an intensely manual process but real and regularity risk requirements demand more accurate and more frequent validations – even continuously.

This talk will examine why to use these tool and how to operationalize them.

Speakers
avatar for Jerry Chan

Jerry Chan

Head of Global Cyber Security Audit, BNYMellon
Jerry Chan is the Global Vice President of Cyber Security Audit for BNY Mellon. In this role Jerry has established a leading Cyber Security audit practice that is innovative and first-in-class in the financial industry which also has been recognized as leading-edge by regulators. ... Read More →


Wednesday October 18, 2017 10:45am - 11:15am
Ellington Salon D

11:15am

What is SecureAuth and CoreLabs?

The combination of SecureAuth and Core Security is not only exciting from the products we bring together, but also because of the Advanced Security Research that we are working on and bringing together as well. In this panel discussion, you will get a better understanding of what we do in SecureAuth and CoreLabs and specifically the research we conduct around Network Security, Threat Landscape, Vulnerability and Exploit Research, Data Science, and Endpoint Research. The panelists will discuss their areas of expertise along with interesting problems that they are looking to solve through their research. In addition, this panel will also discuss the formal research process that we undertake and provide customers insight into how we go about doing research. Finally, we will investigate the anatomy of recent high profile breaches and they cut across the different areas of security and how we can bring integrative research methods together to better understand how to think like attackers and model adversary behavior. 


Moderators
avatar for Chris

Chris "Sully" Sullivan

CISO/CTO, Core Security
Chris Sullivan oversees all aspects of Core’s security principals, strategy and posture, and the overall technology strategy across business lines and partnerships. In addition, Chris helps drive CoreLabs, a center for cyber security research and innovation, which maximizes collaboration between developers and cyber defenders across all security... Read More →

Speakers
avatar for Willis McDonald

Willis McDonald

Threat Research Manager, Core Security
avatar for David Ross

David Ross

VP Research, SecureAuth
David Ross is VP of Research at SecureAuth, bringing over 20 years of experience in computer security, with expertise ranging from red team operations to incident response and intrusion detection to enterprise software development. Prior to joining SecureAuth, Ross served as a software architect at FireEye/Mandiant and was the progenitor of the OpenIOC Framework. His early work at Mandiant revolutionized endpoint compromise detection methods. Ross served in the U.S. Navy and was instrumental in the development of the... Read More →
avatar for Alberto Soliño Testa

Alberto Soliño Testa

Research Director, Core Security
Alberto Soliño is the Director of Research at Core Security where he is responsible for Core's innovation initiatives, including attack research, security advisories, conference publications and knowledge transfer. During his 20 years at the company Soliño has worked as PM for Core Impact, defining the products technical requirements. On the services side, as the director of consulting services... Read More →


Wednesday October 18, 2017 11:15am - 11:45am
Ellington Salon D

11:45am

Lunch
Wednesday October 18, 2017 11:45am - 1:00pm
Overlook East

1:00pm

Best Practices for Adaptive Authentication
The SecureAuth adaptive engine is a powerful platform for preventing the misuse of credentials -  but are you are getting the most out of it? In this session, Ryan Rowcliffe will walk through some of key capabilities of the adaptive engine and best practices for leveraging them - including phone fraud prevention, threat service, device recognition and more. We will also talk about some of the most common use cases, including protecting remote access or cloud-based apps, like Office 365. We'll conclude with a discussion around how these adaptive features put you on the path removing your dependency on the password.

Speakers
avatar for Ryan Rowcliffe

Ryan Rowcliffe

Manager, Solutions Architecture, SecureAuth
Ryan Rowcliffe is SecureAuth's Manager, Solution Architecture with a passionate focus on challenging the industry norm. His 16 years of experience span across IT operations, consulting, and solution architecture with a concentration on application performance management and deliv... Read More →


Wednesday October 18, 2017 1:00pm - 1:45pm
Piedmont

1:00pm

Access Assurance Suite Tips & Tricks
Everyone loves a good tip, like using toothpaste to clear up hazy car headlights.  In this session, Identity users will learn from the master, our lead architect, Lisa Lombardo, as she goes through tips and tricks to make sure you’re getting the most out of your IAM deployment. Come with your questions about Core Access, Core Compliance and Core Password.

Speakers
avatar for Lisa Lombardo

Lisa Lombardo

Principal Architect Identity Products, Core Security
Hello. | My name is Lisa Lombardo and I have been with Core Security (and earlier Courion) for 21 years with responsibilities in the product and support areas. I have lived, breathed, bled, sweated, cried, laughed, and existed in the Identity and Access Management world for... Read More →


Wednesday October 18, 2017 1:00pm - 1:45pm
Ellington Salon D

1:00pm

Core Impact Tips & Tricks
Everyone loves a good tip, like turning on your seat warmer to keep a pizza hot while driving home. In this session an experienced pen-tester will walk users though cool features and unique ways to use Core Impact during testing, such as demonstrating how to set up DNS channels for agent communications, downloading and running PowerShell scripts even when compromised devices do not have internet connectivity, how to utilize the agentless WMI testing capabilities to make your tests even more stealthy, and much, MUCH more! Come to this session and learn how to continue advancing your pen-testing by utilizing the full functionality of Core Impact.

Speakers
avatar for Martin Gallo

Martin Gallo

Product Owner, Core Security
Martin is a security professional with more than 10 years of work experience. After a few years in the IT consulting business at one of the big four, he moved to Core Security to take up the challenge of specializing in penetration testing, code reviews and vulnerability hunting... Read More →


Wednesday October 18, 2017 1:00pm - 1:45pm
Ellington Salon B

1:00pm

Network Insight--How To Assess Findings--Tier 1 SOC Triage

Speed to respond is critical in fighting cyber threats and cyberattacks. Learning how to quickly assess findings leads to faster response and containment. As users get familiar with the Network Insight, formerly Failsafe, user console and how to read results, quick decisions can be made as to next steps to response. In this session, we will cover how to quickly assess findings in the GUI directly or when pivoting from a SIEM or ITSM in response to a case – including top dashboard widgets for quickly drilling down on pre-filtered lists of assets. This session will cover asset filtering methods to highlight what things are important to each organization. Most importantly you will learn how to drill down on individual assets, what to look for and which sections can quickly decide on next steps. 


Speakers
MG

Mark Gilbert

Threat Researcher, Core Security
avatar for Chris Scheels

Chris Scheels

Product Management, Core Security
Chris has been aligning people, process and technology to drive companies forward for over 15 years.  He has experience in product management, marketing and IT with an emphasis on technology. His passion is helping businesses succeed through the strategic and effective use of tec... Read More →


Wednesday October 18, 2017 1:00pm - 1:45pm
Ellington Salon A

1:00pm

How to Defeat the Vulnerability Hydra
Vulnerability Management is like a Hydra, chop off one head and two more grow back. It is impossible to keep up. How do you prioritize? How can you get ahead? Maybe “ahead” is too ambitious - but what about drastically reducing risk? One way to make an impact is with attack path mapping. Allowing VM teams to quickly identify the weak device in the chain on how an attacker could move laterally to the so called “Crown Jewels.” In this session, users will learn the best practices on how to ingest router and firewall data for better attack path mapping and how to quickly break the chain in the attack path, allowing you to sever the head of the Hydra. 

Speakers
avatar for Andy Nickel

Andy Nickel

Sales Engineer, Core Security


Wednesday October 18, 2017 1:00pm - 1:45pm
Ellington Salon C

1:45pm

Best Practices for Portal Protection
It's an age-old dilemma: security versus user experience. Traditionally, hardening security adds to the burden on users — they have to authenticate more often or supply additional factors. But many organizations prefer to err on side of the user experience, especially when it comes to protecting portals. 

In this session, Sr. Solutions Engineer Jeff Hickman will share how you can get the best of both worlds – the strong security you need to stay ahead of threats, with the seamless portal experience your users want. Jeff will provide a live demonstration of SecureAuth's portal security solution using RESTful APIs and give you the opportunity to try it for yourself. 

Speakers
avatar for Jeff Hickman

Jeff Hickman

Sr. Solution Engineer, SecureAuth


Wednesday October 18, 2017 1:45pm - 2:30pm
Piedmont

1:45pm

Core Connector API Demo
Did you know that we released a new way to integrate Core Access with your target systems without a custom connector? Did you know it’s free? Join us to learn about how to use the Core Connector API to tie into your web-services or API enabled target systems.

Speakers
avatar for Michael Marks

Michael Marks

Product Manager - Identity, Core Security
Michael Marks is the Product Manager for the Identity products at Core Security. Prior to joining Core, he was the Identity and Access Management Architect at Coca-Cola Enterprises and a consultant in the IT Security and GRC practice with one of the Big 4. He recently received his MBA, and is trying to figure out what to do with his newly found free time. He enjoys running and golf, though... Read More →


Wednesday October 18, 2017 1:45pm - 2:30pm
Ellington Salon D

1:45pm

Storytime with Core Impact
Let’s write a story, not a short story or a novel, but a “Product” User Story related to Impact. Grammar not your strong suit? No worries, an easy template will be provided, just fill in the blanks. It’s kind of like Mad Libs but with the purpose of creating a new product feature, and maybe a few laughs in the process. In this hands on session, users will be separated into small groups. Groups will select one of three new product features or they can develop their own. Using a simple template, groups will create a user story for this feature on how they would want it to work and the purpose of the feature. User Stories are used by Product Management to convey a feature idea to the developers so they understand the end goal of the design. Please join us to create a new Impact User Story.

Speakers
avatar for Jesse Irvin

Jesse Irvin

Product Manager, Core Security
Jesse is a security professional with a background in Vulnerability Management and Assessments. He came to Core Security as the Product Manager for the Core Impact Penetration testing solution and is passionate about working with and delivering fantastic products that not only ge... Read More →


Wednesday October 18, 2017 1:45pm - 2:30pm
Ellington Salon B

1:45pm

Hands on with Network Insight Roadmap

Ever dream of a career in product management? Get hands on experience in stack ranking the real features that you want to see in the product. In this feedback session, users will be broken into two groups and asked to prioritize a selected group of features based on group decided criteria. The groups will then present and discuss which features ranked where and why. This will be a fun and interactive session for users to provide direct input on upcoming features in Network Insight. 


Speakers
avatar for Chris Scheels

Chris Scheels

Product Management, Core Security
Chris has been aligning people, process and technology to drive companies forward for over 15 years.  He has experience in product management, marketing and IT with an emphasis on technology. His passion is helping businesses succeed through the strategic and effective use of tec... Read More →


Wednesday October 18, 2017 1:45pm - 2:30pm
Ellington Salon A

1:45pm

Vulnerability Insight Tips & Tricks
Everyone loves a good tip, like using a stick of spaghetti to light a hard to reach candle wick or using Doritos to start a fire. In this session VI users will learn the top tips and tricks for both the GUI and configurations. Along with ingesting router data and using it for attack path identification, users will learn how to quickly use the existing Attack Strategy to first prioritize any immediate critical vulnerabilities, how to setup campaigns for critical assets and tips for report usage and customization. There will also be time for users to share their favorite tips with other attendees. The more we all share, the more value everyone can get from the tool.

Speakers
avatar for Magno Gomes

Magno Gomes

SE Manager, Core Security


Wednesday October 18, 2017 1:45pm - 2:30pm
Ellington Salon C

2:30pm

Break
Wednesday October 18, 2017 2:30pm - 3:00pm
Ellington Ballroom Pre-Function Area

3:00pm

It’s (Past) Time To Put Identity At The Core Of Your Security Strategy

It’s no secret that approaches to identity and access management (IAM) have evolved rapidly over the last several years to meet the changes in how companies transact business and the rapidly growing threat of a breach. During this session, Aubrey Turner, Director of Strategic Services – IAM Optiv, wiil explain why it is increasingly more important than ever to put identity at the core of your security strategy and how to achieve success by leveraging existing cyber security assets.


Speakers
avatar for Aubrey Turner

Aubrey Turner

Director, Strategic Services - IAM, Optiv
Aubrey Turner has more than 11 years of information security and business risk management experience. Prior to joining Optiv, Aubrey delivered security, privacy, and technology risk consulting as a manager in the Security and Privacy Services practice of a Big Four consulting firm. Aubrey has directed large scale strategic information security consulting projects. His experience includes leading enterprise security gap analysis; IT risk and control assessments; privacy impact assessments; data classification; complex application systems segregation of duties analysis across multi-platform environments; vulnerability and penetration testing; business impact analysis for enterprise business continuity planning; and disaster/business recovery plan... Read More →


Wednesday October 18, 2017 3:00pm - 3:45pm
Piedmont

3:00pm

Introducing Core Role Designer

Come meet the newest member of the Core Security product family – Core Role Designer. Our visual-first, analytics driven approach to designing roles will help you understand the relationship between people and what they have access to. You’ll not only be able to create the best roles possible, you’ll also discover rogue access and underprovisioned accounts in your organization. Step up your role game with Core Role Designer.


Speakers
avatar for Michael Marks

Michael Marks

Product Manager - Identity, Core Security
Michael Marks is the Product Manager for the Identity products at Core Security. Prior to joining Core, he was the Identity and Access Management Architect at Coca-Cola Enterprises and a consultant in the IT Security and GRC practice with one of the Big 4. He recently received his MBA, and is trying to figure out what to do with his newly found free time. He enjoys running and golf, though... Read More →


Wednesday October 18, 2017 3:00pm - 3:45pm
Ellington Salon D

3:00pm

Threat Dissection

Anatomy 101 of how and what threats actually do in your network.  In this session we will pick a well-known threat and go through the cycle of how actors behave and how security teams can deter, detect, respond and validate using Core Security products. 


Speakers
avatar for Alberto Soliño Testa

Alberto Soliño Testa

Research Director, Core Security
Alberto Soliño is the Director of Research at Core Security where he is responsible for Core's innovation initiatives, including attack research, security advisories, conference publications and knowledge transfer. During his 20 years at the company Soliño has worked as PM for Core Impact, defining the products technical requirements. On the services side, as the director of consulting services... Read More →


Wednesday October 18, 2017 3:00pm - 3:45pm
Ellington Salon B

3:00pm

Understanding Network Insight Integrations to Automate Containment and Kick Start Response
Whether it’s the revered single plane of glass view in a SIEM or building an auto containment workflow for compromised devices, Network Insight admins can use built-in integrators to take action quickly or build their own with the API. With SIEM for instance, what if the view is wrong or incomplete? This can cause the response teams to spend invaluable time looking and or chasing the wrong things. It’s critical to understand how to ingest the NI outputs into your SIEM to keep things flowing smoothly. In this session we will cover the two different types of feeds and ideas on how to best incorporate them into your SIEM workflow. This session will help responders understand the Network Insight SIEM output so they can quickly understand the output and how to build SIEM workflows and dashboards to get optimal results.  Also covered will be use cases for Next Generation Firewall (NGFW), Network Access Control (NAC) and Proxy integrations.

Speakers
avatar for Stephen Newman

Stephen Newman

SVP Products, Core Security & SecureAuth
Stephen Newman brings over 17 years of technology innovation and leadership to Core Security. He has designed products and product strategies for leading, innovative technologies throughout his career. Most recently as a CTO at Damballa, Stephen’s team successfully built upon the... Read More →


Wednesday October 18, 2017 3:00pm - 3:45pm
Ellington Salon A

3:00pm

Vulnerability Roadmap Stack Ranking
Ever dream of a career in product management? Get a hands on experience in stack ranking the real features that you want to see in the product! In this feedback session, users will be broken into two groups and prioritize a selected group of features based on group decided criteria. The groups will then present and discuss which features ranked where and why. This will be a fun and interactive session for users to provide direct input on upcoming features in Vulnerability Insight. 

Speakers
avatar for Chris Scheels

Chris Scheels

Product Management, Core Security
Chris has been aligning people, process and technology to drive companies forward for over 15 years.  He has experience in product management, marketing and IT with an emphasis on technology. His passion is helping businesses succeed through the strategic and effective use of tec... Read More →


Wednesday October 18, 2017 3:00pm - 3:45pm
Ellington Salon C

3:45pm

In It Together: Customer Success
Speakers
avatar for Rohit Khanna

Rohit Khanna

CCO, SecureAuth
Rohit Khanna, Senior Vice President of Customer Success at SecureAuth and Core Security, has more than two decades of experience in security, business to business integration and infrastructure management solutions. He is a results-driven leader with a successful track record in solving customer challenges through technological innovation. At SecureAuth, he has guided the business vision in delivering the best possible user experience while maximizing... Read More →


Wednesday October 18, 2017 3:45pm - 4:15pm
Piedmont

3:45pm

Identity Governance Roadmap Feedback
Make your mark on the future of IAM! Join Michael Marks, Core Security’s Product Manager for Identity, and tell him what you want to see in the next releases of Core Security’s identity products.

Speakers
avatar for Michael Marks

Michael Marks

Product Manager - Identity, Core Security
Michael Marks is the Product Manager for the Identity products at Core Security. Prior to joining Core, he was the Identity and Access Management Architect at Coca-Cola Enterprises and a consultant in the IT Security and GRC practice with one of the Big 4. He recently received his MBA, and is trying to figure out what to do with his newly found free time. He enjoys running and golf, though... Read More →


Wednesday October 18, 2017 3:45pm - 4:15pm
Ellington Salon D

3:45pm

Core Impact Roadmap Feedback
Make your mark on the future of Impact! Join Jesse Irvin, Core Security’s Product Manager for Core Impact, and tell him what you want to see in the next releases of Core Security’s penetration testing products.

Speakers
avatar for Jesse Irvin

Jesse Irvin

Product Manager, Core Security
Jesse is a security professional with a background in Vulnerability Management and Assessments. He came to Core Security as the Product Manager for the Core Impact Penetration testing solution and is passionate about working with and delivering fantastic products that not only ge... Read More →


Wednesday October 18, 2017 3:45pm - 4:15pm
Ellington Salon B

3:45pm

The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Threat Research Team

How do you separate the good from the bad actors? Put on your white hat as we go on an adventure to separate the wheat from the chaff; or the good from the bad and not so bad. Join us for a chance to learn from our Threat Research team and how they track and expose threat operators and build that intelligence into Network Insight. Not only that, but discover the different ways our Threat Research team is able to apply their findings. This will be an insightful session for anyone interested in learning more about a day in the life of a threat researcher.


Speakers
avatar for Willis McDonald

Willis McDonald

Threat Research Manager, Core Security


Wednesday October 18, 2017 3:45pm - 4:15pm
Ellington Salon A

3:45pm

Back to the Future - What Keeps You Up at Night? What Else Could We Solve?

The Jetson’s had numerous push-button Space Age-envisioned conveniences that are finally becoming a reality with self-driving cars, IoT and NEST® technology. But with cool tech comes more vulnerabilities and a wider attack surface. What keeps you up at night when you imagine what the future will hold for Vulnerability Management? In this feedback session users will get to share their fears, future predictions and what their dream features are “If Only…” Join us and build the future of VM. 


Speakers
avatar for Chris Scheels

Chris Scheels

Product Management, Core Security
Chris has been aligning people, process and technology to drive companies forward for over 15 years.  He has experience in product management, marketing and IT with an emphasis on technology. His passion is helping businesses succeed through the strategic and effective use of tec... Read More →


Wednesday October 18, 2017 3:45pm - 4:15pm
Ellington Salon C

4:15pm

Keynote:Guest Forrester Analyst Joseph Blankenship

Joseph Blankenship is a leading security industry ­veteran and currently a senior analyst at Forrester serving security and risk professionals. In this session he will examine how analytics and automation are combining to transform security operations. Specifically, he will address how combating threats and keeping pace with change requires security technologies to work together and security leaders to embrace automation.


Speakers
avatar for Joseph Blankenship

Joseph Blankenship

Senior Analyst, Forrester
Joseph supports Security & Risk professionals, helping clients develop security strategies and make informed decisions to protect against risk. He covers security infrastructure and operations, including security information and event management (SIEM), security analytics, securi... Read More →


Wednesday October 18, 2017 4:15pm - 5:00pm
Ellington Salon D

5:00pm

Closing Remarks & Final Announcements
Speakers
avatar for Chris

Chris "Sully" Sullivan

CISO/CTO, Core Security
Chris Sullivan oversees all aspects of Core’s security principals, strategy and posture, and the overall technology strategy across business lines and partnerships. In addition, Chris helps drive CoreLabs, a center for cyber security research and innovation, which maximizes collaboration between developers and cyber defenders across all security... Read More →


Wednesday October 18, 2017 5:00pm - 5:15pm
Ellington Salon D

6:00pm

Shuttle Departure: Customer Appreciation Party
Wednesday October 18, 2017 6:00pm - 6:30pm
TBA

6:30pm

 
Thursday, October 19
 

TBA

Additional Training Opportunities (Conference Pass + Training Ticket Required)
Additional Training Opportunities available after the main conference session. Be sure select the full conference pass + the appropriate training ticket when registering for the conference. 

Thursday October 19, 2017 TBA
TBA

9:00am

Core Access Assurance Suite Training Day 1
You need this ticket from Eventbrite to sign up: Full Conference + Core AAS Training.
Thursday October 19, 2017 9:00am - 5:00pm
Ellington Salon B

9:00am

Core Impact Certified Professional (CICP) Training Day 1
You need this ticket from Eventbrite to sign up: Full Conference + CICP Training.
This two (2) day course delivers the knowledge and practical experience necessary to successfully use and manage the Core Impact solution. 

Thursday October 19, 2017 9:00am - 5:00pm
Ellington Salon A
 
Friday, October 20
 

9:00am

Core Access Assurance Suite Training Day 2
You need this ticket from Eventbrite to sign up: Full Conference + Core AAS Training.
Friday October 20, 2017 9:00am - 5:00pm
Pittman

9:00am

Core Impact Certified Professional (CICP) Training Day 2
You need this ticket from Eventbrite to sign up: Full Conference + CICP Training.
This two (2) day course delivers the knowledge and practical experience necessary to successfully use and manage the Core Impact solution. 

Friday October 20, 2017 9:00am - 5:00pm
Boardroom