You are CONNECT! The shared vision from Core Security and SecureAuth is a starting point for a better future. It starts now, with you. Over the next two days you will have an opportunity to learn how to break down the silos in your security strategy, and minimize the gaps where attackers thrive. With a strong identity layer as a foundation for endpoint and network security, visibility leads to prioritization and a real-time response.
Did you ever wonder how we arrived at a point where cybersecurity incidents are at an all-time high despite almost $100B of enterprise spending on the problem? Keith Graham, CTO, is driven by this problem and will share a brief history of cybersecurity as a precursor to a prediction about where it is going. Understanding the evolution of attacks and attackers is critical to framing the future state, Keith’s history as a pioneer in this industry enables him to look back while looking forward.
Tim Callahan, SVP and Global Chief Security Officer at Aflac, will review the current threat environment and how Aflac is deploying programs and systems to protect, detect and respond.
Managing Identity in a healthcare environment requires many jumps, through many hoops. Therefore, the Identity and Access Management (IAM) solution implemented in such an environment is rife with customizations to make the IAM solution hum. Now, stare down the barrel of the upgrade gun, and imagine the panic that sets in!
Mercy Health engaged in an upgrade of their Core Security Access Assurance Suite with a well thought out plan of attack…… Which of course went without a hitch, right?
This session will endeavor to share the Mercy Health upgrade story from AAS version 8.1 to 8.4, while providing some of the pain points they encountered.
Bright Horizons, a leading early education provider, needed to secure access to its portal which is utilized by over 250,000 families. Bright Horizons CISO Javed Ikbal will share how his organization used SecureAuth risk-based authentication to secure third-party access to their portal to detect the use of compromised credentials while providing a smooth user experience for their clients.
Passwords, multi-factor authentication, knowledge-based questions/answers, and hard tokens are based on technologies that are now 20 years old. With organizations losing the battle against cyber attacks, it’s clearly time to move beyond these legacy technologies and adopt a modern approach in which awareness and flexibility are king. Authentication must adapt based on the level of risk, so that it can deliver strong security yet be invisible to users most of the time.
Achieving that balance of strong security and appropriate user friction is the basis for modern authentication. This session will explore what modern authentication is and why using it across all users, devices, and services is vital to turning a losing battle into a winning strategy to stop cyber attacks.
In 2016 alone, over 4000 cyber attacks were reported globally – with many more never reported or even detected. Enterprises deploy security point solutions in the hopes of stopping a data breach, while savvy attackers work to exploit the whitespace between them. This session will explore how a connected approach to security, one where vendors are joining forces to specifically address the data breach problem, will eliminate the silos that make it possible for breaches to happen.
Eastman started its identity journey in 2013 when they looked to acquire an Identity Management (IDM) solution that ended with the purchase of Courion (Core Security).
The first objective was to replace an existing password synchronization product, roll out self-service password reset, and eliminate PII access from the Global Help Desk.
Phase 2 was geared toward automation; onboarding and off-boarding of users. In addition, Eastman set out to establish an authoritative source for third parties using SecZetta’s NE Profile solution. By implementing an authoritative source built for third parties, Eastman aimed to bring the same automation to third party, non-employees.
In this session, you will hear Eastman highlight the information collection processes, adoption techniques, result tracking, lessons learned, and future aspirations.
Audit has been historically been an intensely manual process but real and regularity risk requirements demand more accurate and more frequent validations – even continuously.
This talk will examine why to use these tool and how to operationalize them.
The combination of SecureAuth and Core Security is not only exciting from the products we bring together, but also because of the Advanced Security Research that we are working on and bringing together as well. In this panel discussion, you will get a better understanding of what we do in SecureAuth and CoreLabs and specifically the research we conduct around Network Security, Threat Landscape, Vulnerability and Exploit Research, Data Science, and Endpoint Research. The panelists will discuss their areas of expertise along with interesting problems that they are looking to solve through their research. In addition, this panel will also discuss the formal research process that we undertake and provide customers insight into how we go about doing research. Finally, we will investigate the anatomy of recent high profile breaches and they cut across the different areas of security and how we can bring integrative research methods together to better understand how to think like attackers and model adversary behavior.
Speed to respond is critical in fighting cyber threats and cyberattacks. Learning how to quickly assess findings leads to faster response and containment. As users get familiar with the Network Insight, formerly Failsafe, user console and how to read results, quick decisions can be made as to next steps to response. In this session, we will cover how to quickly assess findings in the GUI directly or when pivoting from a SIEM or ITSM in response to a case – including top dashboard widgets for quickly drilling down on pre-filtered lists of assets. This session will cover asset filtering methods to highlight what things are important to each organization. Most importantly you will learn how to drill down on individual assets, what to look for and which sections can quickly decide on next steps.
Ever dream of a career in product management? Get hands on experience in stack ranking the real features that you want to see in the product. In this feedback session, users will be broken into two groups and asked to prioritize a selected group of features based on group decided criteria. The groups will then present and discuss which features ranked where and why. This will be a fun and interactive session for users to provide direct input on upcoming features in Network Insight.
It’s no secret that approaches to identity and access management (IAM) have evolved rapidly over the last several years to meet the changes in how companies transact business and the rapidly growing threat of a breach. During this session, Aubrey Turner, Director of Strategic Services – IAM Optiv, wiil explain why it is increasingly more important than ever to put identity at the core of your security strategy and how to achieve success by leveraging existing cyber security assets.
Come meet the newest member of the Core Security product family – Core Role Designer. Our visual-first, analytics driven approach to designing roles will help you understand the relationship between people and what they have access to. You’ll not only be able to create the best roles possible, you’ll also discover rogue access and underprovisioned accounts in your organization. Step up your role game with Core Role Designer.
Anatomy 101 of how and what threats actually do in your network. In this session we will pick a well-known threat and go through the cycle of how actors behave and how security teams can deter, detect, respond and validate using Core Security products.
How do you separate the good from the bad actors? Put on your white hat as we go on an adventure to separate the wheat from the chaff; or the good from the bad and not so bad. Join us for a chance to learn from our Threat Research team and how they track and expose threat operators and build that intelligence into Network Insight. Not only that, but discover the different ways our Threat Research team is able to apply their findings. This will be an insightful session for anyone interested in learning more about a day in the life of a threat researcher.
The Jetson’s had numerous push-button Space Age-envisioned conveniences that are finally becoming a reality with self-driving cars, IoT and NEST® technology. But with cool tech comes more vulnerabilities and a wider attack surface. What keeps you up at night when you imagine what the future will hold for Vulnerability Management? In this feedback session users will get to share their fears, future predictions and what their dream features are “If Only…” Join us and build the future of VM.
Joseph Blankenship is a leading security industry veteran and currently a senior analyst at Forrester serving security and risk professionals. In this session he will examine how analytics and automation are combining to transform security operations. Specifically, he will address how combating threats and keeping pace with change requires security technologies to work together and security leaders to embrace automation.
