In this post:
Amazing how time flies. Somehow it’s already managed to be June, even though it feels like March Madness just ended and we’re still getting over the heartbreak of the run our beloved Friars managed to string together. And June means that the RSA Conference is just around the corner. Like most of you, we’re about the most pumped we’ve been to go to a conference since we started our careers and got to do adult business travel for the first time (side note, anyone remembered when airline status seemed super glamorous until you realized how much traveling that actually meant?).
Aside from being excited to travel, see people and reconnect with old colleagues and friends, we’re also excited to showcase some of the exciting stuff we’ve been working on. Whether you’re looking to get super down in the weeds on using Uptycs for YARA scans, want to talk threat hunting strategy, or learn the ins-and-outs of cloud native application security, we’ve put together some pretty great sessions for you.
So if you’d like to hear from one of our experts, check out our schedule of Lightning Sessions at booth #435. Interested in diving a little further in? Then check out our Deep Dive Sessions at Sandbox VR.
Lightning Sessions at Booth 435
When |
Title |
Speakers |
Description |
MONDAY |
|||
5:00-5:30 PM |
How to Lock Down Your Cloud Infrastructure |
Nick Palaszewski, Rad Pathalam, Sudarsan Kannan |
As organizations grow their usage of cloud services, the risk of unintentionally misconfiguring services or assign too permissive entitlement policy grows correspondingly. Cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) solutions continuously monitor cloud settings to help organizations prioritize and alert on cloud risks. |
6:00-6:30 PM |
Thinking Like an Attacker in the Cloud |
Andre Rall |
Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior. |
TUESDAY |
|||
10:30-11:00 AM |
How eBPF Changes the Game for Linux Security Observability |
Solomon Murungu |
If you are curious about optimizing your Linux security observability, join us in this session as we break down everything you need to know about eBPF (extended Berkeley Packet Filter) and showcase how Uptycs leverages eBPF to keep you on top of your Linux security. eBPF is an interface within the Linux kernel that is changing how the industry gathers and reports telemetry. |
11:30-12:00 PM |
What Is MITRE D3FEND and How Should My Organization Use It? |
Tyson Supasatit |
Organizations rely on the MITRE ATT&CK framework as a valuable resource to catalog adversary tactics and techniques. In June 2021, a cooperation between the National Security Agency (NSA) and MITRE released D3FEND, a complementary framework that provides insight into defensive measures for enterprise defense. This session will explore how to leverage D3FEND to enhance enterprise security defenses. |
12:30-1:00 PM |
Threat Detection and Malware Hunting with Uptycs |
Julian Wayte and Saurabh Wadhwa |
Shift into the driver's seat with Uptycs threat detections. Instead of hearing about an incident until after it’s too late, you can learn how to detect attack behavior early on. Uptycs gives you powerful tools to detect malware behavior and sophisticated APTs, and proactively hunt within your environment. In this session, Saurabh will take you through the Uptycs detections process and reveal how these behavioral detections and threat intelligence matches help you to stay ahead of threat actors. |
1:30-2:00 PM |
Container and Kubernetes Security Solutions |
Rishi Kant and Jeremy Colvin |
Join this session as we break down securing your containers in the CI/CD pipeline in the Uptycs Platform. You’ll learn how to best support and secure the DevOps cycle dynamic container-based workloads through the Build, Deploy, and Runtime stages. We’ll also touch on why security observability in adjacent attack surfaces—namely, developers’ laptops and cloud resources—is important for detection and investigation. |
2:30-3:00 PM |
Thinking Like an Attacker in the Cloud |
Andre Rall |
Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior. |
3:30-4:00 PM |
Resource-Smart Detection with Targeted YARA Scans |
Julian Wayte |
Traditional filehash malware detection is relatively easy to circumvent as threat actors easily morph code to create "new" variants, rendering old IOCs useless. YARA uses a different approach. Its rules match to small segments of code within the malware, making traditional morphing techniques ineffective. The challenge can be knowing which files to scan with YARA, as scanning everything can be expensive. This is where Uptycs comes in—it can scan targeted segments of memory to detect toolkits. |
4:30-5:00 PM |
How to Lock Down Your Cloud Infrastructure |
Nick Palaszewski, Rad Pathalam, Sudarsan Kannan |
As organizations grow their usage of cloud services, the risk of unintentionally misconfiguring services or assign too permissive entitlement policy grows correspondingly. Cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) solutions continuously monitor cloud settings to help organizations prioritize and alert on cloud risks. |
Wednesday |
|||
10:30-11:00 AM |
Thinking Like an Attacker in the Cloud |
Andre Rall |
Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior. |
11:30-12:00 PM |
Resource-Smart Detection with Targeted YARA Scans |
Julian Wayte |
Traditional filehash malware detection is relatively easy to circumvent as threat actors easily morph code to create "new" variants, rendering old IOCs useless. YARA uses a different approach. Its rules match to small segments of code within the malware, making traditional morphing techniques ineffective. The challenge can be knowing which files to scan with YARA, as scanning everything can be expensive. This is where Uptycs comes in—it can scan targeted segments of memory to detect toolkits. |
12:30-1:00 PM |
How eBPF Changes the Game for Linux Security Observability |
Solomon Murungu |
If you are curious about optimizing your Linux security observability, join us in this session as we break down everything you need to know about eBPF (extended Berkeley Packet Filter) and showcase how Uptycs leverages eBPF to keep you on top of your Linux security. eBPF is an interface within the Linux kernel that is changing how the industry gathers and reports telemetry. |
1:30-2:00 PM |
What Is MITRE D3FEND and How Should My Organization Use It? |
Tyson Supasatit |
Organizations rely on the MITRE ATT&CK framework as a valuable resource to catalog adversary tactics and techniques. In June 2021, a cooperation between the National Security Agency (NSA) and MITRE released D3FEND, a complementary framework that provides insight into defensive measures for enterprise defense. This session will explore how to leverage D3FEND to enhance enterprise security defenses. |
2:30-3:00 PM |
Threat Detection and Malware Hunting with Uptycs |
Julian Wayte and Saurabh Wadhwa |
Shift into the driver's seat with Uptycs threat detections. Instead of hearing about an incident until after it’s too late, you can learn how to detect attack behavior early on. Uptycs gives you powerful tools to detect malware behavior and sophisticated APTs, and proactively hunt within your environment. In this session, Saurabh will take you through the Uptycs detections process and reveal how these behavioral detections and threat intelligence matches help you to stay ahead of threat actors. |
3:30-4:00 PM |
How to Lock Down Your Cloud Infrastructure |
Nick Palaszewski, Rad Pathalam, Sudarsan Kannan |
As organizations grow their usage of cloud services, the risk of unintentionally misconfiguring services or assign too permissive entitlement policy grows correspondingly. Cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) solutions continuously monitor cloud settings to help organizations prioritize and alert on cloud risks. |
Thursday |
|||
10:30-11:00 AM |
Thinking Like an Attacker in the Cloud |
Andre Rall |
Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior. |
11:30-12:00 PM |
Threat Detection and Malware Hunting with Uptycs |
Julian Wayte and Saurabh Wadhwa |
Shift into the driver's seat with Uptycs threat detections. Instead of hearing about an incident until after it’s too late, you can learn how to detect attack behavior early on. Uptycs gives you powerful tools to detect malware behavior and sophisticated APTs, and proactively hunt within your environment. In this session, Saurabh will take you through the Uptycs detections process and reveal how these behavioral detections and threat intelligence matches help you to stay ahead of threat actors. |
12:30-1:00 PM |
Container and Kubernetes Security Solutions |
Rishi Kant and Jeremy Colvin |
Join this session as we break down securing your containers in the CI/CD pipeline in the Uptycs Platform. You’ll learn how to best support and secure the DevOps cycle dynamic container-based workloads through the Build, Deploy, and Runtime stages. We’ll also touch on why security observability in adjacent attack surfaces—namely, developers’ laptops and cloud resources—is important for detection and investigation. |
1:30-2:00 PM |
What Is MITRE D3FEND and How Should My Organization Use It? |
Tyson Supasatit |
Organizations rely on the MITRE ATT&CK framework as a valuable resource to catalog adversary tactics and techniques. In June 2021, a cooperation between the National Security Agency (NSA) and MITRE released D3FEND, a complementary framework that provides insight into defensive measures for enterprise defense. This session will explore how to leverage D3FEND to enhance enterprise security defenses. |
Deep Dive Sessions at Sandbox VR
Want to dive a little deeper? Our team will be hosting deeper dive sessions at our exclusive Sandbox VR space. To get your invite, stop by Booth 435 to get a wristband.
When |
Title |
Speakers |
Description |
TUESDAY |
|||
11:30-12:30 AM |
Container and Kubernetes Security Solutions |
Rishi Kant and Jeremy Colvin |
Join this session as we break down securing your containers in the CI/CD pipeline in the Uptycs Platform. You’ll learn how to best support and secure the DevOps cycle dynamic container-based workloads through the Build, Deploy, and Runtime stages. We’ll also touch on why security observability in adjacent attack surfaces—namely, developers’ laptops and cloud resources—is important for detection and investigation. |
2:30-3:30 PM |
Threat Detection and Malware Hunting with Uptycs |
Julian Wayte and Saurabh Wadhwa |
Shift into the driver's seat with Uptycs threat detections. Instead of hearing about an incident until after it’s too late, you can learn how to detect attack behavior early on. Uptycs gives you powerful tools to detect malware behavior and sophisticated APTs, and proactively hunt within your environment. In this session, Saurabh will take you through the Uptycs detections process and reveal how these behavioral detections and threat intelligence matches help you to stay ahead of threat actors. |
Wednesday |
|||
10:30-11:30 PM |
How to Lock Down Your Cloud Infrastructure |
Nick Palaszewski, Rad Pathalam, Sudarsan Kannan |
As organizations grow their usage of cloud services, the risk of unintentionally misconfiguring services or assign too permissive entitlement policy grows correspondingly. Cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) solutions continuously monitor cloud settings to help organizations prioritize and alert on cloud risks. |
1:30-2:30 AM |
Thinking Like an Attacker in the Cloud |
Andre Rall |
Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior. |
Thursday |
|||
11:30-12:30 PM |
What Is MITRE D3FEND and How Should My Organization Use It? |
Tyson Supasatit |
Organizations rely on the MITRE ATT&CK framework as a valuable resource to catalog adversary tactics and techniques. In June 2021, a cooperation between the National Security Agency (NSA) and MITRE released D3FEND, a complementary framework that provides insight into defensive measures for enterprise defense. This session will explore how to leverage D3FEND to enhance enterprise security defenses. |