With two successful days at RSA, the Uptycs team is preparing for a third - with our lightening booth sessions continuing to shed opportunities for innovation and insight into the power of our platform.
Throughout today and tomorrow sessions related to Linux, Mitre D3fend, Malware Hunting, Containers, Kubernetes, and Resource Smart Detections with YARA Scanning are scheduled to continue. Join us, enter to win one of our two raffles, and get excited for the level of telemetry, acute observability, and subsequent security posture the sophistication of our capabilities allow.
See below for a list of the remaining sessions at our booth and SandBox VR
Lightning Sessions at Booth 435
When |
Title |
Speakers |
Description |
MONDAY |
|||
5:00-5:30 PM |
How to Lock Down Your Cloud Infrastructure |
Nick Palaszewski, Rad Pathalam, Sudarsan Kannan |
As organizations grow their usage of cloud services, the risk of unintentionally misconfiguring services or assign too permissive entitlement policy grows correspondingly. Cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) solutions continuously monitor cloud settings to help organizations prioritize and alert on cloud risks. |
6:00-6:30 PM |
Thinking Like an Attacker in the Cloud |
Andre Rall |
Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior. |
TUESDAY |
|||
10:30-11:00 AM |
How eBPF Changes the Game for Linux Security Observability |
Solomon Murungu |
If you are curious about optimizing your Linux security observability, join us in this session as we break down everything you need to know about eBPF (extended Berkeley Packet Filter) and showcase how Uptycs leverages eBPF to keep you on top of your Linux security. eBPF is an interface within the Linux kernel that is changing how the industry gathers and reports telemetry. |
11:30-12:00 PM |
What Is MITRE D3FEND and How Should My Organization Use It? |
Tyson Supasatit |
Organizations rely on the MITRE ATT&CK framework as a valuable resource to catalog adversary tactics and techniques. In June 2021, a cooperation between the National Security Agency (NSA) and MITRE released D3FEND, a complementary framework that provides insight into defensive measures for enterprise defense. This session will explore how to leverage D3FEND to enhance enterprise security defenses. |
12:30-1:00 PM |
Threat Detection and Malware Hunting with Uptycs |
Julian Wayte and Saurabh Wadhwa |
Shift into the driver's seat with Uptycs threat detections. Instead of hearing about an incident until after it’s too late, you can learn how to detect attack behavior early on. Uptycs gives you powerful tools to detect malware behavior and sophisticated APTs, and proactively hunt within your environment. In this session, Saurabh will take you through the Uptycs detections process and reveal how these behavioral detections and threat intelligence matches help you to stay ahead of threat actors. |
1:30-2:00 PM |
Container and Kubernetes Security Solutions |
Rishi Kant and Jeremy Colvin |
Join this session as we break down securing your containers in the CI/CD pipeline in the Uptycs Platform. You’ll learn how to best support and secure the DevOps cycle dynamic container-based workloads through the Build, Deploy, and Runtime stages. We’ll also touch on why security observability in adjacent attack surfaces—namely, developers’ laptops and cloud resources—is important for detection and investigation. |
2:30-3:00 PM |
Thinking Like an Attacker in the Cloud |
Andre Rall |
Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior. |
3:30-4:00 PM |
Resource-Smart Detection with Targeted YARA Scans |
Julian Wayte |
Traditional filehash malware detection is relatively easy to circumvent as threat actors easily morph code to create "new" variants, rendering old IOCs useless. YARA uses a different approach. Its rules match to small segments of code within the malware, making traditional morphing techniques ineffective. The challenge can be knowing which files to scan with YARA, as scanning everything can be expensive. This is where Uptycs comes in—it can scan targeted segments of memory to detect toolkits. |
4:30-5:00 PM |
How to Lock Down Your Cloud Infrastructure |
Nick Palaszewski, Rad Pathalam, Sudarsan Kannan |
As organizations grow their usage of cloud services, the risk of unintentionally misconfiguring services or assign too permissive entitlement policy grows correspondingly. Cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) solutions continuously monitor cloud settings to help organizations prioritize and alert on cloud risks. |
Wednesday |
|||
10:30-11:00 AM |
Thinking Like an Attacker in the Cloud |
Andre Rall |
Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior. |
11:30-12:00 PM |
Resource-Smart Detection with Targeted YARA Scans |
Julian Wayte |
Traditional filehash malware detection is relatively easy to circumvent as threat actors easily morph code to create "new" variants, rendering old IOCs useless. YARA uses a different approach. Its rules match to small segments of code within the malware, making traditional morphing techniques ineffective. The challenge can be knowing which files to scan with YARA, as scanning everything can be expensive. This is where Uptycs comes in—it can scan targeted segments of memory to detect toolkits. |
12:30-1:00 PM |
How eBPF Changes the Game for Linux Security Observability |
Solomon Murungu |
If you are curious about optimizing your Linux security observability, join us in this session as we break down everything you need to know about eBPF (extended Berkeley Packet Filter) and showcase how Uptycs leverages eBPF to keep you on top of your Linux security. eBPF is an interface within the Linux kernel that is changing how the industry gathers and reports telemetry. |
1:30-2:00 PM |
What Is MITRE D3FEND and How Should My Organization Use It? |
Tyson Supasatit |
Organizations rely on the MITRE ATT&CK framework as a valuable resource to catalog adversary tactics and techniques. In June 2021, a cooperation between the National Security Agency (NSA) and MITRE released D3FEND, a complementary framework that provides insight into defensive measures for enterprise defense. This session will explore how to leverage D3FEND to enhance enterprise security defenses. |
2:30-3:00 PM |
Threat Detection and Malware Hunting with Uptycs |
Julian Wayte and Saurabh Wadhwa |
Shift into the driver's seat with Uptycs threat detections. Instead of hearing about an incident until after it’s too late, you can learn how to detect attack behavior early on. Uptycs gives you powerful tools to detect malware behavior and sophisticated APTs, and proactively hunt within your environment. In this session, Saurabh will take you through the Uptycs detections process and reveal how these behavioral detections and threat intelligence matches help you to stay ahead of threat actors. |
3:30-4:00 PM |
How to Lock Down Your Cloud Infrastructure |
Nick Palaszewski, Rad Pathalam, Sudarsan Kannan |
As organizations grow their usage of cloud services, the risk of unintentionally misconfiguring services or assign too permissive entitlement policy grows correspondingly. Cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) solutions continuously monitor cloud settings to help organizations prioritize and alert on cloud risks. |
Thursday |
|||
10:30-11:00 AM |
Thinking Like an Attacker in the Cloud |
Andre Rall |
Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior. |
11:30-12:00 PM |
Threat Detection and Malware Hunting with Uptycs |
Julian Wayte and Saurabh Wadhwa |
Shift into the driver's seat with Uptycs threat detections. Instead of hearing about an incident until after it’s too late, you can learn how to detect attack behavior early on. Uptycs gives you powerful tools to detect malware behavior and sophisticated APTs, and proactively hunt within your environment. In this session, Saurabh will take you through the Uptycs detections process and reveal how these behavioral detections and threat intelligence matches help you to stay ahead of threat actors. |
12:30-1:00 PM |
Container and Kubernetes Security Solutions |
Rishi Kant and Jeremy Colvin |
Join this session as we break down securing your containers in the CI/CD pipeline in the Uptycs Platform. You’ll learn how to best support and secure the DevOps cycle dynamic container-based workloads through the Build, Deploy, and Runtime stages. We’ll also touch on why security observability in adjacent attack surfaces—namely, developers’ laptops and cloud resources—is important for detection and investigation. |
1:30-2:00 PM |
What Is MITRE D3FEND and How Should My Organization Use It? |
Tyson Supasatit |
Organizations rely on the MITRE ATT&CK framework as a valuable resource to catalog adversary tactics and techniques. In June 2021, a cooperation between the National Security Agency (NSA) and MITRE released D3FEND, a complementary framework that provides insight into defensive measures for enterprise defense. This session will explore how to leverage D3FEND to enhance enterprise security defenses. |
Deep Dive Sessions at Sandbox VR
Want to dive a little deeper? Our team will be hosting deeper dive sessions at our exclusive Sandbox VR space. To get your invite, stop by Booth 435 to get a wristband.
When |
Title |
Speakers |
Description |
TUESDAY |
|||
11:30-12:30 AM |
Container and Kubernetes Security Solutions |
Rishi Kant and Jeremy Colvin |
Join this session as we break down securing your containers in the CI/CD pipeline in the Uptycs Platform. You’ll learn how to best support and secure the DevOps cycle dynamic container-based workloads through the Build, Deploy, and Runtime stages. We’ll also touch on why security observability in adjacent attack surfaces—namely, developers’ laptops and cloud resources—is important for detection and investigation. |
2:30-3:30 PM |
Threat Detection and Malware Hunting with Uptycs |
Julian Wayte and Saurabh Wadhwa |
Shift into the driver's seat with Uptycs threat detections. Instead of hearing about an incident until after it’s too late, you can learn how to detect attack behavior early on. Uptycs gives you powerful tools to detect malware behavior and sophisticated APTs, and proactively hunt within your environment. In this session, Saurabh will take you through the Uptycs detections process and reveal how these behavioral detections and threat intelligence matches help you to stay ahead of threat actors. |
Wednesday |
|||
10:30-11:30 PM |
How to Lock Down Your Cloud Infrastructure |
Nick Palaszewski, Rad Pathalam, Sudarsan Kannan |
As organizations grow their usage of cloud services, the risk of unintentionally misconfiguring services or assign too permissive entitlement policy grows correspondingly. Cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) solutions continuously monitor cloud settings to help organizations prioritize and alert on cloud risks. |
1:30-2:30 AM |
Thinking Like an Attacker in the Cloud |
Andre Rall |
Organizations can meet compliance/regulatory responsibilities in the cloud, but still be susceptible to a threat actor escalating privileges, exfiltrating data, targeting you for ransomware. Threat actors today have become cloud experts. Their TTPs are evolving quicker than most want to believe. Therefore it's time we start thinking like them and mimicking detection on their attack behavior./p> |
Thursday |
|||
11:30-12:30 PM |
What Is MITRE D3FEND and How Should My Organization Use It? |
Tyson Supasatit |
Organizations rely on the MITRE ATT&CK framework as a valuable resource to catalog adversary tactics and techniques. In June 2021, a cooperation between the National Security Agency (NSA) and MITRE released D3FEND, a complementary framework that provides insight into defensive measures for enterprise defense. This session will explore how to leverage D3FEND to enhance enterprise security defenses. |