|
The Trust Landscape
|
Entrepreneur
|
|
We’re Not in Kansas Anymore: Measuring the Impact of a Data Breach (Repeat)
|
Verizon Enterprise Solutions
|
|
Results of the (ISC)² Workforce Survey
|
|
|
SANS: Lethal Threat Hunting and Incident Response Techniques
|
|
|
Cybersecurity Canon
|
Palo Alto Networks
|
|
Is HTTPS Making Us Less Secure?
|
|
|
First-Timers Meet-Up Wednesday
|
|
|
Champagne Cyber on a Beer Budget
|
David Nathans
|
|
RSAC College Day Exploring Infosec Careers
|
|
|
Fixing the Mess of IoT Security
|
Pen Test Partners
|
|
Smart Secure Cities Seal
|
|
|
SANS: Automating Information Security with Python
|
|
|
Security, Privacy and Human Behavior
|
University of Central Florida
|
|
Zero-Knowledge (ZK) Proofs—Privacy-Preserving Authentication
|
KPMG
|
|
12 Ways to Hack 2FA
|
KnowBe4, Inc.
|
|
RSAC Innovation Sandbox Contest
|
|
|
Engineering Trust and Security in the Cloud Era, Based on Early Lessons
|
Google Inc.
|
|
The State of the Union on Cyber-Intelligence
|
Carnegie Mellon University, Software Engineering Institute
|
|
SANS: Critical Security Controls: Planning, Implementing and Auditing
|
|
|
Security Foundations
|
|
|
Secure Innovation in Public Cloud, Myth or Reality?
|
|
|
Rise of the Machines: Staying Ahead of the Next Threat
|
|
|
Lesson Learned: What I Have Experienced While Implementing GDPR
|
Casinos Austria AG
|
|
How CTI Can Play a Key Role to Get Security on Board
|
|
|
Defining a Cyber-Risk Appetite That Works (Repeat)
|
|
|
Securing Industrial IoT and ICS
|
|
|
Internet of Food: How IoT Threatens Fields, Farms and Factories
|
Trend Micro, Inc.
|
|
Cheaper by the Dozen: Application Security on a Limited Budget
|
|
|
Will Your Application Be Secure Enough When Robots Produce Code for You?
|
Carnegie Mellon University, Software Engineering Institute
|
|
Do You Know Your Organization’s Top 10 Security Risks? (Overflow)
|
|
|
Wireless Offense and Defense, Explained and Demonstrated!
|
|
|
CyberSmart Parents Education Seminar—Keeping Your Family Safe Online
|
|
|
Laboratories of Cyber-Innovation: States Leading the Way
|
|
|
The Cryptographers’ Panel
|
Massachusetts Institute of Technology
|
|
ICS Village Sandbox - Wednesday Small Talks
|
|
|
What Makes a Good KRI? Using FAIR to Discover Meaningful Metrics
|
|
|
Harnessing the Law of Data Gravity: Cyber-Defense and the Hybrid Cloud
|
Microsoft Corporation
|
|
What Does Cyber-Insurance Really Bring to the Table and…Are You Covered?
|
|
|
Privacy Essentials for Security Professionals
|
|
|
Context-Based Data Sensitivity Classification
|
|
|
DevSecOps for the Rest of Us!
|
BECU
|
|
Responding to and Recovering from Cybersecurity Incidents
|
Department of Homeland Security
|
|
Securing Intel PC for FIDO Support: Industry Standard to Remove Passwords
|
Intel Corporation
|
|
Behind the Headlines: A Public-Private Discourse on Cyber-Defense
|
National Security Agency
|
|
Don’t Hand Me That! The Art of Incident Analysis
|
CSIRT, Union Bank
|
|
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
|
Robert Lee
,
Dragos, Inc.
|
|
What Sennacherib Taught Me about Security: How to Translate Cyber-Speak
|
Oracle Corporation
|
|
An Intelligent Approach to Beating Global Cybersecurity Threats (Oracle)
|
|
|
Anatomy of Phishing Campaigns: A Gmail Perspective
|
Google Inc.
|
|
Women's Leadership Celebration Reception
|
|
|
Attack Vectors in Orbit: The Need for IoT and Satellite Security
|
Trend Micro, Inc.
|
|
Cybersecurity Silo-Busters 1, Cyberthreat Actors 0 (Game in Progress)
|
|
|
Cryptojacking Meets IoT
|
LMG Security
|
|
She Speaks Security: Gaining Confidence Speaking and Submitting to Speak
|
CERT
,
CMU
|
|
Social Media as a Compliance Risk
|
|
|
Rethinking Efficient Third-Party Risk Management
|
Booz Allen Hamilton
|
|
Building a Leading Cloud Security Program
|
Capital One
|
|
A Cloud Security Architecture Workshop
|
Instructor
,
SANS Institute
|
|
The FBI: At the Heart of Combating Cyberthreats
|
Federal Bureau of Investigation
|
|
AppSec, Product Security Leaders, etc.—Meet-Up of Practitioners
|
Honeywell Building Technologies
|
|
Cutting the Wrong Wire: How a Clumsy Hacker Exposed a Global Cyberattack
|
Morphus Labs
|
|
Aviation Cybersecurity: Keeping the Wings On
|
|
|
Joining Forces: Transforming Cybersecurity through Diversity and Data
|
Palo Alto Networks
|
|
Speed of Trust
|
Carnegie Mellon University, Software Engineering Institute
|
|
SANS: Security Awareness - How to Build, Maintain and Measure a Mature Awareness Program
|
|
|
ATT&CK in Practice: A Primer to Improve Your Cyber-Defense
|
MITRE Corporation
|
|
Use Model to Deconstruct Threats: Detect Intrusion by Statistical Learning
|
Alibaba Group Holding Limited
|
|
CSA Summit: CSA 10
|
|
|
Automated Fault Analysis of Block Cipher Implementations
|
Underwriters Laboratories
|
|
IoT Village Sandbox - Thursday Small Talks
|
|
|
New Rules: Comparing the CA Consumer Privacy Act and EU GDPR—What Every Security Professional Needs to Know (Overflow)
|
|
|
Business Email Compromise: Operation Wire Wire and New Attack Vectors
|
|
|
Strong Authentication, Phishing and FIDO
|
The World Bank Group
|
|
Do You Know Your Organization’s Top 10 Security Risks?
|
|
|
2028 Future State: Long Live the Firewall?
|
Adam Shostack
|
|
Automating Security Controls Using Models and Security Orchestration
|
|
|
In the Wake of an Attack: Thoughts from a Seasoned CISO
|
|
|
Designing Effective Security UX: If It’s Not Usable, It’s Not Secure
|
|
|
Internal Combustion: The Insider Threat to Industrial Control Systems (Fortiphyd Logic)
|
|
|
How to Successfully Implement a Zero Trust Security Model
|
Cyxtera Federal Group, Cyxtera Technologies, Inc.
|
|
Wireless Village Sandbox - Wednesday Small Talks
|
|
|
Building—and Keeping—Your Cybersecurity Team with Nontraditional Staff
|
Cyxtera Federal Group, Cyxtera Technologies, Inc.
|
|
ATT&CK in Practice: A Primer to Improve Your Cyber-Defense (Overflow)
|
MITRE Corporation
|
|
Expense in Depth: Managing Your Total Cost of Controls
|
|
|
SANS Core NetWars Experience
|
Counter Hack Challenges
|
|
Rethinking Efficient Third-Party Risk Management (Overflow)
|
Booz Allen Hamilton
|
|
Why Pen Testing Sucks Right Now, and How You Can Fix It
|
|
|
The Rise of the Cyber-Culture Hacker
|
Global Security Strategy and Awareness, United Airlines
|
|
Zero-Trust Privilege for the Modern Threatscape (Centrify)
|
|
|
Procuring IoT: Purchasing Guidance for Government Officials
|
National Risk Management Center Cybersecurity and Infrastructure Security Agency, Department of Homeland Security
|
|
Hunting the Hunters: Going Behind Enemy Lines (Trustwave)
|
|
|
Live Adversary Simulation: Red and Blue Team Tactics (Overflow)
|
SANS Institute
|
|
(ISC)2 Security Architecture
|
|
|
Developing Key Performance Indicators for Security
|
|
|
Hot Topics in Cyber-Law 2019
|
|
|
Blockchain Augmentation of the Trusted Supply Chain
|
Intel Corporation
|
|
The Digital Risk Dilemma: How to Protect What You Don’t Control
|
IntSights Cyber Intelligence
|
|
(Girl) Scouting for Talent: The Solution in the Next Generation
|
|
|
Nation-States Behaving Badly: The Evolving Rules of the Game in Cyberspace
|
|
|
A Separate Network for Critical Infrastructure: Is It a Good Idea?
|
Exelon
|
|
Getting Practical with Addressing Risks in OT Networks: Where to Start?
|
Claroty
|
|
Key Management Architectures for Multinational Compliance
|
CipherCloud
|
|
IAPP: Understanding the CCPA
|
|
|
Power Pause – Mindfulness & Movement
|
|
|
Threat Hunting Using 16th-Century Math and Sesame Street
|
Walmart
|
|
Job Search 2019 – Interview Skills and Resume Review Workshop
|
Google Inc.
|
|
Security Awareness Design
|
Training, EY
|
|
How-To for Innovators and Entrepreneurs
|
Chris Wysopal
,
Veracode
|
|
Blackbox Interpretability: Next Frontier in Adversarial ML Evasion
|
Holly Stewart
,
Microsoft Corporation
|
|
Hacking the Human: Special Edition
|
|
|
Container Security at the Speed of CI/CD
|
HealthStream
|
|
Threat Modeling in 2019
|
Adam Shostack
|
|
Evolution of AI-Bot Swarming Intelligence with Robots
|
|
|
Opening
|
Entrepreneur
|
|
Grappling with Zero-Trust Networking: How Are You Doing It?
|
MITRE
,
NIST/NCCoE
|
|
Decentralized Identity: No Promises Edition
|
Microsoft Corporation
|
|
Mushrooming Economic Inequality Menaces Security: Here’s How to Fix It
|
|
|
Advancing Incident Response in the Age of New Compliance Requirements
|
CrowdStrike, Inc.
|
|
In 9 Months, You Could Be Fined for a CCPA Violation. Want to Know Why? (Netwrix)
|
|
|
Why the Role of CISO Sucks and What We Should Do to Fix It!
|
Carbon Black
|
|
99 Security Products and You Still Got Breached?
|
Palo Alto Networks
|
|
Kubernetes Deployments: How Not to Get Hacked (Thales eSecurity Inc.)
|
|
|
Shadow IoT Hacking the Corporate Environment: Office as the New Smart Home
|
Avast
|
|
Improving Outcomes of Due-Diligence with Small Businesses
|
Corporate Information Technologies, Corp
|
|
ISACA: CISM Two-Day Cram to the Max Course
|
|
|
To Pay or Not to Pay: A Ransom Discussion
|
|
|
Live Adversary Simulation: Red and Blue Team Tactics
|
SANS Institute
|
|
Tales from the PSIRT: 10 Years of Bugs, Vulnerabilities and CVEs
|
Aruba Networks / HPE
|
|
De-Bugging Legal Issues in Bug Bounty Programs and VDP
|
Lane Powell PC
|
|
Stress, Burnout and You: Fireside Chat with Dr. Christina Maslach
|
|
|
Risks and Results: Counter-Risks to the Nation’s Critical Infrastructure
|
|
|
Why Data-Driven Personalized Journeys Are the Future of Security Training
|
Autodesk
|
|
Is an NTSB for Cyber a Good Idea?
|
Northeastern University
|
|
Hindsight and 2020: A Clear-Eyed Look at Shared Responsibil-I-o-T
|
|
|
(ISC)2 CISSP® Certified Information Systems Security Professional Introduction
|
|
|
Vulnerabilities: What Is the Future
|
CERT
,
CMU
|
|
CSA: The Cloud Computing Security Knowledge (CCSK)—Plus Training
|
|
|
Using Machine Learning to Improve Security Predictions
|
Data Science Applied Research, McAfee
|
|
What’s Your Game Plan? Leveraging Apple’s Game Engine to Detect Threats (Repeat)
|
Patrick Wardle
,
Digita Security
|
|
First-Timers Meet-Up Thursday
|
|
|
Hacking and Hardening Kubernetes (Overflow)
|
InGuardians
|
|
The SMB Is Under Attack and We Need to Help
|
SolarWinds
|
|
Five Secrets to Attract and Retain Top Tech Talent in Your Future Workplace
|
Aligned at Work
|
|
Building Identity for an Open Perimeter
|
Netflix, Inc.
|
|
Context-Wrapped Security: Driving Down Business Risk (BAE Systems)
|
|
|
Welcome Reception
|
|
|
Key Management and Protection: Evaluation of Hardware, Tokens, TEEs and MPC
|
KU Leuven
|
|
Detect and Block Web App Attacks — Before They Strike Your Business (Arxan)
|
|
|
CyberSafety Prognosis for Doctors and Hospitals: Medical’s Last Mile?
|
|
|
Lesson Learned: What I Have Experienced While Implementing GDPR (Overflow)
|
Casinos Austria AG
|
|
Future-Proof Cybersecurity Strategy
|
|
|
Leverage the Latest Threat Intelligence to Stay Ahead of Cyberthreats (SonicWall)
|
|
|
A New Employer-Driven Model of Cyber-Workforce Development for Dell
|
Dell
|
|
Are Spoof-Proof Biometrics Really Possible?
|
Clarkson University, Center for Identification Technology Research
|
|
Kubernetes Runtime Security: What Happens if a Container Goes Bad?
|
Google Inc.
|
|
STIR SHAKE’N SIP to Stop Robocalling
|
Comcast
|
|
First-Timers Orientation & Networking Reception
|
|
|
Election Hacking Is No Longer Theoretical: Russians Are Pwning Our Votes
|
Johns Hopkins University
|
|
The Detrimental Nature of Proofs of Work, and Risks to Cryptocurrencies
|
Egni Inc.
|
|
Phantom Menace, Episode I? The Attack That Undressed the Mexican Banks in ’18
|
Scotiabank
|
|
Empowering International Security Teams (Repeat)
|
Elevate Security
|
|
The Need for 100 Percent Anonymitity to Make the Internet More Secure
|
|
|
SANS Core NetWars Experience – Intro to Capture the Flag
|
Counter Hack Challenges
|
|
Emerging Threats
|
Candid Wueest
,
Symantec
|
|
Lightning in a Bottle, or Burning Down the House?
|
McAfee, LLC
|
|
Hearing Voices: The Cybersecurity Pro’s View of the Profession
|
|
|
Psybersecurity
|
Foundation Physicians Medical Group, Inc.
|
|
Solving Our Cybersecurity Talent Shortage
|
|
|
Cybersecurity and Hospital Infection Control: Overlaps and Opportunities
|
|
|
Humans Are Awesome at Risk Management
|
Akamai Technologies
|
|
Hacking and Hardening Kubernetes
|
InGuardians
|
|
Anatomy of an Enterprise Mobile Security Incident (Repeat)
|
|
|
Follow-Up to LAW-T06: Hot Topics in Cyber-Law 2019
|
The MITRE Corporation
|
|
“Next-Next-Gen Security 3.0”: Truth and Lies
|
|
|
How Long to Boom: Understanding and Measuring ICS Hacker Maturity
|
Dragos
|
|
Introduction to Defending the Enterprise Using Automated SecOps
|
Dolby
|
|
Cyber Collective Defense: Can Companies (and the Gov’t) Really Collaborate?
|
Jamil Jaffer
,
National Security Institute
,
George Mason University Law School
|
|
Security Learns to Sprint: DevSecOps
|
Microsoft Corporation
|
|
Connected Cars: A Security and Privacy by Design Study 10 Years in the Making (Repeat)
|
|
|
DevOps Connect: DevSecOps Day @ RSAC
|
|
|
Doing Security Orchestration, Automation and Response before It Was Born
|
Aflac Inc.
|
|
Supply Chain Security for Critical Energy Infrastructure
|
|
|
Advanced Smart Contract Hacking
|
Konstantinos Karagiannis
,
BT Americas
|
|
Passwords and Patching: The Forgotten Building Blocks of Enterprise Security
|
Microsoft Corporation
|
|
Smart Connected Devices and Security
|
|
|
Regulating Cyber(in)security as a Public Bad
|
University of Maryland University College
|
|
Infecting the Embedded Supply Chain
|
in8 Solutions
|
|
Effectiveness vs. Efficiency: 10 Capabilities of the Modern SOC
|
Splunk
|
|
The NIST Cybersecurity Framework: Building on Success
|
|
|
Nation-State Exploitation of Cryptocurrencies
|
|
|
Lessons Learned in Automating Decision-Making: Pitfalls and Opportunities
|
Bank of America
|
|
Future Forests: Realistic Strategies for AD Security & “Red Forest” Architecture
|
MWR InfoSecurity
|
|
From Ephemeral Infrastructure to Ephemeral Communications
|
|
|
SOC Automation, Enterprise Blueprinting and Hunting Using Open-Source Tools
|
Carbon Black
|
|
Identity = Security (Neustar)
|
|
|
Software Bill of Materials: Progress toward Transparency of Third-Party Code
|
Allan Friedman
,
NTIA / US Department of Commerce
|
|
AI and Machine Learning: Managing the Risks of Major Lawsuits
|
|
|
12 Ways to Hack 2FA (Overflow)
|
KnowBe4, Inc.
|
|
(ISC)2 CCSP® Cloud Security Professional Two-Day Crash Course
|
|
|
Top 10 Security Disasters in ML: How Laurel and Yanny Replaced Alice and Bob
|
Davi Ottenheimer
|
|
Japan’s New Cybersecurity Strategy to Close an IoT Gap
|
|