Reserve your spot today!
Agenda

Vectra Hunt Club 2019 Agenda

Compelling keynotes, networking opportunities, knowledge sharing and more.

SESSION

Building a SIEMless SOC: The SIEM is Dead, Long Live the SIEM.

Traditional wisdom indicates a security program requires SIEM technology at the center – in this talk, that premise as it’s currently implemented is explored and challenged. While security information and events will always require management, not all events are created equal or captured cost effectively and commensurate to risk. This talk is for CISOs, architects, and security decision makers – you’ll walk away with hard metrics on alternative architectures, and risk based methodologies for evolving your SOC.

SESSION

Cloud Attacks: From APT1 to Cloud Future in 50 Minutes

An analysis of the evolution of APT groups will quickly lead us to the present with the context to look at recent cloud attacks. We will also project forward what we are looking for and expect to see in the cloud attack landscape. If you’re interested in finding out what we’re thinking about for the cloud from a Security Research perspective and what it means for your cloud migration, this session is for you.

SESSION

Designing the future of Cognito

If you are an analyst that is responsible for alerts or hunting for attackers then we need to hear from you! The Vectra design team invites you to join them in imagining the future of Cognito and our platform. This will be an interactive session that will help us understand your greatest challenges and will give you a voice so that we can solve them.

SESSION

Red Teams: Formulating Your Own Unique APT

We will decompose and discuss how Red Team exercises can be formulated and executed to simulate a real attack against your environment to test your readiness to handle an advanced attack. This session will not be prescriptive. Instead, it will give you the ability to formulate Red Teams specific to your environment. As a result, anyone interested in executing a Red Team themselves or hiring a Red Team will be interested in this session.

SESSION

Tales from the Trench: the largest challenges to boots on the ground

Investigations require a broad and specialized set of skills, including malware analysis, forensic packet and log analysis, as well as the correlation of massive amounts of data from a wide range of sources. Security event investigations can last hours, and a full analysis of an advanced threat can take days, weeks or even months. Join this session to hear about real-world examples where simple best practices optimized SOC operations.

SESSION

The state of AI

Has all the deep learning hype got you feeling down lately? Are you losing interest in hearing about how good convolutional neural networks are for image processing, and how recurrent neural networks will solve all your time-series woes? Join us, as we tour new developments in the field of machine learning and AI. We will cover topics ranging from graph neural networks to generative adversarial networks, and how these modeling techniques are making their way into cybersecurity!

SESSION

Using the Cognito API for fun and profit or at least getting a few hours back

No SOC is an island, you must work between dozens of systems to understand a breach. Many of your tools, including Cognito have their own APIs for automation. And what if you accessed these APIs together via a chat interface? In this session we will be using Python to build a chatbot that participants can take home with them to extend and integrate. We will be using various APIs and services to tell the story about detections, and allow remediation, all from the palm of your hand.

SESSION

What does the SOC of the future look like and how do I prepare for it? A panel discussion with security leaders

The SOC can optimize security as well as improve incident detection and response. It’s well understood that people, policies and technology are the foundation of a functioning SOC. However, the demands of a SOC are evolving quickly and many organizations are struggling to build one effectively and affordably. Join this session to learn about how to prepare for the expectations of a future SOC while still meeting your needs today.

SESSION

You have data - now what do you do with it? Threat hunting in Recall/Stream

When you open Cognito Recall or your Cognito Stream endpoint, the first thing you will see is lots and lots of data. What data is there, and how you sort it is only half the battle. We will look at advanced approaches to visualize data to surface hidden insights. This discussion will also include pivoting between artifacts, the use of OSINT and how to make better conclusions.

SESSION

“Someone else’s computer – still YOUR data!!” – Secure your cloud with Cognito.

As organizations embrace the cloud, security teams are dealing with a new threat landscape - one that involves lesser control, many more users, even more hosts and frequent changes. Understanding that Infrastructure as a Service is the most common first step for organizations’ cloud journey, Vectra extends the same visibility and attacker behavior detection from on-premise to their AWS and Azure compute environments. Join this session to learn more about Cognito for your cloud.

Training

One-day workshop on how to use Cognito

This crash course covers use of the Cognito Detect and Cognito Recall for SOC analysts. Topics covered include Cognito Detect and Cognito Recall overviews; UI walkthroughs; understanding attack campaigns and detections; user workflow; configuring triage rules for recurring behavior; and using Cognito Recall/Stream to pivot through the metadata for analysis and threat hunting.

This training workshop will include the Cognito Essentials and Cognito Advanced training workshops.

7:00 AM TO 9:00 AM

Reception and Registration

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

9:00 AM TO 10:00 AM

Breakfast

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

10:00 AM TO 11:00 AM

Keynote: Breakthrough for the Next Generation by Paul Doe

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

11:00 AM TO 12:00 AM

Break

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

12:00 AM TO 1:00 PM

Keynote: Breakthrough for the Next Generation 2 by Paul Doe

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

1:00 PM TO 2:00 PM

Break

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

3:00 PM TO 4:00 PM

Keynote: Breakthrough for the Next Generation 2 by Paul Doe

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

5:00 PM tO 6:00 PM

Break

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

7:00 AM TO 9:00 AM

Keynote: Breakthrough for the Next Generation 2 by Paul Doe

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

7:00 AM TO 9:00 AM

Reception and Registration

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

9:00 AM TO 10:00 AM

Breakfast

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

10:00 AM TO 11:00 AM

Keynote: Breakthrough for the Next Generation by Paul Doe

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

11:00 AM TO 12:00 AM

Break

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

12:00 AM TO 1:00 PM

Keynote: Breakthrough for the Next Generation 2 by Paul Doe

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

1:00 PM TO 2:00 PM

Break

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

3:00 PM TO 4:00 PM

Keynote: Breakthrough for the Next Generation 2 by Paul Doe

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

5:00 PM tO 6:00 PM

Break

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

7:00 AM TO 9:00 AM

Keynote: Breakthrough for the Next Generation 2 by Paul Doe

Etiam tristique, metus pretium rutrum elementum, risus tortor euismod urna, ac porta felis felis vel dui in bibendum justo vel pellentesque accumsan.

brochure
sponsors