#All

Definition of all tags. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

The state of AI

Has all the deep learning hype got you feeling down lately? Are you losing interest in hearing about how good convolutional neural networks are for image processing, and how recurrent neural networks will solve all your time-series woes? Join us, as we tour new developments in the field of machine learning and AI. We will cover topics ranging from graph neural networks to generative adversarial networks, and how these modeling techniques are making their way into cybersecurity!

Red Teams: Formulating Your Own Unique APT

We will decompose and discuss how Red Team exercises can be formulated and executed to simulate a real attack against your environment to test your readiness to handle an advanced attack. This session will not be prescriptive. Instead, it will give you the ability to formulate Red Teams specific to your environment. As a result, anyone interested in executing a Red Team themselves or hiring a Red Team will be interested in this session.

Cloud Attacks: From APT1 to Cloud Future in 50 Minutes

An analysis of the evolution of APT groups will quickly lead us to the present with the context to look at recent cloud attacks. We will also project forward what we are looking for and expect to see in the cloud attack landscape. If you’re interested in finding out what we’re thinking about for the cloud from a Security Research perspective and what it means for your cloud migration, this session is for you.

“Someone else’s computer – still YOUR data!!” – Secure your cloud with Cognito.

As organizations embrace the cloud, security teams are dealing with a new threat landscape - one that involves lesser control, many more users, even more hosts and frequent changes. Understanding that Infrastructure as a Service is the most common first step for organizations’ cloud journey, Vectra extends the same visibility and attacker behavior detection from on-premise to their AWS and Azure compute environments. Join this session to learn more about Cognito for your cloud.

Tales from the Trench: the largest challenges to boots on the ground

Investigations require a broad and specialized set of skills, including malware analysis, forensic packet and log analysis, as well as the correlation of massive amounts of data from a wide range of sources. Security event investigations can last hours, and a full analysis of an advanced threat can take days, weeks or even months. Join this session to hear about real-world examples where simple best practices optimized SOC operations.

Designing the future of Cognito

If you are an analyst that is responsible for alerts or hunting for attackers then we need to hear from you! The Vectra design team invites you to join them in imagining the future of Cognito and our platform. This will be an interactive session that will help us understand your greatest challenges and will give you a voice so that we can solve them.

Building a SIEMless SOC: The SIEM is Dead, Long Live the SIEM.

Traditional wisdom indicates a security program requires SIEM technology at the center – in this talk, that premise as it’s currently implemented is explored and challenged. While security information and events will always require management, not all events are created equal or captured cost effectively and commensurate to risk. This talk is for CISOs, architects, and security decision makers – you’ll walk away with hard metrics on alternative architectures, and risk based methodologies for evolving your SOC.

Using the Cognito API for fun and profit or at least getting a few hours back

No SOC is an island, you must work between dozens of systems to understand a breach. Many of your tools, including Cognito have their own APIs for automation. And what if you accessed these APIs together via a chat interface? In this session we will be using Python to build a chatbot that participants can take home with them to extend and integrate. We will be using various APIs and services to tell the story about detections, and allow remediation, all from the palm of your hand.

You have data - now what do you do with it? Threat hunting in Recall/Stream

When you open Cognito Recall or your Cognito Stream endpoint, the first thing you will see is lots and lots of data. What data is there, and how you sort it is only half the battle. We will look at advanced approaches to visualize data to surface hidden insights. This discussion will also include pivoting between artifacts, the use of OSINT and how to make better conclusions.

Conference Day 1

No items found.

Conference Day 2

No items found.