Has all the deep learning hype got you feeling down lately? Are you losing interest in hearing about how good convolutional neural networks are for image processing, and how recurrent neural networks will solve all your time-series woes? Join us, as we tour new developments in the field of machine learning and AI. We will cover topics ranging from graph neural networks to generative adversarial networks, and how these modeling techniques are making their way into cybersecurity!
We will decompose and discuss how Red Team exercises can be formulated and executed to simulate a real attack against your environment to test your readiness to handle an advanced attack. This session will not be prescriptive. Instead, it will give you the ability to formulate Red Teams specific to your environment. As a result, anyone interested in executing a Red Team themselves or hiring a Red Team will be interested in this session.
An analysis of the evolution of APT groups will quickly lead us to the present with the context to look at recent cloud attacks. We will also project forward what we are looking for and expect to see in the cloud attack landscape. If you’re interested in finding out what we’re thinking about for the cloud from a Security Research perspective and what it means for your cloud migration, this session is for you.
As organizations embrace the cloud, security teams are dealing with a new threat landscape - one that involves lesser control, many more users, even more hosts and frequent changes. Understanding that Infrastructure as a Service is the most common first step for organizations’ cloud journey, Vectra extends the same visibility and attacker behavior detection from on-premise to their AWS and Azure compute environments. Join this session to learn more about Cognito for your cloud.
Investigations require a broad and specialized set of skills, including malware analysis, forensic packet and log analysis, as well as the correlation of massive amounts of data from a wide range of sources. Security event investigations can last hours, and a full analysis of an advanced threat can take days, weeks or even months. Join this session to hear about real-world examples where simple best practices optimized SOC operations.
If you are an analyst that is responsible for alerts or hunting for attackers then we need to hear from you! The Vectra design team invites you to join them in imagining the future of Cognito and our platform. This will be an interactive session that will help us understand your greatest challenges and will give you a voice so that we can solve them.
Traditional wisdom indicates a security program requires SIEM technology at the center – in this talk, that premise as it’s currently implemented is explored and challenged. While security information and events will always require management, not all events are created equal or captured cost effectively and commensurate to risk. This talk is for CISOs, architects, and security decision makers – you’ll walk away with hard metrics on alternative architectures, and risk based methodologies for evolving your SOC.
No SOC is an island, you must work between dozens of systems to understand a breach. Many of your tools, including Cognito have their own APIs for automation. And what if you accessed these APIs together via a chat interface? In this session we will be using Python to build a chatbot that participants can take home with them to extend and integrate. We will be using various APIs and services to tell the story about detections, and allow remediation, all from the palm of your hand.
When you open Cognito Recall or your Cognito Stream endpoint, the first thing you will see is lots and lots of data. What data is there, and how you sort it is only half the battle. We will look at advanced approaches to visualize data to surface hidden insights. This discussion will also include pivoting between artifacts, the use of OSINT and how to make better conclusions.