Cybersecurity

Web App and API Security Done Right

The bottom line is: If you are not adequately protecting your web apps and APIs, you are not adequately protecting your data.

Full Description

Speakers

Mohit Bhasin

Senior Product Marketing Manager Palo Alto Networks
Mohit is the Product Marketer for the Prisma Cloud team focusing on Web Application and API Security. He has a passion for understanding and solving customer problems. He has a Bachelor of Science in Computer Engineering and a Masters in Business Administration.

Geoff Sindel

Principal Web Application and API Security Architect Palo Alto Networks
Geoff Sindel is a Principal Web Application and API Security Architect with more than two decades of experience designing and implementing secure software on the web. An agilist and polyglot, I have helped organizations, from small startups to multinational enterprises, create cloud-native web applications and APIs. I am passionate about DevSecOps and eager to understand how we can help you simplify and strengthen your web application and API security.

Web App and API Security Done Right

  •  Today, web apps and APIs are the most common medium for sharing and modifying data. As Web apps and APIs evolve, so does the attack surface.
  • The bottom line is: If you are not adequately protecting your web apps and APIs, you are not adequately protecting your data.
  • Join this session to learn how Prisma Cloud can help secure your critical web applications and APIs on ANY cloud native architecture and the data behind them.

Sponsored by

Cybersecurity

Three Critical Factors in Building a Comprehensive Security Awareness Program

Apr 6th, 2022 @4:00 pm
Three key elements form the foundation of a successful awareness education program: knowledge of audiences, pervasive and continuous communication and interactive education on security tactics. Security and risk management leaders should use this research to implement a comprehensive program.

Full Description

Speakers

Joanna Huisman

SVP of Strategic Insights & Research KnowBe4
Joanna Huisman is a marketing, training and communications professional with over 20 years of experience in strategic, internal and customer-facing engagements in the financial services/tech industries with added experience in sales, operations and organizational development. She was previously senior research director at Gartner in the areas of security awareness, education, behavior management, culture, crisis communications security and risk program managem

Three Critical Factors in Building a Comprehensive Security Awareness Program

Three key elements form the foundation of a successful awareness education program: knowledge of audiences, pervasive and continuous communication and interactive education on security tactics. Security and risk management leaders should use this research to implement a comprehensive program.

Join Joanna Huisman, SVP of Strategic Insights & Research at KnowBe4, as she shares how your organization can level up your security culture and empower your last line of defense against cyber attacks – your users. She’ll go over key challenges such as:

  • Why most people forget the majority of what is presented in a training program that occurs infrequently.
  • Why interactive simulations produce higher levels of skills retention than the mere presentation of recommended security actions, but can be difficult to measure compared to other awareness metrics.
  • Why audiences are bored by education programs that fail to leverage a variety of media and content styles.

Cybersecurity

Stop Ransomware Dead in its Tracks: Breaches Need to Move. Don’t let Them.

Speakers

Tony Lauro

Director of Security Strategy Akamai
Tony is currently Director of Security Strategy for Akamai Technologies. He's been involved with Information Security since the late 90's when he worked for a large US based telecom provider. Since then Tony has worked with Akamai’s top global clients to provide cyber security guidance, architectural analysis, web application and network security expertise. With over 20 years of Information Security operations experience Tony has worked and consulted in many verticals including finance, automotive, medical/healthcare, enterprise, and mobile applications. He is currently responsible for Akamai’s North / Central / South American clients advising in the areas of adversarial resiliency, security architecture, and cyber security strategy. Tony’s previous responsibilities include consulting with public sector/government clients at Akamai, managing security operations and pen testing for a mobile payments company, and overseeing security and compliance responsibilities for a global financial software services organization.

Ariel Zeitlin

Co-Founder & CTO Guardicore

Stop Ransomware Dead in its Tracks: Breaches Need to Move. Don’t let Them.

Cybersecurity

Why the Cloud Requires a Platform-centric Approach to Get Cloud Security Right

Apr 6th, 2022 @3:00 pm
Enterprises across the globe are expanding to the cloud to power their business in new ways at a scale never before thought possible.

Full Description

Speakers

Keith Mokris

VP, Product Marketing, Orca Security Orca Security
Keith Mokris leads product marketing and evangelism for Orca Security, the industry's leading agentless cloud security platform, where he is focused on helping enterprises secure their cloud environments and applications. Previously, he was Director of Product Marketing for Prisma Cloud. He also led product marketing at Twistlock, the container security company acquired by Palo Alto Networks, and NowSecure, a mobile security startup. In his free time, he enjoys playing chess and taking landscape and street photos. He lives in Portland, OR.

Why the Cloud Requires a Platform-centric Approach to Get Cloud Security Right

Enterprises across the globe are expanding to the cloud to power their business in new ways at a scale never before thought possible. By leveraging cloud infrastructure services and cloud native architectures like containers, Kubernetes and serverless, teams can deploy more quickly and deliver more value to internal and external stakeholders.
At the same time, security teams need to ensure cloud infrastructure is configured properly, compliance is achieved, and vulnerabilities are remediated — a huge challenge without the right tools. In this session, join Orca Security VP of Product Marketing Keith Mokris to explore:

  • The latest trends in cloud adoption
  • Risk that security teams need to be aware of
  • How cloud native application protection platforms aka CNAPPs present an opportunity to get cloud security right 

Cybersecurity

Modern Web Apps and APIs Require Modern Security

Apr 6th, 2022 @2:00 pm
The number of web applications and APIs exposed to the internet are growing exponentially.

Full Description

Speakers

Elad Shuster

Product Manager Palo Alto Networks
Elad is the Product Line Manager for Web Application and API Security - Palo Alto's cloud native application firewall. With over 10 years of experience as a cyber security practitioner, Elad has presented his work in leading security conferences such as Blackhat and OWASP's AppSec USA and Europe. Prior to joining Palo Alto Networks, Elad led a team of security researchers at Akamai, exploring new trends and emerging threats in the world of web application security.

Mohit Bhasin

Senior Product Marketing Manager Palo Alto Networks
Mohit is the Product Marketer for the Prisma Cloud team focusing on Web Application and API Security. He has a passion for understanding and solving customer problems. He has a Bachelor of Science in Computer Engineering and a Masters in Business Administration.

Ory Segal

Cloud Security Palo Alto Networks
Ory is a world-renowned expert and veteran in application security with 20+ years of experience. Ory joined Palo Alto Networks through the acquisition of PureSec, where he was the CTO and co-founder. Ory holds numerous patents in the field of application security. Ory serves as an officer of the Web Application Security Consortium (WASC), former CSA Israel Chapter Board Member and former OWASP (IL) board member.

Modern Web Apps and APIs Require Modern Security

The number of web applications and APIs exposed to the internet are growing exponentially. Unsecure web applications and APIs are low hanging fruit that attackers are targeting to steal sensitive data. In a recent report “State of the Web Security for H1 2020,” CDNetworks highlighted that, in particular, web application attacks rose by 800%
Legacy WAFs can no longer provide comprehensive coverage for cloud native architectures, since attackers are looking to exploit unsecured Web Apps & APIs. Application Security and infrastructure teams require a holistic solution with comprehensive protection across the full application lifecycle.
In this webinar, join our product leadership to learn more about the problems organizations face and how Prisma Cloud can secure your Web Apps and APIs on ANY cloud-native architecture.

Cybersecurity

The Rising Importance (and Pitfalls) of Compliance Automation Software for SaaS Companies

Apr 6th, 2022 @1:00 pm
Compliance automation software is creating a sea change in the compliance world. What are the benefits and drawbacks of these software tools?

Full Description

Speakers

Scott Schwan

Chief Product Officer A-LIGN

Brian Elmi

VP of Product Drata
As VP of Product, Brian leads the Product team at Drata, where he focuses on helping organizations achieve and maintain compliance using advanced automation technology. A veteran in product leadership with over 15+ years of experience building B2B and B2C products, Brian has led teams at Intuit, NTENT, Mitchell, and co-founded Videonary. Most recently, he was part of the product leadership team at Intuit, building and scaling its TurboTax Live offering. Brian resides in San Diego and enjoys hiking and spending time with his kids in his spare time.

The Rising Importance (and Pitfalls) of Compliance Automation Software for SaaS Companies

Compliance automation software is creating a sea change in the compliance world. What are the benefits and drawbacks of these software tools? Where is the compliance automation industry headed? In this discussion, A-LIGN’s Chief Product Officer, Scott Schwan and guest will discuss these questions and the impact compliance automation has had and will have on the world of business.

Cybersecurity

The Evolution of DDoS Extortion: The Ramifications of the Latest Geo-Political Event Attackers on your Security Postures

Apr 6th, 2022 @12:00 pm
Your risk of a DDoS attack and proof that attackers can carry out their attacks successfully has risen significantly since 2020.

Full Description

Speakers

Tony Lauro

Director of Security Strategy Akamai
Tony is currently Director of Security Strategy for Akamai Technologies. He's been involved with Information Security since the late 90's when he worked for a large US based telecom provider. Since then Tony has worked with Akamai’s top global clients to provide cyber security guidance, architectural analysis, web application and network security expertise. With over 20 years of Information Security operations experience Tony has worked and consulted in many verticals including finance, automotive, medical/healthcare, enterprise, and mobile applications. He is currently responsible for Akamai’s North / Central / South American clients advising in the areas of adversarial resiliency, security architecture, and cyber security strategy. Tony’s previous responsibilities include consulting with public sector/government clients at Akamai, managing security operations and pen testing for a mobile payments company, and overseeing security and compliance responsibilities for a global financial software services organization.

Larry Cashdollar

Principal Security Intelligence Response Engineer Akamai

The Evolution of DDoS Extortion: The Ramifications of the Latest Geo-Political Event Attackers on your Security Postures

Your risk of a DDoS attack and proof that attackers can carry out their attacks successfully has risen significantly since 2020. Mostly driven by the largest global extortion campaign ever launched. Unlike other extortion activity from years past, where there was little follow-through on the actual threat, recent show-of-force attacks reached 500+ Gbps — a clear sign of highly capable and motivated threat actors. The extortion campaign signaled a notable shift in targeted verticals, with attackers expanding beyond commonly hit industries like finance & commerce, catching many software/high tech organizations off guard and left scrambling for protection.

In light of recent global geo-political events attackers have been even more unpredictable, determined, and incentivized than ever before, it’s time to rethink DDoS defenses. We’ll discuss: – An understanding of the evolution of DDoS extortion – The ramifications on current security postures – The latest best practices to fight back and reduce your risk to you and your customers.

Cybersecurity

Stopping Attacks, Not Your Business: A Case Study with Hyosung America

Apr 6th, 2022 @11:00 am
With cyber-attackers continuously searching for new ways to outpace security teams, it can lead to a struggle to fight back without disrupting business operations.

Full Description

Speakers

Marcus Fowler

SVP, Strategic Engagements and Threats Darktrace
Marcus Fowler spent 15 years at the Central Intelligence Agency developing global cyber operations and technical strategies, until joining Darktrace in 2019. He has led cyber efforts with various US Intelligence Community elements and global partners, and has extensive experience advising senior leaders on cyber efforts. He is recognized as a leader in developing and deploying innovative cyber solutions. Prior to serving at the CIA, Marcus was an officer in the United States Marine Corps. Marcus has an engineering degree from the United States Naval Academy and a Masters’ Degree in International Security Studies from The Fletcher School. He also completed Harvard Business School’s Executive Education Advanced Management Program.

Marc Paust

Executive Director, Information Security and IT Operations Hyosung America
Marc is responsible for driving Hyosung’s Information Technology Strategy and Operations. Marc also leads the Information Security team and champions resilient, secure and adaptive technology solutions. Marc believes in being excellent at the basics and the elegance of simplicity. Marc brings over 25 years of experience to the industry and has held key technology and security leadership roles. Marc holds an Executive Certificate in Leadership and Management from The MIT Sloan School of Management and attended Rockhurst University and DeVRY University studying Organizational Leadership and Technical Operations Management. Prior to entering the world of technology, Marc served as an Infantryman in the 10th Mountain Division (LI) of the US Army. https://www.linkedin.com/in/marcpaust/ You can be secure, and compliant – and nothing is “out-of-scope”.

Stopping Attacks, Not Your Business: A Case Study with Hyosung America

With cyber-attackers continuously searching for new ways to outpace security teams, it can lead to a struggle to fight back without disrupting business operations. Join Marcus Fowler, SVP Strategic Engagements and Threats at Darktrace, and Marc Paust, Executive Director, Information Security and IT Operations at Hyosung America, as they explore the benefits of Autonomous Response as a must-have that goes beyond ‘defense.’

Cybersecurity

Ransomware Risk in 2022: See Into the Wild

Jan 12th, 2022 @11:00 am
Ransomware attacks are increasing but because in many cases the ransom is paid and few details are leaked, the mechanics of ransomware attacks are poorly understood. How do these attacks work and what are the different stages?

Speakers

Paul Paget

Ransomware Risk in 2022: See Into the Wild

Cybersecurity

Container Orchestration is Here, What Does it Mean for Security?

Jan 12th, 2022 @3:00 pm
The use of containers to deploy and manage production applications is a growing trend across most business sectors. But with technologies like Docker and Kubernetes, there can be a lot of buzzwords that obscure what’s going on from a security standpoint. What do security teams need to be thinking about as they adopt containers and what are some of the pitfalls they'll encounter?

Speakers

Rory McCune

Cloud Native Security Advocate Aqua Security
Rory is a cloud native security advocate for Aqua who has extensive experience with Cyber security and Cloud native computing. In addition to his work as a security reviewer and architect on containerization technologies like Kubernetes and Docker he has presented at Kubecon EU and NA, as well as a number of other cloud native and security conferences. He is one of the main authors of the CIS benchmarks for Docker and Kubernetes, a published author on the topic of Cloud Native Security and also developed and delivered one of the first training courses on Container security at Blackhat. He is also an active member of the cloud native community working with both the Kubernetes project as a member of SIG-Security and the Cloud Native Computing foundation on their security technical advisory group. When he's not working, Rory can generally be found out walking and enjoying the scenery of the Scottish highlands.

Container Orchestration is Here, What Does it Mean for Security?

Privacy Notice

This privacy notice discloses the privacy practices for (www.ascentconf.com). This privacy notice applies solely to information collected by this website. It will notify you of the following:

Information Collection, Use, and Sharing

We are the sole owners of the information collected on this site. We only have access to/collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone.

We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g. to ship an order.

Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this privacy policy.

Your Access to and Control Over Information

You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:

Security

We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.

Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the Web page.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

If you feel that we are not abiding by this privacy policy, you should contact us immediately via telephone at 202-256-9707 or [email protected].