Whilst ESET end point security is known for its effectiveness and strength in blocking Malicious code, ESET XDR provides an additional layer of defence where we are able to detect malicious actors performing malicious behaviour on the network without initially deploying malware. For example common everyday tools like “Powershell” can be used in a compromised end point to port scan the whole network for other vulnerable devices on the network and from there plan an attack to attain the domain password. Come to this workshop to learn how ESET XDR can be used to do threat hunting and a MDR analyst is able to do an investigation and remediate that threat quickly. Come and see how global leader in attack simulation Attack IQ can be used to perform a sandworm attack on ESET XDR and how we track those techniques against the Mitre Attack framework. The workshop will include a panel discussion with leading experts from Advantage, Chillisoft and Attack IQ discussing how important it is to continuously validate your security posture using the most virulent attack techniques known to the industry.

AGENDA

9.00 – 9.10
Welcome note from Anthony Rowell (Chillisoft ESET security specialist)

9.10 to 9.30
XDR presentation from Anthony Rowell (Chillisoft ESET security specialist)

9.30 to 10.15
Demonstration of a simulated sandworm attack on ESET EDR underpinned by LogRhythm SIEM using Attack IQ – Pierro Liebenberg (Chillisoft Technical director) and Lukesh Sadh (Chillisoft Security consultant)

10.15 – 11.00 
Fireside chat – The importance of XDR and security posture validation – Brad Pearpoint (Advantage Managing Director), Simon Howe (Attack IQ APAC VP) and Pierro Liebenberg (Chillisoft Technical Director) – hosted by Anthony Rowell

ExtraHop shaking things up for CyberSecCon2022.

9am-9.45am Hear from David Letele, founder of Buttabean Motivation. David is well known within the south Auckland (and wider) communities for his work with families in need. In 2022 he was awarded the Kiwibank Local Hero of the Year award.

David will share his story on his life journey, it’s quite the rollercoaster. He’s learnt through his business and his own life that there are unexpected intrusions everywhere. He learned hard lessons about developing the right frameworks and systems to support and build on.

9.45am -10am Hear from Ivan Reutskiy, General Manager of Security at 2Degrees.  Ivan will sit down with Rohan Langdon and they’ll have a chat about the role Extrahop plays within their environment.

10am – 11am. Hear from Khurram Waheed (KW) of Extrahop. currently specializes in NDR (Network Detection and Response) and ITOA (IT Operations & Analytics) solutions, having architected them for a wide range of customers. KW holds a CCIE certification, and has a US patent in ‘Detection of DoS attacks’. He’ll take you through a demo of Extrahop, and you can see the magic for yourself.

• Introduction to Imperva’s portfolio of Cybersecurity Controls from Application to Data Security.

• Overview of current and evolving API Threat Landscape

• Strategies for securing your API traffic and Endpoints

• • Addressing the 4 pillars of API Security 
    • Discovery & Classification

• • • Audit & Verification

• • • Detecting and Blocking Anomalies

• • • Remediating Threats

• • The role of an API gateway.  Do API gateways provide sufficient protection?

• • What about east-west API traffic?
  • OWASP API top 10. Solving for tougher API Security threats. BOLA, Mass assignment, BOTs…..etc
  • Importance of being able to detect and block/prevent attacks in Realtime and how it is achieved.
  • Comparing the effectiveness of point solutions to a single stack approach
  • Shifting left – How ongoing observation drives enhanced API validation, testing, and governance.

• Bringing it all together in a demonstration. 

• Q&A.

Cyber threats can lurk in your network for a long time, waiting for the right time to take down your organisation. 

Equipping your SOC teams with the right tools to expand their visibility and identify true positives will ensure that you are ready to defend against threats, both external and internal.

In this workshop, we will cover: 
• How LogRhythm NDR uncovers blind spots in your network and decreases mean time to respond with its built-in MITRE ATT&CK Engine
• How LogRhythm UEBA spots dangerous user-based activity in real time, allowing your team to stop the attack before critical data is exfiltrated
In addition, we’ll also be giving a sneak preview of our latest SaaS security intelligence platform.

As a bonus, we will also have LogRhythm’s Michael Bovalino and Barfoot & Thompson’s Anil Anna share the real estate company’s journey towards improved security visibility, threat detection and response. We’ll discuss the strategy used to mitigate risk, and to ensure the wellbeing of the company’s overall security posture.

This workshop will cover:

• Identity: The New Security Battleground
• The role of Identity in Digital Transformation and the move to Cloud
• A deeper look into recent data breaches and the use of compromised credentials  
• Introduction to CyberArk Identity Security Platform
• Implementing a Zero Trust Framework
• How to secure Human Identities: Privileged, Workforce and 3^rd Party Vendor
• Demo: A day in the life of a HR Manager, and the challenge of access
• Demo: A day in the life of an Infrastructure Admin, and the challenge of security
• How to secure Non-human Identities: Applications, DevOps and Robots
• Demo: Secrets Management in a DevOps Pipeline
• Find Shadow Admins in Cloud native Identities
• Demo: Scan my cloud
• Quiz and Prize time!
• Q & A

We now live in an era where attacks are becoming increasingly sophisticated, email continues to be the top attack vector and therefore, a place where the strongest possible protections must be applied. From dramatic spikes in ransomware to attacks that impact entire supply chains, the threat landscape isn’t what it was yesterday – nor will it be the same tomorrow.   In Mimecast sixth report on the State of Email Security – 86% of organization said email use has increased, with 70% expected an email-borne attack will damage their business.   This is up from 58% in 2020. Securing your organization is no longer just an ‘IT only problem’ but has now become the responsibility of all employees inside an organization.   Join Mimecast experts for this 2-hour workshop to ensure you are developing the best strategy for cyber defense in your organisation.

This workshop will cover:

• The current and future state of email security
• How to combat attacks early in the kill chain using the Mimecast portfolio
• A technical overview of Mimecast Email Security for analysts and admins
• The importance of your users in protecting your data
• The role of user behaviour reporting in risk