Risk 2022 Agenda Session

The sessions are listed in random order and do not reflect the actual timeline.
Also, the exact titles and presenters are subject to potential changes.


Trellix and Living Security - it’s good to be different"Its good to be different…..XDR is a unique market growth opportunity, our customers and partners are telling us that in order to unlock its power we all need to think differently: - A different approach to the customers opportunities and challenges - A different approach to a security architecture - A different approach to partnering We are TRELLIX. We are LIVING SECURITY. We are DIFFERENT."Ed Baker - VP Channel DirectorTrellix
XDR – Why it’s a must for Enterprises"Enterprises require a comprehensive and proactive security strategy to protect their whole landscape of IT assets, including legacy endpoints, mobile devices, and cloud workloads, without overburdening their employees and in-house management resources. Security personnel are battling a deluge of data that leads to alert overload, too many false positives and a lack of data integration with analysis tools or incident response, all while operating under unprecedented levels of stress. our director for EMEA East Michal Ostrowski, outlines the benefits of extended detection and response capabilities, explaining why it must form a key part of organisations’ security strategy."Michal Ostrowski - Senior Director EMEA EastTrellix
One Cloud to rule them all"Forcepoint ONE is a true all-in-one cloud platform that makes security as simple as 3-2-1 for distributed organizations with remote and hybrid workers. It gives employees, contractors, and other users safe, controlled access to business information everywhere—on the web, in the cloud, in private applications—while keeping attackers out and sensitive data in. It’s a unified cloud platform that integrates Zero Trust and SASE Security Service Edge (SSE) technologies so that organizations can manage one set of policies, in one console, with one endpoint agent."Eran Amir - Solution Architect, EMEAForcepoint
Don’t make it easy for hackers: Thwart ransomware and identity-based attacks!"The latest types and versions of ransomware attacks are becoming extremely hard to notice by the naked eye, so even expert users may eventually get tricked. Although you can’t completely eliminate the risk of users opening malicious attachments or clicking the wrong links on the internet, but you can identify and mitigate weak spots in your security posture to minimize threats and potential damage — if you have the right anti-ransomware tools in place. Learn in our session, how to protect from cyberattacks: - Introduction to the anatomy of ransomware and identity-based attacks - How to prevent ransomware by protecting your privileged accounts, rigorously enforcing least privilege and locking down Group Policy. - How to detect ransomware and identity-based attacks in their early stages to save your business."Rosario Bonanno - Solutions Engineer, EMEANetwrix
Identities. Data. Applications. The driving forces of cyberresiliency"Every company on the planet has three very critical dimensions to protect: identities, data and applications. Long gone are the times where organizations should focus on one aspect of cybersecurity, be it the perimeter, the endpoint or the cloud. Now, the journey from cybersecurity to cyber resiliency requires a holistic approach and fully comprehension of the driving forces in the defense... and the attack vectors. A robust and solid ecosystem requires a mission and vision, purpose and promise that is systematic... and systemic. That's the shift in perception. That is what is required to protect and defend: identities, data and applications."Ramsés Gallego - International Chief Technology OfficerCyberRes, a Micro Focus line of business
Block-chain Principles for Defensive and Offensive Application Security Approach"New innovative Block-chain principles are utilized to provide superior Application Protection by using methods of Crypto identity to track and score accounts that access publicly exposed Web and API applications. The unique approach utilizes basic block-chain concepts such as Smart contracts, Token exchanges and Proof-of-Work (PoW) to establish a trust score per account, by that leverage various behavioral algorithms to detect and apply both defensive methods as well as offensive/punishment methods on abnormal account behavior. Use-cases such as: Advanced Bot Captcha-less detection and mitigation, Protection of Block-chain platforms (B2B/B2C attacks) will be discussed."David Aviv - CTO & VP Advanced SolutionsRadware
Take back the cyber advantage - Network Intelligence for Advanced Defense"ExtraHop helps end customers and partners improve cybersecurity threat response times by 84% and resolve downtime 90% faster."Richard Wieneke - Regional Manager ExtraHop
Christmas Hancitor - Preventing Cuba's Threat"The story of a Christmas Eve incident response case, defending from the Cuba Gang in real time and OpSec stories."Camill Cebulla - Head of European BusinessGroup IB
How to Leverage Threat Data for Automated Incident Response - Learn How Data Normalization and LogRhythm’s Smart response feature can Protect your Organization"For many years, the Cyber Security industry has been promoting a wide array of defensive solutions, many aimed at preventing Intrusion and Data theft, Most of these solutions offer differently formatted data, and it is becoming more challenging than ever for Analysts to leverage a unified response to ongoing threats. LogRhythm unique Data Uniformization, offers analyst’s unprecedented response capabilities to commonly undetected threats. Join Matthew Platten – CISSP, European Channel Sales Engineer at LogRhythm to learn how LogRhythm provides Data Uniformization and how structured data can be utilized for unparalleled automated incident response, addressing many risks in an increasingly growing threat landscape."Matthew Platten - Channel Presales Engineer EuropeLogrhythm
Rethinking cybersecurity in the digital transformation age - Secure Service Edge"Digital transformation marks a rethinking of how an organization needs to protect their assets. Secure service edge (SSE) is a new way of looking at security that bundles together threat protection, data security, and other capabilities to safeguard access to the Web, cloud services, and private apps. Security service edge (SSE), as defined by Gartner, is a convergence of network security services delivered from a purpose-built cloud platform. Security Service Edge (SSE) is, and how it helps meet the security needs of companies that are increasingly adopting hybrid work, cloud and SaaS."Boubker El Mouttahid - Global Cloud Security Architect & StrategistSkyhigh Security
How to Create a Secure Code Pipeline in Modern App Development "Developing secure modern applications has become increasingly complex. With so much functionality to deliver, turning raw code into something that brings value to customers’ lives without adding risk seems more difficult each day. Given the threats to modern applications, security testing is no longer an option. Today it’s an integral part of the development pipeline. And when it comes to securing applications, the sooner and simpler that vulnerabilities can be detected, the better, saving devs and AppSec teams time, effort, and cost. "Leon Maister - Senior Application Security ExpertCheckmarx
Cloud Data, Cloud Apps, Cloud Networking .. what about Cloud Security? - Provide pervasive user, data and application security by leveraging the SASE approach"Business Data and Business Applications are moving to the Cloud, while the users accessing those are no longer working from the company HQ, but rather from their home, remote offices or from a beach somewhere. We will take a closer look at how the SASE approach enables secure, reliable and monitored access for remote and hybrid workforce, while still providing all required mechanisms to IT and Security Managers."Stojan Rančić - IT Architect, Security - CCIE, CCSI, SFCENIL d.o.o.
When malware becomes an ethical hacker’s best friend"Red Teaming is a well-planned large-scale and on an organization, carried out by ethical hackers. It is a combination of testing the security of your IT assets and the resilience of employees to social engineering techniques. But it should not be considered “hacking all over the place”; it is a carefully planned, scheduled, and coordinated attack that takes place over a long period of time and contains all the elements of a real cyber-attack. It is not only the knowledge but also the creativity of the pentesters that comes into play, as each organization is its own ecosystem. In this talk, we will present one of the creative approaches to an intrusion where an existing malicious code was exploited to take over a system. It turned out that this malicious code had been installed on the customer’s system for more than ten years, waiting for its chance. A real-time bomb! Harmless by itself, but in the right hands (potentially) a disaster."Matjaž Kosem - CEO, Grega Prešeren - CTO, Andrej Gornik - Senior Penetration TesterCarbonsec d.o.o.
Risk & Context Based Vulnerability Management"If your organization fails to prioritize the right set of vulnerabilities, attackers will prioritize them for you. With today's hybrid infrastructure, figuring out the right vulnerabilities to prioritize based on risk can be a daunting task, but it doesn't have to be. Determining risk requires an in-depth understanding of the assets, the vulnerabilities impacting them, and their associated threats. Once understood, reducing risk requires an approach that balances and converges the needs of people, process and technology to offer closed-loop remediation. Find out how a new integrated approach from Qualys can help organizations discover assets, find and prioritize vulnerabilities, and finally remediate them all from a single platform."M. Alper Koç - Regional Technical Manager, SEE & TurkeyQualys
Advantage for all"Mandiant company solutions portfolio presentation."TBDMandiant
Razsvetlimo temo! - Kaj najdemo o vas na Darknetu? ""Če želite dvigniti nivo kibernetske odpornosti vaše organizacije, morate upoštevati tudi aktivnosti “darkneta”. Pri tem vam lahko pomaga ekipa S&T SOC s storitvijo ""darknet monitoring-a"", ki vključuje anonimen in varen vpogled v temne kotičke interneta."Jure Pečar - Tehnični svetovalec za informacijsko varnostS&T
Road to passwordless"Using passwords for the better part of two decades has left us with hundreds of systems requiring passwords leading to a “strategy” of repeating, weak and easily attacked passwords. What is passwordless? Passwordless is a promise. A promise of a future where authentication is simplified and security baseline increased across your organization. The path of passwordless begins with SSO and the presentation will address the phases of a passwordless rollout."Bojan Radulović - Technical presales engineerCisco
Two faces of DNS - From attacker side and from defender side"Some attacks are complex, some are trivial. As defenders, we are thinking about the obvious ways for attacker. And attackers are responding to this by using different tactics. Short examples of attacks that we have seen in a real world with focus on how DNS protocol was used in them. Why DNS you might ask? Most of the traffic need to start with this protocol. For any domain name we need to know destination IP address. So let’s think as an attacker. DNS is protocol that transfer some data inside as well. Therefore, it is the data space that can be abused. Let’s have a look what we can do with that and how to protect our organization."Jan Rynes - Solutions ArchitectInfoblox Inc
Remote Access Risk Factors – Why Zero Trust is essential"Remote working has been common practice for years, and home office has also gained tremendous traction since 2020 and is being implemented on a large scale. As a result, requests for privileged remote access and remote support are increasing to support the expanded remote workforce. Cyber hackers are already taking advantage of privileged users located outside of company networks. For this reason, it is essential to implement IT security tools that enable secure remote access and remote support for the entire workforce and external service providers, regardless of whether they are physically located in the company, working from home or remote locations. It is important to act fast from a security perspective, to deny opportunist hackers and potential threats. This session will talk about secure access as part of a Zero Trust security approach, which simultaneously ensures that your company’s efficiencies remain in perfect health. Focus of this session: • Risk factors associated with remote access and how to address them • How improperly managed remote access impacts the attack chain • Essential advice on enabling remote workers and maintaining productivity levels • Benefits of a secure Remote Access Solution."Damien Brown - Director, Solutions EngineeringBeyondTrust
Cyber warfare never ends"The most common cyber attacks and how to defend against them. Active SOC as an effective solution. Are organizations ready to join the SOC?"Michael Belda - Channel Sales Manager, Petr Todorov - Presales ManagerNovicom s.r.o.
Teorija je eno, praksa drugo? Primeri reakcij na varnostne incidente iz prakse"Misel, da je Slovenija (pre)majhna država, da bi bila tarča za kibernetski kriminal oziroma nezanimiva za tovrstne napade, nam daje predvsem lažen občutek, da se nam ne more prav nič zgoditi. Podatki SI-CERT-a potrjujejo, da se je največ tovrstnih resnih napadov zgodilo prav v Sloveniji. Večina slovenskih podjetij ima tradicionalno postavljeno IT infrastrukturo in daje premalo poudarka kibernetski varnosti. Je potemtakem informacijska varnost na ustrezni ravni ali ima večina teh podjetij lažen občutek varnosti?"Boštjan Kavčič - Sistemski inženir, Erik Veršec - Omrežni inženirUnistarPRO
Boost your M365 protection with Barracuda SaaS"Best practices and tips on how to secure current Microsoft Office 365 infrastructure or look at how your business can easily and securely move from your on-premises email to Office 365."Michal Zalewski - Sales EngineerBarracuda Networks
360°upravljanje končnih naprav kot storitevLuka Bijelič, Gregor ZebecTelekom Slovenije

Technical Workshops

eXtended Detection & Response Workshop - What we should expect from XDR technology and what not?"During the workshop you will get deep dive knowledge about XDR market overview, technical requirements and architecture perspective."Damian Hoffman - Senior System EngineerTrellix
Mission: proactive hunting - How to find an insider attacker using different technology? "During the workshop you will get a knowledge how to use different hunting technics and build an effective security infrastructure."Damian Hoffman - Senior Security EngineerTrellix
Forcepoint ONE – The data-centric SSE solution"Forcepoint ONE is a true all-in-one cloud platform that makes security as simple as 3-2-1 for distributed organizations with remote workers. This workshop will show it all – all data, all channels, all use cases."Amir Eran - Solution ArchitectForcepoint
Risk-Adaptive Data Protection"Forcepoint is delivering greater personalization and automation to DLP policy enforcement while directly addressing the huge data growth problems organizations of all sizes are facing. Personalized automation with Forcepoint DLP and Risk-Adaptive Protection is enabling tremendous efficiency gains in managing security incidents (up to 75% reduction in incidents)."Amir Eran - Solution ArchitectForcepoint
Auditing and reporting for compliance with Netwrix Auditor"Compliance is always a painful experience. The growing complexity of your IT infrastructure makes it hard to know whether your internal controls are working, and every upcoming audit forces you to spend weeks or even months collecting the evidence auditors will demand. Learn in our session, how to ensure enterprise-wide visibility into on-premises and cloud-based systems and applications to help you establish proper information security controls and validate that those controls are aligned with the specific provisions of the regulation you need to comply with: - How to automate compliance processes and preparation for the audits with predefined reports that provide hard evidence of your compliance in human-readable format. - How to mitigate the risk of compliance failures and problems with the integrity, availability and confidentiality of data. - How to investigate incidents that happened in the distant past, by retaining your complete audit trail in a cost-effective storage."Rosario Bonanno - Solutions Engineer, EMEANetwrix
Achieve and maintain Active Directory Security with StealthAUDIT and StealthDEFEND"While most organizations focus on analyzing and controlling access to the data and resources Active Directory is facilitating access to, they often lack visibility into the security of AD itself and the myriad of tactics, techniques, and procedures attackers have developed to compromise this beating heart of any organization’s IT infrastructure. Active Directory is secure and efficient when it’s clean, understood, configured properly, monitored closely, and controlled tightly. In our session you can learn, how to: • Inventory all objects, policies, & configurations to obtain a complete view of your AD footprint. • Analyze relationships between objects, permissions, access rights, and toxic conditions to prioritize risks and remediation efforts. • Clean up stale and unneeded objects to limit risk and unnecessary exposure while alleviating administrative burden. • Monitor changes to critical objects signifying attacker attempts to compromise credentials and circumvent security controls in order to achieve persistence. • Protect critical objects from unauthorized change or access, remediate vulnerabilities, prevent credential abuse & privilege escalation."Rosario Bonanno - Solutions Engineer, EMEANetwrix
SecOps Workshop - A Race against Time - CyberRes ArcSight"This workshop covers how ArcSight SecOps solutions help organizations in reducing the Exposure Time by decreasing the time to detect (Detection Time) and time to respond (Response Time) through industry-leading machine-learning techniques and automation."Arun George - SecOps Sales Lead, Emerging MarketsCyberRes - a Micro Focus line of business
Enabling DevSecOps in Your Organization Based on Fortify "This is a technical session with mixed presentation/demo parts illustrating how Fortify Platform enables Security within DevOps based on real use case scenarios."Yaroslav Popov - Application Security Presales Portfolio Leader, InternationalCyberRes - a Micro Focus line of business
Data Breach Simulation in Public Cloud Service"Step-by-step walkthrough of a data breach simulation in Cloud Workload Service."Eran Danino - Regional Sales Manager, CEERadware
Bot Manager Account Take Over Attack Demo"Step-by-step walkthrough of an account take over (ATO) attack and Bot Manager protection stopping it."Eran Danino - Regional Sales Manager, CEERadware
Shields Up - Defend yourself"With ExtraHop ShieldsUp Threat Briefing you can check your attack surface for typical threat actors."Michael Rohsé - Sr. Sales EnginnerExtraHop
ExtraHop´s catch of the day: Ransomware"In this workshop we will demonstrate, how the Network Detection and Respone (NDR) solution from ExtraHop will help to detect and mitigate Ransomware attacks."Michael Rohsé - Sr. Sales EnginnerExtraHop
What would you do if you knew you left your home door wide opened? - How your company is seen by hackers?"Asset Zero external asset system management.It is a comprehensive, intelligence-based SaaS solution designed to assess and help you manage your attack surface. The tool provides a complete view into the assets communicating with the external environment, identifying those that may be potential attack vectors and providing the ability to take action to mitigate risk and remediate vulnerabilities Task management is accomplished through a clear and easy-to-use user interface."Michal Borowiecki - Regional Sales Director EEGroup-IB
Digital Risk Protection solution: overview and use cases"Recap of the most damaging scams of 2021, use-cases."Dmitrii Tiunkin - Head of Digital Risk Protection, EuropeGroup-IB
Critical Capabilities for Security Service Edge"Protecting and enabling transformation to a modern digital workplace requires an adaptable security architecture that enables secure remote working, protects diverse set of end user devices and data across a multitude of cloud services. during this workshop we will cover best practices and demo use cases for workplace security."Boubker El Mouttahid - Global Cloud Security Architect & StrategistSkyhigh Security
Next-Gen SIEM - Defending against a Live Ransomware Attack"Leveraging Kali Linux, Himanshu will preform a live ransomware attack where you will see the LogRhythm Next-Gen SIEM detect and respond."Himanshu Tonk - Enterprise Sales EngineerLogRhythm
Collaboration - The main security featureTBDTBDMandiant
Use of DNS as attacker tool"Detail look at different techniques how attacker can use DNS as transport protocol. When attacker want to infiltrate or exfiltrate files by tunnelling DNS protocol. What we are looking for and how to investigate threats. What bring the new DNS protocols Like DNS over HTTPS and DNS over TLS. What impact this have on security."Jan Rynes - Solutions ArchitectInfoblox Inc.