2019 Red Sky Security Conference

May 21 - 22, 2019
Mountain America Exposition Center

Salt Lake City, UT

There has never been a time where Cybersecurity has had so much to consider; from big data, artificial intelligence, and machine learning to cybercrime, intelligent malware, and global compliance. It’s clear that every IT role is now a security role.

The vision of the Red Sky Security Conference is to educate, elevate, and influence the discussion and practice of information security in this ever-changing landscape. Expect top security speakers, expert education, peer interactions, and both established and emerging technology demonstrations.

More Details

Why Attend?

Best Practices
Come learn from the experts who are here to share stories and lessons learned. From CISO to CTO to Whitehat Hacker, we've assembled an incredible cross-section of cyber-security talent.
Security Trends
It is an ever growing and changing landscape. Learning the latest threats and trends helps you and your organization be more prepared for them.
 
Top & Emerging Technologies
We have brought together a fantastic collection of established and emerging technology companies - All ready to discuss cutting-edge tools that better secure and protect your company data.
SHOW
YOUR EXPERTISE.
BUILD
YOUR NETWORK.
DISCOVER
THE LATEST TRENDS.
FREE LUNCH & SNACKS
DON'T MISS IT.

Keynote Speakers

Speakers

Expo Sponsors

Experience the Hacker Lounge

Join us at the Hacker Lounge where you can rest, recharge, learn, and have some fun. We will be hosting a number of self-paced workshops to hone an existing skill or maybe learn a new one. Presidio’s security engineers will be on hand for mingling or Q&A. We’ll be having a contest with prizes for the winners (hint – work on your typing skills).

Schedule

  • 21 May
  • 22 May

Location

9575 State St Sandy, UT 84070

Brian Krebs

Leading Cybercrime Journalist & New York Times Bestselling Author of Spam Nation
KrebsOnSecurity.com
When a computer worm - a malicious software program that can spread quickly - locked Brian Krebs out of his home computer in 2001, he felt exposed, vulnerable and utterly fascinated. Since then, Krebs, a seasoned investigative journalist, has dedicated his career to uncovering a particularly dark corner of the Internet and is widely recognized by security experts and criminals alike as the preeminent authority on cybercriminal syndicates and their tools. On his popular security blog, KrebsOnSecurity.com, Krebs exposes information that can’t be found anywhere else, shedding light on the digital underground and dangerous activities of profit-seeking cybercriminals who make billions off of pharmaceutical sales, malware, spam, heists and data breaches, like the ones at Adobe, Target and Neiman Marcus that Krebs was the first to uncover. Previously, as a longtime reporter for The Washington Post, Krebs authored hundreds of stories, including eight front-page reports and more than 1,300 posts for the Security Fix blog. The author of the New York Times bestseller and 2015 PROSE Award winner, Spam Nation: The Inside Story of Organized Cybercrime - from Global Epidemic to Your Front Door, Krebs provides unprecedented access to the well-hidden world that few outsiders have seen up close. Krebs has been featured on leading media outlets, including 60 Minutes, CNN, FOX, ABC News, and in the Wall Street Journal, Forbes and Bloomberg's BusinessWeek. Entrenched in the criminal underbelly of the Internet, with an innate journalistic drive, Krebs delivers fascinating insights into the inner workings of some of the world’s most significant (and dangerous) cybercriminal syndicates, breaking down their operations and mindsets to provide prevention and detection strategies that individuals and organizations can’t afford to miss.

21 May

Kevin Mitnick

World's Most Famous Hacker
Mitnick Security Consulting
Kevin Mitnick is the world's most famous hacker, bestselling author, and the top cybersecurity keynote speaker. Once one of the FBI's Most Wanted because he hacked into 40 major corporations just for the challenge, Kevin is now a trusted security consultant to the Fortune 500 and governments worldwide. Kevin and The Global Ghost Team™ now maintain a 100 percent successful track record of being able to penetrate the security of any system they are paid to hack into using a combination of technical exploits and social engineering. As a one-of-a-kind, public speaker, Kevin's presentations are akin to "technology magic shows", which include live demonstrations of the latest hacking techniques that educate while keeping people on the edge of their seats to help raise "security awareness" of individuals and organizations worldwide.

22 May

Arnie Shimo

Sr. Director Global Solution Architectures
Crowdstrike
Arnie has over 25 Years experience in Cyber and Computer Security and is currently the Senior Director for Global Solution Architectures at CrowdStrike. He’s responsible for leading a team of solution architects working to enable CrowdStrike Partners, globally, to deploy and integrate CrowdStrike solutions to protect their customer’s environments. Prior to joining CrowdStrike, Arnie spent 15 Years working in increasingly senior roles in Cyber Security and IT Solution Architecture within Lockheed Martin’s Information Systems and Global Solutions division designing innovative Cyber Security solutions for various government agencies including the FAA, DHS, FBI, and DoD. He was the Chief Technologist at LM’s NexGen Cyber Innovation and Technology Center in Gaithersburg, MD and his last assignment at LM was as CTO and Chief Architect under contract to the Department of Energy and the National Nuclear Security Agency (NNSA) redesigning the IT Architecture for the Y12 National Security Complex in Oak Ridge, TN and the Pantex Plant in Amarillo TX. Arnie began his career in the US Navy and got his first Cyber Security experience as a Terminal Area Security Officer for his command’s computerized maintenance system in 1991. Arnie currently hails from Kingston, TN just outside Knoxville and spends what little free time he has, boating and fishing on the lakes of East TN.

21 May

Cameron Williams

Co-Founder & CTO
OverwatchID
For more than 25 years, Cameron Williams has helped enterprise clients like IBM, Wells Fargo, Sony, BP, and dozens others keep their data safe and secure from data breaches, hacks, ransomware, and spear-phishing. As OverWatchID’s CTO, Cam leads all product design and product development, and is responsible for ensuring that that OverWatchID’s cloud-based converged identity security platform is meeting existing and future threats to identity security.

22 May

Carbon Lundgren

Data Center Infrastructure Administrator
IHC
Carbon Lundgren, CISA, brings a unique perspective to securing IT assets that carry your data. With a background of 50 years in physical security, his career has now taken him to the position of lead security specialist for a world-renowned health care company with over 600 areas to secure. Carbon has been heard to say, “I have a criminal mind”. Using the criminal mindset, Carbon has developed a best practices protocol that is becoming widely accepted by industry and governments. Some of the skills Carbon has learned is lock picking, and that of a professional safe-cracker. These skills directly relate to establishing physical barriers that will prevent hackers and terrorists from beginning their attacks inside the firewall. Carbon’s knowledge directly relates to several areas of COBIT and NIST. Chiefly, Appendix A: Mapping Pain Points to COBIT Processes and NIST Table D-1: Mapping Access Control Requirements to Security Controls.

22 May

Chris Roberts

Chief Security Strategist
Attivo Networks
Chris is currently the Chief Security Strategist for Attivo Networks, and is working on a number of projects within the deception and services space. Over the years, he's founded or worked with a number of companies specializing in DarkNet research, intelligence gathering, cryptography, deception technologies, and providers of security services and threat intelligence. Since the late 90’s Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against cyber attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. (Before that he managed to get various computers confiscated by a number of European entities.) Roberts is considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. Roberts has led or been involved in information security assessments and engagements for the better part of 20 years, and has a wealth of experience with regulations such as GLBA, HIPAA, HITECH, FISMA, and NERC/FERC. He has also worked with government, state and federal authorities on standards such as CMS, ISO, and NIST.

22 May

Cody Cornell

CEO & Co-Founder
Swimlane
As Swimlane’s Cofounder and CEO, Cody is responsible for the overall strategic direction of Swimlane and their Security Automation and Orchestration platform. As an advocate for the open exchange of security information and deep technology integration, he constantly strives to enable organizations to maximize the value of their investments in security technology and staff. Cody began his career in the U.S. Coast Guard and has spent 15 years in IT and security including roles with the U.S. Defense Information Systems Agency, the Department of Homeland Security (DHS), American Express and IBM Global Business Services. He has also had the pleasure of presenting at information security at forums such as the U.S. Secret Service Electronic Crimes Task Force, the DHS Security Subcommittee on Privacy, and National Public Radio.

21 May

Craig Sanderson

VP Product Management
Infoblox
Craig Sanderson is the Vice President of Product Management for Infoblox. Craig has been in the security industry for 19 years in variety of roles including: Technical Consultant, Solution Architect, Product Manager, and Business Development Manager. Having worked on a range of security technologies, Craig is now focused on developing solutions that prevent the abuse of DNS and enabling customers to leverage their network infrastructure to better secure their data, assets, and people.

21 May

Jared Phipps

VP Worldwide Sales Engineering
SentinelOne
Jared has been involved in cybersecurity professionally since 2001, and is passionate not only about technology, but also with effective use of technology to solve real problems. Jared is the Vice President of Worldwide Sales Engineering at SentinelOne, where he gets to use his passion for technology and experience in cybersecurity daily as he advises various prospects and clients through security projects. He spent the prior 6 years leading the sales engineering, processional services and incident response teams at Fidelis Cybersecurity. Prior to joining Fidelis he worked for MITRE supporting NSA Cryptographic Modernization Programs for the United States Air Force. Jared is a veteran of the United States Air Force where he worked in cyber defense and offensive cyber operations.

22 May

Jay Chintaram

Senior Manager
Deloitte & Touche
Jay Chintaram is a Senior Manager in the Cyber Risk Services practice of Deloitte & Touche LLP, bringing over 15 years of experience in cyber security and privacy processes and methodologies. Over the course of his career he has directly led and performed numerous client consultations on cloud migration and technology transformation initiatives. Jay has a strong background in planning, implementation, organizational design and management of cyber operations. His focus lies in strategic cloud security, digital identity and access management, data protection and IT risk and privacy compliance. Jay has been applying evolving technologies, techniques, and frameworks to create and deliver innovative solutions for his clients.

22 May

Jim Packer

Specialist Master
Deloitte & Touche
Jim is a Specialist Master in Deloitte & Touche’ LLP’s Privacy and Data Protection practice with over 15 years of hands-on client facing experience within multinational / cross-border Fortune 500 organizations across the globe. He has a track record of helping clients design, build and implement global privacy programs and support initiatives related to various domestic and foreign privacy and data protection regulation (e.g., Global Data Protection Regulation [GDPR], California Consumer Privacy Act [CCPA], New York State Department of Financial Services [NY-DFS 500], Health Information Portability and Accountability Act [HIPAA]). Jim has a track record of assisting clients navigate the intersection of technology, business (MBA), and regulatory requirements (JD) of global organizations; while assessing readiness, designing, building, remediating, operationalizing and drafting global privacy policies, procedures and programs which limit risk, provide a long-term roadmap, and promote compliance (CIPP). Over the past two years, Jim has been involved in managing and / or assisting 16 engagements as a Privacy Manager / Specialist Master for various clients, including: a leading consumer business products and services organization with a presence in over 100 countries, a top 5 global pharmaceutical organization with a presence in over 47 countries and a major financial products and services institution with a presence in over 210 countries. In his various roles, Jim was responsible for overseeing the transformation of privacy and security programs within several business functions, and provided day-to-day support to Global Privacy Officers, Data Protection Officers, corporate executives, in-house counsel, and staff.

22 May

Jonathan Nguyen-Duy

Vice President, Strategy & Analytics
Fortinet
Jonathan Nguyen-Duy leads Strategy and Analytics Programs at Fortinet where he focuses on emerging technologies and partnerships. With extensive experience working with global enterprises and nation-states, Jonathan is responsible for developing innovative security solutions addressing the challenges of digital transformation – from the IoT edge to the cloud. Prior to joining Fortinet, Jonathan served as the Security CTO at Verizon Enterprise Solutions where he was responsible for strategic technology partnerships, the Verizon Cyber Intelligence Center, and the data science team that produces the annual Verizon Data Breach Investigations Report. Before that role, he led the Security Services line-of-business and was responsible for data analytics and solutions supporting military-grade continuous diagnostics and mitigation. Jonathan also led the development of Verizon’s hosting services and business continuity practice. His research experience spans more than 10,000 data breach investigations and dozens of published reports. Before Verizon, Jonathan served with the U.S. Foreign Service in Central America working on economic development and disarmament initiatives. He has more than 20 years of cybersecurity and BCDR/COOP experience – working through many business challenges including armed conflict, civil strife, labor strikes, natural disasters, terrorist attacks, network outages and a wide range of cyber attacks. Jonathan is a widely published security expert and frequent speaker at industry conferences. He holds a BA in International Economics, as well as an MBA in IT Marketing and International Business from the George Washington University. Specialties: Cybersecurity, SIEM, Data Analytics, Artificial Intelligence, Machine Learning, Continuous Monitoring, Physical Security, Business Continuity/COOP, Managed Services, Risk Management and Digital Transformation.

21 May

Jon Calalang

Sr Specialist Sales Engineer - ADC/Automation
F5
Jon Calalang is a Sr Specialist Systems Engineer with F5 Networks. He's been a speaker at Microsoft Technology Expo, F5 Agility, Red Sky Security Summit, Utilities Technology Council, and ISSA Conferences; he is also a content creator and contributor to the F5 Super-NetOps program. Presentations and content from Jon focus on perspective learning, covering relevant topics like DevOps, Security, and Efficiencies, learned from examples and stories. Follow Jon on his travels through Cloud and Security and all his enjoyments on LinkedIn and Twitter (@jmcalalang).

21 May

Jon Greene

VP and Chief Technologist for Security
Aruba
Jon Green is VP and Chief Technologist for Security at Aruba, a Hewlett Packard Enterprise Company. He is responsible for providing technology guidance and leadership for all security solutions including authentication and network access control, UEBA, encryption, firewall, and VPN. He also manages Aruba’s Product Security Incident Response Team (PSIRT) and Aruba Threat Labs, an internal security research group. Jon joined Aruba in 2003 and helped it grow from a small startup to today’s position as a leading provider of network mobility solutions. Prior to Aruba, Jon held product management, marketing, and sales positions with Foundry Networks, Atrica, Nortel Networks, and Bay Networks. Jon holds a B.S. in Information Security from Western Governor’s University and a M.S. in Computer Science/Information Security from James Madison University. When not playing with technology, he enjoys flying airplanes, learning to play the banjo, and cooking competition barbecue.

21 May

22 May

Joseph Carson

Cybercecurity Professional
Thycotic
Joseph Carson is a cyber security professional and ethical hacker with more than 25 years’ experience in enterprise security specializing in blockchain, endpoint security, network security, application security & virtualization, access controls, and privileged account management. Joseph is a Certified Information Systems Security Professional (CISSP), active member of the cyber security community frequently speaking at cyber security conferences globally, often being quoted and contributing to global cyber security publications. He is a cyber security advisor to several governments, critical infrastructure, financial, transportation, and maritime industries. Joseph is regularly sharing his knowledge and experience giving workshops on vulnerabilities assessments, patch management best practices, the evolving cyber security perimeter, and the EU General Data Protection Regulation. Joseph serves as Chief Security Scientist at Thycotic and author of Privileged Account Management for Dummies and Least Privilege for Dummies.

21 May

22 May

Matt Christensen

Director, Cybersecurity
IHC
Matt Christensen is a Cybersecurity and Risk Thought Leader, Listener and Problem Solver. He has provided risk-based cybersecurity consulting services, program implementation, and program management for over 10 years. He traveled internationally for one of the world's largest private sector employers as the lead Cybersecurity Fraud Examiner performing security risk assessments and fraud investigations for several Fortune clients. Industry experience includes Healthcare, Insurance, Business Process Outsourcing (BPO), and Non-Profit. He has owned and operated several businesses and is passionate about bridging the Technological gap with the Business and the Business gap with Technologists. Matt received his Bachelor and Master degrees in Information Systems from the University of Utah and currently holds the following designations: CISSP – Certified Information Systems Security Professional | ISC2; ITPM – Insider Threat Program Manager | SEI - Carnegie Mellon; CRISC – Certified in Risk and Information Systems Control | ISACA; SANS GSLC – GIAC Security Leadership Essentials | SANS Institute; SANS GSEC – GIAC Security Essentials | SANS Institute; CFE – Certified Fraud Examiner | Association CFE; CCSK – Certificate of Cloud Security Knowledge | Cloud Security Alliance; ITIL v3 – Information Technology Infrastructure Library | EXIN. When not fighting cyber criminals, Matt is found spending time outdoors with his family, trail running, doing photography, traveling, consulting with small business start-up’s, and eating diverse food.

21 May

Nate Chessin

Senior Director, Americas Sales Engineering
Proofpoint
Nate is an 18 year technology and sales professional with extensive leadership and technical sales experience. As Senior Director, Americas Sales Engineering at Proofpoint, he is providing the most effective security and compliance solutions to respond to cyber attacks in every channel including email, the web, the cloud, and social media. Prior to Proofpoint, Nate held various leaderships positions at Cisco Systems and Glue Networks delivering Software Defined Networking, Collaboration, Security, Mobility and Service Provider architectures. Nate holds a BA in Computer Science from Pomona College in Southern California and is CCIE #12034.

22 May

Nicholas Serrecchia

National Solutions Architect
Veeam
Nicholas Serrecchia is a National Solutions Architect for North America that specializes in Azure and AWS. He has been with Veeam Software for over 3 years and loves sharing information and how to provision cloud resources in a secure and cost-effective manner.

22 May

Preston Hogue

Sr Director, Security Marketing
F5
Preston Hogue (@prestonhogue) is the Sr. Director of Security Marketing at F5 Networks and serves as a worldwide security evangelist for the company. Previously, he was a Security Product Manager at F5, specializing in network security Governance, Risk, and Compliance (GRC). He joined F5 in 2010 as a Security Architect and was responsible for the initial design of F5’s current Information Security Management System (ISMS). Preston has a proven track record building out Information Security Management Systems with Security Service Oriented Architectures (SSOA) and enabling enhanced integration, automation, and simplified management for Application Security architectures. Before joining F5, he was Director of information Security at social media provider Demand Media where he built out the information security team and the company’s ISMS, which included PCI, SOX, OFAC, DDoS, and DMCA programs. Preston’s career began 24 years ago when he served as a security analyst performing operational security (OPSEC) audits for the U.S. Air Force. He currently holds CISSP, CISA, CISM, and CRISC security and professional certifications.

22 May

Rich Spilde

Technology Transactions and Data Security Attorney
Holland & Hart

21 May

Romaine Marshall

Commercial Litigation | Cybersecurity and Privacy Law
Holland & Hart

21 May

Sam Masiello

CISO
Gates Corporation
Sam Masiello has been working with email, messaging, and fighting internet pollution for over 25 years. Mr. Masiello currently serves as the CISO at Gates Corporation where he is responsible for the company's data security, risk, and global compliance initiatives. Prior to Gates, he served as the CISO at TeleTech where he oversaw the protection of employee, consumer, and customer data for all of the organization's clients, which includes many Fortune 500 companies. Sam has also been the Chief Security Officer, head of Application Security, and head of Security research at companies such as Groupon, Return Path, and McAfee. He currently serves as Director-at-Large of The Coalition Against Unsolicited Commercial Email (CAUCE), National Advisory Board Member for SecureWorld, and is an Executive Board Member of Colorado Cyber. He has previously served as a member of the Board of Directors for the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG), the Steering Committee of the Online Trust Alliance (OTA) and a member of the Anti-Phishing Working Group (APWG)

21 May

TT

Tyler Theys

VP of Security Consulting
Presidio

21 May

22 May

Red Sky

Host
Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions. We deliver this technology expertise through a full life cycle model of professional, managed, and support services including strategy, consulting, implementation and design. By taking the time to deeply understand how our clients define success, we help them harness technology advances, simplify IT complexity and optimize their environments today while enabling future applications, user experiences, and revenue models.

Amazon Web Services

Diamond Sponsor
Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow. Explore how millions of customers are currently leveraging AWS cloud products and solutions to build sophisticated applications with increased flexibility, scalability and reliability.

Palo Alto Networks

Diamond Sponsor
Palo Alto Networks offers the world’s most innovative and effective, complete Next-Generation Security Platform that protects our way of life in the digital age by preventing successful cyberattacks.

Aruba Networks

Platinum Sponsor
Aruba securely delivers the enterprise network to users, wherever they work or roam, with unified mobility networks that significantly expand the reach of traditional port-centric networks. Unified mobility networks integrate adaptive WLANs, identity-based security, and application continuity services into a cohesive, high-performance system that can be easily deployed as an overlay on top of existing network infrastructure. Adaptive WLANs deliver high-performance, follow-me connectivity so users are always within reach of mission-critical information. Identity-based security associates access policies with users, not ports, to enable follow-me security that is enforced regardless of access method or location. Application continuity services enable follow-me applications that can be seamlessly accessed across WLAN and cellular networks. The cost, convenience, and security benefits of unified mobility networks are fundamentally changing how and where we work. Listed on the NASDAQ and Russell 2000 Index, Aruba is based in Sunnyvale, California, and has operations throughout the Americas, Europe, Middle East, and Asia Pacific regions.

LogRhythm

Platinum Sponsor

Juniper Networks

Gold Sponsor
Juniper Networks is a news network that designs, develops, and sells products and services, which together provide its customers with network infrastructure. Its aim is to create innovative products and solutions that meet the growing demands of the connected world. The company has 9,000 employees in 70 countries and nearly 5 billion U.S. dollars in revenue. Its customers include the top 100 global service providers and 30,000 enterprises, including the Global Fortune 100 as well as hundreds of federal, state, and local government agencies and higher educational organizations.

F5

Gold Sponsor
F5 Networks delivers solutions that make applications fast, secure, and available.
F5 Networks delivers unified application delivery through its application delivery network. Its core product, BIG-IP, is a modularized application delivery controller offering load balancing, high-availability, application acceleration, application and network security, WAN optimization, and remote access solutions for enterprises and service providers.
Unique to F5 is its extensible application delivery platform, iRules, which allows application and security architects the ability to offload and implement commodity features and proactively deploy security and application related functionality that improves application deployments without requiring changes to those applications.

Cisco / Duo

Gold Sponsor

Attivo

Silver Sponsor
Attivo Networks® is the leader in deception for cyber security defense. Founded in 2011, Attivo Networks provides a comprehensive deception platform that in real-time detects inside-the-network intrusions in networks, public and private data centers, and specialized environments such as Industrial Control System (ICS) SCADA, Internet of Things (IoT), and Point of Sale (POS) environments.

Fortinet

Silver Sponsor

Recorded Future

Silver Sponsor

Thycotic

Silver Sponsor

Arista

Bronze Sponsor

Crowdstrike

Bronze Sponsor

Firemon

Bronze Sponsor

Infoblox

Bronze Sponsor

Netapp

Bronze Sponsor

OverWatchID

Bronze Sponsor

Proofpoint

Bronze Sponsor

SentinelOne

Bronze Sponsor
SentinelOne is shaping the future of endpoint security with a uniquely integrated platform that combines behavioral-based detection, advanced mitigation, and forensics to stop threats in real-time. Specializing in attacks that utilize sophisticated evasion techniques, SentinelOne is the only vendor who offers complete protection against malware, exploit and insider-based attacks. This led Gartner to recognize SentinelOne as a Visionary in their recent Endpoint Protection Magic Quadrant.

Splunk

Bronze Sponsor

Swimlane

Bronze Sponsor

Veeam

Bronze Sponsor
As the leader in Availability across multi-cloud environments, Veeam® is uniquely positioned to help customers along their journey to Intelligent Data Management.

Zerto

Bronze Sponsor

A10

Expo Sponsor
A10 Networks provides appliances for accelerating web application delivery, bandwidth management and network identity issues

Agari

Expo Sponsor

APC

Expo Sponsor

Apcon

Expo Sponsor

AppViewX

Expo Sponsor

Armis

Expo Sponsor

BeyondTrust

Expo Sponsor
BeyondTrust is a global cyber security company dedicated to proactively eliminating data breaches from insider privilege abuse and external hacking attacks. Corporate and government organizations rely on BeyondTrust solutions to shrink attack surfaces and identify imminent threats. The company’s integrated risk intelligence platform presents a unique competitive advantage in its ability to reveal critical risks hidden within volumes of user and system data. This unifies IT and security departments, empowering them with the information and control they need to jointly prevent breaches, maintain compliance, and ensure business continuity. BeyondTrust’s privileged account management and vulnerability management solutions are trusted by over 4,000 customers worldwide, including over half of the Fortune 100.

Carbon Black

Expo Sponsor

Carbonite

Expo Sponsor

Checkpoint

Expo Sponsor

Citrix

Expo Sponsor

Contrast Security

Expo Sponsor

Cyberreason

Expo Sponsor

Cylance

Expo Sponsor
Cylance is the first company to apply artificial intelligence, algorithmic science and machine learning to cyber security and improve the way companies, governments and end users proactively solve the world’s most difficult security problems.

Databank

Expo Sponsor

Exabeam

Expo Sponsor

ExtraHop

Expo Sponsor
ExtraHop provides real-time operational intelligence for complex, dynamic production environments. The world’s best-run IT organizations use ExtraHop to manage more than a quarter-million devices and monitor billions of transactions daily. Unlike legacy monitoring tools that provide narrow views into technology silos, the ExtraHop system equips all IT groups with real-time visibility across the entire application delivery chain comprising the network, web, VDI, API and middleware, database, and storage tiers—down to individual sessions, flows, and transactions. An open, extensible platform, ExtraHop deploys in 15 minutes without agents, provides immediate value, and scales to cover all applications with zero overhead.

Fidelis Security

Expo Sponsor

Forcepoint

Expo Sponsor

Gemalto

Expo Sponsor

Gigamon

Expo Sponsor

Guardicore

Expo Sponsor

Imperva

Expo Sponsor

Ixia / Keysight

Expo Sponsor

KnowBe4

Expo Sponsor

Lightstream

Expo Sponsor

Mcafee / Skyhigh

Expo Sponsor

Medigate

Expo Sponsor

Mimecast

Expo Sponsor

Netscout

Expo Sponsor

Netskope

Expo Sponsor

Nutanix

Expo Sponsor

Open Systems

Expo Sponsor

Ping Identity

Expo Sponsor

Portnox

Expo Sponsor

Pure Storage

Expo Sponsor

Rapid7

Expo Sponsor

RedCanary

Expo Sponsor

Redseal

Expo Sponsor

Riverbed

Expo Sponsor

RSA

Expo Sponsor

Rubrik

Expo Sponsor

Ruckus

Expo Sponsor

Securonix

Expo Sponsor

Signal Sciences

Expo Sponsor

Silver Peak

Expo Sponsor
Silver Peak software unifies the cloud, the Internet and the enterprise WAN on a single fabric. This provides IT with complete visibility and control over the new cloud-driven network while ensuring consistent performance for every enterprise and Software as a Service (SaaS) application.
Silver Peak solves network bandwidth, distance and quality challenges, which helps customers backup and recover more data in less time, gain faster access to cloud and enterprise applications, and safely migrate enterprise apps from costly, complex private links to the Internet.

Skybox

Expo Sponsor

Tenable

Expo Sponsor

ThreatX

Expo Sponsor

Tufin

Expo Sponsor
Tufin is a network security company specializing in the management of network layer firewalls, routers, switches, load balancers, and other network security devices.
Its product portfolio includes Tufin SecureTrack, a platform offering firewall operation management, and auditing and compliance; Tufin SecureChange, a security change automation service; and Tufin SecureApp, a connectivity management application.
Tufin’s products also help companies to manage and automate the daily configuration changes to network security devices. It was founded by Reuven Harrison in 2004.

Turbonomic

Expo Sponsor

Unitrends

Expo Sponsor

Vera

Expo Sponsor

Vertiv

Expo Sponsor

Vmware

Expo Sponsor

Western Digital

Expo Sponsor

Zscaler

Expo Sponsor

Registration / Check-in | Expo

08:00 AM 09:00 AM

Keynote - Primetime Cybercrime

09:00 AM 10:00 AM Main Stage

Why so many hacking intrusions? Why so many card breaches? Also, can it actually get much worse? The banks blame the retailers, the retailers blame the banks, and consumers blame everyone. We try to learn from our mistakes, but the perspective we hear the least about comes from the cyber criminals themselves — many of whom are growing increasingly organized, networked, financed and politically connected. This talk will examine the answers to those “Why” questions from the perspective of profit-seeking online crooks.

Speakers

Expo

10:00 AM 10:30 AM

LogRhythm

10:30 AM 11:30 AM 200 AB

Juniper

10:30 AM 11:30 AM 200 CD

Cisco / Duo

10:30 AM 11:30 AM 300 AB

Splunk

10:30 AM 11:30 AM 300 CD

Holland & Hart: GDPR Understood

10:30 AM 11:30 AM 400

Speakers

F5: API Security Methodologies and Efficiencies

11:30 AM 12:30 PM 200 AB

A perspective view on the API security today; how we got here, what it takes to participate, and how to be effective in keeping up. This presentation will be through the lens of a Security Professional interacting with other teams to protect a service API.

Speakers

Attivo

11:30 AM 12:30 PM 200 CD

Crowdstrike: Adversary Tradecraft and the Importance of Speed

11:30 AM 12:30 PM 300 AB

Getting Ahead of the Threat: Emerging Threats and Lessons Learned for the Digital World What are the latest emerging threats targeting your endpoints, public and private cloud computing assets, and non-traditional devices across IoT? And what strategic assets do you need to protect as your organization continues its digital transformation journey? Join us for this session as we explore answers to these questions -- and share cybersecurity intelligence and lessons learned to help you protect endpoints, cloud assets, and IoT attack surfaces. We’ll also reveal security strategies that leverage predictive intelligence, artificial intelligence and hyperscale technologies.

Speakers

Gates Corp: IoT Security Risks in a Still Largely Disconnected World

11:30 AM 12:30 PM 300 CD

Speakers

Swimlane: The 12-step SOAR model: Breaking your old school SecOps addiction

11:30 AM 12:30 PM

Automation is sweeping through security operations, but many teams are stuck trying to figure out how to break from their existing security operations models. By assessing years' worth of lessons learned, best practices and real-world use cases, we will provide not only a glimpse of what your security operation program could be but also how to get there.

Speakers

Lunch Keynote - Tales from the PSIRT: 10 Years of Bugs, Vulnerabilities and CVEs

12:30 PM 01:30 PM Main Stage

The Product Security Incident Response Team (PSIRT) is a critical part of keeping your IT infrastructure secure, by finding, fixing and reporting product vulnerabilities. But how do they function, and what do they see? We’ll go beyond the lawyer-approved response policies and SLAs and see how a mid-sized IT product company goes from vulnerability discovery to CVE number.

Speakers

Expo

01:30 PM 02:00 PM

Fortinet: The Third Evolution of Network Security

02:00 PM 03:00 PM 200 AB

This tradition of innovation, as well as recognized leadership in the industry, positions Fortinet to drive the 3rd evolution of network security. Consider that 25 Years ago the Internet was much more straight forward. Applications were limited and Firewalls were developed to protect connections. The original Firewall was sometimes called the Stateful Firewall. Then as the Internet became richer in terms applications and data then is was necessary to inspect content not just the connections. This gave rise to Next Generation firewalls (NGFW’s) and UTM’s. Because such deep packet inspection was so processor intensive Fortinet pioneered purpose-built security processors for that function. Now, with cyber threats (and your digital business) moving so rapidly Fortinet is now leading the third generation of Network Security by connecting the NGFW to the fundamental Infrastructure layer. We refer to this as the Security Fabric. It’s a new approach to the market, just as NGFW/UTM were 15 years ago, that has just started but is growing rapidly.

Speakers

Recorded Future

02:00 PM 03:00 PM 200 CD

Arista

02:00 PM 03:00 PM 300 AB

Infoblox: Bridging Islands of Security

02:00 PM 03:00 PM 300 CD

To handle their network security needs, most organizations rely on many different products and services from multiple vendors. Often these solutions lack integration and are not able to quickly and easily share critical security information. The resulting silos can create costly delays, hinder agility and visibility, and result in a diminished security posture. Join Infoblox for a session on how to bridge the islands of security that expose your network to ongoing risk. During this discussion, you’ll see firsthand how solutions from Infoblox empower your security teams to: - Enhance visibility across your extended network regardless of infrastructure complexity - Automatically share indicators of compromise across multivendor security systems - Get the most out of your cyber threat intelligence and network data to prioritize responses using rich context - Detect, contain, and remediate threats faster through response integration Attend this session to learn how to unify your threat response and find ways to more rapidly and efficiently respond to cyber threats.

Speakers

Presidio: Security Framework

02:00 PM 03:00 PM 400

Speakers

NetApp

03:00 PM 04:00 PM 200 AB

IHC: Fraud Prevention & Detection – The Missing Security Domain

03:00 PM 04:00 PM 200 CD

Within Cybersecurity programs across most industries, we somehow implement hundreds of controls and a variety of security frameworks to prevent the loss of data but forget how many of these same controls can help prevent and detect fraud. Most organizations have the data needed to prevent and detect fraud but fail to share or integrate across business units. Combatting fraud is not left to just the auditors and accountants but should be part of our overall cyber defense strategy. And if you don't believe an Auditor and someone in Cyber can get along, you don't know my background.

Speakers

TBD

03:00 PM 04:00 PM 300 AB

TBD

03:00 PM 04:00 PM 300 CD

Thycotic: The POWER HACK – Don’t Let the Lights go out – A look Inside the MIND of a Hacker

03:00 PM 04:00 PM 400

Hacking into a Power Station is something that is a scary thought about the possibility of someone being able to turn off the power or damage systems. We have seen major incidents in previous years in which the Ukrainian energy sector was hit by a cyber-attack that caused a power outage for more than 86,000 homes. This session is a real-world hack into a power station that explains the process on planning and preparation, the major challenges of hacking into a power station, adapting to the risks, the perimeter security, engines and SCADA controls. The session will reveal some of the amazing security as well as some of the most shocking findings that will surely see people put hands on their face. It will share the challenges on reporting the findings to the board and the lessons learned. It is critically important to know how cybercriminals target their victims, what you can do to reduce the risk and make it more challenging for the attackers who steal your information, your identity or your money or even turn off the power. This session explains how outside attackers or malicious insiders can exploit vulnerabilities using examples such as a compromised email account password that escalates into a full-blown breach of network security.

Speakers

Expo

04:00 PM 05:00 PM

Registration / Check-in | Expo

08:00 AM 09:00 AM

Keynote - Fireside Chat with Live Hacking

09:00 AM 10:00 AM

Speakers

Expo

10:00 AM 10:30 AM

Aruba: NetOps and SecOps: Are We Really So Different?

10:30 AM 11:30 AM 200 AB

It’s difficult to generalize about modern IT organizations, but in almost all cases the network operations team is separate from the security operations team. In some cases, they report to the same CIO but in other cases they have completely different reporting relationships. It’s no wonder that we commonly find an adversarial relationship between the two teams – one of them is measured on keeping the packets flowing while the other would achieve much better results if NO packets flowed at all. But given the modern threat landscape, we can no longer afford this artificial dividing line. The network has a role to play in detecting and stopping security threats, and that means the two sides must work together. This session explores the issue and proposes practical solutions.

Speakers

F5: Making Application Threat Intelligence Practical

10:30 AM 11:30 AM 200 CD

The daily volume of cyber-attacks targeting applications and frequency of associated breaches is overwhelming to even the most experienced security professionals. In this session we cover the most important lessons learned from F5 Labs’ analysis of global attack data and breach root causes attributed to application threats to help you understand attackers’ top targets, their motives, and the changing application security landscape of systems they use to launch application attacks from. Addressing these application threats requires practical controls that every organization can be successful with. We close the session out with some tips and tricks you can start working on immediately to address the most common application threats, and appropriately prioritize your application security controls in the areas you are most likely to get attacked.

Speakers

SentinelOne: Advanced Attackers Hiding Inside Encrypted Traffic at the Endpoint

10:30 AM 11:30 AM 300 AB

Advanced attackers are always looking for ways to stay hidden. The growing use of traffic encryption — over 50% of Web traffic today is encrypted — provides a simple trick for attackers to hide their threats and communications channels. Exploit kits, malware, adware, callbacks, as well as command & control channels leverage encrypted communications to infiltrate organizations and exfiltrate information. Look into encrypted traffic, without the need for a proxy or additional agents and ensure full coverage of threats hiding within covert channels. SentinelOne extends EPP capabilities to provide an integrated workflow from visibility & detection to response & remediation. The single agent, single console architecture provides deployment simplicity and operational agility to improve productivity and minimize business impact of threats. In this session: - Explore and expose threats hiding inside encrypted traffic at the endpoint - Discover Autonomous Detection and Response to formerly “unseeable” threats - Live Attack Demonstration, Investigation and Remediation

Speakers

Firemon

10:30 AM 11:30 AM 300 CD

OverwatchID: Three Privilege Security Challenges with Modern IT

10:30 AM 11:30 AM 400

Modern IT environments have three major challenges with traditional privilege security products. IT organizations evolved and embraced hybrid IT deployments and cloud services, traditional privilege security vendors failed to evolve with them. Organizations are left vulnerable to privilege abuse, insider threats and external attackers.

Speakers

Cisco / Duo

11:30 AM 12:30 PM 200 AB

Thycotic: Privileged Access Uncovered: Back to the Basics

11:30 AM 12:30 PM 200 CD

With so many recent high-profile breaches accomplished through compromising passwords on privileged accounts, Privileged Access Management is now everyone’s priority (Gartner put it at the top of the list for 2018) and will continue to be a priority in 2019. But where do you get started? And how do you know which PAM solution will work best to protect your organization without sacrificing productivity?

Speakers

Attivo: A Hackers A Hacker's Perspective, where do we go from here?

11:30 AM 12:30 PM 300 AB

For 25 years or more we have fought the battle of passwords and patches while all around us, the world has developed, data has exponentially increased, attack surfaces are everywhere and technology had quite simply forced the human race to consider the evolution cycle in single lifespans as opposed to millennia. During the last 25 years we have done little to protect the charges we are responsible for, we have failed to secure systems, allowed financial attacks, infrastructure attacks, and now attacks directly against humans. At what point will we be able to stem the bleeding and actually take charge of our realm? Have we left it too late, or are we still able to claw back out of the abyss and face our adversary in a more asymmetrical defensive manner? Can we actually provide safety and security to our charges or will we continue to fail? And, critically, how do we communicate this, and educate a population that is content to watch from the sidelines, while they are being digitally eviscerated?

Speakers

Veeam: Data Mobility for AWS

11:30 AM 12:30 PM 300 CD

Veeam’s Data Management Capabilities for AWS allows seamless backup and restoration operations for AWS workloads and transformations workloads from VMWare, Hyper-V, Physical, Azure & Acropolis to AWS thus providing complete cloud mobility for our customers. Veeam provides a platform that will mesh the boundaries between On-Premises / Cloud data and will grant administrators / IT managers with flexibility in their data locality decisions. Come see this session where we will showcase these capabilities.

Speakers

Recorded Future

11:30 AM 12:30 PM 400

Lunch Keynote

12:30 PM 01:30 PM

Expo

01:30 PM 02:00 PM

Juniper

02:00 PM 03:00 PM 200 AB

Fortinet

02:00 PM 03:00 PM 200 CD

Zerto

02:00 PM 03:00 PM 300 AB

Proofpoint: Protecting your organizations’ Very Attacked People

02:00 PM 03:00 PM 300 CD

Your people do business well beyond the bounds of traditional network perimeters and connected endpoints. Email, social media, and mobile devices are the new tools of the trade—and for cyber criminals, the new tools of attack. We’ve long known that phishing and social engineering are the ways most organizations get compromised. Attackers know it’s much easier to find someone who will click than to find a working exploit for a modern operating system or browser. However, most organizations have very little idea which of their people receive sophisticated threats, targeted threats, or even large volumes of threats. We call these targets VAPs (Very Attacked People), and they may not be who you would expect. Using research across thousands of organizations around the world, this presentation will focus on how to identify who the Very Attacked People (VAP) are within your organization (hint: it’s probably not your VIPs), why they are targeted, and how they are being attacked. We will then provide meaningful steps a security professional can take to protect their VAPs.

Speakers

Presidio: Vulnerability and Threat Management

02:00 PM 03:00 PM 400

Speakers

Signal Sciences

03:00 PM 04:00 PM 200 AB

Deloitte & Touche: California Consumer Privacy Act (CCPA) readiness: Thought GDPR readiness was tough?

03:00 PM 04:00 PM 200 CD

The purpose of this presentation is to provide the audience with a basis of the California Consumer Privacy Act (CCPA), if and how it will apply, and how it may impact their business. The presentation will summarize the evolution of Privacy Regulation in California, and explain why the CCPA is important in today’s regulatory climate. The presentation will outline the differences and similarities between the CCPA and the General Data Protection Regulation (GDPR), provide the audience with specifics of how to leverage GDPR readiness for the purpose of CCPA, approach various in-scope control areas, challenges, leading practices, suggest a path to CCPA readiness, illustrate the benefits of technology enablement, and summarize time-tested Deloitte methodologies.

Speakers

TBD

03:00 PM 04:00 PM 300 AB

TBD

03:00 PM 04:00 PM 300 CD

IHC: Physical Security - It’s worse than you think. What can you do about it?

03:00 PM 04:00 PM 400

How vulnerable is your data? With all the emphasis on cyber security, has physical security taken a back seat? Is a loss of data caused by a breakdown in physical security any less damaging than a loss caused by a breakdown in cyber security? The purpose of this session is to discuss vulnerabilities of critical infrastructure and present easily implemented mitigation. Learn how physical security directly relates to COBIT and NIST. Learn types of hardware and software. Understand why the camera on a smart phone could be your worst nightmare.

Speakers

Expo

04:00 PM 05:00 PM