How Secure Are We?

Join us to prepare for today's and tomorrow's threat landscape. There is no cost to attend.
Earn 6 CPE credits.

Washington DC: Agenda

8:00 am
Registration
9:00 am
The Threat Landscape: Building the Right Threat Model & Controls Speaker: Rick Holland, Forrester

You want to keep a pulse on the constantly evolving threat landscape, but chasing the latest threats can leave you feeling ever more exposed. Rick Holland, Forrester's Senior Research Analyst, IT Security & Risk, will provide an in depth view of the changing threat landscape, including the top 5 threat vectors most organizations are not prepared for. More importantly, Rick will share a framework for developing an effective risk model and set of controls, so you can be prepared to mitigate risk, no matter what the latest threat.

9:45 am
Securing the Cloud Speaker: Lee Weiner, Rapid7

More than 50% of businesses are moving to the cloud and using cloud services to drive increased productivity and reduce operational costs. In addition, a recent survey showed that 30% of employees are already using personal cloud services, such as Dropbox and Evernote, to store work-related documents. In this session, Lee Weiner, SVP of Products & Engineering at Rapid7, will discuss the rise of cloud services and the impact this trend is having on organizations' security. This session will cover how gaining visibility into and monitoring of cloud services can enable you to embrace them and better manage the risk.

10:15 am
Break
10:30 am
Gaining Command and Insight Into Your Security Controls Speakers: Chad Currier, Cardinal Innovations Healthcare Solutions & John Schimelpfenig, Rapid7

The soundest plan in the world falls apart without proper follow-through. This session examines what it takes to close the loop between security and IT, ensuring that you can both monitor and assess where security controls stand, and that you can implement and verify action plans with IT teams. Security professionals will talk about their tactics in monitoring the effectiveness of their security controls and action plans, as well as how they communicate key requirements to IT. You'll hear first-hand best practices in navigating the changing security landscape and in keeping security plans adaptable, actionable, and verifiable.

11:15 am
Error Between Keyboard and Chair Speakers: Paul Drapeau, Principal Security Engineer, Vertex Pharmaceuticals Inc & Matt Hathaway, Rapid7

You don't need to read far into the headlines to realize that users represent the single largest security risk to organizations today. While user behavior represents the weakest link in your infrastructure and no singular security solution exists that can lock it down, there are techniques that you can put in place to gain visibility into your user risk and monitor risky behavior. Learn how one organization is addressing this issue and see how Rapid7 UserInsight can help you manage the largest and fastest growing risk in your security sphere.

12:00 pm
Networking Lunch Provided by Rapid7
1:00 pm
The Attacker's Playbook Speaker: Michael Belton, Rapid7

Get the inside scoop on attackers' tricks of the trade and learn how they're planning on attacking you. Stay steps ahead of potential attackers by learning their tactics. This session will examine in depth how attackers try to infiltrate your network, and how you can use your own arsenal of tools, like penetration tests, to model potential attacks. Additionally, this session will get you thinking beyond just the state of patched or unpatched vulnerabilities and will help you put threats into the context of your network environment and your user network, so you know what's important to keep an eye on when predicting potential attackers' threat vectors.

1:30 pm
Effective Vulnerability Management Speaker: Ryan Poppa, Rapid7

An effective Vulnerability Management program is a cornerstone of your security program but your program needs to continue to evolve to address the latest threats and requirements. Turning the data from vulnerability assessment is the key to reducing risk in your environment and ensuring compliance for standards, including the new requirements of PCI 3.0. This session will provide a set of best practices for ensuring your Vulnerability Management program provides actionable visibility and risk reduction for your organization and will help you understand the new PCI 3.0 requirements.

2:00 pm
Tips & Tricks Training

Get the most out of your Metasploit Pro deployment with our special Tips & Tricks session, lead by our expert Professional Services team. They'll help you configure Metasploit to import Nexpose and third-party data so you can validate vulnerabilities, learn how to leverage Metasploit's powerful social engineering and phishing capabilities and tie your results to 3rd-party systems in your enterprise.

Sold Out - Sign Up For The Waitlist
Close

Sold Out - Sign Up For The Waitlist

Learn How to Manage Evolving Security Threats and Earn 6 CPE Credits

Waitlist