Last updated at Sat, 19 Aug 2017 02:06:45 GMT

Celebrity is an odd sensation. Rooms filled with seemingly normal people can suddenly shift into a buzz of excitement, anticipating the approaching time-slot of a well-known figure. We've all been there, and typically it's a movie star, former President, or Fortune 100 CEO in a mock turtleneck. Celebrity, however, comes in all different shapes and sizes. And in 1998 there was really only one major celebrity you cared about:

Those that might not recognize the beaked goodness that is Furby, let me introduce you to THE toy of 1998. That year Tiger Electronics sold 1.8 million Furby, on its way to 40 million sold in the coming year. And it was all made possible by Dave Hampton and Caleb Chung, who spent nine months designing the toy, two gentlemen who became certified celebrities in two distinct industries: toy making and 3D solid design. It was the latter where Mr. Chung was a rock star, having used a fledgling startup's software to create the world's most popular toy, and it was this same company's user conference in 1999 I found myself witnessing the power of a user community for the first time.

Users Make a User Conference…Duh

Walking Mr. Chung to the main stage for his keynote was a great experience early in my career, but then spending the next few days immersed with users of this software company's products started my education in the power of a user conference. Most of us have participated in a user conference of some sort, whether at the big national con for a software solution we use, or a small local gathering for a product you have deployed. The ability to sit and talk with other users is an enormously good use of time, but you also get to hear directly from the company devoid, for the most part, from the marketing hype that surrounds general industry conferences. The celebrities are all the users around each other, whether they had anything to do with the hot toy of 1998 or not.

Fast forward to 2016 and I'm knee deep in yet another user con, Rapid7's UNITED, where I'll be the Track Chair for our Threat Exposure Management topics (think pen testing, vulnerability management, app security). Our track is nearly finalized and, I'll just say it, it's full of security celebrities. Check out a sampling of who and what we'll be discussing in Boston later this fall, and then be sure you get in on the conference!

Fred Leezer, Cardinal Health

Rapid Evolution of a Vulnerability Management Program

Cardinal Health is a global organization that didn't have a vulnerability management program three years ago. Today the company uses Nexpose and Metasploit. Learn the story of their evolution, from humble beginnings to the current state, including growing pains, challenges, and lessons learned along the way.

**Jack Voth, Senior Director IT/Infosec, Algenol Biotech Incs**
**How Rapid7 helps me defend against APT's**

Algenol successfully defended itself against three nation state Advanced Persistent Threats (APTs) using a combination of Metasploit, Nexpose, and InsightUBA. Learn how these three products, along with Splunk, helped thwart nation state APT attempts to steal Algenol's Intellectual Property. Jack Voth will walk through APTs, how they attempt to gain access to a system, and his experiences with three-letter agencies that seek to help during these types of attacks.

**Josiah Inman, Security Analyst, Catholic Health Initiatives**
**GoLive Security Assessments: Are your baselines being met?**

This talk will outline how Catholic Health Initiatives implemented a Go-Live Technical Security Assessment Program. It will cover how they used Nexpose, Powershell scripting and UNIX scripting, among others, to ensure that the organization meets all the necessary baselines. Josiah Inman, security analyst at Catholic Health Initiatives, will explain how other security professionals can emulate this approach, regardless of whether they work at a small start-up or a large enterprise.

**Dan Kurkendall, Senior Director, Applicaitons Security Products, Rapid7**
**Applying DevOps processes to IT and security**

Get on the bleeding edge of Application Security. Applications are evolving rapidly, we're struggling to secure APIs and Single Page Applications while embedding application security early in the Software Development Lifecycle through DevSecOps and Continuous Integraiton. Join this discussion and learn how to apply best practices in Application Security and how to solve some of the toughest AppSec challenges.

**Chris Prewitt, CISO of Lincoln Electric and Chris Vaughn, CISO at Unify Square**
**CISO Panel: Managing Threat Risk, People, and the Board**

The role of CISO changes nearly every year, and with it the modern security program and department. Join this panel of CISOs from a variety of industries and organization sizes as we discuss some of the unique aspects of being a CISO in today's landscape, how they look to build a team to manage exposures/threats, where they prioritize, and where they think the role is heading in the next few year. This candid group of security leaders will detail for the audience their opinions around building vendor relationships, sifting through the noise to find what they need, and the challenges they face.

Get more info at