Over The Last 12-18 Months, the way we run our business and manage our teams has Changed. Our data, applications, users are everywhere. We are more reliant on The Cloud than ever before. As a result, many security leaders globally are turning to zero trust, as protecting the scattered ecosystem requires a correlation of real-time security context across all security domains.

Why has zero trust become a huge cyber priority now?
How to align zero trust to business initiatives?
Can zero trust help address internal threats, especially with employees working remotely?
How do I enable zero trust across complex, hybrid cloud environments?
How do I leverage zero trust to ensure data privacy?
How to get started with zero trust?

About Speaker

Shivaswaroop NS, Consulting and Delivery Lead - Security Services, IBM India

Ketan Solanki, Security Architect, Infrastructure and Endpoint Services, IBM India

Webinar (Recorded)

The ‘SolarWinds hack’, a cyberattack recently discovered in the United States, has emerged as one of the biggest ever targeted against the US government, its agencies and several other private companies.

About Speaker
Sudhakar is Progressive CEO and Board member with nearly 25 year track record of delivering strong business results in startup, mid-size and large companies. Created and scaled businesses in enterprise software, Cloud/SaaS, Mobile Platforms and Applications, Software Defined Networking, Security, Unified Communications and Collaboration and Service Provider segments.

Bikash Barai is the Co-Founder of FireCompass, an AI assistant for IT security decision makers. Earlier he founded iViZ an IDG Ventures backed company which was later acquired by Cigital. He is also an early advisor at CISO Platform

Fireside Chat (Recorded)

As enterprises battle to conquer the new normal, an old concept of ‘Zero Trust’ has come to the fore. What is zero trust and how pertinent is it for the situation that businesses find themselves? What is the right approach to implement this framework?

About Speaker
Bob Kalka, CRISC, is a Vice President in the IBM Security Business Unit. He has been involved in the information security industry for 20 of his 25 years with IBM. He has held a number of leadership positions in product management, sales, business development, marketing management and product development. He is a frequent international speaker on the relationship of business with Information Technology, cloud computing and security, and has had numerous papers and articles published on these topics. He also holds a United States Patent related to secure distributed computing software.

Keynote (Recorded)

We are very excited about the 13th year of the Summit. Here's a quick glance to help you see what's the excitement about.

Date & Venue : 2-3 June, 2021. Virtual Platform

Register here : https://bit.ly/3b56OaY

Keynotes By International Experts

• Trends In Modern Security Operations - Dr Anton Chuvakin
• There Is No Magic In Cyber - Florian Hansemann
• The As, Bs And Four Cs Of Testing Cloud-Native Applications - Dan Cornell
• Cybersecurity Challenges Of IoT - Chuck Brooks
• The Tale Of The APT - Raj Samani
• The Entire Security Industry - Richard Stiennon

Fireside By International Experts

• Continuous Security Validation And Practical Strategies - Brad LaPorte
• 10 Emerging Threats To Enterprise Applications - Mike Spanbauer
• How to Present Cyber Security Risk To Senior Leadership - Allan Alford

Panel By International Experts

• Guide To Ransomware Prevention, Response And Recovery - Ziauddin Ansari, Raghvendra verma, Mohammed Siddiq, Mohammed Azmathulla Shaik
• How Nation State Attacks Are Fundamentally Changing Cybersecurity - Matthew Rosenquist , Herb Kelsey
• How To Protect Against The Latest Threats - Ravi kumar, J. Gokulavan, Dilip Panjwani
• Next Generation Red Teaming - Securing The Security Posture Of Your Organization - Vijay kumar Verma, Milind Mungale

Workshops By International Experts

• Python OSINT Collection from Geographic Hot Spots – Live While They Happen
• Red and Blue Team Joint Operations Learning the Offensive/Defensive TTPs
• Practical Mobile App Attacks By Example
• CEMA and CEWO - Weaponized RF And It's Role In Warfare Operations
• An Introduction To The OWASP ModSecurity Core Rule Set
• Threat Hunting 360 – Where To Look
• A Stroll Through The Kill Chain
• Privacy Aspects, When Providing Digital Products And Services
• Framing The Importance Of Cybersecurity To Non-Technical people
• Every CISOs First 90 Days On The Job
• Learning Vendor Governance
• Challenges of Shadow IT In The Post Covid World
• Security Transition – A New Perspective On Security For The Board By The CISO
• Defending Docker Implementations
• Cyber Security In The Power Grid
• DPO The New Destination For CISOs
• Internet Security For Kids

Register Now : https://bit.ly/3b56OaY

In keeping with the latest happenings in Information security, this article is on the 10 finalists  of RSA innovation sandbox contest held at the RSA Security conference, the world's leading Information security conference. Companies with innovative products and disruptive technologies are given platform to pitch their product. This competition promotes innovative thinking and encourages out-of-the-box  ideas.

The finalist have to demonstrate  their products and deliver a 3 minute long presentation in front of attendees and Judging panel. The judges based on participants demonstration and presentation decides the winner.

List of Finalists:

• AppOmni
• Blu Bracket
• Elevate Security
• ForAllSecure
• INKY Technology
• Obsidian Security
• SECURITI.ai
• Sqreen
• Tala Security
• Vulcan Cyber

Winner of RSA Innovation sandbox 2020 contest : 

SECURITI.ai

Headquarters: San Jose, California

Founded: 2018

Current CEO: Rehan Jalil

SECURITI.ai is a leader in AI-powered PrivacyOps. Its PRIVACI.ai solution automates privacy compliance with patent-pending People Data Graphs™ and robotic automation. It enables enterprises to give rights to people on their data, comply with global privacy regulations and build trust with customers.

Other Finalists

AppOmni

Headquarters: San Francisco

Founded: 2018

Current CEO: Brendan O'Connor

AppOmni is a leading software-as-a-service (SaaS) security and management platform providing data access visibility, management, and security of SaaS solutions. AppOmni's patent-pending technology deeply scans APIs, security controls, and configuration settings to secure mission-critical and sensitive data.

Blu Bracket

Headquarters: PALO ALTO, California

Founded: 2019

Current CEO: Prakash Linga

BluBracket is an enterprise security solution for code in a software-driven world. BluBracket gives companies visibility into where source code introduces security risk while also enabling them to fully secure their code—without altering developer workflows or productivity.

Elevate Security

Headquarters: Berkeley, California

Founded: 2017

Current CEO: Robert Fly

Elevate Security solves for the human element. Using data companies already have, Elevate Security scores employee risk based on their security actions, showing actionable trends while delivering personalized communications that nudge employees to better security habits. 

ForAllSecure

Headquarters: PALO ALTO, California

Founded: 2012

Current CEO: David Brumley

ForAllSecure aims to secure the world’s software. Using patented technology from CMU research, ForAllSecure delivers a next generation fuzzing solution to Fortune 1000 companies in telecom, aerospace, automotive and more. DARPA named ForAllSecure a Cyber Grand Challenge winner and MIT Tech Review named it one of the 50 Smartest Companies. 

INKY Technology

Headquarters: Maryland

Founded: 2012

Current CEO: David Baggett

INKY is an industry leader in mail protection powered by unique computer vision, artificial intelligence, and machine learning. The company's flagship product, INKY Phish Fence, uses these novel techniques to "see" each email much like a human does, to block phishing attacks that get through every other system.

Obsidian Security

Headquarters: California

Founded: 2017

Current CEO: Glenn Chisholm

Obsidian Cloud Detection and Response delivers frictionless security for SaaS. Using a unique identity graph and machine learning, Obsidian stops the most advanced attacks in the cloud. Unified visibility across applications, users, and data provides threat detection, breach remediation, and security hardening with no production impact.

Sqreen

Headquarters: Paris

Founded: 2015

Current CEO: Pierre Betouin

Sqreen is the application security platform for the modern enterprise. Organizations of all sizes trust Sqreen to protect, observe and test their software. As opposed to pattern-based approaches, Sqreen analyses in-app execution in real time to deliver more robust security without compromising performance.

Tala Security

Headquarters: Fremont, California

Founded: 2016

Current CEO: Aanand Krishnan

Tala safeguards the modern web against client-side risk. Tala’s AI-driven analytics engine continuously interrogates site architecture to work in concert with an advanced automation engine that activates standards-based security to prevent a broad range of client-side attacks like magecart, XSS, session re-directs, and client-side malware. 

Vulcan Cyber

Headquarters: Israel

Founded: 2018

Current CEO: Yaniv Bar-Dayan

Vulcan is a vulnerability remediation and orchestration platform that is modernizing the way enterprises reduce cyber risk. With its remediation-driven approach, Vulcan automates and orchestrates the vulnerability remediation lifecycle, enabling security, operational and business teams to effectively remediate cyber risks at scale.

(Source: RSA USA 2020, San Francisco)

IoTForum and CISOPlatform co-organized IoTSecurity Panel brings together CyberSecurity veterans from large security consulting companies, Fortune 1000 securityvendors, startups, academicians and end users. Panelists will delve on the state of the art products and ongoing research to secure devices, network and embedded applications.

They will discuss the organizational changes required going from a segregated IT and OT to a hybrid world and the investments happening in IoT Security, regulations and laws that are upcoming, especially, the new IoT Security law sitting on the current US President's desk. The Panelists will focus on the recent development in AI aiding both the attacker and defenders. With the current broad MNC, consulting and startup ecosystem already thriving in India, how and what are the specific areas of research, products and consulting opportunities in IoT Security the panelists see emerging from India

Panelists : 
Arnab Chattopadhayay (moderator) Associate Director IBM
Kingshuk Banerjee SVP Hitachi Research
Sandeep Shukla Poonam and Prabhu Goel Chair Professor and Head of Computer Science and Engineering Department, Indian Institute of Technology, Kanpur, India IIT Kanpur
Scott Hankins CEO & Co-Founder Priatta Networks
Khiro Mishra Global Head-Cybersecurity NTT
Brian de Lemos VP Palo Alto Networks

Recorded Session : 

Key Areas We Try To Address In The Session : 

- IoT security impact on healthcare
- How is customer's perception changing for IoT security
- How is business getting impacted due to this change of perception

1. Federated learning, due to real-time anomaly detection need in a federated manner using signature based methods
2. Consolidation
3. Orchestration
4. Malware Detection
- IIoT in India PSU, especially in power sector
- Impact of AI in IoT
- Lack of appreciation of cyber security
- Research at scale
- AI impact on IoT
- Shift focus to network for securing IoT devices
- Identifying device behavior
- Focus on enterprise IoT e.g. HVAC, Smart City, distributed enterprises
- Geography wise and industry maturity wise: what are the key pain points regarding adopting IoT security

- How do companies like NTT working with the companies to address those challenges

We are hosting a session and would request all interested to join us and have your security team members join us too. You could also share it with others who would find value

Workshop : How To Perform Penetration Testing On Industrial Control Systems And Operational Technology Safely

17th December, Thursday (6:30 PM India or 8 AM EST)

Duration : 6 hour

About Session : 

Industrial control systems (ICS), including supervisory control and data acquisition (SCADA) are found in many national critical infrastructure industries such as oil and natural gas, electric utilities, transportation, petrochemical and refining, water and wastewater, pharmaceutical, and manufacturing. Due to the high availability nature of these systems, any security testing must ensure that these systems are not affected operationally. Traditional IT Penetration Testing techniques are too harsh and potentially damaging to these sensitive systems. This educational presentation will first provide an overview of how ICS systems work, their vulnerabilities, and threats to these systems. The second part of this short training course will dive into proven methodologies and tools that our team has used to safely perform penetration testing on these systems. Lastly, this talk will conclude with best practices to secure and defend ICS and OT systems from cyber incidents.

( Link To Register Click Here )

Agenda

• ICS Systems Overview
  • ICS Inputs, Outputs, and Sensor Networks
  • Controllers, Embedded Systems and Protocols
  • SCADA and ICS Protocols
    
    
• Penetrating ICS Systems Safely
  
  • Recent Threats to ICS-SCADA Systems
  • ICS System Testing Methodology
  • Penetration Testing ICS Systems - OSINT and Internet Layer
  • Penetration Testing ICS Systems - Corporate Layer
  • Penetration Testing ICS Systems - OT DMZ and HMI Layers (3 and 2)
  • Penetration Testing ICS Systems - ICS Protocols and Controllers Layer
    
    
• ICS Defense-in-Depth and Risk Management Strategy
  • SCADA DMZ Design and Network Segmentation
  • SCADA Remote Access Design Considerations        
  • Deployment of IDS/IPS - Including Custom Signatures
  • Security Event Monitoring and Logging for SCADA
  • Overview of Security Frameworks that impact SCADA (NIST 800-53, NIST 800-82, ISA S99, CFATS, NERC CIP)

( Link To Register Click Here )

Speaker Details : 

Jonathan Pollet
Founder at Red Tiger Security, Black Hat USA Trainer

He has over 20 years of experience in both Industrial Process Control Systems and Cyber Security. In 2001 he began to publish several white papers that exposed the need for security for Industrial Control Systems (ICS). Pollet and his team have conducted over 300 security assessments of live Industrial Control Systems globally. Throughout his career, he has been involved with SANS, IEEE, ISA, ISSA, EEI, UTC, CSIA, NERC, and several other professional societies and has spoken in over 200 conferences and workshops around the world. He has also been featured on Fox News, CNN, CNBC, Vanity Fair, Popular Mechanics, CIO Magazine, and several security publications.

Hello,
We're excited to bring to you some awesome security minds who generously contributed to make security knowledge accessible to the community. We're giving free passes for the community. We request you to tag your security peers and everyone to sign up

All workshops can be found here Click here

Below is a few featured workshops

[Nullcon Training] (1/2 Day) Unlocking Secrets of Android Application Hacking

• Speakers : Rewanth Cool (Nullcon Trainer) & Hrushikesh Kakade (Nullcon Trainer)
• Includes : Linux Internals, Boot Process, Android Architecture, Security Architecture, Application Components, Android Debugging, Static Analysis, Application reversing, Analysing SMALI codes, Dynamic Analysis ... Know More

[DEFCON Training] (1/2 Day) The Kill Chain Workshop

• Speakers : William Martin (CISSP, Trainer @DEFCON)
• Includes : Penetration Testing Types & Methodologies; Preparing For A Test; External Network Attacks & Killchains; Endpoint Compromise, Evasion, and Enumeration; Internal Network Attacks & Killchains; Environment Hardening & Detection Tuning ... Know More

[Blackhat Training] (1 Day) Penetration Testing On ICS & Operational Technology

• Speakers : Jonathan Pollet (Blackhat Trainer)
• Includes : ICS System Overview; SCADA & ICS Protocols; Penetrating ICS Systems; Testing Methodology (OSINT, Corporate Layer, ICS protocols, Controllers Layers); ICS Defense-in-depth and Risk Management Strategy; Event Monitoring.& Logging; Security Frameworks... Know More

[OWASP Training] (1/4 Day) API Security Workshop

• Speakers : Inon Shkedy (OWASP Trainer, Contributor)
• Includes : Understand the underlying implementation of the application from the API traffic; Detect potential vulnerable points in APIs; Advanced exploitation techniques for: BOLA(IDOR), Mass Assignment, BFLA, Excessive Data Exposure and more; Examples for complex API exploits, which involve many steps; Perform a successful and effective pen test in modern applications ... Know More

[Industry Expert Training] (1/2 Day) How To Build Effective SOC Workshop

• Speakers : Amit Modi (Renowned Expert | Blockchain Enthusiast)
• Includes : What is SoC - including three pillars of SoC; What is Expected Out of SoC; Technologies Involved; SIEM Evaluation Criteria; How to Increase SoC Maturity; How to Define the Use Case; How to Build the Use Case; How to Build the SoC Processes; How SoC can be a Business Enabler; MSSP Vs. On Premise SoC; Key Consideration to run it Effectively; How to Perform Incident Management; How to Automate Incident Management; Challenges of SIEM; Evolution & Role of SOAR in Incident Management; Advantages of SOAR; Key Elements to Look For in SOAR; SOAR Evaluation Criteria ... Know More

For More Workshops Click Here: Go To Workshops