IT Summit - Spring
Tuesday-Wednesday, April 19-20, 2016
SynerComm's 14th Annual IT Conference
Upcoming Sessions
Information Subject to Change
Click on a track to filter the results below
Choose Your Own Adventure: Hacking Evil Corp - Live Demonstration
Tuesday • 4:00PM - 6:00PM
• Room: Atrium 4th Floor
- Title
- Choose Your Own Adventure: Hacking Evil Corp - Live Demonstration
- Abstract
- Have you seen Mr Robot? Have you always wanted to know how an organization can get hacked and have their data stolen? Come see the hacking of Evilcorp in live, narrated demonstration. Our penetration testers will go up against an unknown environment, and you can help decide their fate. The payoff: Glory (and beer). Defeat will be met with mockery and shenanigans (kidding, but seriously). Come enjoy what will prove to be an insightful and fun look at the world of penetration testing.
- Speaker
- AssureIT Team Details
- Presented by
They're in your network. You just don't know it.
Wednesday • 9:15AM - 9:55AM
• Room: Bart Starr Room
- Title
- They're in your network. You just don't know it.
- Abstract
- There's an old saying, "There's only two kinds of companies. Those who have been hacked, and those who know they've been hacked." In this session Niara will discuss the application of advanced machine learning to the automated detection of attacks that have bypassed an organization's perimeter defenses, and how to dramatically reduce the time and skill needed to investigate and respond to security events. We'll discuss how multi-dimensional analytics can be applied against data from both the network and security infrastructure to detect compromised and negligent users, malicious insiders, reduce the time for incident investigation and response, and speed threat hunting efforts by focusing security teams on the threats that matter.
- Speaker
- Karthik Krishnan Details
- Presented by
Cloud Enabled Enterprise. The building blocks for creating a secured cloud.
Wednesday • 9:15AM - 9:55AM
• Room: Johnny Blood/Willie Davis Room
- Title
- Cloud Enabled Enterprise. The building blocks for creating a secured cloud.
- Abstract
- A discussion on the building blocks for the enterprise cloud and a standard approach to building a scalable network that behaves like a single switch. This session will also be exploring how security and branches become part of the cloud as well as talk about a layered approach to security with an emphasis on application visibility and protecting against malware.
- Speaker
- Jeff Kihn Details
- Presented by
Mythbusting the Beliefs of DDoS Protection
Wednesday • 9:15AM - 9:55AM
• Room: Paul Hornung Room
- Title
- Mythbusting the Beliefs of DDoS Protection
- Abstract
- In this session we will discuss what we thought we knew about DDoS attacks no longer has feet - it's time to revisit our assumptions about existing security perimeters, typical service provider cadence, CDN capabilities and the severe consequences of experiencing an attack:
- *What makes today's DDoS attacks more complex than ever before
- *How to ensure your service provider's traffic scrubbing capabilities are a match for your needs
- *Why DDoS vulnerability risk is more severe than you may have considered
- *How DDoS is used as a diversionary tactic during advanced threat campaigns
- Speaker
- Tom Bienkowski Details
- Presented by
Forensic Residue: The Missing Link in Information Security
Wednesday • 9:15AM - 9:55AM
• Room: Suite #4039
- Title
- Forensic Residue: The Missing Link in Information Security
- Abstract
- You can only protect what you can see. Yet gaining visibility into every endpoint is an increasingly difficult task given the proliferation of threats and the sensitive data being targeted. Join us for a journey through the Cyber Kill Chain to discuss how companies are solving pervasive information security challenges with 360° endpoint visibility. We'll dive into the world of hackers to show how attacks are constructed, showcase new techniques you can use to detect and respond to modern threats, and discuss the usage of 'forensic residue' to eliminate gaps in your InfoSec framework.
- Speaker
- Mike Vizzi Details
- Presented by
Security is a matter of perspective: The advantages of thinking like a hacker.
Wednesday • 10:15AM - 10:55AM
• Room: Bart Starr Room
- Title
- Security is a matter of perspective: The advantages of thinking like a hacker.
- Abstract
- Both your IT team and your attackers work best in well-organized, static, centralized environments. Furthermore, while your attacker and your IT department have very different goals, they are using the same tools and the same techniques. Learn how these facts become the basis for "the secret pact" between your potential attacker and your IT team.
- Speaker
- Assaf Mischari Details
- Presented by
Secure Access Anywhere - Cloud, Data Center, Hybrid IT - Make You and Your Data the Perimeter
Wednesday • 10:15AM - 10:55AM
• Room: Johnny Blood/Willie Davis Room
- Title
- Secure Access Anywhere - Cloud, Data Center, Hybrid IT - Make You and Your Data the Perimeter
- Abstract
Green Bay, WI - Synercomm Keynote Partner Pulse Secure will help define IT Agility and Change with its RSA Award Winning "Secure Access Anywhere" solution story. This presentation by Pulse Secure CEO Sudhakar Ramakrishna will share its Secure Access capabilities securing-authenticating data, applications, network access and enterprise security across all devices anywhere and everywhere humans do business. Building off its Connect Secure platform - one that secures 80% of the Fortune 100, 13 of 15 key government networks and 90% of Wall Street financial services' networks - Pulse Secure is helping global enterprise and business of all size ensure secure access via its Policy Secure and Workspace Mobile Applications BYOD security solutions.
With Gartner and Ponemon Institute Global research confirming that 60% of key business applications are leveraging the cloud and that 20% of all breaches and malware intrusions are delivered via Mobile devices, Pulse Secure is "right place, right time" solution to meet these challenges. With key Federal Regulations requiring key monitoring-visibility-access control solutions to be implemented in Health Care, Financial Services, Manufacturing and Supply Chain being required by 2017, Pulse Secure solutions - when unified with Pulse One monitoring-control capabilities - helps business meet these challenges.
During this informative and future-looking presentation, Pulse Secure will help define where the workplace is heading and where business leaders are meeting future prospects in a mobile, digital marketplace. Pulse Secure will align its solution roadmap within these market realities.
Sudhakar will be joined in this collaborative overview by Michael Riemer, Pulse Secure's Ninja Architect who goes back to the beginning of the industry with over 10,000 global Pulse Secure NAC and Connect Secure installs. Michael formerly worked with Synercomm after a 25 year career in cybersecurity with the U.S. Military.
- Speaker
- Sudhakar Ramakrishna Details
- Presented by
The life cycle of a breach investigation.
Wednesday • 10:15AM - 10:55AM
• Room: Paul Hornung Room
- Title
- The life cycle of a breach investigation.
- Abstract
- This talk will discuss the process, tools, and remediation events used in some of the largest Incident Response cases in the last year. We will highlight malware attack life cycle and common attack vectors.
- Speaker
- Jim Jaeger Details
- Presented by
Six Steps to Securing Privileged Access for Outsourced IT (Live Demo!)
Wednesday • 10:15AM - 10:55AM
• Room: Suite #4039
- Title
- Six Steps to Securing Privileged Access for Outsourced IT (Live Demo!)
- Abstract
With 2 Billion confirmed Username/Passwords stolen over the past 24 months, securing privilege accounts has never been more important. Centrify will outline how to immediately protect your company from this massive risk. Does outsourcing IT increase your risk of a data breach? Popular opinion says yes. Many of the recent high profile breaches involved third party access - including outsourced IT.
Traditional privileged identity management solutions require that organizations create and manage identities for outsourced IT administrators within their internal environment, and grant VPN access. The result is an expansion of potential attack points for hackers, disgruntled insiders and malware.
Tony Goulding will set the stage before delivering a live 20 minute demonstration where he steps into the shoes of a Web Server consultant at a fictitious outsourced IT company.
You will learn how to minimize your organizations attack surface, thwart in-progress attacks and govern privileged access, while lowering the costs of outsourcing IT.
- Speaker
- Tony Goulding Details
- Presented by
See, Segment and Secure. A 3 step software-based approach to application-aware micro-segmentation to protect your data center and cloud environments.
Wednesday • 11:00AM - 11:40AM
• Room: Bart Starr Room
- Title
- See, Segment and Secure. A 3 step software-based approach to application-aware micro-segmentation to protect your data center and cloud environments.
- Abstract
- The continued growth of the cloud, virtualization and mobility has transformed the traditional data center, with 83 percent of data now traveling East/West, never seen by the traditional perimeter. Matt Ebben will share and demonstrate how vArmour customers world-wide are leveraging a new software based distributed approach to easily see, segment and secure their data in data center and cloud environments
- Speaker
- Matt Ebben Details
- Presented by
- vARMOUR
Managing and Securing the IoT Network Explosion
Wednesday • 11:00AM - 11:40AM
• Room: Johnny Blood/Willie Davis Room
- Title
- Managing and Securing the IoT Network Explosion
- Abstract
- WLAN authentication has traditionally been handled by either 802.1x or by standard Preshared Keys (PSK) like we all use in our homes. RADIUS is very secure and powerful, but complicated and not all devices understand it - especially those of the IoT variety. PSKs are easy to setup, but not particularly secure, do not allow for granular policy control, and must be changed across all devices when one goes missing. To solve this issue, Aerohive Networks allows for "personal" pre-shared keys. Find out how this solution can be deployed and automated to meet the challenges that IoT authentication poses.
- Speaker
- Thomas Sophiea Details
- Presented by
The Definitive Guide to Next-Generation NAC
Wednesday • 11:00AM - 11:40AM
• Room: Paul Hornung Room
- Title
- The Definitive Guide to Next-Generation NAC
- Abstract
- In this session we will discuss:
- *Exploring Next-Gen NAC Technology
- *Achieving Endpoint Visibility and Security
- *Enabling BYOD for Employees, Guests, and Contractors
- *Mitigating Advanced Threats
- *Aiding Compliance with Continuous Monitoring and Mitigation
- *Getting Started
- Speaker
- Brian Gumbel Details
- Presented by
Breaking the Kill Chain: Detect, Prevent, and Mitigate Advanced Threats to Your Organization
Wednesday • 11:00AM - 11:40AM
• Room: Suite #4039
- Title
- Breaking the Kill Chain: Detect, Prevent, and Mitigate Advanced Threats to Your Organization
- Abstract
- In today's world of security breaches costing companies millions, understanding how incidents can occur gives insight into protecting the network and managing risk. With the number of incidents on the rise it's no longer an option to simply be content with mitigating a breach after the fact but must also detect any breaches of security before they can damage and also prevent further intrusions. The Engineers at Fortinet will walk you through the life cycle of advanced threats pointing out their common methods of avoiding detection. Additionally you'll be shown how a proper security framework gives you multiple options to detect and mitigate an attack before it has the opportunity to inflict damage; costing you time, money, and public confidence.
- Speaker
- James Cabe Details
- Presented by
How To Know If You Are Getting A Good Pentest
Wednesday • 1:30PM - 1:55PM
• Room: Johnny Blood/Willie Davis Room
- Title
- How To Know If You Are Getting A Good Pentest
- Abstract
- Audits and vulnerability assessments alone do not provide a complete assessment of business risk. This talk will go in detail to help you determine what a quality pentest should look like. Whether it's SynerComm performing your next project or another organization, you deserve to know how to identify quality pentests. In this talk we will take a very transparent look into pentest methodology straight from experienced pentesters. We'll explain tests your next pentester should be performing, how they should communicate with your team, and most importantly, what makes up a quality report. (Due to the highly transparent view into SynerComm's methodologies and deliverables, we ask that no vendors or competitors attend)
- Speaker
- Casey Cammilleri Details
- Presented by
Practical Security - Part I (Effectiveness of Common Controls)
Wednesday • 1:30PM - 1:55PM
• Room: Paul Hornung Room
- Title
- Practical Security - Part I (Effectiveness of Common Controls)
- Abstract
- In this session you will learn about common security controls and learn the difference between having controls and having effective controls.
- Speaker
- Jason Lang Details
- Presented by
Identity Is The New Perimeter
Wednesday • 1:30PM - 1:55PM
• Room: Bart Starr Room
- Title
- Identity Is The New Perimeter
- Abstract
- In this session you will learn how usernames and passwords are your weakest link and how you might address the problem. Identity vulnerabilities are 4 of the top 6 risks we find.
- Speaker
- Lisa Niles Details
- Presented by
Logging, Alerting and Hurting
Wednesday • 1:30PM - 1:55PM
• Room: Suite #4039
- Title
- Logging, Alerting and Hurting
- Abstract
- With so much fear, uncertainty and doubt about security these days, how do you know what to believe? We invite you to learn from a professional who has worked on both the defensive and offensive sides of security. Gain important insights into what to log, anomalies that matter, and alerts that every organization should have. Lastly, learn ways that your existing investments can work harder and smarter.
- Speaker
- Scot Berner Details
- Presented by
Defense in Depth Against Ransomware
Wednesday • 2:00PM - 2:25PM
• Room: Johnny Blood/Willie Davis Room
- Title
- Defense in Depth Against Ransomware
- Abstract
- One of the hot exploits against organizations of all sizes in 2016 is the ransomware attack, rendering the victim organization at the mercy of either paying attackers to recover their data or recovering from backups. This talk will outline different methods your organization can use to defend against ransomware attacks before you're hit and how to use the strategies in layers to ensure that you have a defense-in-depth against these sorts of attacks.
- Speaker
- Drew Hjelm Details
- Presented by
Practical Security - Part II (Making Common Controls Effective)
Wednesday • 2:00PM - 2:25PM
• Room: Paul Hornung Room
- Title
- Practical Security - Part II (Making Common Controls Effective)
- Abstract
- In this session you will learn how to make the most of the common controls you already have, or that you should have.
- Speaker
- Andrew Piche & Aaron Howell Details
- Presented by
Tuning Enterprise Class Wireless
Wednesday • 2:00PM - 2:25PM
• Room: Bart Starr Room
- Title
- Tuning Enterprise Class Wireless
- Abstract
- In this session you will learn how and when to create SSIDs, customer radio profiles, look at signal to noise ratios, co-channel interference to tune power and channels.
- Speaker
- Lisa Niles & Sean Colburn Details
- Presented by
Preparing for Compliance Audits
Wednesday • 2:00PM - 2:25PM
• Room: Suite #4039
- Title
- Preparing for Compliance Audits
- Abstract
- Compliance audits are necessary, but do not need to be painful. Being prepared for an audit is so much more than the ability to show an auditor what they need to see. Being prepared for an audit is when an organization already knows the answers to the questions. Compliance readiness is the ongoing alignment of your business to a set of standards while along the way developing a business-as-usual atmosphere. This session will explore best practices to develop and execute an effective information systems compliance program.
- Speaker
- Bill Curtis Details
- Presented by
Effective Strategies for Security Awareness
Wednesday • 2:30PM - 2:55PM
• Room: Johnny Blood/Willie Davis Room
- Title
- Effective Strategies for Security Awareness
- Abstract
- Computer end-users continually top the list of biggest threats to an organization's data. Technical security controls can be easily circumvented by employees who unwittingly open email attachments or who click phishing links. This presentation will describe the most important topics for security awareness training and how to effectively deliver them to your employees. The themes and topics for this presentation come straight from SynerComm's penetration testers who exploit end-user security awareness on a daily basis.
- Speaker
- Jason Lang Details
- Presented by
Your Pentester's Toolkit - Part I (Reconnaissance)
Wednesday • 2:30PM - 2:55PM
• Room: Paul Hornung Room
- Title
- Your Pentester's Toolkit - Part I (Reconnaissance)
- Abstract
- Ever wonder what tools the pentesters are using? This talk will be informative and "just technical enough" to satisfy any audience. SynerComm's AssureIT team will describe and demonstrate some of their favorite reconnaissance and vulnerability detection tools.
- Speaker
- Hans Lakhan & Travis Kaun Details
- Presented by
Practical Production and Operational Readiness
Wednesday • 2:30PM - 2:55PM
• Room: Bart Starr Room
- Title
- Practical Production and Operational Readiness
- Abstract
- In this session you will learn common logistical, scaling and operational transition problems that plague projects of all sizes, and practical solutions organizations are employing to address them.
- Speaker
- Marc Spindt & David Klipstein Details
- Presented by
Maximize Efficiency, Minimize Errors - Orchestration, Automation and SDN
Wednesday • 2:30PM - 2:55PM
• Room: Suite #4039
- Title
- Maximize Efficiency, Minimize Errors - Orchestration, Automation and SDN
- Abstract
- In this session you will learn the differences between orchestration, automation and SDN and how organizations can benefit from each separately and all together.
- Speaker
- Nate Ressel & Bill Kiley Details
- Presented by
Pentester Panel Q&A
Wednesday • 3:15PM - 3:40PM
• Room: Johnny Blood/Willie Davis Room
- Title
- Pentester Panel Q&A
- Abstract
- TBD
- Speaker
- AssureIT Team Details
- Presented by
Your Pentester's Toolkit - Part II (Offensive PowerShell)
Wednesday • 3:15PM - 3:40PM
• Room: Paul Hornung Room
- Title
- Your Pentester's Toolkit - Part II (Offensive PowerShell)
- Abstract
- What's PowerShell? Ask any blue-team (defensive security) member and they'll probably tell you it's just another task automation and configuration management tool pushed on them by Microsoft. But ask a red-team (pentester) member, and they'll probably offer to show you. Join SynerComm's Information Assurance Consultant, Sam Link, as he steps through exactly why PowerShell is gaining popularity with attackers, what you can do to defend against it, and what Microsoft is doing to address its abuse. This talk is bound to get offensive...
- Speaker
- Sam Link Details
- Presented by
Hyperspeed with Hyper-Convergence
Wednesday • 3:15PM - 3:40PM
• Room: Bart Starr Room
- Title
- Hyperspeed with Hyper-Convergence
- Abstract
- In this session you will learn more about what hyper-convergence is, how mature it really is and how organizations are utilizing it today to improve performance while saving money.
- Speaker
- Nate Ressel Details
- Presented by
Palo Alto Networks Health Check from the Guru
Wednesday • 3:15PM - 3:40PM
• Room: Suite #4039
- Title
- Palo Alto Networks Health Check from the Guru
- Abstract
- Phase 2 advanced configuration recommendations.
- Speaker
- Tom Heideman Details
- Presented by