• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Logo
  • About
  • Bulletins
  • Corelight.com
  • Contact us

Bright Ideas Blog

Bright Ideas Blog

Bright Ideas Blog

Home ›› Industry ›› 12 talks to see at RSA 2020

12 talks to see at RSA 2020

February 10, 2020 by Richard Bejtlich

By Richard Bejtlich, Principal Security Strategist, Corelight

RSA 2020 is fast approaching, and a colleague asked what talks I planned to attend. As I am not attending RSA, I thought I would answer her question anyway, with the hopes that those participating in the conference might benefit from my review of the agenda. In general, the speaker sessions seem to be of high quality overall, so I am sure you will enjoy the conference, regardless of whether or not you heed my suggestions!

Coordinating a Competitive 5G Strategy among Freemarket Democracies features Admiral Dennis Blair, Sasakawa USA; Michael Chertoff, Chertoff Group; Arthur Coviello, Rally Ventures; William Roth, Sasakawa USA; and Christy Wyatt, Absolute. This talk will discuss the political and economic complexities of the Huawei issue with respect to 5G networks. I’ve previously said that I don’t want Huawei running networks of any kind in the US and our Five Eyes partners, but I think this group may have a mixed outlook.

Leading Change: Building a Security Culture of Protect, Detect and Respond features my long-time friend Lance Spitzner from the SANS Institute. Lance has seen and done it all since his career started in the 1990s. I’d like to know how he develops the protect-detect-respond culture in the organizations he assists.

Break the Top 10 Cloud Attack Killchains features Shawn Harris, Starbucks Coffee Company and my friend Rich Mogull from Securosis. Rich is one of the top cloud security experts, so pay attention to what he recommends regarding security in that environment.

Shodan 2.0: The World’s Most Dangerous Search Engine Goes on the Defensive features Dr. Michael Mylrea from GE Global Research. I’m curious what the speaker’s findings are regarding Shodan and IoT. If you have a network and you expose devices to it, Shodan can help you find them.

Cloud Threat Hunting features my friend Sherri Davidoff and her colleague Matt Durrin from LMG Security. They will talk about discovering attacks against cloud and hybrid environments, which is something anyone responsible for cloud security should be doing as a routine operation.

Tales from the Front Lines 2020 features speakers from the leading incident response companies, namely Thomas Etheridge, Crowdstrike; Stuart McKenzie, Mandiant / FireEye; my friend Wendi Whitmore, X-Force Threat Intelligence; and moderator Rob Sloan, Dow Jones / Wall Street Journal. In my opinion, the best people to speak about attacker activities are those who handle intrusions on a regular basis. Check out what they have to share!

Recapture of Glory: The Return of Persistent Threat Actors features more incident responders, my friend Charles Carmakal and his colleague Jibran Ilyas, from Mandiant / FireEye. This sounds like more of a targeted talk with live demos. I will make an offering to the demo gods for them.

When Cybercriminals with Good OpSec Attack features Ryan MacFarlane from the FBI and Liam O’Murchu from Symantec. They promise to discuss a case with a ten year investigative history, which sounds fascinating!

Cyber-Litigation 2020: Recent Cases in the Courts and Agencies features Richard Aldrich Booz, Allen, Hamilton/DOD OSD; Julia Bowen, The MITRE Corp.; and Steven Teppler, Mandelbaum Salsburg P.C. I get along well with lawyers because I appreciate that they have received specialized training in defined terms with real consequences. I want to know how the legal landscape affecting cyber security is changing, as this tool will grow in importance as time progresses.

Peel Back the Layers of Your Enterprise and Make Your Adversaries Cry features my friend Doug Burks from Security Onion Solutions. Check out what he’s doing with his network security monitoring Linux distribution. I hope he mentions Zeek!

Shadow IT and Shadow Remote Access. How to Find It (for free!) features John Strand from Black Hills Information Security. Shadow IT, especially systems exposing remote access solutions, is a true headache. Let’s see what John recommends; I expect some degree of network visibility will make his list.

I Find Your Lack of Security Strategy Disturbing features Deborah Blyth, State of Colorado; Kyriakos Lambros, RockCyber, LLC; Merlin Namuth, Tenable; and Matthew Sharp; Logicworks. I picked this on title alone. It quotes Darth Vader while integrating strategy. You can’t go wrong with that. Don’t fail me!

For a baker’s dozen, I have one more recommendation:

ICS OSINT: An Attacker’s Perspective features my wife Amy Bejtlich and her colleague Selena Larson, from Dragos. They will discuss how open source intelligence can improve industrial control systems security. If you operate ICS, you will benefit from this talk!

I hope everyone who experiences RSA 2020 learns a lot and travels to and from the conference safely.

Filed Under: Industry Tagged With: 5G, cloud security, killchain, Network Security Monitoring, network traffic analysis, network visibility, Richard Bejtlich, RSA, RSAConference, threat hunting, Zeek

Contact

  • Contact Us
  • Find a Reseller
  • Headquarters+1(510) 281-0760
  • Sales+1(888) 547-9497

Primary Sidebar

Search

Recent Posts

  • Extending NDR visibility in AWS IaaS
  • Maximize your Splunk ES investment with Corelight
  • Exchange exploitation and architecting for visibility
  • Translating query into action
  • Getting the most out of your NIDS

Categories

Archives

Tags

Bro conn.log Corelight Corelight Sensor cybersecurity DNS Elastic encrypted traffic encryption files.log GitHub HTTP HTTPS IDS incident response ja3 ja3s JSON logs MITRE ATT&CK NDR network security Network Security Monitoring network traffic analysis network visibility NSM NTA open source open source community PCAP Richard Bejtlich SANS SIEM Sigma SOC Splunk SSH SSL ssl.log Suricata TCP TLS TLS 1.3 Vern Paxson Zeek

Footer

Use Cases

  • Our Use Cases
  • MITRE ATT&CK
  • Government
  • Enterprise
  • Higher Education
  • Why Corelight

Products

  • Zeek
  • Suricata
  • Collections
  • Appliance Sensors
  • Cloud Sensors
  • Software Sensor
  • Virtual Sensors
  • Fleet Manager
  • Compare to open Source Zeek

Company

  • About Corelight
  • Awards
  • Careers
  • Events
  • News Coverage
  • Media Kit

Resources

  • Support Overview
  • Open A Support Ticket
  • Product Training
  • Case Studies
  • Video
  • Github
  • Scripts + Packages
  • Zeek Community

Follow us

  • facebook
  • twitter
  • linkedin
  • github
  • reddit
  • youtube

Copyright © 2021 · Corelight, Inc. · All rights reserved. · Privacy Policy · Terms of Use