Breakout Sessions

Session information for Cyber Defense Summit 2020 is coming soon.
For an idea of the session types and topics, please check out our 2019 sessions below.

Executive Track

SESSION 1 | October 9, 2019 | 1:00 PM - 1:50 PM
You've Been Breached! Cyber Security-Readiness for the C-Suite and Board

Are you breach-ready? Implementing a cybersecurity-readiness program, spearheaded by the GC and CISO, can make a critical difference in mitigating the impact and consequences of a breach on an organization's infrastructure, reputation, and financial future. In this session, we'll empower leaders by sharing best practices in a variety of critical areas:

  • Steps a GC and CISO can take together to prepare in advance for a cyber breach
  • Advising the Board on its fiduciary duties regarding cybersecurity
  • Managing the litigation, investigations and reputational damage that follow a high-profile breach
  • The importance of protecting attorney-client privilege
  • Understanding breach disclosure laws and best practices for notification

Panel:
Karen Kukoda, Sr. Director FireEye Cyber Risk Partners – FireEye (Moderator)
Stewart Baker, Partner – Steptoe and Johnson, LLP
Scott Ferber, Partner – King & Spalding LLP
Stacey Halota, Vice President, Information Security and Privacy – Graham Holdings
Dave Wong, Vice President, Mandiant Consulting – FireEye


SESSION 2 | October 9, 2019 | 2:00 PM - 2:50 PM
Are You Extortion-Ready? An Executive Guide to Successful Cyber Extortion Negotiation

Cyber extortion incidences are increasing at an unprecedented rate, and with them, crypto-extortion demands are skyrocketing. Negotiations often lead to cyber claims of $1 million or more, not to mention a host of legal issues. When the worst happens, you need to know how to respond, and how to determine when the time is right to engage external counsel. This panel discussion will walk through a successful intelligence-led cyber extortion event, highlight best practices for those first critical hours, and give you the information you need to empower your organization against a malicious adversary.

Presenters:
Brett Anderson, Breach Response Services – Beazley
Chris Cwalina, Global Co-Head of Data Protection, Privacy and Cybersecurity – Norton Rose
Navid Jam, Managing Director, Mandiant Consulting – FireEye
Bill Segal, CEO, Co-Founder – Coveware


SESSION 3-A | October 9, 2019 | 3:30 PM - 3:55 PM
High Stakes Extortion: Reverse Engineering Humans for Fun & Profit

Learn how FireEye Mandiant caught a threat actor by applying hostage negotiation tactics to a million-dollar cyber extortion case. This is a real-world investigation that explains how to solve a case by reverse engineering humans.

Presenter:
Robert Wallace, Senior Director, Mandiant Consulting – FireEye


SESSION 3-B | October 9, 2019 | 3:55 PM - 4:20 PM
Measuring Effectiveness: SOC Metrics to Drive Positive Outcomes in Your Security Posture

Have you ever wondered how to measure the effectiveness of your organization or agency's cyber security operations center (CSOC)? In this session, we will decompose key metrics for the CSOC with three consumers in mind: the CSOC itself, executives above the CSOC, and CSOC customers. We will provide example metrics used by leading, mature CSOCs, and highlight where those metrics can boost positive outcomes when used wisely or drive negative outcomes when used poorly.

Presenter:
Carson Zimmerman, Senior Security Service Engineering Lead – Microsoft


SESSION 4 | October 9, 2019 | 4:30 PM - 5:20 PM
Navigating the Labyrinth: A Guide to Cybersecurity Legal Risk for Executives and Directors

With cyber security breaches becoming increasingly common, C-suite executives and their boards need to understand the legal risk. This session delves into the topic of cybersecurity legal risk and provides step by step guidance to CISOs and the C-Suite on when and how to engage the board of directors.

Presenter:
Beth Waller, Chair, Cybersecurity and Data Privacy Practice – Woods Rogers PLC


SESSION 5 | October 9, 2019 | 5:30 PM - 6:20 PM
2019 FireEye CxO TrendScape Report Live Analysis

See behind the headlines and explore the real meaning and ramifications of the 2019 FireEye CxO TrendScape Report findings, on stage with industry leading CIOs. FireEye surveyed more than 800 CIO/CSOs worldwide to identify the top cyber security trends and concerns. What do CxOs believe are the biggest risks to their organizations? How much do they spend on cyber security? How do they rate their breach readiness? We asked the tough questions and will discuss their direct answers. Join us for a frank discussion of the key issues that impact cyber resiliency for organizations worldwide.

Presenter:
Eric Ouellet, Global Security Strategist – FireEye


SESSION 6 | October 10, 2019 | 1:00 PM - 1:50 PM
Protecting the Ballot and Safeguarding Elections

Across the globe, the concern over the safeguarding of elections is rising. Both nationally and locally, how do we protect this key democratic process in an era where malign actors can launch intrusions from around the world? How do we mitigate influence campaigns and other forms of interference? This panel will bring together a range of experiences and insights to help illustrate how stakeholders are thinking about election protection issues, and what we are doing collectively to diminish risks.

Presenter:
Luke McNamara, Principal Analyst – FireEye


SESSION 7 | October 10, 2019 | 2:00 PM - 2:50 PM
Hacked by a Nation-State. Does Government Attribution Matter?

Public attribution by governments of nation-state actors and proxies in cyberspace is increasing. In this session, we’ll review incidents that have been publicly attributed by a government to a nation-state actor or proxy and consider what effect, if any, the attribution may have had on the breached organization’s response, liability, insurance coverage, and public perception of the incident. We’ll also explore factors that may make a government’s attribution of an actor more impactful from an affected organization’s perspective.

Presenter:
Allison Bender, Of Counsel – Wilson Sonsini Goodrich & Rosati


SESSION 8 | October 10, 2019 | 3:30 PM - 4:20 PM
Achievement Unlocked: Chinese Cyber Espionage Evolves to Support Higher Level Missions

In Red Line Drawn, FireEye documented a significant decline in the volume of Chinese cyber threat activity in 2014 and 2015 that we believe was caused by a combination of internal and external factors, including a restructuring of Chinese cyber espionage operators. In the last several years, Chinese nation-state cyber operations have evolved substantially, becoming more efficient, more focused in Asia, and increasingly targeting the global communications backbone. Today, APT40 and APT41 pose clear and present threats to elections infrastructure, and the maritime, healthcare, and telecommunications sectors. In this session, we will examine these changes in the context of the current state of China's nation-state operations. We'll also highlight how observed cyber threat activity has developed in response to the geopolitical and economic environment, as well as China's shifting priorities. Finally, we'll make predictions as to how this activity will continue to progress in years to come.

Presenters:
Nalani Fraser, Senior Manager, Intelligence Analysis – FireEye
Kelli Vanderlee, Manager, Intelligence Analysis – FireEye


SESSION 9 | October 10, 2019 | 4:30 PM - 5:20 PM
Avenues of Exploitation: Use of Zero-Day Vulnerabilities by Tracked Groups

A zero-day is a previously unknown vulnerability in a system that is actively exploited by malicious actors before a patch is made available. Due to the lack of available remediations, threat actors are often able to create problems for organizations before they are able to properly protect themselves. In this session, we will highlight trends we have observed in the utilization of zero-days by known threat groups. Which tracked groups frequently demonstrate access to zero-days, and how has this changed over time? What products are frequently affected? What does the use of the zero-day tell us about a group's targeting priorities? Finally, we will present the impact of public exploit availability on usage by tracked groups.

Presenters:
Kathleen Metrick, Analyst, Strategic Intelligence – FireEye
Parnian Najafi, Senior Analyst, Advance Analysis – FireEye
Jared Semrau, Senior Manager, Vulnerability & Exploitation – FireEye


SESSION 10 | October 10, 2019 | 5:30 PM - 6:20 PM
Breach Response Planning in the Privacy Age

Data privacy and protection regulations have evolved in recent years and can pose significant challenges to organizations in the event of a breach. Are you prepared? This session will highlight some of the new data protection and incident response requirements that impacted companies are now required to meet. It will also highlight the capabilities of a cyber security program that these regulations necessitate. Join us as we explore breach response planning in the privacy age.

Presenters:
Christopher Courchesne, Senior Manager, Mandiant Consulting – FireEye
Matthew Ford, Principal Consultant, Mandiant Consulting – FireEye


Technical Track

SESSION 1-A | October 9, 2019 | 1:00 PM - 1:25 PM
Harvesting Botnets for Unusual Data

After reviewing more than 10 billion botnets records, a lot of unusual records come to mind! Unlike much stolen data, botnets do a great job in record keeping. Who, when, where, what and even sometimes how and why questions can be answered. By connecting credentials stolen by a botnet to an unattributed breach, we may be able to tell who was breached, and even when. This presentation, based on research and practical examples, will lift a veil on botnets and will make mining data significantly more actionable.

Presenter:
Alex Holden, CISO – Hold Security


SESSION 1-B | October 9, 2019 | 1:25 PM - 1:50 PM
Into the Fog: The Return of ICEFOG APT

In 2013, a public report revealed a group of actors that were conducting targeted attacks leveraging a malware dubbed ICEFOG, mainly against government organizations and the defense industry of South Korea and Japan. Little has been published on the activities of ICEFOG malware since the report was released more than six years ago. However, despite an observed pause in their activity and a decrease in sample numbers, the attacks leveraging the ICEFOG malware have not entirely stopped following the exposure.

In the past few years, we have observed attacks in which the malware delivered an exploit using different tactics, techniques and procedures (TTP) from the campaign reported in 2013. In a recent attack, a new variant of the ICEFOG samples were also discovered. In this session, we will introduce our findings among samples discovered through the years, and highlight the evolved TTPs that this threat actor has applied to evade detection. In addition, we will also introduce and clarify the potential connections between the ICEFOG operator and other APT groups.

Presenter:
Chi-en Shen, Senior Researcher – FireEye


SESSION 2 | October 9, 2019 | 2:00 PM - 2:50 PM
Key Trends in Hunting for Big Evil at FireEye

How is the threat landscape evolving? And what does that mean to you and your organization? Leveraging learnings for more than eight hundred significant event responses in the past year, and telemetry from thousands of product clients, this session will provide insight into how threats are working across the globe today, what trends are taking shape, and what these technical events mean for targets. We’ll show the varied types of targeted devices, emerging and dominant TTPs, what motivations appear to be driving attackers, and the most successful steps taken by our clients to reduce or prevent the major breaches of the coming year.

Presenter:
Steven Stone, Director, Advanced Practices – FireEye


SESSION 3-A | October 9, 2019 | 3:30 PM - 3:55 PM
Fingerprinting Binaries Using Rich Headers: Tales from Our Analysis

Rich headers are undocumented compiler/linker artifacts that have been around since the late 1990s with Visual C++ 6. Their existence was first discussed publicly in 2004, with many tinfoil hat theories regarding their intended purpose. Regardless, they can be used or misused as a pseudo “digital fingerprint.” In this session, we’ll cover our findings on their efficacy across a huge data set, and share some war stories where rich headers have been used to connect the dots during our investigations. We will discuss observations of possible tampering with the Rich header, and how it compares with other indicators like PE import hash. Attendees will see what happens when these are extracted from more than five million samples, and will learn how they can be searched CSI-fingerprint-match style, all to find out “who dunnit!”

Presenters:
Todd Plantenga, Senior Staff Research Engineer – FireEye
Ben Wilson, Senior Threat Analyst, Advanced Practices – FireEye


SESSION 3-B | October 9, 2019 | 3:55 PM - 4:20 PM
Scan't Touch This! Proactively Detect Adversaries Beyond Your Environment

Early detection affords defenders additional time to respond to and thwart intrusions. Most modern detection capabilities require action against a target, which is reactive in nature. In this session, we introduce a simple and effective, yet relatively unknown approach to proactively identify hostile infrastructure beyond one’s environment using network scanning and third-party sources. By applying traditional detection methodologies to these non-traditional sources, adversaries can be detected before they initiate an intrusion. We will expose tradecraft to identify post-exploitation frameworks and share some of our favorite success stories involving real adversaries conducting criminal and intelligence operations.

Presenter:
Aaron Stephens, Senior Threat Analyst, Advanced Practices – FireEye


SESSION 4 | October 9, 2019 | 4:30 PM - 5:20 PM
Defensive Trends to Make Your Organization More Resilient to Attack

What can we learn from the mistakes of previous victim organizations? How can you make your own organization more resilient to attack? This session will feature an in-depth discussion of those questions and more, building on material in M-Trends 2019, about developments in technical and programmatic defensive trends and best practices learned from extensive FireEye Mandiant investigations and remediations worldwide.

Presenters:
Nick Bennett, Managing Director, Mandiant Consulting – FireEye
Joe Mehegan, Consulting Manager, Mandiant Consulting – FireEye


SESSION 5 | October 9, 2019 | 5:30 PM - 6:20 PM
The Unexplored Art of Enterprise macOS Forensics

Enterprise and macOS investigations - are they mutually exclusive? Scaling investigations in large macOS environments is generally anecdotal, but Mandiant consultants lived the challenge and are ready to share the lessons learned. We’ll show how real-world attackers used macOS systems to traverse the attack lifecycle. Along the way, we will reveal how we discovered and decoded forensic artifacts, including Saved State files, the Apple Remote Desktop database, Jamf endpoint logs, StickiesDatabase, and more. We'll also examine how this methodology enabled us to track attackers across thousands of systems, scope the incident, and determine information exposure.

Presenters:
Willi Ballenthin, Senior Staff Reverse Engineer – FireEye
Ashley Frazer, Incident Response Consultant, Mandiant Consulting – FireEye
Jake Nicastro, Associate Consultant, Mandiant Consulting – FireEye


SESSION 6 | October 10, 2019 | 1:00 PM - 1:50 PM
Code Signing Certificates: Beyond PEs

Compromised code-signing infrastructure, software supply chain attacks and evil updates are only the beginning! Code signing can facilitate execution of malicious code from a wide array of VBA Macros, JavaScript and PowerShell in hardened environments, where unsigned code may be difficult or impossible to execute successfully otherwise. In this session, we'll examine code signing and its use in successful real-world attacks. We'll go to the front lines with Mandiant incident response and our Advanced Practices team research, where attackers have signed a wide array of non-PE binaries to facilitate their intrusions. The Advanced Practices team will release code to help you identify attacker-controlled certificates, no matter what type of file they may be signing.

Presenter:
Barry Vengerik, Technical Director, Advanced Practices – FireEye


SESSION 7 | October 10, 2019 | 2:00 PM - 2:50 PM
Using Data Science in Threat Hunting to Find the Needles in the Haystack

Threat hunting is both art and science! In this session, we will discuss how Procter & Gamble is using data science to hunt through the enterprise data lake for anomalies that will guide threat hunting hypotheses using non-traditional information security analytics. We'll examine how using a combination of open-source, commercial and cloud storage solutions, data scientists can develop models deployed via AWS EMR clusters to mine the data lake into manageable data sets. We'll show how Jupyter notebooks can then sort the data sets and provide noteworthy intelligence to the threat hunting team, and how we build this intelligence back into our automated defensive toolkit.

Presenters:
John Robenalt, Sr. Data Scientist – Procter & Gamble
Ben Ruffley, Threat Hunter – Procter & Gamble


SESSION 8-A | October 10, 2019 | 3:30 PM - 3:55 PM
Staying Hidden on the Endpoint: Evading Detection with Shellcode

A secondary objective to any true red team assessment is avoiding detection. In fact, it's part of the glory! As modern Endpoint Detection and Response (EDR) products have matured over the years, the red teams must follow suit. This session will provide insight into how Mandiant’s Red Team crafts payloads to bypass modern EDR products and gain full command and control (C2) of their victim systems.

Presenters:
Casey Erikson, Senior Consultant, Mandiant Consulting – FireEye
Evan Pena, Global Red Team Lead, Mandiant Consulting – FireEye


SESSION 8-B | October 10, 2019 | 3:55 PM - 4:20 PM
Do You Know What's on Your Exchange Server?

In 2017, Mandiant Consulting uncovered two malicious Exchange transport agents, REDMAIL and XTRANS, and discovered that one had been used since at least 2010. In this session, we will examine Exchange-specific modules and their legitimate use cases, and provide an overview of the malware families that exploit them. We will dive into the details of the two previously mentioned transport agents as well as a previously undisclosed one. Finally, we will provide a demonstration of other possible malicious use cases of Exchange transport agents, and give ideas for detection.

Presenters:
Adrien Bataille, Senior Consultant, Mandiant Consulting – FireEye
Anders Vejlby, Senior Consultant, Mandiant Consulting – FireEye


SESSION 9 | October 10, 2019 | 4:30 PM - 5:20 PM
BECs and Beyond: Investigating and Defending Office 365

As organizations increase their adoption of cloud services, we see attackers following them to the cloud. Microsoft Office 365 is becoming the most common email platform in enterprises across the world and it is also becoming an increasingly relevant artifact for intrusion investigations. This session will discuss two real-world attacks that targeted Office 365 - one motivated by money, and the other by information. Through the case studies, we will analyze the TTPs of both threat actors and how they differ, describe how to optimize Office 365 for investigations, provide an overview of the log sources that are available (and their limitations), and provide recommendations for enhancing the security of Office 365.

Presenters:
Douglas Bienstock, Principal Consultant, Mandiant Consulting – FireEye
Josh Madeley, Principal Consultant, Mandiant Consulting – FireEye


SESSION 10 | October 10, 2019 | 5:30 PM - 6:20 PM
APT41: A Technical Overview of TTPs and Malware

APT41 is one of the most prolific threat actors that FireEye observes while performing incident responses. From supply chain attacks to targeting of the gaming industry, it is one of the only threat actors that dabbles in both espionage and for-profit intrusions. APT41 continues to develop and improve tools, as well as malware families that are among the most intricate used by Chinese threat actors today. In this session, we will discuss novel techniques used in multiple intrusions and highlight unique malware capabilities, such as the SMS collecting MESSAGETAP malware and the covert CROSSWALK.BIN passive backdoor. We’ll provide the information and details you need to protect your organization from the malicious activity of this formidable threat actor.

Presenters:
Raymond Leong, Principal Threat Analyst, Advanced Practices – FireEye
Daniel Perez, Principal Threat Analyst, Advanced Practices – FireEye


Solutions Track

SESSION 1 | October 9, 2019 | 1:00 PM - 1:50 PM
Effort Doesn't Equal Effectiveness: Measuring and Optimizing Your Security Stack

Across all industries, organizations and agencies are facing a broad range of issues stemming from the false assumption that their security products, processes, and technology are working together effectively to provide a strong security posture. In this session, we will discuss how to evaluate the true effectiveness of your security program, as well as the benefits of ongoing measurement. We will also hear from a key customer about how FireEye has influenced its journey towards greater security effectiveness using the Verodin platform.

Presenters:
Evan Pena, Global Red Team Lead, Mandiant Consulting – FireEye
Jeff Seely, Director of Security Instrumentation and Effectiveness, Verodin Group – FireEye


SESSION 2 | October 9, 2019 | 2:00 PM - 2:50 PM
Anywhere, Anytime, Always-On Network Protection

With advanced attacks against all vectors - on-premise, SaaS, and in the cloud - the need has never been more critical for complete visibility and protection across an organization's entire infrastructure, following data wherever it travels.

Join us for a dedicated Network Security and Forensics session where we will present the latest malware trends and challenges and discuss upcoming partnerships.  You'll also hear the real-world use case for one of FireEye's large enterprise customers that is advancing through a journey towards security consolidation in the cloud, with global deployment, easy migration, anywhere protection and best-in-class Network Security protection.

Presenters:
Rob Ayoub, Senior Product Marketing Manager, Network Security Products – FireEye
David Batty, Solutions Architect, Sales Engineer – FireEye
Stephen Clemons, Chief Information Officer – SMUD
Paul Martini, CEO – iboss


SESSION 3 | October 9, 2019 | 3:30 PM - 4:20 PM
Addressing the Cyber Security Skills Gap with Managed Defense

The shortage of cybersecurity workers continues to be a major concern. Unfilled cybersecurity jobs are expected to reach 1.8 million by 2022, up 20% from 1.5 million in 2015, according to the Center for Cyber Safety and Education. It’s also difficult and costly to find, hire, train and retain security experts to protect against threats 24x7x365. Join Stanley Parret, Principal Consultant for FireEye Managed Defense, along with Managed Defense customers, to hear real world examples of how enterprises are using Managed Defense to protect more with less, in order to meet this challenge head on!

Presenters:
Stanley Parret, Principal Consultant, Managed Defense – FireEye
Sanjeev Sah, Chief Information Security Officer – Medical University of South Carolina
Andrew Smith, Manager, Cybersecurity Operations – Sallie Mae


SESSION 4 | October 9, 2019 | 4:30 PM - 5:20 PM
Empowering Protection, Detection, Response and Compliance with Endpoint Security

As cyber security threats have continued to increase in potency and speed, defensive capabilities must be able to respond with the same velocity, empowering SOC analysts with the latest innovation in automation and machine intelligence. Learn about FireEye's latest advancements in Endpoint Security and see how this solution helps organizations protect themselves against a complex threat landscape, as well as providing the capabilities to address unique industry and regulatory compliance requirements. In this session, we will highlight the successful application of FireEye Helix, Network Security, and Endpoint Security.

Presenters:
Toby Barber, Information Security Architect – The University of California, San Francisco (UCSF)
Robert Kusters, Senior Product Marketing Manager – FireEye
Jim Waggoner, Senior Director Product Management, Endpoint – FireEye


SESSION 5 | October 9, 2019 | 5:30 PM - 6:20 PM
Taking Your SOC to Infinity and Beyond

In an ever-evolving threat landscape, SOCs are increasingly challenged to keep pace with incident prevention, detection and response.

The traditional analyst-reliant approach often leads to a game of constant catch up, where alert-burdened SOCs and overwhelmed security analysts must contend with an endless avalanche of alerts, while performing multiple roles. Over time, this hinders the SOCs ability to effectively and efficiently respond to threats—in turn exposing the organization to unnecessary risk and the potential for costly results.

In this session, we'll learn how FireEye Mandiant helps organizations apply the expertise and tools necessary to quickly develop and mature detection and response capabilities in order to contain and remediate threats before they become harmful headline breaches.

Presenter:
Nick Slaughter, Manager, Mandiant Consulting – FireEye


SESSION 6 | October 10, 2019 | 1:00 PM - 1:50 PM
ORO = Intel Gold: Making Strategic Threat Intelligence the Gold Standard in Business Risk Management

A new business product or service is launched. Then cyber bad happens. Now the CISO and her intel team are engaged to figure out what happened and why. Sound familiar? How do you break this cycle to understand cyber bad before new products launch and reduce likelihood and impact? Can the intelligence function perform a crucial role in strategic planning to help ensure business initiatives are as successful as intended? ORO, Spanish for gold, is also an acronym for Operational Risk Officer. During this session, Sean Franklin, former VP of Cyber Intel, and Brian Mohr, former Cyber Threat Intelligence Analyst, at one of the world’s largest financial institutions, will explain how they created the role of lead Operational Risk Officer for Information Security, integrated threat intelligence into the operational risk management structure and lessons learned along the way. They’ll cover how to get strategic intelligence built into your business risk assessment process. They’ll show how this helps your CTI team develop priority intelligence requirements (PIRs) and collection needs, create Early Warnings and Indications (EWIn’s) for continual monitoring to protect your business objectives and enhance risk mitigation. Finally, they’ll show how two different companies deal with the same business initiative and end up with very different outcomes – one lead and one gold!

Presenters:
Sean Franklin, Founder/President – Franklin Cyber Risk
Brian Mohr, Co-Founder – D3 Intelligence LLC
Trish Tobin, Director, Product Marketing, Expertise On Demand and Threat Intelligence – FireEye


SESSION 7 | October 10, 2019 | 2:00 PM - 2:50 PM
Protecting Organizations from Advanced Cloud Threats

As organizations continue to embrace the cloud and realize its benefits, FireEye is helping to ensure that emerging technologies are not an attacker’s playground. Attend this session to learn firsthand how FireEye works with our customers to deliver the world-class ability to prevent, detect, and respond to security threats in the cloud. Learn about the latest attacker tactics, techniques, and procedures that our incident responders have discovered on the front lines and see how FireEye's security solutions evolve to protect customers with cloud-based infrastructure.

Presenters:
Rich Baker, Director, DFIR Consulting – Optum Technology
Martin Holste, Sr. Manager, Cloud Security and CTO – FireEye
Andrew Smith, Manager, Cybersecurity Operations – Sallie Mae


SESSION 8 | October 10, 2019 | 3:30 PM - 4:20 PM
On the Front Line with FireEye Email Security

Email remains the entry point for more than 90% of cyber attacks. To reduce the risk of a breach, organizations must protect employee email from the ever-increasing sophistication of malicious activity. In this session, you'll learn why FireEye Email Security is the best at securing Office 365, and how it is currently being used by more than a thousand organizations globally to prevent hard-to-detect impersonation, credential phishing URLs and zero-day malware. You'll also hear from a FireEye customer as to why they sleep better knowing their organization is protected by FireEye Email Security.

Presenter:
Joshua Bass, Product Management, Email Security – FireEye
Fredrik Berntsson, Head of IT Security Operations – Ericsson


SESSION 9 | October 10, 2019 | 4:30 PM - 5:20 PM
The Evolution of a Customer's Journey: From Passive to Secure and Ahead of the Curve

One Source had seen the writing on the wall. Increasingly resilient and persistent attackers were targeting its mid-sized customers, who were not only more constrained by the growing security skills shortage, but whose access to data made them especially attractive targets. What’s more, as a valued partner to these organizations, One Source itself was increasingly targeted by online adversaries.

Through its partnership with FireEye, One Source, an award-winning Managed Security Service Provider (MSSP), was able to supplement its customers’ security teams with access to Fortune-50 threat intelligence, investigation, and incident response, allowing its customers to evolve from being reactive to feeling safe and empowered.

Join One Source’s Steve Cobb and Eric Gressel as they guide you through their company’s journey with FireEye, and their unique perspective on the evolution of technology, security, and business.

Presenters:
Steve Cobb, Senior Technology and Security Fellow – One Source Communications
Eric Gressel, Executive Vice President of Sales – One Source Communications


SESSION 10 | October 10, 2019 | 5:30 PM - 6:20 PM
Effort Doesn't Equal Effectiveness: Measuring and Optimizing Your Security Stack

Across all industries, organizations and agencies are facing a broad range of issues stemming from the false assumption that their security products, processes, and technology are working together effectively to provide a strong security posture. In this session, we will discuss how to evaluate the true effectiveness of your security program, as well as the benefits of ongoing measurement. We will also hear from a key customer about how FireEye has influenced its journey towards greater security effectiveness using the Verodin platform.

Presenters:
Evan Pena, Global Red Team Lead, Mandiant Consulting – FireEye
Jeff Seely, Director of Security Instrumentation and Effectiveness, Verodin Group – FireEye


Cyber Defense Summit 2019, don't miss out!

Thank you for attending Cyber Defense Summit 2019.

#FireEyeSummit