Future Cyber Tech, Application Security & DevOps

Businesses are acutely aware that there is an increasingly sophisticated criminal threat to their systems and data. Being fully protected against these threats has never been more imperative given the legislative and PR implications of high profile breaches. In this theater you can learn from the vendors at the front-line in the battle with cyber criminals about how future cyber tech solutions will counter the evolving threats.

Future Cyber Tech, Application Security & DevOps Speakers

Avesta Hojjati
Avesta Hojjati

Head of R&D DigiCert, Inc.

View

Avesta Hojjati

Avesta Hojjati is the Head of R&D at DigiCert, where he manages advanced development of cybersecurity products. Before joining DigiCert, Avesta was part of the Symantec and Yahoo security teams, as well as operating his own cybersecurity startup. Avesta focuses on applied cryptography, blockchain, post-quantum crypto, and IoT security. Avesta earned his Masters in computer science with a concentration on security from University of Illinois at Urbana Champaign, and he’s currently completing his PhD dissertation on applications of blockchain and IoT in manufacturing.

Chris Van Tuin
Chris Van Tuin

Chief Technologist, NA West Red Hat

View

Chris Van Tuin

Chris Van Tuin, Chief Technologist, NA West at Red Hat, has over 20 years of experience in IT and Software.   Since joining Red Hat in 2005, Chris has been architecting solutions for strategic customers and partners and is a frequent speaker on DevOps, Security, and Containers.  He started his career at Intel in IT and Managed Hosting followed by leadership roles in services and sales engineering at Loudcloud and Linux startups. Chris holds a Bachelors of Electrical Engineering from Georgia Institute of Technology.

Eric Jeffery
Eric Jeffery

Security Intelligence & Operations Consulting – Managing Consultant IBM

View

Eric Jeffery

Eric has 20+ years' experience with Information Security including stints in the Technology, Retail, Aerospace, Defense, Hardware, Entertainment and Healthcare industries. Mr. Jeffery's focus involves network design, network implementations and network security. Eric has a Bachelor of Arts degree in Economics from the University of Colorado at Boulder. Mr. Jeffery recently joined IBM as a Managing Consultant where he advises and assists customers with designing, deploying and managing Security Operations Centers (SOC).  Eric resides in Southern Colorado with his wife, enjoys playing trivia and video games.

Gary Nichols
Gary Nichols

Managing Director, Security Design & Engineering Charles Schwab

View

Gary Nichols

Gary Nichols is the Managing Director of Security Design & Engineering for Charles Schwab.  He oversees information security standards, researching and recommending security technologies, security research and development, managing cloud security strategy, and establishing security designs and prescriptive architectures for the Firm.  Mr. Nichols has over 20 years of information security and information technology experience within the military, government, hospitality, telecommunications, aerospace, banking, software development and insurance sectors. 

Prior to joining Charles Schwab, Mr. Nichols was a consultant to  Honeywell Global Security, and was the Chief Information Security Officer for Blue Cross Blue Shield of Arizona.

Charles Schwab & Co. (NYSE:SCHW) is one of the world's largest investment banks and brokerage companies, managing over $3 trillion in assets. The San Francisco-based company operates more than 300 branches with around 14,0000 employees throughout the US, in London and Hong Kong.

Grant Asplund
Grant Asplund

Principal Evangelist  Dome9 Security

View

Grant Asplund

Grant Asplund is the Principal Evangelist for Dome9 Security. Grant has more than 30 years of experience in sales, marketing, business development and management in enterprise software with the last 20 years focused within security. Prior to joining Dome9, Grant held worldwide evangelist roles at Check Point Software Technologies and more recently Blue Coat Systems, Inc. where he was Director of Evangelism. Grant has also held the Head of Market Development and Sales for Altor Networks, and was Vice President, Enterprise Sales for NeuStar. Additionally, he was President and CEO of MetaInfo before successfully selling the company to NeuStar. Grant brings his unique story-telling style mixed with high energy and passion, representing Dome9 at public events and conferences. Grant has also been a featured speaker and panelist at numerous industry trade shows, conferences and several radio blogs which include RSAC, Next100 CIO’s, and BlogTalkRadio.

Jim Motes
Jim Motes

Managing Partner Knights View Consulting, LLC

View

Jim Motes

Jim Motes recently founded Knights View Consulting, LLC, a veteran owned, bespoke security advisory practice specializing in cybersecurity solutions and compliance for businesses of all sizes.  Jim has held numerous executive security roles to include; VP Cyber Security -  Kohler Co., VP and Chief Security Officer - Rockwell Automation; VP Information Security - Invensys PLC, Chief Information Security and Privacy Officer - Perot Systems.
 
Jim’s experience in cybersecurity spans 20 years and he is a Certified Information Systems Security Professional (CISSP), Certified Information System Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), and National Security Agency InfoSec Assessment Methodology Certified (NSA-IAM).
 
Jim served as a commissioned officer in the United States Army including duty in the Middle East as an M1A1 heavy tank platoon leader.
 
He spends his free time traveling with his wife, is an avid photographer and antique automobile buff.

Tommy Hui
Tommy Hui

Sr. Director Sales Engineering SentinelOne

View

Tommy Hui
Utsav Sanghani
Utsav Sanghani

Product Manager – Integrations and Alliances Black Duck by Synopsys

View

Utsav Sanghani

Utsav is a Product Manager at Black Duck and drives DevOps Integrations to help the world’s most innovative companies streamline, safeguard and manage the use of open source software (OSS). Prior to Black Duck, Utsav worked with SMG Convonix to help clients in the area of Enterprise Software, Retail and Hospitality to design and deliver their web-based products. He started as a web-developer but his yearning to communicate and evangelize got him closer to customer facing roles. He holds a Bachelor’s in Engineering from the University of Mumbai and a business Masters from the Tuck School of Business at Dartmouth College. He loves comedy and can be seen frequenting comedy clubs around Boston.
 

Future Cyber Tech, Application Security & DevOps Seminars

  • Wed 31th Oct 09:30 - 10:00
  • Comprehensive Application Security Tooling (CAST) in your CI pipeline Utsav Sanghani  |   Black Duck by Synopsys  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31th Oct 09:30 to 10:00

    Comprehensive Application Security Tooling (CAST) in your CI pipeline

    This session will discuss how different analysis capabilities, when stitched together, can provide complete security coverage for your critical applications built using CI. Learn more about each technology and how to automate them as part of any CI pipeline.

    Speaker

    Photo Speaker Name Profile
    Utsav Sanghani Utsav Sanghani View Profile
  • Wed 31th Oct 10:10 - 10:40
  • Brought to you by Twistlock

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31th Oct 10:10 to 10:40

  • Wed 31th Oct 10:50 - 11:20
  • Advanced Attackers And Evolving Enterprise Defenses Tommy Hui  |   SentinelOne   |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31th Oct 10:50 to 11:20

    Advanced Attackers And Evolving Enterprise Defenses

    Advanced attackers are always looking for ways to stay hidden. The growing use of traffic encryption — over 50% of Web traffic today is encrypted — provides a simple trick for attackers to hide their threats and communications channels. Exploit kits, malware, adware, callbacks, as well as command & control channels leverage encrypted communications to infiltrate organizations and exfiltrate information.
     
    Look into encrypted traffic, without the need for a proxy or additional agents and ensure full coverage of threats hiding within covert channels. Learn how EPP capabilities can be extended to provide an integrated workflow from visibility & detection to response & remediation. A single agent, single console architecture provides deployment simplicity and operational agility to improve productivity and minimize business impact of threats.

    Speaker

    Photo Speaker Name Profile
    Tommy Hui Tommy Hui View Profile
  • Wed 31th Oct 11:30 - 12:00
  • Security in Modern Era: The Threat of Quantum Computers to Cyber Security Avesta Hojjati  |   DigiCert, Inc.  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31th Oct 11:30 to 12:00

    Security in Modern Era: The Threat of Quantum Computers to Cyber Security

    Quantum computing is still in its infancy but already poses challenges to digital security. We’ll look at the high-level issues that cyber security companies will face in the near future, as well as the threats to security-sensitive industries such as finance and health care. We’ll also discuss how cyber security companies can prepare for the post-quantum crypto era.

    Speaker

    Photo Speaker Name Profile
    Avesta Hojjati Avesta Hojjati View Profile
  • Wed 31th Oct 01:00 - 01:30
  • A DevOps State of Mind: Continuous Security with Kubernetes Chris Van Tuin  |   Red Hat  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31th Oct 01:00 to 01:30

    A DevOps State of Mind: Continuous Security with Kubernetes

    With the rise of DevOps, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate application delivery for the business. When it comes to adopting containers in the enterprise, Security is the highest adoption barrier. Is your organization ready to address the security risks with containers for your DevOps environment?  In this presentation, you'll learn about:

    • Best practices for addressing the top container security risks in a  container environment including images, builds, registry, deployment, hosts, network, storage, APIs, monitoring & logging, and federation
    • Automating and integrating security vulnerability management & compliance checking for container images in a DevOps CI/CD pipeline
    • Deployment strategies for deploying container security updates including recreate, rolling, blue/green, canary and a/b testing.

    Speaker

    Photo Speaker Name Profile
    Chris Van Tuin Chris Van Tuin View Profile
  • Wed 31th Oct 01:40 - 02:10
  • Developing and Retaining Excellence in a Competitive Market Jim Motes  |   Knights View Consulting, LLC  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Wed 31th Oct 01:40 to 02:10

    Developing and Retaining Excellence in a Competitive Market

    It's no secret that we are currently experiencing a critical shortage of trained and experienced cyber security practitioners.  The competition for qualified team members is fierce and long-term retention of your valuable team members is a key success factor for creating and maintaining a first-rate security team.  Exceptional security personnel are looking for opportunities to perform interesting and challenging work.  Too often those same personnel are relegated to perform mundane and repetitive tasks that fail to adequately engage and develop them professionally. CISOs/CSOs wishing to retain and mature their organizations should look for opportunities to drive efficiencies and optimize their security program while minimizing the administrative burden on their teams.  

    Low-cost, high-return activities such as establishing formal or semi-formal collaborative relationships with their peers for mutual security support and training opportunities combined with conducting security program rationalization and optimization projects can deliver significant value and introduce fresh insight into your security program.  Security executives should also consider how machine learning and Security Orchestration, Automation, and Response (SOAR) solutions may reduce time spent on lower skill, repetitive tasks, and improve overall team competency and retention.

    Speaker

    Photo Speaker Name Profile
    Jim Motes Jim Motes View Profile
  • Thu 1th Nov 09:30 - 10:00
  • Cyber Security Defense Maturity Model (CSDMM) Eric Jeffery  |   IBM  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Thu 1th Nov 09:30 to 10:00

    Cyber Security Defense Maturity Model (CSDMM)

    Discuss cyber security defense maturity model (CSDMM) that places technology families on a scatter plot delineating capability level with defensive maturity. Organizations need controls in place and an understanding of their defensive position. Too often, organizations use a whack a mole process or they defend against the risk of the day or, worse yet, what vendors tell them to buy. The CSDMM provides entities with an understanding of where they are so they can determine where they want to go. This model delineates what technologies entities need to implement so they can achieve a more sophisticate and mature defensive posture.

    Speaker

    Photo Speaker Name Profile
    Eric Jeffery Eric Jeffery View Profile
  • Thu 1th Nov 11:30 - 12:00
  • Forecast: Increasing Clouds with a High Chance it’s Your Fault Grant Asplund   |   Dome9 Security  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Thu 1th Nov 11:30 to 12:00

    Forecast: Increasing Clouds with a High Chance it’s Your Fault

    Using public clouds for enterprise datacenters is mainstream. However, the number of services and options being offered is daunting. Using a ‘one-size-fits-all’ interface to scroll through thousands of assets trying to find a misconfigured or exposed S3 bucket is folly.
     
    You likely don’t have experienced, trained security professionals maintaining your cloud environment(s) either and this gap exacerbates your risks…unskilled hands or one fat-finger can have dire consequences.
     
    In this session you’ll learn why Gartner says, “Through 2022, at least 95% of cloud security failures will be the customer’s fault.” and how you can avoid validating their forecast.

    Speaker

    Photo Speaker Name Profile
    Grant Asplund Grant Asplund View Profile
  • Thu 1th Nov 01:40 - 02:10
  • Reading the Tea Leaves: Preparing for the Future Cybersecurity Job Market Gary Nichols  |   Charles Schwab  |   Future Cyber Tech, Application Security & DevOps

    Future Cyber Tech, Application Security & DevOps Theatre

    Thu 1th Nov 01:40 to 02:10

    Reading the Tea Leaves: Preparing for the Future Cybersecurity Job Market

    Cyber warfare has evolved from a once futuristic concern of science fiction writers to an almost daily headline in the news. As attackers, methods and destructive capabilities evolve, so must those responsible for the defense and wellbeing of information systems. Explore the current state of both defensive and offensive human and technology capabilities, what the tea leaves are telling us about the near-term future, the gaps that exist, and the shift that is occurring that will reshape the cybersecurity job market to come. Understand what is coming, and invest in the right skill sets today to protect the information landscape of tomorrow.

    Speaker

    Photo Speaker Name Profile
    Gary Nichols Gary Nichols View Profile
Top