RSS:2023 Track 1 (Day 2) :: Rochester Security Summit

RSS:2023 Track 1 (Day 2)

Small Step or Giant Leap? Cyber and Policy Progress Towards Satellite Security

William Malik
October 26, 2023 10:00 am - 10:50 am

Already a vital part of both the internet of things and the critical infrastructure of the internet, satellites are set to take on a more significant role with the expansion of 5G and IoT. But many satellites with primitive security could become threat vectors for cybercriminals. This session will provide three satellite attack scenarios that could occur without increased cyber security measures and discuss viable solutions to this threat. The speaker will also share some of the steps that policy makers are taking to try to prevent these scenarios from happening, including the newly proposed law would enhance cybersecurity for commercial satellites to protect them from getting hacked by bad actors

Catching More Flies - Spotting the Adversary With Honey Techniques

Matthew Gracie
October 26, 2023 11:00 am - 11:50 am

Detection Engineering traditionally centers around defining and alerting on known malicious adversary actions in your environment. Deception Engineering, on the other hand, uses techniques like honeypots and honeycreds to trick an intruder into seemingly harmless actions that will generate immediate, high fidelity alerts. This talk will outline some free tools and techniques that you can deploy in your environment to spot attacker reconnaissance and lateral movement early in the attack chain.

AppSec: Making Sense of the Wild West

Chris Peltz
October 26, 2023 1:00 pm - 1:50 pm

Running an Application Security program these days may feel like being a lawman in the Old West. This talk will review practical strategies for developing better application development posture and building rapport with stakeholders in a seemingly “lawless” environment.

Automation in the SOC: A Winning Recipe

Joe Morin
October 26, 2023 2:30 pm - 3:20 pm

Join us for an insightful exploration of "Automation in the SOC: A Winning Recipe" as we navigate the realm of SOC automation, its challenges, and its transformative potential. Our presentation will pivot around the supremacy of automation within the SOC environment, applicable across diverse scenarios. Focusing on proactive threat detection, rapid incident response, and seamless collaboration, we will unveil cutting-edge solutions that redefine the trajectory to SOC success.

Beyond Firewalls: A DevSecOps Approach to Elevating Application Security

Ben Wilcox and Lakshman Kaveti
October 26, 2023 3:30 pm - 4:20 pm

Applications lacking safeguards risk data, reputation, and stability. Manual security testing and firewalls are insufficient in our interconnected, risky world. Application security needs continuous collaboration between security teams and developers to embed security early in software development and throughout its lifecycle. This talk covers secure coding essentials like continuous vulnerability assessments, automated testing, and monitoring, plus timely patch management through automation, user-access controls, and secure operations. Learn how to modernize and automate your approach to application security.