
2020 Evolve Track
An Intelligence Driven Approach to Security Validation
JUNE 8, 2020 @ 7:00 PM (PT) | JUNE 9, 2020 @ 10:00 AM (SGT)
A recent SANS study showed that while organizations used threat intelligence to hypothesize where attackers may be found, they lack the investigative skills to conduct searches. This continues to be a growing problem in the cyber security industry as organizations struggle to justify the high-cost of their defenses.
We make significant investments to justify our methods of stopping evil. However, we rarely spend time in measuring our methods or investments. Instead, we rely on assumptions to guide our decisions and justify our judgements. In this session, we will explore real world data and dive deep into the performance of cybersecurity controls across enterprise networks; from email, endpoint, network to cloud-based controls and examine some alarming results. As organizations continue to struggle to justify the high-cost of their defenses, Security Validation provides a solution to validate, consolidate, recoup and maximize the value from existing investments.

Shashwath Hegde
Solutions Architect, APAC – FireEye
Security Validation: What is it and How can it Improve Security Effectiveness?
JUNE 9, 2020 @ 2:00 AM (PT) | JUNE 9, 2020 @ 10:00 AM (BST)
To stay ahead of an evolving threat landscape, security teams must continuously improve their processes and technology. But even with their investments, security professionals still need answers to pressing questions:
- Who are the attackers that target my industry and what techniques do they use?
- Which alerts matter most and how do I respond?
- Are my tools, controls, processes working as expected?
- Where should I focus improvement efforts?
Join Mike Batten, VP Sales Engineering EMEA, for our upcoming webinar to:
- Learn how cyber threat intelligence can inform which attackers target your industry and understand the techniques they employ
- Find out how continuous validation can pinpoint where you have gaps so you can target improvements where they are needed -Understand how validation technology powered by relevant intelligence can generate proof of effectiveness and reduce risk
- View the results of a recent security effectiveness report, spanning the production environments of multiple industries and enterprises.

Mike Batten
Vice President, Sales Engineering EMEA – Mandiant
Resources
Measure, Improve and Optimize Your Cyber Security with Mandiant Security Validation
JUNE 9, 2020 @ 4:00 AM (PT) | JUNE 9, 2020 @ 12:00 PM (BST)
Mandiant Security Validation allows you to accurately assess a company's security posture. We help our clients take a proactive approach to identifying and mitigating risks due to incorrect configurations, inefficiencies in products, and / or established security processes.
Find out how Mandiant Security Validation enables you to:
- Evaluate your security posture in order to prioritize investments
- Optimize the configuration of your technologies to maximize the return on investment
- Compare your security with market standards such as MITRE ATT&CK Framework and others
- Test the correct operation of your DLP-type tools
- Measure the security of your security processes in the CLOUD
- Validate the correct operation of your Endpoint tools
- Confirm network segmentation in IT / OT / SCADA environments

Lluis Coma
EMEA Consulting Sales Engineer – FireEye
Take Control of Your Cloud Environments
JUNE 9, 2020 @ 8:00 AM (PT) | JUNE 9, 2020 @ 11:00 AM (ET)
Complex cloud environments are a reality for many enterprises and organizations, and managing them is a requirement. But it can be done. Learn firsthand how FireEye delivers world-class capabilities to prevent, detect, and respond to security threats in and from the cloud.
This Virtual Summit session covers:
- Ways to gain greater visibility across hybrid, public, private, and multi-cloud environments
- Expectations of the shared responsibility model
- Pitfalls when approaching a move to the cloud
- Best practices based on real-world use cases

Martin Holste
Cloud Chief Technology Officer – FireEye

Joshua Bass
Senior Manager, Product Management – FireEye

Lisun Kung
Senior Director, Cloudvisory – FireEye

Matthew McWhirt
Director, Mandiant Consulting – Mandiant
Tips for Securing Your Cloud Environments
JUNE 9, 2020 @ 10:00 AM (PT) | JUNE 9, 2020 @ 1:00 PM (ET)
For the last several years, organizations around the world have been moving applications and services to the cloud at an increasing pace. Despite this investment, many organizations fail to fully understand the security controls they have at their disposal and fail to effectively harden their cloud environments against attack. As a result, FireEye Mandiant experts have observed a significant rise in cloud-related breaches driven by both targeted and opportunistic threat actors over the past several years.
In this session, Mandiant consultants share lessons learned from real-world incident response experiences, identify some common pitfalls and provide best practices for organizations to harden their cloud environments and reduce the risk of compromise. They also discuss the pitfalls and best practices presented in M-Trends 2020.

Chris Romano
Senior Consultant – Mandiant

Greg Blaum
Principal Consultant – Mandiant

Jennifer Guzzetta
Product Marketing Manager – Mandiant
Considerations for Evolving to Intelligence-Led Security
JUNE 9, 2020 @ 1:00 PM (PT) | JUNE 9, 2020 @ 4:00 PM (ET)
Mandiant Threat Intelligence experts present an in-depth explanation of what it means to be intelligence-led, how organizations should seek to increase intelligence maturity and capability, and how to get started on this journey. Join this session to learn:
- The definition, characteristics and caveats of an intelligence-led security approach
- Things to consider when assessing and evolving intelligence maturity
- The importance of frameworks when assessing, measuring and executing on your strategy

Gina Hill
Principal Consultant – Mandiant

Duke McDonald
Consultant – Mandiant
TIBER-EU: How Mandiant Engagements Enhance Your Cyber Resilience
JUNE 10, 2020 @ 4:00 AM (PT) | JUNE 10, 2020 @ 12:00 PM (BST)
The Framework for Threat Intelligence-based Ethical Red Teaming (TIBER-EU) enables European and national authorities to work with financial infrastructures and institutions to put in place a program to test and improve their resilience against sophisticated cyber-attacks. Its core objectives include improving the protection, detection and response capabilities of entities, enhancing the resilience of the financial sector; and providing assurance to the authorities about the cyber resilience capabilities of the entities under their responsibility. Join this session to:
- Understand how the TIBER improves the cyber resilience of financial organizations through cyber threat intelligence and targeted attack scenarios
- Learn how Mandiant uses its world-leading threat intelligence and incident response capabilities to identify the most relevant attack scenarios involving ransomware, SWIFT frauds and customer PII leaks
- See how Mandiant red teams use Targeted Threat Intelligence Reports to create attack plans and risk management trackers
- Understand how end-to-end tests are created and what tactical and strategic deliverables can be expected from Mandiant

Angelo Perniola
Senior Consultant – Mandiant

Jay Christiansen
Principal Consultant – Mandiant
Get Your Data Protection Ahead of Impending Threats
JUNE 10, 2020 @ 7:00 AM (PT) | JUNE 10, 2020 @ 10:00 AM (ET)
With new attack vectors and application exploits being discovered, legacy endpoint protection products cannot keep up. They leave your data, information and intellectual property at risk. Endpoint protection (EPP) and detection and response (EDR) needs to evolve with the emerging threats and threat vectors.
Join us as we share how a new model for an endpoint defense agent can keep pace and match wits with evolving threats using the knowledge of industry-leading incident response teams.

Vinoo Thomas
Product Line Manager, Endpoint – FireEye
Leveraging Security Validation to Operationalize Threat Intelligence
JUNE 10, 2020 @ 1:00 PM (PT) | JUNE 10, 2020 @ 4:00 PM (ET)
In this session, Mandiant security experts discuss the use of threat intelligence and security validation to understand who might attack, where organizations are most vulnerable, and how to respond. You’ll hear about:
- The value of cyber threat intelligence to proactively identify the latest and most sophisticated threats and support strategic decisions
- The importance of automatic and routine controls testing against the latest attack behaviors
- How security effectiveness validation and cyber threat intelligence can help rationalize security investments, align business and security programs and best equip security teams to defend against adversaries

Colby DeRodeff
Vice President & Chief Technology Officer, Mandiant Security Validation

Jeffrey Berg
Senior Director, Mandiant Threat Intelligence
A Red Teaming Case Study
JUNE 10, 2020 @ 11:00 PM (PT) | JUNE 11, 2020 @ 2:00 PM (SGT)
Red Team assessments help organizations assess their readiness to defend against advanced attacks, and identify most relevant weaknesses in their current detection and response procedures that advanced threat actors routinely exploit to break in and complete their mission while remaining largely undetected. In this session, we'll look at a red team case study where consultants performed an objective-based assessment that emulated a real cyber attack of an advanced, nation state attacker across the entire attack lifecycle, and highlight the key weaknesses that were exploited in order to achieve the mission objectives.

Vivek Chudgar
Senior Director, Mandiant Consulting – Mandiant
How to Fortify Your Security Operations with Technology and Expertise
JUNE 11, 2020 @ 10:00 AM (PT) | JUNE 11, 2020 @ 1:00 PM (ET)
Navigating the MDR marketplace can be difficult without insight from peer organizations with established programs. Join this session to:
- Understand emergent threats and tactics that drive your need to quickly detect and respond to cyber threats
- Realize that you’re not in an either-or situation and learn how to align people, technology and operations in your SOC
- See what it looks like to outplay your attacker in a live tabletop exercise

Patrick O’Sullivan
Director of Security Engineering – Alorica

Stanley Parret
Principal Consultant – Mandiant