Workshop – Adversarial Kill Switch and Time Based Defense
Friday, June 16th 9am-1PM EST
RBC WaterPark Place
88 Queens Quay W #2900
Toronto, ON
M5J 0B8
Meeting Room: TRN6-29-Algonquin LVCR
Abstract: The adversary is relentless and continues to make their way into critical and highly sensitive workloads. These workloads provide critical services and keep the lights on for many organizations while containing sensitive and/or intellectual property. How can defenders drive toward full micro-segmentation within the datacenter regardless of where the workload resides and achieve zero-trust? Workloads today exist in a multiple clouds making the solutions we protect complex with a ton of nuance. This decreases resilience and hinders defenders ability to be effective. Workloads are deployed everywhere such as on-premise, within cloud service provider A, B, C, physical, virtual, and containers. Defending has always been tough business this just makes it even that more challenging. Cisco provides the capability to drive towards zero-trust within the datacenter and along that journey we significantly limit the ability of the adversary to invoke their will. We quickly achieve a massive reduction in the attack surface, the blast radius, and while doing so we increase time based defense. Focusing on outcomes that matter!
Session Agenda – 4 hours
- Application Security – Overview ~ 20 minutes
- Zero Trust Focused on Application Security ~ 50 minutes
- Cisco Secure Workload: Central Pillar for Zero Trust Journey ~ 20 minutes
- Cisco Secure Workload: CSW Workshop/Demo ~ 2.5 Hours
- The demo’s will highlight the value of locking the door and achieving massive risk reduction and full zero-trust outcomes. This will take both an adversarial and defender approach where we will showcase the adversary invoking their will and then leveraging Cisco Secure Workload to reduce the risk and lock the door!
- Security Team Mandate: Only approved assets can SSH into workloads
- All Web Services Mandate: Production and test workloads should never communicate but need access to NTP/DNS Services
- Retail Web Services Mandate: Only approved web ports should be available 80/443/8080
- Shared Services Mandate: Time services available to the datacenter workloads
- Mitigate CISA Log4J Emergency Directive
- Use Forensic Rules and Deep Dive into Process Details
- Mitigate CVEs that can’t be Patched.
- The demo’s will highlight the value of locking the door and achieving massive risk reduction and full zero-trust outcomes. This will take both an adversarial and defender approach where we will showcase the adversary invoking their will and then leveraging Cisco Secure Workload to reduce the risk and lock the door!
Session Presenters:
Jason Maynard: Jason has been architecting, designing, and deploying security technologies that secure the most complex computing environments for almost 2 decades. His understanding of operational and informational technologies, people, and processes enable him to deliver effective, comprehensive security solutions that align to an organization’s security goals and strategic imperatives. Jason is adept at addressing a range of risk profiles across multiple industry verticals; skills he has cultivated as an end-user security practitioner, partner/integrator, and now manufacturer as the FIELD CTO, focused on Cybersecurity for Cisco Systems. Jason is also active in the direct community speaking at BC Aware, Privacy and Security Conference, and has delivered multiple sessions at BSides. Jason also holds over 75+ designations across a variety of products and technologies including the CCIE designation.
Nadir Lakhani: Nadir is a Cloud Security Architect with the focus on Workload & Application Security. He leads the Secure Workload portfolio for Canada and has been in the industry for 22+ years. His areas of expertise are in Security that encompasses Micro-segmentation, Zero Trust, Workload Protection, Posture Management, Cloud Networking/Security & Data Center technologies including Software Define Networking. He is also part of the Cloud Native Application Protection Platform (CNAPP) tiger team to solidify the upcoming market trend for securing the application lifecycle including DevSecOps. Nadir holds a Master’s Degree in Computer Engineering from Wayne State University, Michigan and has a Bachelor’s Degree in Electrical Engineering. Nadir is a triple CCIE (Data Center, SP & Collaboration), and the first Data Center CCIE in Canada. Along with CCIEs, he also AWS Solutions Architect, Azure Solutions Architect, GCP Professional Cloud Architect, VMWare VCP, Microsoft & Oracle certifications.
Register Today!
* Required