This session will explain how to utilize the SecurityCenter API to build custom tools like alerting, creating tickets for teams and automating basic security tasks, so information security professionals can focus on more important activities. Did you know you can drop a file containing the top 10 vulnerable hosts into popular chat applications like Slack? Did you know you can automate ticket creation using the SecurityCenter API? All this and more will be covered in this session. A basic knowledge of programming concepts is preferred, but not required. We will cover these concepts using both Python and Bash.
Responding to vulnerabilities is akin to battling a forest fire. Responders pick which areas to go after and which areas to let burn, but there’s always damage. What if there were a better way to fight the right fires faster?
In this session, we will share how ServiceNow is partnering with Tenable to help security teams mitigate risks by enhancing vulnerability remediation efforts. From comprehensive vulnerability assessments to tracking issues through resolution, ServiceNow and Tenable are innovating and integrating to drive customer success.
Director Security Business Unit
We will look at how operational technology (OT) security needs differ from IT security, and the importance of purpose-built OT technology. We will assess where OT cybersecurity teams are investing today and the types of technology they will deploy in the future – from network visibility through security analytics. We will also show how organizations are moving to gain transparency across their IT and OT networks, for continuous understanding of and control over their cyber exposure. We will close with practical tips on how IT security teams can begin expanding their operations to support OT security.
Director Industrial Cyber and Digital Security, Siemens Energy
There are two stark realities that have emerged as organizations manage their cyber exposure:
- You cannot patch every vulnerability.
- You are drowning in a sea of information about cyber exposure.
This means your organization is in a perpetual state of risk and triage of that risk. Only the most important assets will get attention and the rest must wait.
At the same time, the visibility you have into your infrastructure generates an unimaginable volume of data. Herein lies another stark reality – you know a great deal about your assets, but you lack true insight into what’s most important to the business.
The solution to dealing with these two realities is to apply proper cyber exposure prioritisation principles. Applying these techniques allows you to leverage your visibility to make impactful decisions that reduce business risk.
VP, Information Security
In this talk, we will share how Capgemini has built and is operating a compliance monitoring solution for a global accountancy firm with 130 locations globally and 40,000 devices, with each location responsible for its own IT. The solution, built on Tenable.io, helps the local firms stay compliant with the global security policy and associated standards. We will present how Capgemini has set up a verification process for these standards, including automated verification provided by Tenable.io. Enabled by the solution’s flexibility, we are using custom audit files and reporting to support a heterogeneous global organization, with location-specific standards and reports. This also includes the use of agents to scan systems outside the office perimeters. Join us to learn how the flexibility and comprehensive coverage provided by Tenable.io can help monitor and assess even the most complex enterprise environment.
IT Security Consultant
In today’s competitive environment, e-tailers have limited resources and tight margins. This means protecting customer information and intellectual property often competes for resources with search engine optimization, social media marketing, and other marketing investments.
Therefore, in your role as the enterprise security professional, you must choose the best solutions to enable security and compliance with a limited budget, through solutions that make you more effective and efficient. This presentation will show how Venus Fashion leverages the cloud-based capabilities of Tenable.io to maintain a safe and compliant environment for e-tailing and a fantastic customer experience.
Compliance Information Security Engineer
Many organizations are rapidly adopting public cloud services, but securing assets in the cloud isn’t the same as protecting your on-prem resources. If you’re looking to take the guesswork out of securing your AWS environment, join this session for an overview of industry best practices and resources for configuring AWS deployments.
We will highlight what you need to know from Amazon’s own Security Guidelines, CIS AWS Foundations and AWS Three Tier Web Architecture Benchmarks, and CSA Cloud Controls Matrix (CCM) and Security Guidance. We will also cover how these best practices support broader compliance frameworks such as PCI, NIST 800-54, and ISO 27001/27002. Finally, we will recommend a number of specific actions which can help you validate and monitor the posture of your deployment. Throughout, we will illustrate these best practices with real-world examples of how Tenable solutions can support your cloud security journey.
Sr. Research Engineer