Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070
GovEdge_2019

AGENDA

7:30-2:30
Registration | Pavilion Foyer, Second Floor
7:30-8:45
Breakfast | Partner Pavilion, Second Floor
8:45-9:00
Welcome and Opening Remarks | James Hayes, Vice President of Global Government Affairs, Tenable | Rotunda
9:00-9:30
Keynote: Cyber Exposure - Relating Critical Functions, Threats, Assets and Vulnerabilities | Bob Huber, Chief Security Officer, Tenable | Rotunda
9:30-10:00
Keynote | Grant Schneider, Federal Chief Information Security Officer (CISO), U.S. Office of Management and Budget* | Rotunda
10:00-10:45
Refreshments and Networking | Partner Pavilion | Pavilion Foyer, Second Floor
10:45-11:15
Keynote: VM to Cyber Exposure: Transforming How We Reduce Cyber Risk | Ofer Ben-David, Chief Product Officer, Tenable | Rotunda
11:15-11:45
Keynote | Jeanette Manfra, Assistant Director for Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security* | Rotunda
11:45-12:15
Keynote: The Cure for Cyber Helplessness | Amit Yoran, Chairman and Chief Executive Officer, Tenable | Rotunda
12:15-1:30
Lunch | Partner Pavilion
TRACK A:
TRACK B:
1:40-2:10

TRACK: A

June 4 - 1:40 pm - 2:10 pm

Automating the Correlation of Vulnerability and Configuration Data With Ease Using DevOps

Speaker: Troy Taitano, Chief, Cyber Modernization Division, NRO

Session Abstract

The speed and agility of DevOps allows the Cyber Modernization Division of the NRO to mature the organization's understanding of risk in its current landscape. In this session, Troy Taltano from the NRO will discuss the techniques the organization is using to assist in automatically tallying software, hardware, and its configurations with system security plan data, privileged user data, PKI certificates, and more. Troy will also explore how these techniques can be leveraged to allow cybersecurity professionals to easily focus on understanding and fixing risk at all levels of risk management.

Track B
The Value of Tenable at the State Level John Evans, The State of Maryland

TRACK: B

June 4 - 1:40 pm - 2:10 pm

The Value of Tenable at the State Level

Speaker: John Evans, CISO, The State of Maryland

Session Abstract

The State of Maryland recently began upgrading from disparate Nessus scanners to Tenable.sc, saving weeks, perhaps months, of time discovering issues and getting to a point of remediation for the high-priority items. In this session, John Evans, the CISO at the State of Maryland, will discuss:

  • How the organization identified Personally Identifiable Information (PII) in plaintext and encrypted it
  • The methods of quickly finding Indicators of Compromise (IOCs) and vulnerabilities which would have taken weeks with the previous approach
  • How Tenable’s built-in reporting efficiently created vulnerability reports to allow intelligent prioritization for remediation.
2:20-2:50
Track A
ACAS-as-a-Service: Lessons Learned from an Enterprise Perspective Phillip Katzman, North Tide Group LLC

TRACK: A

June 4 - 2:20 pm - 2:50 pm

ACAS-as-a-Service: Lessons Learned from an Enterprise Perspective

Speaker: Phillip Katzman, Solutions Architect, North Tide Group LLC

Session Abstract

Providing an enterprise-level service can be challenging from both a technical and an administrative viewpoint, but enabling your organization to transform a required product into a critical enterprise solution leveraged by all stakeholders is worth the effort. In this session, Phillip Katzman, Solutions Architect at North Tide Group LLC, will share his perspective on designing a multi-tiered ACAS architecture, establishing business processes/controls and implementing Tenable.sc customizations including:

  • Objectives and engineering principles in a multi-tiered hierarchy; how to achieve synchronized information flow to your upstream servers
  • What you need to know about utilizing third-party SIEM applications
  • Ways to implement roles and responsibilities matching the organization's needs
  • How to make the most of least-privilege models
  • PHP Modification, including classification and caveat markings for emails, login page look & feel - DoD banner popup resize, organizational branding, and SAAR form links
Track B
Integrating Tools to Improve Cyber Hygiene Kevin Kerr, Oak Ridge National Laboratory

TRACK: B

June 4 - 2:20 pm - 2:50 pm

Integrating Tools to Improve Cyber Hygiene

Speaker: Kevin Kerr, CISO, Oak Ridge National Laboratory

Session Abstract

Today’s tools help us weigh and measure where we are, but we want more. Integrating tools and orchestrating processes helps us get closer to what we want. In a complex environment where we have to protect information while allowing openness, we are integrating tools to enable users to help themselves and to help us.

2:50-3:20
Refreshments and Networking
3:20-3:50
Track A
How Raytheon Space and Airborne Systems Meets its Cybersecurity Goals Jay Demmler, Raytheon Space and Airborne Systems

TRACK: A

June 4 - 3:20 pm - 3:50 pm

How Raytheon Space and Airborne Systems Meets its Cybersecurity Goals

Speaker: Jay M. Demmler, Senior Principal IT Architect, Raytheon Space and Airborne Systems

Session Abstract

In this session, you’ll learn how Raytheon and Tenable have partnered together on multiple fronts to quickly deploy solutions to meet the organization’s unique security needs. We’ll explore the Tenable products, training, and professional services that are helping Raytheon meet its cybersecurity goals. The discussion will also explore Tenable’s role in helping the company rapidly stand up services. We’ll share best practices for an enclave environment, and discuss how Tenable is helping Raytheon build its ConOps and operating expertise.

TRACK: B

June 4 - 3:20 pm - 3:50 pm

Using Predictive Prioritization to Focus on the Vulnerabilities that Matter

Speaker: Vincent Gilcreest, Director of Data Science, Tenable

Session Abstract

Vulnerability management has become increasingly difficult for IT and cybersecurity teams to tackle as the rate of vulnerability disclosures continues to grow. Predictive Prioritization is Tenable’s solution to this problem, leveraging multiple data sources and machine learning to provide security teams with actionable insights to answer the critical question: Where should we prioritize? In this talk, we’ll walk through real-world examples of how Predictive Prioritization can directly benefit our customers by helping them direct their limited time and resources in the most effective ways. Topics to be covered include:

  • The use of machine learning to predict the threat posed by newly published vulnerabilities with limited information;
  • Remediation efficiency compared to the typical application of CVSS; and
  • The dynamic nature of Predictive Prioritization - how the model updates in response to changing vulnerability risk profiles.

We will also give a snapshot into how we can combine Predictive Prioritization with asset context to help you better identify and bridge your Cyber Exposure gaps.

4:00-4:30

TRACK: A

June 4 - 4:00 pm - 4:30 pm

Cyber Risk Modeling For Hybrid Environments

Speaker: Wayne Lloyd, Federal CTO & Technical Director, RedSeal

Session Abstract

One of the keys to successful enterprise security is to be digitally resilient, which means being hard to hit, being able to detect immediately and being ready to respond rapidly. With RedSeal and Tenable integrations, you can achieve digital resilience by modeling your entire hybrid enterprise — from the cloud to software-defined networks to physical infrastructure and all the way down to the agents on your endpoints. With this model, and data integrated from Tenable, your responders can drastically speed up incident investigations, allowing for faster containment of an intrusion. Additionally, this concept allows for faster proactive auditing and hardening of your enterprise through automation to make your hybrid environment harder to hit. In his talk, Mr. Lloyd will cite customer successes using this model and discuss their implementation best practices.

TRACK: B

June 4 - 4:00 pm - 4:30 pm

An Introduction to Tenable Research: 0-days, N-days and more

Speaker: Tom Parsons, Senior Director Product Management, Tenable Research

Session Abstract

Tenable’s Tom Parsons will provide an overview of the Tenable Research team. Tenable Research is a global cybersecurity team most strongly associated with plug-in development for n-days. This content drives most of Tenable’s products. including Nessus, Tenable.sc and Tenable.io. The team also has a strong 0-day focus and made news in 2018 with the discovery of the Peekaboo vulnerability, a major flaw in global surveillance software. The team consists of many exceptional researchers and focuses on key issues affecting how organizations defend themselves. This session will give a broad overview of the diverse work the team is doing to help customers understand and manage their Cyber Exposure.

4:30-6:00
Reception
*Schedule is subject to change without notice.
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.