Automating the Correlation of Vulnerability and Configuration Data With Ease Using DevOps
The speed and agility of DevOps allows the Cyber Modernization Division of the NRO to mature the organization's understanding of risk in its current landscape. In this session, Troy Taltano from the NRO will discuss the techniques the organization is using to assist in automatically tallying software, hardware, and its configurations with system security plan data, privileged user data, PKI certificates, and more. Troy will also explore how these techniques can be leveraged to allow cybersecurity professionals to easily focus on understanding and fixing risk at all levels of risk management.
The Value of Tenable at the State Level
The State of Maryland recently began upgrading from disparate Nessus scanners to Tenable.sc, saving weeks, perhaps months, of time discovering issues and getting to a point of remediation for the high-priority items. In this session, John Evans, the CISO at the State of Maryland, will discuss:
- How the organization identified Personally Identifiable Information (PII) in plaintext and encrypted it
- The methods of quickly finding Indicators of Compromise (IOCs) and vulnerabilities which would have taken weeks with the previous approach
- How Tenable’s built-in reporting efficiently created vulnerability reports to allow intelligent prioritization for remediation.
ACAS-as-a-Service: Lessons Learned from an Enterprise Perspective
Providing an enterprise-level service can be challenging from both a technical and an administrative viewpoint, but enabling your organization to transform a required product into a critical enterprise solution leveraged by all stakeholders is worth the effort. In this session, Phillip Katzman, Solutions Architect at North Tide Group LLC, will share his perspective on designing a multi-tiered ACAS architecture, establishing business processes/controls and implementing Tenable.sc customizations including:
- Objectives and engineering principles in a multi-tiered hierarchy; how to achieve synchronized information flow to your upstream servers
- What you need to know about utilizing third-party SIEM applications
- Ways to implement roles and responsibilities matching the organization's needs
- How to make the most of least-privilege models
- PHP Modification, including classification and caveat markings for emails, login page look & feel - DoD banner popup resize, organizational branding, and SAAR form links
Integrating Tools to Improve Cyber Hygiene
Today’s tools help us weigh and measure where we are, but we want more. Integrating tools and orchestrating processes helps us get closer to what we want. In a complex environment where we have to protect information while allowing openness, we are integrating tools to enable users to help themselves and to help us.
How Raytheon Space and Airborne Systems Meets its Cybersecurity Goals
In this session, you’ll learn how Raytheon and Tenable have partnered together on multiple fronts to quickly deploy solutions to meet the organization’s unique security needs. We’ll explore the Tenable products, training, and professional services that are helping Raytheon meet its cybersecurity goals. The discussion will also explore Tenable’s role in helping the company rapidly stand up services. We’ll share best practices for an enclave environment, and discuss how Tenable is helping Raytheon build its ConOps and operating expertise.
Vincent Gilcreest, Tenable
Using Predictive Prioritization to Focus on the Vulnerabilities that Matter
Vulnerability management has become increasingly difficult for IT and cybersecurity teams to tackle as the rate of vulnerability disclosures continues to grow. Predictive Prioritization is Tenable’s solution to this problem, leveraging multiple data sources and machine learning to provide security teams with actionable insights to answer the critical question: Where should we prioritize? In this talk, we’ll walk through real-world examples of how Predictive Prioritization can directly benefit our customers by helping them direct their limited time and resources in the most effective ways. Topics to be covered include:
- The use of machine learning to predict the threat posed by newly published vulnerabilities with limited information;
- Remediation efficiency compared to the typical application of CVSS; and
- The dynamic nature of Predictive Prioritization - how the model updates in response to changing vulnerability risk profiles.
We will also give a snapshot into how we can combine Predictive Prioritization with asset context to help you better identify and bridge your Cyber Exposure gaps.
Wayne Lloyd, RedSeal
Cyber Risk Modeling For Hybrid Environments
One of the keys to successful enterprise security is to be digitally resilient, which means being hard to hit, being able to detect immediately and being ready to respond rapidly. With RedSeal and Tenable integrations, you can achieve digital resilience by modeling your entire hybrid enterprise — from the cloud to software-defined networks to physical infrastructure and all the way down to the agents on your endpoints. With this model, and data integrated from Tenable, your responders can drastically speed up incident investigations, allowing for faster containment of an intrusion. Additionally, this concept allows for faster proactive auditing and hardening of your enterprise through automation to make your hybrid environment harder to hit. In his talk, Mr. Lloyd will cite customer successes using this model and discuss their implementation best practices.
Tom Parsons, Tenable
An Introduction to Tenable Research: 0-days, N-days and more
Tenable’s Tom Parsons will provide an overview of the Tenable Research team. Tenable Research is a global cybersecurity team most strongly associated with plug-in development for n-days. This content drives most of Tenable’s products. including Nessus, Tenable.sc and Tenable.io. The team also has a strong 0-day focus and made news in 2018 with the discovery of the Peekaboo vulnerability, a major flaw in global surveillance software. The team consists of many exceptional researchers and focuses on key issues affecting how organizations defend themselves. This session will give a broad overview of the diverse work the team is doing to help customers understand and manage their Cyber Exposure.