Preventing Real-World Attacks in 2020 | Presenter: Yishay Perry, CORTEX Senior Systems Engineer
Threats on endpoints have evolved to a level of sophistication that easily bypass traditional endpoint protection by hiding in plain sight. Threats like DarkHotel, Cannon, and SambaCry are using weaponized exploits and other advanced tactics to compromise endpoints and accomplish their objectives. During this session, security experts from Palo Alto Networks will share some of the most advanced threats techniques found in 2019, how they operate, and how capabilities included in XDR Prevent endpoint protection (a.k.a Traps), such as Behavioral Threat Protection, can keep endpoints from being compromised.
CORTEX XDR - Breaking the Silos of Traditional Prevention, Detection, Investigation and Response | Presenter: Gal Steimberg, Senior Product Manager
As cybercriminals and their tactics have become more sophisticated, the time to identify and to contain breaches has only increased. This growing gap has created a new demand from security teams for more visibility and clarity into their security infrastructure. Cortex XDR, allows you to rapidly prevent, detect and respond to threats across your enterprise, by stitching the network, endpoint and cloud data.
In this session we will provide an overview of the XDR vision and of the technology behind it, and go over some of the new features added to push the boundaries of operational speed and accuracy.
SOAR 101 – Paving the Way From Alerts to Action | Presenter: Guy Rinat, VP of Engineering
Security teams face unique challenges in today’s data-heavy landscape with sophisticated attackers and vast threat surfaces. As alert number rise and security product stacks grow, security teams struggle to execute standardized enrichment and response due to disparate tool sets, rising alert and false positive numbers, time-consuming manual actions, and human capital crunches. This session will highlight how a Security Orchestration, Automation, and Response (SOAR) platform plugs in critical gaps in the incident response lifecycle. An in-depth demo will highlight how SOAR tools unify and automate actions across security products, structure processes through task-based workflows, and free up analyst time for important decision-making and deeper investigations.
Red team vs. Blue team | Presenter: Liat Hayun, VP of Product Management & Yael Tauman, Staff Researcher
Watch 2 of our best threat hunters and ethical hackers in a step-by-step simulation of a cyber attack. Compare the workflow & timing of the red team's attack when the blue team operates traditionally, and when the blue team operates with next generation Cortex capabilities.
Evolving to Managed detection and response, what works and the future | Presenter: Dori Fisher, Head of Managed Cyber Security Services, BDO
Anyone can look into a microscope. But you need to be a doctor to understand what you see.
In the last few years, technologies in cybersecurity are evolving beyond mere prevention into detection and response.
While prevention is usually a strait forward “yes” or “no” question, Cyber Security detection is a much softer discipline that requires
“Doctors”, i.e. people (or machines) that understand the subject matter and can provide a definitive answer or at least a definitive next step.
In this session - a presentation of the current and future managed detection and response and addressing the following topics:
- Managed SOC, Managed SIEM, Managed detection and response, how managed is it, exactly?
- Is SIEM failing and what is the world is doing about it?
- Detection and response in “Zero knowledge” environments
- Resolving incidents with automation – real world examples
- Response – how to start with the end in mind