This year’s Mind the Sec security conference in São Paulo Brazil promises to be pretty amazing. Cylance CEO/President and Founder, Stuart McClure, will be delivering the keynote and I’ll be presenting a talk titled, “Security That Doesn’t Suck.”
My talk revolves around the idea of security instrumentation and being able to validate security effectiveness. This is so you can know what security controls are or are not working the way you intended across network, cloud, endpoint, email, etc.
And if those security controls aren’t doing what you want, you can tune, configure, and re-validate. As the title of my talk states, this is so your “security doesn’t suck.”
Safely Measuring Real Attack Behaviors
The approach to security instrumentation that I’ll be focusing on is the ability to safely measure the impact of real attack behaviors on your production network. In a live demonstration, I’ll show how using real attacks like Bartalex, Vawtrak, Mimikatz, PowerShell, Tunneling and others can allow you to validate that your security products are actually blocking, detecting, alerting, correlating, etc.
I’ll also share some startling statistics, based on real-life case studies, that illustrate how ineffective many organizations, some with massive security budgets and teams, actually are, due to a lack of validation and thus a lack of security value for their solutions.
I’ve worked a lot in Brazil over the years in multiple cities with multiple organizations. In fact, I lived in São Paulo for about a year at one point. From red teams, blue teams, and purple teams, to auditors, security executives, and business executives, security is a strong business imperative in Brazil.
Brazil – Home to the World’s Top Security Professionals
Without a doubt, Brazil has some of the most talented security professionals in the world. So, events like MTS never disappoint.
This is a Security Bloggers Network syndicated blog post authored by Brian Contos. Read the original post at: Cylance Blog