Identity: The Key to an Enhanced, Safer Connected Car Experience – Eve Maler – RSA23 #3
Cars have evolved from a physical mode of transportation to a digitized experience, bringing with it new risks and challenges in security, privacy and user experience. Putting identity at the center of the connected world solves simplicity and safety challenges, including physical safety, digital security and data privacy. Furthermore, decentralized identity plays a major role in a better, more secure seamless experience – not just for vehicles, but for society at large.
Segment Resources: https://www.rsaconference.com/USA/agenda/session/Driving%20Smart%20Innovation%20-%20Connected%20Car%20Identity%20at%20Scale
This segment is sponsored by ForgeRock. Visit https://securityweekly.com/forgerockrsac to learn more about them!
Eve Maler is a globally recognized strategist, innovator, and communicator on digital identity, security, privacy, and consent. As an identity and access management pioneer, she has shaped IAM standards and thought leadership for over two decades. In that time she has delivered dozens of mainstage presentations, technical education sessions, and workshops. As CTO of ForgeRock she led its Labs team investigating and prototyping innovative solutions to customers’ challenges. As a Forrester security and risk analyst she advised clients on strategy, industry developments, and best practices for IAM, strong authentication, and API security. Now Eve is on the hunt to take it to the next level.
Business Priorities – Not Tools – Should Dictate Cybersecurity Strategy – Mayeuresh Ektare – RSA23 #3
Cybersecurity teams today are inundated with tools that provide an abundance of alerts and data about threats, gaps, vulnerabilities and everything in between. While security tools are critical to operating a cybersecurity program and produce helpful data, they should never dictate an organization’s cybersecurity strategy. Instead, Amad Fida, CEO & Founder of Brinqa, explains why business priorities should be the foundation for any company’s cybersecurity strategy.
This segment is sponsored by Brinqa. Visit https://securityweekly.com/brinqarsac to learn more about them!
Mayuresh has more than 20 years of product management experience in enterprise security, networking, and SaaS. At Brinqa, he is responsible for all aspects of product management, product strategy, and technology partnerships.
How Security Leaders can Demonstrate Value by Reducing Costs Securely – Lenny Zeltser – RSA23 #3
Economic uncertainty has forced IT and security leaders to be more cautious than ever when increasing spending and team size. Suh dynamics give CISOs and CIOs an opportunity to demonstrate value by going beyond “merely” defending the organization from threats. We can contribute toward the organization’s efforts to constrain costs by looking inward at existing tools and assets to understand deployment, usage, and value. We can do this by ensuring the company is making the most of what it already has – and eliminating the spend that’s not being utilized in the most effective way.
Segment Resources: https://www.axonius.com/blog/cybersecurity-asset-management-helps-amid-economic-uncertainty
This segment is sponsored by Axonius. Visit https://securityweekly.com/axoniusrsac to learn more about them!
Lenny Zeltser is a cybersecurity executive with deep technical roots, product management experience, and a business mindset. He has built security products and programs from early stage to enterprise scale. He is also a Faculty Fellow at SANS Institute and the creator of REMnux, a popular Linux toolkit for malware analysis. Lenny shares his perspectives on security leadership and technology at zeltser.com.
Digital Identity: The Key to Unlocking Trust Online With Your Customers – Michaël Lakhal – RSA23 #3
There is a war on trust in the digital world, and people are caught in the crosshairs. Everywhere we look, there are identity risks with crippling repercussions for businesses, whether fake people, fake content, or insecure web links. With the rise of generative AI tools in business, threat actors are utilizing these technologies to create more sophisticated phishing emails – mimicking brands and tone or more easily translating copy into several languages making them more difficult to identify and easily connecting hackers with global audiences. Now is the time to implement solutions that empower a connected thread of trust between businesses and users – before all trust is lost.
This segment will focus on the growing need to protect digital identities in today’s evolving threat landscape while outlining actionable steps that can be taken to better secure digital identities and improve digital trust, such as implementing continuous identification and authentication. The session will also discuss how digital trust equates to an improved customer experience, highlighting the importance of security being seamlessly woven throughout the customer journey – especially as Web3 nears.
Segment Resources: OneSpan Identity Verification Services: https://www.onespan.com/products/identity-verification
Blog: In a World of Deep Fakes, How to Bring Trust and Integrity Back: https://www.onespan.com/blog/world-deep-fakes-how-bring-trust-and-integrity-back
Press Release: OneSpan Strengthens Protection of Web3 with New Innovative Cloud Notarization Solution: https://www.onespan.com/about/news/onespan-strengthens-protection-web3-new-innovative-cloud-notarization-solution
Forbes Byline: Boldly Meeting The Promise Of Web 3.0 - Written by CEO, Matt Moynahan: https://www.forbes.com/sites/forbestechcouncil/2022/11/02/boldly-meeting-the-promise-of-web-30/?sh=46ffa35358be
This segment is sponsored by OneSpan. Visit https://securityweekly.com/onespanrsac to learn more about them!
As a product manager and strategist, Michaël has more than 10 years of experience in the Digital Signature market, focusing on B2C transactions for financial services. As Director of Product Management at OneSpan, he leads two product lines: Identity Verification and Authentication to provide an end-to-end digital agreement solution. Prior to joining, Michaël was a senior product manager and senior product marketing manager at DocuSign to expand their offering in EMEA and APAC. Earlier in his career, he joined QuickSign as the first employee to build the first mass-market platform for B2C transactions based on OpenTrust signature engine, focused on onboarding for the financial industry.
Shrinking AppSec Risk: New Invicti Research Sees Systematic Testing Proving its Worth – Patrick Vandenberg – RSA23 #3
Without visibility into your entire web application attack surface and a continuous find and fix strategy, dangerous threats can expose your organization's blind spots and create risk. Invicti analyzes common web application vulnerabilities across thousands of assets yearly and releases the Invicti AppSec Indicator for a holistic view of application vulnerability trends from automated scan results across regions. In this interview, Invicti's Patrick Vandenberg zooms in on the vulnerabilities plaguing organizations, providing insight into this year's report trends, and guidance on how CISOs and AppSec program leaders can create an environment for their teams that mitigates risk.
This segment is sponsored by Invicti. Visit https://securityweekly.com/invictirsac to learn more about them!
A seasoned cybersecurity leader, Patrick Vandenberg is the Director of Product at Invicti Security. He works closely with security and DevSecOps stakeholders to understand today’s cybersecurity pain points so we can continue to help our customers solve their application security challenges. As an alumnus of several cybersecurity companies, including Hunters, Snyk, and IBM Security, Patrick brings over 20 years of experience in cybersecurity across product marketing and product management roles. Patrick holds a degree in Systems & Computer Engineering from Carleton University and, in his free time, continues a longtime passion for coaching and playing hockey.
It’s Time for CISOs to Prioritize XDR – Jason Rolleston – RSA23 #3
Today’s CISOs are laser focused on three imperatives: reducing risk; reducing operational costs, and attracting or retaining top talent. All three priorities are driven by creating a better SOC analyst experience which translates to less time to detect and respond to an attack. In this discussion, we’ll uncover how Extended Detection & Response (XDR) can drastically improve the SOC analyst experience and alleviate CISOs’ top challenges.
Segment Resources: https://blogs.vmware.com/security/2023/03/why-cisos-should-prioritize-extended-detection-response-xdr.html https://news.vmware.com/security/new-research-provides-insights-into-the-xdr-paradigm-shift https://news.vmware.com/releases/vmware-explore-2022-europe-xdr
This segment is sponsored by VMware. Visit https://securityweekly.com/vmwarecarbonblackrsac to learn more about them!
Jason is an accomplished business executive with experience across multiple technologies and a passion for cybersecurity. He has expertise managing businesses at scale while also developing next generation capabilities for adjacent opportunities. Jason joined VMware in 2021 to lead product management for VMware Carbon Black. Prior to VMware, Jason most recently served as Chief Product Officer at Kenna Security where he lead product management, product marketing, and business development. Prior to Kenna security, he was Vice President for Security Operations Products at McAfee, where he was responsible for McAfee’s security operations products, including SIEM, endpoint detection and response, behavioral analytics, and sandboxing. Prior to that, he served as Head of Product Management for Enterprise Routing at Cisco and held several senior positions at Symantec. He holds a B.S. in applied physics and a masters in engineering management from Cornell University, and an MBA from the University of Chicago Booth School of Business.
How to Effectively Identify and Mitigate Business Logic Attacks – Karl Triebes – RSA23 #3
Flaws in the design and implementation of an application can create business logic vulnerabilities that allow attackers to manipulate legitimate functionality to achieve a malicious goal. What’s more, API-related security incidents exploit business logic, the programming that manages communication between the application and the database. In this discussion, Karl Triebes shares what you need to know about business logic attacks to effectively protect against them.
This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them!
For over three decades, Karl Triebes has helped conceive and build products, services, and businesses for networking, application software, storage, and cloud. At Imperva, he leads product management for the Application Security business unit, driving product innovation for customers. Prior, he was Executive Vice President of Product Development and CTO at F5. Triebes has also held senior leadership positions with Amazon Web Services, Foundry Networks, and Alcatel.
How to Improve Active Directory Resilience When the Cards Are Stacked Against You – Mickey Bresman – RSA23 #3
Semperis CEO Mickey Bresman sits down with SC Magazine to share practical steps for improving Active Directory resilience in the face of escalating cyberattacks, using real-world examples. With cybercrime costs projected to reach $8 trillion in 2023 and AD being the top target for attackers, organizations must prepare to detect, respond, and recover from AD-based attacks. Learn how InfoSec and IAM teams can operationalize the Gartner "top trending" topic of identity threat detection and response (ITDR) to ward off attackers and take back the advantage.
Segment Resources: - https://www.semperis.com/blog/how-to-build-a-strong-itdr-strategy/ - https://www.semperis.com/blog/recovering-active-directory-from-cyberattack-itdr/ - https://www.semperis.com/resources/evaluating-identity-threat-detection-response-solutions/
This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisrsac to learn more about them!
Mickey Bresman is CEO and co-founder of Semperis, the identity-driven cyber resilience and crisis response company.
Beginning his technical career in the Navy, Mickey’s comfort zone is on the front lines helping organizations thwart and respond to cyberattacks. The long-time cybersecurity expert and entrepreneur has an extensive track record of driving revenue growth and scaling organizations across the globe. Prior to founding Semperis, Mickey held the position of CTO at YouCC Technologies, a Microsoft Gold Partner integration company. As a cybersecurity thought leader, Mickey has been quoted or featured in many major publications, including Forbes, Fortune, Wall Street Journal and others.
Semperis recently surpassed $150M in annual recurring revenue, a milestone that fewer than one in every 1,000 venture-backed enterprise software companies achieves. The company was recently recognized by Cohesity as its 2025 Security Partner of the Year, one of Dun’s 100 Best HighTech Companies, recognized by Inc. Magazine as one of its Best Workplaces for four consecutive years and has been named to Deloitte’s Technology’s Fast 500 for the sixth consecutive years.
Security Operations and the Vulnerability Shell Game – Dave Merkel – RSA23 #3
While emerging cyber threats and vulnerabilities tend to dominate headlines, criminals often exploit known vulnerabilities to gain access to critical systems and data for nefarious purposes. And with the number of vulnerabilities rising constantly, they can pose significant risk to organizations, especially if defenders don’t know which ones are critical. Learn how Expel is helping to pull back the curtain on how organizations can more effectively prioritize their most critical vulnerabilities.
Segment Resources: Blog post on new integrations - "Integrations roundup: new integrations to manage overall business risk" : https://expel.com/blog/integrations-roundup-new-integrations-to-manage-overall-business-risk/
Press release on MDR for Kubernetes - "Expel Advances Leadership in Cloud Security with MDR for Kubernetes " : https://expel.com/resource/expel-advances-leadership-in-cloud-security-with-mdr-for-kubernetes/
This segment is sponsored by Expel. Visit https://securityweekly.com/expelrsac to learn more about them!
Dave Merkel (aka “Merk”) is the co-founder of Expel as well as our Chief Executive Officer (CEO). Dave has been involved in the information security field for nearly 30 years, first as a federal agent pursuing cyber criminals in the era of floppy disks and 2400 baud modems, then as Chief Technology Officer (CTO) and vice president of products at Mandiant. Following FireEye’s acquisition of Mandiant, Dave served as the global CTO of FireEye.
Before Dave’s 10 years as a solutions provider, he spent another decade as a security practitioner. He got his start as a special agent in the Air Force Office of Special Investigations, pursuing cyber criminals and conducting digital forensic investigations, and later as head of AOL’s technical security organization. While at AOL, he created and ran the first incident response capability for AOL and Time Warner, managed software security and policy programs, and built technologies for AOL’s security infrastructure.
