Prevent Con 2018 Agenda
Monday, September 17, 2018
10:00 AM - 8:30 PM PDT

CSP Accreditation Workshop Badge Pick-Up

Pacific Ballroom

Badge Pick Up for CSP Accreditation Workshop attendees. Please note, this workshop is optional and requires pre-registration. The class is currently sold out, we apologize for any inconvenience.

Show details Hide details
12:00 PM - 5:30 PM PDT

Cylance Security Professional (CSP) Accreditation Workshop Day 1

Pacific Ballroom

Please note, this workshop is optional and requires pre-registration. The class is currently sold out, we apologize for any inconvenience.

Show details Hide details
5:30 PM - 7:30 PM PDT

Accreditation Dinner

BLK Earth Sea Spirits
Tuesday, September 18, 2018
9:00 AM - 5:30 PM PDT

Cylance Security Professional (CSP) Accreditation Workshop Day 2

Pacific Ballroom

Please note, this workshop is optional and requires pre-registration. The class is currently sold out, we apologize for any inconvenience.

Show details Hide details
10:00 AM - 8:30 PM PDT

Full Conference Badge Pick-Up Opens

Breakwater Ballroom Foyer
4:00 PM - 8:00 PM PDT

Prevention Pavilion

Coastal Ballroom

Over the course of Prevent 2018, be sure to visit the Prevention Pavilion located just across the lawn from the main hall. In the pavilion, visitors will have the opportunity to get hands on with Cylance’s team of experts. Deep dive into the technology and partner integrations and see how Cylance works firsthand on a variety of devices. Visitors will also have the opportunity to meet with customer success managers, learn more about ThreatZERO™, and get a free ThreatZERO™ healthcheck.

Show details Hide details
5:30 PM - 8:00 PM PDT

Kick Off Prevent Con Party

Vista Lawns

Prevent 2018 has finally arrived and we’re ready to raise a glass in celebration! Enjoy the beautiful SoCal outdoors as we meet and mingle over delicious California cocktails and cuisine. It’s time to meet your fellow attendees, talk plans for the week, and then close the night out in true Huntington Beach tradition with s’mores around the fire pit.

Show details Hide details
Wednesday, September 19, 2018
7:00 AM - 8:15 AM PDT

Networking Breakfast

Vista Lawns
7:00 AM - 9:00 AM PDT

Badge Pick-Up

Breakwater Ballroom Foyer
8:15 AM - 8:30 AM PDT

CEO Keynote Intro

Stuart McClure Breakwater Ballroom CD
8:30 AM - 9:30 AM PDT

Hacking Exposed

Stuart McClure Brian Robison Breakwater Ballroom CD

Join Stuart McClure, CEO at Cylance®, and Brian Robison, Senior Director of Security Technology at Cylance, in a very special Hacking Exposed live event at Prevent 2018.

The previous Hacking Exposed episodes introduced you to many of the tools and techniques real-world adversaries use to evade endpoint security products; all leading up to this very special event. We invite you to come join us at Prevent 2018 and experience Hacking Exposed live and in person. We will put these concepts (plus a few new ones) into practice and conduct full-scale, multi-phased, endpoint compromises. The techniques and tactics you will experience in this Hacking Exposed session will provide valuable tools for you to test for yourself and gauge the effectiveness of your current defenses.

Goals:
• Learn about the phases of real-world attacks
• Get hands on experience with many of the tools
• Gain techniques that you can use in your own testing

Show details Hide details
9:30 AM - 10:15 AM PDT

Catch Me If You Can

Frank Abagnale Breakwater Ballroom CD

We are honored to present the real Frank Abagnale, renowned cybersecurity and fraud prevention expert, and bestselling author and subject of Catch Me If You Can.

Frank’s transformation from one of the world’s most notorious con men to an international cybersecurity expert trusted by the FBI for more than 40 years has been mythologized in film, stage, and literature – but the takeaways he shares are the real deal.
Frank's contributions to the world of security are immeasurable. He has become a hero to hundreds of public and private sector organizations for his indispensable counsel and strategic insight on safeguarding information systems and combating cyber fraud.

With an eye on the latest techniques developed by high-tech criminals to deceive and defraud, Frank leaves audiences with a deep understanding of today’s evolving security landscape, and more importantly, a vision of how to make the world a safer place.

Show details Hide details
10:00 AM - 8:00 PM PDT

Prevention Pavilion

Coastal Ballroom

Over the course of Prevent 2018, be sure to visit the Prevention Pavilion located just across the lawn from the main hall. In the pavilion, visitors will have the opportunity to get hands on with Cylance’s team of experts. Deep dive into the technology and partner integrations and see how Cylance works firsthand on a variety of devices. Visitors will also have the opportunity to meet with customer success managers, learn more about ThreatZERO™, and get a free ThreatZERO™ healthcheck.

Show details Hide details
10:15 AM - 10:45 AM PDT

Networking Break and Book Signing with Frank Abagnale

Breakwater Ballroom Foyer
10:45 AM - 11:15 AM PDT

Cybersecurity – Going from the Backroom to the Boardroom

Arthur W. Coviello, Jr. Breakwater Ballroom CD

Art Coviello, former Chairman of RSA and Cylance board member, will share his board-level view on the state of cybersecurity. His perspective will be reflective of the past and present in addition to a future look at board-level issues and how they evolve. Art has a unique and astute perspective as a result of his long tenure in the security industry, especially given the number of successes and setbacks he’s witnessed as CEO and chairman of a multibillion-dollar corporation and his time serving on public and private company boards. Art will share valuable insights gained and lessons learned and discuss where to focus moving forward to better protect organizations, customers, and society at large.

Show details Hide details
11:15 AM - 12:15 PM PDT

The Impact of Endpoint Security Trends and Insights from 2018

Eric Ouellet Juan Gomez-Sanchez Daniel Shuler Breakwater Ballroom CD

2018 has been a pivotal year for endpoint security. Eric Ouellet, Research VP and co-author of the Gartner Magic Quadrant for Endpoint Protection, will be moderating a discussion with leading Cylance customers including Lennar Corp. and Phoenix Children’s Hospital. Eric will present the results of his research to date with customers and vendors world-wide and engage with the panel to provide insights into the future of endpoint security and how it can contribute to the success of their security efforts.

Show details Hide details
12:15 PM - 1:15 PM PDT

Networking Lunch

Vista Lawns
1:15 PM - 2:00 PM PDT

Lessons Learned Panel

Dave Alfaro Alan Cunningham Michael Gregg Matthew Stiak Breakwater Ballroom CD Best Practices with Cylance

Join this discussion to learn how other Cylance clients are safeguarding their business from cyberthreats, to uncover strategies and tactics to reduce labor hours and improve cost savings, and to identify the right level of investment to best protect your company. Moderator Dave Alfaro will lead a panel discussion with Delta Dental, International Container Terminal Services, and Washoe County School District.

Show details Hide details

Business Email Compromise Attack Evolution and Prevention

Sig Murphy Whitewater Ballroom AI Threat Hunting with Cylance

Not only are Business Email Compromise (BEC) attacks on the rise, the attackers are now using even more sophisticated methods to ensnare victims. This presentation will examine the origins of BEC and look at some of the most prevalent attackers and methods with a focus on prevention of successful attacks. This session will also examine some BEC attack trends and anticipate the direction attackers will take this technique though the remainder of 2018 and beyond.

Show details Hide details

Z-Shaped Model

Malcolm Harkins Breakwater Ballroom A 21st Century CISO

Malcolm’s Z-shaped model and a broad view of the skills, scope and style for becoming a Chief Information Officer or Chief Security Officer.

Show details Hide details
2:00 PM - 2:45 PM PDT

Script Control

Dave Cundiff Breakwater Ballroom CD Best Practices with Cylance

An interactive discussion on how to balance security with productivity and management overhead. Guidance on how to best leverage CylancePROTECT and CylanceOPTICS to achieve the best security posture for your environment. Review of policy options and what items to be mindful of when developing your own Script Control policies.

Show details Hide details

Cylance and Splunk Integration Made Easy

Tony Lee Whitewater Ballroom AI Threat Hunting with Cylance

Is your organization a Cylance and a Splunk shop? If so, you should check out the CylancePROTECT App for Splunk, which is designed to take all of the pain out of integration. This presentation will not only provide the details on availability, data ingest, architecture, and features, but will also showcase and demo turn-key dashboards to display all of the pertinent information you need to make the most of the integration. Attendees will also have the opportunity to provide feedback to help guide the integration development road map.

Show details Hide details

Security at the Speed of Business

Juan Gomez-Sanchez Breakwater Ballroom A 21st Century CISO

There is an urgent need to innovate on the part of the business. The reality of today’s business mandates a more agile and innovative approach to security. The old guard of draconian security focused on technology, compliance, and boundaries of protection is no longer effective and has prevented security from having a seat at the business table. All this, when a shift in the threat landscape, and a real impact to the bottom line have negatively affected most organizations. This presentation will deep dive into practical, attainable, and effective methods to shift the mentality and allow security organizations to function at the speed of business. Such important topics include the use of practical, lightweight risk management, the need for a dynamic workforce, and a material shift in focus from technology to business alignment.

Show details Hide details
2:45 PM - 3:00 PM PDT

Break

Breakwater Ballroom Foyer
3:00 PM - 3:45 PM PDT

Operationalizing CylancePROTECT using ThreatZERO Best Practices

Dave Alfaro Breakwater Ballroom CD Best Practices with Cylance

The ThreatZERO process provides a collaborative environment to assist Cylance clients in optimizing the installation of CylancePROTECT and CylanceOPTICS, reviewing best practices, delivering training, supplementing internal resources, and receiving expert guidance in mitigating the risks that are identified. Dave will share case studies and success stories to arm you with a strategy for maintaining and maximizing prevention, feature optimization, problem avoidance, and where/when to get help when needed.

Show details Hide details

True Cyber Crime Story: Blocking a Nation-State Attack

Byron DeLoach Whitewater Ballroom AI Threat Hunting with Cylance

Join us to find how we used CylancePROTECT and CylanceOPTICS to stop a persistent advanced web shell attack conducted by Nation-State Attackers that prevented an organization from becoming the focus of a lengthy FBI investigation.

Show details Hide details

CISO Mentoring Workshop

Malcolm Harkins Juan Gomez-Sanchez Breakwater Ballroom A 21st Century CISO

A hands-on small group discussion led by Malcolm Harkins and several peer security experts. Attendees will receive a CISO workbook to support their own personal growth and the development of their information security team. The workbook includes sample presentation templates for board of directors meetings, a sample of how to pitch a new security investment, a series of business questions designed to assess control effectiveness, and a series of tables that explain the skills and behaviors that need to be demonstrated from entry-level employees all the way up to leaders and emerging executives. These easy-to-read-and-follow tables cover a range of soft skills that are often overlooked but are required to be a CISO. The tables cover items such as communication, teamwork, communication, style, and goal-setting.

Show details Hide details
3:45 PM - 4:30 PM PDT

CyBot - The Open Source Threat Intelligence Chat Bot

Tony Lee Breakwater Ballroom CD Best Practices with Cylance

Threat intelligence chat bots can be useful friends, as they can do everything from performing research to be the best note-takers or central aggregators of information you have ever seen. However, most organizations are developing their own chat bots in isolation, and keeping them internal-only, negating the benefits that can come from open-source collaboration efforts. To counter this trend, our goal was to create a repeatable process using a completely free and open source chat bot framework. This session will show attendees how to use an inexpensive Raspberry Pi (or virtual machine) to host a community-driven plugin framework to open the world of threat intelligence chat bots to everyone from a home user to the largest security operations center.

Show details Hide details

Inside the Embedded IoT Kill Chain

Robert Portvliet Whitewater Ballroom AI Threat Hunting with Cylance

Attackers can pair static firmware analysis with dynamic analysis and emulation to discover vulnerabilities in embedded IoT systems, the supporting cloud infrastructure, the network protocols, and the OTA update processes. This session will examine the associated attack surface, inherent systemic vulnerabilities, and known exploitation techniques targeting embedded systems and their local or cloud-based infrastructures. It will also explain all the steps in the embedded system kill chain from open source intelligence gathering, attack surface analysis, and the identification of vulnerabilities for exploitation. Attendees will learn how the design and implementation of these systems can be better hardened to protect against complex threats targeting modern embedded IoT systems.

Show details Hide details

CISO Mentoring Workshop Continued (until 4:15 p.m.)

Malcolm Harkins Juan Gomez-Sanchez Breakwater Ballroom A 21st Century CISO

A hands-on small group discussion led by Malcolm Harkins and several peer security experts. Attendees will receive a CISO workbook to support their own personal growth and the development of their information security team. The workbook includes sample presentation templates for board of directors meetings, a sample of how to pitch a new security investment, a series of business questions designed to assess control effectiveness, and a series of tables that explain the skills and behaviors that need to be demonstrated from entry-level employees all the way up to leaders and emerging executives. These easy-to-read-and-follow tables cover a range of soft skills that are often overlooked but are required to be a CISO. The tables cover items such as communication, teamwork, communication, style, and goal-setting.

Show details Hide details
4:30 PM - 5:15 PM PDT

CylancePROTECT and MOTEX OEM as a Force Multiplier

Masa Hashiguchi Scott Scheferman Breakwater Ballroom CD Best Practices with Cylance

Learn how Cylance and OEM partner MOTEX leverage CylancePROTECT to create a powerful CSIRT (Computer Security Incident Response Team) to combat both internal and external threats. In this session attendees will learn how to protect a large number of users with only a small security team by utilizing CylancePROTECT and some homegrown software as a force multiplier.

Show details Hide details

The Power of Prevention: Neutralizing Shellcode Attacks

Jason Palm Whitewater Ballroom AI Threat Hunting with Cylance

Witness the power of prevention in a live demonstration showing the sequences of a shellcode attack employing Kali Linux, SET, and Metasploit and how Cylance's Memory Protection and Script Control features prevent the attack from succeeding. The demonstration will show exactly how attackers generate and attempt to deliver the malicious payload to the targeted system, and how silently Cylance blocks the attack.

Show details Hide details

Ask Me Anything CISO Panel (Begins at 4:15 p.m.)

Malcolm Harkins Breakwater Ballroom A 21st Century CISO

This is your chance to share a current challenge and ask the CISOs and other attendees for their perspective. For example, how to deal with tough moral dilemmas that can sometimes arise when an organization is making choices about the acceptable level of risk. We are looking forward to a healthy engagement with CISO peers.

Show details Hide details
5:15 PM - 8:00 PM PDT

Prevent Con Celebration

Vista Lawns

Join fellow attendees on the beautiful Vista Lawn in time to watch the sun set just as the tunes turn up! There will be throw-back games, signature cocktails, a live ice carving experience, and plenty of mouth-watering food, so this is one celebration not to be missed!

Show details Hide details
Thursday, September 20, 2018
7:00 AM - 8:30 AM PDT

Networking Breakfast

Vista Lawns
8:30 AM - 9:30 AM PDT

Opening Keynote: Trust and the Economics of Insecurity

Malcolm Harkins Breakwater Ballroom CD

Trust is the cornerstone of the digital economy. In this talk, Malcolm will cover what is needed to generate trust. He will also cover where we are at broadly in providing that trust. He will examine today’s reality with data from the World Economic Forum and the Edelman trust report, as well as other data sources. Malcolm will explain the economic principle of efficiency and how our current approach to information security is not only economically inefficient but is not adding to the trust we so badly need.

He will explore the traditional mindset of the trading of risk vs. shareholder value, and also the mindset of controls impact on business velocity. He will share real world non-security-related stories on the approach to controls, which has shown we can do both and do them well. He will share non-security examples of where organizations have made trade-offs with substantial societal impacts, both positive and negative. He will provide insights from these stories and bring perspectives from others in the world to draw lessons that will be valuable to CISOs and their teams.

Show details Hide details
9:30 AM - 9:45 AM PDT

Networking Break

Breakwater Ballroom Foyer
9:45 AM - 10:15 AM PDT

Less is More: Prevention First

Kumud Kalia Breakwater Ballroom CD

With a prevention-first approach, Cylance is poised to revolutionize the cybersecurity industry. Changing paradigms is never easy – what lessons can we learn and apply from companies that have forever changed the way we do things?

Show details Hide details
10:15 AM - 11:00 AM PDT

The Future of Cylance

Eric Cornelius Breakwater Ballroom CD

This presentation will cover trends in the cybersecurity world and describe how Cylance is continuing to innovate new solutions to meet the ever-changing needs of global security teams. Details about specific features, workflows, and architecture paradigms will be provided as well as concepts about how machine learning will continue to be the best path to success in solving the most difficult cybersecurity challenges.

Show details Hide details
11:00 AM - 11:45 AM PDT

Talkback Track – Open Forum with Cylance Leadership

Renee Beckloff Ryan Permeh Eric Cornelius Breakwater Ballroom CD

Join Eric Cornelius, Renee Beckloff, and Ryan Permeh for an open discussion forum where Cylance users talk directly to Cylance leadership about product improvement, service delivery, and how Cylance continues to confront the evolving threat landscape.

Show details Hide details
11:45 AM - 12:45 PM PDT

Networking Lunch

Vista Lawns
11:45 AM - 3:30 PM PDT

Prevention Pavilion

Coastal Ballroom

Over the course of Prevent 2018, be sure to visit the Prevention Pavilion located just across the lawn from the main hall. In the pavilion, visitors will have the opportunity to get hands on with Cylance’s team of experts. Deep dive into the technology and partner integrations and see how Cylance works firsthand on a variety of devices. Visitors will also have the opportunity to meet with customer success managers, learn more about ThreatZERO™, and get a free ThreatZERO™ healthcheck.

Show details Hide details
12:45 PM - 1:30 PM PDT

Live Troubleshooting with Technical Support

David Hayes Breakwater Ballroom CD Best Practices with Cylance

As an organization, Cylance prides itself on offering its customers top-notch technical support. Join this breakout session to learn the ins and outs of obtaining quick and easy, live troubleshooting support. During this session, led by Product Support Manager David Hayes, attendees will see a how to quickly address a CylancePROTECT issue on an endpoint via a live demonstration of reviewing the issue’s symptoms and browsing the Cylance Knowledge Base for a solution. Attendees will also get an inside view into the best practices for data collection and submission of issues to Cylance Technical Support.

Show details Hide details

Machine Learning in Incident Response and Real-World Use Cases (Part 1)

Tom Pace Matt Maisel Whitewater Ballroom AI Threat Hunting with Cylance

Significant advancements in machine learning have proven it to be a powerful technology for incident response (IR) and threat hunting. This session will examine multiple use cases where examples of machine learning capabilities were utilized within the context of threat hunting and incident response. This talk will highlight how machine learning can be leveraged in several different ways to ascertain key events associated with an attack, from identifying DGA domains to suspicious user accounts and anomalous processes. This session will demonstrate how machine learning allows incident responders and threat hunters alike to streamline their investigations and take them to the next level.

Show details Hide details
1:30 PM - 2:15 PM PDT

A Day in the Life of a TR Request

Ryan Gibson Breakwater Ballroom CD Best Practices with Cylance

Many people are unaware of the services that Cylance has to offer when it comes to file analysis. Cylance’s Threat Research and Threat Guidance teams provide multiple options for investigation into unknown files. This discussion will detail what types of requests are available, who investigates them, and the processes that surround them. By the end of this talk, participants will be aware of the options available to them when a file in their environment needs a deeper dive.

Show details Hide details

Machine Learning in Incident Response and Real-World Use Cases Demo (Part 2)

Tom Pace Matt Maisel Whitewater Ballroom AI Threat Hunting with Cylance

Significant advancements in machine learning have proven it to be a powerful technology for incident response (IR) and threat hunting. This session will examine multiple use cases where examples of machine learning capabilities were utilized within the context of threat hunting and incident response. This talk will highlight how machine learning can be leveraged in several different ways to ascertain key events associated with an attack, from identifying DGA domains to suspicious user accounts and anomalous processes. This session will demonstrate how machine learning allows incident responders and threat hunters alike to streamline their investigations and take them to the next level.

Show details Hide details
2:15 PM - 2:30 PM PDT

Break

Breakwater Ballroom Foyer
2:30 PM - 3:15 PM PDT

Reducing the “Noise”

Ryan Gibson Breakwater Ballroom CD Best Practices with Cylance

It can sometimes be difficult to prioritize the alerts produced in your environment. This talk will address how to operationalize the Cylance console and the order of operations in which events should be handled. The topics discussed will also help responders be more efficient with their time spent in the Cylance console. By the end of the talk, participants will be able to identify the threats and events that should be given the highest severity and priority that fits their environment.

Show details Hide details

Cylance and ELK Stack Integration Made Easy

Tony Lee Whitewater Ballroom AI Threat Hunting with Cylance

Are you using ELK Stack to consume all of your logs? If so, we check out the Cylance ELK Stack application which is designed to take all of the pain out of integration. This presentation will not only provide the logstash filter for easy real-time syslog parsing, it will also provide a turn-key dashboard to display all of the pertinent information you need. Attendees will not only be able to see how the Cylance-ELK Stack integration works, they will have an opportunity to provide insights and feedback to help guide the integration development road map.

Show details Hide details
3:15 PM - 3:45 PM PDT

Event Close

Renee Beckloff Corey White Breakwater Ballroom CD
10:00 AM - 8:30 PM PDT

CSP Accreditation Workshop Badge Pick-Up

Pacific Ballroom

Badge Pick Up for CSP Accreditation Workshop attendees. Please note, this workshop is optional and requires pre-registration. The class is currently sold out, we apologize for any inconvenience.

Show details Hide details
12:00 PM - 5:30 PM PDT

Cylance Security Professional (CSP) Accreditation Workshop Day 1

Pacific Ballroom

Please note, this workshop is optional and requires pre-registration. The class is currently sold out, we apologize for any inconvenience.

Show details Hide details
5:30 PM - 7:30 PM PDT

Accreditation Dinner

BLK Earth Sea Spirits
9:00 AM - 5:30 PM PDT

Cylance Security Professional (CSP) Accreditation Workshop Day 2

Pacific Ballroom

Please note, this workshop is optional and requires pre-registration. The class is currently sold out, we apologize for any inconvenience.

Show details Hide details
10:00 AM - 8:30 PM PDT

Full Conference Badge Pick-Up Opens

Breakwater Ballroom Foyer
4:00 PM - 8:00 PM PDT

Prevention Pavilion

Coastal Ballroom

Over the course of Prevent 2018, be sure to visit the Prevention Pavilion located just across the lawn from the main hall. In the pavilion, visitors will have the opportunity to get hands on with Cylance’s team of experts. Deep dive into the technology and partner integrations and see how Cylance works firsthand on a variety of devices. Visitors will also have the opportunity to meet with customer success managers, learn more about ThreatZERO™, and get a free ThreatZERO™ healthcheck.

Show details Hide details
5:30 PM - 8:00 PM PDT

Kick Off Prevent Con Party

Vista Lawns

Prevent 2018 has finally arrived and we’re ready to raise a glass in celebration! Enjoy the beautiful SoCal outdoors as we meet and mingle over delicious California cocktails and cuisine. It’s time to meet your fellow attendees, talk plans for the week, and then close the night out in true Huntington Beach tradition with s’mores around the fire pit.

Show details Hide details
7:00 AM - 8:15 AM PDT

Networking Breakfast

Vista Lawns
7:00 AM - 9:00 AM PDT

Badge Pick-Up

Breakwater Ballroom Foyer
8:15 AM - 8:30 AM PDT

CEO Keynote Intro

Stuart McClure Breakwater Ballroom CD
8:30 AM - 9:30 AM PDT

Hacking Exposed

Stuart McClure Brian Robison Breakwater Ballroom CD

Join Stuart McClure, CEO at Cylance®, and Brian Robison, Senior Director of Security Technology at Cylance, in a very special Hacking Exposed live event at Prevent 2018.

The previous Hacking Exposed episodes introduced you to many of the tools and techniques real-world adversaries use to evade endpoint security products; all leading up to this very special event. We invite you to come join us at Prevent 2018 and experience Hacking Exposed live and in person. We will put these concepts (plus a few new ones) into practice and conduct full-scale, multi-phased, endpoint compromises. The techniques and tactics you will experience in this Hacking Exposed session will provide valuable tools for you to test for yourself and gauge the effectiveness of your current defenses.

Goals:
• Learn about the phases of real-world attacks
• Get hands on experience with many of the tools
• Gain techniques that you can use in your own testing

Show details Hide details
9:30 AM - 10:15 AM PDT

Catch Me If You Can

Frank Abagnale Breakwater Ballroom CD

We are honored to present the real Frank Abagnale, renowned cybersecurity and fraud prevention expert, and bestselling author and subject of Catch Me If You Can.

Frank’s transformation from one of the world’s most notorious con men to an international cybersecurity expert trusted by the FBI for more than 40 years has been mythologized in film, stage, and literature – but the takeaways he shares are the real deal.
Frank's contributions to the world of security are immeasurable. He has become a hero to hundreds of public and private sector organizations for his indispensable counsel and strategic insight on safeguarding information systems and combating cyber fraud.

With an eye on the latest techniques developed by high-tech criminals to deceive and defraud, Frank leaves audiences with a deep understanding of today’s evolving security landscape, and more importantly, a vision of how to make the world a safer place.

Show details Hide details
10:00 AM - 8:00 PM PDT

Prevention Pavilion

Coastal Ballroom

Over the course of Prevent 2018, be sure to visit the Prevention Pavilion located just across the lawn from the main hall. In the pavilion, visitors will have the opportunity to get hands on with Cylance’s team of experts. Deep dive into the technology and partner integrations and see how Cylance works firsthand on a variety of devices. Visitors will also have the opportunity to meet with customer success managers, learn more about ThreatZERO™, and get a free ThreatZERO™ healthcheck.

Show details Hide details
10:15 AM - 10:45 AM PDT

Networking Break and Book Signing with Frank Abagnale

Breakwater Ballroom Foyer
10:45 AM - 11:15 AM PDT

Cybersecurity – Going from the Backroom to the Boardroom

Arthur W. Coviello, Jr. Breakwater Ballroom CD

Art Coviello, former Chairman of RSA and Cylance board member, will share his board-level view on the state of cybersecurity. His perspective will be reflective of the past and present in addition to a future look at board-level issues and how they evolve. Art has a unique and astute perspective as a result of his long tenure in the security industry, especially given the number of successes and setbacks he’s witnessed as CEO and chairman of a multibillion-dollar corporation and his time serving on public and private company boards. Art will share valuable insights gained and lessons learned and discuss where to focus moving forward to better protect organizations, customers, and society at large.

Show details Hide details
11:15 AM - 12:15 PM PDT

The Impact of Endpoint Security Trends and Insights from 2018

Eric Ouellet Juan Gomez-Sanchez Daniel Shuler Breakwater Ballroom CD

2018 has been a pivotal year for endpoint security. Eric Ouellet, Research VP and co-author of the Gartner Magic Quadrant for Endpoint Protection, will be moderating a discussion with leading Cylance customers including Lennar Corp. and Phoenix Children’s Hospital. Eric will present the results of his research to date with customers and vendors world-wide and engage with the panel to provide insights into the future of endpoint security and how it can contribute to the success of their security efforts.

Show details Hide details
12:15 PM - 1:15 PM PDT

Networking Lunch

Vista Lawns
1:15 PM - 2:00 PM PDT

Lessons Learned Panel

Dave Alfaro Alan Cunningham Michael Gregg Matthew Stiak Breakwater Ballroom CD Best Practices with Cylance

Join this discussion to learn how other Cylance clients are safeguarding their business from cyberthreats, to uncover strategies and tactics to reduce labor hours and improve cost savings, and to identify the right level of investment to best protect your company. Moderator Dave Alfaro will lead a panel discussion with Delta Dental, International Container Terminal Services, and Washoe County School District.

Show details Hide details

Business Email Compromise Attack Evolution and Prevention

Sig Murphy Whitewater Ballroom AI Threat Hunting with Cylance

Not only are Business Email Compromise (BEC) attacks on the rise, the attackers are now using even more sophisticated methods to ensnare victims. This presentation will examine the origins of BEC and look at some of the most prevalent attackers and methods with a focus on prevention of successful attacks. This session will also examine some BEC attack trends and anticipate the direction attackers will take this technique though the remainder of 2018 and beyond.

Show details Hide details

Z-Shaped Model

Malcolm Harkins Breakwater Ballroom A 21st Century CISO

Malcolm’s Z-shaped model and a broad view of the skills, scope and style for becoming a Chief Information Officer or Chief Security Officer.

Show details Hide details
2:00 PM - 2:45 PM PDT

Script Control

Dave Cundiff Breakwater Ballroom CD Best Practices with Cylance

An interactive discussion on how to balance security with productivity and management overhead. Guidance on how to best leverage CylancePROTECT and CylanceOPTICS to achieve the best security posture for your environment. Review of policy options and what items to be mindful of when developing your own Script Control policies.

Show details Hide details

Cylance and Splunk Integration Made Easy

Tony Lee Whitewater Ballroom AI Threat Hunting with Cylance

Is your organization a Cylance and a Splunk shop? If so, you should check out the CylancePROTECT App for Splunk, which is designed to take all of the pain out of integration. This presentation will not only provide the details on availability, data ingest, architecture, and features, but will also showcase and demo turn-key dashboards to display all of the pertinent information you need to make the most of the integration. Attendees will also have the opportunity to provide feedback to help guide the integration development road map.

Show details Hide details

Security at the Speed of Business

Juan Gomez-Sanchez Breakwater Ballroom A 21st Century CISO

There is an urgent need to innovate on the part of the business. The reality of today’s business mandates a more agile and innovative approach to security. The old guard of draconian security focused on technology, compliance, and boundaries of protection is no longer effective and has prevented security from having a seat at the business table. All this, when a shift in the threat landscape, and a real impact to the bottom line have negatively affected most organizations. This presentation will deep dive into practical, attainable, and effective methods to shift the mentality and allow security organizations to function at the speed of business. Such important topics include the use of practical, lightweight risk management, the need for a dynamic workforce, and a material shift in focus from technology to business alignment.

Show details Hide details
2:45 PM - 3:00 PM PDT

Break

Breakwater Ballroom Foyer
3:00 PM - 3:45 PM PDT

Operationalizing CylancePROTECT using ThreatZERO Best Practices

Dave Alfaro Breakwater Ballroom CD Best Practices with Cylance

The ThreatZERO process provides a collaborative environment to assist Cylance clients in optimizing the installation of CylancePROTECT and CylanceOPTICS, reviewing best practices, delivering training, supplementing internal resources, and receiving expert guidance in mitigating the risks that are identified. Dave will share case studies and success stories to arm you with a strategy for maintaining and maximizing prevention, feature optimization, problem avoidance, and where/when to get help when needed.

Show details Hide details

True Cyber Crime Story: Blocking a Nation-State Attack

Byron DeLoach Whitewater Ballroom AI Threat Hunting with Cylance

Join us to find how we used CylancePROTECT and CylanceOPTICS to stop a persistent advanced web shell attack conducted by Nation-State Attackers that prevented an organization from becoming the focus of a lengthy FBI investigation.

Show details Hide details

CISO Mentoring Workshop

Malcolm Harkins Juan Gomez-Sanchez Breakwater Ballroom A 21st Century CISO

A hands-on small group discussion led by Malcolm Harkins and several peer security experts. Attendees will receive a CISO workbook to support their own personal growth and the development of their information security team. The workbook includes sample presentation templates for board of directors meetings, a sample of how to pitch a new security investment, a series of business questions designed to assess control effectiveness, and a series of tables that explain the skills and behaviors that need to be demonstrated from entry-level employees all the way up to leaders and emerging executives. These easy-to-read-and-follow tables cover a range of soft skills that are often overlooked but are required to be a CISO. The tables cover items such as communication, teamwork, communication, style, and goal-setting.

Show details Hide details
3:45 PM - 4:30 PM PDT

CyBot - The Open Source Threat Intelligence Chat Bot

Tony Lee Breakwater Ballroom CD Best Practices with Cylance

Threat intelligence chat bots can be useful friends, as they can do everything from performing research to be the best note-takers or central aggregators of information you have ever seen. However, most organizations are developing their own chat bots in isolation, and keeping them internal-only, negating the benefits that can come from open-source collaboration efforts. To counter this trend, our goal was to create a repeatable process using a completely free and open source chat bot framework. This session will show attendees how to use an inexpensive Raspberry Pi (or virtual machine) to host a community-driven plugin framework to open the world of threat intelligence chat bots to everyone from a home user to the largest security operations center.

Show details Hide details

Inside the Embedded IoT Kill Chain

Robert Portvliet Whitewater Ballroom AI Threat Hunting with Cylance

Attackers can pair static firmware analysis with dynamic analysis and emulation to discover vulnerabilities in embedded IoT systems, the supporting cloud infrastructure, the network protocols, and the OTA update processes. This session will examine the associated attack surface, inherent systemic vulnerabilities, and known exploitation techniques targeting embedded systems and their local or cloud-based infrastructures. It will also explain all the steps in the embedded system kill chain from open source intelligence gathering, attack surface analysis, and the identification of vulnerabilities for exploitation. Attendees will learn how the design and implementation of these systems can be better hardened to protect against complex threats targeting modern embedded IoT systems.

Show details Hide details

CISO Mentoring Workshop Continued (until 4:15 p.m.)

Malcolm Harkins Juan Gomez-Sanchez Breakwater Ballroom A 21st Century CISO

A hands-on small group discussion led by Malcolm Harkins and several peer security experts. Attendees will receive a CISO workbook to support their own personal growth and the development of their information security team. The workbook includes sample presentation templates for board of directors meetings, a sample of how to pitch a new security investment, a series of business questions designed to assess control effectiveness, and a series of tables that explain the skills and behaviors that need to be demonstrated from entry-level employees all the way up to leaders and emerging executives. These easy-to-read-and-follow tables cover a range of soft skills that are often overlooked but are required to be a CISO. The tables cover items such as communication, teamwork, communication, style, and goal-setting.

Show details Hide details
4:30 PM - 5:15 PM PDT

CylancePROTECT and MOTEX OEM as a Force Multiplier

Masa Hashiguchi Scott Scheferman Breakwater Ballroom CD Best Practices with Cylance

Learn how Cylance and OEM partner MOTEX leverage CylancePROTECT to create a powerful CSIRT (Computer Security Incident Response Team) to combat both internal and external threats. In this session attendees will learn how to protect a large number of users with only a small security team by utilizing CylancePROTECT and some homegrown software as a force multiplier.

Show details Hide details

The Power of Prevention: Neutralizing Shellcode Attacks

Jason Palm Whitewater Ballroom AI Threat Hunting with Cylance

Witness the power of prevention in a live demonstration showing the sequences of a shellcode attack employing Kali Linux, SET, and Metasploit and how Cylance's Memory Protection and Script Control features prevent the attack from succeeding. The demonstration will show exactly how attackers generate and attempt to deliver the malicious payload to the targeted system, and how silently Cylance blocks the attack.

Show details Hide details

Ask Me Anything CISO Panel (Begins at 4:15 p.m.)

Malcolm Harkins Breakwater Ballroom A 21st Century CISO

This is your chance to share a current challenge and ask the CISOs and other attendees for their perspective. For example, how to deal with tough moral dilemmas that can sometimes arise when an organization is making choices about the acceptable level of risk. We are looking forward to a healthy engagement with CISO peers.

Show details Hide details
5:15 PM - 8:00 PM PDT

Prevent Con Celebration

Vista Lawns

Join fellow attendees on the beautiful Vista Lawn in time to watch the sun set just as the tunes turn up! There will be throw-back games, signature cocktails, a live ice carving experience, and plenty of mouth-watering food, so this is one celebration not to be missed!

Show details Hide details
7:00 AM - 8:30 AM PDT

Networking Breakfast

Vista Lawns
8:30 AM - 9:30 AM PDT

Opening Keynote: Trust and the Economics of Insecurity

Malcolm Harkins Breakwater Ballroom CD

Trust is the cornerstone of the digital economy. In this talk, Malcolm will cover what is needed to generate trust. He will also cover where we are at broadly in providing that trust. He will examine today’s reality with data from the World Economic Forum and the Edelman trust report, as well as other data sources. Malcolm will explain the economic principle of efficiency and how our current approach to information security is not only economically inefficient but is not adding to the trust we so badly need.

He will explore the traditional mindset of the trading of risk vs. shareholder value, and also the mindset of controls impact on business velocity. He will share real world non-security-related stories on the approach to controls, which has shown we can do both and do them well. He will share non-security examples of where organizations have made trade-offs with substantial societal impacts, both positive and negative. He will provide insights from these stories and bring perspectives from others in the world to draw lessons that will be valuable to CISOs and their teams.

Show details Hide details
9:30 AM - 9:45 AM PDT

Networking Break

Breakwater Ballroom Foyer
9:45 AM - 10:15 AM PDT

Less is More: Prevention First

Kumud Kalia Breakwater Ballroom CD

With a prevention-first approach, Cylance is poised to revolutionize the cybersecurity industry. Changing paradigms is never easy – what lessons can we learn and apply from companies that have forever changed the way we do things?

Show details Hide details
10:15 AM - 11:00 AM PDT

The Future of Cylance

Eric Cornelius Breakwater Ballroom CD

This presentation will cover trends in the cybersecurity world and describe how Cylance is continuing to innovate new solutions to meet the ever-changing needs of global security teams. Details about specific features, workflows, and architecture paradigms will be provided as well as concepts about how machine learning will continue to be the best path to success in solving the most difficult cybersecurity challenges.

Show details Hide details
11:00 AM - 11:45 AM PDT

Talkback Track – Open Forum with Cylance Leadership

Renee Beckloff Ryan Permeh Eric Cornelius Breakwater Ballroom CD

Join Eric Cornelius, Renee Beckloff, and Ryan Permeh for an open discussion forum where Cylance users talk directly to Cylance leadership about product improvement, service delivery, and how Cylance continues to confront the evolving threat landscape.

Show details Hide details
11:45 AM - 12:45 PM PDT

Networking Lunch

Vista Lawns
11:45 AM - 3:30 PM PDT

Prevention Pavilion

Coastal Ballroom

Over the course of Prevent 2018, be sure to visit the Prevention Pavilion located just across the lawn from the main hall. In the pavilion, visitors will have the opportunity to get hands on with Cylance’s team of experts. Deep dive into the technology and partner integrations and see how Cylance works firsthand on a variety of devices. Visitors will also have the opportunity to meet with customer success managers, learn more about ThreatZERO™, and get a free ThreatZERO™ healthcheck.

Show details Hide details
12:45 PM - 1:30 PM PDT

Live Troubleshooting with Technical Support

David Hayes Breakwater Ballroom CD Best Practices with Cylance

As an organization, Cylance prides itself on offering its customers top-notch technical support. Join this breakout session to learn the ins and outs of obtaining quick and easy, live troubleshooting support. During this session, led by Product Support Manager David Hayes, attendees will see a how to quickly address a CylancePROTECT issue on an endpoint via a live demonstration of reviewing the issue’s symptoms and browsing the Cylance Knowledge Base for a solution. Attendees will also get an inside view into the best practices for data collection and submission of issues to Cylance Technical Support.

Show details Hide details

Machine Learning in Incident Response and Real-World Use Cases (Part 1)

Tom Pace Matt Maisel Whitewater Ballroom AI Threat Hunting with Cylance

Significant advancements in machine learning have proven it to be a powerful technology for incident response (IR) and threat hunting. This session will examine multiple use cases where examples of machine learning capabilities were utilized within the context of threat hunting and incident response. This talk will highlight how machine learning can be leveraged in several different ways to ascertain key events associated with an attack, from identifying DGA domains to suspicious user accounts and anomalous processes. This session will demonstrate how machine learning allows incident responders and threat hunters alike to streamline their investigations and take them to the next level.

Show details Hide details
1:30 PM - 2:15 PM PDT

A Day in the Life of a TR Request

Ryan Gibson Breakwater Ballroom CD Best Practices with Cylance

Many people are unaware of the services that Cylance has to offer when it comes to file analysis. Cylance’s Threat Research and Threat Guidance teams provide multiple options for investigation into unknown files. This discussion will detail what types of requests are available, who investigates them, and the processes that surround them. By the end of this talk, participants will be aware of the options available to them when a file in their environment needs a deeper dive.

Show details Hide details

Machine Learning in Incident Response and Real-World Use Cases Demo (Part 2)

Tom Pace Matt Maisel Whitewater Ballroom AI Threat Hunting with Cylance

Significant advancements in machine learning have proven it to be a powerful technology for incident response (IR) and threat hunting. This session will examine multiple use cases where examples of machine learning capabilities were utilized within the context of threat hunting and incident response. This talk will highlight how machine learning can be leveraged in several different ways to ascertain key events associated with an attack, from identifying DGA domains to suspicious user accounts and anomalous processes. This session will demonstrate how machine learning allows incident responders and threat hunters alike to streamline their investigations and take them to the next level.

Show details Hide details
2:15 PM - 2:30 PM PDT

Break

Breakwater Ballroom Foyer
2:30 PM - 3:15 PM PDT

Reducing the “Noise”

Ryan Gibson Breakwater Ballroom CD Best Practices with Cylance

It can sometimes be difficult to prioritize the alerts produced in your environment. This talk will address how to operationalize the Cylance console and the order of operations in which events should be handled. The topics discussed will also help responders be more efficient with their time spent in the Cylance console. By the end of the talk, participants will be able to identify the threats and events that should be given the highest severity and priority that fits their environment.

Show details Hide details

Cylance and ELK Stack Integration Made Easy

Tony Lee Whitewater Ballroom AI Threat Hunting with Cylance

Are you using ELK Stack to consume all of your logs? If so, we check out the Cylance ELK Stack application which is designed to take all of the pain out of integration. This presentation will not only provide the logstash filter for easy real-time syslog parsing, it will also provide a turn-key dashboard to display all of the pertinent information you need. Attendees will not only be able to see how the Cylance-ELK Stack integration works, they will have an opportunity to provide insights and feedback to help guide the integration development road map.

Show details Hide details
3:15 PM - 3:45 PM PDT

Event Close

Renee Beckloff Corey White Breakwater Ballroom CD