Serkan Cetin, the Regional Manager of Technology & Strategy for One Identity APJ, has been with One Identity for over 6 years. During this time, Serkan has been involved in various functions across One Identity, including sales, marketing, professional services, and R&D. Serkan has been assisting clients across a wide range of industries across APJ in solving their complex IAM challenges.
Prior to One Identity, Serkan was a senior consultant at a specialist consulting practice in Australia. Serkan was involved in the sales, consulting, architecture and implementation of projects across varying complexities and sizes, focused mainly on identity management and security, using technologies from Novell, Microsoft and Sun Microsystems.
Leveraging Machine Learning, Automation and AI in Next Gen Cybersecurity
Using Machine Learning to Uncover Threats and Risk in Privileged Access
In conventional IT operating models, it’s assumed that those inside the firewall are safe, and the threat is always on the outside. The reality is that one of the biggest threats is already inside the network. The internal threat has always existed; it’s just that it has not been at the forefront for many organisations’ IT security agendas until recently. Privileged accounts are always a prime target for any attacker. As technology continues to evolve, new attack vectors are employed, where traditional processes and static rules-based approaches are no longer sufficient in securing privileged access. Differentiating between normal behaviour versus suspicious or a potential breach is getting harder in new attack methods. This is where machine learning can help to protect your environment against breaches. Attend this session to learn more of the challenges with privileged access, and how to overcome those with new methods, technologies & machine learning to protect your environments.
Mr Chappell has more than 25 years of senior level IT enterprise experience in a career that has spanned high-tech multi-nationals, including Amstrad plc, BBC Television and GlaxoSmithKline. He has held senior roles in most IT disciplines across the whole IT delivery chain.
Based in the United Kingdom, Mr Chappell leads the customer architecture service for BeyondTrust. His role ensures the delivery of world-class solutions built around BeyondTrust’s leading vulnerability management and privilege management platform. He is a regular speaker at industry conferences as well as a regular contributor for the press, he focuses on guidance and opinion pieces helping organisations on their journey toward best practice.
Vulnerability and Exploit Management in An Age of Increasing Zero Day Attacks
Is Your Tuesday Patched Enough? An Analysis of Microsoft Security Updates in 2018
On the second Tuesday of every month, commonly referred to as “Patch Tuesday,” Microsoft releases fixes for any vulnerabilities affecting Microsoft products. Every year, BeyondTrust generates a report comprehensive report compiling all releases into a year-long overview, providing a more holistic view of whether vulnerabilities are increasing, and how many Microsoft vulnerabilities could be mitigated if admin rights were secured across organizations. This session will cover the key findings of the comprehensive annual analysis, which is in its sixth annual edition, including:
Apichet Chayabejara is CyberArk’s Solutions Architect for Asia Pacific and Japan markets with a charter to help enterprises plan and develop privileged accounts security program to secure their organizations from insider and external cyber threats. Apichet has over 10 years of experiences working on diverse cybersecurity and mission critical projects across the region. He developed his expertise in privileged access security, identity management, data encryption, and security operation center.
Prior to joining CyberArk, Apichet held various presales and consulting positions at RSA, Cisco and Trend Micro. Apichet holds a master’s degree in Information Sciences from Tohoku University and a bachelor’s degree in Computer Engineering from Chulalongkorn University.
Security by Design: Risk Assessment, Avoidance and Mitigation
Secretless – A New Approach to Application Credentials
Many organizations have started shifting workloads to the cloud and migrating applications into container platforms. These applications still need to connect with other resources and require credentials for secure access. We all know that hard-coded credentials in applications are bad and must be eliminated. A solution to this is to have credentials secured in the Vault and leverage on API to retrieve them in the programming code or inject into the environment variables. This approach requires the developer to implement the API, manage those credentials for authentication and keeping them secured within the applications.
In this session, we will introduce a new approach - Secretless Broker - which enables applications running on Kubernetes or OpenShift to simply connect to target resources without credentials (or secrets). With Secretless Broker, the developer no longer needs to modify the programming code and the applications do not need to know the secrets. This eliminates the risk of credentials theft from applications and transparently handles any runtime changes to secrets value.
Clarence Cheah is the Director of Sales Engineering at Okta. With over 17 years of experience in identity management Clarence had led teams in organisations such as Oracle, Coca-cola, Novell and IBM.
Clarence has helped many of the world's largest enterprises, financial institutions and public sector organisations protect against threats and data breaches. Now at Okta, Clarence helps companies embrace identity as the new security perimeter.
Advanced Identity Management and the Zero Trust Environment in Perimeter Security and Access Management
Building Trust, in the Age of Deceit.
In the digital enterprise, Trust is a priceless currency. Bad-actors exploit security vulnerabilities to cause disruption, steal information or money, which impacts trust in the company brand and the bottom line in a variety of ways.
To maximise the efficiency of a digital enterprise and in turn its productivity and profitability, organisations must establish trust with both internal and external stakeholders and its systems to mitigate the risk of a breach and safeguard brand protection.
The Zero Trust model can serve as a valuable framework, but each organisation may implement it differently. In this session you will learn why organisations are choosing to move to a zero - trust strategy and how regardless of your approach, putting modern identity-driven security at the core of your Zero Trust strategy will set you up for success.
Brian is a seasoned executive with over two decades of experience in the cybersecurity industry as well as a board advisor, entrepreneur, and author. After getting his start in cybersecurity with the Defense Information Systems Agency (DISA) and later Bell Labs, he began the process of building cybersecurity startups and taking multiple companies through successful IPOs and acquisitions, including Riptech, ArcSight, Imperva, McAfee, Solera Networks, and Verodin.
Brian has worked in over 50 countries across six continents. He is a board advisor for Cylance, JASK, Appdome, and the University of South Florida. He has authored several books, his latest with the former Deputy Director of the NSA, spoken at leading security events globally such as Black Hat, RSA, Interop, SOURCE, and BSides, and has been on C-SPAN, Fox, CNBC, CBS News, Bloomberg, and many others. Brian was recently featured in a cyberwar documentary alongside General Michael Hayden (former Director NSA and CIA).
Incident Response, Investigations, Forensics and Recovery
The Industrialisation of Red and Blue Teaming
The industrial revolution was brought on by purpose-built machinery and automation. A similar revolution has occurred in security, leading to the industrialization of red and blue teaming. In large part, this industrialization has been realized through security instrumentation platforms.
By leveraging security instrumentation platforms, you are bringing together red and blue teaming initiatives with greater symbiotic mutualism across three major areas. First, you can validate the efficacy of security controls such as firewalls, WAFs, DLPs, EDRs, and SIEMs. If those controls aren’t working as needed, you can leverage perspective analytics to instrument them. Second, you can apply configuration assurance to verify that a change that has been made actually does what’s desired. You can also determine if that change negatively impacts other facets of security. Third, you can utilize automated, ongoing checks to ensure that what was working continues working in perpetuity. Should something stop functioning, blocking, detecting, correlating, etc., as needed, alerts will be generated in response to the environmental drift.
The money you spend on security plus the level of effort isn’t resulting in security effectiveness. You hire security professionals, deploy security controls, and build processes. You make this investment of time, money, and resources so when an attack occurs, you can fight and be able to prevent the attack--or at least detect and respond. Two groups are critical in this fight. They include: security penetration testers (red teams that are tasked with offensive actions to evaluate defenses) and security operations (blue teams that focus on operating these security defenses).
Yes, red teams can add tremendous value. But the legacy, manual, and expensive process of scanning, penetrating, reporting, and hoping the blue team will act on the findings largely isn’t resulting in value or reduced risk. For the blue team, you invest millions in endpoint, network, email, and cloud security controls, but organizationally you are probably spending painfully few cycles to determine if this complex mix of solutions is actually working.
We need to readjust so that we are focusing on security effectiveness and the efficacy of our security controls. We need to industrialize our approach to red and blue teaming with security instrumentation through automation, environmental drift detection, prescriptive actions, and analytics that enable us to finally and empirically manage, measure, and improve security effectiveness.