11:30 AM - 1:30 PM
Hale Koa Hotel
Members $ 0 / Non-Members $0
Presentation:Survival of the Fastest - The 1/10/60 Challenge
Speaker:Wes Bateman Security Engineer
Topic:CrowdStrike actively tracks over 100 adversarial groups. CrowdStrike's 2019 Global Threat Report drew data from CrowdStrike Threat Intelligence, Falcon OverWatch managed hunting, and CrowdStrike Services incident response teams to ascertain the average "breakout" time for adversaries. This is the time between when an intruder gains initial access within a target organization and when that intruder is able to move laterally beyond that initial beachhead. These metrics can be used by defenders to assess their ability to identify and respond to attacks. This is the origin of the 1/10/60 rule. This talk will discuss these breakout times, dive deeper into various adversaries that were prolific in 2019, and present guidance pursuing 1/10/60.
Bio:Wes came to CrowdStrike in 2015 from Cisco Systems where he was a Consulting Security Engineer. Wes, came to Cisco as part of the Sourcefire acquisition and served as one of two global leads for the Cisco Next Generation Intrusion Prevention System (NGIPS) Technical Advisory Group and was a presenter at multiple Cisco Tech Days and Cisco Live. He resides in Mesa, Arizona. Prior to joining Sourcefire, Wes was an information security practitioner with extensive practical experience in the financial, utility, government, education, manufacturing, technology, and non-profit verticals. This included roles at Arizona Public Service and the Arizona Department of Transportation.
Wes has been primarily focused on network security monitoring, incident response, digital forensics, endpoint detection and response (EDR), and penetration testing.
Experienced as both an attacker and a defender of digital assets, he is regularly engaged to uncover and exploit flaws, document the exploitation process, and create remediation plans for the networks and applications of his clients. He has served as a trusted advisor to government agencies and nuclear power generation plants to investigate security incidents and perform digital forensics. Wes has a track record of successfully communicating extremely technical information to audiences of varying backgrounds and has provided expert witness testimony in both civil and criminal proceedings related to digital forensics, including testimony for the US Nuclear Regulatory Commission.
Appetizer: Hale Koa Salad with Tarragon Dressing
Main Course: Grilled Skirt Steak with Shitake Mushroom Sauce, Paired with Crab Cake, Served on Local Style Fried Udon Noodles and Sauteed Zucchini with Tomatoes
Dessert: Mud Pie