The annual RSA Conference from June 6 to 9 at Moscone Center in San Francisco, Calif., is jam-packed with sessions, briefings, panel discussions, and more. This year’s RSA Conference brings extra excitement, since it’s back in person after last year’s virtual event.
Find Blumira At RSA
What’s Blumira up to at RSA? Besides speaking in two highly informative sessions, you can find our team at Booth #3222 in the South Expo. We’re kind of known for our t-shirt giveaways (Black Hat’s PrintNightmare t-shirts only lasted 4 hours) and this year, we’ll be handing out Zelda-themed t-shirts. Stop by the booth to grab one while they’re still available!
You can also check out a demo of Blumira’s free edition, the industry’s first free cloud SIEM with detection and response for Microsoft 365.
10 RSA Conference Sessions To Attend
With so many events to choose from, it can be overwhelming to curate a schedule that provides real insight and value. To help with your quest for security knowledge, we’ve hand-selected 10 sessions that you should consider adding to your schedule.
What is Zero Trust? What ISN’T Zero Trust? Let’s Make Sense of This!
Monday, Jun. 6, 2022 8:30 AM – 9:20 AM PT
The term ‘zero trust’ has been floating around the cybersecurity industry for a while now, but it’s unclear whether it’s a marketing buzzword or a legitimate framework for success. In this panel discussion, experts — including Blumira’s own Amanda Berlin, Lead Incident Detection Engineer — will define what zero trust is, using concrete examples with the ATT&CK Framework.
Securing Entry Points and Active Directory to Prevent Ransomware Attacks
Monday, Jun. 6, 2022 9:40 AM – 10:30 AM PT
Getting access to an Active Directory domain is like getting the keys to the kingdom. Research from EMA found that over 40% of organizations surveyed had their AD implementation breached. In this session, Derek Melber, Chief Technology and Security Strategist of Tenable, will offer tips on how to reduce the attack surface of AD and detect advanced attacks.
BEC & Ransomware: Two Sides of the Same Cybercrime Coin
Monday, Jun. 6, 2022 10:50 AM – 11:40 AM PT
Business email compromise (BEC) isn’t in the headlines as much as ransomware, but the financial loss due to BEC is 64 times worse than ransomware, according to the FBI. In this session, Craig Hassold, Director of Threat Intelligence at Abnormal Security, will explain what these two major threats have in common, and how to defend against them.
How to Win with Cyber Insurance and Side-Step the 7 Biggest Pitfalls
Monday, Jun. 6, 2022 2:20 PM – 3:10 PM PT
Cyber insurance is becoming more popular, but getting started can be overwhelming. CISOs will need to know which attack events to prioritize, what costs to expect, and how disaster recovery plans come into play. In this session, Cynthia James, Enterprise Security Executive at Microsoft, will break down all of these factors and explain how to avoid the most common pitfalls.
Getting The Most Out Of Sysmon
Tuesday, Jun. 7, 2022 9:40 AM – 10:30 AM PT
Enabling Sysmon is one of the first recommendations we make to our customers here at Blumira, because it provides visibility into Windows logs and provides a breadcrumb trail to ease the incident response process. In this session, Blumira’s Amanda Berlin, Lead Incident Detection Engineer, will explain the differences between Sysmon and Windows Event Viewer. She’ll also walk you through ways to perform threat hunting with Sysmon to find indicators of compromise in your environment.
Colonial Pipeline – What Happened, What Changed
Tuesday, Jun. 7, 2022 9:40 AM – 10:30 AM PT
Colonial Pipeline was the victim of arguably the most high-profile ransomware attack of 2021 and the largest cyberattack to target an oil infrastructure in the United States’ history. This session brings together multiple perspectives — press, industry, and government — to discuss what happened and how it’s changed the industry.
A Proven Methodology to Secure the Budget You Need
Tuesday, Jun. 7, 2022 2:25 PM – 3:15 PM PT
Securing the budget you need can be a herculean task, since it often requires buy-in from multiple key stakeholders. This session will prepare you for the conversations you’re likely to have with budget approvers, covering four commonly-asked questions. Jim Mirochnik Senior Partner and CEO of HALOCK Security Labs, will outline how the Duty of Care Risk Analysis (DoCRA) methodology can help you communicate effectively during these conversations.
Backdoors & Breaches: Live Tabletop Exercise Demo
Tuesday, Jun. 7, 2022 4:45 PM – 6:00 PM PT
Backdoors & Breaches is an interactive incident response card game developed by Black Hills Information Security and Active Countermeasures to help with conducting tabletop exercises in a fun and engaging way. This session is sure to be a popular one with Black Hills Information Security’s John Strand, Owner, and Jason Blanchard, Content and Community Director, teaching attendees how to play the game.
The SaaS RootKit: A New Attack Vector for Hidden Forwarding Rules in O365
Wednesday, Jun. 8, 2022 1:15 PM – 2:05 PM PT
Researchers discovered a vulnerability in Microsoft OAuth that enables threat actors to create hidden forwarding rules in Office 365, using Exchange’s legacy API. Email forwarding rules can accelerate BEC attacks by gaining persistent access to a victim’s email. The first step to protection is awareness, so learn about this discovery through a demo of the OAuth registration process.
CMMC Ch-Ch-Changes: Turn and Face the Revised Cybersecurity Maturity Model
Thursday, Jun. 9, 2022 1:00 PM – 1:50 PM PT
The CMMC compliance framework has undergone a lot of changes recently. In this session, get the rationale for these changes and understand what it means for your organization from CMMC Accreditation Body CEO Matthew Travis, Department of Defense Acting CIO Dr. Kelly Fletcher and representatives from the Defense Industrial Base.
Find Blumira at RSA
To snag a Free Expo Pass, or grab some time to chat with us about our new offerings, our featured sessions, and more!