Registration Fees
By March 7, 2018 | After March 7, 2018 | After May 7, 2018 | |
ISSA or ISACA Member | $245 | $345 | $400 |
Non-Member | $395 | $495 | $550 |
Government Employee* | $325 | $425 | $475 |
Full Time Student* | $125 | $125 | $125 |
*Two Day (Full Conference) Registration Fees include the following: Opening Keynote and Reception and two-full
days of Education to include additional Keynotes and an offering of over 60 workshops session to choose from,
geared to meet your individual needs. Also included: Two full breakfasts, two full lunches, breaks and reception.
By March 7, 2018 | After March 7, 2018 | After May 7, 2018 | |
ISSA or ISACA Member | $175 | $275 | $300 |
Non-Member | $275 | $375 | $400 |
Government Employee* | $215 |
$315
|
$340 |
Full Time Student* | $75 | $75 | $75 |
*One Day Registration Fees include the following: Keynote(s) on day of attendance and Reception on day of
attendance if applicable and an offering of multiple workshops session to choose from, geared to meet your
individual needs. Also included: Breakfast, Lunch and breaks.
PRECONFERENCE (TUESDAY, MAY 8) REGISTRATION
2018 Pre-Conference Fee** | |
Full Day | $275 |
Half Day | $189 |
Both Half-Day Sessions | $275 |
**These are in addition to the regular conference registration fees above (you must register for the full conference to attend
a PreConference Workshop). Pre-conference day includes a continental breakfast, lunch and breaks.
Hotel Information
CPE Credits
DRAFT AGENDA (Subject to Change)
Tuesday, May 8, 2018 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
8:00 AM - 12:00 PM | PC1. Atomic Red Team Framework Training Casey Smith and Tony Lambert 8:00 AM - 12:00 PM $189.00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
8:00 AM - 4:00 PM | PC2. Auditing Cybersecurity and Data Analytics in Audit Michael Kostanecki 8:00 AM - 4:00 PM $275.00 | PC3. Cryptocurrencies, Security and You Jared Nishikawa 8:00 AM - 4:00 PM $275.00 | PC4. Practical Dev(Sec)Ops DJ Schleen 8:00 AM - 4:00 PM $275.00 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
1:00 PM - 4:00 PM | PC5. CISO Leadership Forum James Carder - LogRhythm, Julie Chickillo - Beeline; Robb Reck - Ping Identity and Alex Wood - Pulte Financial Services 1:00 PM - 4:00 PM $189.00 | PC6. Cloud Security Training Mohamed Malki 1:00 PM - 4:00 PM $189.00 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
4:00 PM - 7:00 PM | Welcome Reception and Job Fair in Exhibit Hall 4:00 PM - 7:00 PM |
Wednesday, May 9, 2018 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
7:00 AM - 8:00 AM | Breakfast in the Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
8:00 AM - 9:15 AM | Keynote Keynote Session with Lain Hensley | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
9:25 AM - 10:25 AM | App Sec A1. Token Binding: Foundation for a More Secure Web | Incident Response A2. There Now, That Wasn’t So Bad (How to Make Cyber Incidents Hurt Less) | Architecture/How-To A3. PIE - An Active Defense PowerShell Framework for Phishing Defense | Emerging Trends A4. Introducing the Colorado Threat Information Sharing (CTIS) Initiative | Security Stories A5. Doing More With Less -- By Doing…Less? | Audit, Risk & Compliance A6. Maturing Third-Party Risk Management | Vendor A7. Probability in Security | Leadership A9. Leadership at the Speed of Life | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
10:25 AM - 11:15 AM | Networking Break in Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
11:15 AM - 12:15 PM | App Sec B1. Measuring Software Security Programs using BSIMM | Security Management B2. Colorado CISO Panel | Architecture/How-To B3. Analyzing the Kill Chain: How to Load Your Gun When You Can’t Buy a Silver Bullet | Emerging Trends B4. Hunting for Cyber Threats Using Threat Modeling and Frameworks | Security Stories B5. Lessons Learned from the Legal Trenches - What Happens When Law and Technology Collide | Audit, Risk & Compliance B6. Combating Vulnerabilities as a Team | Vendor B7. Deception - Lure, Detect, Defend | Vendor B8. Identity-Driven Security | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
12:30 PM - 1:30 PM | Lunch | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
1:30 PM - 2:00 PM | Desserts in Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
2:00 PM - 3:00 PM | App Sec C1. Building Patterns for Secure Microservices, an Approach and Pattern Zero Candidate | Security Management C2. Women in Security Panel: Trailblazers and Torchbearers | Architecture/How-To C3. GreatSCT: Gotta Catch 'Em AWL (Application Whitelisting) | Emerging Trends C4. Container Native Application Protection in a Cloud Native World | Security Stories C5. Chasing LEAD, a Japanese APT Story | Audit, Risk & Compliance C6. Math is Hard: Compliance to Continuous Risk Management | Vendor C7. Investigate and Mitigate Potential Insider Threats | Vendor C8.Security, Visibility, Automation for your Cloud & Network Infrastructure | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
3:15 PM - 4:15 PM | App Sec D1. Detection as Code: Apply the Software Development Lifecycle to Your Blue Team | Incident Response D2. This Way to the Dark Metaverse: Threatcasting Tomorrow’s Threats | Architecture/How-To D3. Pen Test Data Science: Vulns, Metrics, Lions, Tigers, and Bears, Oh My | Emerging Trends D4. The Myth of IoT Security | Security Stories D5. Ransomware Recovery: How One City Got Through It | Audit, Risk & Compliance D6. Taking Compliance to the Cloud (Tools and Techniques Using ISO Standards) | Vendor D7. End The Dark Endpoint Epidemic With Absolute | Vendor D8. Change is Simply an Act of Survival | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
4:30 PM - 5:15 PM | Keynote Keynote Session with Dan Burns |
Thursday, May 10, 2018 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
7:00 AM - 8:00 AM | Breakfast in the Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
8:15 AM - 9:15 AM | Keynote Keynote Session with Daniel Miessler | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
9:15 AM - 10:00 AM | Networking Break in Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
10:10 AM - 11:10 AM | App Sec E1. Security in the Automated Pipeline; A Story of Fear, Perseverance and Triumph | Incident Response E2. "I" Before "R" Except After "IOC" | Architecture/How-To E3. AWS Security Best Practices | Emerging Trends E4. Oil and Water DO Mix: Implementing Compliant Change Management in a CICD Environment | Soft Skills E5. Managing Your Identity: Are You Limited, Limiting or Limitless? | Audit, Risk & Compliance E6. GDPR . . . Separating Fact from Fiction | Vendor E7. Minimizing the Detection to Recovery Timeframe | Vendor E8. Digital Identity Authorities - the Key to Enterprise Cloud Transformation | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
11:15 AM - 12:15 PM | App Sec F1. From Rogue One to Rebel Alliance: Building Developers into Security Champions | Incident Response F2. 0 To Hero in 60 Weeks: How to Build a World Class IR Team | Architecture/How-To F3. A Proven Method for Finding Targeted Attacks with Free and Open Source Tools | Emerging Trends F4. The Secure Metamorphosis - Streaming Logs with Kafka and TLS | Soft Skills F5. Human Hacking: The Psychology Behind Cybersecurity | Audit, Risk & Compliance F6. GDPR Impacts on Incident Response | Vendor F7. The “Zero Trust” Model for Cyber Security | Vendor F8. Incident Response Preparedness for Executives | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
12:30 PM - 1:30 PM | Lunch | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
1:30 PM - 2:00 PM | Desserts in Exhibit Hall | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
2:00 PM - 3:00 PM | Vendor G8. Yes, You Can Get Burned When Its Cloudy | App Sec G1. Rock Your Next Web Application Penetration Test | Audit, Risk & Compliance G3. Realistic Cyber Security Practices – Conducting Cyber Security Assessments | Emerging Trends G4. The Evolution of a Hack for Financial Gain: CryptoJacking, CryptoCurrencies, and Blockchains | Security Management G5. Persuasion Techniques for Selling Security – No Really | Audit, Risk & Compliance G6. SecDevOps: Auditing Security at Scale | Vendor G7. Turtles, Trust and The Future of Cybersecurity | Escape Room Living Security Escape Room | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
3:15 PM - 4:15 PM | Vendor H8. How Targeted Attacks Such as Phishing and Ransomware Break Through Traditional E-mail Security | App Sec H1. Would You Like to Play a (Security) Game? | Security Management H2. Inside Cyber Balance Sheets: Communicating Cyber Risks to Your Executives | Architecture/How-To H3. Blowing up the 16-Digit Gold Mine | Emerging Trends H4. Business Ramifications of Proposed State and Federal Cybersecurity Legislation | Security Stories H5. Evolving Pentesting to Create Measurable Defensive Improvements | Audit, Risk & Compliance H6. SOC 2, COSO, and ISO 27001 Walked Into a Bar – What Happened? | Vendor H7. Cybercriminal Operations Revealed | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
4:15 PM - 5:15 PM | Keynote Keynote Session with Phil Palisoul | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
5:15 PM - 5:45 PM | Lite Reception & Prize Drawings |