Tentative AGENDA

Toggle filters

Name Track Speakers More Info
8:00 AM - 9:00 AM
J4. Visual Threat Intelligence – Unveil The Hidden GemsEmerging TrendsAlex Holden - Hold Security, LLC
J5. Decrypting the Cryptocurrency Criminal Ecosystem Incident Response & Threat Intelligence 
J2. Incident Response, Communications Plans, and Tabletop Exercises, Oh My!Incident Response & Threat IntelligenceBrad Rhodes - Accenture Federal Services
J3. The SEC and You: Understanding “Materiality”Risk & Compliance/LegislationSteve Black - Texas Tech University School of Law
J1. Apply Your Prior Experience(s) to Land a Job in InfoSecSoft Skills/Career EnhancementCharlotte Chance - Yass Partners
8:00 AM - 12:00 PM
Women In SecuritySpecial Event 
8:30 AM - 12:30 PM
CISO Session Special Event 
9:15 AM - 10:15 AM
K4. The Modern Family of CyberCriminalsEmerging TrendsJeremiah Salzberg - CDW
K2. Understanding how and when to work with federal law enforcementIncident Response & Threat IntelligenceSteve Winterfeld - Akamai
K3. Cybersecurity Program Success in the Face of Budget ConstraintsSecurity ManagementLaz
K1. Don’t Quit Your Day Job - How to THRIVE in Your Career Without Suffering BurnoutSoft Skills/Career EnhancementAnnamarí Dietrichson
10:45 AM - 11:45 AM
L4. Phishing-proof and Passwordless PleaseEmerging TrendsChase Doelling - JumpCloud
L2. Adaptive Adversaries: The Evolution of Chinese Cyber EspionageIncident Response & Threat IntelligenceMatt Lin - Mandiant (now part of Google Cloud)
Austin Larsen - Mandiant (now part of Google Cloud)
L3. Coordinating Compliance: How to Leverage Frameworks and Maximize EfficienciesRisk & Compliance/LegislationLauren Edmonds - Schellman
L5. The Evolution Of A Security Program As The Business Moves From Datacenters To The Cloud & BeyondSecurity Stories/Lessons Learned/Case StudiesLee Vorthman - Oracle
L1. Life on a 5-Second Delay: Ethics Lessons Learned from Lifelong Hearing LossSoft Skills/Career EnhancementElizabeth McDowell - Audit Forward, LLC
L6. Win the Cyberwar with Zero TrustVendorJohn Kindervag - Palo Alto Networks
12:30 PM - 1:30 PM
M3. Engaging Your Senior Leadership on Cyber Risk ManagementRisk & Compliance/LegislationMichael Borgia - Davis Wright Tremaine LLP
M5. Pre-grad Pwning - How I cracked an MSP at 17Security Stories/Lessons Learned/Case StudiesLandon Rice - RedSense
12:30 PM - 4:00 PM
Women In SecuritySpecial Event 
1:00 PM - 4:00 PM
M4. Threat Modeling for Large Language ModelsAppSec & DevSecOpsJohn Dickson - Coalfire
M2. What To Do When It All Goes To Hell In A Hand-BasketIncident Response & Threat IntelligenceChris Roberts - Nuspire
M1. Governance of AI and Cybersecurity RiskSecurity ManagementKeyaan Williams - CLASS-LLC
Laz
Malcolm Harkins - HiddenLayer
Karen Worstell - W Risk Group LLC
1:30 PM - 4:00 PM
SANS Executive Cybersecurity ExerciseSpecial Event 
1:40 PM - 2:40 PM
O3. CyberLegalese Decoded: Navigating SEC Reporting, Legal Risks, and Cybersecurity GovernanceRisk & Compliance/LegislationAlex Kimata - Holland & Hart LLP
Richard Spilde - Holland & Hart
N5. Leadership Lessons Learned in CrisisSecurity Stories/Lessons Learned/Case StudiesDeborah Blyth - CrowdStrike
3:00 PM - 4:00 PM
N3. HOT TOPIC IN COMPLIANCE - ISO 27001 VS. AICPA SOC 2Risk & Compliance/LegislationRhonda Willert - LINFORD & COMPANY LLP
O5. Leadership, Cyber Security & the CISOSecurity Stories/Lessons Learned/Case StudiesPaul Herbka - American Cyber Security Management
Brian Sudis - American Cyber Security Management
REGISTER NOW!
Toggle filters

Name Track Speakers More Info
9:15 AM - 10:15 AM
A1. Cyberpsychology and AIAIErik Huffman - Handshake Leadership
A2. DevOps Security: Ensuring Continuous Protection in Software DevelopmentAppSec & DevSecOpsJagdish Mohite - Akamai Technology
A4. Human EDR: The Power of Training to Change the Narrative at Your EdgeSecurity ManagementMike Ellerhorst - NTM Advisory
A5. Real-Life Strategies for Governance, Risk, and Compliance with JIRA and Google WorkspaceSecurity Stories/Lessons Learned/Case StudiesMelissa Cooper - PubMatic
A6. Managing Third Party Risk as a Security ProfessionalRisk & Compliance/LegislationTimothy McCain - City of Aurora
A8. Know Your Worth 2: Even Worthier - Exploring the 2023 Colorado Salary Survey ResultsSoft Skills/Career EnhancementJoe McCallister - The Trade Desk
9:15 AM - 12:15 PM
SANS NETWARS CORE (Version 9) - Day 1Special Event 
10:20 AM - 10:50 AM
A New Sheriff in Town - Regulation and Oversight of APIs is Upon Us (Not Just Banks) Exhibit Hall Presentation 
11:00 AM - 12:00 PM
B1. Machine Learning & AI Models, A New Frontier in CybersecurityAIJason Wilcox - Source Advisors
B2. Evaluating Vendor AI Claims: Cutting Through the HypeAppSec & DevSecOpsJohn Dickson - Coalfire
B3. Recovering from the Blue Screen of Death: Aircraft Cybersecurity EditionEmerging TrendsOlivia Stella - Southwest Airlines
B4. Resolving Pain Points Within the CISO & Vendor RelationshipSecurity ManagementMike Kalac - Paymentus
Donald Klindt - Pentamix Security
Sue Lapierre - Prologis
Joseph McComb - Holland & Hart
Sheri Ricardo - National Renewable Energy Laboratory
B5. How AI is impacting Cyber Security and IT Team Operating ModelsSecurity Stories/Lessons Learned/Case StudiesAndy Pojuner - Altum Strategy Group
B6. Navigating Risk in the AI Storm of Today’s Digital LandscapeRisk & Compliance/LegislationSloane Dreyer - Holland & Hart LLP
Richard Spilde - Holland & Hart LLP
B7. First Aid Forensics: Investigating on a BudgetIncident Response & Threat IntelligenceStewart Deken - RubinBrown
B8. Mastering the Boardroom: Effective Communication Strategies for IT Security LeadersSoft Skills/Career EnhancementJames Christiansen - Netskope
Enhancing Cybersecurity with Data Posture Security Management VendorTim Burlowski - Veritas
1:15 PM - 2:15 PM
Best Practices for SASE: How Check Point is Accelerating Private and Internet AccessVendor 
C1. How is AI Impacting Privacy?AICarlin Dornbusch - American Cyber Security Management
Jill Stacey - Holland & Hart
Elizabeth Schweyen - Druva
Janis Preese
C2. Making Security Fun Again: Building a Proactive Security CultureAppSec & DevSecOpsDustin Lehr - Fivetran
C3. Exploitable Weaknesses in GenAI Workflows: From RAG to RichesEmerging TrendsPatrick Walsh - IronCore Labs
C4. Cybersecurity Lessons from Jurassic ParkSecurity ManagementRohit Satpathy - The PC Security Channel
C5. Managing Email Compromise and Wire Fraud IncidentsSecurity Stories/Lessons Learned/Case StudiesRobert Rudloff - RubinBrown LLP
C6. The Ripple Effects of SEC's Cyber Security Rule & Enforcement ActivityRisk & Compliance/LegislationDavid Navetta - Cooley LLP
C7. Deconstructing AWS Intrusions: Attack, Detect, Defend LabIncident Response & Threat IntelligenceRyan Thompson
C8. ISO 42001: An Introduction to the World’s First AI Certification (Part 1 of 2)PrivacyDanny Manimbo - Schellman
Joe Sigman - Schellman
Christian Hyatt - risk3sixty
C8. Your ’Future of Work” in Security: Next 10 Years Forecast and RoadmapSoft Skills/Career EnhancementDavid Foote - Foote Partners, LLC
2:30 PM - 3:30 PM
D1. Protecting AI From People & Protecting People From AIAI 
D2. In the Pipe, 5x5: Copilots + Automated SecurityAppSec & DevSecOpsAndrew Hoog - NowSecure
D3. Deploy Identity-based Zero Trust, but Keep the Firewall!Emerging TrendsChris Sanders
D4. Enabling Automated Security Control Validation with Tommyknocker Open SourceSecurity ManagementJeremy Banker - Independent Software Engineer
D5. Consolidating Audits Doesn't Always Have to be Dante's Inferno: A Case StudySecurity Stories/Lessons Learned/Case StudiesJoanne Puchek - Plante Moran
Kyle Miller
D6. Why Your Cybersecurity Budget is a Horse's AssRisk & Compliance/LegislationIra Winkler - CYE
D7. Building Out a Cyber Threat Intelligence TeamIncident Response & Threat IntelligenceJustin Jetton - Veeva Systems
D8. Differential Privacy and Privacy LawPrivacyThomas Codevilla - SK&S Law Group
Carlin Dornbusch - American Cyber Security Management
Toggle filters

Name Track Location Name Speakers More Info
9:15 AM - 10:15 AM
E1. ISO 42001: Artificial Intelligence Framework Deep Dive (Part 2 of 2)AIRoom 2BCChristian Hyatt - risk3sixty
Danny Manimbo - Schellman
Joe Sigman - Schellman
E2. Mobile Rules the World - Jump into Mobile AppSec with the OWASP MAS ProjectAppSec & DevSecOpsRoom 2HBrendan Hann - NowSecure
E3. Continuous Threat Exposure Management / CTEMEmerging TrendsRoom 2DETodd Felker - CrowdStrike
E4. AI: Fact, Fiction, and FrictionSecurity ManagementRoom 2AKevin Petschow - Cato Networks
E5. Hacking MFASecurity Stories/Lessons Learned/Case StudiesRoom 3CRoger Grimes - KnowBe4, Inc.
E6. Securing Tomorrow: Navigating the Impact of CMMC 2.0 on Department of Defense ContractorsRisk & Compliance/LegislationRoom 3DEAnders Erickson - Eide Bailly LLP
E7. Overcoming Cyber Threat Information Sharing Challenges: Too Much is at Stake in 2024Incident Response & Threat IntelligenceRoom 2FWayne Schepens - Cyber Risk Alliance
Chris Anthony - TeamWorx Security
E8. U.S. Privacy Legislation: Why We’re Still Doing It WrongPrivacyRoom 2GMike Pedrick - Nuspire
11:00 AM - 12:00 PM
F1. The Future Coder Will Be An LLM (and it's not as bad as you think)AIRoom 2BC 
F2. How to Use AppSec Testing as Part of an SSDLC to Prevent and Remediate Security VulnerabilitiesAppSec & DevSecOpsRoom 2HPaul Wowk - City National Bank
F3. Navigating the Truth: AI and the Impact on Media IntegrityEmerging TrendsRoom 2DEPatti Hallock - Independent
F4. Cloudy with a Chance of CyberattacksSecurity ManagementRoom 2AEtay Maor - Cato Networks
F5. Comedy in ComplianceSecurity Stories/Lessons Learned/Case StudiesRoom 3CPaige Needling - Needling Worldwide, LLC
F6. Be Aware, Get Prepared, Defend YourselfRisk & Compliance/LegislationRoom 3DEMichael Lines - Heuristic Security
F7. Moving From a Controls-Based to an Intelligence-Driven Security ProgramIncident Response & Threat IntelligenceRoom 2FRandall Frietzsche - Denver Health
F8. Steps to a Secure Portfolio: Due Diligence During M&A & BeyondPrivacyRoom 2GGina Yacone - Trace3
12:30 PM - 3:30 PM
SANS NETWARS CORE - Day 2Special EventRoom 3AB 
1:15 PM - 2:15 PM
G1. Rite Aid's Facepalm: The FTC Settlement Resulting in a 5 Year Ban on Facial Recognition TechAIRoom 2BCKatie Butler - Torch Law LLC
G2. “Vulnerability Scanning Your Web Applications Is A Trap and What To Do Instead”AppSec & DevSecOpsRoom 2HTerry Bradley - Mile High Cyber
G3. Information Assurance: The Next Chapter in IT AuditEmerging TrendsRoom 2DEAngela Appleby - Plante Moran
G4. Premiums to Payouts: Avoid Cyber Insurance Mistakes That Get Claims DeniedSecurity ManagementRoom 2ABrandon Clark - Procern Technology Solutions
G5. A CISO's Hiring Playbook: Proven Strategies for Building Great TeamsSecurity Stories/Lessons Learned/Case StudiesRoom 3CJeff Combs - J. Combs Search Advisors
G6. LinkedIn Unleashed: Strategies for Building a Personal Brand and Expanding Your NetworkSoft Skills/Career EnhancementRoom 2GCher Fox - Fox Consulting
G7. Fear and Loathing in the Board Room: A Hopeful Journey to SEC Compliance.Incident Response & Threat IntelligenceRoom 2FDouglas Brush - Accel Consulting, LLC
2:30 PM - 3:30 PM
F8. Green Horizons: Navigating Sustainability with ISO 14001Risk & Compliance/LegislationRoom 3DETom Andresen Gosselin - Schellman
H1. Architecting Advanced Cybersecurity Programs with Snowflake Connected ApplicationsAIRoom 2BCMatthew Sharp - Xactly
H2. Writing Secure Code == Writing Good CodeAppSec & DevSecOpsRoom 2HChristopher Clark - Documoto
H3. Weaponizing Your Cybersecurity Program Using Technology TransformationEmerging TrendsRoom 2DETodd Bell - GlobalDataLock.com
H4. Security Framework SoupSecurity ManagementRoom 2ADaniel Perkins - SecurIT360
H5. A One Hit Wonder - A Ransomware JourneySecurity Stories/Lessons Learned/Case StudiesRoom 3CCarlin Dornbusch - American Cyber Security Management
Paul Herbka - American Cyber Security Management
H6. The Wave is Here - Impact of AI on Careers in CybersecuritySoft Skills/Career EnhancementRoom 2GBrad Rager - Crux
H7. Attracting Cloudy Bees with Honey CloudsIncident Response & Threat IntelligenceRoom 2FNathaniel Quist - Palo Alto Networks