Tentative AGENDA

Toggle filters

Name Track Speakers More Info
7:30 AM - 8:00 AM
Buffet BreakfastSocial/Meal 
7:30 AM - 7:00 PM
Registration OpenAdmin 
8:00 AM - 9:00 AM
T1-2D. Visual Threat Intelligence – Unveil The Hidden GemsEmerging TrendsAlex Holden - Hold Security, LLC
T1-3A. Decrypting the Cryptocurrency Criminal Ecosystem Incident Response & Threat IntelligenceAndy Greenberg
Rick Howard - The CyberWire
T1-2A. Incident Response, Communications Plans, and Tabletop Exercises, Oh My!Incident Response & Threat IntelligenceBrad Rhodes - Accenture Federal Services
T1-3B. The SEC and You: Understanding “Materiality”Risk & Compliance/LegislationSteve Black - Texas Tech University School of Law
T1-3G. Apply Your Prior Experience(s) to Land a Job in InfoSecSoft Skills/Career EnhancementCharlotte Chance - Yass Partners
T1-2H. Improving Data and Threat Awareness During a Cyber ResponseVendorCasey Clark - Cohesity
8:00 AM - 12:00 PM
Women In SecuritySpecial Event 
8:15 AM - 12:15 PM
CISO Session Special Event 
9:15 AM - 10:15 AM
T2-3A. How Hackers Are Using AI, and How to Stop Them AIWill Bass - Flexential
T2-2D. The Modern Family of CyberCriminalsEmerging TrendsJeremiah Salzberg - CDW
T2-2A. Understanding how and when to work with federal law enforcementIncident Response & Threat IntelligenceSteve Winterfeld - Akamai
T2-3B. Why Your Cybersecurity Budget is a Horse's AssRisk & Compliance/LegislationIra Winkler - CYE
T2-2B. Cybersecurity Program Success in the Face of Budget ConstraintsSecurity ManagementDemetrios Lazarikos
T2-3G. Don’t Quit Your Day Job - How to THRIVE in Your Career Without Suffering BurnoutSoft Skills/Career EnhancementAnnamarí Dietrichson
T2-2H: Tier Zero: Applying Modern Security to Legacy Identities VendorMatthew Vinton - Quest Software
10:15 AM - 10:45 AM
Refreshment BreakSocial/Meal 
10:45 AM - 11:45 AM
T3-2D. Phishing-proof and Passwordless PleaseEmerging TrendsChase Doelling - JumpCloud
T3-2A. Adaptive Adversaries: The Evolution of Chinese Cyber EspionageIncident Response & Threat IntelligenceMatt Lin - Mandiant (now part of Google Cloud)
Austin Larsen - Mandiant (now part of Google Cloud)
T3-3B. Coordinating Compliance: How to Leverage Frameworks and Maximize EfficienciesRisk & Compliance/LegislationLauren Edmonds - Schellman
T3-2B. Master Situational Awareness to Optimize Material RiskSecurity ManagementSteve Winterfeld - Akamai
T3-3A. The Evolution Of A Security Program As The Business Moves From Datacenters To The Cloud & BeyondSecurity Stories/Lessons Learned/Case StudiesLee Vorthman - Oracle
T3-3G. Life on a 5-Second Delay: Ethics Lessons Learned from Lifelong Hearing LossSoft Skills/Career EnhancementElizabeth McDowell - Audit Forward, LLC
T3-2H. A Return to FundamentalsVendorJacob Rubin - EVOTEK
Matt Shufeldt - EVOTEK
12:00 PM - 1:00 PM
LunchSocial/Meal 
12:30 PM - 1:30 PM
T4-3B. Engaging Your Senior Leadership on Cyber Risk ManagementRisk & Compliance/LegislationMichael Borgia - Davis Wright Tremaine LLP
T4-3A. Pre-grad Pwning - How I cracked an MSP at 17Security Stories/Lessons Learned/Case StudiesLandon Rice - RedSense
12:30 PM - 4:00 PM
Women In SecuritySpecial Event 
12:45 PM - 3:45 PM
T4-2A. What To Do When It All Goes To Hell In A Hand-BasketIncident Response & Threat IntelligenceChris Roberts - Nuspire
1:00 PM - 4:00 PM
T4-3G. Threat Modeling for Large Language ModelsAppSec & DevSecOpsJohn Dickson - Bytewhisper Security
T4-2H. Deconstructing AWS Intrusions: Attack, Detect, Defend LabIncident Response & Threat IntelligenceRyan Thompson
T4-2B. Governance of AI and Cybersecurity RiskSecurity ManagementKeyaan Williams - CLASS-LLC
Demetrios Lazarikos
Malcolm Harkins - HiddenLayer
Karen Worstell - W Risk Group LLC
1:30 PM - 4:00 PM
SANS Executive Cybersecurity ExerciseSpecial Event 
1:40 PM - 2:40 PM
T5-3B. CyberLegalese Decoded: Navigating SEC Reporting, Legal Risks, and Cybersecurity GovernanceRisk & Compliance/LegislationAlex Kimata - Holland & Hart LLP
Richard Spilde - Holland & Hart
T5-3A. Leadership Lessons Learned in CrisisSecurity Stories/Lessons Learned/Case StudiesDeborah Blyth - CrowdStrike
2:45 PM - 3:00 PM
BreakSocial/Meal 
3:00 PM - 4:00 PM
T6-3B. Hot Topics in Compliance - ISO 27001 VS. AICPA SOC 2Risk & Compliance/LegislationRhonda Willert - LINFORD & COMPANY LLP
T6-3A. Leadership, Cyber Security & the CISOSecurity Stories/Lessons Learned/Case StudiesPaul Herbka - American Cyber Security Management
Brian Sudis - American Cyber Security Management
4:00 PM - 4:30 PM
NetworkingSocial/Meal 
4:30 PM - 5:30 PM
Opening Keynote with Rick Howard - Book Canon Award WinnerKeynoteAndy Greenberg
Gene Spafford
5:30 PM - 7:30 PM
Welcome "Game Night" Reception and Job FairSocial/Meal 
REGISTER NOW!
Toggle filters

Name Track Speakers More Info
7:00 AM - 8:00 AM
Buffet Breakfast in the Exhibit HallSocial/Meal 
7:00 AM - 4:30 PM
Registration OpenAdmin 
8:00 AM - 9:00 AM
Morning Keynote Session with Ben HammersleyKeynoteBen Hammersley
9:00 AM - 9:15 AM
BreakSocial/Meal 
9:15 AM - 10:15 AM
W1-2A. Evolution of threat intelligence, tracking your boss for fun, profit, and protectionIncident Response & Threat IntelligenceChris Roberts - Nuspire
W1-2B. Human EDR: The Power of Training to Change the Narrative at Your EdgeSecurity ManagementMike Ellerhorst - NTM Advisory
W1-2D. Quantum Reckoning: The Coming Day When Quantum Computers Breaks CryptographyEmerging TrendsRoger Grimes - KnowBe4, Inc.
W1-2G. Five Things DevOps Wants from InfoSecVendorNaomi Buckwalter
W1-3A. Real-Life Strategies for Governance, Risk, and Compliance with JIRA and Google WorkspaceSecurity Stories/Lessons Learned/Case StudiesMelissa Cooper - PubMatic
Stephen Edmonds
W1-3B. Managing Third Party Risk as a Security ProfessionalRisk & Compliance/LegislationTimothy McCain - City of Aurora
W1-3D. Cyberpsychology and AIAIErik Huffman - Handshake Leadership
W1-3F. The Self-Driving Enterprise: Google's Radical Vision for Transforming Security Operations with AI VendorToby Scales - Google
W1-3G. Know Your Worth 2: Even Worthier - Exploring the 2023 Colorado Salary Survey ResultsSoft Skills/Career EnhancementJoe McCallister - The Trade Desk
Jeff Ellis - Salesforce
9:15 AM - 12:15 PM
SANS NETWARS CORE (Version 9) - Day 1Special Event 
10:15 AM - 11:00 AM
Networking Break in Exhibit HallSocial/Meal 
10:25 AM - 10:55 AM
EHP: A New Sheriff in Town - Regulation and Oversight of APIs is Upon Us (Not Just Banks) Exhibit Hall PresentationKarl Mattson - Noname Security
Exhibit Hall PresentationsExhibit Hall Presentation 
11:00 AM - 12:00 PM
W2-2A. First Aid Forensics: Investigating on a BudgetIncident Response & Threat IntelligenceStewart Deken - RubinBrown
W2-2B. Resolving Pain Points Within the CISO & Vendor RelationshipSecurity ManagementMike Kalac - Paymentus
Donald Klindt - Pentamix Security
Sue Lapierre - Prologis
Joseph McComb - Holland & Hart
Sheri Ricardo - National Renewable Energy Laboratory
W2-2F. Evaluating Vendor AI Claims: Cutting Through the HypeAppSec & DevSecOpsJohn Dickson - Bytewhisper Security
W2-2G. Enhancing Cybersecurity with Data Security Posture ManagementVendorSubhash Kotar - Veritas Technologies
W2-3A. How AI is impacting Cyber Security and IT Team Operating ModelsSecurity Stories/Lessons Learned/Case StudiesAndy Pojuner - Altum Strategy Group
W2-3B. Navigating Risk in the AI Storm of Today’s Digital LandscapeRisk & Compliance/LegislationSloane Dreyer - Holland & Hart LLP
Rich Spilde - Holland & Hart LLP
W2-3D. Machine Learning & AI Models, A New Frontier in CybersecurityAIJason Wilcox - Source Advisors
W2-3F. Win the Cyberwar with Zero TrustVendorJohn Kindervag - Illumio
W2-3G. Mastering the Boardroom: Effective Communication Strategies for IT Security LeadersSoft Skills/Career EnhancementJames Christiansen - Netskope
12:00 PM - 1:15 PM
Lunch in Exhibit HallSocial/Meal 
12:40 PM - 1:10 PM
EHP: Tactics, Techniques & Procedures of Advanced Attackers: Insights and Countermeasures Exhibit Hall PresentationJames Broome - DirectDefense, Inc
Exhibit Hall PresentationsExhibit Hall Presentation 
1:15 PM - 2:15 PM
W3-2A. Highlights of the Red Canary 2024 Threat Detection Report VendorAlex Berninger - Red Canary
W3-2B. Cybersecurity Lessons from Jurassic ParkSecurity ManagementRohit Satpathy - The PC Security Channel
W3-2D. Exploitable Weaknesses in GenAI Workflows: From RAG to RichesEmerging TrendsPatrick Walsh - IronCore Labs
W3-2F. Making Security Fun Again: Building a Proactive Security CultureAppSec & DevSecOpsDustin Lehr - Fivetran
W3-2G. Best Practices for SASE: How Check Point is Accelerating Private and Internet AccessVendorJames Alvarez - Check Point
W3-3A. Managing Email Compromise and Wire Fraud IncidentsSecurity Stories/Lessons Learned/Case StudiesRobert Rudloff - RubinBrown LLP
W3-3B. The Ripple Effects of SEC's Cyber Security Rule & Enforcement ActivityRisk & Compliance/LegislationDavid Navetta - Cooley LLP
W3-3D. How is AI Impacting Privacy?AICarlin Dornbusch - American Cyber Security Management
Jill Stacey - Holland & Hart
Elizabeth Schweyen - Clari
Janis Preese
W3-3F. ISO 42001: An Introduction to the World’s First AI Certification (Part 1 of 2)AIDanny Manimbo - Schellman
Joe Sigman - Schellman
Christian Hyatt - risk3sixty
W3-3G. Your ’Future of Work” in Security: Next 10 Years Forecast and RoadmapSoft Skills/Career EnhancementDavid Foote - Foote Partners, LLC
2:15 PM - 2:30 PM
BreakSocial/Meal 
2:30 PM - 3:30 PM
W4-2A. Building Out a Cyber Threat Intelligence TeamIncident Response & Threat IntelligenceJustin Jetton - Veeva Systems
W4-2B. Enabling Automated Security Control Validation with Tommyknocker Open SourceSecurity ManagementJeremy Banker - Independent Software Engineer
W4-2D. Deploy Identity-based Zero Trust, but Keep the Firewall!Emerging TrendsChris Sanders
W4-2F. In the Pipe, 5x5: Copilots + Automated SecurityAppSec & DevSecOpsAndrew Hoog - NowSecure
W4-3A. Consolidating Audits Doesn't Always Have to be Dante's Inferno: A Case StudySecurity Stories/Lessons Learned/Case StudiesJoanne Puchek - Plante Moran
Kyle Miller
W4-3B. Cybersecurity Maturity Model Certification (CMMC): It is finally here!!!Risk & Compliance/LegislationMatt Titcombe - Peak InfoSec LLC
W4-3D. Protecting AI From People & Protecting People From AIAIJacob Rubin - EVOTEK
W4-3F. Differential Privacy and Privacy LawPrivacyThomas Codevilla - SK&S Law Group
3:30 PM - 4:15 PM
Networking Break in Exhibit HallSocial/Meal 
3:40 PM - 4:10 PM
EHP: Understanding Risk and Threat Exhibit Hall PresentationKaren Nguyen - Forescout Technology, Inc.
Exhibit Hall PresentationsExhibit Hall Presentation 
4:15 PM - 5:00 PM
Afternoon Keynote Presentation with Dr. Jessica BarkerKeynoteJessica Barker - Cygenta
Toggle filters

Name Track Location Name Speakers More Info
7:00 AM - 8:00 AM
Buffet Breakfast in the Exhibit HallSocial/MealExhibit Hall D 
7:00 AM - 12:00 PM
Registration OpenAdminBluebird Ballroom Prefunction 
8:00 AM - 9:00 AM
Morning Keynote Session with Chris LapingKeynoteBluebird Ballroom 1ABCChris Laping
9:00 AM - 9:45 AM
Networking Break in Exhibit HallSocial/MealExhibit Hall D 
9:10 AM - 9:40 AM
EHP: You Can’t Protect What You Can’t See: Minimizing Your Attack Surface Exhibit Hall PresentationExhibit Hall Stage AAlex Ruff - Trend Micro
Exhibit Hall PresentationsExhibit Hall PresentationExhibit Hall D 
9:15 AM - 10:15 AM
R1-3A. Hacking MFASecurity Stories/Lessons Learned/Case StudiesRoom 3ARoger Grimes - KnowBe4, Inc.
R1-3B. Securing Tomorrow: Navigating the Impact of CMMC 2.0 on Department of Defense ContractorsRisk & Compliance/LegislationRoom 3BCAnders Erickson - Eide Bailly LLP
R1-3D. ISO 42001: Artificial Intelligence Framework Deep Dive (Part 2 of 2)AIRoom 3DEChristian Hyatt - risk3sixty
Danny Manimbo - Schellman
Joe Sigman - Schellman
R1-3G. U.S. Privacy Legislation: Why We’re Still Doing It WrongPrivacyRoom 3GMike Pedrick - Nuspire
9:45 AM - 10:45 AM
R1-2A. Overcoming Cyber Threat Information Sharing Challenges: Too Much is at Stake in 2024Incident Response & Threat IntelligenceRoom 2AWayne Schepens - Cyber Risk Alliance
Dave Stapleton - ProcessUnity
R1-2B. AI: Fact, Fiction, and FrictionSecurity ManagementRoom 2BCEtay Maor - Cato Networks
R1-2D. Continuous Threat Exposure Management / CTEMEmerging TrendsRoom 2DETodd Felker - CrowdStrike
R1-2F. Mobile Rules the World - Jump into Mobile AppSec with the OWASP MAS ProjectAppSec & DevSecOpsRoom 2FBrendan Hann - NowSecure
10:45 AM - 11:00 AM
BreakSocial/MealBluebird Ballroom Corridor 
11:00 AM - 12:00 PM
R2-2A. Moving From a Controls-Based to an Intelligence-Driven Security ProgramIncident Response & Threat IntelligenceRoom 2ARandall Frietzsche - Denver Health
R2-2B. Cloudy with a Chance of CyberattacksSecurity ManagementRoom 2BCEtay Maor - Cato Networks
R2-2D. Navigating the Truth: AI and the Impact on Media IntegrityEmerging TrendsRoom 2DEPatti Hallock - Trace3
R2-2F. How to Use AppSec Testing as Part of an SSDLC to Prevent and Remediate Security VulnerabilitiesAppSec & DevSecOpsRoom 2FPaul Wowk - City National Bank
R2-3A. Comedy in ComplianceSecurity Stories/Lessons Learned/Case StudiesRoom 3APaige Needling - Needling Worldwide, LLC
R2-3B. Be Aware, Get Prepared, Defend YourselfRisk & Compliance/LegislationRoom 3BCMichael Lines - Heuristic Security
R2-3D. The Future Coder Will Be An LLM (and it's not as bad as you think)AIRoom 3DEGreg Sternberg - Evotek
R2-3G. Steps to a Secure Portfolio: Due Diligence During M&A & BeyondPrivacyRoom 3GGina Yacone - Trace3
12:00 PM - 1:15 PM
Lunch in Exhibit HallSocial/MealExhibit Hall D 
12:30 PM - 3:30 PM
SANS NETWARS CORE - Day 2Special EventRoom 2H 
12:40 PM - 1:10 PM
EHP: Say Goodbye to Legacy SIEM and Hello to Modern Security Operations Exhibit Hall PresentationExhibit Hall Stage ADave Herrald - Google Cloud
Exhibit Hall PresentationsExhibit Hall PresentationExhibit Hall D 
1:15 PM - 2:15 PM
R3-2A. Fear and Loathing in the Board Room: A Hopeful Journey to SEC Compliance.Incident Response & Threat IntelligenceRoom 2ADouglas Brush - Brush Cyber
R3-2B. Premiums to Payouts: Avoid Cyber Insurance Mistakes That Get Claims DeniedSecurity ManagementRoom 2BCBrandon Clark - Procern Technology Solutions
R3-2D. Information Assurance: The Next Chapter in IT AuditEmerging TrendsRoom 2DEAngela Appleby - Plante Moran
R3-2F. “Vulnerability Scanning Your Web Applications Is A Trap and What To Do Instead”AppSec & DevSecOpsRoom 2FTerry Bradley - Mile High Cyber
R3-3A. A CISO's Hiring Playbook: Proven Strategies for Building Great TeamsSecurity Stories/Lessons Learned/Case StudiesRoom 3AJeff Combs - J. Combs Search Advisors
R3-3D. Rite Aid's Facepalm: The FTC Settlement Resulting in a 5 Year Ban on Facial Recognition TechAIRoom 3DEKatie Butler - Torch Law LLC
R3-3G. LinkedIn Unleashed: Strategies for Building a Personal Brand and Expanding Your NetworkSoft Skills/Career EnhancementRoom 3GCher Fox - Fox Consulting
2:15 PM - 2:30 PM
BreakSocial/MealBluebird Ballroom Corridor 
2:30 PM - 3:30 PM
R4-2A. Attracting Cloudy Bees with Honey CloudsIncident Response & Threat IntelligenceRoom 2ANathaniel Quist - Palo Alto Networks
R4-2B. Security Framework SoupSecurity ManagementRoom 2BCDaniel Perkins - SecurIT360
R4-2D. Weaponizing Your Cybersecurity Program Using Technology TransformationEmerging TrendsRoom 2DETodd Bell - GlobalDataLock.com
R4-2F. Writing Secure Code == Writing Good CodeAppSec & DevSecOpsRoom 2FChristopher Clark - Documoto
R4-3A. A One Hit Wonder - A Ransomware JourneySecurity Stories/Lessons Learned/Case StudiesRoom 3ACarlin Dornbusch - American Cyber Security Management
Paul Herbka - American Cyber Security Management
R4-3B. Green Horizons: Navigating Sustainability with ISO 14001Risk & Compliance/LegislationRoom 3BCTom Andresen Gosselin - Schellman
Nisha Ellis - Schellman Compliance, LLC.
R4-3D. Architecting Advanced Cybersecurity Programs with Snowflake Connected ApplicationsAIRoom 3DEMatthew Sharp - Xactly
R4-3G. The Wave is Here - Impact of AI on Careers in CybersecuritySoft Skills/Career EnhancementRoom 3GBrad Rager - Crux
3:30 PM - 5:00 PM
Closing Keynote Session with Sean Swarner and Prize DrawingsKeynoteBluebird Ballroom 1ABC