UNITED day 2 kicked off another solid day full of great content and speakers.
In one of the first sessions of the day, we heard directly from the voice of customers with a great case study on how UserInsight sped up incident investigation at one customers' organization, from 5 days to just one:
Those stats are certainly impressive enough on their own. But we knew it was a late night for a lot of folks the night before (thanks to the fantastic UNITED party!), so for the next session we decided to do something a little different -- a Security DEATH MATCH!!* -- Red Team versus Blue Team, Pen Tester versus Incident Responder, Leon Johnson (@sho_luv) versus Mike Scutt (@omgAPT) complete with referee, round bell, and boxing gloves.
Yes, really! Take a look:
*No security professionals were actually harmed during this session.
It was a tough match with plenty of hooks and jabs, and our audience helped determine the winner of each of the three rounds. The winner of this year's Death Match? Drumroll please...
When's the last time you saw something like THAT at a security conference?
Another highlight of the day was hearing Nick Percoco's (@c7five) Security & The Internet of Things talk, a version of which he gave at SXSW this year to a packed audience. It was fascinating to hear his vision of what the future holds, and what kind of tech we might see, as well as their unintended consequences.
It doesn't have to be a scary version of the future if we're thinking of security as we build this tech, and if we empower the general public to be consumer-minded as well. Certainly it won't be easy, but it's worth shooting for.
We had the privilege of hosting one of the great minds behind the oft-cited Verizon DBIR at UNITED this year, Bob Rudis (@hrbrmstr). Bob had a session in the afternoon all about the DBIR, called "From DBIR to Decisions," stats that sometimes get misread or overlooked, and what some of the key takeaways from the DBIR are -- beyond the usual soundbytes that get repeated in popular media.
Here's one example from Bob about mobile breaches:
Closing up the day's agenda was a panel with Josh Feinblum (@thecustos), Jen Ellis (@infosecjen), and Wade Woolwine (@wadew) on The Art of Crisis Management. The panelists represented a Information Security, Communications & Incident Response cross-functional team and they discussed some of their methods for dealing with crises, and even times when they've stumbled and the lessons they learned on what to improve. I hope our attendees walked away from this session with some solid pointers on how to implement a crisis plan, or strengthen any practices already in place.
Thanks again to everyone who joined us for UNITED 2015 - we couldn't have asked for a better group of phenomenal attendees, speakers and partners! I had a wonderful time meeting so many of you and getting to put some handles/avatars to real names and faces. Let's do it again next year for UNITED 2016!
Want to see ALL the video clips from UNITED this year? They're on this YouTube playlist here: Rapid7 UNITED Security Summit 2015 - YouTube