If you read about how great Day 1 was, or about the amazing Rapid Fire panel, then it should be no surprise that Day 2 of #UNITEDSummit once again had top-notch speakers, lots of energy and empowerment. Here are the highlights:
Customers were brought to a place of wonderment with “Fantastic Threat Intel and Where to Find Them” presented by Rebekah Brown and Rick Holland. After “sorting” the audience into their respective security houses, they discussed the difficulty in defining threat intelligence. To help clarify, they provided the following, succinct, definition: Threat intelligence helps make decisions about preventing and detecting attackers.” They stressed the importance of setting yourself up for success, otherwise you will fail – and while it may not be easy to establish a solid threat intelligence program, it is worthwhile.
Over in the research track, Harley Geiger discussed the importance of having legal protections for security researchers and how other companies can best prepare themselves to handle vulnerability disclosures. When it comes to vulnerability disclosure policies, there is no downside to having a plan. Likewise, researchers should have a process for disclosing vulnerabilities that encourages cooperation. This includes engaging with the company (sharing all findings and working through them with the company), notifying CERT, and providing time for a patch or other mitigations to be put in place before going public with the vulnerability. The more researchers adopt best practices like this, the more disclosures will be seen as beneficial for the security community.
— Katie Moussouris (@k8em0) November 3, 2016
Later, we met the new heroes of security for a discussion on how to empower professionals in the age of IoT. While IoT may be the new “hot topic,” there's very little being discussed about the opportunity for security professionals. Our lives are becoming increasingly dependent on interconnected technologies, which means society is becoming more reliant on security professionals. Here's a few highlights from Twitter:
— InternMike (@InternMike) November 3, 2016
— Kimberlee Bachman (@Bachman_K) November 3, 2016
The afternoon tracks featured some empowering sessions as well. A sampling of these included:
- Welcome to the Metaverse: Metasploit and Beyond: Metasploit is growing! The open source community is more vibrant than ever, and that energy is expanding into the emerging Rapid7 platform. Speakers discussed the current status of the Metasploit Framework, open source projects, and the surrounding communities. Additionally, they talked about broad-reaching initiatives within the Metasploit Team, including Phishing as a Service, Attacker Simulation, and exploiting the Internet of Things.
- CISO Panel: Managing Threat Risk, People, and the Board: The role of CISO changes nearly every year, and with it the modern security program and department. This panel of CISOs from a variety of industries and organization sizes discussed some of the unique aspects of being a CISO in today's landscape, how they build teams to manage exposures/threats, where they prioritize, and where they think the role is heading in the next few years.
- Inside InsightIDR: Optimizing UX for Incident Responders: During this session, attendees were empowered to become rockstars, with tips and tricks on how to find out what's happening in their IT environment. Attendees participated in a live, interactive design partnership aimed at improving investigation and detection workflows, and then got an opportunity to influence future versions of InsightIDR based on what's important to them.