Pre-Conference Workshops

Presenter: Jim Shea and Brandon Finton, Cyber Defense Institute


Session Title: Critical Security Controls for Small and Medium Size Organizations


For small and medium size organizations that don’t have dedicated security personal, securing organizational data and assets can be a daunting task. Add on top of that regulatory requirements such as HIPAA, PCI, NYS DFS, DoD, or any of the security standards and the average IT manager or practitioner could be easily overwhelmed.

Enter the CIS Critical Security Controls, formerly known as the “SANS Top 20.” These best practices are the gold standard, and can be implemented in any organization, large or small. In this workshop, we’ll walk through what the controls are, and what you can do to implement them in your environment. Throughout the workshop, we’ll tie the controls to the regulations, and we’ll share stories from the trenches of some organizations that did implement the controls and some that didn’t. By the end of this workshop you will be familiar with the controls, and ways that you can implement them in your organization.


Presenter: Sean Miller, Systems Engineer


Session Title: Cisco Firepower Threat Defense Lab


The lab is aimed at technical decision makers, security engineers and CSOs with an interest in security technology. The focus is not on how to install or configure (the Before Phase). Instead, we will start working with a preconfigured system. The focus is instead on understanding how to work with this system trying to detect and mitigate an attack (The After Phase). The lab assumes an general understanding of techniques used by attackers in the Attack Kill Chain (will be reviewed). The lab does not assume any prior training on Firepower

  • Scenario 1: The Attack—assume the role of an attacker, perform a realistic attack against the target organization, use phishing with a malicious Excel to take control of a client on the inside of the network, and leverage the compromised client to attack other systems on the inside.
  • Scenario 2: Getting Started with Firepower Management Center—become familiar with the Firepower Management Center (FMC) in order to understand the overall structure of the FMC, including how FMC automatically discovers the network it is protecting, the operating systems, the applications relevant vulnerabilities, and logged in users. This also focuses on a typical NGFW policy, understanding the ability to create policies to control applications and to leverage user identity from Cisco Identity Services Engine (ISE).
  • Scenario 3: Detection and Analysis—investigate a reported attack (the one from Scenario 1) using Firepower Management Center, looking at Indicators of Compromise (IoCs) and correlating events from IPS, Advanced Malware Protection (AMP), and Security Intelligence to understand the attack and the impact.
  • Scenario 4: Rapid Threat Containment with Cisco ISE. Here we see how we can automatically put a compromised client into quarantine leveraging Cisco Identity Service Engine.
  • Scenario 5: Reporting—analyze and customize sample reports.

The Fine Print

  • This workshop is limited to 15 participants
  • Laptops required



Presenter: Vikas Bhatia, Founder & CEO, JustProtect


Session Title: How to make vendor risk management functional, and secure


We can't do everything. Because of that, we enlist vendors to help in the areas outside of our expertise. However, doing so opens organizations up to risk. How can we address this problem? It all begins with assessments. But not once in a blue moon, at an overall level assessments. This presentation will discuss how continual compliance assessment, at multiple levels of an organization, is the answer. In it, we will explore how simplifying the overall assessment process makes it easy to make the right decision for your organization, while balancing security, and functionality.



Presenter: Sean Miller, Systems Engineer, Cisco


Session Title: Cisco 4D SD-WAN (Viptela) Lab


Viptela provides a compelling SD-WAN solution with advanced routing, segmentation and security capabilities for interconnecting complex enterprise networks. Its cloud-based network management, orchestration and overlay technologies make it easy to deploy and manage SD-WAN.

  • Scenario 1 – An overview of the SD-WAN vManage dashboard and discussion around Zero Touch Provisioning (ZTP) capability. Branch site routers, with design best practices, can easily be provisioned by leveraging automation through zero touch provisioning and centralized configuration. Centralized configuration utilizes the templates that can be pre-configured before device deployment
  • Scenario 2 – Use the Hybrid WAN connectivity over multiple WAN transport connections. Show connectivity could be established over any kind of transport, application steering over any transport. Using IP as transport to create flexible data plane topologies from full-mesh to Hub-n-Spoke to any arbitrary topologies
  • Scenario 3 – Demonstrate business defined insertion of services (FW, IPS, IDS, etc) utilizing centralized policies. Flexible architecture where services can be deployed in any of the site(s) irrespective of the physical topology. Simple policy activation can make selected applications and sites to go through the required service
  • Scenario 4 – Show the simplicity of using application firewalling policies centrally. Various applications and/or flows would not be allowed between sites. Simple centralized policy activation would enforce such policies to any site on the overlay
  • Scenario 5 – Use the Application aware routing along with arbitrary topology networking to show the business policy driven view of application classification, connectivity and QoS provisioning. Discuss Application Performance settings while highlighting the ability of the network to dynamically switch paths to preserve a consistent application experience
  • Scenario 6 – Policy driven Data Center preferences for different branches. A subset of branches could prefer one Data Center over the other as a regional Internet exit

The Fine Print

  • This workshop is limited to 15 participants
  • Laptops required


Our Presenting Sponsors




It’s a little different perspective than I’ve gotten from other tradeshows, other organizations, other groups. That’s the part that has made it more interesting.

- MJ
Voice Team Leader