SafeBreach Validate East

Welcome – The Future of BAS

• Guy Bejerano; CEO & Co-Founder, SafeBreach

Navigating the Security Leadership Rollercoaster: Thrills & Challenges Ahead

• Ed Amoroso, Chief Executive Officer, TAG Cyber

Architecting Cyber Resilience: Building Your Breach and Attack Simulation Program

• Moderator: Derek Krein, Security Services Director, SafeBreach

In recent years, breach and attack simulation (BAS) has gained significant traction among enterprises, emerging as a crucial component in fortifying proactive security by automating the ongoing testing of threat vectors. It empowers organizations to verify potential threats, enhance security controls, identify vulnerabilities in critical assets, and prioritize remediation efforts to bolster cyber resilience. To achieve optimal outcomes, it’s imperative to recognize that BAS transcends mere tool status – it embodies a comprehensive program. Our expert panel will delve into the principles for developing a successful BAS program in this session. Key topics of discussion include:

• Developing a strategic approach that aligns security objectives with real-world threat scenarios and its synergies with other proactive security initiatives
• Winning buy-in from other teams to simplify deployment
• Amplifying team capabilities through strategic BAS staffing
• Unveiling strategies for seamlessly integrating simulations into cybersecurity operations, thereby facilitating continuous testing, fine-tuning, and adaptability to evolving threat landscapes
• Gauging program success through the exploration of pivotal key performance indicators (KPIs) and metrics that measure the efficacy of your BAS program
• Effectively communicating the program’s value to stakeholders, empowering informed decisions for further enhancing cyber resilience.

Attacking Your Way to Answsers

• Tomer Bar, Vice President of Security Research, SafeBreach

It’s no secret that the attack surface is increasing, and the best defense is one that’s matched to the most relevant risks. Through proactive and reactive research, The SafeBreach Labs team helps customers discover their most critical threats and security gaps by building the industry’s most current and complete playbook of attacks.

In this session, SafeBreach Director of Research Tomer Bar will share how attacks are conducted, which APT groups have been the most active, and what risks they pose to enterprises.  Tomer will also:

• Discuss how to leverage recent vulnerabilities to gain accurate insights
• Preview new research the team is working on and ways to easily access the most recent updates
• Share insight into recent CVEs the team has uncovered and how they impact your organization

Fortifying Cyber Defenses: Leveraging BAS to Select an EDR

• Steven Beasley, Global Enterprise Security Architect, Olin

As adversaries become more sophisticated, the importance of selecting the right EDR solution cannot be overstated. With so many options on the market, where do you begin, what should you measure, and how do you ensure fair testing against your network?  

During this panel, we will hear from our customers who will share their experiences running their EDR bakeoff using breach and attack simulation.  We will discuss: 

• How to create the criteria for choosing EDR solutions that align with your organization’s security goals
• Which scenarios are designed to challenge EDR solutions and assess their capabilities under controlled conditions
• What are the best practices for executing your tests? 
• How can you communicate results with the vendors you are evaluating? 

Mastering the (Extra)Ordinary: A New Red Team Maturity Model

• Garet Stroup, Director, Cyber Threat Simulation, Humana
• Brent Harrell, Principal, Red Team Lead, Humana