JULY 21-22, 2020

AGENDA

Tuesday, July 21

11:00 AM

CyberArk Vision & Strategy

Keynote Session

Udi Mokady | Founder, Chairman & CEO

11:40 AM

Identity Security Vision

Keynote Session

Chen Bitan – General Manager Israel, Chief Product Officer
Archit Lohokare – VP Product Management

12:00 PM

Securing Privileged Access in a Hybrid World

Keynote Session

Karen Eldor – VP Product Management
Yair Sade – VP Product Management

12:20 PM

Securing the Remote Workforce in the New Norm

Keynote Session

Archit Lohokare – VP Product Management
Gil Rapaport – Head of Alero Business Unit

12:40 PM

C3 Alliance: Identity Security is a Team Game

Keynote Session

Adam Bosnian – EVP, Global Business Development

1:00 PM

CyberArk Privilege Cloud: An Introduction to CyberArk's PAM as-a-Service Solution

Breakout Session | Explore CyberArk SaaS Solutions

As businesses continue to undergo digital transformations, finding security solutions that minimize on-premises infrastructure, reduce time to value and secure critical resources is of the utmost importance. Attend this session as we showcase CyberArk Privilege Cloud, the as-a-Service offering from the #1 leader in Privileged Access Management. We will be covering the back-end architecture, use cases of securing privileged accounts and credentials, as well as the Guided Success Plan; a repeatable 3 step process that you can use to plan, deploy and scale your Privilege Cloud solution.

The World of Credential Theft Malware

Breakout Session | Defend Against Sophisticated Attacks

Welcome to the world of credential theft malware, where attackers can steal your privileged credentials through a wide variety of techniques. The use of malware is one of the most popular and easiest ways attackers steal credentials. Attend this session to gain a better understanding of the different types and strains of credential theft malware, how each type operates and practical methods on how to defend against this threat.

Uncovering the True Impact of Digital Transformation with CyberArk

Breakout Session | Secure Automation and Digital Transformation

Many organizations are already executing on their digital transformation and cloud strategies. During this session, we will highlight how developers can secure both the human’s credentials used to access developer tools and cloud admin consoles, as well as the credentials used by applications and other non-human identities. Additionally, we will dive deep into the processes and tools that help your organization manage these challenges.

PAM 101: Learn the Basics

Breakout Session | Introduction to Privileged Access Management

Why is privileged access so important? Why are attackers inside and outside the enterprise zeroing in on privileged accounts? What can you do to protect your organization? These are the questions that we will be addressing in this introduction to privileged access management session. Understand the basics to better mitigate the risk of malicious insiders or external attackers from gaining access to the heart of the enterprise; and learn the foundational elements within the CyberArk solution to address this challenge.

PwC

Sponsor Session

2:00 PM

Identity Assurance with Adaptive MFA

Breakout Session | Explore CyberArk SaaS Solutions

Compromised credentials are one of the most commonly used methods in gaining unauthorized access to apps and data. That’s why organizations implement Multi-factor Authentication (MFA) to prevent account takeovers. However, MFA is still not mandated in the vast majority of companies. The underlying reason is simply because admins just don’t want to bother their users with it. But there are ways to make secondary authentication painless and keep organizations secure. In this session, we’ll cover the differences between the “always-on” and “risk-based” MFA solutions and suggest steps companies can take to accelerate the adoption of MFA without sacrificing user experience.

Attack and Defend Live

Breakout Session | Defend Against Sophisticated Attacks

In this live attack and defend series, our Red and Blue teams go head-to-head to show both basic and advanced attacks that gain access to the “crown jewels.” Learn about some of the foundational controls you should be leveraging to develop strong defense and security from a myriad of different attacks.

Practical Workstation Protection: Best Practices

Breakout Session | Product and Solution Best Practices

Workstation targeted attacks revolve around privilege, whether they are Windows-based or MacOS ones. As attackers aim for a foothold in your organization, they’re looking to steal credentials, manipulate applications, and move laterally across the network. In this session we will share best practices for protecting your organization from these advanced attacks, and showcase practical ways to implement the principal of least privilege across all of your Windows and Mac workstations.

Optimize PAM Operations with PowerShell and Automation

Customer Case Study | Secure Automation and Digital Transformation

In this session, attendees will discover practical recommendations for automating and maintaining CyberArk systems. Learn about commands which can be used in stand-alone scripts, or interactively at the command line, and will save you time and effort in delivering high quality PAM operations and administration to your organization.

KPMG

Sponsor Session

3:00 PM

Identity Management with Modern Single Sign-On

Breakout Session | Explore CyberArk SaaS Solutions

Single Sign-On (SSO) is an effective way to manage your employee, customer, and partner identities. With SSO, users leverage a single set of credentials to access applications, endpoints and systems. This enables organizations to lower the risk of poor password practices, increase user productivity and eliminate IT overhead. However, not all SSO solutions are created equal, and choosing the right one can be a challenging process. For example, large organizations that leverage Active Directory with multiple domains must consider how well an SSO solution integrates with their existing directory infrastructure. At the same time, smaller IT teams might need to focus on solutions’ self-service capabilities to reduce the volume of help desk requests. In this session, we will discuss the key considerations that will help you to select the best SSO for your organization.

Renegade Robots: The CISOs Take on Securing Robotic Process Automation

Breakout Session | Secure Automation and Digital Transformation

Robotic Process Automation (RPA) is rapidly being adopted. What could go wrong with a fleet of robots that have high levels of access across multiple sensitive business processes? In this session we will be presenting the key findings and recommendations from industry leading CISOs involved in a research study on securing RPA. Hear how attackers from inside and out can attempt to exploit privileged access in RPA systems. Learn how leading organizations are mitigating the risks.

Remote Risk: Best Practices: Securing Remote Vendor Access

Breakout Session | Product and Solution Best Practices

Remote vendors have authorized access to networks, allowing them to change, alter or impact the operational service of the target organization – this is why they’re so often targeted by attackers. Learn about CyberArk Alero, a new SaaS offering from CyberArk that helps organizations to not only secure, but manage proper access from third parties to critical internal resources. In this session we will be covering recent notable breaches that involve remote vendor access, walk through high and low level architectures, perform a live product demonstration and much more!

Enabling Your Business – A Customer’s Journey Through Privileged Access Management

Customer Case Study | Introduction to Privileged Access Management

Experience the journey through a Privileged Access Management (PAM) program, as it enables business capabilities, drives efficiencies and reduces risk.  Attend this session if you are an IAM leader or an executive interested in understanding how  PAM can positively impact your organization, complement your enterprise risk framework, and align to your overall cybersecurity strategy.  Gain insights into PAM experiences through the eyes of a consumer.

Optiv: A Zero Trust Journey: What are the Building Blocks?

Sponsor Session

Zero Trust can transform your companies security as organizations migrate to a universal platform – a result of digital transformation and the cloud. Knowing where to start, however, and how to get to a fully mature Zero Trust framework can be challenging. Join Optiv’s Jerry W. Chapman, Technical Director for Digital Identity and Data Management, to discuss what are the key building blocks to methodically achieve full Zero Trust and optimal security while adapting to an evolving infrastructure.

Wednesday, July 22

11:00 AM

Building a Secure Source of Truth to Automate Identity Lifecycle Management

Breakout Session | Explore CyberArk SaaS Solutions

Many organizations struggle to manage a growing number of identities in the workplace. User identities are stored in multiple disconnected directories, attributes are formatted inconsistently, and user data is often out of sync. This is a challenge for IT teams who need to have a single and secure source of truth to automate onboarding processes, dynamically update access with role changes, and prevent unauthorized access when employees leave the organization. In this session, you will learn how Idaptive Directory Services (including the Idaptive Cloud Directory) can integrate with your existing identity infrastructure to become your single source of truth for digital identities, without replicating or synchronizing data into yet another directory. You will also hear how Idaptive Lifecycle Management can help you automate your HR processes, simplify access provisioning, and ensure that the right access is granted at every stage of your employees’ lifecycle.

Managing PAM as-a-Service versus Traditional On-Premises

Breakout Session | Introduction to Privileged Access Management

Privileged Access Management (PAM) as a Service could be a big improvement for organizations that don’t have resources to deploy and maintain an on-premises PAM solution. And while some organizations either prefer, or have strict mandates that require critical security solutions to remain with the confines of the four walls of their data center, PAM as a Service is a good way for organizations to get a foundational security solution up and running faster and easier than ever, all in a cost-effective manner. In this technical session, we will present some of the key differences between the two consumption models, to better educate you in the early stages of considering a PAM program.

Breaking the Cloud Using Five Different Methods

Breakout Session | Defend Against Sophisticated Attacks

Cloud environments exist everywhere. This in turn means that attackers are super motivated in finding ways to penetrate organizations’ cloud infrastructure. In this session, we will present findings from the CyberArk Labs team, demonstrate five attack techniques, and highlight fundamental considerations such as:
1. How attackers can steal cloud credentials from endpoints, code and cloud VMs
2. How intruders can compromise cloud users with only a few permissions, but still succeed to escalate their permissions and become full admins
3. How to target SSO and IAM solutions that many organizations use for integrating their on-prem network to the cloud

A Hole in The Ship: Attacking Kubernetes Cluster

Breakout Session | Secure Automation and Digital Transformation

As Kubernetes increases in adoption it is inevitable that more clusters will come under attack to compromise specific applications, or simply to gain access to resources for things such as crypto-coin mining. In this session we will cover a number of different attacks on Kubernetes clusters. We will start with a little history on some of the more well known Kubernetes vulnerabilities. We will then highlight how easy it is to perform reconnaissance on Kubernetes, exploit RBAC permissions, as well as cover other different attacks that will compromise the cluster.

Forrester- Top Trends Shaping IAM In 2020

Analyst Session | Introduction to Privileged Access Management

This session featuring Forrester Research Sr. Analyst Sean Ryan highlights the top trends influencing identity and access management (IAM), including enterprise and customer IAM as well as access management and governance. Featured topics:

  • Multifactor authentication
  • Identity management and governance
  • Privileged identity management for DevOps and business users
  • Just-in-Time access controls

12:00 PM

Securing Endpoints for SaaS-first Organizations

Breakout Session | Explore CyberArk SaaS Solutions

In recent months, organizations both large and small have been forced to adjust to remote work, adding many new endpoints that need to be secured and managed. Opportunistic cyber attackers are making moves. In this session that targets organizations with a SaaS-first strategy, we will dive deep on how to add a fundamental building block to your endpoint security program, regardless of their location to prevent and block attacks that originate on the endpoint.

PAM 101: Core Basics of a Successful Privileged Access Management Program

Breakout Session | Introduction to Privileged Access Management

For a successful Privileged Access Management (PAM) program, organizations need more than just a tool. They need strategic guidance across people, process, and technology domains from industry experts with years of experience, breach and best practice know how – and – a proven track record of success. Join our CyberArk experts as we review 3 guiding principles that are critical to mitigating risk: prevent credential theft, stop lateral and vertical movement and limit privilege escalation and abuse.

Native Access for Privileged Session Management: UX is King

Breakout Session | Product and Solution Best Practices

A positive end user experience is top priority when trying to implement any security solution. Attend this session to understand all the various flavors of CyberArk’s Core Privileged Access Security Solution’s session management capabilities. See how CyberArk is enabling users to leverage the tools they’re most familiar with, while securing critical infrastructure with CyberArk’s industry leading solution.

CI/CD and Development Environments – The Achilles Heel That Attackers Are Exploiting

Breakout Session | Secure Automation and Digital Transformation

With widely used tools such as Jenkins and Ansible becoming Tier 0 assets, it’s no surprise development environments are becoming an increasingly important priority for security teams. In this session you’ll learn how to leverage Application Access Manager and other CyberArk solutions, from Core PAS to innovations such as Secretless Broker and open source, to secure secrets and application credentials. The session will focus on solutions for securing application portfolios, containerized environments, and automation tools. In addition, we will look at the challenges and best practices for working with developers to implement secure best practices across DevOps and other development environments.

1:00 PM

Secure Access for Remote Users and Protect Critical Systems

Breakout Session | Explore CyberArk SaaS Solutions

Remote access has been on the rise – consider all of the recent events and trends that have led to a rise in the remote workforce. In addition to the proliferation of remote vendors, remote employees may require access to corporate servers, customer data, email, databases and other cloud-based applications from their laptops or mobile devices without directly connecting to the internal company network.

Business continuity must also account for situations that may require organizations to provide remote workers with controlled access to critical systems. Having manual and/or patchwork processes in place can dramatically increase risk as well as cause operational headaches for end-users and security practitioners alike. With a Privileged Access Management (PAM) program in place, organizations can properly mitigate risks.

Access Control and Linux: Best Practices for Risk Reduction and Accountability

Breakout Session | Product and Solution Best Practices

Extending the principle of least privilege to your Linux distributions is critical in today’s modernized environments. Modern infrastructure and the use of containers has become a practice adopted by most every organization both large and small. Attend this session and learn how to centrally manage and enforce granular access controls and establish superuser accountability, provide a full audit trail and recording of all privileged access activity on all of your Linux systems.

On-Demand Sessions

ON DEMAND

PAS Administration for Beginners

Training Session | Explore CyberArk SaaS Solutions

In this session attendees will get introduced to the various administration tools, configuration files, and log files, that are an essential part of any vault administrators’ day-to-day responsibilities.

Introduction to Alero

Training Session | Explore CyberArk SaaS Solutions

In this session attendees will gain a deeper understanding of CyberArk Alero, a new SaaS based service that combines Zero Trust access, biometric authentication and seamless just-in-time provisioning for remote vendors and company users connecting to the CyberArk Core Privileged Access Security Solution. Attendees in this session will learn about the business problem that Alero aims to solve, how Alero works, and what are the main benefits of using Alero.

Managing the Account Lifecycle

Training Session | Introduction to Privileged Access Management

In this session attendees will learn how to use the accounts discovery features of CyberArk and the RestAPI to manage a privileged account throughout its entire lifecycle.

PSM Suite Overview

Training Session | Introduction to Privileged Access Management

In this session attendees looking to add Privileged Session Manager (PSM) to their CyberArk deployments will learn about the three flavors of PSM, their security benefits, and their effects on user workflows. The session will cover use cases to detect, alert, and respond to attacks involving privileged access.

PTA Overview

Training Session | Introduction to Privileged Access Management

In this session, attendees that are interested in introducing additional controls to their Privileged Access Security program will gain a deeper technical understanding of Privileged Threat Analytics (PTA).

Configuring Just-In-Time Access

Training Session | Product and Solution Best Practices

In this session attendees will learn about using the ad hoc access features of Core PAS to create just-in-time access for administrators.

Enforcing Least Privilege with EPM

Training Session | Product and Solution Best Practices

In this session attendees will learn how to use Endpoint Privilege Manager (EPM) to reduce the number of users requiring administrative privileged on their workstations.

Preventing Ransomware and Credential Theft with EPM

Training Session | Product and Solution Best Practices

In this session attendees will learn how to use Endpoint Privilege Manager (EPM) to protect against credential theft, ransomware and additional advanced protections like restricting application access. The session will cover, among other things, how EPM can be leveraged to prevent ransomware attacks. It will also introduce Privilege Deception – a new layer of protection.

Getting Started with the RestAPI

Training Session | Secure Automation and Digital Transformation

In this session attendees will learn how to begin taking advantage of the CyberArk RestAPI.

Securing In-House Applications with AAM

Training Session | Secure Automation and Digital Transformation

In this session attendees will learn about the Application Access Manager (AAM) Credential Provider, Central Credential Provider, and Application Security Credential Provider’s capabilities to secure credentials used by third-party applications.

Tuesday, July 21

4:00 PM

CyberArk Vision & Strategy

Keynote Session

Udi Mokady – Founder, Chairman & CEO

4:40 PM

Identity Security Vision

Keynote Session

Chen Bitan – General Manager Israel, Chief Product Officer
Archit Lohokare – VP Product Management

5:00 PM

Securing Privileged Access in a Hybrid World

Keynote Session

Karen Eldor- VP Product Management
Yair Sade – VP Product Management

5:20 PM

Securing the Remote Workforce in the New Norm

Keynote Session

Archit Lohokare – VP Product Management
Gil Rapaport – Head of Alero Business Unit

5:40 PM

C3 Alliance: Identity Security is a Team Game

Keynote Session

Adam Bosnian – EVP, Global Business Development

Wednesday, July 22

11:00 AM

Identity Assurance with Adaptive MFA

Breakout Session | Explore CyberArk SaaS Solutions

Compromised credentials are one of the most commonly used methods in gaining unauthorized access to apps and data. That’s why organizations implement Multi-factor Authentication (MFA) to prevent account takeovers. However, MFA is still not mandated in the vast majority of companies. The underlying reason is simply because admins just don’t want to bother their users with it. But there are ways to make secondary authentication painless and keep organizations secure. In this session, we’ll cover the differences between the “always-on” and “risk-based” MFA solutions and suggest steps companies can take to accelerate the adoption of MFA without sacrificing user experience.

Attack and Defend Live

Breakout Session | Defend Against Sophisticated Attacks

In this live attack and defend series, our Red and Blue teams go head-to-head to show both basic and advanced attacks that gain access to the “crown jewels.” Learn about some of the foundational controls you should be leveraging to develop strong defense and security from a myriad of different attacks.

12:00 PM

Identity Management with Modern Single Sign-On

Breakout Session | Explore CyberArk SaaS Solutions

Single Sign-On (SSO) is an effective way to manage your employee, customer, and partner identities. With SSO, users leverage a single set of credentials to access applications, endpoints and systems. This enables organizations to lower the risk of poor password practices, increase user productivity and eliminate IT overhead. However, not all SSO solutions are created equal, and choosing the right one can be a challenging process. For example, large organizations that leverage Active Directory with multiple domains must consider how well an SSO solution integrates with their existing directory infrastructure. At the same time, smaller IT teams might need to focus on solutions’ self-service capabilities to reduce the volume of help desk requests. In this session, we will discuss the key considerations that will help you to select the best SSO for your organization.

Managing PAM as-a-Service versus Traditional On-Premises

Breakout Session | Introduction to Privileged Access Management

Privileged Access Management (PAM) as a Service could be a big improvement for organizations that don’t have resources to deploy and maintain an on-premises PAM solution. And while some organizations either prefer, or have strict mandates that require critical security solutions to remain with the confines of the four walls of their data center, PAM as a Service is a good way for organizations to get a foundational security solution up and running faster and easier than ever, all in a cost-effective manner. In this technical session, we will present some of the key differences between the two consumption models, to better educate you in the early stages of considering a PAM program.

1:00 PM

Building a Secure Source of Truth to Automate Identity Lifecycle Management

Breakout Session | Explore CyberArk SaaS Solutions

Many organizations struggle to manage a growing number of identities in the workplace. User identities are stored in multiple disconnected directories, attributes are formatted inconsistently, and user data is often out of sync. This is a challenge for IT teams who need to have a single and secure source of truth to automate onboarding processes, dynamically update access with role changes, and prevent unauthorized access when employees leave the organization. In this session, you will learn how Idaptive Directory Services (including the Idaptive Cloud Directory) can integrate with your existing identity infrastructure to become your single source of truth for digital identities, without replicating or synchronizing data into yet another directory. You will also hear how Idaptive Lifecycle Management can help you automate your HR processes, simplify access provisioning, and ensure that the right access is granted at every stage of your employees’ lifecycle.

Secure Access for Remote Users and Protect Critical Systems

Breakout Session | Explore CyberArk SaaS Solutions

Remote access has been on the rise – consider all of the recent events and trends that have led to a rise in the remote workforce. In addition to the proliferation of remote vendors, remote employees may require access to corporate servers, customer data, email, databases and other cloud-based applications from their laptops or mobile devices without directly connecting to the internal company network.

Business continuity must also account for situations that may require organizations to provide remote workers with controlled access to critical systems. Having manual and/or patchwork processes in place can dramatically increase risk as well as cause operational headaches for end-users and security practitioners alike. With a Privileged Access Management (PAM) program in place, organizations can properly mitigate risks.

On-Demand Sessions

ON DEMAND

Breaking the Cloud Using Five Different Methods

Breakout Session | Defend Against Sophisticated Attacks

Cloud environments exist everywhere. This in turn means that attackers are super motivated in finding ways to penetrate organizations’ cloud infrastructure. In this session, we will present findings from the CyberArk Labs team, demonstrate five attack techniques, and highlight fundamental considerations such as:
1. How attackers can steal cloud credentials from endpoints, code and cloud VMs
2. How intruders can compromise cloud users with only a few permissions, but still succeed to escalate their permissions and become full admins
3. How to target SSO and IAM solutions that many organizations use for integrating their on-prem network to the cloud

The World of Credential Theft Malware

Breakout Session | Defend Against Sophisticated Attacks

Welcome to the world of credential theft malware, where attackers can steal your privileged credentials through a wide variety of techniques. The use of malware is one of the most popular and easiest ways attackers steal credentials. Attend this session to gain a better understanding of the different types and strains of credential theft malware, how each type operates and practical methods on how to defend against this threat.

CyberArk Privilege Cloud: An Introduction to CyberArk's PAM as-a-Service Solution

Breakout Session | Explore CyberArk SaaS Solutions

As businesses continue to undergo digital transformations, finding security solutions that minimize on-premises infrastructure, reduce time to value and secure critical resources is of the utmost importance. Attend this session as we showcase CyberArk Privilege Cloud, the as-a-Service offering from the #1 leader in Privileged Access Management. We will be covering the back-end architecture, use cases of securing privileged accounts and credentials, as well as the Guided Success Plan; a repeatable 3 step process that you can use to plan, deploy and scale your Privilege Cloud solution.

Securing Endpoints for SaaS-first Organizations

Breakout Session | Explore CyberArk SaaS Solutions

In recent months, organizations both large and small have been forced to adjust to remote work, adding many new endpoints that need to be secured and managed. Opportunistic cyber attackers are making moves. In this session that targets organizations with a SaaS-first strategy, we will dive deep on how to add a fundamental building block to your endpoint security program, regardless of their location to prevent and block attacks that originate on the endpoint.

PAS Administration for Beginners

Training Session | Explore CyberArk SaaS Solutions

In this session attendees will get introduced to the various administration tools, configuration files, and log files, that are an essential part of any vault administrators’ day-to-day responsibilities.

Introduction to Alero

Training Session | Explore CyberArk SaaS Solutions

In this session attendees will gain a deeper understanding of CyberArk Alero, a new SaaS based service that combines Zero Trust access, biometric authentication and seamless just-in-time provisioning for remote vendors and company users connecting to the CyberArk Core Privileged Access Security Solution. Attendees in this session will learn about the business problem that Alero aims to solve, how Alero works, and what are the main benefits of using Alero.

PAM 101: Learn the Basics

Breakout Session | Introduction to Privileged Access Management

Why is privileged access so important? Why are attackers inside and outside the enterprise zeroing in on privileged accounts? What can you do to protect your organization? These are the questions that we will be addressing in this introduction to privileged access management session. Understand the basics to better mitigate the risk of malicious insiders or external attackers from gaining access to the heart of the enterprise; and learn the foundational elements within the CyberArk solution to address this challenge.

PAM 101: Core Basics of a Successful Privileged Access Management Program

Breakout Session | Introduction to Privileged Access Management

For a successful Privileged Access Management (PAM) program, organizations need more than just a tool. They need strategic guidance across people, process, and technology domains from industry experts with years of experience, breach and best practice know how – and – a proven track record of success. Join our CyberArk experts as we review 3 guiding principles that are critical to mitigating risk: prevent credential theft, stop lateral and vertical movement and limit privilege escalation and abuse.

Enabling Your Business – A Customer’s Journey Through Privileged Access Management

Customer Case Study | Introduction to Privileged Access Management

Experience the journey through a Privileged Access Management (PAM) program, as it enables business capabilities, drives efficiencies and reduces risk.  Attend this session if you are an IAM leader or an executive interested in understanding how  PAM can positively impact your organization, complement your enterprise risk framework, and align to your overall cybersecurity strategy.  Gain insights into PAM experiences through the eyes of a consumer.

Managing the Account Lifecycle

Training Session | Introduction to Privileged Access Management

In this session attendees will learn how to use the accounts discovery features of CyberArk and the RestAPI to manage a privileged account throughout its entire lifecycle.

PSM Suite Overview

Training Session | Introduction to Privileged Access Management

In this session attendees looking to add Privileged Session Manager (PSM) to their CyberArk deployments will learn about the three flavors of PSM, their security benefits, and their effects on user workflows. The session will cover use cases to detect, alert, and respond to attacks involving privileged access.

PTA Overview

Training Session | Introduction to Privileged Access Management

In this session, attendees that are interested in introducing additional controls to their Privileged Access Security program will gain a deeper technical understanding of Privileged Threat Analytics (PTA).

Forrester- Top Trends Shaping IAM In 2020

Analyst Session | Introduction to Privileged Access Management

This session featuring Forrester Research Sr. Analyst Sean Ryan highlights the top trends influencing identity and access management (IAM), including enterprise and customer IAM as well as access management and governance. Featured topics:

  • Multifactor authentication
  • Identity management and governance
  • Privileged identity management for DevOps and business users
  • Just-in-Time access controls

Practical Workstation Protection: Best Practices

Breakout Session | Product and Solution Best Practices

Workstation targeted attacks revolve around privilege, whether they are Windows-based or MacOS ones. As attackers aim for a foothold in your organization, they’re looking to steal credentials, manipulate applications, and move laterally across the network. In this session we will share best practices for protecting your organization from these advanced attacks, and showcase practical ways to implement the principal of least privilege across all of your Windows and Mac workstations.

Remote Risk: Best Practices: Securing Remote Vendor Access

Breakout Session | Product and Solution Best Practices

Remote vendors have authorized access to networks, allowing them to change, alter or impact the operational service of the target organization – this is why they’re so often targeted by attackers. Learn about CyberArk Alero, a new SaaS offering from CyberArk that helps organizations to not only secure, but manage proper access from third parties to critical internal resources. In this session we will be covering recent notable breaches that involve remote vendor access, walk through high and low level architectures, perform a live product demonstration and much more!

Native Access for Privileged Session Management: UX is King

Breakout Session | Product and Solution Best Practices

A positive end user experience is top priority when trying to implement any security solution. Attend this session to understand all the various flavors of CyberArk’s Core Privileged Access Security Solution’s session management capabilities. See how CyberArk is enabling users to leverage the tools they’re most familiar with, while securing critical infrastructure with CyberArk’s industry leading solution.

Access Control and Linux: Best Practices for Risk Reduction and Accountability

Breakout Session | Product and Solution Best Practices

Extending the principle of least privilege to your Linux distributions is critical in today’s modernized environments. Modern infrastructure and the use of containers has become a practice adopted by most every organization both large and small. Attend this session and learn how to centrally manage and enforce granular access controls and establish superuser accountability, provide a full audit trail and recording of all privileged access activity on all of your Linux systems.

Configuring Just-In-Time Access

Training Session | Product and Solution Best Practices

In this session attendees will learn about using the ad hoc access features of Core PAS to create just-in-time access for administrators.

Enforcing Least Privilege with EPM

Training Session | Product and Solution Best Practices

In this session attendees will learn how to use Endpoint Privilege Manager (EPM) to reduce the number of users requiring administrative privileged on their workstations.

Preventing Ransomware and Credential Theft with EPM

Training Session | Product and Solution Best Practices

In this session attendees will learn how to use Endpoint Privilege Manager (EPM) to protect against credential theft, ransomware and additional advanced protections like restricting application access. The session will cover, among other things, how EPM can be leveraged to prevent ransomware attacks. It will also introduce Privilege Deception – a new layer of protection.

Uncovering the True Impact of Digital Transformation with CyberArk

Breakout Session | Secure Automation and Digital Transformation

Many organizations are already executing on their digital transformation and cloud strategies. During this session, we will highlight how developers can secure both the human’s credentials used to access developer tools and cloud admin consoles, as well as the credentials used by applications and other non-human identities. Additionally, we will dive deep into the processes and tools that help your organization manage these challenges.

Renegade Robots: The CISOs Take on Securing Robotic Process Automation

Breakout Session | Secure Automation and Digital Transformation

Robotic Process Automation (RPA) is rapidly being adopted. What could go wrong with a fleet of robots that have high levels of access across multiple sensitive business processes? In this session we will be presenting the key findings and recommendations from industry leading CISOs involved in a research study on securing RPA. Hear how attackers from inside and out can attempt to exploit privileged access in RPA systems. Learn how leading organizations are mitigating the risks.

A Hole in The Ship: Attacking Kubernetes Cluster

Breakout Session | Secure Automation and Digital Transformation

As Kubernetes increases in adoption it is inevitable that more clusters will come under attack to compromise specific applications, or simply to gain access to resources for things such as crypto-coin mining. In this session we will cover a number of different attacks on Kubernetes clusters. We will start with a little history on some of the more well known Kubernetes vulnerabilities. We will then highlight how easy it is to perform reconnaissance on Kubernetes, exploit RBAC permissions, as well as cover other different attacks that will compromise the cluster.

CI/CD and Development Environments – The Achilles Heel That Attackers Are Exploiting

Breakout Session | Secure Automation and Digital Transformation

With widely used tools such as Jenkins and Ansible becoming Tier 0 assets, it’s no surprise development environments are becoming an increasingly important priority for security teams. In this session you’ll learn how to leverage Application Access Manager and other CyberArk solutions, from Core PAS to innovations such as Secretless Broker and open source, to secure secrets and application credentials. The session will focus on solutions for securing application portfolios, containerized environments, and automation tools. In addition, we will look at the challenges and best practices for working with developers to implement secure best practices across DevOps and other development environments.

Getting Started with the RestAPI

Training Session | Secure Automation and Digital Transformation

In this session attendees will learn how to begin taking advantage of the CyberArk RestAPI.

Securing In-House Applications with AAM

Training Session | Secure Automation and Digital Transformation

In this session attendees will learn about the Application Access Manager (AAM) Credential Provider, Central Credential Provider, and Application Security Credential Provider’s capabilities to secure credentials used by third-party applications.

Optimize PAM Operations with PowerShell and Automation

Customer Case Study | Secure Automation and Digital Transformation

In this session, attendees will discover practical recommendations for automating and maintaining CyberArk systems. Learn about commands which can be used in stand-alone scripts, or interactively at the command line, and will save you time and effort in delivering high quality PAM operations and administration to your organization.

PwC

Sponsor Session

KPMG

Sponsor Session

Optiv: A Zero Trust Journey: What are the Building Blocks?

Sponsor Session

Zero Trust can transform your companies security as organizations migrate to a universal platform – a result of digital transformation and the cloud. Knowing where to start, however, and how to get to a fully mature Zero Trust framework can be challenging. Join Optiv’s Jerry W. Chapman, Technical Director for Digital Identity and Data Management, to discuss what are the key building blocks to methodically achieve full Zero Trust and optimal security while adapting to an evolving infrastructure.

Wednesday, July 22

11:00 AM

CyberArk Vision & Strategy

Keynote Session

Udi Mokady – Founder, Chairman & CEO

11:40 AM

Identity Security Vision

Keynote Session

Chen Bitan – General Manager Israel, Chief Product Officer
Archit Lohokare – VP Product Management

12:00 PM

Securing Privileged Access in a Hybrid World

Keynote Session

Karen Eldor – VP Product Management
Yair Sade – VP Product Management

12:20 PM

Securing the Remote Workforce in the New Norm

Keynote Session

Archit Lohokare – VP Product Management
Gil Rapaport – Head of Alero Business Unit

12:40 PM

C3 Alliance: Identity Security is a Team Game

Keynote Session

Adam Bosnian – EVP, Global Business Development

1:00 PM

CyberArk Privilege Cloud: An Introduction to CyberArk's PAM as-a-Service Solution

Breakout Session | Explore CyberArk SaaS Solutions

As businesses continue to undergo digital transformations, finding security solutions that minimize on-premises infrastructure, reduce time to value and secure critical resources is of the utmost importance. Attend this session as we showcase CyberArk Privilege Cloud, the as-a-Service offering from the #1 leader in Privileged Access Management. We will be covering the back-end architecture, use cases of securing privileged accounts and credentials, as well as the Guided Success Plan; a repeatable 3 step process that you can use to plan, deploy and scale your Privilege Cloud solution.

Uncovering the True Impact of Digital Transformation with CyberArk

Breakout Session | Secure Automation and Digital Transformation

Many organizations are already executing on their digital transformation and cloud strategies. During this session, we will highlight how developers can secure both the human’s credentials used to access developer tools and cloud admin consoles, as well as the credentials used by applications and other non-human identities. Additionally, we will dive deep into the processes and tools that help your organization manage these challenges.

PAM 101: Learn the Basics

Breakout Session | Introduction to Privileged Access Management

Why is privileged access so important? Why are attackers inside and outside the enterprise zeroing in on privileged accounts? What can you do to protect your organization? These are the questions that we will be addressing in this introduction to privileged access management session. Understand the basics to better mitigate the risk of malicious insiders or external attackers from gaining access to the heart of the enterprise; and learn the foundational elements within the CyberArk solution to address this challenge.

2:00 PM

PAM 101: Core Basics of a Successful Privileged Access Management Program

Breakout Session | Introduction to Privileged Access Management

For a successful Privileged Access Management (PAM) program, organizations need more than just a tool. They need strategic guidance across people, process, and technology domains from industry experts with years of experience, breach and best practice know how – and – a proven track record of success. Join our CyberArk experts as we review 3 guiding principles that are critical to mitigating risk: prevent credential theft, stop lateral and vertical movement and limit privilege escalation and abuse.

Identity Assurance with Adaptive MFA

Breakout Session | Explore CyberArk SaaS Solutions

Compromised credentials are one of the most commonly used methods in gaining unauthorized access to apps and data. That’s why organizations implement Multi-factor Authentication (MFA) to prevent account takeovers. However, MFA is still not mandated in the vast majority of companies. The underlying reason is simply because admins just don’t want to bother their users with it. But there are ways to make secondary authentication painless and keep organizations secure. In this session, we’ll cover the differences between the “always-on” and “risk-based” MFA solutions and suggest steps companies can take to accelerate the adoption of MFA without sacrificing user experience.

Practical Workstation Protection: Best Practices

Breakout Session | Product and Solution Best Practices

Workstation targeted attacks revolve around privilege, whether they are Windows-based or MacOS ones. As attackers aim for a foothold in your organization, they’re looking to steal credentials, manipulate applications, and move laterally across the network. In this session we will share best practices for protecting your organization from these advanced attacks, and showcase practical ways to implement the principal of least privilege across all of your Windows and Mac workstations.

3:00 PM

Identity Management with Modern Single Sign-On

Breakout Session | Explore CyberArk SaaS Solutions

Single Sign-On (SSO) is an effective way to manage your employee, customer, and partner identities. With SSO, users leverage a single set of credentials to access applications, endpoints and systems. This enables organizations to lower the risk of poor password practices, increase user productivity and eliminate IT overhead. However, not all SSO solutions are created equal, and choosing the right one can be a challenging process. For example, large organizations that leverage Active Directory with multiple domains must consider how well an SSO solution integrates with their existing directory infrastructure. At the same time, smaller IT teams might need to focus on solutions’ self-service capabilities to reduce the volume of help desk requests. In this session, we will discuss the key considerations that will help you to select the best SSO for your organization.

Renegade Robots: The CISOs Take on Securing Robotic Process Automation

Breakout Session | Secure Automation and Digital Transformation

Robotic Process Automation (RPA) is rapidly being adopted. What could go wrong with a fleet of robots that have high levels of access across multiple sensitive business processes? In this session we will be presenting the key findings and recommendations from industry leading CISOs involved in a research study on securing RPA. Hear how attackers from inside and out can attempt to exploit privileged access in RPA systems. Learn how leading organizations are mitigating the risks.

Remote Risk: Best Practices: Securing Remote Vendor Access

Breakout Session | Product and Solution Best Practices

Remote vendors have authorized access to networks, allowing them to change, alter or impact the operational service of the target organization – this is why they’re so often targeted by attackers. Learn about CyberArk Alero, a new SaaS offering from CyberArk that helps organizations to not only secure, but manage proper access from third parties to critical internal resources. In this session we will be covering recent notable breaches that involve remote vendor access, walk through high and low level architectures, perform a live product demonstration and much more!

Thursday, July 23

11:00 AM

Building a Secure Source of Truth to Automate Identity Lifecycle Management

Breakout Session | Explore CyberArk SaaS Solutions

Many organizations struggle to manage a growing number of identities in the workplace. User identities are stored in multiple disconnected directories, attributes are formatted inconsistently, and user data is often out of sync. This is a challenge for IT teams who need to have a single and secure source of truth to automate onboarding processes, dynamically update access with role changes, and prevent unauthorized access when employees leave the organization. In this session, you will learn how Idaptive Directory Services (including the Idaptive Cloud Directory) can integrate with your existing identity infrastructure to become your single source of truth for digital identities, without replicating or synchronizing data into yet another directory. You will also hear how Idaptive Lifecycle Management can help you automate your HR processes, simplify access provisioning, and ensure that the right access is granted at every stage of your employees’ lifecycle.

Managing PAM as-a-Service versus Traditional On-Premises

Breakout Session | Introduction to Privileged Access Management

Privileged Access Management (PAM) as a Service could be a big improvement for organizations that don’t have resources to deploy and maintain an on-premises PAM solution. And while some organizations either prefer, or have strict mandates that require critical security solutions to remain with the confines of the four walls of their data center, PAM as a Service is a good way for organizations to get a foundational security solution up and running faster and easier than ever, all in a cost-effective manner. In this technical session, we will present some of the key differences between the two consumption models, to better educate you in the early stages of considering a PAM program.

12:00 PM

Securing Endpoints for SaaS-first Organizations

Breakout Session | Explore CyberArk SaaS Solutions

In recent months, organizations both large and small have been forced to adjust to remote work, adding many new endpoints that need to be secured and managed. Opportunistic cyber attackers are making moves. In this session that targets organizations with a SaaS-first strategy, we will dive deep on how to add a fundamental building block to your endpoint security program, regardless of their location to prevent and block attacks that originate on the endpoint.

Native Access for Privileged Session Management: UX is King

Breakout Session | Product and Solution Best Practices

A positive end user experience is top priority when trying to implement any security solution. Attend this session to understand all the various flavors of CyberArk’s Core Privileged Access Security Solution’s session management capabilities. See how CyberArk is enabling users to leverage the tools they’re most familiar with, while securing critical infrastructure with CyberArk’s industry leading solution.

CI/CD and Development Environments – The Achilles Heel That Attackers Are Exploiting

Breakout Session | Secure Automation and Digital Transformation

With widely used tools such as Jenkins and Ansible becoming Tier 0 assets, it’s no surprise development environments are becoming an increasingly important priority for security teams. In this session you’ll learn how to leverage Application Access Manager and other CyberArk solutions, from Core PAS to innovations such as Secretless Broker and open source, to secure secrets and application credentials. The session will focus on solutions for securing application portfolios, containerized environments, and automation tools. In addition, we will look at the challenges and best practices for working with developers to implement secure best practices across DevOps and other development environments.

1:00 PM

Secure Access for Remote Users and Protect Critical Systems

Breakout Session | Explore CyberArk SaaS Solutions

Remote access has been on the rise – consider all of the recent events and trends that have led to a rise in the remote workforce. In addition to the proliferation of remote vendors, remote employees may require access to corporate servers, customer data, email, databases and other cloud-based applications from their laptops or mobile devices without directly connecting to the internal company network.

Business continuity must also account for situations that may require organizations to provide remote workers with controlled access to critical systems. Having manual and/or patchwork processes in place can dramatically increase risk as well as cause operational headaches for end-users and security practitioners alike. With a Privileged Access Management (PAM) program in place, organizations can properly mitigate risks.

Access Control and Linux: Best Practices for Risk Reduction and Accountability

Breakout Session | Product and Solution Best Practices

Extending the principle of least privilege to your Linux distributions is critical in today’s modernized environments. Modern infrastructure and the use of containers has become a practice adopted by most every organization both large and small. Attend this session and learn how to centrally manage and enforce granular access controls and establish superuser accountability, provide a full audit trail and recording of all privileged access activity on all of your Linux systems.

On-Demand Sessions

ON DEMAND

The World of Credential Theft Malware

Breakout Session | Defend Against Sophisticated Attacks

Welcome to the world of credential theft malware, where attackers can steal your privileged credentials through a wide variety of techniques. The use of malware is one of the most popular and easiest ways attackers steal credentials. Attend this session to gain a better understanding of the different types and strains of credential theft malware, how each type operates and practical methods on how to defend against this threat.

Attack and Defend Live

Breakout Session | Defend Against Sophisticated Attacks

In this live attack and defend series, our Red and Blue teams go head-to-head to show both basic and advanced attacks that gain access to the “crown jewels.” Learn about some of the foundational controls you should be leveraging to develop strong defense and security from a myriad of different attacks.

Breaking the Cloud Using Five Different Methods

Breakout Session | Defend Against Sophisticated Attacks

Cloud environments exist everywhere. This in turn means that attackers are super motivated in finding ways to penetrate organizations’ cloud infrastructure. In this session, we will present findings from the CyberArk Labs team, demonstrate five attack techniques, and highlight fundamental considerations such as:
1. How attackers can steal cloud credentials from endpoints, code and cloud VMs
2. How intruders can compromise cloud users with only a few permissions, but still succeed to escalate their permissions and become full admins
3. How to target SSO and IAM solutions that many organizations use for integrating their on-prem network to the cloud

PAS Administration for Beginners

Training Session | Explore CyberArk SaaS Solutions

In this session attendees will get introduced to the various administration tools, configuration files, and log files, that are an essential part of any vault administrators’ day-to-day responsibilities.

Introduction to Alero

Training Session | Explore CyberArk SaaS Solutions

In this session attendees will gain a deeper understanding of CyberArk Alero, a new SaaS based service that combines Zero Trust access, biometric authentication and seamless just-in-time provisioning for remote vendors and company users connecting to the CyberArk Core Privileged Access Security Solution. Attendees in this session will learn about the business problem that Alero aims to solve, how Alero works, and what are the main benefits of using Alero.

Enabling Your Business – A Customer’s Journey Through Privileged Access Management

Customer Case Study | Introduction to Privileged Access Management

Experience the journey through a Privileged Access Management (PAM) program, as it enables business capabilities, drives efficiencies and reduces risk.  Attend this session if you are an IAM leader or an executive interested in understanding how  PAM can positively impact your organization, complement your enterprise risk framework, and align to your overall cybersecurity strategy.  Gain insights into PAM experiences through the eyes of a consumer.

Managing the Account Lifecycle

Training Session | Introduction to Privileged Access Management

In this session attendees will learn how to use the accounts discovery features of CyberArk and the RestAPI to manage a privileged account throughout its entire lifecycle.

PSM Suite Overview

Training Session | Introduction to Privileged Access Management

In this session attendees looking to add Privileged Session Manager (PSM) to their CyberArk deployments will learn about the three flavors of PSM, their security benefits, and their effects on user workflows. The session will cover use cases to detect, alert, and respond to attacks involving privileged access.

PTA Overview

Training Session | Introduction to Privileged Access Management

In this session, attendees that are interested in introducing additional controls to their Privileged Access Security program will gain a deeper technical understanding of Privileged Threat Analytics (PTA).

Forrester- Top Trends Shaping IAM In 2020

Analyst Session | Introduction to Privileged Access Management

This session featuring Forrester Research Sr. Analyst Sean Ryan highlights the top trends influencing identity and access management (IAM), including enterprise and customer IAM as well as access management and governance. Featured topics:

  • Multifactor authentication
  • Identity management and governance
  • Privileged identity management for DevOps and business users
  • Just-in-Time access controls

Configuring Just-In-Time Access

Training Session | Product and Solution Best Practices

In this session attendees will learn about using the ad hoc access features of Core PAS to create just-in-time access for administrators.

Enforcing Least Privilege with EPM

Training Session | Product and Solution Best Practices

In this session attendees will learn how to use Endpoint Privilege Manager (EPM) to reduce the number of users requiring administrative privileged on their workstations.

Preventing Ransomware and Credential Theft with EPM

Training Session | Product and Solution Best Practices

In this session attendees will learn how to use Endpoint Privilege Manager (EPM) to protect against credential theft, ransomware and additional advanced protections like restricting application access. The session will cover, among other things, how EPM can be leveraged to prevent ransomware attacks. It will also introduce Privilege Deception – a new layer of protection.

A Hole in The Ship: Attacking Kubernetes Cluster

Breakout Session | Secure Automation and Digital Transformation

As Kubernetes increases in adoption it is inevitable that more clusters will come under attack to compromise specific applications, or simply to gain access to resources for things such as crypto-coin mining. In this session we will cover a number of different attacks on Kubernetes clusters. We will start with a little history on some of the more well known Kubernetes vulnerabilities. We will then highlight how easy it is to perform reconnaissance on Kubernetes, exploit RBAC permissions, as well as cover other different attacks that will compromise the cluster.

Getting Started with the RestAPI

Training Session | Secure Automation and Digital Transformation

In this session attendees will learn how to begin taking advantage of the CyberArk RestAPI.

Securing In-House Applications with AAM

Training Session | Secure Automation and Digital Transformation

In this session attendees will learn about the Application Access Manager (AAM) Credential Provider, Central Credential Provider, and Application Security Credential Provider’s capabilities to secure credentials used by third-party applications.

Optimize PAM Operations with PowerShell and Automation

Customer Case Study | Secure Automation and Digital Transformation

In this session, attendees will discover practical recommendations for automating and maintaining CyberArk systems. Learn about commands which can be used in stand-alone scripts, or interactively at the command line, and will save you time and effort in delivering high quality PAM operations and administration to your organization.

PwC

Sponsor Session

KPMG

Sponsor Session

Optiv: A Zero Trust Journey: What are the Building Blocks?

Sponsor Session

Zero Trust can transform your companies security as organizations migrate to a universal platform – a result of digital transformation and the cloud. Knowing where to start, however, and how to get to a fully mature Zero Trust framework can be challenging. Join Optiv’s Jerry W. Chapman, Technical Director for Digital Identity and Data Management, to discuss what are the key building blocks to methodically achieve full Zero Trust and optimal security while adapting to an evolving infrastructure.

STAY IN TOUCH

STAY IN TOUCH!

Keep up-to-date on security best practices, events and webinars.