RSA Conference Brochure 2008

Ways to protEct corporatE assEts froM intrusion thursday, april 10 8:00 a.m. – 8:50 a.m. DEF-301 friday, april 11 9:00 a.m. – 9:50 a.m. DEF-401 (S ) A Journey Through Security Visualization Raffael Marty | Chief Security Strategist, Splunk Alain Mayer | Chief Technology Officer, RedSeal (S) Web Malware: The Browser is the New Security Perimeter Doug Camplejohn | CEO, Mi5 Networks This presentation will explore different visualization paradigms for different aspects of security. The objective is to find the most appropriate means to visualize large amounts of security data (log, vulnerability, network configuration, etc.) to quickly expose important actionable issues. 9:10 a.m. – 10:20 a.m. DEF-302 Seeking the path of least resistance into enterprise networks, criminals have shifted their attack vector to the web browser. This session will discuss the most common forms of web-based malware and how they are able to circumvent traditional network security measures including firewalls, proxies, intrusion preventions systems and desktop anti-virus and anti-spyware software. 10:05 a.m. – 10:55 a.m. DEF-402 EntErprisE dEfEnsE (T2) industry leaders Debate the Future of Network Access Control MODERATOR: Lawrence Orans | Research Director, Gartner PANELISTS: Khaja Ahmed | Architect - Windows Networking Security, Microsoft Corporation Steve Hanna | Distinguished Engineer, Juniper Networks; Co-Chair, Trusted Network Connect Work Group, Trusted Computing Group Russell Rice | Director of Product Management, Cisco Systems, Inc. (T) VoiP Sentry: Self-Healing Communications Navjot Singh | Senior Research Scientist, Avaya Labs Cisco, Microsoft and the Trusted Computing Group will debate the pros and cons of their network access control (NAC) solutions. Cisco advocates a hardware-centric approach. Microsoft and the TCG are promoting a software-centric approach. Microsoft and Cisco have also pledged interoperability. This Gartner-moderated panel will analyze the leading NAC architectures and overall market dynamics. 10:40 a.m. – 11:50 a.m. DEF-303 This presentation will demonstrate the need to provide end-to-end security to adequately protect the VoIP communication systems from malicious users and SIP application layer attacks. The self-healing communication architecture will show three main components that are needed to provide automatic detection and protection against such attacks. 11:10 a.m. – 12:00 p.m. DEF-403 (S) Delivering an integrated, Efficient Data Protection Controls implementation Christopher Dunning | Director, IS, Staples Ed Kelliher | Senior Information Security Consultant, Staples (S ) Developing Best Practices in log (Event) Management: real-World Experiences MODERATOR: Laura Robinson | Principal, Robinson Insight PANELISTS: Jim Alsop | Vice President-Security & Privacy Service Line, EDS Chad Mead | Global Head of Infrastructure Security, JPMorgan Chase David Nathans | Security Manager, TJX Matt Stevens | CTO, Information and Event Management Group, RSA, The Security Division of EMC Inadequate log (event) management is one of the top five reasons enterprises get hacked or fail compliance audits. But it’s tough. Massive data volumes, low-and-slow attacks and stricter regulations are some of the challenges. Seasoned security experts will devise a strategy for developing best practices, including policies, procedures and technology. Corporate data protection controls implementations are typically diffuse and disorganized, lacking any “backbone” methodology that would provide a clear, consistent direction. The result is an expensive patchwork of piecemeal, encryption-centric controls cobbled together. This session solves this business problem, providing the audience a practical, seamless data protection controls framework. Sessions and speakers are subject to change without notice. Track sponsored by: sEssion codE AUTH - 303 Track Code Timeslot Code Day Code WWW.rsaconfErEncE.coM/2008/us 27 http://WWW.RSACONFERENCE.COM/2008/US

Table of Contents Feed for the Digital Edition of RSA Conference Brochure 2008

Table of Contents Who Should Attend & Why Keynote Speakers Agenda At-A-Glance Session Classification Special Events & Activities Connect & Network Highlights 1-Day Pre-Conference Tutorials 2-Day Pre-Conference Tutorials Tracks & Sessions Authentication Consumer Protection Business Trends & Impact Case Studies Cryptographers Deployment Strategies Developing with Security Enterprise Defense Hackers & Threats 1 Hackers & Threats 2 Identity & Access Management Industry Experts Law & Liability Policy & Government Professional Development Security-Oriented Architecture Standards Wireless Sponsor Sessions List of Exhibitors Registration Information Sponsors

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.