Although the RSA conference is not hosted by Microsoft, the company used the five-day event to present its vision for the future of digital security.
Held this year at the Moscone Center in San Francisco, RSA Conference 2022 hosted over 600 speakers and more than 400 exhibitors, as well as countless industry sessions and networking events. Microsoft attended this year’s RSA conference with its own executives and security experts to offer event guests the opportunity to gain hands-on experience through more than 20 Microsoft-led sessions and explore the latest enterprise solutions, including Microsoft Entra and Sentinel , and defender experts for hunting.
Vasy Jakkal, Microsoft’s CVP of Security, Compliance, Identity and Management, kicked off the company’s participation with a keynote speech on the future of cybersecurity, followed by CVP and CISO Bret Arsenault, who delivered a special fireside chat on managing the concept of shadow IT along with CVP of Identity held and access to Joy Chik.
Aside from keynote speeches and fireside chats, attendees were able to take part in immersive art installations as well as take home some goodies from Microsoft’s infamous swag bar. For anyone who couldn’t make it to Microsoft’s huge North Expo booth, which hosted over 40 sessions featuring several of the security solutions featured, such as Defender, Sentinel, Pureview, Priva, Entra, and Endpoint Manager, at least 20 sessions were held elsewhere during the conference.
Microsoft has highlighted the following as some of its “standout sessions” during RSA 2022.
Practical insights for threat hunting and improving your security posture: This 50-minute session, moderated by Jessica Payne, Principal Security Researcher and Threat Intelligence Strategist at Microsoft, and Simon Dyson, Cyber Security Operations Center Lead at NHS Digital’s Data Security Center, looked at threat hunting and improvement the security posture from a threat intelligence-based perspective. Attendees gained insights into Jessica’s experience in demystifying and mitigating real-world ransomware attacks. They were also given a first-hand account of Simon’s work securing the complex network maintained by England’s National Health Service (NHS) during the pandemic and how his team’s experience can benefit us all.
Conti Playbook: Infiltrate the Most Profitable Ransomware Gang: Attendees learned how a disgruntled partner exposed one of the most notorious ransomware gangs and shared their ransomware-as-a-service (RaaS) secrets in order to take it down. This immersive, hands-on workshop walked attendees through a typical Conti attack sequence and provided tips for defending against advanced persistent threats. Many thanks to Tom D’Aquino, Fabien Guillot and Arpan Sarkar from Microsoft partner Vectra AI for this presentation.
Microsoft Defender hunting experts have your back: Abhishek Agarwal, Chief Security and Technology Officer at Helix Biotech, examined threat hunting virtuous cycle: track, hunt and analyze. Specifically, attendees learned how Microsoft Defender Experts for Hunting uses AI to complete all three components of the cycle faster, and provides automated detection, hunting, and analysis to help the team track and respond to threats across the enterprise multinational to stop.
Microsoft Security Research – How we responsibly disclose vulnerabilities to Apple, Google and the Linux community: Jonathan Bar Or, Principal Security Researcher at Microsoft, discussed how bug disclosures make the world a safer world and benefit users, and provide Microsoft Security with a better understanding of the technologies we are working to protect. The aim is to challenge our own detections and prove product truth – making Microsoft Defender stronger by challenging our own blue teams
Solve secure access requirements for workload identities with Microsoft Entra: Microsoft Product Managers Nick Wryter and Sandy Jiang led this informative session on the phenomenon of exploding workload identities. There are currently five to one more workload identities than user identities; The challenge is that many traditional identity and access management solutions fail to manage these prevalent and often over-permitted identities. Nick and Sandy explained how the new Microsoft Entra addresses this problem by providing a comprehensive view of every action taken by any identity on any resource and detecting anomalous permission usage at the cloud level.
Tracking highly evasive APTs with Vectra Detect and Microsoft Sentinel: Tom D’Aquino, Senior Security Engineer at Vectra AI, led this demonstration of real-world threat hunting using Vectra Detect and Microsoft Sentinel. Tom demonstrated real-world threat tracking workflows, including individual threat severity, lateral movement, threat targets, and more.
Shifting the “why” and “how” of ransomware attacks; How Microsoft helps customers survive ransomware: Led by MacKenzie Brown of the Microsoft Detection and Response Team (DART), this session explored the hows and whys behind the recent surge in ransomware attacks. Attendees learned how attackers have evolved their methods to achieve maximum return on investment (ROI) with minimal effort, and why DART’s methodology can help you defeat them.
Microsoft also presented its Security Excellence Awards this year to 10 winners, covering a range of cross-functional security sectors. In order to find out the details of the award categories, finalists and winners, Microsoft has published this information here.