Nearly every organization claims to do vulnerability research and threat intelligence, but what does that really mean? As the world’s largest vendor agnostic bug bounty program, the Zero Day Initiative is uniquely positioned to understand the latest exploits and techniques. Find out how the ZDI program goes beyond merely buying bug reports to true superiority in terms of vulnerability and exploit intelligence.
Beyond the Endpoint: Cross-layer Detection and Response
Eric Shulze, Senior Product Manager User Protection
Endpoint Detection and Response (EDR) is a great start to detect and respond to attacks but it is limited to just what the endpoint can see. What about network traffic to IoT devices? What about threats inside mailboxes but not yet accessed on the endpoint? See what you’ve been missing by combining detection and response across security layers.
The Zero Day Initiative Looks at the Exploit Economy
Various marketplaces exist for security research, and the current gray and black markets can be as robust as their white market counterparts. Like any open market, various factors can spur changes in supply and demand, and market actors can shape what types of research either becomes public. Come and learn more about the current exploit marketplace, the main players in various sectors, and the winding, often controversial lifespan of a security bug.
Cybersecurity Research Reveals the Good, Bad and Ugly of Twitter
Trend Micro Research used available Twitter data to find how the platform is being used across the security landscape – for good, bad and ugly reasons. Are you a security engineer who is curious how Twitter can inform your threat intelligence and strategy? Or maybe you’re wondering how criminals are leveraging social platforms to enable attacks and attract victims? Come hear what we found – it might surprise you
The Lifecycle of a Vulnerability with the Zero Day Initiative
Much like their six-legged counterparts in nature, bugs in software have a lifecycle. They are discovered, they get exploited, they get reported, they get patched, and usually, they go away. Learn about the life of several recent security vulnerabilities from discovery through active attack, highlighting the areas where enterprise can either protect themselves or be compromised through lack of defenses.
Securing the DevOps Supply Chain: The Container Threat Model
Learn about the three ways DevOps enable swift and painless release capabilities, that bring into play a whole new world of supply chain security issues. Trend Micro's container threat model provides a streamlined explanation of controlling the security risks posed by an evolving technical landscape, improving user awareness around a whole new set of attack vectors. See how threats in a DevOps environment can be mitigated using Deep Security Smart Check to automatically scan CI/CD pipelines.
24Praesent non velit ut libero condimentum pulvinar sed vitae tellus. Vestibulum id tristique elit. Suspendisse posuere rutrum sodales. Nam id elit ac sem iaculis lacinia posuere vitae metus.
Bounty Operations: Best Practices and Common Pitfalls to Avoid in the First 6-12 Months
Presented by Shannon Sabens, Security Program Manager, Trend Micro
Thursday, August 8th | 11:00 am – 11:50 pm | Mandalay Bay CD at Mandalay Bay Resort & Casino Add to Calendar >
Debug for Bug: Crack and Hack Apple Core by Itself - Fun and Profit to Debug and Fuzz Apple Kernel by lldb Script
Presented by Lilang Wu & Moony Li, Trend Micro Security Research Leaders
Thursday, August 8th | 5:00 pm – 6:00 pm | Breakers GHI at Mandalay Bay Resort & Casino Add to Calendar >
Runtime protection. This is where a security vendor partnership is critical. Trend Micro™ Deep Security™ has been built from the ground up to help make sure your solution continues to work as intended.
34Praesent non velit ut libero condimentum pulvinar sed vitae tellus. Vestibulum id tristique elit. Suspendisse posuere rutrum sodales. Nam id elit ac sem iaculis lacinia posuere vitae metus.
Enter to Win
Come talk to our security experts and pick-up your free "The Art of Cybersecurity" pop socket with special instructions on the back on how to enter our raffle prize, an Arduino Engineering Kit.
Endpoint security & EDR together in one agent
No need for multiple vendor agents on same endpoint
SaaS and on-premises parity
44Praesent non velit ut libero condimentum pulvinar sed vitae tellus. Vestibulum id tristique elit. Suspendisse posuere rutrum sodales. Nam id elit ac sem iaculis lacinia posuere vitae metus.
When you can artfully protect your physical, virtual, cloud, and container workloads across leading environments, that's The Art of Cybersecurity.