AGENDA
Agenda is subject to change.
TUESDAY, SEPTEMBER 1, 2020 | |
All sessions will be held EST | |
9:00 - 9:45 | Login to the Virtual Event |
9:45 - 10:30 | Opening Remarks Mr. Arthur Bornschein, Technical Director & Acting DOD CIO, Special Programs |
10:30 - 11:15 | Keynote Speaker Mr. Aaron Weis, Department of the Navy Chief Information Officer |
11:15 - 12:00 | Keynote Speaker Mr. Larry T., C2S Program Executive |
12:00 - 1:00 | Break / Lunch |
1:00 - 1:45 | Keynote Speaker Colonel Robert Davis, USAF, Deputy Director, DoD SAPCO |
1:45 - 2:15 | ICON Update |
2:15 - 3:00 | Cloud Gateway |
3:00 - 3:45 | FENCES Update |
3:45 - 4:30 | SWS Updates (VSD, SIC, CIS Upgrade) |
WEDNESDAY, SEPTEMBER 2, 2020 | |
All sessions will be held EST | |
9:30 - 10:00 | Login to the Virtual Event to Confirm Access |
10:00 - 10:30 | DoD SAP CIO Team Presentation to Industry Jason Moore, Office of the DoD SAP CIO, CTO |
Exhibitor Group 1 Exhibitors give 5-8 minute demos |
|
10:30 - 11:30 | Amazon Web Services |
Anchore | |
AppGate Federal | |
BeyondTrust | |
BluVector | |
Cisco Systems | |
D2IQ | |
Data Security, Inc | |
Elastic | |
Oracle | |
Exhibitor Group 2 Exhibitors give 5-8 minute demos |
|
11:30 - 12:30 | Forcepoint |
Forescout Technologies | |
Garner Products, Inc. | |
Gigabiter LLC | |
GovSmart | |
HYPORI Virtual Mobility | |
ManTech | |
Microsoft Azure | |
MyComputerCareer | |
Novetta | |
12:30 - 2:00 | Break/Lunch |
Exhibitor Group 3 Exhibitors give 5-8 minute demos |
|
2:00 - 3:00 | Palo Alto Networks |
Quest Public Sector, Inc. | |
RackTop Systems | |
Red Hat | |
Sipi Corp. | |
Splunk Federal | |
Tanium | |
Trident Systems | |
Tripwire, Inc. | |
VMware |
All registered attendees will receive an email with a password to the training sessions and any additional information. For security purposes please do not share links or passwords.
THURSDAY, SEPTEMBER 3, 2020 | ||||||||
All sessions will be held EST | ||||||||
9:00 - 10:00 | Introduction to Tanium Capabilities (Tanium) | AWS Cloud Practitioner Essentials (CPE) Day (Amazon Web Services) (9:00 - 4:30) | Investigating with Splunk - Ransomware Scenario (Splunk) | Insider Threat (Forcepoint) | P2 SHRED – Proactive Protection SAP Holdings Risk Reduction and Equipment Destruction (System High) | Sentris Instructor Led Demonstrations and Q&A (ManTech) | Microsoft Azure Fundamentals (AZ-900) (Microsoft) (9:00 - 4:30) |
|
10:00 - 11:00 | 3-Step Plan for Fail-Proof Sanitization and Destruction (Data Security) | Cloud for Government Foundations Training (Oracle) SESSION CANCELLED | Cross Domain Solution Capabilities & Use Cases (Forcepoint ) | Zero Trust in a SAP Environment (Palo Alto Networks) |
||||
11:00 - 12:00 | Zero Trust - Protecting Data at the Source (RackTop Systems) | Hands on with Elastic Security (Elastic ) (11:00 - 12:30) | ||||||
12:00 - 1:00 | Sentris Instructor Led Demonstrations and Q&A (ManTech) | |||||||
1:00 - 2:00 | Introduction to Tanium Capabilities (Tanium) | P2 SHRED – Proactive Protection SAP Holdings Risk Reduction and Equipment Destruction (System High) | ||||||
2:00 - 3:00 | 3-Step Plan for Fail-Proof Sanitization and Destruction (Data Security) | Building a DSOP Factory with GitOps (Red Hat) | Insider Threat (Forcepoint) | Prisma Cloud Compute: full lifecycle protection and governance of your DevSecOps Environment (Palo Alto Networks) | Sentris Instructor Led Demonstrations and Q&A (ManTech) | |||
3:00 - 4:00 | Cross Domain Solution Capabilities & Use Cases (Forcepoint ) |
TRAINING SESSION DESCRIPTIONS
AWS Cloud Practitioner Essentials (CPE) Day
Amazon Web Services
9:00 – 4:30 EST
This one-day training will provide an introduction to AWS and Commercial Cloud Services (C2S) Cloud concepts, and AWS core services for compute, storage, database, and networking. AWS technical experts who support C2S customers will be on hand to explain key features and use cases, share best practices, and answer your questions one-on-one. Cloud Practitioner Essentials Day for the US Intelligence Community is ideal for individuals who seek and overall understanding of the AWS Cloud, independent of specific technical roles. It provides a detailed overview of cloud concepts, AWS services, security, architecture, pricing, and support.
3-Step Plan for Fail-Proof Sanitization and Destruction
Data Security
10:00 – 11:00 EST
2:00 – 3:00 EST (Session Repeats)
With all the regulations, media formats and equipment types, it’s easy to become overwhelmed. Through an in-depth look at options and best practices, learn to recognize solutions that are truly ‘high security’ and walk away with an easy to implement three step plan for success.
Hands on with Elastic Security
Elastic
11:00 – 12:30 EST
This collaborative workshop utilizes the unique combination of Elastic’s Endpoint Security (former Endgame), SIEM, and other Kibana capabilities to detect and protect, and respond to an adversary’s attack. Students will see how to deploy and configure the Endpoint Agent, and use the data it collects to hunt for and identify an attacker’s technique in Elastic SIEM. Then, they will use the newly-learned technique to search for other incidents in their environment and push a detection rule to the agents to prevent any repeated attack attempted. Last, students will use Kibana visualizations to identify the source of port scans against their servers.
Cross Domain Solution Capabilities & Use Cases
Forcepoint
10:00 – 11:00 EST
3:00 – 4:00 EST (Session Repeats)
Forcepoint will provide education and training on its Trusted Thin Client (TTC) capability and how it can be utilized to access multiple networks from a single pane of glass as well as Spanning capability to share networks across the SAP Community. We will also provide training on our Trusted Gateway Solution (TGS) for transferring files across multiple Domains, including SENTRIS marked files.
Insider Threat
Forcepoint
9:00 – 10:00 EST
2:00 – 3:00 EST (Session Repeats)
We will be discussing insider threat mission and the Forcepoint technologies that can be leveraged to support this mission.
Sentris Instructor Led Demonstrations and Q&A
ManTech
9:00 – 11:00 EST
12:00 – 2:00 EST (Session Repeats)
2:00 – 4:00 EST (Session Repeats)
ManTech will be demonstrating the latest Sentris 4.x Platform Suite and its integration with Microsoft Windows Server 2019, Exchange 2019, SharePoint 2019, Office 2019 and Skype for Business 2019. The demonstration will include modules with the Sentris Platform Server, Platform Client, Labeling for Microsoft Office and the Sentris Feature Packs which include the Protection for Microsoft Exchange, Protection for SharePoint, Protection for Skype for Business, Labeling for PDFs and Protection for File Shares.
Microsoft Azure Fundamentals (AZ-900)
Microsoft
9:00 – 4:30 EST
This one day training will immerse students in foundational Cloud Computing concepts, and a holistic overview of Microsoft Azure for your Unclassified and Classified workloads. Not only will students be introduced to core infrastructure concepts (such as networking, storage, and compute), but will also learn how Azure can meet all of your security, privacy, compliance, and trust concerns. Bring your questions, as a group of Microsoft Azure technical experts that support the DoD and Intelligence communities will be available for live Q&A throughout the session. After this training, candidates will not only be able to understand the benefits of Azure and cloud computing for their mission, but be well on their way to possessing the required information to pass the Azure Fundamentals Exam (AZ-900) and becoming certified.
Oracle Cloud for Government Foundations Training
SESSION CANCELLED
Oracle
10:00 – 4:00 EST
Learn how to leverage the power of Oracle Cloud Infrastructure through Oracle Cloud for Government training
Oracle Cloud Infrastructure for US government regions provides a highly secure, enterprise-scale cloud ecosystem that’s isolated from commercial customers and built to support regulatory, compliant mission-critical public sector workloads. Join Oracle for a two-part training session that will set you and your team up for success in meeting the agency mission.
Key concepts Oracle Cloud Government training will focus on:
- Basic cloud concepts and its principles of economics
- Features and components of OCI
- Core solutions and services available on OCI
- Cloud native services
- OCI security, pricing, and operational & support models
- OCI compliance structure
Zero Trust in a SAP Environment
Palo Alto Networks
10:00 – 11:00 EST
Like “machine learning” and “AI,” Zero Trust has become one of cybersecurity’s latest buzzwords. With all the noise out in the market, it’s imperative to understand what Zero Trust is, as well as what Zero Trust isn’t.
Zero Trust is a strategic initiative that helps prevent successful data breaches by eliminating the concept of trust from an organization’s network architecture. Rooted in the principle of “never trust, always verify,” Zero Trust is designed to protect modern digital environments by leveraging network segmentation, preventing lateral movement, providing Layer 7 threat prevention, and simplifying granular user-access control. Zero Trust aligns perfect with procedures, concepts and the operation of a SAP environment.
Zero Trust was created by John Kindervag, during his tenure as a vice president and principal analyst for Forrester Research, based on the realization that traditional security models operate on the outdated assumption that everything inside an organization’s network should be trusted. Under this broken trust model, it is assumed that a user’s identity is not compromised and that all users act responsibly and can be trusted. The Zero Trust model recognizes that trust is a vulnerability. Once on the network, users – including threat actors and malicious insiders – are free to move laterally and access or exfiltrate whatever data they are not limited to. Remember, the point of infiltration of an attack is often not the target location.
Prisma Cloud Compute: full lifecycle protection and governance of your DevSecOps Environments
Palo Alto Networks
2:00 – 3:00 EST
Prisma Cloud Compute (formerly known as Twistlock) from Palo Alto Networks is the leading cloud-native security platform, providing holistic protection across hosts, containers, and serverless deployments in any cloud, throughout the software lifecycle. Prisma Cloud Compute edition itself is cloud-native and API-enabled, protecting all your workloads regardless of their underlying compute technology or the cloud in which they run.
Prisma Cloud Compute provides the following:
- Vulnerability management, detection, and prevention at every stage of the application lifecycle.
- Maintain compliance for Docker, Kubernetes, and Linux CIS Benchmarks as well as external compliance regimes and custom requirements.
- Integrate security directly into the continuous integration (CI) process to find and fix problems before they ever make it into production.
- Protect your environments at scale with machine learning that automatically creates least-privileged, whitelist-based runtime models for every version of every application.
- Cloud-native firewalls purpose-built for cloud-native applications
- Establish and monitor access control measures for cloud workloads and cloud-native applications.
Zero Trust – Protecting Data at the Source
RackTop Systems
11:00 – 12:00 EST
A concerted effort must be made to protect critical sensitive data and not just the network. The data is what an adversary is trying to steal and manipulate. A zero trust approach to data security doesn’t rely on a trusted core like traditional approaches. Instead, zero trust strives to improve data security and reduce complexity. This approach can be leveraged by a project or organization of any size and ensures continuous compliance with guidelines such as the JSIG/RMF and CMMC.
Building a SCOP Factory with GitOps
Red Hat
2:00 – 3:00 EST
The DoD is undergoing a massive transformation to adopt DevSecOps approaches based on cloud-native open source technologies. GitOps is becoming a critical component to this approach. In short, GitOps is a practice that makes Git the single source of truth for mission applications and infrastructure. In this talk you will hear industry use-cases for GitOps and how the DevSecOps SRG is looking to apply this paradigm to accelerate mission capabilities to the warfighter.
Investigating with Splunk- Ransomware Scenario
Splunk
9:00 – 1:00 EST
Investigating with Splunk is a modular, hands-on workshop designed to familiarize participants with how to investigate incidents using Splunk and open source. This workshop provides users a way to gain experience searching in Splunk to answer specific questions related to an investigation. These questions are similar to what would be asked in their own organizations. The workshop leverages the popular Boss of the SOC (BOTS) dataset in a question and answer format. Users will leave with a better understanding of how Splunk can be used to investigate in their enterprise.
P2 SHRED – Proactive Protection SAP Holdings Risk Reduction and Equipment Destruction
System High
9:00 – 10:00 EST
1:00 – 2:00 EST (Session Repeats)
P2 SHRED is an end-to-end, mobile IT destruction capability that meets new policy requirements and is registered with the DoD SAP CIO by various DoD Stakeholders. Come to our virtual training session to learn more about our SAP IT Destruction capability and how to obtain our services.
Introduction to Tanium Capabilities
Tanium
9:00 – 10:00 EST
1:00 – 2:00 EST (Session Repeats)
Tanium is currently being deployed within select SAP environment and evaluated for broader adoption and deployment within the SAP network environments. This session will provide an overview of Tanium capabilities and allow interaction to understand the Tanium product and the functionality it provides.
The training sessions for the SAP Summit are for registered and approved attendees only. Please enter the password that was sent to your email address you used to register with to view the registration pages for training sessions. Please do not share links or passwords. By using this link to access content for the DoD SAP IT & Cybersecurity Virtual Summit you acknowledge that sharing your login credentials or session access links is strictly prohibited. Not only is this unethical, it poses a security risk for all participating in the event. Sharing your credentials includes: giving your username and password to someone else, using someone else’s username and password to gain access to the event, sharing your access links to the sessions with someone not registered for the event, or allowing someone to view your screen during the live presentations.