Akamai Diversity

The Akamai Blog

Akamai Edge 2013: The Deeper Security Dive

A few days ago I told you about all the security awesomeness planned for the Akamai Edge customer conference. Today, I'm delving deeper into the agenda for a look at the more technical talks.

For the overview, see the post "Security Front and Center at Akamai Edge 2013."

Now for that deeper dive...

Wednesday, Oct. 9:

Noon-1:30 p.m.: Financial Services Roundtable Lunch: Security Information Sharing - Lessons Learned from Financial Services: Join us for our annual financial service luncheon and roundtable discussion. This year's topic will include speakers from the FS-ISAC (Financial Services Information Sharing and Analysis Center), USAA, and TD Bank. Come learn about the FS-ISAC, and hear how the financial services industry shares threat intelligence to protect critical systems and assets. Take part in the conversation, share your experiences, and network with your peers. The session is open all conference attendees. Commerce, High Tech and other Akamai customers are encouraged to join and learn how the banks share cyber threat intelligence.

Discussion leaders:

Rich Bolstridge, Akamai, Chief Strategist, Financial Services

Denise Anderson, FS-ISAC, Vice President, Government and Cross-Sector Programs

Don Clemmons, USAA, Technical Fellow

Dave Grau, TD Bank, Head of Threat Response, Intelligence, and Defensive Technologies

2:20-3 p.m.: Developers' Lab II: Akamai Observed Attacks and Mitigation Techniques - A Real-time Demonstration

4:20-5 p.m.: Government Forum Keynote by Joel Brenner, NSA, Former Senior Counsel - Glass Houses: Privacy, Secrecy, and Cyber Insecurity in a Transparent World

5:15-5:45 p.m.: Main Stage Partner Keynote: Observations on Modern Cyber Crime and Espionage

Thursday, Oct. 10:

10:30-noon: Kona - Web Security Roadmap: Gimme Shelter - How Kona Site Defender, IP Defender, and Cloud Security Intelligence Will Help You Weather Cyber Storms in the Coming Year: Explore the latest attack trends, from the Russian Business Network and the Al Qassam Cyber Fighters to Vietnamese Carders and Account Checkers. Learn how to tune rules to avoid "noise" and capitalize on the latest rules created to help protect customers across the Akamai Intelligent Platform. Discover how to implement the newest Kona Site Defender features and what features are still to come in 2013. Learn about how Kona IP Defender will extend protection to your entire data center. Hear how the User Validation Module has successfully defended against Account Checkers at the some of the largest eCommerce sites in the world. Understand how Cloud Security Intelligence will lead to even greater sets of rules in the future.

1:30-2:10 p.m.: Security Keynote: A Conversation with Bruce Schneier

1:30-2:10 p.m.: Developers' Lab II: Leveraging Akamai's Kona Security APIs

2:20-3 p.m.: Security Panel: Operation Abibal, Anniversary Panel - What We Have Learned: Launched in the fall of 2012, Operation Ababil has been the most visible and sustained battle in the security landscape. This well-funded, well-organized adversary has caused loss of business for many financial institutions and loss of sleep for a great many more. This panel will consist of a conversation with information security leaders from several institutions discussing what lessons they have drawn from the past year's response and practices they have put into place that have improved the security posture of their organizations and from which others can benefit. Confirmed panelists include David Cripps, CISO, Investec, Denise Anderson, Vice President Programs and Services, Financial Services Information Sharing and Analysis Center (FS-iSAC)

2:20-3 p.m.: Developers' Lab II: Akamai Observed Attacks and Mitigation Techniques - A Real-time Demonstration

3:30-4:10 p.m.: Security Tech Session: Big Data Intelligence - Harnessing Petabytes of WAF Statistics to Analyze and Improve Web Production in the Cloud: As web application attacks turn into massive campaigns against large corporations across the globe, web application firewall data increases exponentially, leaving security experts with a big data mess to analyze. Pinpointing real attacks in a sea of security event noise becomes an almost impossible tedious task. In this presentation, we will unveil a unique platform for collecting, analyzing and distilling Petabytes of WAF security intelligence information. Using the collected data, we will discuss the OWASP ModSecurity Core Rule Set project's accuracy, and reveal common attack trends, as well as our impressions and suggestions for how to wisely make the best out of the CRS project.

3:30-4:10 p.m.: Commerce Security Threat Briefing with Akamai CSIRT Director Mike Smith

Friday, Oct. 11:

9-9:40 a.m.: Security Session: USAA - Optimized Kona Site Defender and Real World Usage: Web attacks - they aren't something to fear, they are something to expect and prepare for. Please join Josh Stevens and Neelsen Cyrus, Senior Security Analysts at USAA, to hear how their team has leveraged Akamai Kona Site Defender to stop attacks while preserving site performance and availability. The team will focus on operational efficiencies gained by replacing error-prone, manual WAF updates with automation using Akamai's Network List API for Network Layer Protection.

9:50-10:30 a.m.: Security Session: The Many Dimensions of Web Security

9:50-10:30 a.m.: Developers' Session I: Leveraging Akamai's Security APIs