2019 Triad of NC ISSA Security Summit

Attendees should plan to bring the following:

Minimum System Requirements:
2.0+ GHz processor or higher
4GB RAM
Wireless Ethernet
Google Chrome or Mozilla Firefox browser installed
Participants are encouraged to bring a tablet if available to avoid switching windows from the lab environment to lab documentation, but this is not a requirement.

The Evolving Threat Landscape
•    Check Point SandBlast Zero-Day Protection employs Threat Emulation and Threat Extraction capabilities to elevate network security to the next level with evasion resistant malware prevention, and comprehensive protection from the most dangerous attacks – and at the same time ensures quick delivery of safe content to your users.
o    Today's threat landscape, attack vectors & surfaces.
o    Discussion about Security beyond the perimeter and multi-vectored attack scenarios
o    Presenting the Check Point solutions for security beyond the perimeter of a traditional perimeter firewall, including: Endpoint Security, Cloud IaaS security beyond cloud native controls, SaaS application security, and Mobile device security.
•    SD-WAN Security
o    Demo Video & Presentation

Workshop Labs (Session 1)

Advanced Threat Prevention on the Network – Sandboxing & File Sanitation
•    Sandblast Threat Emulation & Extraction
o    Threat Emulation and Threat Extraction inspection of a malicious document attached in an email.  Threat Extraction will clean the document and convert it to pdf, providing the user with a safe and sanitized file within seconds. Threat emulation will inspect the file in parallel and will determine if the file is malicious. The user will not be able to receive the original file since it was detected as malicious by Threat Emulation.
o    In addition to the previous email-based lab, we will also test the Threat Emulation & Extraction capabilities via web downloads & direct links sent via email.

Advanced Threat Prevention on the Endpoint, the last line of defense
•    Check Point SandBlast Agent extends industry-leading zero-day protections to prevent advanced attacks against endpoints and web browsers. SandBlast Agent includes Threat Emulation, Anti-Exploit, Anti-Bot, Forensics, Anti-Ransomware and Behavioral Guard components.
Scenarios include:
•    Anti-Phishing Scenario to prevent identity & corporate credential theft.
•    Forensics Analysis using the Anti-Bot component triggered by lateral movement
•    Anti-Ransomware and Anti-Exploit scenario using a drive-by exploit on IE11
•    Behavioral guard scenarios preventing crypto mining and file less ransomware attacks

Advanced Threat Prevention on the Mobile Device, security with Check Point's Sandblast Mobile
Participants will have the opportunity to add Check Point's Sandblast Protect application to their own device and configure the security policies accordingly. Each participant will also receive a 1-year license to Check Point's consumer facing mobile application, ZoneAlarm Mobile Protect.