This briefing will include training on how to utilize DLT’s Marketplace, Oracle’s Core Technology & ESLA product offerings, and a deep dive into Oracle’s full line of DISA SRG Authorized and FedRamp Accredited Oracle Cloud Infrastructure (OCI), Oracle Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Software as a Service (SaaS) Offerings. Oracle Consulting Services will also give a brief overview of m...

Financially motivated transnational criminal groups, primarily operating out of eastern Europe, Russia, and Iran have found ransomware to be a powerful tool for profit generation. The targeting of U.S. state and municipal governments, healthcare institutions, critical infrastructure providers, and our nation’s universities coupled with the rise of big game hunting, ransomware as a service, and increased collaboration between adversarial...

Across the globe, elections are under threat of manipulation and interference. Adversaries increasingly attempt to use offensive cyber operations to directly affect political outcomes. From intelligence collection and “hack and leak” campaigns to election infrastructure targeting, nation-state adversaries around the globe see election interference as a means to advance their national security and political interests. Although diffe...

In the upcoming months, the Cybersecurity Maturity Model Certification (CMMC) ecosystem will go live, turning the CMMC into a contractual reality for thousands of companies comprising the Defense Industrial Base. Are organizations ready? What should commercial assessors expect to find during their reviews? How is the sector performing when it comes to cybersecurity? This session spotlights new BitSight research into Defense sector cybersecurit...

This brief will provide broader geopolitical context for the latest DPRK cyber activities, an overview of the primary threat actors responsible for DPRK offensive cyber operations, and these actors’ TTPs (tactics, techniques, and procedures). We will also share mitigation strategies that can be leveraged for cybersecurity and defensive operations.

Have fun and support our military service members! Sonatype is hosting an exciting trivia competition to bring together members of the government DevSecOps community! This event is FREE to attend but pre-registration is required in order to gain access to: Live virtual networking event Find out who will be the champion, test your trivia skills Support a great cause! Are you interested in joining or creating a team? Contact adowney@sonatype.com...

Today, agencies are striving to improve their application security programs, while at the same time, not slowing down the development, delivery, and deployment of their software applications. Can a balance be achieved between security and an organization’s (or agency’s) daily business requirements? We know it’s possible. Application Security (AppSec) Awareness Programs that are specifically focused on the development communit...

The recent shift towards DevOps makes it clear that Federal agencies are moving forward with adopting this operational model to facilitate the practice of automating development, delivery, and deployment of mission-critical software. While the traditional idea of a software release dissolves into a continuous cycle of service and delivery improvements, agencies find that their conventional approaches to software security are having a difficult...

One of the biggest threats to maintaining Continuity of Operations is a DDoS attack. Tom will discuss: (1) the evolution of modern DDoS attacks; (2) technical vulnerabilities of on-premise devices such as VPN gateways, firewalls and application servers to DDoS attacks; and (3) demonstrate the technical features of Arbor Edge Defense that enable it to be the first and last line of an automated perimeter defense

The flexibility and ease of deployment of SD-WAN has accelerated its deployment as new network edges emerge for large enterprise and government entities as MPLS continues to be prevalent within the Federal ecosystem. Tory will discuss: (1) Remote site monitoring solutions for MPLS; (2) Utilizing vSTREAM Family of Virtual Appliances for maintaining visibility in SD-WAN environments; (3) Deployment options for vSTREAM within uCPE of SD-WAN or Pu...