Agenda

*All times in PT

Monday, October 4th
Tuesday, October 5th
Wednesday, October 6th
ADD TO CALENDAR
8:00 AM — 10:00 AM
Hands-on Workshops



01- MITRE ATT&CK and Exabeam - Learn how MITRE ATT&CK and the Exabeam Advanced Analytics capability in Exabeam Fusion XDR and Exabeam Fusion SIEM work together. ATT&CK's focus on TTPs (Tactics, Techniques, and Procedures) over the traditional approach of IOCs (Indicators of Compromise) can be easily combined with the powers of UEBA for better insights and defense. Participants will learn the ATT&CK framework while also analyzing events in Exabeam Advanced Analytics and Exabeam Threat Hunter. This workshop is designed for analysts who are new to Threat Hunter and MITRE ATT&CK.

02 - Detect, Investigate, and Respond to the Compromised Insider - Learn how to detect, investigate, and respond to anomalous events that indicate a compromised insider. You will learn about the Exabeam Compromised Insider Use Case Package which includes use cases such as: Compromised Credentials, Lateral Movement, Privilege Escalation, and more. You'll use the Exabeam Advanced Analytics capability to triage and investigate related incidents. This workshop is intended for analysts who are new to Exabeam Fusion XDR, which includes Exabeam Advanced Analytics, Exabeam Threat Hunter, and Exabeam Case Manager.

8:00 AM — 10:00 AM
Global Partner Summit



01- Global Partner Summit (Americas/EMEA) - Americas- and EMEA-based partners are invited to join Exabeam for our 2nd Annual Global Partner Summit at Spotlight21. During this virtual summit, Exabeam executives will share updates on our go-to-market strategy and vision, review our product roadmap, and reveal the winners of our Partner of the Year Awards. Exabeam partners won’t want to miss this opportunity to hear from our leaders, get a sneak peek at new products and programs, and possibly see their company recognized as one of our top partners!

10:00 AM — 1:00 PM
Hunter Games

01- Hunter Games - North Americas- and EMEA-based participants compete for bragging rights and the coveted Hunter Games (formerly SOC-a-thon) champion crown as they put their investigative and creative skills to the test via a series of challenges using Exabeam solutions. Individuals and teams welcome. May the odds be ever in your favor!

4:00 PM — 6:00 PM
Hands-on Workshops



01- MITRE ATT&CK and Exabeam - Learn how MITRE ATT&CK and the Exabeam Advanced Analytics capability in Exabeam Fusion XDR and Exabeam Fusion SIEM work together. ATT&CK's focus on TTPs (Tactics, Techniques, and Procedures) over the traditional approach of IOCs (Indicators of Compromise) can be easily combined with the powers of UEBA for better insights and defense. Participants will learn the ATT&CK framework while also analyzing events in Exabeam Advanced Analytics and Exabeam Threat Hunter. This workshop is designed for analysts who are new to Threat Hunter and MITRE ATT&CK.

02 - Detect, Investigate, and Respond to the Compromised Insider - Learn how to detect, investigate, and respond to anomalous events that indicate a compromised insider. You will learn about the Exabeam Compromised Insider Use Case Package which includes use cases such as: Compromised Credentials, Lateral Movement, Privilege Escalation, and more. You'll use the Exabeam Advanced Analytics capability to triage and investigate related incidents. This workshop is intended for analysts who are new to Exabeam Fusion XDR, which includes Exabeam Advanced Analytics, Exabeam Threat Hunter, and Exabeam Case Manager.

5:00 PM — 7:00 PM
Global Partner Summit



02- Global Partner Summit (APJ) - APJ-based partners are invited to join Exabeam for our 2nd Annual Global Partner Summit at Spotlight21. During this virtual summit, Exabeam executives will share updates on our go-to-market strategy and vision, review our product roadmap, and reveal the winners of our Partner of the Year Awards. Exabeam partners won’t want to miss this opportunity to hear from our leaders, get a sneak peek at new products and programs, and possibly see their company recognized as one of our top partners!

5:00 PM — 8:00 PM
Hunter Games

02- Hunter Games - APJ-based participants compete for bragging rights and the coveted Hunter Games (formerly SOC-a-thon) champion crown as they put their investigative and creative skills to the test via a series of challenges using Exabeam solutions. Individuals and teams welcome. May the odds be ever in your favor!

8:30 AM — 8:40 AM
Welcome Day 1

Day 1 of Spotlight opens with Exabeam Chief Marketing Officer, Sherry Lowe.

8:40 AM — 9:10 AM
Company Update

The last twelve months since Spotlight20 have seen so many changes. Exabeam has changed along with the times. In this keynote, Mike DeCesare, Exabeam CEO and President, will share his insights on the current state of the cyber threat landscape, the value Exabeam delivers to help customers achieve successful security outcomes today, and our vision to ensure Exabeam customers are successful against well-organized adversaries and increasingly sophisticated attack techniques.

9:10 AM — 10:00 AM
Exabeam Customers Who Outsmart the Odds

Join this keynote session to hear from Chris Cesio, Vice President Sales, Americas, as he shares stories of Exabeam customers who have used Exabeam to Outsmart the Odds. Learn more about how these customers have successfully “defined normal”, leveraged timelines, and used “Exabeam-generated context” to deliver world-class threat detection, investigation, and response to their organizations. Chris' opening will be followed by a customer panel with Jefferey Schilling of Teleperformance and Ryan Clarque of Levi Strauss & Co. where each will highlight some of their key insights as Exabeam users.

************************************************

Why join:
Hear how customers have tapped the true potential of Exabeam.
Learn why TDR isn’t enough.
Gain unique Exabeam user perspectives from your peers.

10:15 AM — 10:45 AM
Playing Smart: Leadership, Teamwork and Overcoming Adversity

A Conversation with Golden State Warriors Head Coach, Steve Kerr

Steve Kerr is the head coach of the Golden State Warriors, an eight-time NBA champion, and a U.S. Olympic gold medalist. Known as a smart, determined thinking-man’s coach and player, Kerr’s leadership style is defined by commitment, integrity, and grit. Join this conversation with Steve Kerr and Exabeam CEO and President Michael DeCesare where they talk about leadership, teamwork, and how playing smart can lead to a winning career.

10:45 AM — 11:45 AM
Product Strategy Update and Hands-on Product Overview

Join this keynote session to hear from Adam Geller, Exabeam Chief Product Officer, and Andy Skrei, Senior Director of Product Management, as they share the new innovations that Exabeam has brought to the SIEM and XDR market over the past year. Hear how Exabeam innovates, learn how our product roadmap will support you with outcomes- and use case-based security, and see the Exabeam product in action. Andy will share how to use Exabeam to modernize your SOC and walk you through the entire Threat Detection, Investigation, and Response (TDIR) process for a compromised insider threat, as well as reveal some cool new features coming soon!

12:00 PM — 6:00 PM
Exhibit Hall Open

Visit the good folks from Google Cloud, Armis, Castra, Expel, Grant Thornton, Mimecast, ReliaQuest, CyZen and ExtraHop in the virtual Exhibit Hall. Learn how these tech trailblazers work with Exabeam to help organizations like yours make security success the norm. Swing by their virtual booths, schedule a demo, and get all your burning questions answered.

In the virtual Exhibit Hall you’ll also find the Exabeam Genius Bar. Have an analytics question? Want to discuss automation workflows? Better understand Cloud Connectors? Our team can help.

12:00 PM — 2:00 PM
Hands-on Workshops



03- Detect, Investigate, and Respond to the Malicious Insider - Learn to use the Exabeam Security Operations Platform to support an insider threat program. Specifically, you'll use Exabeam Fusion XDR to investigate and hunt Malicious Insider use cases such as Workforce Protection, Abnormal Authentication & Access, Data Access, and Data Leakage. This workshop is intended for analysts with beginning to intermediate experience using Exabeam Fusion XDR, which includes Exabeam Advanced Analytics, Exabeam Threat Hunter, and Exabeam Case Manager.

04 - Data Lake Workshop - Take a dive into Exabeam Data Lake and learn search tips and tricks, as well as how to build a meaningful visualization. This workshop is designed for analysts who want additional practice in Data Lake.

1:00 PM — 1:30 PM
Track Session: Engineering Track

01- A Workflow-based Approach to Threat Detection, Investigation, and Response - Rapid changes in the threat landscape and corporate digital transformations are forcing organizations to modernize their security operations. Focusing on Threat Detection, Investigation, and Response is a key component when designing your security solution. In this session, you will learn how to design, configure and modify your environment for a workflow-based approach to Threat Detection, Investigation and Response.

1:00 PM — 1:30 PM
Track Session: Analyst Track

01- Fusion: The Evolution of the Exabeam SecOps Platform - This year Exabeam introduced Fusion XDR and Fusion SIEM. Delivered from the cloud, the Fusion product line enables organizations to make use of new features and capabilities never before available. In this session Exabeam experts will provide a high-level overview of the Fusion product line, highlighting key differences and advancements, as well as provide a glimpse into future Fusion releases. For the new Exabeam user.

1:30 PM — 2:00 PM
Track Session: Engineering Track

02- Tips and Tricks to Customize Your Environment - Exabeam not only provides hundreds of models out-of-the-box, it also makes it very easy for security teams to customize rules to meet their organization’s unique needs. In this session, we will discuss how to identify areas where customizations to your Exabeam solution may be warranted, examples of customizations, and how to implement them.

1:30 PM — 2:00 PM
Track Session: Analyst Track

02- Data Unleashed for the Exabeam Power User - In this session Exabeam experts will discuss different ways you can make use of the data collected and analyzed by the Exabeam platform. If you are new to Exabeam and want to learn how to turn your data into insights this is the session for you. For the Exabeam Power User.

2:00 PM — 2:30 PM
Track Session: Engineering Track

03- Risks to DNS Security and How to Uncover DNS Based Attacks with Exabeam - This session will review how traditional DNS deployments can be exploited due to the high risks of DNS attacks and how DNS is used as part of the lifecycle of an attack. We will also review how to quickly detect such attacks with Exabeam in order to automate rapid action. This presentation covers some of the top DNS attacks and how businesses that have Exabeam deployed in their security stack can best protect their strategically valuable DNS layer.

2:00 PM — 2:30 PM
Track Session: Analyst Track

03- Exabeam TDIR Workflow: An Outcomes-based Approach to Security - In this session Exabeam experts will walk through the Threat Detection, Investigation, and Response workflow approach that is core to Exabeam’s approach to security. If you are new to Exabeam and want to understand why taking an outcome-based approach to security is the only way to stay ahead of attacker you won't want to miss this session. For the new Exabeam user.

2:30 PM — 3:00 PM
Track Session: Engineering Track

04- Tech Update: Exabeam Security Apps, a Year in Review - Are you incorporating the latest innovations in your Exabeam solution? Stay up-to-date with the latest advancements in Exabeam Advanced Analytics, Exabeam Incident Responder, and Exabeam Case Manager. Anant Vadlamani will provide details about the newest releases, along with recommendations and tips of how to design your environment incorporating the latest technical advancements available.

2:30 PM — 3:00 PM
Track Session: Analyst Track

04- Exabeam and Pentera: Continuous Security Validation - In this session Exabeam experts will introduce the concept of TTP assessment with Exabeam and Pentera, a leading provider of automated security validation solutions. During this session you will learn how this sort of assessment can assist you in validating data sources as well as informing outcomes. This session is perfect for an advanced Exabeam user looking to get more out of their deployment.

3:00 PM — 4:00 PM
Track Session: CISO Roundtable

01- Keeping Pace with the Adversary: Team Building at the Intersection of People and Technology - Security teams face off against adversarial organizations made up of hundreds or thousands of attackers, yet struggle to recruit the talent needed to fight these attacks. How do we build, nurture and retain the teams to operate at tier levels 1, 2 and 3, how can you leverage technology to augment your team strength, and is a skills-only-based approach to recruiting hurting our ability to find creative solutions to modern cybersecurity challenges?

Moderated Exabeam Chief Security Strategist and The New CISO Podcast host Steve Moore, join our roundtable discussion with leading global CISOs Matt King of Belcan and Artie Wilkowsky of Dish Network to learn how they’re hiring for success and choosing the right tools to complement their teams.

4:00 PM — 6:00 PM
Hands-on Workshops



03- Detect, Investigate, and Respond to the Malicious Insider - Learn to use the Exabeam Security Operations Platform to support an insider threat program. Specifically, you'll use Exabeam Fusion XDR to investigate and hunt Malicious Insider use cases such as Workforce Protection, Abnormal Authentication & Access, Data Access, and Data Leakage. This workshop is intended for analysts with beginning to intermediate experience using Exabeam Fusion XDR, which includes Exabeam Advanced Analytics, Exabeam Threat Hunter, and Exabeam Case Manager.

04 - Data Lake Workshop - Take a dive into Exabeam Data Lake and learn search tips and tricks, as well as how to build a meaningful visualization. This workshop is designed for analysts who want additional practice in Data Lake.

8:30 AM — 8:35 AM
Welcome Day 2

Sherry Lowe, Exabeam Chief Marketing Officer, welcomes attendees to Day 2 of Spotlight21.

8:35 AM — 9:05 AM
Flying High: Security at Scale at Delta Air Lines

A Conversation with Delta Air Lines’ CISO Deborah Wheeler
Deborah Wheeler is Chief Information Security Officer at Delta Air Lines. She leads Delta’s Information Security team responsible for the airline’s cybersecurity efforts that secure and protect information important to Delta, its customers and partners, while ensuring the overall cyber resiliency of the organization. Join this engaging conversation between Wheeler and Exabeam CEO and President Michael DeCesare. Together, they will discuss how Wheeler has built and scaled world-class security operations at Delta, one of the United States’ most trusted major airlines.

9:05 AM — 9:35 AM
Rebooting the "XDR Telenovela" - The XDR Alliance

Join this keynote session to hear from Gorka Sadowski, Exabeam Chief Strategy Officer, as he discusses the dramatic twists, turns, and confusion happening in the XDR market, and why the ""XDR Telenovela"" needed a reboot. He will then share how the XDR Alliance is becoming the voice of reason in defining an end user-focused XDR. The alliance represents a partnership of cybersecurity and information technology innovators committed to an open and inclusive approach to XDR to protect organizations against the growing number of cyber attacks, breaches, and intrusions.

************************************************

Why Join:
Learn about the XDR Alliance and its mission
Gain the founders’ vision for an XDR approach that is open, collaborative, and inclusive
Get more information on what to expect from the Alliance in the future

9:35 AM — 10:05 AM
Google Cloud & Exabeam: A Pathway to a Highly-secured Modern Infrastructure

Gerrit Kazmaier is Google Cloud’s Vice President and General Manager, Data, Databases and Analytics. Kazmaier runs Google Cloud’s 1,700 person data organization to ensure alignment across the vast Google Cloud data portfolio. Join Kazmaier in conversation with Chief Product Officer Adam Geller where they will talk about the value of the Exabeam and Google Cloud partnership and how the combination of technologies gives joint customers access to a highly scalable and modernized infrastructure with advanced platform services and best-in-class security analytics. They will also discuss Exabeam’s latest developments with Google Cloud and the ever-changing security environments for SOC, security, and enterprise data management teams.

10:15 AM — 10:35 AM
Exabeam for Good

Join this keynote session to hear from Wanda Miles from the Exabeam Program Management Office, as she shares her experience working in the Exabeam culture and what that means for employees, as well as customers and partners. Since its founding, Exabeam has Outsmart-ed the Odds through giving back and creating opportunities for students, women and supporting diversity and inclusion. The result: a “better together” culture committed to delivering world-class products and services.

************************************************

Why join:
Learn about the Exabeam culture and how it benefits customers and partners
Learn about many of the Exabeam for Good programs
Hear how customers and partners can engage and participate: Call-to-Action

10:35 AM — 11:05 AM
2021 Exabeam Cybersecurity Excellence Awards

The 2021 Exabeam Cybersecurity Excellence Awards recognize top Exabeam customers that distinguish themselves through leadership and innovation in cybersecurity.

11:05 AM — 11:15 PM
Thank You and Conference Close

12:00 PM — 2:00 PM
Hands-on Workshops



05 - Rule Tuning - Receive advanced training on tuning rules in Fusion XDR. We will focus on flow of data, parsers, event building, and models with an emphasis on rule tuning. This workshop is intended for security professionals who have already been working in Exabeam Advanced Analytics for 6 months or more.

06 - Analyst Workflows - This workshop will demonstrate ways to efficiently use Exabeam Fusion XDR by taking you on a tour of the different investigation starting points and showing effective threat detection, investigation and response (TDIR) process workflows for handling incidents. This session will take you through using Exabeam Case Manager, Watchlists, and/or Exabeam Threat Hunter as a starting point before delving into the contextualized Smart Timeline™ to easily identify security threats. This course is intended for analysts who are new to Exabeam Case Manager and Exabeam Incident Responder capabilities.

1:00 PM — 1:30 PM
Track Session: Engineering Track

05- IR Service Integration and Playbooks - Learn how to leverage Exabeam as a SOC automation tool for ingesting, processing and responding to threats. We’ll discuss how to align Exabeam response capabilities to your organization’s priorities and combine with open source tools to successfully improve your workflows. In this session, we will also cover how to find the right balance of automation and human analysis along with other key takeaways and issues.

1:00 PM — 1:30 PM
Track Session: Analyst Track

05- An Introduction to Exabeam Alert Triage and Threat Hunting - In this session Exabeam experts will demonstrate the power of Alert Triage in the Fusion product. If you have an existing triage function in your SOC join this session to learn how Exabeam can transform your existing processes with this powerful features. For the new Exabeam user.

1:30 PM — 2:00 PM
Track Session: Engineering Track

06- Tips and Best Practices for Getting the Most Out of Exabeam Incident Responder - Get more value out of the Exabeam services available in Exabeam Incident Responder. In this session we will walk through the different Exabeam services available in Incident Responder, including APIs and turnkey playbooks to automate response. We'll also share the most common questions and tips to ensure you are optimizing your deployment.

1:30 PM — 2:00 PM
Track Session: Analyst Track

06- Exabeam Risk-Based Investigations Unleashed for the Exabeam Power User - In this packed session Exabeam experts will provide tips, tricks, and best practices to supercharge your risk-based investigations. This session is designed for users familiar with Exabeam that want to find new and better ways to complete investigations in Exabeam. For the Exabeam Power User.

2:00 PM — 2:30 PM
Track Session: Engineering Track

07- From Reactive to Proactive: Insights into our SOC Transformation Expedition - The security and reliability of the energy sector is attracting increasing attention due to recent, sophisticated cyber-attacks against critical infrastructure across multiple jurisdictions. This heightened risk means that the energy sector needs to continually improve their preparedness and accelerate the uplift of their cyber resilience. In this session, Lindbergh Caldeira, Cyber Security Operations Manager at SA Power Networks will share insights on their transformation from a reactive SOC on-prem to a fully SaaS-based, proactive, and future-state threat informed SOC. He will discuss why they chose Exabeam, the objectives they set for success, and where they are at today and the learnings in getting to this point.

2:00 PM — 2:30 PM
Track Session: Analyst Track

07- Now That’s Smart: How Exabeam Smart Timelines Work and Why They'll Change How You Investigate Incidents - Context is king during a security incident investigation. During this session will introduce Exabeam Smart Timelines, and discuss how embracing the context they deliver can make all the difference in the world to your SOC​. If you are new to Exabeam this is a great session for you to see one of the most popular, and important, capabilities of the platform in action. For the new Exabeam user.

2:30 PM — 3:00 PM
Track Session: Engineering Track

08- Journey to the Cloud - Thinking of taking your environment to the cloud? Exabeam Fusion promises many benefits including efficiency, business continuity, and scalability; however, the journey to the cloud is not always direct. This session shares common architectural challenges and how to overcome them along with tips for a successful migration to Exabeam Fusion, whether you choose to adopt a full or phased migration approach.

2:30 PM — 3:00 PM
Track Session: Analyst Track

08- Response Unleashed for the Exabeam Power User - In this session Exabeam experts will discuss different approaches to streamlining response actions within the Exabeam Platform. If you are already familiar with the basics of Exabeam, this session will help you take your response approach to a new level. For the Exabeam Power User.

3:00 PM — 4:00 PM
Track Session: CISO Roundtable

02- Leading Tomorrow’s Security Operations - The pandemic has accelerated most organizations' digital transformation and, as a result, has introduced new challenges and changes for security teams. How have our adversaries adapted, which strategies have proved successful in meeting the changing threat landscape and how have these trickled down into other business units?

Moderated Exabeam Chief Security Strategist and The New CISO Podcast host Steve Moore, join our CISO discussion to learn how leading global CISOs Michael St. Vincent of The Cosmopolitan of Las Vegas, Chris Ard of Newmont Mining, and Artie Wilkowsky of Dish Network are meeting the threats that grew prevalent during the pandemic, the impact created by a remote workforce, and the processes and solutions that arose to meet them and how, if at all, they’re being permanently implemented.

4:00 PM — 6:00 PM
Hands-on Workshops



05 - Rule Tuning - Receive advanced training on tuning rules in Fusion XDR. We will focus on flow of data, parsers, event building, and models with an emphasis on rule tuning. This workshop is intended for security professionals who have already been working in Exabeam Advanced Analytics for 6 months or more.

06 - Analyst Workflows - This workshop will demonstrate ways to efficiently use Exabeam Fusion XDR by taking you on a tour of the different investigation starting points and showing effective threat detection, investigation and response (TDIR) process workflows for handling incidents. This session will take you through using Exabeam Case Manager, Watchlists, and/or Exabeam Threat Hunter as a starting point before delving into the contextualized Smart Timeline™ to easily identify security threats. This course is intended for analysts who are new to Exabeam Case Manager and Exabeam Incident Responder capabilities.

Monday, October 4th
Tuesday, October 5th
Wednesday, October 6th