LogRhythm to Explore Foundations of Zero Trust Implementation, Key Findings from Golden SAML at RSA Conference 2021

LogRhythm to Explore Foundations of Zero Trust Implementation, Key Findings from Golden SAML at RSA Conference 2021

Company to share firsthand perspective on implementing Zero Trust in the enterprise and the benefits of using its NextGen SIEM Platform to reduce risk from vulnerabilities and potentially devastating attacks

Boulder, Colo. — May 12, 2021 — LogRhythm, the company powering today’s security operations centers (SOCs), today announced it would be participating in RSA Conference 2021, the world’s leading information security conference and exposition. RSA is virtually taking place May 17–May 20, 2021. LogRhythm chief security officer, James Carder, will take the stage to share his experience implementing a Zero Trust model at LogRhythm. As a 2021 Gold Sponsor, LogRhythm will also present a Sponsor Briefing in which the LogRhythm Labs Threat Research team dissects the Golden SAML attack.

“The RSA conference is a great opportunity for the cybersecurity community to come together and learn more about security trends and best practices that can enhance security teams’ skills and knowledge,” said Mark Logan, CEO, LogRhythm. “We look forward to continuing to develop meaningful connections with peers and experts in the industry while showcasing how LogRhythm is protecting organizations from current and future cybersecurity threats.”

Attendees looking to learn more about Zero Trust implementation should plan to join Carder on May 19, 2021, from 3:00 PM–3:40 PM PT for his session, “Lessons from Our Zero Trust Journey: Successes, Failures & Dodging Pitfalls.” In his presentation, Carder will share his experience implementing a Zero Trust model at LogRhythm, along with a realistic view of the process, his successes, and failures over the past four years.

“Today’s cybersecurity landscape requires organizations to take an adaptive and resilient approach, and implementing a Zero Trust security model is critical to effectively protect people, devices and data across the enterprise,” said Carder. “There is no question that everyone’s journey to Zero Trust looks different and each organization faces unique challenges. The goal of this session will be to share a real-world perspective from a CSO who has been down that road already so other security leaders are able to get a head start.”

LogRhythm will also present a Sponsor Briefing titled, “Dissecting the Golden SAML Attack Used by Attackers Exploiting the SUNBURST Backdoor,” accessible by visiting the LogRhythm booth. Golden SAML is an attack in which the assailant steals the private key for an organization’s Active Directory Federation Service (ADFS) server and uses it to forge a Security Assertions Markup Language (SAML) token that looks legitimate. Office 365 trusts that token and allows the attacker to access any Office 365 resource available to the impersonated user, including their mailbox.

The 30-minute technical session will be run by Sally Vincent and Dan Kaiser of the LogRhythm Labs team. The pair will demonstrate how the attack works, including what Office 365 logs do and do not tell security teams about federated logins, as well as how to use LogRhythm’s NextGen SIEM Platform to hunt for and detect this attack.

Attendees can stop by LogRhythm’s virtual booth any day during the conference from 10:00 AM–4:00 PM PT to live chat one-on-one with a security expert, get a demo of the LogRhythm NextGen SIEM Platform and MistNet NDR by LogRhythm, and access a collection of free, customizable Zero Trust resources to help organizations begin their journey, including a budget, business plan, architecture, board presentation, and more. Visitors to the LogRhythm booth will be entered into a raffle to win a Traeger Pro Series 22 Pellet Grill.

For more information on this year’s RSA Conference, check out the RSA conference agenda and the different passes and rates. LogRhythm is offering a limited quantity of free digital expo pass with the code 54SLGRHYMDE.

About LogRhythm

LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency.

With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at logrhythm.com.

Comments are closed.