Event Overview
NHIs (non-human identities) are hot for a reason. API keys, service accounts, and AI models constitute the largest and fastest-growing part of the identity attack surface. They’re also hard to defend and highly privileged–a recipe for trouble.
To learn what your peers are doing, join the largest NHI-focused conference of the year: NHI Summit 2024. This 3 hour virtual conference on October 30 features an amazing lineup of speakers in a fast-moving agenda. You’ll leave with information you can’t get anywhere else.
Speakers
Agenda
9:00 PT
Welcome
Tarun Thakur, Co-Founder & CEO, Veza
9:05 PT
The Rise of NHIs, featuring Phil Venables
Elizabeth Mann leads the conversation with Phil Venables about the growth of NHIs and how security teams will need to adapt.
Phil Venables, Cybersecurity expert
Elizabeth Mann, Technology Strategist
9:25 PT
Securing Non-Human Identity (NHI): Personal Journey
Learn what enterprise CISOs are prioritizing (and what they aren’t) with their identity access infrastructure.
Dr. Edward Amoroso, Founder and CEO of TAG Infosphere
9:45 PT
Secrets of the NHI Attack
Marcus deconstructs a recent attack that exploited NHIs for privilege escalation, sharing key takeaways for prevention.
Marcus Hutchins, ex-hacker, best known for stopping the WannaCry ransomware attack.
10:05 PT
Ask the FBI: Current threat landscape for NHIs
Donovan will discuss the current cyber threat landscape, including top threat actors (organized crime, nation states, hacktivists). He’ll also share strategies to collaborate with the government in order to stop incidents, recuperate costs, and limit damage.
Donovan McKendrick, FBI Special Agent and Special Assistant U.S. Attorney
10:25 PT
Purple Campaign–Live! with Mario Duarte
It’s red team vs blue team, and you’ve got a front row seat. Three security experts present a fictional readout of a purple campaign for a hybrid cloud environment running CI/CD tools. Blue team can reset passwords, but will that be enough to stop the red team?
Mario Duarte, CISO of Aembit
Greg Harris, Principal Red Team Engineer at Snowflake
Michele Freschi, Managing Director, DuneGroup
10:45 PT
The 2024 NHI Security Survey
88% of organizations say their non-human IAM practices lag their efforts for human identities. Hear the other key takeaways from Aembit’s security survey.
Apurva Davé, CMO at Aembit
11:05 PT
Securing NHIs at John Deere
On the heels of her visit to John Deere, Nicole Perlroth leads this “tireside chat” with Deere’s Carl Kubalsky, who is on the leading edge of securing non-human identities.
Carl Kubalsky, Director and Deputy CISO, John Deere
Nicole Perlroth, Cybersecurity journalist/author
11:25 PT
Securing NHI’s in the cloud with AWS
Harvinder shares best practices for improving identity security posture in your cloud infrastructure.
Harvinder Nagpal, Identity Specialist at AWS
11:40 PT
The NHI Vendor Landscape
Learn which vendors to watch in the emerging NHI space as Francis shares insights from his recent conversations with security leaders and CISOs.
Francis Odum, Founder @ Software Analyst Cybersecurity Research
Sponsors
Veza
Veza is the identity security company. Identity and security teams use Veza to secure identity access across SaaS apps, on-prem apps, data systems, and cloud infrastructure. Veza solves the blind spots of traditional identity tools with its unique ability to ingest and organize permissions metadata in the Veza Access Graph. Global enterprises like Wynn Resorts, and Expedia trust Veza to visualize access permissions, monitor permissions activity, automate access reviews, and remediate privilege violations.
Aembit
Aembit is the non-human identity and access management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and zero trust workload access with MFA-strength capabilities.
AWS
Since 2006, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud. AWS has been continually expanding its services to support virtually any workload, and it now has more than 240 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, media, and application development, deployment, and management.
HashiCorp
HashiCorp is The Infrastructure Cloud™ company, helping organizations automate multi-cloud and hybrid environments with Infrastructure Lifecycle Management and Security Lifecycle Management. HashiCorp offers The Infrastructure Cloud on the HashiCorp Cloud Platform (HCP) for managed cloud services, as well as self-hosted enterprise offerings and community source-available products. The company is headquartered in San Francisco, California. For more information, visit hashicorp.com.
