2019 April 12th Security Architecture and GRC Integration


Attention Readers – This Conference is moving to April 12th

Due to many conflicts with RSA conference week, we’ve decided to add a chapter event March 14th and have our conference on April 12th. Conference planning committee will be reaching out to our speakers soon.

April 12 –  8:00 AM
Reception 5:15 PM Sitemap 


Venue:  Oracle, Dublin, CA 94568

GRC Security Integration: includes 11 speakers and six guided product demonstration offering 8 CPE for full attendance. Learn more at https://isc2-eastbay-chapter.org, LinkedIn, Facebook

8 hours of Continuing Professional Education upon Lab completion and returning your survey. Download the Fall Flyer ISC2-Eastbay-chapter-April 12-2019-conference


Coming Soon

ISC2-Eastbay-chapter-April 12th-2019-conference – Spring Flyer

Coming Soon – Download the schedule

Download the calendar event


(ISC)2 is happy to accept member ID from its partner professional organizations:


  • Early Bird Member* $105
  • Early Bird Non-Member* $120
  • Student $45

Registration after /April 1st

  • Member or Affiliate Member $130
  • Non-Member $145
  • Sorry no more student passes

If you are experiencing hardship and wish to attend, please have proof of (ISC)2 membership or ISACA membership and reach out to Director Education & Career Development Jing Zhang-Lee, or
Conference Director Robin Basham

Registration 8:00 AM – 8:50, Speaker Reception, Closing Remarks and Raffle 5:15 – 6:30 PM

Speaker Bar
Session 1.1: 9:00 – 10:00 Meet 9:00 – 10:00

RSA Archer


1-1: Session Description and More about xxx

About xxxx

And the winner is introduces x 10:00-10:15

Scholarship winner


Session 1.2: 10:15-11:00 Meet 10:15-11:00


1-2 Session Description:
Session 1:3 11:00-11:50 Meet 11:00-Noon


deep state architecture
1-3 Session Description:


1:4 12:30-1:15 Meet Jun Du Luncheon with Presentation




Session 1:5 1:15-2:15 PM Meet   1:00-2:00 PM


1- 5 
Session 1.6: 2:15-3:00
1-6 Session Description:
  • Architecting solutions, can you cover all your bases?




3:15-3:30 PM Running late? Eat some time.

We Break 4 Cake

Cake Sponsors are so sweet!

  • Attivio Networks
  • ?????

If we are running late, you may be asked to hurry up and eat your cake

Are you sweet? Show us by donating a cake, bagels, pizza, wine, printed materials, pens, space. We always welcome your swag. Put your logo on EVERYTHING. We’ll take it.

Special thanks to Maura Jones and Asha Kumar for coordinating meals.

Session 1-7&8: 3:30-4:25 Meet 

Bill Ochs, Cisco

Session 1-8: 4:30-5:15 Meet

Tanium or Oracle Netsuite (TBD)

Breakfast is Nathan’s Bagels

Lunch is Panera

Thank you for our meals and Venue, courtesy of Oracle

Your generosity allowed us to sponsor 10 attendees

Dinner is

Texas Barb-B-Q from



Platinum Sponsor, live demonstration visualizing the threat, actionable intelligence

Securonix is working to radically transform all areas of data security with actionable security intelligence. Our purpose-built advanced security analytics technology mines, enriches, analyzes, scores and visualizes customer data into actionable intelligence on the highest risk threats from within and outside their environment. Using signature-less anomaly detection techniques that track users, account, and system behavior, Securonix is able to automatically and accurately detect the most advanced cyber threats, insider threats, and fraud attacks. Globally customers are using Securonix to address the most basic and complex needs around insider threat detection and monitoring, high privileged activity monitoring, data exfiltration, enterprise and web fraud detection, application risk monitoring, cloud security monitoring, cyber threat monitoring, and access risk management. Securonix uses a Hadoop platform to provide unlimited scalability and open data model. http://www.securonix.com

Skybox Security

Gold sponsor, live demonstration assigning the policy that proves our governance is in place

The software uses analytics to prioritize an organization’s risk exposures and recommends informed action to best address those exposures. These capabilities extend across highly complex networks, including those in physical, virtual, cloud and
operational technology (OT) environments. By integrating with more than 120 networking and security technologies, the company’s broad platform, the Skybox™ Security Suite, enables organizations to reduce security risks that attackers can find and exploit, such as device misconfigurations and policy violations, as well as exposed and unpatched vulnerabilities.


Platinum Sponsor, live demonstration, mapping the path of business, the evolution of cloud security Netskope is the leader in cloud security. Using patented technology, Netskopeís cloud-scale security platform provides context-aware governance of all cloud usage in the enterprise in real time,

whether accessed from the corporate network, remote, or from a mobile device. This means that security professionals can understand risky activities, protect sensitive data, stop online threats, and respond to incidents in a way that fits how people work today. With granular security policies, the most advanced cloud DLP, and unmatched breadth of workflows, Netskope is trusted by the largest companies in the world. Netskope ó security evolved.netskope


Gold Sponsor, live demonstration enables secure mobile enterprise in real time, architecting the secure enterprise network Zscaler enables the worldís leading organizations to securely transform their networks and applications for a mobile and cloud-first world. Its flagship services, Zscaler Internet Access, and

Zscaler Private Access creates fast, secure connections between users and applications, regardless of device, location, or network. Zscaler services are 100% cloud-delivered and offer the simplicity, enhanced security, and improved user experience that traditional appliances or hybrid solutions are unable to match. Used in more than 185 countries, Zscaler operates the worldís largest cloud security platform, protecting thousands of enterprises and government agencies from cyber attacks and data loss.Zscaler


in addition to making their CEO, Co-Founders and COO available to all of us for the entire day,  contributes the morning breakfast and afternoon cake.  Sweet!

HexaBuild is an IT professional services consultancy comprised of industry-recognized IT subject matter experts

and thought leaders. Our core team has a combined 60+ years of experience, multiple expert-level vendor certifications, and several publications by recognized technology presses. HexaBuild specializes in managing IPv6 adoption initiatives and large-scale cloud deployments for both enterprises and service providers. Services include address planning, hardware and software assessments, network/IT environment audits, on-prem to cloud migration and integration, and personnel training.


Platinum sponsor, CyberArk contributes lab leaders and speakers in addition to actively sponsoring our last summer event.

CyberArk is the only security company laser-focused on striking down targeted cyber threats, those that make their way inside to attack the heart of the enterprise.  Dedicated to stopping attacks before they stop business, CyberArk is trusted by the worldís leading companies ó including more than 45% of the Fortune 100 companies ó to protect their highest value information assets, infrastructure, and applications.

For over a decade CyberArk has led the market in securing enterprises against cyber attacks that take cover behind insider privileges and attack critical enterprise assets. Today, only CyberArk is delivering a new category of targeted security solutions that help leaders stop reacting to cyber threats and get ahead of them, preventing attack escalation before irreparable business harm is done. At a time when auditors and regulators are recognizing that privileged accounts are the fast track for cyber attacks and demanding stronger protection, CyberArkís security solutions master high-stakes compliance and audit requirements while arming businesses to protect what matters most. With offices and authorized partners worldwide, CyberArk is a vital security partner to more than 3,200 global businesses, including more than 45% of the Fortune, 100 more than 25% of the Global 2000, CyberArk has offices in the U.S., Israel, Australia, France, Germany, Italy, Japan, Netherlands, Singapore, Spain, Turkey, and the U.K.

Saba Software

Our Venue Sponsor has contributed their offices and resources to make this day possible. As a result, we will be able to offer a thousand dollars to a local scholarship for students wanting more opportunities in the field of cybersecurity.
Saba makes software that transforms the working lives of millions of people

and increases growth and success for thousands of businesses around the world. We help organizations create the catalyst for exceptional employee engagement, with a powerful cloud platform that delivers a continuous development experience – from personalized training and collaboration to real-time coaching, goal setting, and feedback. Today thousands of customers worldwide, in virtually every industry, count on Saba to engage their people, connect their teams, and get the critical insight they need to prove the impact of talent on business success.

Attivo Networks sponsors and provides lab leaders and speakers.

Attivo Networks® is the leader in deception for cybersecurity defense. Founded in 2011, Attivo Networks provides a comprehensive deception platform that in real-time detects inside-the-network intrusions in networks, public and private data centers, and specialized environments such as Industrial Control System (ICS) SCADA, Internet of Things (IoT), and Point of Sale (POS) environments. Founded on the premise that even the best security systems cannot prevent all attacks, Attivo provides the

required visibility and actionable, substantiated alerts to detect, isolate, and defend against cyber attacks. Unlike prevention systems, Attivo assumes the attacker is inside the network and uses high-interaction decoys and endpoint, server, and application deception lures placed ubiquitously across the network to deceive threat actors into revealing themselves. With no dependencies on signatures or attack pattern matching, the BOTsink deception server is designed to accurately and efficiently detect the reconnaissance and lateral The Attivo Multi-Correlation Detection Engine (MCDE) captures and analyzes attacker IPs, methods, and actions that can then be viewed in the Attivo Threat Intelligence Dashboard, exported for forensic reporting in IOC, PCAP, STIX, CSV formats or can be used to automatically update SIEM and prevention systems for blocking, isolation, and threat hunting. The ThreatOps offering simplifies incident response through information sharing, incident response automation, and the creation of repeatable playbooks.

Unified Compliance Framework sponsors, provide past and future speakers.

We welcome The Unified Compliance Framework® (UCF) as a new Silver Sponsor, a speaker and recent ISC2 partner in providing certifications for controls and compliance mapping.
The Unified Compliance Framework® (UCF) was created by Dorian Cougias and his research partner, Marcelo Halpern of the international law firm Perkins Coie, which oversees all legal aspects of the UCF.

This patented GRC framework is used as a core component of advanced GRC solutions by leading software publishers, certified auditors and consultants worldwide. Unified Compliance’s dynamic SaaS portal, the Common Controls Hub, provides a new interface to the UCF that aids in extracting needed data from the framework easily and helps compliance professionals keep pace with the ever-evolving regulatory demands, confidently manage risk, and ease resource and budget barriers. The Common Controls Hub gives users rapid access to its massive data repository of more than 90,000 individual mandates from 800-plus laws and standards from around the globe. Sorting through the most up-to-date demands, figuring out which controls they need to implement and how they overlap is now a quick process with just a few simple mouse clicks.The Common Controls Hub simplifies the need to locate, research, interpret, and reconcile new and evolving mandates by giving compliance professionals the ability to centrally scope, define and maintain regulatory demands online. Companies can now automatically compile custom, harmonized control lists in minutes by vertical industries, market segments, and geographies.

Allgress wine and location sponsors

Allgress enables enterprise risk, security, and compliance professionals the ability to efficiently manage their risk posture.

By utilizing advanced visualization, automation, streamlined workflows, and the integration of existing data feeds, Allgress reduces the complexity and cost of risk management. Unlike other risk management solutions, Allgress customers derive value in days rather than months. For more information, visit www.allgress.com info@allgress.com or 925.579.0002
How to become a member: Please directly contact our Chapter President Tom Rogers and fill out the membership form https://isc2-eastbay-chapter.org/membership/
EnterpriseGRC Thank you Chevron, for providing us with space and food for the last two years.
Thank you, Blackhawk – Thank You, Oracle
(This 1-day event counts towards 8 hours of Continuing Professional Education CPE)
Your friends and colleagues at (ISC)2 East Bay Chapter chapter can’t wait to see you. We hope you join us in giving special thanks to the conference committee volunteers, without whom, such events would not be possible. Providing weekly meetings, binding flyers, drafting letters, being a liaison to our gracious speakers, updating and proofing our brochures, and assisting in the overall quality management of the Fall Conference, we acknowledge R. Daniell Lee, Atul Kumar, Maura Jones, Jason Hoffman and others as well as all members of the Board of Directors for their added responsibilities in coordinating our conference business, and for all the wisdom provided by the full membership of our board. Your support is greatly appreciated.
Yours Sincerely,

Robin Basham, Conference Director

The (ISC)2 East Bay Chapter Board of Directors

We push you in

(ISC)2 East Bay Chapter