2025-12-13 –, Workshop Room 3
Identity Security Posture Management (ISPM) is a critical component of any organization's security program, particularly in a highly distributed environment. In this hands-on workshop we will show attendees how to onboard Okta logs, writedetections for key events, and test detections using open source adversary emulation tools. The workshop will be run in an individual lab built with a combination of free and open source tools and in the process create a lab for future research. A basic understanding of YAML and writing detections is helpful but not required.
Identity Security Posture Management (ISPM) is a critical component of any organization's security program, particularly in a highly distributed environment. In this hands-on workshop we will show attendees how to onboard Okta logs, writedetections for key events, and test detections using open source adversary emulation tools. The workshop will be run in an individual lab built with a combination of free and open source tools and in the process create a lab for future research. A basic understanding of YAML and writing detections is helpful but not required.
Ken Westin has been in the cybersecurity field for over 15 years working with companies to improve their security posture, through threat hunting, insider threat programs, and vulnerability research. In the past, he has worked closely with law enforcement helping to unveil organized crime groups. His work has been featured in Wired, Forbes, New York Times, Good Morning America, and others, and is regularly reached out to as an expert in cybersecurity, cybercrime, and surveillance.