Oct 31, 2016
CONVERGE 2016: Highlights From Our Inaugural ConferenceBy Scott Rubin
Don’t miss out. Join us for CONVERGE17, October 16-19, 2017, in San Francisco.
And that’s a wrap on Tanium CONVERGE16, our inaugural–and sold out!–user conference. We couldn’t be more more grateful to the 450+ customers, partners, and experts from over 170 businesses and government agencies who spent their week in San Francisco with us. As our CEO, Orion Hindawi, wrote when we kicked off the conference, we created CONVERGE to hold an honest dialogue about the realities of the cybersecurity and IT operations business. Judging from the endlessly passionate conversations in the halls and the deep engagement in the programmed sessions, we seem to have hit our mark.
CONVERGE marked a monumental moment for us, as Forbes put it, transitioning from a cybersecurity company to the next big enterprise platform. While we’re already hard at work planning Tanium CONVERGE17, take a look at how this year’s conference unfolded and stay tuned for more details on next year’s event.
Day One Highlights
From the Mainstage
I had the honor of kicking off the program on Tuesday morning, encouraging attendees to join the conversation we were embarking on.
The stakes are high: not a day goes by when there’s not another massive data breach, a ransomware attack, or a cyberattack by a criminal element or nation-state. BE READY, the theme of the conference, is an exhortation to practitioners, the C-suite, and corporate boards:
Be ready for growth.
Be ready for trouble.
Be ready for the future
Forbes San Francisco Bureau Chief Miguel Helft joined Andreessen Horowitz co-founder and general partner Ben Horowitz on stage for a conversation about how “software is programming the world.”
“Humans are generally poor decision makers,” said Ben. “Architecturally, decisions need to be made in real time at the edge, where highly intelligent systems and software are emerging.” Miguel raised the question: “Do they need me anymore?” to which Ben answered that we need to use collective knowledge and human relationships and apply technology to it, allowing machines to do a better job over time.
If we are living in a software-dominated world, Miguel asked, then is all security cybersecurity? “Nothing matters unless you have security,” he said. “There are things you know you need to do, and there are things that absolutely leave your company vulnerable – that’s the ethical issue.”
Many of our customers graced the CONVERGE stage for Breakout Sessions, Studio Talks, and Customer Spotlights. On Tuesday, Eoghan McCarthy of Zurich Insurance shared his experience deploying Tanium: “Everyone’s first question: ‘Can we do that with Tanium?’ And I usually say yes.” In fact, one of our favorite quotes from the entire conference came from Eoghan: “Tanium is limited only by your imagination.” Ryan Brumback of GE Digital also shared his experiences, asserting that “common frameworks from Tanium help enable how we work every single day.”
Famed technology journalist Joseph Menn of Reuters sat with Orion for a powerful conversation surrounding the general threat landscape and how we need to “be ready” for the future.
Joe started the talk looking for confirmation from Orion that the Chinese were to blame for the recent Dyn DDoS attack. While Orion demurred, he did share that he felt a sense of responsibility to give our industry the tools we need to prevent these types of attacks from occurring in the future. “We’re chasing a market from 10 years ago; chasing enterprise and not IoT. Tanium is trying to bridge that gap.” At the very core, he added, it all comes down to good cyber hygiene.
With this latest waves of attack, awareness is up, but Orion’s call to action is to stop bucketing into two categories: “super old things that don’t work” and “super new things” that companies don’t know how operate at scale. “Tanium works well because we started from scratch with the future in mind,” he said. David and Orion’s team knew BigFix was not going to adapt to the new world, so they “threw away the cruff and started over.”
Though type of attacks have changed over time, the core causes have not. “I’ve been doing this for 18 years and we’ve been talking about the same thing the whole time. Patch management solves 99% of problems. It’s time to stop worrying about which building in Shanghai your attacker is working from.”
San Francisco Business Times caught up with Orion for a Q&A afterwards. “Our central postulate is we want to help with cyber, and we also want to help with operations. We don’t see much of a distinction between the two,” Orion said.
Our very own Mr. Robot technical consultants, Tanium Director of Security Andre McGregor and Chief Security Architect Ryan Kazanciyan, interviewed the show’s creator Sam Esmail, technology writer and producer, Kor Adana, and co-executive producer and writer, Kyle Bradstreet, live from Los Angeles for a joint, behind-the-scenes look at the award-winning TV series.
The five talked about what the creative process is like, how they come up with new ideas, and when they tap Andre and Ryan for their vast cyber knowledge to inform the best decisions for storylines and logistics for hacks.
Sam revealed that technical accuracy is essential to him: “I never understood why filmmakers felt the need to resort to ridiculous, cheesy hacking scenes.”
Fun fact: President Obama, Robert Downey Jr., and J.J. Abrams are all super fans of the show. The president even requested the season early, and Sam, notoriously protective of the show, immediately said yes. When the White House calls…
In the Breakout Sessions
After Tuesday’s mainstage talks, attendees chose from 20 different breakout sessions. Sometimes it was hard to decide where to go, with customers like GoDaddy and PwC speaking, or our Technical Account Managers (TAMs) giving fascinating talks on best practices for IOCs or learning how to tame the wilderness that is the Windows registry.
A few more examples: Andre McGregor and Director of Endpoint Detection and Response Jason Truppi presented, “From Hacktivists to Nation-States to ISIS,” in which the former FBI agents-turned-cyberhunters explored how the threat ranking from 2010 completely realigned itself by 2016, from Nigerian email scams to the weaponization of malware. Ryan Kazanciyan talked about “Hunting in the Dark,” with real-world examples of anomaly analysis and tips on how to effectively collect data and reduce noise. We wrapped up the day with a trifecta of partners from Palo Alto Networks, VMware, and Tanium speaking about how the three companies work “Better Together for Detection and Response.”
Talk about a guy who’s seen it all: Aon CSO Anthony Belfiore has deployed Tanium at three companies.
During his Customer Spotlight, Anthony shared that the first time he talked to Orion he wasn’t sure he bought into Tanium. It was as soon as Orion showed him the visibility he could have on his network that he had a wake-up call.
“Wow, so much I didn’t know about my environment. God forbid we have a breach, we’d have no idea how to respond in a timely manner.”
Members of Tanium’s product, design, and security teams–Joe Lea, Ryan Kazanciyan, Doug Van Der Molen, and Dave Damato–took the crowd through Tanium’s journey forward, introducing new features, updates, and a new module: Tanium Trends. Trends was just one of many updates and rollouts introduced on stage — you can read more about CONVERGE product announcements from Orion’s post.
Orion invited Wall Street Journal cybersecurity reporter Bob McMillan, VMware’s newly appointed COO Sanjay Poonen, and Palo Alto Networks’ President & CEO Mark McLaughlin to join him for a panel on securing yesterday and the problems of tomorrow.
These guys addressed the not-so-subtle elephant in the room, the previous Friday’s DDoS attack on Dyn, and set the tone that this is the ugly side of IoT – and we’ll likely see it again. “When you create layers of abstraction, you learn from some of the things the bad guys are doing, and you’re faster to respond,” said Sanjay. Mark equated the economics of cyber business to an “automation knife fight.” Orion’s bottom line: “Know where your data is. Know where your assets are. Make sure you’re spending security money on protecting assets you want to protect.”
In the Breakout Sessions
A couple customer favorites from Day 2 sessions included learning about why every company should be Red Teaming with Tanium’s Dave Hull and then hearing from an Incident Response Engineer at a government agency on how he used Tanium in an exercise to beat the Red Team so quickly that his boss actually yelled at him to “let them have another go!” We also heard from the Senior Director of Cybersecurity at a major retailer on how his team has moved from focusing on prevention to detection of breaches from “scum bags.”
Thirty-three Tanium Labs sessions — like “Tracking Lateral Movement,” “Continuous Patch Management,” and “Hunting for Persistence Mechanism” — were oversold and very well-attended. The request from our delegates: more Labs! Go even deeper for the power users next year. And we say: you got it.
Jack Madden of TechTarget’s BrianMadden.com wrote an introductory look at Tanium that echoed his own experience coming out of CONVERGE, calling our perspective “refreshing” and the “opposite of typical security vendor marketing bullshit.”
We’ll take it. And build on it throughout the coming year.
Watch more from Tanium CONVERGE here.
About the Author: Scott Rubin is Chief Marketing Officer at Tanium, where he is responsible for marketing, communications, public affairs, and public policy. Prior to Tanium, Scott was a partner at the venture capital firm, Andreessen Horowitz, where he advised portfolio companies on their communications and brand strategies. Before joining Andreessen Horowitz, Scott was a director at Google, where he served on both the public policy and communications teams, most recently managing global corporate communications.