Event: Security Field Day 2

Appearance: ExtraHop Networks Presents at Security Field Day 2

Company: ExtraHop Networks

Video Links:

• Vimeo: Chalk Talk: The ExtraHop Architecture
• YouTube: Chalk Talk: The ExtraHop Architecture

Personnel: Jeff Costlow

The ExtraHop platform was built to deliver visibility, detection, and investigation at massive scale. We consume a copy of unstructured network traffic from across your entire environment – from the data center to the cloud to the remote site – using a tap or port mirror. The ExtraHop stream processor performs line-rate decryption, decoding, and full-stream reassembly for every transaction. The end result is structured wire data that can be analyzed, explored, and fully leveraged for investigation and remediation. It’s our wire data that keeps our machine learning focused, precisely, and uniquely reliable.

In this session at Security Field Day 2, Deputy CISO Jeff Costlow explains the architectural foundation of ExtraHop’s network detection and response (NDR) platform, highlighting how it addresses the challenges of increasing network speed, sprawl, and the prevalence of encrypted traffic. ExtraHop’s design hinges on achieving real-time analytics by processing traffic in motion rather than relying on inefficient store-and-process models seen in traditional PCAP tools. By consuming raw packet data via taps or spans and avoiding reliance on NetFlow, the system extracts high-value metadata across over 4,800 metrics and 60+ L7 protocols, including HTTP and various database protocols. This metadata serves as a rich foundation for both security investigations and performance analytics, enabling operators to detect anomalies and rapidly respond across environments—whether on-premises or in cloud deployments.

A key strength of ExtraHop lies in its streamlined, unified workflow for investigation that integrates metrics, records, and packets under a single interface. It utilizes a custom event-based domain-specific language called Triggers for real-time scripting and flexible protocol support, empowering users to extract and act on specific application-level behaviors. ExtraHop can decrypt TLS traffic, including TLS 1.3 with perfect forward secrecy, through a patented method that forwards ephemeral session keys from servers in a secure, privacy-aware manner. The platform ensures customer privacy using deterministic encryption, selectively anonymizing data before it’s sent to the cloud while preserving utility for machine learning. This architecture not only adheres to privacy-by-design principles aligned with GDPR and HIPAA, but also provides effective machine learning outcomes by leveraging its expansive metric catalog in the cloud without compromising sensitive information.

Event: Security Field Day 2

Appearance: ExtraHop Networks Presents at Security Field Day 2

Company: ExtraHop Networks

Video Links:

• Vimeo: ExtraHop Company Introduction and Customer Use Cases
• YouTube: ExtraHop Company Introduction and Customer Use Cases

Personnel: Eric Thomas, Rachel Pepple

This session starts with a brief overview of ExtraHop. Then, they’ll dive into real-world customer deployments, including Lawrence Livermore National Labs, Wood County Hospital, and more. They’ll cover a range of use cases, from pure cybersecurity to remote site visibility.

ExtraHop began as an application and network analytics company focused principally on performance monitoring, but over time, their platform’s value in cybersecurity became evident to users. By 2015, over half their customers were already using ExtraHop in security contexts, prompting a strategic enhancement of their offerings. In 2018, they launched RevealX, a product purpose-built for security users, which led to rapid customer adoption, skyrocketing revenue, and integration into the workflows of Fortune 500 and G2000 organizations. RevealX enabled seamless performance and threat analysis without deploying agents, capitalizing on network-based visibility to uncover security anomalies and support investigations.

Several compelling customer stories illustrated how ExtraHop is deployed in diverse environments. At Lawrence Livermore National Laboratory, ExtraHop supports both uptime reliability for demanding scientific research systems and the detection of security threats in a highly sensitive environment. Wood County Hospital used ExtraHop’s ransomware detection bundle during a product evaluation and, within a day, identified and mitigated a ransomware incident, even recovering encrypted files through ExtraHop-captured packet data. The Home Depot deployed ExtraHop across 2,200 branch locations to eliminate blind spots in localized application performance and remote transaction troubleshooting. By integrating RevealX with development pipelines and store-level applications, they achieved real-time detection and proactive adjustment of application availability, ensuring a smoother customer experience even at the point of sale.

Another useful deployment scenario involved transparency of outbound network traffic in a major financial services firm. ExtraHop revealed surprising data exfiltration patterns, such as a terabyte of information transferred by a vendor to the U.K. over a weekend, defying the customer’s belief that such transfers did not occur. This example highlighted the lack of egress visibility in many organizations and demonstrated how ExtraHop surfaces traffic patterns previously invisible to security operators. From enhancing performance uptime to providing actionable threat visibility and incident response capabilities, the presentation emphasized ExtraHop’s evolution into a full-spectrum security and analytics platform capable of aligning IT and security functions around shared data and insights.

Event: Security Field Day 2

Appearance: VMware Presents at Security Field Day 2

Company: VMware by Broadcom

Video Links:

• Vimeo: VMware Workspace ONE Intelligence: Insights and Automation for the Modern Digital Workspace
• YouTube: VMware Workspace ONE Intelligence: Insights and Automation for the Modern Digital Workspace

Personnel: Andrew Levy

Overview of Workspace ONE Intelligence, an add-on Workspace ONE service that provides insights into app deployments, app engagement and user experience to help IT admins quickly resolve issues, reduce escalations and increase employee productivity.

Event: Security Field Day 2

Appearance: VMware Presents at Security Field Day 2

Company: VMware by Broadcom

Video Links:

• Vimeo: VMware Workspace ONE: Intelligently Secure the Digital Workspace
• YouTube: VMware Workspace ONE: Intelligently Secure the Digital Workspace

Personnel: Andrew Levy

Overview of VMware Workspace ONE, a digital workspace platform that combines intrinsic, zero trust security with industry-leading modern management to help IT proactively secure apps and endpoints.

Event: Security Field Day 2

Appearance: VMware Presents at Security Field Day 2

Company: VMware by Broadcom

Video Links:

• Vimeo: VMware AppDefense Demonstration
• YouTube: VMware AppDefense Demonstration

Personnel: Arjun Narang

Walkthrough of integration and features discussed during presentation of vSphere Platinum with Integrated AppDefense (Overview of how AppDefense brings application visibility and intrinsic security to vSphere. Focus on integration into vSphere Platinum and technical discussion of features within Application Verification Cloud.)

Event: Security Field Day 2

Appearance: VMware Presents at Security Field Day 2

Company: VMware by Broadcom

Video Links:

• Vimeo: VMware vSphere Platinum with Integrated AppDefense
• YouTube: VMware vSphere Platinum with Integrated AppDefense

Personnel: Arjun Narang

Overview of how AppDefense brings application visibility and intrinsic security to vSphere. Focus on integration into vSphere Platinum and technical discussion of features within Application Verification Cloud.

Event: Security Field Day 2

Appearance: VMware Presents at Security Field Day 2

Company: VMware by Broadcom

Video Links:

• Vimeo: VMware vSphere Platinum: Operational Considerations for Security
• YouTube: VMware vSphere Platinum: Operational Considerations for Security

Personnel: Bob Plankers

What operational tips & tricks are there for using vSphere Platinum’s security features most effectively? We’ll talk about some of the biggest Day 0, Day 1, and Day 2 topics so we can set ourselves up for success.

Event: Security Field Day 2

Appearance: Banyan Presents at Security Field Day 2

Company: Banyan

Video Links:

• Vimeo: Banyan Customer Journey
• YouTube: Banyan Customer Journey

Personnel: Jacob Lee

Two customer examples showcasing the impact of the Banyan solution. Jacob will walk through two innovative companies that are leveraging the Banyan platform to solve their secure access needs to replace legacy VPN-based solutions. The key benefits achieved with the Banyan platform will be discussed. Finally we will present a summary of the value that Banyan brings to the secure access shift that is happening due to the move to the public cloud.

Event: Security Field Day 2

Appearance: Banyan Presents at Security Field Day 2

Company: Banyan

Video Links:

• Vimeo: Banyan Product Details and Demo
• YouTube: Banyan Product Details and Demo

Personnel: Tarun Desikan

Product Features & Functionality, Use Cases and Demo. Tarun will do a deep dive into the the three layers of the Banyan platform. The intelligent Access Mesh, the Trust Scoring engine and the centralized Command Center which offers the centralized policy engine, the token/certificate generation and API integration with 3rd party tools. He will incorporate the demo throughout the 3 segments and then showcase 2 use cases; Web Application Access and SSH Access utilizing an AWS instance of the Banyan platform.

Event: Security Field Day 2

Appearance: Banyan Presents at Security Field Day 2

Company: Banyan

Video Links:

• Vimeo: Banyan Market Overview
• YouTube: Banyan Market Overview

Personnel: Ashish Gupta

Problem Summary and Solution Introduction. Once the concept and motivation behind Banyan is understood, Ashish will walk through the problems that exist with network based secure access methods and how they are not suited for Cloud-first model most enterprises are adopting. He will introduce the basic elements of the Banyan Continuous Zero Trust Platform and the value it delivers to the hybrid or multi-cloud enterprise application ecosystem

Event: Security Field Day 2

Appearance: Banyan Presents at Security Field Day 2

Company: Banyan

Video Links:

• Vimeo: Banyan Company Introduction
• YouTube: Banyan Company Introduction

Personnel: Jayanth Gummaraju

The philosophy behind the company and technology. Banyan has been working developing its technology over the last few years and in this section Jayanth will review the motivation behind forming the company and the influences from industry luminary like Mendel Rosenblum (Founder of VMware, Stanford Professor and Jayanth’s Phd Advisor). While Banyan has reimagined secure access in today’s dynamic world, the core founding principles define the journey the company plans on taking.

Event: Security Field Day 2

Appearance: VMware Presents at Security Field Day 2

Company: VMware by Broadcom

Video Links:

• Vimeo: VMware CPU Vulnerabilities and Implications for VMware vSphere
• YouTube: VMware CPU Vulnerabilities and Implications for VMware vSphere

Personnel: Bob Plankers

CPU security vulnerabilities like Spectre, Meltdown, L1TF, and MDS have drastically changed the landscape for virtualization and data center security. This will be a deep dive into how CPUs operate, how these vulnerabilities affect our systems, and what VMware vSphere Platinum does about them.

Event: Security Field Day 2

Appearance: VMware Presents at Security Field Day 2

Company: VMware by Broadcom

Video Links:

• Vimeo: VMware vSphere Platinum: A Platform for Security and Compliance
• YouTube: VMware vSphere Platinum: A Platform for Security and Compliance

Personnel: Bob Plankers

vSphere Platinum technical features speak directly to the problems of compliance & security in IT. This will be an introduction and overview of features like virtualization-based security, TPM & attestation, EVC, and more.

Event: Security Field Day 2

Appearance: VMware Presents at Security Field Day 2

Company: VMware by Broadcom

Video Links:

• Vimeo: VMware Security Strategy Overview
• YouTube: VMware Security Strategy Overview

Personnel: Muneyb Minhazuddin

VMware outlines its strategy to make security Intrinsic to the infrastructure to help organizations turn the advantage from attackers to defenders. This new security approach focuses on applications more than infrastructure and shrinking the attack surface rather than chasing threats. VMware details a broadening portfolio of software-based solutions spanning data centers, clouds and end users, and will empower the security industry to move beyond incremental gains and drive major, substantial steps forward.

Event: Security Field Day 2

Appearance: Palo Alto Networks Presents at Security Field Day 2

Company: Palo Alto Networks

Video Links:

• Vimeo: Palo Alto Networks Demisto Demonstration
• YouTube: Palo Alto Networks Demisto Demonstration

Personnel: Rishi Bhargava

Demisto is the tool that allows SecOps teams to orchestrate, automate, and respond to security threats quickly and easily with workflows designed to augment skills and enhance security posture.

Event: Security Field Day 2

Appearance: Palo Alto Networks Presents at Security Field Day 2

Company: Palo Alto Networks

Video Links:

• Vimeo: Palo Alto Networks Cortex Overview
• YouTube: Palo Alto Networks Cortex Overview

Personnel: Giora Engel, Shailesh Rao

Palo Alto Networks is harnessing the power of AI and Machine Learning to help reduce the response time and identify threats before they can cause problems in your organization. See how Cortex represents the future of security.

Event: Security Field Day 2

Appearance: Palo Alto Networks Presents at Security Field Day 2

Company: Palo Alto Networks

Video Links:

• Vimeo: Palo Alto Networks Panorama Demo
• YouTube: Palo Alto Networks Panorama Demo

Personnel: Jamie Fitz-Gerald

Building policy for security appliances should be easy. And with Palo Alto Networks Panorama it is. See how this solution gives security admins the ease-of-use needed to keep policies consistent across the organization.

Event: Security Field Day 2

Appearance: Palo Alto Networks Presents at Security Field Day 2

Company: Palo Alto Networks

Video Links:

• Vimeo: Palo Alto Networks Prisma Public Cloud Overview
• YouTube: Palo Alto Networks Prisma Public Cloud Overview

Personnel: Varun Badhwar

Securing data in the public cloud shouldn’t be hard. Prisma is the Palo Alto Networks offering that helps cloud administrators and architects ensure their data and systems are secure in the cloud.

Event: Security Field Day 2

Appearance: Palo Alto Networks Presents at Security Field Day 2

Company: Palo Alto Networks

Video Links:

• Vimeo: Palo Alto Networks Vision and Strategic Direction
• YouTube: Palo Alto Networks Vision and Strategic Direction

Personnel: Nir Zuk

Security is a constantly changing field. Companies that don’t transform themselves get left behind. Nir Zuk, founder of Palo Alto Networks, discusses why he founded the company and how it has transformed to be responsive to today’s security needs.

Event: Security Field Day 2

Appearance: Ignite Security Field Day 2

Company: Ignite, Palo Alto Networks

Video Links:

• Vimeo: Ignite Gestalt IT – Your Personal Brand by Janice Le
• YouTube: Ignite Gestalt IT – Your Personal Brand by Janice Le

Personnel: Janice Le

“What is your personal brand? Have you thought about who you are? Or what you stand for? What is your personal story? Join Janice Le as she talks about her own journey and life defining moments and how it has helped her build her own personal brand.”