Spark User Summit Cleveland: February 21

February 21, 2019 | Corporate College East, Cleveland, OH


Spark Cleveland featured opportunities to network with fellow Palo Alto Networks users in the Cleveland area and the latest updates and threat research from Palo Alto Networks. 

At Spark Cleveland, there were sessions to enhance your skills, including hands-on workshops and collaborative sessions with actionable solutions and strategies for key security issues. 

Spark User Summit Cleveland

Corporate College East
4400 Richmond Rd 
Warrensville Heights, OH 44128


Schedule at a Glance*

8:45 a.m. - 9:00 a.m.  Welcome and Overview

9:00 a.m. - 9:45 a.m.  Threat Hunting in the Public Cloud with RedLock

Security operations teams today are being inundated by alerts that provide little context on the issue, which makes it hard to triage issues in a timely manner. In addition, cloud based assets and resources are rapidly changing with development cycles expanding the threat landscape and exacerbating the issue. Learn how to hunt these risk across multiple cloud providers, addresses these challenges with a multi-pronged approach, including:

  • Vulnerability management
  • Advanced threat detection
  • Cloud forensics
  • Automated remediation

9:45 a.m. - 9:55 a.m.  Break

9:55 a.m. - 10:40 a.m.  Breakout Sessions

Protect your SD-WAN deployment using GlobalProtect Cloud Service

Optimizing the Firewall Ruleset 

From the low hanging fruit of redundant rules, to in-depth traffic summaries, we will discuss why an optimized ruleset is important and the 5 steps you can take to keep your organization's firewalls running efficiently and securely.

10:40 a.m. - 10:50 a.m.  Break

10:50 a.m. - 11:35 a.m.  Breakout Sessions

Intelligent Automation for Security Operations

Every organizations' network is comprised of a multitude of devices and technologies, all providing a different purpose and fulfilling specific needs. These devices require constant maintenance in order to ensure continuous availability and business continuity. If failures occur, the recovery process needs to be immediate and it's critical that a company has instant access to recovery procedures to minimize disruption in service. When tasked with making broad changes across a large number of devices, or the network needs to be audited to comply with specific standards or policies, it would benefit the company to automate these manual processes and avoid human errors.

In this session, you'll learn the critical considerations for planning and launching your automation strategy, where and what to automate, and how other organizations are using the efficiencies created through automation to improve their overall security posture.

Leveraging Expedition to Achieve Best Practice Deployments

The Palo Alto Next Generation Firewall offers industry-leading capabilities for protecting your organization's assets,  but how well are those capabilities deployed in your environment?  In this 45 minute talk, we will be showing you how to use Expedition to identify how closely your Palo Alto deployment matches best practices identified by Palo Alto’s experts.  Expedition is Palo Alto’s community supported tool that has evolved out of the Migration Tool.  In addition to assisting with Migration, the tool now provides a number of capabilities to assist in identifying gaps in your firewall deployment.  We will be focusing on the Best Practice analysis functions that will assist in identifying potential areas where the platform is not being fully leveraged to protect your organization. 

11:35 a.m. - 11:45 a.m.  Break

11:45 a.m. - 12:15 p.m.  Fast and Furious - An Expert Competition

Get ready for a little friendly competition as we put our experts on the spot! Help us choose the questions you want answered, then hear our panel debate and discuss their best ideas. The most successful solution is the one that gets your vote!

Topics may include:

  • centralized change management
  • safe feature enablement
  • choosing a public cloud

12:15 p.m. - 1:15 p.m.  Lunch with Partners

1:15 p.m. - 2:00 p.m.  Breakout Sessions

Better Living through the Self-Service Best Practice Assessment

In this session, you will learn how to generate free custom reports and dashboards that give you visibility into the exact aspects of your Security Operating Platform deployment which you need to prioritize. You will receive actionable recommendations from our Customer Success specialists and walk away with a roadmap for success. Get ready to start maximizing the capabilities of your next-gen firewalls!

Eliminating Email & Web Malware with Isolation

Today, endpoint devices and crucial, sensitive information can be attacked in any number of ways. Virtually any website, web link, web advertisement, or link to any document can deliver malware, launching an attack on a user’s endpoint device and data that quickly spreads throughout their organization, infecting any device it can. There is a new approach to security based on a proven, established technology: isolation. Instead of constantly distinguishing, assessing and re-assessing the moving target of “good” versus “bad” content, links, and websites, isolation inserts a secure, trusted execution environment—or isolation platform—between the user and potential sources of attack or infection. User sessions are executed away from the user’s endpoint device, and what is delivered is only safe rendering information, protecting the user and their device from malware and malicious activity, eliminating phishing, web-based malware, ransomware, and credential theft.

In this session, you'll learn more about the types of malware that are challenging organizations, some of the creative phishing techniques that are being used, and most importantly, how isolation addresses these threats without interrupting your business.

2:00 p.m. - 2:10 p.m.  Break

2:10 p.m. - 2:55 p.m.  Unit 42 Update: Today's Threat Landscape

Finish your day with a cybersecurity expert! Hear Simon Conant, Unit 42's Senior Threat Intelligence Analyst, discuss the current threat landscape. Simon will highlight several campaigns and review advances in malware, ransomware, and cyber threats, that adversaries are using to breach modern enterprise networks.

2:55 p.m. - 3:00 p.m.  Closing Comments: How to Leverage the Fuel Community to Become an Expert

Spark is only one day, but Fuel User Group is available to you 365 days a year! Learn more about the year-round benefits of membership, how you can access our online activities, and how you can be a part of the local Fuel chapter.

*subject to change.







Arista Logo



Nexum Logo.png