Your guide to all things cybersecurity at Cisco Live

Each year, thousands of people come to Cisco Live to learn and connect around the latest technologies. From visionary keynotes to cutting-edge technical training sessions, there are nearly endless opportunities. Navigating the conference can be intimidating, which is why we’ve selected some of the top opportunities to learn about the latest in security.

Keynotes & Innovation Talks

Hear from Cisco leadership and luminaries from the worlds of technology, business, and entertainment. Many of these sessions are also available to non-attendees through the Cisco Live broadcast site.

Opening Keynote with Chuck Robbins

Monday, Jun 26, 10:30 a.m. – 11:30 a.m.

Hear from Cisco CEO Chuck Robbins about new innovations in networking, security and business transformation.

Schedule session

Livestream: Broadcast | Calendar reminder

The Security Voyage to 2020

Tuesday, Jun 27, 3:00 p.m. – 3:30 p.m.

Where is Security going? What role does automation play? How does the cloud fit? Come find out what we’re doing to make next generation security a reality and how it will change everything.

Schedule session

Livestream: Broadcast | Calendar reminder

Security Keynote with Cisco’s John Stewart and Theresa Payton, Former White House CIO

Wednesday, Jun 28, 10:30 a.m. – 11:30 a.m.

In the digital era, business thrives on the free and open exchange of information and insight – and ensuring the security of data and communications is now a mission-critical priority that dictates broader strategy and investment decisions. This session will examine the current state of network security and the emerging solutions that will give businesses freedom and flexibility while protecting the integrity of the network and information assets.

Schedule session

Livestream: Broadcast | Calendar reminder

Hidden Figures: Securing What You Cannot See

Wednesday, Jun 28, 4:00 p.m. – 4:30 p.m.

How do you understand network traffic even when it’s encrypted and why would you care? Cisco’s Network as a Sensor (NaaS) solution enables customers to use Cisco Security integrated with network technologies to achieve increased visibility into users, devices and emerging threats.

Schedule session

Livestream: Broadcast | Calendar reminder

Technical and Business Sessions

Have an interest in a specific security topic? We’ve got you covered with well over 100 security-related sessions this year. Here are a few of the highlights:

Considerations for Securing the IoT

Monday, Jun 26, 12:30 p.m. – 1:30 p.m.

Billions of devices are coming online – but they are often not well-protected by today’s security stack. We’ll take a look at how we must call on an architectural approach to gain visibility and control of connected devices for defense capabilities specifically designed mitigate risks from threats directed at IoT.

Schedule session

Talos Insights: The State of Cyber Security

Thursday, Jun 29, 1:00 p.m. – 2:30 p.m.

Cisco’s Talos team specializes in early-warning intelligence and threat analysis necessary for maintaining a secure network. People responsible for defending networks realize that the security threat landscape is constantly in flux as attackers evolve their skills. Talos advances the overall efficacy of all Cisco security platforms by aggregating data, cooperating with teams of security experts, and applying the cutting-edge big data technology to security. In this talk we will perform deep analysis of recent threats and see how Talos leverages large datasets to deliver product improvements and mitigation strategies.

Schedule session

How to secure your digital network with Cisco Enterprise Network Security

Monday, Jun 26, 5:00 p.m. – 6:00 p.m.

Digital transformation is demanding change at an unprecedented pace, putting extraordinary pressure on the network and increasing the need for advanced security. In this session, we will provide an overview of the Cisco Enterprise Network Security portfolio

Schedule session

Deploying AMP for Endpoints to the Enterprise

Sunday, June 25, 8:00 am – 12:00 pm

Session participants will learn about the AMP dashboard and navigation, how to configure outbreak control, endpoint policies, and managing computers and groups for deployment. Finally, the session will demonstrate event monitoring and analysis, device and file trajectory and reporting options.

Schedule session

Incident Response

Monday, Jun 26, 4:15 p.m. – 4:45 p.m.

When an organization is breached, incident response becomes the first action needed to figure out what happened and how the adversary succeeded. In this session, you’ll learn the differences between an incident response retainer service vs emergency incident response engagement, and all the aspects that are part of providing incident response, and what you can expect from a professional services partner.

Schedule session

Next Generation Security Services

Tuesday, Jun 27, 8:00 a.m. – 9:00 a.m.

With the market rapidly evolving toward digitization, Cisco is capturing extraordinary insights into the next generation of security. Even though security is the foundation for innovation and growth in the new digital environment, organizations are struggling to anticipate and respond to new threats due to complex and fragmented networks, and lack the ability to adapt with agility to changing business models. As the #1 cybersecurity company, Cisco Services is a digital partner by your side, and we position you to anticipate change and move forward quickly. In this session, we will cover the trends as seen, end-to-end, by Cisco security experts, examine real examples of the current threat landscape, and the impact to security operations.

Schedule session

Detect threats in encrypted traffic without decryption, using network based security analytics

Tuesday, Jun 27, 8:00 a.m. – 9:30 a.m.

Cisco’s network architecture provides a perfect platform for security focused network telemetry and analytics that can detect an in-progress attack (even when encrypted) and rapidly trigger policy driven remediation to mitigate the attack. This talk will describe network security solutions including innovations at the ASIC level that enable the software and security analytics.

Schedule session

Deciphering Malware’s Use of TLS (without Decryption)

Thursday, Jun 29, 10:30 a.m. – 12:00 p.m.

The use of encryption by malware poses new challenges to network threat detection because traditional pattern-matching techniques can no longer be applied to its messages. We address this problem in two parts and present a set of academic results on tens-of-millions of real-world, TLS encrypted flows demonstrating the efficacy of our approach.

Schedule session

Understanding Encrypted Traffic Using “Joy” for Monitoring and Forensics

Tuesday 6/27 11:00am-11:45am | Wednesday 6/28 12:00PM-12:45PM

The “Joy” open source package can track network flows and report on data features beyond those in Netflow, such as the distribution of bytes, the entropy, and the sequence of packet lengths and arrival times, as well as detailed information from TLS headers. With this data, we can better detect and understand encrypted traffic.

Schedule session

Privacy Scoping workshop

Monday, Jun 26, 2:00 p.m. – 2:45 p.m. | Tuesday, Jun 27, 2:00 p.m. – 2:45 p.m.

With the on-going focus on personal data via compliance, company policy, and end user expectations, this interactive session explores privacy engineering and demonstrate how to scope privacy and data protection requirements for any product, process, application, or system.

Schedule session

Targeted Threat (APT) Defense for Applications Featuring pxGrid

Monday, Jun 26, 1:00 p.m. – 1:45 p.m.

Targeted Attacks, which the media refers to as APTs, are threats that must be addressed by any organization requiring networked computers to do business. In this session we will go over the run book techniques used by these threat actors and then go over concepts and techniques that developers of network applications need to be aware of to mitigate those style of attacks.

Schedule session

Protecting the Device – Cisco Trustworthy Systems & Embedded Security

Monday, Jun 26, 8:00 a.m. – 9:30 a.m. | Thursday, Jun 29, 1:00 p.m. – 2:30 p.m.

With the increase in the sophistication in cyber-attacks, there is a growing threat of malware and tampering with the network infrastructure. Companies are increasingly concerned with the integrity and security of their equipment. This session provides an overview of the defenses that Cisco builds into the IOS operating system and hardware to protect the device. Attendees will learn how Cisco provides anti-counterfeiting measures, and how platform integrity can impact your security architecture.

Schedule session

Security Village in the World of Solutions

Located within the greater Cisco campus, the Security Village (map) will feature a Learning Lab, demo stations, a Customer Connection Program (CCP) presence, and more.

Deep Dive Into Demos

Check out the list below and stop by for a chat with one of our experts.

  • Next-Gen Firewall, IPS, and Management: With the Cisco Firepower®Management Center, you can centrally manage Cisco Firepower NGFW and NGIPS deployments. The Cisco Firepower Device Manager gives you local web-based management for Cisco Firepower NGFW appliances. The Cisco® Defense Orchestrator, a cloud-based policy management product, enforces high-level policy attributes on multiple Cisco security products.
  • Advanced Threat Protection: Cisco AMP for Networks, AMP for Endpoints, and Threat Grid technologies work together to stop advanced malware and ransomware threats.
  • Cloud Security: Cisco Cloud Security solutions include Umbrella, Cloud Web Security, and the recently acquired Cloudlock. All these technologies are cloud-based, easy-to-deploy solutions that protect your web traffic and applications.
  • Stealthwatch: Cisco Stealthwatch goes beyond conventional threat detection. With it you can harness the power of NetFlow for advanced network visibility, analytics, and protection.
  • Talos Threat Intelligence: Talos is Cisco’s industry-leading threat intelligence team. It helps protect people, data, and infrastructures from active adversaries.
  • Email and Web Security: The Cisco Email Security Appliance (ESA) and Web Security Appliance (WSA) are deployed on customer networks. They monitor, inspect, and apply policies to the two most prevalent threat vectors.
  • Secure Access: The Cisco Identity Services Engine (ISE) is the market-leading security policy management platform. With far-reaching, intelligent sensor and profiling capabilities, it delivers superior visibility into who and what are accessing your network. It’s a key component of the Cisco Software-Defined Access architecture for policy enforcement.
  • Network Segmentation: Cisco TrustSec®technology uses software-defined segmentation to simplify the provisioning of network access. With it, you can accelerate security operations and consistently enforce policy anywhere in the network. Learn how to apply group-based policies and share policy groups between the Cisco TrustSec and Cisco Application Centric Infrastructure (ACI) domains.
  • Meraki: Cisco Meraki’s cloud-managed security solutions combine Cisco’s best-in-class security technologies with the simple, intuitive Meraki dashboard. Learn how cloud management can make configuring and maintaining robust security for smaller networks.
  • Security Services: In this demonstration, we’ll show you how you can engage expert investigators along with continuous monitoring, advanced analytics, and leading threat intelligence to rapidly detect advanced threats. We’ll also show you a simulation tool that helps you build the skills of your own security staff to combat modern threats.
  • Data Center and Hybrid Cloud Security: This demonstration showcases Cisco’s advanced security protection for ACI data centers. We combine our virtualized Adaptive Security Appliance (ASA), Cisco Firepower NGIPS, and Next-Generation Firewall with Cisco’s Application Centric Infrastructure (ACI). The result: new levels of agility and protection for next-generation virtualized data centers.
  • Service Provider Security Solutions: This demonstration is all about service providers. Come by to learn how SPs can protect their own infrastructure and offer security services to their customers.
  • Security Integration: Products that work in isolation create complexity and limit their own effectiveness. Cisco products work together seamlessly. They share events, policy, threat, and contextual information, creating a unified security architecture. You gain greater visibility into an entire attack, along with an automated response.

Security Village Sessions

While in the Security Village, check out these quick 15-minute presentations. We’ll be covering 31 different topics, from incident response to access control and more.

Visit the Cisco TacOps “NERV” vehicle and team

See the Cisco TacOps team and their Network Emergency Relief Vehicle in action in the World of Solutions, Booth #829.

Walk-in Self-Paced Labs

Cisco Live’s Walk-in Self-Paced (WISP) Labs give you one-of-a-kind hands-on experience on a variety of products and solutions from Cisco. You’ll have the chance to work through pre-designed scenarios that show you firsthand how these technologies can transform your business. You’ll also have the opportunity to explore full configurations and new features, so you can make informed recommendations on which solutions are right for your workplace. All WISP labs are available on a first come, first served basis. Just stop by the WISP area in the World of Solutions.

Always-On security with Anyconnect, AMP and OpenDNS
Mobile users as they work on-network and off-network, while maintaining enterprise approved security policies on corporate endpoints

Cisco Umbrella(OpenDNS)
This session will deliver to its participants the concept of Cisco Umbrella(Open DNS) which is a cloud-delivered security service for Cisco’s next-generation firewall.

Cisco Security Product Roadmap Sessions with the Customer Connection Program

Want to learn about future innovations in our security portfolio? Join the Cisco Customer Connection (CCP) and attend exclusive roadmap sessions at Cisco Live US. The three roadmap sessions will cover: network security, cloud security and endpoint security. Learn more and register here. Note: These sessions are available exclusively to members of the CCP attending this year’s Cisco Live in Las Vegas.

See you in Las Vegas!

Let us know if you have any questions by leaving a comment below.

For more information about the security track at Cisco Live US 2017, visit our landing page. We’ll see you in Las Vegas!



Brian Remmel

Marketing Manager, Security