Hi [[ session.user.profile.firstName ]]

Threat Hunters

  • Date
  • Rating
  • Views
  • What Is the Value of Your Security Program?
    What Is the Value of Your Security Program? Joe Moles, Director of Detection Operations Recorded: Jun 20 2017 50 mins
    Many security teams find it challenging to prove their value and effectiveness, especially in the absence of compromise or breach activity. Learn how top-performing security teams take advantage of their visibility across the environment to provide ongoing, deeply insightful measurements and reporting that support broader business decisions. Applying these techniques can exponentially increase the overall value of your security team to the entire organization.

    In this webinar, you will learn:
    - A framework with actionable ways to report the effectiveness of your security program and tools
    - How to translate technical data into business objectives
    - Methods for identifying performance issues and opportunities across your team, processes, and tools
    - A simple calculation to systematically prioritize your alerts
    - Guidelines for driving strategic decisions based on the measurement of security tools

    About the Presenter: Joe Moles, Director of Detection Operations

    An IR and digital forensics specialist, Joe Moles has more than a decade of experience running security operations and e-discovery. As Director of Detection Operations at Red Canary, he leads a team of security analysts to help organizations defend their endpoints against threats. Prior to joining Red Canary, Joe built and led security operations, incident response, and e-discovery programs for Fortune 500 companies like OfficeMax and Motorola. He is regarded as an industry thought leader and regularly contributes to the Red Canary blog.
  • Real-time Threat Hunting - 451 Research Trends & Security Analytics
    Real-time Threat Hunting - 451 Research Trends & Security Analytics Jason Stamper, Analyst, 451 Research and Eric Tran-le, CMO, Logtrust Recorded: May 18 2017 58 mins
    Every day, organizations are impacted by cyber-attacks. Misleading indicators, complex security incidents, and evolving intruder patterns require new threat intelligence and analytics. With millions of data to analyze, every second counts - augment your security tools with real-time threat hunting capabilities and new research insights.

    Join experts Jason Stamper, Analyst for 451 Research, and Eric Tran-le, CMO for Logtrust, as they affirm how essential real-time threat hunting is for cybersecurity teams, and share new insights and tools for combatting attacks.

    • Learn new trends in machine data analytics from 451 Research
    • Pinpoint cybersecurity attacks and unusual behavior
    • Visualize an attack graph
    • Detect intruder paths and potential vulnerabilities
    • Leverage a single source of truth
  • How to Recover from the WanaCrypt Ransomware Attack
    How to Recover from the WanaCrypt Ransomware Attack Phil Richards (CISO), Chris Goettl, and Amber Boehm of Ivanti Software Recorded: May 18 2017 60 mins
    On Friday the news broke: a massive ransomware attack which started in the UK NHS immediately spread to global proportions. By Sunday, the attack had impacted over 200,000 organizations in 150 countries. Listen to Phil Richards, CSO of Ivanti and a panel of security experts discuss how to recover from the WanaCrypt Ransomware attack and safeguard your environment against the evolving threats that are likely to come.

    Presenters:
    • Phil Richards, CISO
    • Chris Goettl, Manager of Product Management, Security

    About Phil Richards:
    Phil Richards is the Chief Information Security Officer (CISO) for Ivanti. He has held other senior security positions including the head of operational security for Varian Medical Systems, Chief Security Officer for Fundtech Corporation and Business Security Director for Fidelity Investments.
  • Proactive Security: Building A Successful Threat Hunting Program
    Proactive Security: Building A Successful Threat Hunting Program Carl Manion, Managing Principal @ Raytheon Foreground Security Recorded: Nov 10 2016 43 mins
    Understanding the key components necessary to build a successful threat hunting program starts with visibility, the appropriate tools and automation. Skilled, experienced analysts, engineers and incident responders with analytical minds who can apply concepts and approaches to a variety of different toolsets are also instrumental to the process. Join Raytheon Foreground Security as we describe and discuss some of the most common challenges, recommended best practices, and focus areas for achieving an effective threat hunting capability based on lessons learned over the past 15 years.
  • Your Life Is The Attack Surface: The Risks of IoT in 2016
    Your Life Is The Attack Surface: The Risks of IoT in 2016 Jason Haddix, Head of Trust and Security at Bugcrowd Recorded: Oct 12 2016 35 mins
    The unprecedented growth and adoption of connected devices has created innumerable new threats for organizations, manufacturers and consumers, while at the same time creating unprecedented opportunities for hackers.

    In this webcast, join well known hacker and bug hunting advocate Jason Haddix, as he analyzes the evolution of IoT security and the mistakes and developments that have led us to where we are today. With experience working to attack and defend IoT applications, Haddix will explore what it takes to effectively hack connected devices, and how the role of defenders has evolved in this space.
  • Smartphone Encryption Is Getting Stronger. Is It Enough To Keep You Safe?
    Smartphone Encryption Is Getting Stronger. Is It Enough To Keep You Safe? Heather Mahalik, Principal Forensic Scientist at ManTech CARD Recorded: Oct 6 2016 43 mins
    As smartphones become more secure, what has changed for us forensically? What are the different types of security measures being deployed and how do these affect our processes? Which acquisition methods are best for secured devices? If you get an image of the device, can your current forensic methods provide you access for analysis? And most of all, will these security mechanisms keep your private data safe?

    This presentation will go into detail on each of these topics and dive into ways around some of these security features on smartphones. White papers, tools (including open source) and methods written and developed by those in our community will be discussed. Don't let a smartphone "out smart" you - take the reigns of your investigation.
  • Data Theft in the 21st Century: Detect and Block PII & PEI Theft
    Data Theft in the 21st Century: Detect and Block PII & PEI Theft Jay Beale, COO at InGuardians Recorded: Sep 8 2016 49 mins
    Cybersecurity expert Jay Beale will provide a State of the Industry look into theft and exposure of huge data sets of PII (personally identifiable information) and PEI (personally embarrassing and exposing information).

    Join this presentation and learn about the recent thefts and the methods of detecting and blocking them.
  • Shut the Traps: Take the Win out of Recon for an Attacker
    Shut the Traps: Take the Win out of Recon for an Attacker Alissa Torres, Senior Security Consultant at Sibertor Forensics Recorded: Sep 7 2016 44 mins
    By the time sophisticated cyber criminals gain access to your network, they may already possess incredible insight into the culture, infrastructure, security and day-to-day operations of your company. How are they able to obtain such information? Reconnaissance is the FIRST stage in remote exploitation performed in a targeted attack and can take place over a period of days, weeks or even years prior to the attacker ever delivering his first phishing email. Just what sensitive information has your company, your employees, your vendors or your customers made publicly available, either knowingly or inadvertently? Though a tweet or social media post may be harmless on its own, in aggregate, a company may suffer a weakened security posture if details such as key individuals, sensitive projects, financial projections and internal politics are disclosed in a public forum.This talk will focus on ways you can access and reduce your online disclosures. Take the "win" out of reconnaissance for the attacker by cutting off his pre-attack intelligence sources.
  • DevOps, Security and PCI - Implementing SCM To Meet PCI Standards
    DevOps, Security and PCI - Implementing SCM To Meet PCI Standards Kevin Eberman, Director of Operations at MineralTree Recorded: Sep 7 2016 49 mins
    Security failures with millions of stolen credit cards have become an all too normal part of the news. The Payment Card Industry (PCI) has issued a standard for companies and service providers for handling credit cards to mitigate the risk of these breaches. Implementing a PCI certified environment requires a coordinated and sustained commitment to security by adopting policies, writing procedures, and an ability to successfully demonstrate compliance during audits.

    A number of PCI standards require the implementation of Server Configuration Management (SCM). SCM is an integral tool of DevOps. It is invaluable for meeting PCI requirements that are technical and need documentation. This discussion will review security challenges, which PCI requirements can be met with SCM and how to successfully implement SCM to meet PCI standards.
  • “If I Wake Evil” - How I Would Attack You If I Turned into a Criminal Mastermind
    “If I Wake Evil” - How I Would Attack You If I Turned into a Criminal Mastermind John Strand, Owner of Black Hills Information Security Recorded: Sep 7 2016 47 mins
    What if I no longer was a white hat? What if I started to hack for fun and profit at other expense?
    How would I do it? Could you catch me? How can you stop me?

    Join this presentation and get a unique insight into the mind of the hackers trying to get into your systems and steal your information. Learn how it can be done, and what are the precautions and preventive measures you can take now to make sure your company is prepared for attack.

Embed in website or blog