Hi [[ session.user.profile.firstName ]]

Security Innovation

  • Date
  • Rating
  • Views
  • Take the Industry’s Most Authentic Cyber Range for a Security Test Drive
    Take the Industry’s Most Authentic Cyber Range for a Security Test Drive
    Brandon Cooper, Sales Support Engineer Recorded: Apr 24 2019 25 mins
    Unique to the industry, CMD+CTRL are interactive cyber ranges where staff compete to find vulnerabilities in business applications in real-time – learning quickly, that attack and defense are about thinking on your feet, creativity and adaptability.

Every two weeks, we will offer the opportunity to test drive CMD+CTRL for 24 hours. We'll open up our CMD+CTRL to anyone to participate, score points, and see how they do.

We will start with a 30 minute live demo to go over the features and functionality of CMD+CTRL, Q&A, and provide the login URL and credentials for your free 24 hour access and you can begin testing your skills immediately.

Sign up to test drive CMD+CTRL!
  • Connected Cars: What Could Possibly Go Wrong?
    Connected Cars: What Could Possibly Go Wrong?
    Dr. Larry Ponemon of the Ponemon Institute and Ed Adams of Security Innovation Recorded: Apr 3 2019 55 mins
    Millions of cars with tens of millions of lines of code are already talking to servers and each other. According to the Ponemon Research Institute, 63% of manufacturers test less than half of the technologies in your car for vulnerabilities and only 33% train developers on secure coding methods.

    However, there is a new IT system going into cars that was built with security and privacy by design. This “Talking Cars” safety of life program, which is estimated to save 10,000 lives per year, is one of the few automotive technologies that is secure and private for drivers.

    This webinar discusses the trade-off between safety, privacy, and convenience. It will also examine the 10-year Privacy by Design system used in “Talking Cars” and how other technology projects can benefit from similar due diligence.

    Topics:
    • Connected cars – threats and attack surface
    • Review of the most current research on automotive IT security and privacy
    • Blueprint for excellence: Security & Privacy in the “Talking Cars” program

    Though basic knowledge of cybersecurity and privacy is helpful, this webinar is for anyone who wants to better understand connected car technology and how to design resilient IT systems. The speakers, Dr. Larry Ponemon and Ed Adams, are experts in their field and deliver this information-rich webinar.
  • Is Blockchain Right for You? The Million Dollar Question.
    Is Blockchain Right for You? The Million Dollar Question.
    Mick Ayzenberg, Sr. Security Engineer and Blockchain Center of Excellence Lead Recorded: Mar 13 2019 34 mins
    Blockchain is a promising technology getting a lot of attention these days; however, organizations aren’t entirely sure how it might improve business operations, what the risk implications are, and the security savviness needed to implement securely.

    This webcast will address the most pressing issues and misconceptions surrounding Blockchain today, including:

    • What is Blockchain?
    • What are the new technologies I need to understand?
    • Use Cases: where is Blockchain most advantageous?
    • Snooze Cases: where/when is Blockchain a bad idea?
    • What are the most common pitfalls with Blockchain?
  • Privacy: The New Software Development Dilemma
    Privacy: The New Software Development Dilemma
    Kevin Poniatowski, Principal Security Engineer and Trainer Recorded: Feb 28 2019 62 mins
    Software runs our world — the cars we drive, the phones we use, the websites we browse, the entertainment we consume. In every instance privacy risks abound. How do software development teams design and build software to ensure privacy data is protected?

    Attend this webcast to learn practical tips to build software applications that protect privacy data. Understand the requirements of new laws such as GDPR and the impact they have on software development.

    Topics covered:
    • Designing for Privacy: least privilege and compartmentalization
    • Creating privacy impact rating
    • Implementing application privacy controls
    • Techniques for effective privacy testing
  • Creating an Effective Application Privacy Policy
    Creating an Effective Application Privacy Policy
    Kevin Poniatowski, Sr. Security Engineer and Trainer Recorded: Feb 12 2019 61 mins
    From executives to software developers and database administrators, each role plays an important part in protecting privacy data. But what does an effective privacy program look like for the teams that build and operate the software applications that powers your enterprise?

    This webcast will describe how to build powerful policies that can be easily understood and implemented in today’s continuous delivery and DevOps approaches.

    Topics include:

    Privacy Concerns for Software Applications
    Threats, Regulations, and Laws
    Guidelines for Building Privacy Policy
    Privacy Engineering Principles
    Data Collection, Retention, and Consent

    This Webcast is ideal for policy makers, program leads, compliance managers, and privacy officers. Development and IT Operations teams will also gain valuable insight into how to protect data throughout the entire application lifecycle.
  • Privacy Secrets Your Systems May Be Telling
    Privacy Secrets Your Systems May Be Telling
    Kevin Poniatowski, Principal Security Instructor, Security Innovation Recorded: Jan 29 2019 60 mins
    Privacy has overtaken security as a top concern for many organizations. New laws such as GDPR come with steep fines and stringent rules, and more are certainly to come. Attend this webcast to learn how everyday business operations put customer privacy data at risk. More importantly understand best practices on protecting this data and dealing with disclosure requirements. 

Topics include:
    * Types of privacy and threats to them
    * How is privacy different than security?
    * Business systems putting you most at risk
  • The Great DevOps Debate: Evolution or Revolution?
    The Great DevOps Debate: Evolution or Revolution?
    Ed Adams, CEO and Roman Garber, Development & Security Manager Recorded: Dec 13 2018 63 mins
    DevOps continues to be a buzzword in the software development and operations world, but is it really a paradigm shift? It depends on what lens you view it through.

    Roman Garber, an active software security engineering and software team lead thinks so. Ed Adams, Security Innovation CEO, a 20-year software quality veteran and former mechanical engineer, curmudgeonly disagrees.

    Watch our on-demand session to decide which side of the fence you're on.
  • Take the Industry’s Most Authentic Cyber Range for a Security Test Drive
    Take the Industry’s Most Authentic Cyber Range for a Security Test Drive
    Mike Cooper, Sr. Security Engineer Recorded: Nov 28 2018 24 mins
    Unique to the industry, CMD+CTRL are interactive cyber ranges where staff compete to find vulnerabilities in business applications in real-time – learning quickly, that attack and defense are about thinking on your feet, creativity and adaptability.

Every two weeks, we will offer the opportunity to test drive CMD+CTRL for 24 hours. We'll open up our CMD+CTRL to anyone to participate, score points, and see how they do.

We will start with a 30 minute live demo to go over the features and functionality of CMD+CTRL, Q&A, and provide the login URL and credentials for your free 24 hour access and you can begin testing your skills immediately.

Sign up to test drive CMD+CTRL!
  • Your Bank’s Digital Side Door
    Your Bank’s Digital Side Door
    Ed Adams, CEO of Security Innovation Recorded: Nov 27 2018 55 mins
    A widely-used but little known technology has created a vulnerable “Side Door” to thousands of financial institutions in North America. This discovery started with a simple question: why does my bank require multi-factor authentication (MFA), but Quicken does not? This led to an exploration of the 20-year old Open Financial Exchange (OFX) protocol and the 3000+ North American banks that support it.  The conclusion:  80% of banks supporting OFX have no MFA support, putting consumers at risk by exposing login credentials. 

    This presentation provides a summary of our research. It also describes how organizations can assess and mitigate enterprise risk posed by OFX.  Topics include:

    · Open Financial Exchange (OFX) protocol — how it works and where it’s vulnerable 

    · Research findings —  OFX security vulnerabilities that create enterprise and consumer risk

    · Compliance implications - using a known vulnerable component creates headaches

    · Assessment techniques — commercial scanning tools don’t work with OFX. Learn how to assess this risk quickly

    ·Mitigation techniques — compensating controls that reduce exposure while using the OFX protocol
  • Security Best Practices for Regular Users
    Security Best Practices for Regular Users
    Roman Garber Recorded: Oct 4 2018 48 mins
    Data breaches happen all the time, but that only happens to large enterprises, right? What about me? How can you alter behaviors to better protect yourself and your family from personal attacks, phishing scams and the like?

    In this webinar, geared to everyday users, we will show you how to easily and quickly protect yourself from the breaches that lurk all around us:

    •The What and How Behind Your Personal Threat Model
    •Quick and Easy Steps for Password Protection and Two Factor Authentication
    •Everyone’s Watching: How to Manage Your Online Privacy While Remaining Social

    Join cybersecurity expert, Roman Garber, from Security Innovation for an inside look into protecting your and your families’ personal assets so you won’t become a victim of online threats and breaches.

Embed in website or blog