Cloud Incident Response

Erika Voss, CGI & James Hewitt, CGI
Incident Response starts with, "What's your plan?" Does it focus on your Cloud environment? How will you detect, notify, isolate, and contain cloud-based incidents? We focus on developing/ramping-up cloud-specific IRPs.

"The Cloud." Where small and large organizations are going and have gone. You want to be in the cloud, but how do you protect it? Incident Response starts with detection. How do you detect what or who is in your cloud? If an incident occurred, would you know? We present a strategic approach to improving IR awareness and detection to meet the cloud's elevated demands. We will help you analyze your IR requirements across the IaaS, SaaS and PaaS platforms, and discuss how to talk with your vendor, risks to management, and IR containment, recovery, and evaluation test procedures.
Oct 27 2011
47 mins
Cloud Incident Response
Join us for this summit:
More from this community:

Cloud Computing

  • Live and recorded (4552)
  • Upcoming (88)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
  • DevOps State of the Union 2015 Jun 9 2015 6:00 pm UTC 45 mins
    Karthik Gaekwad, Senior Platform Engineer; Ernest Mueller, Product Manager; James Wickett, Senior Engineer
    DevOps is now over 5 years old and many advancements have been made.

    In this talk, we will review what's going on in the space, and discuss current trends and where we envision DevOps is going over the next few years. Specifically, we will cover the rise of containers, the "move to the donkeys", the greater incorporation of security into the development pipeline, the movement on network and databases as code, cultural backlash and trends.

    This will be a panel style talk with Karthik Gaekwad (@iteration1) , Ernest Mueller (@ernestmueller), James Wickett (@wickett) with plenty of time with questions at the end of the talk.
  • HP Cyber Risk Report 2015: The Past is Prologue Jun 9 2015 4:00 pm UTC 30 mins
    Jewel Timpe, Senior Manager- Threat Research, HP Security Research
    In the world of information security, the past isn’t dead; it isn’t even the past.

    The 2015 edition of HP’s annual security-research analysis reveals a threat landscape still populated by old problems and known issues, even as the pace of new developments quickens. In 2014, well-known attacks and misconfigurations existed side-by-side with mobile and connected devices (the “Internet of Things”) that remained largely unsecured. As the global economy continues its recovery, enterprises continued to find inexpensive access to capital; unfortunately, network attackers did as well, some of whom launched remarkably determined and formidable attacks over the course of the year.

    The 2015 edition of the HP Cyber Risk Report, drawn from innovative work by HP Security Research (HPSR), examines the nature of currently active vulnerabilities, how adversaries take advantage of them, and how defenders can prepare for what lies ahead. Jewel Timpe, HPSR’s senior manager of threat research, describes the report’s findings and explains how this intelligence can be used to better allocate security funds and personnel resources for enterprises looking toward tomorrow.
  • Stopping Data Breaches: Show me the money Jun 3 2015 3:00 pm UTC 45 mins
    Dave Finger, Director of Product Marketing, Fortinet
    Yes, there are annual studies that calculate the cost of the average data breach. And yes, within weeks of a major data breach the headlines shift from number of records lost to estimated cost. So it is unsurprising, if troubling, that a recent survey of enterprise executives indicated that the #1 thing they are most concerned about protecting from cyber attack is customer data. However, there are other important aspects to making a business case for improving your security posture. This webcast will discuss what we feel you should be concerned about losing and why…and it’s not just customer records that require costly breach notification.
  • Using Your Network and Cisco ASR 9000 for Comprehensive DDoS Protection Jun 3 2015 2:00 pm UTC 45 mins
    Talbot Hack, Senior Product Manager, Arbor Networks + Mike Geller, Principal Engineer Cisco Systems
    DDoS attacks are rising in size, frequency and complexity; recent research from Arbor Networks discovered a 334 Gbps DDoS attack! What makes this concerning is that there isn’t a single DDoS protection product on the planet that can stop an attack of this magnitude. So what’s the solution? You need to leverage your network to stop DDoS attacks.

    In this session, representatives from two industry leaders – Talbot Hack from Arbor Networks and Mike Geller from Cisco Systems – discuss best practices in leveraging your network for DDoS detection and mitigation.

    This presentation will cover:
    -The use of current and emerging technologies such as, Netflow, BGP, Flowspec, S&D/RTBH and SDN/NFV
    -An introduction to a joint Arbor-Cisco solution which embeds Arbor’s Threat Management System (TMS) technology in the Cisco’s ASR 9000 router for network embedded, virtual DDoS protection
  • 2015 Cyberthreat Defense Report Recorded: May 28 2015 43 mins
    Steve Piper, CEO, CyberEdge and Hal Lonas, CTO, Webroot
    This presentation provides key findings from the 2015 Cyberthreat Defense Report from the analyst firm CyberEdge. Based on a survey of IT security decision makers and practitioners across North America and Europe, the report examines the current and planned deployment of security measures, including the use of threat intelligence. It also provides developers of IT security technologies and products with answers they need to better align their solutions with the concerns and requirements of end users.
  • 5 Habits of Highly Compliant Marketers: Recorded: May 28 2015 28 mins
    Thor Johnson, CMO Intralinks and Lisa Cannon, Content Strategist and Writer
    The need to share content -- securely, collaboratively, immediately -- is critical to your job. You’re working with outside agencies and business partners, sharing documents that contain sensitive data like product designs, ad campaigns and customer data, to name just a few.

    According to research from the Ponemon Institute, more than six out of ten people report having accidentally forwarded files to individuals not authorized to see them. It’s time to create some good habits that will allow you to collaborate with internal and external resources and be 100% compliant with the regulations that govern your industry.

    Please join us for an interactive presentation about how new habits and tools can make it easy for you to be efficient and compliant, without sacrificing speed or creativity.
  • Cyber Insurance Underwriting - A High-Tech Discipline? Recorded: May 28 2015 56 mins
    Ira Scharf, GM of Insurance, BitSight and Advisen Insurance Intelligence
    The cyber market is an ever-changing industry. So how are insurance carriers currently assessing the risks their insured face? And how are they mitigating those risks?

    In this webinar, Ira Scharf, our GM of Insurance, teams up with Advisen Insurance Intelligence to discuss how cyber exposures have grown and changed over the last 20 years, and how the insurance product has evolved to keep pace.

    Watch this on-demand webinar to:

    learn exactly how the underwriting process has developed over the years,
    hear experts discuss the current trends in the industry, and
    find out the latest tools carriers are adopting to better assess corporation’s cyber preparedness.
  • Creating a Government Private Threat Intelligence Cloud Recorded: May 27 2015 57 mins
    Taylor Ettema, Product Manager, Threat Prevention Technologies
    With the sophistication and highly targeted nature of attacks against governments, the adversary can use numerous approaches and actions to get in and move across the network. Palo Alto Networks Threat Intelligence—from the cloud or an on-premises government-run platform—constantly gathers intelligence on evasive applications and converts the intelligence back into all platform devices. This ensures that organizations maintain control of evasive applications to ensure authorized activity traverses the networks while unauthorized activity fails to route.

    Join this webinar to Learn:
    - How Government Agencies can develop and manage their own threat intelligence cloud on a closed, dedicated Palo Alto Networks WF-500 threat intelligence platform.

    - How to create effective threat intelligence private clouds for a singular agency or for a group of Agencies, Ministries or Departments who wish to share their threat intelligence.

    - How the threat intelligence cloud (public or private) analyzes and correlates intelligence from all platform security functions—URL Filtering, mobile security, IPS/threat prevention and the virtual execution engine or sandbox, WildFire™— and validated community input.

    - How WildFire immediately discovers previously unknown malware and communicates the results to the platform to automatically generate signatures.

    - How all threat intelligence is distributed to the network and endpoints to ensure they are protected.

    - How this is all done automatically, reducing operational burden and shortening an organization’s response time.

    - How this innovative architecture can be operated at a fraction of the cost it takes to deploy and manage an equivalent set of point products – APT, IDS/IPS, URL filtering and more – all correlating insights automatically in real-time for greatest network protection.
  • How to Assess and Manage Your Cyber Risk Recorded: May 27 2015 57 mins
    Stephen Cobb, Senior Security Researcher, ESET
    Information technology brings many benefits to a business, but it also brings risks. Knowing how to assess and manage those cyber risks is essential for success, a powerful hedge against many of the threats that your business faces, whether you are an established firm or pioneering startup. ESET security researcher Stephen Cobb explains how cyber risk assessment and management can work for you.
  • How Bad Can Zero Days Get? Recorded: May 27 2015 38 mins
    Robert Hansen, VP of WhiteHat Security Labs
    Are you giving the adversary unintended access through vulnerabilities in your system?

    By only having one method of finding vulnerabilities or one way of mitigating them, the chances of the adversary getting through are increasingly high. This webinar will walk you through the current threat landscape, how vulnerabilities can be found, and how to mitigate control.

    In this webinar you'll learn:

    - What types of assessments work at which points in the software development lifecycle.
    - What is the most popular way to deploy a WAF and why that's not a good idea as a single method of defense.
    - Why finding and fixing your vulnerability isn't actually good enough.
  • When Do Managed Security Services Make Sense? Recorded: May 27 2015 42 mins
    Guest Speaker: Ed Ferrara, Principal Analyst, Forrester Research, Mark Stevens, VP Global Services, Digital Guardian
    The importance of protecting sensitive data is gaining visibility at the C-level and the Boardroom. It’s a difficult task, made even more so by the shortage of security experts. One option that more and more companies are pursuing is the use of managed security services. This can enable them to employ sophisticated technologies and processes to detect security incidents in a cost-effective manner. Should managed security be a component of your security mix?

    In this webinar, Ed Ferrara of Forrester and Mark Stevens of Digital Guardian will discuss:

     When does it make sense to utilize managed security services

     How to the scope the services your company contracts out

     Questions to ask when evaluating managed security services providers

     The key criteria for selecting managed security providers
  • All About the Base: Test Drive FortiGate-VMX from Hypervisor and up Recorded: May 27 2015 47 mins
    Cynthia Hsieh, Director of Product Marketing, Cloud and SDN product, Fortinet.
    Server virtualization is a mature technology. More than 70% of all x86 architecture workloads are running in VMs on top of hypervisors. With the increase in virtualization of mission critical workloads plus clustering and high availability, it’s more challenging than ever to get the visibility and dynamic rule settings for North-South and East-West traffic. In this session, no future hype, learn what is happened today with FortiGate-VMX use cases to secure all of your hypervisors and provide a real-world agility traffic testing using Ixia Breakingpoint for the proof.
  • SIEM Roadmap 2015 Recorded: May 27 2015 26 mins
    Tom Clare, Director, Arctic Wolf
    Security event management continues to evolve as data breaches put more pressure on detective defenses providing continuous monitoring. Many companies have invested strongly in preventive defenses to stop attacks before they infect. Now the game changes to detecting the unknown and this requires scale and performance of SIEM solutions with increasing context for depth and visibility in the hands of security experts with an analytics mindset. Not everyone can play on this field, learn your options.

    Attendees will learn:
    - SIEM architecture changes for visibility
    - Increasing complexity of data analytics to explore
    - SIEM taxonomy and trade-offs between generations
    - Analyst recommendations & best practices
    - Why resources are key to SIEM success
  • A Best Practice Blueprint for eGRC Recorded: May 26 2015 62 mins
    Brandon Dunlap (Moderator); Renee Murphy, Forester; Mike Rost, MetricStream; Vivek Shivananda, Rsam.
    With the increased regulation and scrutiny of the past decade, it is important for organizations to implement best practices in order to maintain control and achieve compliance with evolving regulatory requirements.

    Compliance teams of the brave new world are set up to discuss risks with the key business leaders, and have sufficient resources to ensure company compliance programs are implemented effectively. Their software applications for managing enterprise governance, risk management, and compliance (eGRC) continue to mature with impressive features and functions, and they are making notable strategic advances by linking these three business functions for more informed decision-making, to reduce risk exposure, lower audit costs, and demonstrate compliance.

    To replicate similar success in your eGRC program, you will need to focus on selling GRC value, practicing good GRC project management, and embedding GRC into corporate culture. Join this educational panel webinar as our experts delve deeper into this, and identify the best practices for implementing an eGRC program in 2015.
  • DDoS Attacks Are a Serious Threat to U.S. Companies, Not for Reasons You'd Think Recorded: May 26 2015 30 mins
    Margee Adams, Director of Product Marketing, Neustar
    Neustar, in its annual DDoS Attacks Report shares critical DDoS trending data from real companies from across industries. Learn how companies are ramping up DDoS protection tactics and why.
  • Top 5 Cloud Data Loss Disasters of 2014 Recorded: May 26 2015 37 mins
    Trace Ronning, Content Marketing Manager, eFolder
    With companies adopting SaaS applications more rapidly than ever before, the risk of cloud data loss has also risen. As many as 40% of companies that use cloud based applications have reported data loss since 2013, according to reports from the Aberdeen group and Symantec – but until cloud data disasters hit home, businesses tend not to prioritize cloud data backup.

    In this BrightTALK-exclusive webinar, you’ll learn about the biggest cloud data losses of the year, and how to make sure they don’t happen in your organization.
  • POS Attacks Persist: Fight Back with 5 Key Defense Strategies Recorded: May 26 2015 42 mins
    Ken Dang, Product Marketing Manager, Dell Security
    2014 was a year pack with hacker attacks on payment card infrastructures but we’re not out of the woods yet. Dell’s threat research team have regularly observed new active pieces of advanced Point-of-Sales (POS) malware in 2015. Why so many retailers still soft targets? For cyber criminals, retail is where the money is. The possibility of spiriting away and selling thousands or millions of credit card details and chunks of consumer information is powerful incentive.
  • Real Customer Successes: Business Transformation through Information Governance Recorded: May 26 2015 61 mins
    Barclay T. Blair, Executive Director and Founder, Information Governance Initiative; Stephen Ludlow, Director, Product Market
    Successful Information Governance enables organizations to take control of their information, ensure compliance, reduce costs, and ultimately achieve greater profitability. Watch the webinar on demand, Real Customer Successes: Business Transformation through Information Governance, to hear expert insights on how real-world customers have successfully leveraged Information Governance programs.
    Barclay Blair of the Information Governance Initiative and OpenText's Stephen Ludlow discuss how customers have successfully implemented Information Governance programs that streamline processes, increase productivity, and reduce costs to transform their businesses. You’ll learn:
    •How leading organizations have been able to amplify the value in their information
    •How to measure the success of an Information Governance implementation
    •What drivers lead customers to implement an Information Governance program
  • Expert Speed Round: 7 CEM Trends in 40 Minutes Recorded: May 26 2015 58 mins
    Marci Maddox, OpenText, Kim Celestre, Forrester and a panel of experts
    If you’re not engaging your customers, you could be losing them. Last year alone, 66 percent of global customers switched service providers due to poor customer experience—up 4 percent from the previous year, according to Accenture. They estimate that this “switching economy” puts $5.9 trillion up for grabs globally every year. That’s a large sum to leave up to chance!

    Register for the virtual roundtable, Expert Speed Round: 7 CEM Trends in 40 Minutes, to hear experts discuss Walters’s observations and answer pressing questions around how to succeed in Customer Experience Management.

    Panelists:
    Marci Maddox, OpenText
    Kim Celestre, Forrester
    Scott Marshall, Amerisource Bergen
    Roopesh Nair, Sapient Nitro
    Leo Mindel, Sotic Digital Sports Agency
  • How to Reshape Customer Conversations through Real-Time Customer Engagement Recorded: May 25 2015 50 mins
    Omer Minkara, Research Analyst, Aberdeen Group; Robert Thiele, Senior Director of SAP Corporate Alliance, OpenText
    According to Aberdeen, 50% of businesses say managing consistent customer experiences continues to be a top challenge. Today’s buyers demand higher levels of personalization with each interaction they have with a company. Customer Communications Management (CCM) can help personalize communications by capturing customer requirements on-the-go.

    Watch the webinar on demand, Reshape Customer Conversations through Real-time Customer Information, to learn about:
    - Business value of managing consistent and timely customer interactions
    - Best practices to ensure consistency of customer messages across your business
    - The growing role of content in delivering personalized customer experiences
trends, developments, and technology
Increasing expectations for good governance, effective risk management and complex demands for legislative and regulatory compliance are presenting a growing challenge for organizations of all sizes. Tune in to live and recorded presentations by respected luminaries in the fields of governance, risk and compliance. Their thought leadership will provide you with practical advice on how to implement successful GRC strategies and processes for your organization.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cloud Incident Response
  • Live at: Oct 27 2011 7:00 pm
  • Presented by: Erika Voss, CGI & James Hewitt, CGI
  • From:
Your email has been sent.
or close
You must be logged in to email this