The Role of Identity in Securing the New Perimeter
The cloud and mobile are changing our societies in phenomenal ways. The increased usage of smartphones, tablets, and cloud computing is presenting organizations with new business opportunities and challenges. Companies worldwide in every industry are finding that they can expose new and existing data as Application Programming Interfaces (APIs) to open up new markets and penetrate deeper into existing ones. At the same time that orgranizations are changing the way that they expose data, they are also having to rethink how they are securing it. The old method of hiding it away behind a network firewall is no longer sufficient.
Figuring out the best way to secure Cloud APIs can be difficult. To shorten the learning curve and help you begin taking advantage of APIs, Travis Spencer, Senior Technical Architect from Ping Identity's CTO office, will present the state of API security, recommend best practices, and give advice on how to securely launch and run Cloud APIs. These will help you quickly take advantage of the new possibilities while simultaneously managing the associated risks.
Travis Spencer is a Senior Technical Architect reporting to Ping Identity’s CTO. He has over a decade of application development experience which includes the design of large-scale service-oriented and federated systems. His experience federating SaaS offerings with some of the world’s largest financial institutions coupled with his low-level understanding of federation protocols (e.g., SAML, WS-Trust, and WS-Federation) has allowed him to help numerous companies successful begin using cloud computing. His knowledge of OpenID and OAuth also provides him with a unique perspective on the relationship between enterprise- and consumer-grade digital identity management.
Veritas NetBackup appliance è la soluzione efficace e innovativa che semplifica e ottimizza le procedure di backup e recovery.
Una soluzione pratica che garantisce la scalabilità necessaria per adattare il tuo business ad ambienti, fisici, virtuali e cloud. Performance ed efficienza cresceranno insieme ai profitti: i tuoi team potranno dedicarsi ai clienti e alle attività di business, promuovendo al meglio l'innovazione!
Che benefici puoi ottenere con le appliance NetBackup di Veritas?
Scoprilo partecipando al nostro Webcast del 7 ottobre.
In questa sessione di un'ora, coordinata da un Solution Architect, risponderemo alle vostre domande di natura tecnica riguardanti l'utilizzo dei prodotti AWS. In particolare, i primi 30 minuti saranno dedicati al topic "Analisi di Big Data (EMR, Redshift, Kinesis)" e i successivi 30 a domande di qualsiasi tipo.
Comprenez ce qui s’est passé et rétablissez l’activité rapidement
Au cours des deux premiers webcasts, nous avons vu pourquoi les violations sont inévitables et comment détecter rapidement un menace avancée. Dans ce dernier épisode, nous allons voir comment Advanced Threat Protection peut efficacement résoudre le problème et supprimer les malwares de vos systèmes. Rétablir l’activité, cependant, ne suffit pas : il faut aussi améliorer sa préparation pour l’avenir. Nous y viendrons également
Webcast 1: Advanced Threat: que faire en cas de violation de sécurité inévitable? - https://www.brighttalk.com/webcast/5691/170167
Webcast 2 - Advanced Threat Protection : j’ai subi une violation de sécurité, que s’est-il passé ? - https://www.brighttalk.com/webcast/5691/170173
Featuring Ben Person, Manager, ServiceNow Delivery, Dell Services, this video provides an overview of how the combined capabilities of Dell IT service management and ServiceNow helps you easily align IT with your business objectives. Learn how Dell Services can help ensure seamless service, proactive and responsive interaction and quality delivery.
Featuring Paola Arbour, Vice President, Services IT, Dell Services, this video provides an insight into the Service Integration and Management (SIAM) function. It helps understand how you can benefit from the flexibility and innovation of multisourcing and standard services, while delivering integrated services to the business.
Learn how data encryption and encryption key management address compliance for healthcare providers and payers. Join Derek Tumulak, VP Product Management at Vormetric, and Tricia Pattee, HOSTING Product Manager as they discuss how HIPAA/HITECH regulations impact electronic protected health information (PHI) and best practices to safeguard sensitive patient data.
• HIPAA and HITECH regulatory mandates impact data security for healthcare institutions
• Strong encryption and policy-based access controls provide a separation of duties between data security and system administrators
• Secure key management and policy management ensure consistency in applying policies and encryption keys to both structured and unstructured data
• Rapid implementation is achieved because encryption is transparent to users, applications, databases and storage systems
• The HOSTING and Vormetric cloud solution can satisfy HIPAA and HITECH compliance requirements in the cloud
In this presentation, solution providers learn simple steps to help build and grow their IT security practice. Attendees learn about compliance regulations, cloud integration, how to weave security into each opportunity, adherence to best practices, and re-educating customers.
Join the Informatica Cloud product team on Oct 8th, 2015 to find out what's new in the Fall Release of the Informatica Cloud and explore all the key capabilities.
During the webinar, you will also have the opportunity to see the new Informatica Cloud platform in action and ask any questions that you may have.
The Fall 2015 release of the Informatica Cloud is packed with many rich functionalities, including:
•Automated discovery and parsing of log files to enable cloud analytics on your machine generated data
•Enhanced Cloud Mapping Designer with new interactive configuration tool and fixed-width file support
•Highly scalable Cloud Runtime Environment for cloud to cloud integrations
•Informatica Cloud Platform Rest API improvements with fine-grained permission for objects and create or update a connection capability using parameters
•New enhancements to the Informatica Cloud Real Time in the areas of Service Connector, Process Designer & Guides
•Robust Subset Engine for Data Masking transformations with the ability to support complex data models and automatic data chunking for Salesforce to allow horizontal partitioning on large data sets
•Improved connector capabilities for Amazon S3, NetSuite, Salesforce and SAP. New integrations for Microsoft Azure, Box, Concur and others.
By 2020, more than 7bn inhabitants of Earth will be using over 35bn devices to communicate, collaborate, negotiate and perform transactions.
To put it into perspective, there are only about 8.7bn connected devices now.
The surge will come quickly and organizations will scramble to take advantage of monetizing this digitally connected world. Identities are at the forefront as the digital passport to an online world of goods and services because a single view of an individual customer is the key to knowing that person better and building a deeper personal and business relationship with them. Join Oracle and (ISC)² on October 8, 2015 at 1:00PM Eastern to learn about the new identity economy.
Amar Singh, Chair of ISACA's UK Security Advisory Group, Exec. Board Member & Consultant to UK's National MBA in Cyber Sec.
Wishful thinking or a cursory security assessment may have worked in the past but dealing with persistent and advanced threats requires an equally sophisticated and mature approach.
While APT’s are on the rise and the use of zero-day vulnerabilities can be one of the weapons for such attacks, reality is that the large majority of incidents – advanced or not – occur using known vulnerabilities. Resolving these is, therefore, paramount to reducing the attack surface for cyber criminals.
Join Amar as he shares his tips on adopting a mature and continuing vulnerability management process that can help organizations reduce risk and be better prepared to respond to APT’s.
According to Verizon’s “2015 Data Breach Investigation Report,” the cyberattacks are becoming increasingly sophisticated. Cybercriminals have been successful in creating new techniques and deceptive tactics that outpace security efforts. Under these conditions, what would be your approach to dealing with security threats?
Join us for a live webinar session and discover how auditing can help mitigate the risk of data breaches and solidify your security strategy overall. During the session, we will talk about:
- The latest data breaches and their ramifications;
- How auditing complements threat-defense mechanisms;
- What should be audited and why.
Art Gilliland, General Manager of HP Enterprise Security Products
Businesses are spending so much money on security -- almost $47 billion in 2013 -- and yet the number of breaches continues to increase. To mitigate the risks of increasingly sophisticated, innovative and persistent threats, we need to change the way we think about our security programs. In this webcast, Art Gilliland, General Manager of HP Enterprise Security Products, talks about the challenges all enterprises face from the bad guys -- and the critical steps businesses must take to defend against today's most advanced threats.
Today’s cyber attacks have become increasingly more sophisticated, requiring organisations to embrace an agile and ever more adaptive approach to their cyber security strategy. Join our webinar as we discuss the changing landscape of advanced threats in EMEA, look into the anatomy of APTs and explain why conventional security methods are no longer equipped to deal with these advanced attacks. In addition, we’ll share insights into real-life case studies of advanced threat actors using zero-day attacks and how an adaptive defense model allows FireEye to quickly respond, detect and remediate such attacks.
Jason Creasey, Information Security Consultant, Jerakano
Jason will introduce some of the major challenges associated with monitoring and logging cyber security events, highlighting the need to identify indicators of compromise at a much earlier stage and in a more consistent, insightful manner.
He will present a cyber-security monitoring framework, emphasising the benefits of taking a balanced, intelligence-led approach, based on fundamental log management and situational awareness. He will then look at what a cyber-security incident actually is and outline how to prepare for and respond to a cyber-security incident effectively – ensuring that it is properly followed up - helping to reduce the frequency and impact of future cyber security incidents.
Finally, Jason will introduce a cyber-security incident response maturity model, showing how you can measure the maturity of a cyber-security incident response capability.
The growing sophistication and evasiveness of cyber threats have redesigned the paradigms of the information security landscape. Since traditional signature-based technologies alone cannot keep the pace with advanced threats, a breed of new technologies has been developed to fill the gap in what seems an endless arms race against malware creators. In the same time, the volatility of the perimeter, direct consequence of the growing adoption of cloud services, dramatically broadens the vulnerability surface of the organizations, requiring a new approach for the CISOs in terms of both technologies and policies.
In this webcast we will analyse the current threat landscape related to advanced malware, demonstrating that, unlike what is commonly believed, it is not necessarily related to state-sponsored operations, but it is frequently used even in opportunistic attacks (and in several cases also available as a P/SaaS model).
After showing the characteristics that make a malware “advanced” (evasion at the endpoint and network level, polymorphism, etc), the webcast will outline the foundations of a multi-layered approach needed to detect, contain and mitigate the threats posed by advanced threats.
We caught up with F-Secure's Mikko Hyppoen to get his thoughts on the ever-relevant Privacy vs. Security debate.
Mikko discussed the sensitive equilibrium required to protect data and ensure it's privacy; the influence that the EU's Safe Harbour ruling will have and how security should be the responsibility of all, not just the government.
He also gave his one key piece of advice for keeping your data private and secure.
Most governments have already created, or are in the process of creating, regulations that impose conditions on the safeguard and use of Personally Identifiable Information (PII), with penalties for organizations who fail to sufficiently protect it. Organizations need to treat privacy as both a compliance and business risk issue, in order to reduce regulatory sanctions as well as reputational damage and loss of customers due to privacy breaches.
So how will organisations manage infrastructure across multiple domains without falling foul of emerging privacy and data management legislation, particularly when cloud services and personal devices are the norm?
During this webinar, Steve Durbin, Managing Director of ISF, will discuss how the security function and the board will need to work together to ensure that current regulatory trends and emerging technologies are aligned to maintain business effectiveness and connectivity.
Ginny Turley, Director of North American Marketing
While network security encompasses both the physical and software preventative measures to prevent and monitor unauthorized accesses or misuse of a computer network, the adoption of a password management policy and strategy can be foundational to the prevention of unauthorized uses of network resources. In many cases, simple password management is the weakest link. In this webcast, we'll explore what needs to be done to strengthen this important and oft overlooked aspect of network security and discuss password synchronization, and self-reset functions that can save time and money - and a lot of post-it notes as well.
Diana Garcia, Customer Onboarding and Training Manager, PhishMe
As spear phishing continues to be one of the top security threats, enterprises have looked to user training programs to bolster their defenses. One of the main challenges security awareness professionals face is implementing a phishing training program which shows continuous improvement and value to their organization. How do you start and build upon a training program to showcase continuous success?
The key to implementing an effective program is to focus on the biggest threats and leverage behavioral metrics to drive your program. During this webinar, Diana Garcia, Manager, Customer Onboarding and Training, will cover:
-How do you implement a phishing awareness program and run it continuously?
-What are the key elements of a successful program and what does it look like?
-How do you show the value this program and your trained users add to the security organization?
Araldo Menegon, Global Managing Director, Financial Services, Fortinet and John Bryant, CTO of Options
Fortinet protects the most valuable assets of the largest financial services institutions across the globe. Learn how they provide high-performance protection against cyber-threats by hearing from security experts and key customers.
David Dufour | Senior Director of Security Architecture
Traditional cybersecurity approaches aren’t effective in the world of IoT with the vast disparity in device capabilities, resource constraints and architectural designs. This diversity has created an environment where attacking the IoT infrastructure of an organization will become more common place. This presentation will discuss what can be done in the near term to help protect against attacks on the varying device types and their ecosystems.
Andrew Hay, Director of Security Research, OpenDNS & Meg Diaz, Product Marketing Manager, OpenDNS
Many have hypothesized about the security impact of the “Internet of Things” (IoT) for enterprises, but for the first time, we have actual data on the potential security risks introduced by these devices—and the results may surprise you!
Andrew Hay, Director of Security Research at OpenDNS, conducted a multi-month study on the prevalence of IoT devices in enterprise networks. In this webcast, Andrew will walk through the key findings, including:
The prevalence of IoT devices—even in the most regulated industries—and which devices are most commonly found
Where IoT hosting infrastructure is located on the internet
Vulnerabilities found in IoT hosting infrastructure
Implications to consider for your security program
How to gain IoT visibility in your enterprise network
- See more at: https://www.opendns.com/enterprise-security/resources/webcasts/internet-of-things-in-the-enterprise-the-data-behind-the-risks/#sthash.INikZJu0.dpuf
In this cloud DLP webcast, “Cloud Security Alliance and Elastica: Revealing Shadow Data”, Jim Reavis, CEO of CSA, and Elastica delve deeply into the Elastica Q2 2015 Shadow Data Report and share insights into how organizations can unlock the full business potential of cloud apps and the sensitive corporate data stored in them, while staying secure and compliant.
In addition, Ben Munroe from Cisco shares his insights into how Cisco is addressing the cloud data loss prevention problem.
Looking beyond Shadow IT, this webcast examines:
• What types of sensitive data are typically found in cloud sharing apps (PHI, PCE, and PII)
• Which vertical industries have the riskiest exposures (Hint: its healthcare) and what steps can be taken to mitigate the these risks.
• Why managing Shadow Data is the next critical step in protecting cloud apps beyond just controlling Shadow IT.
• How to build an effective cloud app security architecture that provides visibility, control, and remediation.
You can’t defend against something you don’t understand. Most network attacks are actually easy to understand if you have the right background. Join SolarWinds’ Mav Turner to review the basics of network security. He will discuss key concepts and core networking technology necessary for a solid foundation to secure your infrastructure.
Justin Corlett, Business Development Manager, Cryptsoft
The imperative to encrypt data has driven the strong and sustained growth in the Enterprise Key Management market. Gaining accurate knowledge and clear insight into this market is a significant challenge both for vendors and end-users. Publically accessible information is littered with half-truths, misdirection and creative marketing content. Failing to distill reality from fantasy will undermine your ability to make the critical decisions you need stay competitive. This live session from SNIA's Data Storage Security Summit will provide you with the inside information about what was, what is and what will be in the next 18 months of Enterprise Key Management.
Technology trends such as cloud, mobile, and collaboration help businesses boost growth and competitiveness but each brings it own set of security gaps that give attackers a clear path to slip malware into the network, evade detection, and steal valuable information.
In 2014, global malware attacks increased by 136%. Attackers launch twice as many unique attacks. These are trying times for every organization as it faces elevated risk from the latest threats and cyber-criminals bent of greed and nefarious deed. Join us as security experts look at some of the latest security challenges and discusses the building block of developing a resilient security defense system to help you effectively combat evolving threats as they emerge.
You will learn how to better protect your networks as well as yourself with solutions that reduce work for IT and security teams.
In this webinar, you will:
1. get up to speed on the current threat landscape
2. discover ways to take advantage of modern-day network security tools and services for ongoing protection against new threats
3. learn why it truly counts to have a nimble threat research and response team working for you
4. and why it truly makes a big difference to have multiple layers of threat protection to bolster your security posture
Based on forensic evidence collected from 70 partner organizations as well as the Verizon caseload, the 2015 Verizon Data Breach Investigation Report (DBIR) presents a rare and comprehensive view into the world of corporate cybercrime. Now in its' eighth year of publication, this research has been used by thousands of organizations to evaluate and improve their security programs. This live broadcast from SNIA's Data Storage Security Summit will discuss the evolution of results over the years and delve into the people, methods and motives that drive attackers today to better inform your own security program.
Mark Allen, Technical Sales Engineer and Bjorn Hovd, Technical Sales Engineer
They may be the oldest tricks in the book, but SQL injection and cross-site scripting (XSS) attacks still put a hurt on thousands of web applications every year, impacting millions of users—your users and customers. SIEM solutions are essential in finding these exposures quickly, by collecting and correlating data to spot patterns and alert you of an attack. Join us for this demo to learn more about how these attacks work and how AlienVault USM gives you the built-in intelligence you need to spot trouble quickly.
How these attacks work and what you can do to protect your network
What data you need to collect to identify the warning signs of an attack
How to identify impacted assets so you can quickly limit the damage
How AlienVault USM simplifies detection with built-in correlation rules & threat intelligence
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.