Website Threats: It’s Not All About the Hacker Anymore
Website Security Series Part 3
The external threat landscape is evolving; web-based malware and legitimate website hacking is continuing to fluctuate as we learn and adapt our network defence strategies, or externalise our infrastructure to mitigate risk. However, do these initiatives around protection extend to our customers?
Every organisation has a web presence and increasingly this presence is not just for broadcasting corporate brands and products; it is used to collect and socialise personal information from customers and constituents and process regulated financial transactions.
In this session Symantec will discuss:
- Top threats that target customer identities
- How the Trust model of SSL has survived the last 18 months
- Why the Internet’s top brands are moving to Always-On SSL
- Why not all SSL certificate infrastructures are created equal and how this can influence business growth
- How to manage an expanding cryptography infrastructure effectively
Mike Smart is the Senior Manager of International Product and Solutions at Symantec.
In his role, Mike is responsible for driving Symantec’s Trust Services business across International and emerging markets. He joined Symantec in 2012 from SafeNet where he was Director of Products and Solutions in EMEA.
Mike has a strong history in the SMB and Enterprise IT Security arena and has been at the forefront of introducing new technologies and solutions to the market in areas such as Cloud Security Solutions, Information Leakage Detection and Prevention and Unified Threat Management. Mike is an active member of the UK’s Get Safe Online not-for-profit organisation which provides a leading source of unbiased, authoritative information on protection against fraud, identity theft, viruses and many other problems encountered online.
RecordedJun 21 201240 mins
Your place is confirmed, we'll send you email reminders
Leon Brown - Product Marketing, Symantec Website Security & Avishay Zawoznik - Security Researcher, Imperva Incapsula
After a brief introduction to the world of SEO, we will dive into the different types of web application attacks and manipulations that are made to either degrade your competitor’s ranking or raise your own.
Abhinav Sharma and Dave Roche, Product Managers for Symantec Secure App Service
With the explosion of connected objects and mobile devices, publishing or sharing software - even internally - has become a real challenge for companies with a coding activity. In this webinar, we will explore the code signing threat landscape and share our best practice and solutions to all your code signing needs. You will learn about:
- the value of code signing today and the new code signing use cases in the world of IoT
- the risks associated with traditional code signing: key management, auditing and reporting, multitude of signing platforms and files, compliance, embedding in the development process, etc.
- the security and development costs to take into account
- how to transition from a traditional to a next generation code signing activity thanks to Cloud based signing
Akhil Verma, Product Marketing Manager at Symantec and Andy Shoemaker, Founder and CEO of NimbusDDOS
Over the last few months we have seen DDoS attacks become more ferocious and attackers more sophisticated. As DDoS threats continue to evolve, your traditional mitigation solution may not be enough to protect you.
Watch as we follow a fictitious attacker analysing a target, exploring and finding weaknesses. Experience how the attacker launches a DDoS attack with devastating effects. Learn about the advantages and limitations of various mitigation technologies, and be given a DDoS preparedness roadmap to help you navigate the DDoS landscape.
Ben Herzberg, Head of Security Response at Imperva Incapsula and Akhil Verma, Product Marketing Website Security at Symantec
The latest DDoS Threat Report from Imperva Incapsula shows that DDoS attacks continue to grow in size with a significant increase in network layer attacks. With the scale and reach of DDoS threats increasing, enterprises need to be vigilant to protect their assets and customer data. Join our webinar to learn how you can protect your enterprise from global cybersecurity threats.
At the webinar you’ll learn:
• Insights into global DDoS attack patterns
• Best cyber security practices
• How to harden your current security practices
• How to build a scalable cyber security strategy
ECC ist der modernste Verschlüsselungsalgorithmus, der beim Schlüsselaustausch und der Authentifizierung mit den Protokollen SSL und TLS zum Einsatz kommt.
ECC wird RSA voraussichtlich ablösen, da der explosionsartige Anstieg der Mobilgerätenutzung und der Kommunikation zwischen Maschinen (M2M) sowie die Entwicklung des Internet der Dinge die Grenzen der Skalierbarkeit des derzeitigen Standardalgorithmus RSA übersteigen.
Die Zuverlässigkeit und Leistung von ECC sind inzwischen klar erwiesen. Die größte Hürde für den Einsatz des Algorithmus ist mangelnde Kompatibilität mit vorhandener Technik. Deshalb hat Symantec Hybrid-SSL-Zertifikate mit ECC und RSA entwickelt. Mit diesen Zertifikaten können Sie Ihre bisherigen Infrastrukturinvestitionen weiterhin nutzen und gleichzeitig Kompatibilitätsprobleme vermeiden.
In diesem Webcast erfahren Sie,
welche Vorteile ECC in puncto Sicherheit, Zuverlässigkeit und Kapazität bietet,
wie die Zertifikatskette eines Hybrid-SSL-Zertifikats mit ECC und RSA aussieht und
wie Sie ein solches Zertifikat beantragen.
ECC is the latest encryption algorithm used for key exchange and authentication purposes in the SSL/TLS protocols.
ECC is expected to replace RSA (current standard) as the scalability of RSA has become too limited to deal with the explosion of the number of mobile devices, machine-to-machine (M2M) communications and the development of the IoT (internet of the things).
The reliability and performance of ECC no longer needs to be demonstrated. However, a significant obstacle to the adoption of ECC lies on the lack of compatibility for such algorithm. This is why we have created ECC/RSA hybrid SSL certificates, allowing you to protect your current infrastructure investment while mitigating potential compatibility issues at the same time.
Join us in this webcast and find out:
-what are the main benefits of ECC in terms of strength, reliability and capacity
-how ECC/RSA hybrid certificate chains work
-what is the enrolment process
Everything you need to know about website security and online threats
Symantec Website Security Solutions take SSL protection and trust to a whole new level. Secure your website, increase customers' confidence, and reach the full online potential of your business. You can learn about the threat landscape and Symantec product updates by subscribing to this channel.
Sony, Target and now Yahoo! -- you can't let this to happen to you or your business. Help your organization avoid being front page news due to a security breach.
Every organization large and small wants to avoid this all too common reality. From the unintentional sharing of data by employees through a rogue email, to losing data via a lost computer, to surviving hacker attacks, there's a lot to manage.
Join this webcast to learn the top 5 ways to protect your organization and make sure your company isn't the next one hacked.
This webcast is part of our Digital Security in the Modern World webcast series. Sign up for this session, or the entire series today!
This month’s webinar will focus on the mobile ransomware landscape including the evolution of the threat, where we’re seeing attacks occur, and how to protect your devices from this threat. We will also cover the threat statistics we gather from our Trend Micro™ Smart Protection Network™ and the top mobile ransomware threats observed.
The call from the auditor, like your dental cleaning and tax day, comes with dizzying regularity. For more than a decade, companies have been avoiding, eschewing or explicitly fibbing about their cloud use to step around the murky area of cloud compliance.
Why? Because the rules are ambiguous. Because the paperwork is unreal. Because cloud vendors are cagey. Because it was just easier.
And business continues to use the cloud, because it’s critical to growth, IT operations, agility and disaster protection. But you no longer have to pull a fast one on your audit team. Join iland's Director of Compliance to learn:
- What to look for in cloud reporting – in particular for HIPAA, SOC2 and ISO27001
- How your cloud vendor can support you
- What questions auditors typically ask
- How all this impacts your disaster recovery plans as well as your public cloud use
The Internet of Things (IoT) is already a huge deal and it's only going to get bigger
There are far more devices connected to the internet than there are people in the world and that number is projected to grow dramatically in the coming years. Whether you're an individual hobbyist or an enterprise developer, there's a great chance you'll find need for a cloud-based service to listen to the devices in your IoT solution, facilitate communication, and even communicate back to the devices telling them how to behave.
That's why there's Azure IoT. Azure IoT includes the dedicated IoT Hub service, IoT solution templates called IoT Suite, as well as many other general services for processing IoT data and turning them into real business insight. With a little time and learning, you’ll have a service designed to handle massive amounts of communication with devices, but also able to scale down to startup and even hobbyist scenarios.
Join this webcast to learn how to:
•Conceptualize why you might need a cloud-based hub solution
•Easily set up an IoT Hub in Azure
•Create simulated devices and communicate to your hub
In the 25 years since the first PC viruses appeared, how has the threat landscape changed?
- What are the most vulnerable areas that cybercriminals look to exploit?
Join us for our webinar to get the latest information you need to know about how cyberthreats are evolving. We'll cover the areas of cybercrime that are growing the fastest and how businesses can stay ahead of the threats that most affect their businesses.
90% - Organizations who have experienced some form of external threat in the past 12 months.
We'll cover everything from the rise of ransomware to the greatest mobile security threats, as well as taking your questions on the topics you are most concerned about.
With so many different cyber risk metrics being used, how can cyber insurance underwriters and risk managers know how likely a company is to experience a data breach?
Join Ira Scharf, GM of Worldwide Insurance at BitSight, and Dave Bradford President, Research and Editorial at Advisen as they discuss new correlations between BitSight Security Ratings and data breaches.
Attendees will learn:
- Why security ratings are a clear indicator of cyber risk
- How likely companies with BitSight ratings of 400 or below are to experience a data breach
- How underwriters, policyholders, and applicants can use BitSight Security Ratings to lower their cyber risk
The use of deception technologies to level the playing field against attackers sounds like a pretty compelling proposition for security teams. So why has adoption been limited to only the largest enterprises? What can security teams expect when deploying deception? What are the risks and what can be done to address them?
This presentation will provide attendees with an understanding of the challenges facing deception solutions to date, approaches for mitigating those challenges, and an introduction to vArmour’s deception solution: vArmour DSS Deception.
Is that activity you’re seeing a malicious user? Is it someone who made a mistake? Is it coming from an account whose credentials were compromised? Is it command and control traffic? How confident are you? As security programs are maturing, attention is turning to threats emanating from inside the network. Doug Copley will discuss seven profiles of highly risky users, outline how your organization can reduce insider risk, and present a real-world case study of how a software organization protected themselves.
Everybody is joining the microservices bandwagon and only some enterprises truly see the benefits of adopting microservices. The real challenge is not only cultural adoption but also a question of choosing the right technical tools to enable and secure your microservices.
In this webinar we'll provide practical guidance on building and deploying a microservice architecture for speed, scale and safety.
Join this webinar to learn:
- Key considerations of enabling microservices within your enterprise
- How DevOps fits in the microservices lifecycle and how to align team culture
- How to use an API gateway for securing and governing your microservice architecture
Every one of our PPM customers is pursuing the same end goal – how to deliver the highest value to the organization. Working with hundreds of customers, we have learned that the answer requires a comprehensive approach across multiple disciplines. To drive bigger results and achieve greater PPM maturity, organizations need to improve PPM leadership, governance, change management, product management, development, support and other disciplines.
Please join us for this presentation that discusses how to achieve PPM excellence by building competencies across disciplines in-house with the option of augmenting that approach with Application Managed Services for CA PPM.