Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.
Applicazioni SaaS come Microsoft® Office 365® sono molto apprezzate e sempre più diffuse nelle aziende, ma lo stesso può dirsi delle minacce che si nascondono in queste offerte:
• Esposizione accidentale dei dati con SharePoint®
• Uso non controllato di account personali di OneDrive®
• Violazioni alla sicurezza dei dati in Exchange
Sì, anche applicazioni SaaS affidabili come Office 365 possono far crescere il rischio di violazioni e problemi di conformità.
La nostra Security Operating Platform può offrirti supporto. Registrati al webinar e scopri come soddisfare le tue esigenze CASB e proteggere i dati sul cloud da malware ed esposizione accidentale.
Scopri anche come ottenere visibilità completa e reporting, classificazione dei dati e controllo granulare delle attività per utente, cartella e file, per una protezione efficace dei dati business-critical su Office 365.
Almost 5 years, 48,000+ github stars, and tens of thousand of production deployments later we can safely say containers are a technology that is a here to stay. They’re developer friendly, easy to operationalize, and allow organizations to provide stable and secure services to their customers.
While there are clear best practices for what it takes to build and run containers, there isn't as much knowledge around the performing forensic analysis of incidents that occur inside your containers.
In this webinar we'll cover:
- How containers change incident response and forensics
- Best practices around forensic data collection in container environments
- Compare opensource and commercial forensics options
- A live demo of multiple forensics investigations using Sysdig Inspect: an opensource container forensics tool
Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?
Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!
Amanda Berlin, MCITP
Tracy Maleeff, Masters in Library and Information Science
There’s a difference between threat data and threat intelligence, and while the former may give you a better understanding of malicious data sources, IPs, websites, and domains, what it fails to do is give you and your security team the context to remediate a threat. When CVEs are responsible for tens of millions of attacks, simply having threat data won’t cut it.
When it comes to cybersecurity, knowledge is power. And as cyber criminals gain more sophisticated tactics, protecting yourself requires a more intelligent approach.
You can’t always trust that the sender of your email truly sent it. Impersonation threats are becoming more popular and difficult for end users to spot.
Ken Bagnall, Vice President, Email Security, presents “Impersonation: The Many Masks of Email Threats,” a FireEye webinar that digs into the details behind impersonation attacks:
• What psychological authentication involves
• How attackers prey on recipients’ imagination and emotions
• How impersonation attacks are evolving
• What is in the future for impersonation
• How threat intelligence and the speed of email security impact cyber risk
Securing workloads in public clouds requires a different approach than that used for traditional data centers. The need to operate security at cloud speed, respond to continuous change, and adapt at scale all require a dramatic shift in the type of security solution required by today’s operation.
This webcast will deliver a detailed analysis of the threats and risks discovered by recent research done by Lacework when it comes to deploying containers and orchestration services like Kubernetes running on AWS.
Of all the Agile practices, none is more foundational than the inspect & adapt cycle of the retrospective. Even if you struggle with every other aspect of Agile, if you consistently engage in productive retrospectives, you will get better.
Industry surveys and studies suggest that 80% or more of Agile organizations have at least some distributed teams. Most of the traditional retrospective methods assume that all team members are co-located.
Running effective retrospectives for distributed teams presents unique challenges, but also, potentially, some great advantages. In this webinar, Agile coach and Instant Agenda co-founder Michael Ball-Marian will discuss the three greatest challenges to running distributed Agile retrospectives and how to solve them. Michael will share a variety of tips and techniques that you can use in any retrospective, co-located or distributed. Finally, he’ll present a few ways in which a distributed retrospective can actually be better than a co-located one.
FISMA is the all-embracing legislative framework for protecting the security, integrity, and availability of federal information and information systems. To meet FISMA compliance requirements, governmental agencies and private contractors that handle federal data must maintain full visibility over their information system inventory.
Attendees will learn:
- How to leverage existing documentation
- Shared responsibility
- Gaining an ATO without FedRAMP assessed infrastructure
Cloud computing continues to transform the way organizations use, store, and share data, applications, and workloads, but has also introduced a host of new security threats and challenges. With so much data going into the cloud—and into public cloud services in particular—these resources become natural targets for bad actors. And, contrary to what you may think, the primary responsibility for protecting corporate data in the cloud lies with the cloud customer, not with the service provider.
AlienVault is at the leading edge of cloud security with AlienVault USM Anywhere. Whether you are looking to secure your AWS & Azure cloud environments, cloud applications like Office 365 and G Suite or on-premises assets, USM Anywhere delivers essential security capabilities in a single SaaS platform.
Join this webcast to learn more about cloud security challenges and how to address them with USM Anywhere. You'll learn:
- What the shared responsibility model means for the security of your cloud assets
- Challenges with trying to use traditional on-prem security monitoring tools in your cloud environments
- How USM Anywhere gives you visibility into all assets across your cloud and on-premises environments
- Benefits of an all-in-one security solution for threat detection, incident response and compliance management
Group Product Marketing Manager
Danielle is a Group Product Marketing Manager at AlienVault, responsible for product messaging and positioning, go-to-market strategy, and sales enablement.
Sr. Technical Manager, Sales Enablement for North America
Brian is a member of AlienVault's Sales Enablement team. He was previously a Sales Engineer, and then Sales Engineering manager at AlienVault.
Information / Discussion on SEC Guidance On Public Company Cyber Security Disclosures
The Securities & Exchange Commission, in Feb-2018 has published a guidance to assist public companies in handling Cyber Security Risks and Incidents. In this webinar, participants will learn about -
- Context Of SEC Guidance
- Purpose Of SEC Guidance
- Disclosure Approach
- Steps to Adhere to Guidelines
- Technology & Operational Considerations
Cybercriminals and nation states are consistently using mobile threat tooling as part of their espionage or financially motivated attacks and campaigns. The Lookout Threat Intelligence team has noticed this increase as we research and protect against these adversaries. These actors are increasingly seeing value from having an offensive mobile capability in their toolkit and we have even seen low sophistication groups break into this space and successfully steal gigabytes of data from compromised devices. As BYOD and the prevalence of mobile devices in corporate environments continue to blur the traditional enterprise perimeter, the ability to understand the risks to mobile endpoints is critical.
Join Michael Flossman, Head of Threat Intelligence at Lookout, for this informative webinar as he covers the evolution of threat actors on mobile, discusses several recent high-profile cases, and explains why gaining visibility into your mobile endpoints and proactively securing them is key for today’s organizations."
The world of payments is rapidly-changing. The rise of P2P payments in the U.S, Canada and Australia along with dramatic regulatory changes in Europe (PSD2), has created new opportunities across the ecosystem. New third-party payment providers (TPP's) in the EU and P2P apps in other regions are entering the arena by supporting the rapid rise in demand and associated adoption rates. Banks are enabling direct access to accounts via APIs. Consumers now get to pick which apps they use, how they want to pay, and when, making the user experience paramount to win their loyalty. At the same time, however, the speed and “openness” makes the ecosystem vulnerable to several types of threats including malware, social engineering, remote access Trojans, SIM swapping, call forwarding and other techniques. Using these techniques, the fraudsters are able to exploit various points of potential weakness: at the account creation stage, the bank account linking process and payment authentication.
Join us as Iain Swaine, explores this fast-changing landscape, leveraging real world experience that stems from his days as eCrime Fraud Prevention Manager of the Royal Bank of Scotland, which was on the front lines of the initial faster payments adoption in the UK, and his current work as Head of Cyber Strategy, EMEA at BioCatch. He will explain how fraudsters see the this new world, what some of their techniques are and some of the techniques that are being used by leading enterprises around the world to address the risks in the P2P and PSD2 ecosystems.
As users become savvier and increasingly use ad blockers, advertising revenue is declining. Crypto coin mining is emerging as a new way for websites to monetise visitor traffic. But, there is a “dark side” to cryptomining: Cryptojacking, which includes, among other misdeeds, cryptomining without a website visitor’s permission or knowledge. While cryptojacking may seem like a victimless crime, since all that is being “stolen” is visitors’ computing and graphics processing power, it is anything but, and can lead to serious consequences. This session will focus on the differences between safe, legal cryptomining and dangerous cryptojacking, what it is, who is using it, why it is being used, when, how it is being abused, and how web browser isolation eliminates 100% of the cryptojacking risk.
• How crypto coin mining is being used today
• Why websites are moving away from advertising to crypto coin mining
• How and why web browsers are being used to steal users’ compute power away without consent in most cases
• How businesses can stop wide scale use of cryptojacking across all browsers and devices in their network through isolation
Data is the cornerstone of every organisation. Join WinMagic and Bechtle at this webinar where we’ll discuss how to protect your data from endpoint to cloud. You’ll learn the steps you need to take to ensure you’re confident that your data is secure.
Businesses deal with the impacts of data quality issues on a constant basis, yet the understanding of what data quality means is still improperly understood. In this webinar we’ll explore some of these impacts and how new approaches to data quality are changing the way organisations utilise data. We’ll also be exploring how new technology solutions are helping organisations investigate and diagnose the causes of various data quality problems and how fixing these issues makes a material impact to the health of the organisation. Data quality has become critical to the success of many business initiatives, so we’ll help you understand what items your detective toolkit needs to contain
Your job is to protect your organisation from the risk associated to cyberattacks. Resources may be tight, you may be struggling with too many alerts, and you may not be getting the visibility you need. As such, constantly evolving threats can slip through the cracks and the risk of suffering a damaging breach could be causing you to lose sleep.
Join LogRhythm and Reliance ascn to discover what managing cyber risk really means and how the right approach can help you deliver continuous value to the business. We’ll outline how you can reduce your organisation’s cyber risk with a smarter approach to cybersecurity that maximises the efficiency and effectiveness of your security operations centre.
Join us to:
• Understand the challenges our customers are facing & how they’re overcoming them
• Discover the technologies & processes you can use to manage and reduce cyber risk
• Understand how NextGen SIEM enables measurably faster threat detection and response
• Learn how automation and orchestration boosts efficiency and productivity
• Hear how machine learning and true AI capabilities can enhance your security analytics
This webinar looks at how to eliminate complexity, increase efficiency of security tools, and improve confidence in the overall security posture of your organisation.
Adrian Rowley, Gigamon’s Technical Director for EMEA, will discuss todays challenges in network security and how these can be resolved.
Attendees will learn how you can:
•Maximise network availability and operational simplicity of security tool upgrades with its integrated inline bypass technology
•Deliver unmatched depth and breadth of traffic intelligence that is essential to increasing efficiency of overburdened security and networking tools, while decreasing complexity
•Minimise Total Cost of Ownership and increase ROI by an average of 153%
Join Adrian Rowley to see why only Gigamon provides a full solution for networking tools and inline and out-of-band security tools across on-premises, remote, virtual and cloud environments.
The journey to the cloud had just had a major breakthrough.
With VMware software now available on the global AWS Cloud, there is now a single, consistent, pervasive connectivity and a secure platform for apps and data. Whether that is in the Datacenter or in the AWS Cloud. This gives you the power to move existing applications seamlessly to the cloud and back as needed.
You’ll understand how you can quickly get workloads on the cloud without having to re-engineer your applications. Keep applying the skills you've developed on the VMware platform, backed by the large array of services in the AWS platform. This allows you to be agile, reduce capital costs and increase availability for innovations.
In this webinar, we will show you:
- How, as a VMware customer, you can go into the cloud without retraining, reconfiguring your apps, refactoring and more
- What it will mean to have immediate access to the AWS platform and services and how it'll accelerate innovation
- Immediate value Business Cases related to increased agility, disaster recovery, and stretch networking for high availability.
Scott Mathewson, Data Center Practice Lead, North America, Softchoice
As Practice Lead for Softchoice North America, Scott has over 25 years of Datacenter experience with EMC, VMWare and Cisco, he is responsible for defining Softchoice assessments and services offerings for VM ware and SDN. Scott works with customers to develop solid solutions as it relates to SDS, SDN, Cloud, management and automation solutions.
Law firms are increasingly a high-value target for hackers, a “one stop shop” for sensitive data. And as dozen of examples show, the hackers are often successful. How do these cybercriminals infiltrate law firms and what can be done to prevent them?
Join our panel of experts as they dissect the anatomy of a successful law firm cyberattack and explain how you can protect yourself, and your clients, from a similar fate.
Attend this webinar to learn:
-Why hackers are increasingly targeting legal professionals
-What vulnerabilities make law firms easy prey for hackers
-The ethical implications of law firm cybersecurity
-How to protect yourself, your clients, and your data
- Jake Bernstein: An attorney with Newman Du Wors, Jake Bernstein’s practice focuses on counseling clients on cybersecurity issues. A former Washington State Assistant Attorney General and a frequent speaker and advisor on cybersecurity legal issues, Bernstein has significant experience with regulatory compliance, privacy, and cybersecurity law.
- Eli Wald: A professor of legal ethics at the University of Denver’s Sturm College of Law, Eli Wald was one of the first academics to investigate the ethical implications of law firm cybersecurity. A frequent author and speaker on ethics and professional responsibility, his work has been cited in ABA ethics opinions and excerpted in legal ethics casebooks.
- Kip Boyle: A 20-year information security expert and founder of Cyber Risk Opportunities, Kip Boyle advises global companies in the logistics, technology and financial services industries. He is a nationally recognized analyst, lecturer and thought-leader in cyber risks and has been featured in Entrepreneur magazine, Chief Executive magazine and others.
When people think about cybersecurity today, they typically think about securing data in motion and at rest or analyzing threats. But when you move into this new IoT connected world, you need to think about more than just the data and monitoring hackers. How do you ensure you can trust the actual IoT endpoint device? This 3-part webinar series will focus on approaches for making devices trustworthy and enabling secure device-to-cloud communications.
Unique to the industry, CMD+CTRL are interactive cyber ranges where staff compete to find vulnerabilities in business applications in real-time – learning quickly, that attack and defense are about thinking on your feet, creativity and adaptability.
Every two weeks, we will offer the opportunity to test drive CMD+CTRL for 24 hours. We'll open up our CMD+CTRL to anyone to participate, score points, and see how they do.
We will start with a 30 minute live demo to go over the features and functionality of CMD+CTRL, Q&A, and provide the login URL and credentials for your free 24 hour access and you can begin testing your skills immediately.
Investigative teams are under increasing pressure to respond to challenges caused by greater volumes of data and a more diverse range of digital devices.
Key facts are often spread across multiple evidence sources, making it difficult to understand the bigger picture and often requiring an investigator to manually correlate their findings and identify connections. This places an increasing burden on overstretched teams, who need to respond faster and with more accuracy.
Join Stuart Clarke, Global Head Security & Intelligence at Nuix who will introduce collaborative and intelligence driven investigations that can augment human investigative skills and expose the hidden relationships across people, objects, locations and events.
• Learn how a single pane of glass can help expose hidden relationships in the data
• Understand the importance of efficient workflows that can make best use of technology
• Find out how the latest technology can augment your investigative teams to enable you to make timely and informed decisions
The presenter: Stuart Clarke, Global Head of Security & Intelligence Solutions
Stuart is an internationally respected information security expert who is responsible for the overall security and intelligence strategy and delivery at Nuix. During his time at the company, Stuart has advised the United Nations’ peak cybersecurity body ITU and provided cybersecurity training for over 60 computer emergency response teams. He led the development of Nuix Investigation & Response, an innovative investigative tool used to delve into the causes and scope of data breaches.
Earlier this month, FireEye revealed an extensive cyber espionage carried out by China-linked TEMP.Periscope which targeted Cambodia’s political system. The effort—which was covered by Bloomberg, Time, Associated Press and others—compromised multiple ministries, diplomats and opposition members. It was carried out by China’s second most active cyber espionage groups, which has previously targeted US-, Europe- and Asia-based organizations.
Join Tim Wellsmore, Director, Government Security Programs, APAC and Ben Wilson, Threat Intelligence Analyst for the webinar to learn more about TEMP.Periscope’s mission, and its attacker tactics, techniques and procedures.
SaaS applications like Microsoft® Office 365® are wildly popular, and adoption across enterprises continues to grow, but so do the hidden threats lying within these offerings, such as:
• Accidental data exposure with SharePoint®
• Uncontrolled use of personal OneDrive® accounts
• Data security violations in Exchange
Yes, even trusted SaaS applications like Office 365 can increase your risk of breaches and noncompliance.
Our Security Operating Platform can help. Sign up for our webinar and learn what you need to meet your CASB needs as well as secure your cloud-based data against malware and accidental exposure.
You’ll also find out how to achieve complete visibility and reporting, data classification, and fine-grained enforcement across users, folders and file activities to protect your business-critical data in Office 365.
Les évolutions technologiques, les nouvelles normes, l’augmentation constante du trafic, la complexité des infrastructures réseau au sein desquelles l’information est de moins en moins visible, ainsi que les cyber-menaces de plus en plus sophistiquées ont un impact majeur sur les entreprise et les obligent à repenser l’architecture de sécurité.
Yann Samama discutera des défis actuels en matière de sécurité et comment ils peuvent être surmontés en abordant les sujets majeurs tels que :
* Augmenter la disponibilité du réseau tout en simplifiant la connectivité des outils grâce à une solution de module bypass
* Disposer d’une visibilité en tout point réseau afin d’améliorer de l’efficacité de l’ensemble des outils connectés tout en réduisant la complexité de leur exploitation
* Diminuer les coûts OPEX et CAPEX via un ROI très court-termisme
Découvrez les raisons pour lesquelles Gigamon propose la solution la plus complète et efficace pour la connectivité des outils en mode « inline et Out of band » au sein des environnements physiques, virtuels et de cloud public.
Le phishing reste l’une des plus grandes menaces pour les entreprises. Ce type d’attaque ciblée exploite le facteur humain plutôt que la technologie, ce qui la rend plus difficile à détecter par les solutions de sécurité traditionnelles. Nous vous ferons découvrir comment réduire le risque d’hameçonnage en permettant la simulation de phishing et la formation pour aider vos utilisateurs finaux à détecter, signaler et se prémunir de cette menace.
Durant cette session, nous couvrirons les sujets suivants :
• Comment évaluer la vulnérabilité de vos utilisateurs aux attaques de phishing et de spear phishing
• Sensibiliser et former vos utilisateurs pour qu’ils reconnaissent et évitent les attaques de phishing et autres escroqueries d'ingénierie sociale
• Comment permettre à vos employés de signaler les messages suspects en un seul clic.
Cloud security has come full circle - back to the user. Early cloud vendors promised complete security only to find the truth more nuanced - there’s a shared responsibility. Both infrastructure and applications in the cloud need attention to stay clear of security vulnerabilities old and cloud new. Security testing has evolved to meet the needs of hybrid, public, and private cloud deployments. Attendees of this webinar can expect to learn:
The shared model for cloud security
What cloud providers protect...and what they don’t
How to migrate securely to the cloud
What penetration testing for cloud environments does differently
Are setting up a new channel or trying to revitalise an old or underperforming sales channel?
Have you invested time and money recruiting partners but feel disappointed they aren’t producing or have fallen silent?
Do partners bring you requests for duck-shoot demos that result in sales cycles that seem never to close?
Channel Partner Sales Managers have one of the toughest jobs in sales or sales management. They have to:
* Lead and manage without power
* Carry large targets and are responsible for key accounts
* Recruit partners who produce predictably & consistently
* Get the best out of partners
* Create and maintain engagement across partner organisations (sales, technical & management)
* Help partners make good money and stay committed & loyal
If you want to gain marketshare and expand quickly, identifying and selecting the right Channel Partner Sales Managers can be the key. Providing them with the correct tools and resources is essential.
Join us on 10th July for a webinar introducing a radical new approach to channel sales development.
* Startup businesses looking to build a channel from scratch
* Established business experiencing erratic or disappointing channel performance
* Companies looking to launch new products and services
* Companies launching into new markets
* Direct sales organisations looking to reduce their sales costs & headcount without a loss of earnings or quality
While ITSM is often delivered via software as a service (SaaS), businesses today are looking for different deployment options. The world is in flux, and strategies evolve. Businesses using SaaS today may need to migrate to a private cloud in the future. Similarly, some companies have strict security and compliance policies around data sovereignty, making on-premises deployment mandatory. That’s why it’s important to factor deployment flexibility into your evaluation of modern ITSM solutions.
This webinar will cover:
1.How Flexible Container Technology provides Portability, Faster Time to Value, and Lower TCO
2.How seamless upgrades can be achieved in conjunction with Codeless Configuration
3.How you can now consume new and innovative capabilities with equal speed, whether the solution is on premise, in a SaaS model, or in the public cloud.
To invest, or not to invest? That is the question. An effective Application Security programme takes a lot of initial investment, particularly of time and effort, not to forget the money.
In this session, John Smith - Principal Solutions Architect @ CA Veracode - will help you understand how to get the most out of your time, effort and financial investment that has gone into your Application Security Programme.
You will leave this webinar understanding…
- Why invest in AppSec?
- How can you generate the largest ROI on your investment?
- What positive business outcomes, come from an AppSec Investment?
Join us on the 24th of July to find out how to get the most bang for your buck with Application Security!
What’s keeping you up at night? Ransomware? Phishing? Spyware? Malware? Data Breaches? A malicious email typically opens the door to those threats. Organizations spend great energy (and budget) preventing users from falling prey, but threat actors continue to find ways to get past automated controls, staying one step ahead of artificial intelligence tools. Cofense believes solving the phishing problem is more than just awareness: it’s about empowering humans to become instinctual nodes on the cyber defense network and feeding their real-time intelligence to security teams for immediate action.
Darrel Rendell, Principal Intelligence Analyst, Cofense
Mollie Holleman, Senior Intelligence Specialist, Cofense
AI and machine learning technologies are rapidly maturing and becoming more enterprise ready — but 83% of organisations don't yet know how to leverage AI/ML in their business.
Join us to learn how the new Box Skills makes all your business-critical unstructured content easier to find, organise, manage and protect by automating mundane processes to get to your most impactful work faster.
During this live webinar you'll learn how you can:
- Use Box Skills to manage and tap the potential inside unstructured content like videos, photos, audio and more
- Reap the value from your unstructured content — without recruiting a team of data scientists to build AI/ML from scratch
- Apply ML to your content to increase employee productivity, improve customer experience, accelerate or automate business processes, and mitigate risks
DevOps methodologies have become extremely popular to enable agile application development and delivery.
Unfortunately, when it comes to the associated network connectivity, such as whenever a new application needs to connect to an external resource, the process breaks. The application developer then needs to open change requests and wait for approvals which effectively breaks the continuous delivery cycle. As a result security is in the uncomfortable position of being a bottleneck and an impediment to innovation.
In this webinar, Anner Kushnir, AlgoSec’s VP of Technology will describe how the innovative 'Connectivity as Code' approach can be implemented to overcome these challenges, and seamlessly weave network security into the existing CI/CD pipeline in order to fully automate the application delivery process end-to-end.
Attend this webinar to learn how to:
•Seamlessly manage network connectivity as part of the DevOps process for faster, more agile and problem-free application delivery
•Avoid external out-of-band network connectivity problems that require separate and manual handling
•Ensure continuous compliance and auditability throughout the application delivery process
•Get clearly documented application connectivity requirements which help prevent disruptions to the business
•Bridge the gap between application developers and network security throughout the entire application lifecycle
For John Muir Health (JMH) and other leading healthcare firms, Office 365 is often IT's first foray into the public cloud and the start of a broader initiative to migrate from premises-based applications to cloud. Most are now looking to deploy cloud messaging, file sharing, collaboration apps, and more. Deploying this "long-tail" of SaaS applications shares a great deal with platforms like Office 365, but some considerations are different.
In this webinar, learn how John Muir Health journeys to secure these lesser known cloud applications and gain actionable advice that you can bring to your organization to protect data in Office 365 and beyond.
(ISC)2 will hold its Security Congress 2018 in New Orleans, LA, October 8th – 10th. This conference will bring together 2000+ attendees and over 100 educational sessions. One of the 13 tracks that are being offered with focus on Cloud Security and challenges practitioners face when dealing with all things cloud. On July 24, 2018 at 1:00PM Eastern, join (ISC)2 and several of the speakers who’ll be presenting in the Cloud track as we preview their sessions, get an idea of what will be discussed and discuss the state of cloud security today.
The digital landscape is doubling in size every two years. By 2020, the data we create and copy annually will reach 44 zettabytes, or 44 trillion gigabytes.* With so much data to manage, one of the biggest challenges is knowing where sensitive data resides – on an endpoint? On a file server? In transit? Or possibly in the hands of a competitor or a bad actor. Only by building context around your most sensitive data will you gain a better understanding of how to protect, prioritize, lock down, and monitor your data, and to avoid damaging data breaches.
Join Chase Cunningham, Analyst with Forrester and Kevin Santarina, Senior Systems Engineer with Comodo Cybersecurity as they discuss why data protection is a necessary addition to every organization’s security portfolio. Learn how you can:
•Understand the structure and location of your organization’s high value data
•Analyze the movement and storage of sensitive data across your network and beyond
•Protect sensitive information from exposure by employees and third parties
•Build an action plan to enforce a least privileged model and remediate when sensitive data is overexposed
Effective security requires a layered approach. If one layer is comprised, the additional layers will (hopefully) stop an attacker from going further. Much of container security has focused on the image build process and providing providence for the artifacts in a container image, and restricting kernel level tunables in the container runtime (seccomp, SELinux, capabilities, etc). What if we can detect abnormal behavior in the application and the container runtime environment as well? In this talk, we’ll present Falco - an open source project for runtime security - and discuss how it provides application and container runtime security. We will show how Falco taps Linux system calls to provide low level insight into application behavior, and how to write Falco rules to detect abnormal behavior. Finally we will show how Falco can trigger notifications to stop abnormal behavior, notify humans, and isolate the compromised application for forensics. Attendees will leave with a better understanding of the container security landscape, what problems runtime security solves, & how Falco can provide runtime security and incident response.
Take a look behind the curtain and decide for yourself. Join government security expert Mike Larmie as he breaks down the key differences. He will share what your agency needs to know to make sure your security program is both identifying vulnerabilities and reducing risk of exploit. He will cover the techniques, tools, and tradecraft of each, as well as common questions such as:
-Who performs the services?
-How often do they run in a network environment?
-What’s covered in their data output and reporting?
-What’s their value?
Mike will present how government agencies are reinventing how they conduct security testing to achieve greater efficiency and ROI. Learn how your agency’s security team CAN achieve security without compromise.
BIO: Mike Larmie, Federal Solutions Architect at Synack has more than 20 years of IT Security Experience, and has been involved with countless missions within the DoD, Intel and Civilian Federal Agencies. He has a wealth of experience having worked at companies such as Tenable, Sourcefire, Rapid7, Infoblox, G2 and others.
When choosing a Cloud Management Platform (CMP), enterprises should be looking for Security and Compliance capabilities in addition to Cost Management and Cloud Governance. CloudCheckr is a full-service CMP that delivers "all of the above".
Additionally, enterprises need to understand their role in the Shared Responsibility Model, in order to fully meet security standards like FedRAMP, HIPAA, PCI and more. CloudCheckr's new Total Compliance module can now automatically and continuously monitor your infrastructure for compliance with 37 different standards, such as HIPAA, PCI, and NIST 800-53.
Join us for a hands-on demonstration of some of the popular security and compliance features CloudCheckr offers.
Attendees will learn:
- Best Practice Checks as it relates to cloud usage
- Our *New* Total Compliance module
- Automated "Fix Now" capabilities that can save time and effort
Most companies have huge gaps in their computer security defenses, and can be compromised at will by a determined hacker. The industry even has a term for it: “Assume Breach”.
But it doesn’t have to be that way!
Join Roger A. Grimes, a 30-year computer security consultant and author of 10 books, for this on-demand webinar where he explores the latest research on what’s wrong with current network defenses and how they got this way. Roger will teach you what most organizations are doing wrong, why, and how to fix it. You’ll leave this webinar with a fresh perspective and an action plan to improve the efficiency and effectiveness of your current computer security defenses.
Roger will teach you:
- What most companies are doing wrong, why, and how to fix it
- An action plan to improve the effectiveness of your computer security defenses
- How to create your “human firewall”
Приложения SaaS, например Microsoft® Office 365®, набирают популярность. Всё больше компаний используют их в своей работе. Однако такая модель предоставления приложений таит в себе определенные угрозы:
• случайное раскрытие данных через SharePoint®
• неконтролируемое использование личных учетных записей OneDrive®
• нарушение безопасности данных в Exchange
Даже надежные приложения SaaS, такие как Office 365, повышают риск нарушения безопасности и несоблюдения нормативных требований.
Наша платформа Security Operating Platform поможет избежать таких проблем. Зарегистрируйтесь для участия в вебинаре и узнайте, как обеспечить соответствие требованиям брокеров CASB и защитить облачные данные от вредоносного ПО и случайного раскрытия.
Вы также узнаете, как обеспечить полную визуализацию, создание отчетов, систематизацию данных и гибкое применение правил для всех пользователей, папок и действий с файлами, чтобы защитить важные для бизнеса данные в Office 365.
Las aplicaciones de software como servicio (SaaS), como Microsoft® Office 365®, tienen mucho éxito y cada vez más empresas las utilizan. Sin embargo, también están aumentando los peligros que conllevan, como los siguientes:
• Revelación accidental de datos con SharePoint®
• Uso descontrolado de cuentas personales de OneDrive®
• Violación de la seguridad de la información en Exchange
Sí, incluso las aplicaciones SaaS de confianza como Office 365 pueden hacer que aumente el riesgo de sufrir fugas de datos y de incumplir las normativas de seguridad.
Nuestra solución, Security Operating Platform, ayuda a combatir estos peligros. Inscríbase en nuestro seminario web e infórmese sobre el CASB que necesita para proteger sus datos en la nube frente al código dañino y las fugas fortuitas.
Descubrirá cómo disfrutar de plena visibilidad y completas funciones de elaboración de informes y clasificación de datos, junto con la posibilidad de realizar ajustes detallados a nivel de usuarios, carpetas y operaciones de archivo, todo ello con el objetivo de proteger los datos cruciales alojados en Office 365.
Join Andrew Kanikuru - Senior Digital Sales @ Veracode & Nabil Bousselham - Principal Consultant Solutions Architect @ Veracode - to discuss how fine the line is between a blessing and a curse in terms of Open Source Code Security.
In the technologically advanced era that we live in, organisations rely on fast software delivery to gain the competitive advantage. Using open source and 3rd party components in the SDLC can help companies be first to market with new services and solutions. When you consider that almost 93% of organisations use external snippets of code during development, not only is this now the norm but it is fast becoming best practice.
But what about the risks?
Although using Open Source code allows fast deployment, faster doesn’t always mean better. As the origin of the code is unknown it means it is unsecure. The largest data breach in history occurred due to an exploitation in Open Source Code, leading to huge financial payouts.
Fast & Secure - how does an organisation juggle these positive outcomes to best enable themselves to get to market quickly and safely?
Join our live webinar on the 25th of July to find out how.
A segmented network operationalizes your network security policy, enables a demonstrable state of continuous compliance, and provides mitigation options for cyberattacks.
Our advice: organizations must go back to the basics to accomplish this crucial project.
This webinar will cover actionable tips for network segmentation based on the experience of over 2,000 organizations. We will share:
•Common pitfalls to avoid
•How to start segmenting your network today
•Tips for applicable enforcement
•Q&A from the attendees