IT Security

Community information
The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
  • We all want our families and homes to be safe with the convenience of remote monitoring, but do these smart home security devices really make our families safer or put them at more risk by inviting easier access to our homes electronically via insecure Internet of Things? In a follow-up to HP’s 2014 report on the Internet of (Insecure) Things we explore the security of popular off-the-shelf connected Home Security Systems and discuss various testing techniques we used in our study along with recommendations for manufacturers, developers and consumers.
  • The game has changed. Due to cost savings, and the privacy and mobility needs of employees, in just a few short years companies have loosened the mobile device leash. Enterprises are now shifting from traditional “company owned” devices, to allowing “Bring Your Own Device” in the workplace. According to Gartner, by 2017 fifty percent of companies will actually force employee to bring their own device to work.

    But if you’re tasked with securing devices, how do you accommodate BYOD? Where do you start and what kinds of security solutions should you be looking for?

    In this webinar, Chris Hines, Product Manager at Bitglass will teach you how to balance the needs of IT admins and employees when it comes to securing your mobile world.
  • From unobtrusive advanced malware detection technologies to automated threat response and actionable mobile-friendly dashboard – manage security from any device, any time, ESET will present new solutions for securing your endpoints and new ways to manage them.
  • Organizations are having to cover more ground than ever when it comes to security. Yet businesses often lack the in-house skills and resources, so security leaders are turning to MSSPs to help bear the burden to ensure every area of risk is adequately attended to.

    Join us for an interactive discussion with guest speaker, Forrester Research VP and Principal Analyst, Ed Ferrara, to learn how MSS is changing the conversation for businesses to achieve security goals. Help drive the conversation by submitting a question for Ed in advance so we can tackle your biggest security concerns such as:

    • Overcoming the skills shortage
    • Where to focus the budget – spending trends across industries
    • The value of security – pitching it as an investment not a cost to business leaders
    • Improving business outcomes – leveraging MSSPs as a tactical arm to optimize IT security, efficiency and value
  • Most IT providers have offers related to big data, cloud, mobility and security, and companies are looking at IT as the way to reduce costs and be competitive during an economic crisis. Investments in IT trends such as cloud computing and big data will rise thanks to a new player in the game: the business departments. This analyst briefing will show why companies are investing in IT, and what will change in 2015.

    Why you should attend:

    - Discover how many companies will adopt big data, cloud, mobility and security in 2015
    - Understand the current scenario of these trends in Latin America
    - Learn what will be different in 2015 regarding each trend
  • Providing a seamless user experience from browsing to purchase requires consistent uptime and performance, and seasonal traffic spikes require elastic scalability. In this webinar, we'll explore these and other big data challenges faced by e-commerce businesses and how the cloud can provide a winning solution. We’ll review mobile shops login data analysis, dynamic content, affiliate programs, infrastructure reference architecture, mobile plate- form integration with social media, and network integration and built-in instant messaging uses cases.
  • For any developer, choosing the right compute infrastructure and back-end database is a critically important decision. In this webinar, we'll explore specific challenges that mobile app and game developers face and how the cloud can provide a winning solution. We’ll also explore cloud solutions for big data challenges for MMOG, built-in analytics, online and offline MOG online modes, infrastructure reference architecture, and social network and cross-platform game use cases.
  • The risks and opportunities which digital technologies, devices and media bring us are manifest. Cyber risk is never a matter purely for the IT team, although they clearly play a vital role. An organisation's risk management function need a thorough understanding of the constantly evolving risks as well as the practical tools and techniques available to address them
  • Who has earned the bragging rights as the most secure college athletic conference?

    Colleges have rivals both on the football field and in the classrooms, but how do they fare in security performance? Watch this webinar featuring Stephen Boyer, CTO and Co-Founder of BitSight Technologies, and Rebecca Sandlin, CIO of Roanoke College, to learn how the major athletic conferences compared in key security performance metrics. There is also a discussion about why security benchmarking is so significant in education.

    Watch this webinar to discover:

    - The unique challenges higher education faces in securing their networks and how benchmarking can help
    - Why performance varies across the industry, and how that translates into actionable intelligence for security teams
    - How Security Ratings are enabling Roanoke College to gain tremendous insights about security strategy and performance issues that they can share with their board.
  • Today’s threat actors are more sophisticated than ever, and organizations need live attack intelligence that alerts them to emerging threats long before they become full-blown attacks that lead to sensitive data loss. Furthermore, organizations need the most current threat data available in order to protect their networks from incursions – they need real-time actionable intelligence.

    Join us for the upcoming webinar, “Actionable Intelligence: A Threat Intelligence Buyer’s Guide” featuring Rick Holland, Principal Analyst at Forrester Research, and Jeff Harrell, Senior Director, Product Marketing at Norse, to learn how to evaluate the various threat intelligence offerings in the marketplace, and how to utilize them to prevent today’s advanced attacks.

    In this webinar you will learn about:
    * The criteria needed to effectively evaluate threat intelligence solutions that meet your organization's needs
    * The value of the different types and sources of internal and external threat intelligence
    * How best to utilize threat intelligence to realize a greater return on security investments and better protect your organization
  • Social engineering targets our most challenging assets - people! We'll share a case study on how a regulated, mid-sized company prioritized risks, developed a mitigation strategy, and delivered an innovative awareness campaign.

    What's unique about this example is the program we helped build to incorporate active control testing, user feedback, and metrics to improve employee training alongside traditional technical controls.
  • Attack Intelligence to Power Tomorrow’s Cyber Response.

    Preparing to combat every threat and vulnerability is a war that no cybersecurity professional can win today. Speed, accuracy and visibility of threats and active attacks is critical to defending against APTs and other sophisticated attacks responsible for today’s headline-grabbing data breaches. The next generation of advanced threat prevention solutions will require a significant shift in how we incorporate threat and attack visibility into everyday security operations, enabling incident responders to identify and stop campaigns as they happen.

    Join us as IDC’s Research Vice President for Security Products Services Charles Kolodgy shares his view of the threat landscape, including how threats are evolving, how cybercriminals are becoming more sophisticated and what new solutions are necessary to combat APTs.
  • Pass-the-hash and similar credential theft and reuse attacks are among the greatest security threats facing organizations today. With an impact that extends well beyond Microsoft Windows and Active Directory environments — and with no definitive means of remediation — it should come as no surprise that these types of attacks have been an underlying component of just about every targeted attack disclosed in the past several years, including those perpetrated against Saudi Aramco, Target, and The Wall Street Journal — just to name few.

    Join us Thursday, February 26th at 1 pm to learn:

    - How this highly popular and devastatingly effective class of attacks works
    - The basics of the pass-the-hash kill chain
    - An approach, based on design and administrative best practices, for mitigating attacks
    - The role privileged identity management solutions, like Xsuite, can play in implementing these practices

    Presenters:

    - Mark Bouchard, Co-Founder and VP of Research, CyberEdge Group, LLC
    - Dale Gardner, Senior Director, Product Marketing, Xceedium, Inc.
  • In this webinar we will examine what information security and threat analysts can expect in 2015. Topics will include using threat intelligence before and after data breaches, information sharing, the Internet of Things, and the role of the CISO.
  • Mobile is no longer a supplementary channel for the enterprise; It is quickly becoming the primary channel to deliver business critical information and experiences to partners, customers and employees. Join Sarvesh Jagannivas, VP of Product Marketing at MuleSoft, and Uri Sarid, CTO at MuleSoft, as they discuss the mobile enterprise opportunity, and the biggest challenges preventing successful mobile delivery.

    Join this webinar to learn:
    - Why mobile applications are the new imperative for the enterprise
    - The top challenges preventing rapid, scalable and secure mobile application development
    - Three case studies of industry leaders who are building mobile enterprises
  • Many organizations are looking at using big data to detect more advanced adversaries. We are collecting more information than ever before, but what are we doing with it? In this talk, we will look at some ways you can use data science and visualization tools to get more out of the data you collect. Visualizations will let you see what is happening at a high level: A picture is worth a thousand log entries. There are data science techniques that other industries, such as advertising, have used successfully. We can apply these techniques to find patterns of behavior that are out of the ordinary, and ultimately catch more bad guys.
  • As a business, concerns over RTO, RPO, costs, security, and data privacy have historically made the decision for cloud backup a complicated one. However, cloud technologies continue to evolve, and can now provide substantial cost benefits while overcoming the most stringent security, data privacy, storage and performance hurdles. This makes it a perfect fit for many backup needs — especially remote office server backup.

    In this session we’ll cover:

    * The state of the cloud and the latest advancements for D2C server backup
    * How security and data storage advancements are addressing key enterprise data privacy concerns
    * How to leverage the cloud for remote office server backup and archiving, while significantly lowering storage and administration expenses
  • What sets high-functioning IT organizations apart from the rest? That’s something every IT leader wants to know. After all, we live in a highly competitive business climate and IT performance can be the difference between success and failure. To conquer the challenge, we need to be informed and collaborative and we need to do this in a cost-effective manner.

    In this webcast, you will hear from two experts on some of the technology that’s driving today’s high-functioning IT organizations. Find out how your company can be aligned, agile and ready to respond to ever-changing business requirements and competitive pressures.
  • Cutting down on the time taken to complete complex document review cycles allows the modern lawyer to operate at the pace required by their industry.

    Join our webinar to learn top tips for shortening these review cycles without losing document integrity and risking corruption. We’ll also cover what technologies are available to provide a quick and accurate way to improve document review efficiency.
  • FireEye recently released a new report that documents how and why governments around the world are turning to the cyber domain as a cost-effective way to spy on other countries, steal technology, and even wage war.

    Whether it’s sensitive military, diplomatic, or economic information, governments depend on the integrity of their data. If that data falls into the wrong hands, the consequences could be severe.

    In the wake of two apparent state- and government-sponsored attacks, APT1 and APT28, government agencies must understand why they are in attackers’ crosshairs, what attackers might be seeking, and how they can protect themselves.

    Join us for a dynamic discussion with subject matter experts where you will learn:

    •What makes your government-related organization an appealing target – whether you’re a political opponent, business, agency or vendor
    •Why it’s important to determine who could be planning an attack, their motives, and how they might carry out their goals
    •How to assess your level of preparedness and how to protect yourself if you are not ready for this new era of cyber warfare
  • Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • The Internet of Things (the new buzzword for the tech industry) is increasing the connectedness of people and things on a scale that was once beyond imagination. Connected devices outnumber the world's population by 1.5 to 1.It is expected to eventually touch some 200 billion cars, appliances, machinery and devices globally, handling things like remote operation, monitoring and interaction among Internet-connected products.

    In combination with the fact that there are almost as many cell-phone subscriptions (6.8 billion) as there are people on this earth (seven billion), we have all the ingredients for a Perfect Cyber Storm.

    Join me for an informal discussion of the challenges for our profession, and some possible solutions.
  • The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • 2014 could have easily been called, “The year of the biggest security breaches since the beginning of forever.” But given current security practices and technologies, many of the breaches could have been prevented. So why weren’t they?

    Many of the affected companies fell into a very common trap, thinking that if a company goes to the trouble to be legally compliant then it will be effectively “secure.” Unfortunately, as with many kinds of regulations, legal compliance really represents the absolute least amount of effort required. If companies want to give themselves the best chance to avoid the very severe consequences that come with a major breach, there are five practices they need to put in place now.

    Join Adrian Sanabria, Senior Security Analyst at 451 Research, and Amrit Williams, CTO of CloudPassage, on this webinar to learn
    · Possible gaps left by the compliance-first approach to security
    · How to limit vulnerabilities across traditional, virtual and cloud infrastructures
    · Five best practices to avoid a major security breach in 2015
  • Join Tom Kellermann, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who are ready to take the reins of a real and effective plan to secure their organization, their data, and their careers against targeted attacks.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
  • A new category of threat is emerging – a threat designed to evade traditional signature-based technologies such as Anti-Virus and Intrusion Detection. Attempting to meet the challenge is a new class of technology, “Advanced Malware Protection” or “AMP,” which is an industry term for technology designed to continuously monitor for, offload and detonate files in a sandbox - safely away from the main environment - to observe and detect malicious objects.

    If a security device produces an alert in the forest, who’s there to hear it?

    The challenge is these next generation advanced malware detection solutions produce so much detail about the suspicious activity that most organizations do not have the resources to thoroughly investigate/analyze. The best technology means nothing if you don’t have the right expertise to react to the alert, quickly decipher complex reports, investigate the threat, and determine the right response. And meanwhile, the threat actors aren’t standing still – they’re developing measures to circumvent controls in some traditional sandbox environments.

    You will learn:
    1.How the threat is evolving and how actors are employing evasive practices to overcome traditional and even some more sophisticated security defenses
    2.Why next generation sandboxing and full-system emulation are the keys to combatting evasive malware threats
    3.The expertise needed to accurately identify and diagnose the threat once the alert is received
    4.How to ensure your organization has the ability to respond effectively to the incident and close all the backdoors a threat actor may have opened
  • Join Tom Kellerman, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who need to develop and implement a comprehensive cyber security strategy. Tom will highlight critical information including 2015 cyber threat trends and how risk management strategies have changed.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
    • And more...
  • In the past, women had many challenges that are not there today or have been transformed to something else. An example is that, in the past, a woman with children might have lesser chances of getting a competitive or managerial position. Today, she is able to go out for a job of her choice but might struggle to find a balance between home issues and the expectation to continuously exceed at the job. What women and in general all professionals need today is a mentor to guide them through personal and career aspirations. A good mentor is usually aware of corporate intricacies and latest developments to advise potential mentees in meeting their personal and career objectives.

    In this webcast we will look at the importance of mentoring, about how to become and be a great mentor and how to seek one out. Also, what should you provide as a mentor, and what should your colleague expect from you?

    We will be joined by Emili Evripidou and Vicki Gavin from the Women In Security group, as well as information security professional Sandip Wadje to talk about his experience of coaching and mentoring to graduates, junior professionals and expats moving to the UK. We will be live at 2pm GMT on the 10th March.
  • Part 1. The 3 Things you Need to Know About SharePoint 2013: On-premises vs. Cloud

    Tired of having information spread amongst various file shares, personal hard drives, and file cabinets? If you’re looking for that single collaboration platform, this is the webcast for you. We’ll give you three reasons why Microsoft SharePoint is the optimal enterprise collaboration platform for your business, and discuss the benefits and challenges to on-premises, all-in cloud, and hybrid models.

    Part 2. 3 Ways AvePoint Takes the Pain Out of Migration to SharePoint
    Now that you have decided to opt for SharePoint, how do you get there? In this webcast, we’ll discuss the potential obstacles you’ll face during a migration project. Then we’ll show you three ways AvePoint can expedite your path to SharePoint, including:

    •Optimizing migration resources by automating remediation of stale
    content

    •Minimizing business disruption over the course of migration projects
    with customizable scheduling

    •Maintaining all relevant content, permissions, and metadata
  • Reacting to threats and remediating breaches can’t wait. Your compliance plan may be in place – but can you execute fast?

    Join BMC Software and Qualys to see how to get complete IT compliance and reduce the risk and cost in your organization. Hear how to reduce the window of exposure to vulnerabilities and be more proactive in preventing aggressive threats. In this webinar, you will learn to:

    ·Break down the SecOps gap and internal silo’s
    ·Easily detect security issues with new automated, online technology
    ·Quickly analyze operational dependencies and the potential impact of proposed fixes
    ·Enforce governance policies and change approval requirements
    ·Execute validated remediation actions rapidly
    ·Document actions and results in real time


    Plus, learn how to improve communications between security and operations to ensure a speedy resolution to compliance issues.
  • The Mobile World Congress Conference brings industry leaders, visionaries and innovators together to explore trends that will shape the mobile industry.

    This briefing will discuss emerging trends, top issues and provide the key takeaways based on feedback from meetings held at the 2015 Mobile World Congress.
  • Our dependence on software continues to grow, powering some of our nation’s most critical infrastructure. To secure our cyber assets, we need to apply high standards to our software suppliers as well as the third party parts built into our software. Join the discussion on:

    •How open source and component-based development is driving the need for a software supply chain
    •Techniques and technologies used to vet software suppliers and components
    •The role of potential legislation in managing software risk

    If you are concerned about protecting our software infrastructure – join the discussion.
  • With the exponential growth of data generation and collection stemming from new business models fueled by Big Data, cloud computing and the Internet of Things, we are potentially creating a cybercriminal's paradise where there are more opportunities than ever for that data to end up in the wrong hands. The biggest challenge in this interconnected world is merging data security with data value and productivity. If we are to realize the benefits promised by these new ways of doing business, we urgently need a data-centric strategy to protect the sensitive data flowing through these digital business systems. In this webinar, Ulf Mattsson explores these issues and provides solutions to bring together data insight and security to safely unlock the power of digital business.
  • As much as Silicon Valley startup execs love to portray Microsoft as a dinosaur, the fact is that Office 365 adoption is accelerating in the enterprise. Office 365 offers a promising compromise for enterprises deciding, “to cloud or not to cloud": Bring cloud-based productivity tools under the company’s security umbrella so that people can work the way they want to, without sending sensitive company data astray. The idea that you can simply shift responsibility for your company’s data security to Microsoft, however, couldn’t be further from the truth. You can achieve Office 365 data security... but only through a partnership that involves, at its core, a comprehensive in-house security plan, together with Office 365’s built-in security functionality.

    In this webinar, Rich Campagna, VP Products at Bitglass, and Chris Hines, Product Marketing Manager, will help you understand where Microsoft’s security responsibility ends, and where yours begins, highlighting key gaps to keep in mind as you make the move to Office 365, and how to solve them.
  • Constantly evolving threats can be more difficult to counter—unless you have full visibility into potential vulnerabilities of your infrastructure. Built on the leading cloud security and compliance platform, Qualys gives you immediate, global visibility of IT vulnerabilities with continuous monitoring.
  • Le traditionnel paysage du datacenter a changé pour toujours, laissant l'infrastructure virtualisée délivée comme un service. Nous assistons, en effet, à une virtualisation qui s’est étendue bien au-delà de l'informatique , avec le stockage et la virtualisation réseau qui sont devenus rapidement la norme pour la plupart des organisations. Ce modèle est vrai indépendamment du fait que l'infrastructure soit gérée en interne dans l’entreprise ou dans le Cloud. Etant donné que l'infrastructure devient hautement virtualisée et se dirige de plus en plus vers le cloud privé , les ressources informatiques traditionnelles doivent aussi évoluer au risque de devenir inutile.

    Découvrez comment Symantec peut vous aider à renforcer l'agilité du datacenter grâce à une infrastructure élastique, la mise en place d'un modèle de services et l'exploitation de l'intelligence informatique.

    •Améliorer l'élasticité de l’infrastructure
    •Fournir des ressources as-a-Service
    •Cultiver l’Intelligence informatique
  • Cyber Essentials is about providing clarity on good basic cyber security practice. By focussing on basic cyber hygiene, you will be better protected from the most common cyber threats. This Government and Industry backed scheme helps your charity or business to become certified Cyber Essential. This can improve your security, engender better end user trust and even gain you free cyber insurance...

    Give01Day, the cyber supporter of charities, has created this series of webinars to help you learn more about the Cyber Essentials scheme, how to get your house in order and where to go for certification and further help.

    In this first webinar we discuss who the scheme is aimed at, what it entails and how charities in particular can benefit. We also highlight the Cyber Streetwise website as a useful resource.

    Joining Give01Day on this webinar is the approved certifying body IASME. Viewers will have the opportunity to submit questions during the Q&A session at the end of the webinar.
  • In most targeted attacks, threat actors use existing vulnerabilities as point of entry to exploit vulnerable systems. Many organizations understand the importance of closing the holes by patching the system immediately, however, in reality it is an impossible task. Zero-day vulnerabilities leave the system perpetually vulnerable, leaving attackers free to zero-in to take advantage of the hole. All it takes is one vulnerability for a system to be compromised.

    This Virtual Patching webinar discusses the options organizations have to better manage vulnerabilities. It presents new methods to help organizations adapt & mitigate known & unknown vulnerabilities.
  • The rise of malware and malicious insiders brings application security into clear focus. Well written software, security testing and code obfuscation mitigate risk but the most critical applications in the most risky locations need to go one step further to become tamper resistant. Trusted applications that handle sensitive data, control valuable IP and perform critical processes can be isolated and protected within secure execution environments. Mobile phones, embedded devices and data center servers all adopt physical hardening to secure the applications they host. This webinar focuses on protecting business applications that support high-tech manufacturing, content distribution, online authentication – in fact any situation where you need to know for sure that your application is doing precisely what the developer intended – nothing more, nothing less.
  • Well-maintained perimeter defenses are a key part of any security strategy. Organizations increasingly recognize that they must also complement their perimeter defenses with strong forensics capabilities to investigate and analyze attacks. When attacked, an enterprise needs to be able to rapidly investigate and determine the scope and impact of the incident so they can effectively contain the threat and secure their network.
    In interactive this session, you will learn about:
    • The key use cases for network forensics
    • The typical organization that acquires network forensics technologies
    • How FireEye Enterprise Forensics enables the proper response to today’s cyber attacks