The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
Learn why leading organizations are rapidly adopting a Software-Defined Perimeter instead of a traditional Network Access Control security model.
This webinar discusses:
Similarities and differences between Software-Defined Perimeter and Network Access Control models
Visibility and security – What’s the difference? Why does it matter?
Implementation and maintenance considerations
On-premises vs. cloud infrastructure considerations
Jason Garbis: Leads the Cloud Security Alliance’s Software-Defined Perimeter working group.
Randy Rowland: An executive who lead the effort to transform VMware into a cloud provider through the vCloud Hybrid Service (vCHS) and Cloud Foundry initiatives.
"Cyberhunting" actively looks for signs of compromise within an organization and seeks to control and minimize the overall damage. These rare, but essential, breed of enterprise cyber defenders give proactive security a whole new meaning.
Join me, Mike McCracken, Director of Professional Services at HOSTING, and Chris Dodunski, CTO of Phirelight Security Solutions on October 27th at 3 PM EST for the live webinar, Cyber Threat Hunting: A New Dimension of Cyber Intelligence.
During the live webinar, we will be going over:
-The technology behind "cyberhunting"
-What threats your organization is at the most risk for, both internally and externally
-A 20 min live demo of Phirelight's security solution.
Be sure to bring your questions, there will be a live Q&A during the event. See you there!
Companies have struggled to find their feet when it comes to combining technology, people and workflow in their mobile application development strategies. All too often fragmented technologies have impeded progress. As technologies mature however and mobile (as distinct from pure web development) becomes better understood, there is light at the end of the tunnel. In particular integration across the lifecycle is delivering significant productivity gains for developers and business stakeholders that makes moving from handfuls of apps to a scaled mobile app strategy more of a reality.
Get significant security protection with Windows 10! As the most secure Windows ever, Windows 10 offers significant security protection.
With more than 250 million threats online in any given day, security for your business has never been more critical. These threats can cause loss of data and personal information with increased risk of identity theft. Windows 10 includes built-in protection to help keep you more secure with all new features in the Anniversary update.
Join this webcast to learn more about the two major new security features that launched with the Anniversary update:
•Windows Defender Advanced Threat Protection (WDATP) detects, investigates, and responds to advanced malicious attacks on networks by providing a more comprehensive threat intelligence and attack detection
•Windows Information Protection enables businesses to separate personal and organizational data and helps protect corporate data from accidental data leaks.
What happens when you combine increasingly effective adversaries, data dispersing to the clouds, and a significant lack of skilled security practitioners? You get the future of incident response.
Despite having a bigger budget and better tools than ever before, the underlying way incident response happens within enterprises must evolve with the times.
Join Mike Rothman, an analyst at Securosis & Faizel Lakhani, COO at SS8 as they discuss trends in cyber attacks and incident response. Learn what you can do today to ensure your organization is ready for the changes already in motion, and how network visibility plays a crucial role in accelerating breach and incident response.
Whether you are in the beginning stages of implementing a vendor risk management (VRM) program, or you have a robust program, there are always scenarios that can blindside your organization. Compounding this uncertainty is the dynamic environment of cyber risk. Yet, there are tools and techniques organizations can leverage in order to reduce uncertainty about the security of their third parties and vendors.
Join Matt Cherian, Director of Products at BitSight as he discusses how to grapple with common vendor risk scenarios. In this webinar, viewers will learn:
- How to gain full visibility into the security of your critical third parties to avoid being caught off guard
- How to understand and communicate potential threats occurring on the networks of your third parties
- What to do when an infection- or breach occurs
Web gateways and proxies are losing to malware and other advanced threats and are generating troubling operational overhead. Join us to learn the top 5 reasons why gateways are falling behind and experience a live demo of web isolation which prevents malware from ever reaching the corporate network.
The healthcare industry is one of the top targets for ransomware attacks, and the US Dept. of Health and Human Services Office for Civil Rights (OCR) has now stated that ransomware incidents should be treated the same way as other data breaches under the Health Insurance Portability and Accountability Act (HIPAA) unless there is substantial evidence to the contrary.
In this webinar, we'll discuss:
-Why the OCR guidelines are important
-Why attackers are going after healthcare firms
-How to detect a ransomware attack
-Steps you can take to protect your organization
For enterprises looking to protect cloud app data, Cloud Access Security Brokers (CASBs) have quickly emerged as the go-to solution. But how have CASBs matured and encompassed critical pieces of the security puzzle, from identity management to data leakage prevention? Join Bitglass and (ISC)2 on October 27, 2016 at 1:00PM Eastern for Episode 1 of the CASB Wars webinar trilogy for a discussion about the evolution of CASBs from app discovery to complete cloud security suites and basic API-based controls to more capable multi-protocol proxies.
Runtime Application Self-Protection (RASP) is one of the newest technologies coined by Gartner and it is in early stages of adoption in the industry. It promises dynamic defense and automatic mitigation of vulnerabilities in web applications.
This webinar will provide an overview of buying criteria and evaluation requirements across different industries and some typical pitfalls that can slow down adoption.
After the introduction and a brief overview on the technology the audience will be invited to participate in discussion about organizational requirements for adoption and operationalization of RASP. Questions for discussion:
• My application is under attack. What actions should I take? Who owns the response?
• Which attacks should I respond to and which ones can I ignore?
• How to get started with mitigation provided by technology?
• Does RASP fit with DevOps?
• Does RASP help with remediation?
This is an objective discussion about RASP. Evaluation criteria, comparison of RASP with IAST and other security technologies, personal experiences and examples discussed in this talk are generally applicable to all RASP solutions.
Key takeaways: At the end of the presentation you will:
• Get a better understanding of requirements for evaluation of RASP and its use cases,
• If you can pull a successful evaluation alone, or if you will need participation of other groups / teams
• Learn about critical criteria for success of RASP in production
• How this criteria different relative to appsec testing tools.
Legacy security architectures and traditional security platforms are ineffective at securing modern data centers. Modern data centers need a security solution that is software-based, distributed, and simple: making security better, faster, and cheaper. vArmour is the leader in software-based segmentation and micro-segmentation that protects critical applications and workloads in the data centers and cloud.
Join this webinar to learn more about the simple steps to securing the modern data center with vArmour.
Step 1: Understand the behaviors of applications and workloads (with deep visibility) for more informed decisions
Step 2: Streamline segmentation policy creation and management
Step 3: Flatten and secure your infrastructure without a network redesign
Step 4: Utilize proper control placement for better security and more efficient resource utilization
Step 5: Scale out independent controls with automation
A long-held assumption about mobile technology in general is that endpoint security technologies are unnecessary since mobile operating systems (OSs) are inherently more secure than PC OSs. For policy enforcement and security on mobile devices, IT organizations have looked to enterprise mobility management (EMM) platforms for additional security and device control. However, there is a detection and enforcement gap between devices and back-end EMM, which does not provide real-time monitoring of app activity, network traffic, and overall endpoint health.
Mobile endpoint protection is critical and BYO complicates the issue since enterprises may or may not own the mobile endpoint. Employee owned devices introduce many more risks and variables than enterprises account for and we wish to inform you on this webinar. Join Phil and John to learn how to privately secure your BYO devices and measure the risks these devices bring into your network.
- How to privately secure BYOD mobile endpoints
- How to classify risky devices by examining installed applications
- How to create a plan to reduce risks introduced by mobile devices
The sad truth is that Invaders are trying to breach your defenses every day. With five out of every six large organizations being targeted by advanced attackers, protecting your data is a smart way to keep you from becoming tomorrow’s headline.
So what does data protection mean? A comprehensive approach allows the right people to access the right data, anywhere, by controlling access, monitoring its flow, and keeping it out of the wrong hands.
We will explain how Symantec technology addresses this approach and how you will benefit from:
•Grant and ensure access only for authorized users with strong, multi-factor authentication, on any device, including BYOD.
•Watching over data wherever it lives—in the cloud, on premise, in motion, and at rest.
•Preventing data loss with unified policy controls to encrypt or block vulnerable information before it leaves the gate.
Enterprises around the world are embracing cloud, mobile, and Internet of Things (IoT) technologies to decrease complexity while increasing business agility, empowering their distributed workforces, and gaining operational insights. A growing amount of critical enterprise network traffic is moving off private IP networks and on to the public Internet via wired and wireless broadband. At the same time, workforces are becoming more and more geographically distributed.
The effect is that the LAN is being replaced by the WAN—people, places, and things require secure, fast and reliable connectivity no matter their location—and businesses face challenges meeting these increasingly complex demands using legacy solutions.
Cradlepoint’s NetCloud platform combines our Edge software and cloud services (Enterprise Cloud Manager) with SDN, NFV, SD-WAN and a host of other technologies to provide a converged, next-generation WAN with an embedded security perimeter that addresses this new era of “Interprise” broadband networks.
Join us for a webinar to learn more about Cradlepoint NetCloud and NetCloud Engine to improve productivity, reduce costs, and enhance the intelligence of your network and business operations.
Container usage in production environments is becoming commonplace, increasing the need to design for security and develop security response processes. Doing so starts with a clear understanding of what software is running in the datacenter.
This Container Security Master Class looks at how datacenter operations trends are combining to promote secure container deployments. Although these trends have the potential to abate risk, without a clear understanding of the applications and their dependencies, if a successful attack does occur, the scope of compromise can inadvertently increase.
Classify data stored within Microsoft SharePoint using the familiar and intuitive interface provided by all Classifier products. A bulk document classifying feature enables you to classify large volumes of documents as they are uploaded to SharePoint quickly and efficiently.
Find Out More: https://www.boldonjames.com/products/sharepoint-classifier/
Social Engineering has been around for as long as the crooks have but in a modern online world, running a con game has never been easier. And that’s why we need to be savvy.
A social engineer can research you on Facebook and LinkedIn; read up about your company on its website; and then target you via email, instant messaging, online surveys…and even by phone, for that personal touch. Worse still, many of the aspects of a so-called “targeted attack” like this can be automated, and repeated on colleague after colleague until someone crumbles.
Greg Iddon will take you into the murky world of targeted attacks, and show you how to build defences that will prevent one well-meaning employee from giving away the keys to the castle.
Protect your data with Microsoft AvePoint powered by Azure.
AvePoint offers data-centric protection for Office 365, File Shares, and SharePoint with AvePoint Compliance Guardian. AvePoint automatically highlights data security concerns in Yammer, OneDrive, SharePoint Online or on-premises, and File Shares, keeping your data more secure. With the amount of data and connected devices on the rise, a data breach and cyber security threats are becoming more and more real.
Join this webcast to learn how to:
Gain insight into compliance health with discovery and targeted reporting
Standardize content classification with automated tagging
Identify and review alerts by risk score to identify incidents before they become costly fines
Are government encryption backdoors and privacy in such a fundamental conflict that one necessarily obliterates the other. We will also be examining this issue in the context of the big data era - is law enforcement really going dark or is right now the golden age of surveillance?
Mobile and IoT technologies are forcing business and IT leaders to rethink how they invest in IT infrastructure to take advantage of the speed of innovation. While they aim to improve GenMobile’s experience and enable operational efficiencies, they faces challenges to get the enterprise network ready.
Join this on-demand webinar to learn how the Aruba Mobile First Platform addresses these challenges with a collection of Aruba software products that turn connectivity into a rich experience for mobile users and actionable insights for business and IT.
On October 21st, a distributed denial of service (DDoS) attack on Dyn DNS took out a large number of high-profile websites, such as Twitter, Reddit, Netflix, Spotify, Paypal and others, offline. Join this panel discussion to find out what happened, who was affected and the likelihood of repeat attacks of this magnitude in the future.
* Tim Helming, Director of Product Management at DomainTools
* Ann Barron-DiCamillo, Partner & CTO, Strategic Cyber Ventures, LLC
* JP Bourget, CEO of Syncurity
* Robert Hamilton, Director of Product Marketing at Imperva Incapsula
Third party vendors and digitally connected supply chains provide significant operational and cost efficiencies. But they also expose businesses to significant data security risk as sensitive data leaves your protected network. A recent report revealed more than 60% of all data breaches were from third-party vendors.
In this webinar, supply-chain security expert Mitch Greenfield will walk you through a 5-step process to reduce your supply chain risk, improve vendor compliance, and make informed decisions about your vendor network. Learn how to:
- Ask the right questions when assessing supplier risk
- Manage and securely distribute vendor risk assessments
- Automate vendor risk scoring to eliminate human error
- Create reports to meet compliance and stakeholder requirements (CISO, C-Suite, Board, Auditor)
- Schedule periodic re-assessment based on a vendor's risk profile and criticality to the business
During this webcast Alex Jones from Gainsight and Dave Ferguson from Qualys will discuss how Qualys has helped Gainsight to:
- Scan, discover, catalog applications on multiple cloud environments for vulnerabilities and website misconfigurations.
- Adapt to increasingly complex and new web application technologies.
- Build an easy-to-use, accurate and scalable scanning program across web application and network infrastructure.
Eva Tsai will share her experience as a woman in tech charting a journey spanning multiple disciplines and excelling as a strategic business leader, her thoughts on the challenges women are facing, both in entering and advancing in their careers, and what her recommendations are on both professional and personal fronts.
Eva has extensive experience leading go-to-market transformation and managing company telemetry to drive growth worldwide. Her innovation and leadership has been recognized with significant industry awards and patents. She was selected by Silicon Valley Business Journal in 2015 as one of Silicon Valley's 100 Most Influential Women and won the 2014 Marketer That Matters™ award, sponsored by The Wall Street Journal. At vArmour, Eva has transformed the company into a growth machine via innovative and well-executed go-to-market strategy, insightful telemetry, and process optimization. vArmour has been named a “Company to Watch” by TechCrunch and a "Cool Vendor" by Gartner. Prior to vArmour, Eva held strategic roles at Citrix, BroadVision and Oracle. Eva holds a BS and a MS in Computer Science from Massachusetts Institute of Technology.
With over 22 years of Linux experience, a decade of collaboration and 1,000+ shared customers with Microsoft – SUSE knows how to deliver success for enterprise IT whether it’s cloud-native or on-premise.
Learn how SUSE Linux Enterprise and SUSE Manager are able to deliver and support demanding, mission-critical, and enterprise IT workloads on Azure:
State of the art rollback and live-patching functionality to maintain high-availability
Managing multiple Linux distributions from a centralized console
Standardizing your approach to Linux security, and internal/external compliance
Priority Enterprise Linux support availability
SUSE Manager Management Pack also available for Microsoft Systems Center
They say that knowledge is power. When it comes to securing our lives and businesses in the digital age, knowledge is prevention. You have begun the journey of securing your organisation, now see how a Next Generation Enterprise Security Platform can make prevention possible.
Join us for this webinar where you will better understand how the Power of the Platform can help your organisation:
•Gain complete visibility of what is happening on your network
•Reduce your attack surface making you a smaller target
•Prevent known and more importantly, unknown threats
hey say that knowledge is power. When it comes to securing our lives and businesses in the digital age, knowledge is prevention. You have begun the journey of securing your organisation, now see how a Next Generation Enterprise Security Platform can make prevention possible.
Join us for this webinar where you will better understand how the Power of the Platform can help your organisation:
•Gain complete visibility of what is happening on your network
•Reduce your attack surface making you a smaller target
•Prevent known and more importantly, unknown threats
Not attended VMworld? Join our webinar as we discuss the hottest ins & outs that came out of this years' event with VMware's Stuart Simmons.
VMworld continues to evolve to meet the needs of the marketplace – Transforming from its primary virtualization focus, the conference now includes content regarding Unified Hybrid Cloud, Cloud Management and Services, Hyper-Converged Infrastructure, Business Mobility and Network Virtualization making it one of the world’s premiere business events.
In this webinar we discuss the hottest ins and outs that came out of this years' event. Our Director of Strategy & Architecture, Kevin Linsell will discuss an update with VMware's Stuart Simmons.
What we will discuss:
•The key updates & announcements (and their relevance in today's marketplace)
•The 'what's new' & 'so what' to VMware's strategy update
•Insights into the new alliances, including with IBM & AWS
•Roadmap of what is still to come
This is your chance to get a very personal download on what's happened at VMworld - don't miss out!
Duration: 30 mins + Q&A
•Stuart Simmons, Head of Service Providers and vCloud Air Network, UKI VMware
•Kevin Linsell, Director of Strategy & Architecture, Adapt
Palo Alto Networks will explore the security insights to emerge from recent cyber threats, as well as how factors such as the cloud and changing digital practices introduce as many opportunities as they do operational challenges.
You have spent significant financial and human resources to configure and protect your network and digital assets, purchased several new security tools and software, and now you're wondering if those technologies will be able to protect your organisation against potential cyber intrusions.
Join this webcast and hear from Daniel Gortze, Delivery Manager for the SecureWorks Incident Response & Forensics Consulting Team, who will examine real-life scenarios in which security technologies failed, and even worst cases where threat actors used an organisations' own security technologies against them.
Key Topics Covered Include:
- Examples of Threat Actor Abuse of Security Technology in real-world Incidents
- Anti-Virus Abuse
- Exploiting Whitelisting Misconfiguration
- The Human Weak link
- Lessons learned and actionable insights
Ransomware and Phishing attacks have become a significant issue in organisations both large and small. The possibility of major business disruption arising from falling victim to Phishing or Ransomware is quite high, given that roughly 156 million phishing emails are sent globally every day.
The FBI reports that ransomware attacks have cost $209 Million in just the first three months of 2016, which is more than eight times the total for 2015. At this rate, ransomware is expected to yield close to $1 Billion by the end of the year unless individuals and organisations improve both their defences and security awareness.
Organisations must determine methods of improving their employees’ ability to withstand these threats, or at least, counter the most obvious ones. Cyber Security Awareness continues to become a major issue for management attempting to steer a safe course in order to carry out their “business as usual”.
Some of the key topics that will be discussed are:
•How has phishing and ransomware become so widespread?
•What are the best methods for countering the threat of phishing and ransomware?
•How can we improve the resistance of our user population to this threat?
Organizations collaborating with third-party entities, where employees are sharing files with individuals outside of the organization, are facing security risks at unprecedented scale. These dynamics correlate to the need for security controls such as Enterprise Digital Rights Management (EDRM) to protect sensitive information when it travels outside of the corporate firewall.
In this presentation, analyst Doug Cahill from Enterprise Strategy Group (ESG) will discuss the findings from a recent study where over 200 IT and Security Professionals shared their views on the challenges with external collaboration, and his recommendations for best practices. Lynne Courts, VP of Marketing from Seclore will share how to build a comprehensive data-centric security strategy with such technologies as next-generation EDRM.
Join us and discover:
- The most vulnerable information – what types of files are regularly shared externally that pose the greatest risks
- Industry and analyst views on where shared sensitive data needs protecting, and what defences are most effective
- How to best design a comprehensive data-centric security strategy for shared information that will protect data, meet compliance regulations and reduce your risks
Starting out in the advertising and PR industry, working in tech was not something that Ina imagined she'd be doing. Now, she manages three communities on BrightTALK -- Business Intelligence & Analytics, FinTech, Asset Management, and previously, IT Service Management. She spends her days curating content, moderating panel sessions and managing online events with topics like machine learning, open banking APIs, and predictive models for analytics.
In the past few years, she has successfully collaborated with some of the biggest names in tech--such as Tableau, IBM, Dell, and Oracle--sharing her insights on creating compelling content and growing audiences. Join this session where she'll talk about why you shouldn't let a lack of a tech background stop you from exploring a fulfilling career.
In this interactive session, we'll cover:
- How to break into the tech industry without having any previous experience
- Harnessing and using transferable skills
- The gender quota and why I don't believe in it
- The power of social media -- how to mingle with the experts without being one
- Building a network -- informal mentorship, partnerships and beefing up your rolodex
- Getting technical -- which tech skills are must haves and how can you learn them?
Adoption of a modern data platform is a journey. Every step requires different levels of technology, people and process capabilities. A reliable services partner with deep expertise is key for your success at each step of the way. Hortonworks service model is designed to provide expertise needed at each step of your adoption journey. We defined our offerings to address unique needs at each level.
Hortonworks IAM Services (Implementation, Advisory, and Managed Services) are delivered by our global professional services consultants, to help you succeed with the adoption of connected data platforms. Hortonworks IAM services are based on proven methodologies that are developed by our experts in collaboration with product management, and committers from our R&D teams
Agility is the single most critical competitive factor in today’s business landscape and policy-driven automation is key across a complex, hybrid network.
Cisco ACI is a policy-based network automation solution for accelerating application delivery, reducing operating costs, and gaining greater business agility. Tufin Orchestration Suite is a unified platform for orchestrating application connectivity across the heterogeneous enterprise network, including firewalls, hybrid cloud platforms and now also Cisco ACI.
Join the webinar to:
1. Learn more about the alliance and integration between Cisco and Tufin
2.Review how the integration maximizes agility and compliance for enterprise customers from different industries
3.Focus on the ability to manage application connectivity across the heterogeneous network
Your organization has its own unique IT infrastructure, business model, risk profile and tolerance. The best strategy for streamlining your annual Payment Card Industry (PCI) validation process is to make sure that your Qualified Security Assessor Company (QSA-C) employs a sound and forward-looking methodology for your assessments. A key first step is understanding the critical differences between risk acceptance and risk mitigation and the implications for your business.
Tune in to learn best practices in PCI services methodology and how they apply to your specific requirements. Michael Aminzade, VP of Global Compliance and Risk Services at Trustwave, will discuss:
-The impact on PCI assessments, including PCI Data Security Standard (DSS), Payment Applications DSS and P2PE (Point to Point Encryption).
-How sound methodology helps you build a better foundation for security and compliance - whatever your starting point.
-Top considerations for evaluating methodology.
Welcome to Pulse Secure’s webinar series on The Six W’s of Pulse Secure! We will take you through the journey on the perfect formula for staying contemporary in the vast evolving world of Hybrid IT.
The third webinar in our series will take you in a deep dive into a demo of Pulse One, displaying the benefits of mobility and group management, central administration, and compliance reporting – where you have 100% visibility on your existing endpoints - all in one place!
While most members of the predominantly male tech industry are supportive of female professionals, some still act in ways that isolate women.
Join today's speaker, Melanie Rich-Wittrig, a writer, security nerd and aerialist of SecurityCandy.com as she talks about her experiences early on in her career in tech. Find out how confronting a hostile situation has made her stronger. This talk will cover challenges that women are facing and the most effective strategies to overcome these challenges.
Melanie Rich-Wittrig is the creator of SecurityCandy.com and is studying Information Security at Carnegie Mellon University. She worked as a systems administrator for a couple of years after earning her BS in Computer Science at University of Texas at Dallas. Now, she focuses on making cybersecurity education more accessible and attractive to diverse groups of children.
Enterprises are migrating to the cloud in droves, taking advantage of lower costs, easy deployment, and improved infrastructure security. Protecting data in the cloud, however, remains a challenge as employees push to access cloud apps from any device, anywhere.
In this webinar, Michael Ball, CISO at AGF Investments and Rich Campagna, VP of Products at Bitglass, will discuss the evolution of Cloud Access Security Brokers (CASBs), from app discovery tools to mature solutions that now provide deep visibility and control over data across all cloud apps. Michael and Rich will also highlight real-world CASB deployments and how major organizations are leveraging these solutions to protect data end to end, from cloud to device.
Part four in a five-part series, this webcast will be a demonstration of the installation of Apache MADlib (incubating), an open source library for scalable in-database analytics, into Hortonworks HDB. MADlib is an open-source library for scalable in-database analytics. It provides data-parallel implementations of mathematical, statistical and machine learning methods for structured and unstructured data. This webinar will demonstrate the installation procedures, as well as some basic machine learning algorithms to verify the install.
Next Generation Intrusion Prevention Systems are designed to protect against a new generation of threats that move faster and are more evasive than ever. Join NSS Labs as we explain NGIPS market trends, group test results, and the critical features to consider when purchasing a NGIPS.
While their cyber tactics may be continuously changing, bad actors can’t avoid interacting with core components of the internet. These interactions leave a trail that when connected through rigorous threat infrastructure analysis, can reveal the full scale of an attack and provide the information needed to determine the best response. The key to this analysis is access to a variety of global datasets and the ability to correlate and pivot between them in your investigation.
In this two part series we will look at a range of global datasets and how each can be used to shed additional light on your adversary’s infrastructure. This session will focus on SSL Certs, Host Pairs and Trackers. We will also demonstrate how security analysts can use the free community version of RiskIQ’s PassiveTotal to gain access to and pivot across these global datasets.