Hi [[ session.user.profile.firstName ]]

IT Security

  • Racing Against Nation States on the Automation Continuum Racing Against Nation States on the Automation Continuum CP Morey, VP Products & Marketing at Phantom Cyber Live 60 mins
    Both Presidential candidates agree on the need for increased spending on our nation’s infrastructure. While we tend to think first of bridges, roads, and other physical features, cyber is also an area impossible to ignore given the pervasiveness of technology in our lives.

    Without question, the speed, sophistication, and volume of cyber security attacks is constantly changing. In the case of nation states, the motives are also shifting from spying and surveillance to using offensive capabilities to attack critical infrastructure, national security assets, and even the political system itself. It’s no longer just about the money; safety and even lives may be at stake.

    Adversaries are attacking us at an unmanageable scale. For instance, research sponsored by Department of Homeland Security and NSA showed environments with security event traffic of more than 1 billion alerts per day. Even after reducing the load to 1 million alerts per day with correlation and other tools, more than 20,000 human analysts would be needed to respond.

    State-backed adversaries are using automation against us. It’s time we do the same, and projects like Integrated Adaptive Cyber Defense at Johns Hopkins Applied Physics Lab are leading us there.

    Join our webcast to learn how public and private organizations are progressing on the security automation continuum from simple security lifecycle management to predictive response strategies.
  • Rethink Security for SaaS: Power of the Platform Rethink Security for SaaS: Power of the Platform Anuj Sawani, Product Marketing Manager, Navneet Singh, Product Marketing Director Live 60 mins
    The challenges of SaaS applications such as Office 365 or Box are already here whether they are enabled by IT or end users themselves. With the adoption of SaaS, your data is now outside your traditional network perimeter and any changes to how the data is shared, who it is shared with and if it is free of malware is no longer known by your organization. History has shown that when a significant risk arises, a point solution is applied to address it. Defenses made up of multiple point products that do not integrate leave gaps that may expose your organization to attack.

    Join us for this live webinar where we will examine the various stages of a real-world attack targeting your SaaS applications. You will learn how to prevent these attacks at every single point in the security kill chain with a natively integrated Next Generation Security Platform and learn how to:

    * Gain visibility and granular, context-based control of SaaS applications

    * Protect corporate data from malicious and inadvertent exposure after it has left the traditional corporate perimeter.

    *Satisfy compliance requirements while still maintaining the benefits of SaaS based application services
  • Compliance as Code with InSpec 1.0 Compliance as Code with InSpec 1.0 Christoph Hartmann, InSpec core contributor & George Miranda, Global Partner Evangelist Live 60 mins
    InSpec is an open-source testing framework with a human-readable language for specifying compliance, security and other policy requirements. Just as Chef treats infrastructure as code, InSpec treats compliance as code. The shift away from having people act directly on machines to having people act on code means that compliance testing becomes automated, repeatable, and versionable.

    Traditionally, compliance policies are stored in a spreadsheet, PDF, or Word document. Those policies are then translated into manual processes and tests that often occur only after a product is developed or deployed. With InSpec, you replace abstract policy descriptions with tangible tests that have a clear intent, and can catch any issues early in the development process. You can apply those tests to every environment across your organization to make sure that they all adhere to policy and are consistent with compliance requirements.

    Inspec applies DevOps principles to security and risk management. It provides a single collaborative testing framework allowing you to create a code base that is accessible to everyone on your team. Compliance tests can become part of an automated deployment pipeline and be continuously applied. InSpec can be integrated into your software development process starting from day zero and should be applied continuously as a part of any CI/CD lifecycle.

    In this webinar, we’ll explore how InSpec can improve compliance across your applications and infrastructure.

    Join us to learn about:
    - What’s new in InSpec 1.0
    - InSpec enhancements for Microsoft Windows systems
    - Integration between InSpec and Chef Automate

    Who should attend:
    Security experts, system administrators, software developers, or anyone striving to improve and harden their systems one test at a time.
  • Attain PCI Compliance without AV Attain PCI Compliance without AV Michael Moshiri Director, Advanced Endpoint Protection Recorded: Oct 25 2016 51 mins
    Many PCI-compliant organizations continue to deploy traditional AV -- not because of its superior security capabilities, but because they wrongly assume it’s required to remain PCI compliant. Join us for this webinar to learn how to achieve and maintain PCI compliance while replacing traditional AV with superior security capabilities, specifically:

    •Which PCI requirements prescribe the use of traditional AV
    •How auditors and Qualified Security Assessors (QSA)s interpret those requirements today
    •How Palo Alto Networks customers replace traditional AV with real prevention -- while maintaining PCI compliance
  • Automating Security and License Compliance in Agile DevOps Environments Automating Security and License Compliance in Agile DevOps Environments Utsav Sanghani Product Manager Integrations, Partnerships & On-Demand, Black Duck Recorded: Oct 25 2016 41 mins
    Yes, it’s possible to automate open source security and license compliance processes and maintain DevOps agility. In this webinar, Product Manager Utsav Sanghani will demonstrate how Black Duck Hub plugs into Jenkins to address open source license compliance and security risks as part of an overall release process. He will cover:
    - Automating and managing open source security as part of the SDLC
    - Defining and implementing custom policies that prevent potential open source risks
    - Issue management and remediation workflow, with ideas on how going left translates into greater savings
  • Tips on Anyalyzing and Modeling Complex Data Sets Tips on Anyalyzing and Modeling Complex Data Sets Scott Dallon, BrainStorm, Inc. Recorded: Oct 25 2016 20 mins
    Discover how businesses turn big data into meaningful insights to help make organizations work smarter, and make better decisions faster.

    Join Scott Dallon to learn tips on analyzing and modeling complex data sets!
  • Best Practices: Architecting Security for Microsoft Azure VMs Best Practices: Architecting Security for Microsoft Azure VMs Oliver Pinson-Roxburgh, EMEA Director of Solutions Architecture Recorded: Oct 25 2016 61 mins
    Do you know if your workloads are secure? Do you have the same security and compliance coverage across all of the cloud platforms and datacenters running your critical applications? Are you having to design your security framework each time you deploy to a new region or datacentre?

    Whether you’re working with multiple cloud environments or exclusively on Azure, there are certain things you should consider when moving assets to Azure. As with any cloud deployment, security is a top priority, and moving your workloads to the cloud doesn’t mean you’re not responsible for the security of your operating system, applications and data. Building on the security of the Azure infrastructure, this shared security responsibility starts with making sure your Azure environment is secure.

    Register for this impactful webinar as we discuss step-by-step what you need to do to secure access at the administrative, application and network layers.

    In this webinar, we will take a look at:
    • The Shared Security Model: What security you are responsible for to protect your content, application, systems and networks
    • Best practices for how to protect your environment from the latest threats
    • Learn how traditional security approaches may have limitations in the cloud
    • How to build a scalable secure cloud infrastructure on Azure
  • Ransomware - To pay or not to pay? Ransomware - To pay or not to pay? Peter Mackenzie, Malware Escalations Manager, Sophos Recorded: Oct 25 2016 60 mins
    Flying spiders, snakes, and ghosts are long gone. Ransomware is now the stuff of nightmares and it’s easy to see why.

    Ransomware has become one of the most widespread and damaging threats internet users now face. Since the infamous CryptoLocker first appeared in 2013, we’ve seen a new era of file-encrypting ransomware variants delivered through spam messages and Exploit Kits, extorting money from home users and businesses alike.

    Join Sophos ransomware pro, Peter Mackenzie, as he shows us how ransomware attacks work, explains why so many new infections keep surfacing, and what practical precautions you can take to protect your organisation.

    If this webinar doesn’t help an IT Hero sleep at night, we don’t know what will.
  • IP EXPO – On the Spot: Nick Burrows IP EXPO – On the Spot: Nick Burrows Nick Burrows, Proposition Development Director at Alternative Networks Recorded: Oct 25 2016 2 mins
    EM360° spoke to Nick Burrows, Proposition Development Director at Alternative Networks, who identifies some of the most common challenges that organisations face today, including low resistance to cybercrime; the inability to change; and a lack of resilience to disasters.
  • Pega Government Empowered 2016 Livestream Pega Government Empowered 2016 Livestream Presented by: Pegasystems Recorded: Oct 25 2016 255 mins
    Empowering agencies to improve lives through more agile and efficient government services.

    Government Empowered brings together government leaders, industry experts and analysts with the goal to improve government service while reducing costs through modernization. You will leave the conference with valuable tools and practical insights on:

    · Approaching mission and modernization objectives
    · Achieving constituent-centric government
    · Understanding best practices and lessons learned from other government leaders

    Learn firsthand from presentations and live demonstrations from the U.S. Department of Veterans Affairs, U.S. Department of Agriculture, New Jersey Courts, U.S. Department of Justice, U.S. Department of the Treasury and other state and federal agencies.
  • Breach Defense: Prepare & Respond Breach Defense: Prepare & Respond Vipul Kumra,Consulting Engineer, FireEye India,Shantanu Mahajan, Consulting Engineer, FireEye India Recorded: Oct 25 2016 49 mins
    Are you ready to handle a security breach? In the age of relentless cyber crimes and nation state sponsored cyber attacks, companies need to be breach-ready, and be proactive in their incident preparedness. This could essentially save organisations from devastating cost.
    Incident preparedness is more than having an incident response plan, it’s more than having skilled personnel on staff. Come join us for a discussion on key elements that every company should consider. Major security breaches have become part of everyone’s daily news feed—from the front page of the newspaper to the top of every security blog—you can’t miss the steady flood of new breaches impacting the world today. In today’s ever-changing world of business and technology, breaches are inevitable: you must be prepared and know how to respond before they happen
  • Risk Based Security in a Hyper-Connected World Risk Based Security in a Hyper-Connected World Dr. Pierre Tagle, Head of Governance and Risk for SecureWorks for Asia South Recorded: Oct 24 2016 61 mins
    For many organisations, investments in new processes and technologies is on top of the priorities list. From behavioral analytics, big data solutions, and "one touch" processes that require no manual intervention, companies are always on the lookout for technology innovations that can achieve a considerable return on investment. When companies consider cybersecurity in such a technology dependent world, most ask, "How can we secure our business and comply with the changing legal and regulatory standards?" instead of, "How do we make business focused, intelligent investments given the cyber security risks we face?"

    In this webcast, Dr. Pierre Tagle, Head of Governance and Risk for SecureWorks for Asia South, will discuss the risk-based cybersecurity operating model to help companies identify and protect their most critical information assets and business processes. Dr. Tagle will focus on the most critical actions for any organisation building a risk-based security program.

    Key topics covered include:

    - Prioritising information assets based on value to the organisation
    - Identifying and prioritisng risks to the assets
    - Reduce risks with quick wins
    - Build and deliver a security plan that aligns business and technology
    - Ensure continuous business engagement on the topic of cyber security
  • Breached Elections - How Hackers Are Influencing Politics Breached Elections - How Hackers Are Influencing Politics Alex Holden, Founder and CISO of Hold Security, LLC Recorded: Oct 24 2016 60 mins
    Political elections shape our society for the years to come. While the foreign hackers are no longer watching our politics out of interest, they are electronically directly interfering with our politics. The Sony Pictures breach was more of a political statement, than a data loss event. With US elections around the corner, we are more of a cyber breach target than ever. Wikileaks is releasing documents, Russian hackers allegedly breaching DNC, and there is more to come. We will examine the current trends, look at the history of the worst manifestations of hackers influencing politics. Then we will draw conclusions on how the politics are changing under a threat of a constant privacy breach.
  • Acalvio Deception 2.0 Advanced Threat Defense Overview Acalvio Deception 2.0 Advanced Threat Defense Overview Acalvio Recorded: Oct 24 2016 5 mins
    Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter. The solutions are anchored on patented innovations in Deception and Data Science. This enables a DevOps approach to ATD, enabling ease of deployment, monitoring and management. Acalvio enriches its threat intelligence by data obtained from internal and partner eco-systems, enabling customers to benefit from defense in depth, reduce false positives, and derive actionable intelligence for remediation.
  • The SANS 2016 Survey on Security and Risk in the Financial Sector The SANS 2016 Survey on Security and Risk in the Financial Sector Sandeep Kumar is the director of Product Marketing at ForeScout Technologies Recorded: Oct 24 2016 61 mins
    The financial sector is highly regulated, and as a result, often focuses on compliance. However, compliance rarely results in excellence, and thus financial institutions continue to suffer security-related breaches and losses, particularly by insiders according to the 2015 SANS survey on security spending and preparedness in the financial services sector.

    Today's webcast will focus on the relationship between compliance and security, and the best practices organizations can use to secure their financial environments. Specifically, attendees will learn about:

    The relationship between compliance and security
    The effectiveness of tools, skills and controls
    Ways to improve security effectiveness and reduce risk
    How to align security, risk and compliance programs with business goals
  • Why Alert Logic? A DevOps Approach to Security Why Alert Logic? A DevOps Approach to Security Wayne Moore, Head of Information Security, Simply Business Recorded: Oct 21 2016 2 mins
    Simply Business is their name because it reflects their motto. “Protection should be simple.” That practice has earned Simple Business the position as UK’s favourite business insurance broker, with over 300,000 businesses and landlords protected. They’re proud of the award-winning claims service, which is, after all, the proof of the pudding. Their Head of Information Security, Wayne Moore, is also proud of is the security posture they have achieved with Alert Logic while leveraging the most agile cloud infrastructure for their business, Amazon Web Services. Watch the Simply Business video where you’ll learn how they made it happen.

  • 2016 Alert Logic Cloud Security Summit - NYC Highlights 2016 Alert Logic Cloud Security Summit - NYC Highlights Alert Logic Recorded: Oct 21 2016 4 mins
    View highlights from our recent Cloud Security Summit in NYC.

    The Summit focused on security and compliance challenges in a cloud environment and how organizations can close security gaps to de-risk greater cloud adoption, including how security can enable each stage of their cloud journey.

    Learn more best practices for AWS and security at one of our upcoming Summits: https://www.alertlogic.com/summit/
  • Why Alert Logic? Security for Financial Institutions Why Alert Logic? Security for Financial Institutions Mark Beatty, CIO & Security Officer at Penns Woods Bancorp Recorded: Oct 21 2016 2 mins
    Penns Woods Bancorp, Inc. is the bank holding company for Jersey Shore State Bank (JSSB) and Luzerne Bank (LUZ). As a growing financial institution, they understand they are in the pool of prime targets for cyberattacks. Watch this video to hear why Mark Beatty, CIO & Security Officer at Penns Woods Bancorp relies upon Alert Logic to detect intrusions and thwart breaches.

  • Why Alert Logic? Agility and Security, Without the Risk Why Alert Logic? Agility and Security, Without the Risk Brett King, Head of Service Delivery of FunkyPigeon.com Recorded: Oct 21 2016 4 mins
    Brett King, Head of Service Delivery of FunkyPigeon.com, WH Smith’s online personalised greeting card and gift company, discusses why his organisation trusts Alert Logic for managed security services. In this video, Brett talks about the security and compliance challenges they faced and why they made the decision to outsource to Alert Logic for security-as-a-service, enabling his team to focus on continued business growth.

  • What's Next in Emerging Tech? [Emerging Tech Virtual Summit] What's Next in Emerging Tech? [Emerging Tech Virtual Summit] Eric Horvitz, Technical Fellow & Managing Director, Microsoft Research Recorded: Oct 21 2016 30 mins
    By the end of this event, you’ll be asking, “what’s next?” In this final session of our virtual summit, Technical Fellow & Managing Director at Microsoft Research, Eric Horvitz, will discuss the next generation of emerging technology, with a particular eye to artificial intelligence.