The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
This panel session moderated by Jarad Carleton of Frost and Sullivan will bring together industry experts from the likes of Lacoon, Skycure and Lookout. Our panelists will discuss the greatest challenges mobile security poses to the enterprise and share their insights and best practices to keeping organizations secure.
March Madness can stress your network and create opportunities for someone to exploit your vulnerabilities. Being aware of the threats can help prepare for them to keep your network sane and secure.
What You Will Learn:
1. you can achieve a deeper level of security by being aware what is happening on your network.
2. be aware of how you access the games, use secure connections
3. Keeping your applications and firewall up to date can help you keep secure.
Erfahren Sie im Rahmen dieses Webcasts, wie Sie den zunehmenden Bedrohungen für die IT-Sicherheit und den Anforderungen Ihres Unternehmens mit den Firewalls der nächsten Generation (NGFW) begegnen können.
Lernen Sie darüber hinaus die McAfee Next Generation Firewall und deren konkurrenzlosen Schutz sowie Herausstellungsmerkmale kennen:
• Vollständiger und einfacher Überblick mithilfe des zentralen Management
• Einsatzszenarien als NGFW, IPS, IDS, L2FW
• Kostensenkung durch Virtualisierung
• Hochverfügbarkeit auf Node- sowie Netzwerkebene
• Sichere Standortvernetzung dank Multi-Link-VPN
ESET security researcher Lysa Myers reports on developments in healthcare IT system security that she observed attending the recent HIMSS conference in Orlando. Find out what is being done to better protect patient data privacy.
When requesting access to systems or applications, business users need to know the potential risks of such actions to enable compliance with internal business policies and government regulations. The cost for non-compliance can be high. As a result, organizations are seeking solutions that combine automated Segregation of Duties (SoD) risk analysis with robust capabilities for user provisioning and user management, to manage user access and prevent out-of-policy activities.
Please join Bob Burgess, Solution Strategy Advisor at CA Technologies, and James Rice, Director of Customer Solutions at Greenlight Technologies, to learn how you can obtain better visibility into your SAP/GRC environments and manage the risk of over-privileged users and SoD violations.
Have you ever experienced or known someone who has lost a laptop or a USB drive that contained valuable company IP or customer data? Are you subject to compliance programs, either directly or through partnerships?
Join this webinar on Data Protection and learn about:
•How easy it is to keep your data safe from attacks and theft.
•Encryption performance and why your end-users won’t even notice it’s working
•How to securely manage your endpoints from a single console while simultaneously providing self-service features for your end-users
•How DLP Endpoint can help you protect IP and ensure regulatory compliance
•Use cases on leveraging the synergy between Intel vPro and McAfee Data Protection technologies.
•New Mac OS support.
Tripwire’s Senior Pre-Sales Consultant, Michael Rohse (DACH), will be sharing how to achieve trust after a data breach in this UK focused webcast, which will cover crucial questions such as:
•Which systems can be trusted?
•What is the extent of the compromise?
•How quickly can you attain situational awareness?
Michael will also provide participants with a practical, five-step approach to restore trust in your critical systems after a data breach. Register today to join us for this informative webcast.
Join Amit Jain, Security Lead Architect at Trustwave, as he discusses why databases and big data remain the primary target for attackers. Hear about today's biggest threats and how our solutions help protect against them.
Hybrid cloud is a composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability.
This webcast will highlight the role of cloud in a challenging environment and offer choices for IT delivery.
In this webinar, we will look at how to integrate patch management into the vulnerability management lifecycle, to support organizations in developing processes that allow targeted remediation and mitigation of threats.
In a previous presentation (see attachments), we examined how a well-known vulnerability in an application led to a security breach in the U.S. Department of Energy, with significant financial impacts.
Many factors contributed to the extensive damage caused by the attack. But the bottom line spelled it out: If a patch management process properly integrated with a vulnerability management lifecycle approach had been in place in the Department of Energy, mitigation actions could have been implemented and, ultimately, the breach would not have occurred.
It is precisely because we continue to disregard the fact that patch management is an important security control that we continue to see attacks exploiting well-known vulnerabilities.
There are many reasons why patch management is neglected as a security tool:
•Manually applying all patches to all applications on all machines and servers is not feasible.
•Patch management is often perceived as the mechanics of packaging and deploying software updates.
•The abundance of devices and the interconnectivity between organizations, partners and customers has increased the attack surface significantly. And not all devices can be managed centrally.
•Most of the solutions for patch management that are available in the market only focus on delivering patch content and deployment capabilities.
Sign up for this webinar on why and how to integrate patch management into the vulnerability management lifecycle.
-The reasons for improving your patch management process
-Key considerations of a security approach to patch management
-How to integrate patch management within the vulnerability management lifecycle
-Examples of how to justify the investment in patch management technology
In this webcast, Joel Barnes, UK Senior Systems Engineer, will share how best to achieve trust after a data breach. He’ll cover crucial questions, such as: Which systems can be trusted? What is the extent of the compromise? How quickly can you attain situational awareness? He will also provide participants with an approach to restore trust in your critical systems after a data breach, following five steps:
1.Know what you have and prioritize by risk levels
2.Define what “good” looks like
3.Harvest system state information from your production systems
4.Perform a reference node variance analysis to identify compromised systems
5.Remove suspect systems from the environment and return to a trustworthy state
Join us for this informative webcast!
What if you could streamline and automate your business processes like quote to cash? Hear how Splunk is connecting Salesforce and NetSuite with MuleSoft from Christopher Nelson, Senior Director of IT Business Applications at Splunk. Chris Purpura, VP of Business Development at MuleSoft will show you how the Anypoint Platform from MuleSoft allows you to manage your complete business with Salesforce by unlocking your back office data through integration.
You will learn how to:
- Connect Salesforce to back office applications like SAP, Oracle and NetSuite
- Modernize and automate processes like quote to cash and order fulfillment
- Get up and running quickly to increase time to value and ability to process orders
- Maximize the value of your IT investments through integration
While threat intelligence promises to help with the effective detection of advanced threats, it usually achieves the opposite: detecting the most predictable attackers. To be included as part of a vendor provided threat intelligence feed, an attacker must have tried attacking several potential victims before, and must have used the exact same method to be captured in the threat intelligence feed.
In this presentation we will see how to make threat intelligence valuable for detecting advanced targeted threats directly aimed at your organization. We will see how to create a threat intelligence feed close to the target, as a shared effort between departments, subsidiaries or organizations working closely together to ensure identification of targeted threats. In addition we will see how to extend the term intelligence into additional detection mechanisms such as behavioral patterns.
Drawing on data gathered from nearly 40,000 unique cyber attacks (more than 100 per day) and over 22 million malware command and control (CnC) communications, the Advanced Threat Report provides a global look into cyber attacks that routinely bypass traditional defenses such as firewalls, next-generation firewalls, IPS, antivirus and security gateways.
Join FireEye's Greg Day, VP & CTO for EMEA, for an overview of the current threat landscape, evolving advanced persistent threat (APT) tactics, and the countries where advanced attacks are most prevalent today. In addition, Greg will look at trends taking place in specific industries.
BAYAS (Swahili word for 'badness' aka. malware of any kind, shape or form) continue to grow in number as script kiddies, hacktivists, organised crime and nation-state actors use them to deface websites, steal money, engage on cyber-warfare or "simply" to disrupt large businesses or nation-critical infrastructure.
However, malicious software don't exist in a vacuum; any piece of malware is designed to call-back home sooner or later: to download additional malware, to report back to a C&C server or to exfiltrate data. How can Incident Responders detect hidden malware on the network using open-source tools and what patterns do they need to look for? In my webinar, I will share lessons learnt from practical traffic analysis in the field (i.e. predominate communication protocols, current trends, etc.) and present some effective techniques used to filter suspicious connections and investigate network data for traces of malware using tools like Wireshark, Snort and Bro.
About the speaker:
Ismael Valenzuela 13 years years experience in IT security and currently works as Principal Architect at McAfee Foundstone Services in EMEA. Author of security articles for Hakin9, INSECURE Magazine and the SANS Forensics Blog, Ismael also has experience teaching at BlackHat, serves on the GIAC Advisory Board and is a Community SANS Instructor for the Computer Forensics and Intrusion Detection tracks.
He holds a bachelor's degree in computer science from the University of Malaga (Spain), is certified in Business Administration, and holds several professional certifications including. He is Lead Auditor from Bureau Veritas UK.
Some of his articles are freely available at http://blog.ismaelvalenzuela.com.
Mr. Valenzuela can be followed on twitter at @aboutsecurity
Whilst not every organisation may be a target of an APT, it’s important that all companies large or small understand these attacks as a way to help build stronger defences against the constantly changing threat landscape.
· Symantec blocked a total of over 5.5 billion malware attacks in 2011, an 81% increase over 2010.
· In 2012 the number of Web based attacks increased by 1/3 with approximately 247,350 Web-based attacks were blocked each day.
· 5291 New Vulnerabilities were discovered in 2012
· Spam accounts for 69% of all email and one in 414 emails are from phishers
All security and IT professional need to understand the new reality classic textbook protections may well not be enough. Join Symantec Website Security solutions to understand how you can protect your websites from vulnerabilities and malware and how SSL can prevent your company and your customers.
This webinar will review the things that are missing in many of the people who want to become a computer security consultant. Many people start off at the Application Layer (layer 7), in this webinar we will discuss the importance of establishing a solid security foundation; we will look at the three main components to build this foundation. Those are:
During the webinar we will discuss mastering the power of the command line and the importance of understanding the traffic at the lowest level … the packet! We will also look at some simple but important protocol analysis techniques.
The webinar is an introduction to the Core Concepts course that was developed to provide those entering the fascinating world of computer security consulting, a foundation prior to embarking on this journey. The more solid foundation of skills you have the better you will be prepared as a consultant or security professional.
Cisco introduces VMDC DCI solution which provides validated design to ensure high availability and performance for applications across Metro and Geo data centers. This solution unlocks Business continuity and stateful workload mobility which is top of mind for both public and private cloud providers to connect multiple data centers to support Business Critical operations.
Advance Persistent Threats (APT) use unexpected, multiple, time limited and diverse attack vectors. Experience, knowledge and skills all play a powerful role in shaping effective security intervention decisions but without robust understanding of your context, actual network traffic and content you are left relying on making an informed guess which may or not prove to be correct.
When APT security issues occur network security operations professionals are instantly under pressure from their organization to explain and resolve the problems swiftly. So how fast can you react to a suspected APT security anomaly? And even more importantly, are you giving yourself the best chance of success when you act by ensuring that your actions are informed, appropriate and effective?
The capture and examination of network traffic before, during and after an event of interest can provide you the clarity and understanding to make a truly informed intervention and increase your likelihood of an effective outcome. Approaches to capture, indexing, search and recall of captured traffic can vary in cost and complexity, ranging from simple open source software tools to high performance, high fidelity Intelligent Network Recording solutions capable of operating at sustained link bandwidths up to 100 Gigabits per second.
Join James Barrett, Technical Director of Endace in this session for network security operations professionals where he’ll show you how to derive insight and certainty of what’s occurring by using network packet inspection and visualization techniques.