The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
The world of IT security is undergoing tremendous change. The unstoppable momentum of the Internet and cloud computing, the ubiquity of mobile devices and the emergence of Internet of things have together turned the IT security landscape upside down.
So what can you do today to keep your security ahead of these trends?
This webcast will discuss actionable best practices gleaned from more than 5,000 leading global organizations - including United Airlines, Humana, Sealed Air, British American Tobacco, the United States Marines and NATO.
We will also talk about:
- The latest strategies and techniques cyber-criminals are using today
- Concrete steps you can take to keep your organization safe
- What to do about Internet security in today's cloud and mobile first IT landscape
This presentation will provide an overview of contextualization and how contextualized data can be used to prevent both known and unknown threats. It will dive deep into the technologies used in the collation and analysis process across both single and multiple threat types. It will conclude with real world use cases where contextualized data can help identified and prevent threats.
Insider Threats represent a major security blind-spot where an increasing number of today’s security incidents occur. Highly publicized insider data theft, such as the recent Morgan Stanley breach or AT&T call center incident, highlight the increasing need for better security practices and solutions to reduce the risks posed by insider threats.
Detecting insider threats has become increasingly difficult with the large volume of data generated through normal user activities and lack of visibility into actual user behavior. Most organizations rely on system logs from applications and devices that typically contain hundreds or thousands of discrete events in obscure technical language, making it nearly impossible to determine what a user actually did.
Join our upcoming webinar “Insider Threats: Out of Sight, Out of Mind?” to learn about the most popular tactics to combat insider threats and how to identify indicators of insiders becoming threats. This webinar will share best practices and how to adopt an early warning system to reduce your risk and strengthen your security posture.
When: Thursday, July 30th @ 11am EDT
• Insight into the state of insider threats
• Most popular tactics to combat insider threats
• Reduce the risks posed by insider threats
Traditional endpoint solutions were designed to deal with static, known threats. They accumulate large threat databases and signatures and when matches are found the threat is blocked. This approach simply does not work against today’s advanced and unknown attacks. And while organizations must protect every single endpoint, both traditional and mobile, an attacker only needs to compromise one to cause damage. Register now for this webinar where you will:
• Learn why protecting the multitude of endpoints is an on-going challenge
• Find out the importance behind detection and containment on all types of endpoints from PC to mobile
• Hear how FireEye offerings can help proactively protect against unknown threats on the endpoint
As security incidents grow in frequency and complexity businesses struggle to be prepared to respond and mitigate the threat. Incident detection and response is expected to take up the majority of security budgets by 2020 but solutions are siloed and specialized staff is hard to hire and retain. How can security professionals who may not be experts in incident response detect and assess the scope of potential incidents or breaches effectively? This case study will explore this question leveraging real-world examples that illustrate how to confidently detect and respond to security incidents 10x faster.
Participants will learn:
· Methods for simplified discovery of anomalous user behavior
· Strategies for enabling fast incident response decisions
· How to cope when bombarded with false positive alerts
· Common attacker methods (and why they’re so often successful)
· Why you need to monitor privileged and risky accounts
Consumer-Scale Identity Management Deployments require different approaches than the typical employee use case. However, there are profound benefits - from overall risk reduction to enhanced engagement and loyalty with customers. This webcast will highlight the key challenges in moving identity management from the IT user to a much larger business user population and highlight best practices for success.
As a two part series, this webcast will be followed by "Improving Your User Experience for Successful Consumer-Scale Identity Management", scheduled on August 19th.
Industry Analyst Robin Layland is joined by Steve Povolny of HP and Brian Foster of Damballa to focus on what you need to do to stop attacks that have made it past your perimeter defenses. We also cover mitigation needs based on your risk profile. We then review how you can spot breaches and how to easily keep your security up to date. Finally we cover what to look for in an advanced threat protection vendor.
Are you prepared for a data breach? Are you confident you will find a breach in a timely manner? Facts are over 70% of businesses report a security breach and 75% of breaches are undetected for days or even months. Once discovered, incident response teams are under extreme pressure to close the breach, figure out what happened, what was lost, and calculate the risk. Organizations need a sophisticated incident response plan.
Attend this webinar and learn how to:
· Discover sensitive data, risk, and vulnerabilities
· Detect and block active attacks
· Investigate incidents and automate remediation
· Demonstrate consistent policy application across all sensitive data
The rise in e-commerce data breaches over the past year raises important questions: Why is cardholder data such a big target, how do the bad guys get in and why are we seemingly powerless to stop them?
This session will examine the black market for card data, the three most common attack vectors, and the wrong way to encrypt databases.
You will see real-world examples of malware discovered during investigations and gain insights into the skill sets of each attacker.
In this webcast, we will go over Qualys hardware and virtual scanner appliances for internal and external vulnerability scans. We will then demonstrate how you can discover various assets in your network, prioritize them, execute vulnerability scans, and generate reports that would suit your needs.
The biggest challenge in security is no longer technology. We need to rise from recognition as security experts and experts within security teams to leaders protecting information from a world of risk and vulnerabilities.
Michael Santarcangelo cracked the code on the pathway to becoming an exceptional security leader. On July 30, 2015 at 1:00PM Eastern Michael will share the Exceptional IT Leadership Framework, including the 5 foundational elements, 9 competencies, and 5 essential habits. The webcast will explore the benefits of a framework-based, competency-driven approach to developing your leadership and how to assess where you really are in your leadership journey.
A seemingly never-ending string of large scale data breaches across all sectors of the economy and government have had devastating affects on countless individuals — and irreparably damaged organizations of all kinds. It’s been proven that privileged users, and the accounts and credentials they use, are a crucial element in conducting a successful attack. But it’s possible to protect those users and stop data breaches in their tracks.
In this webcast, we’ll explain how Xsuite and privileged identity management can stop attackers at multiple points in the data breach lifecycle, preventing damage and disruption. Join us to learn:
- Who are privileged users and why are they important?
- How do attackers exploit privileged users and their credentials to carry out breaches?
- See a hands-on demonstration of Xsuite and how it can manage, control, and protect privileged users and credentials and your business assets.
Register now to join us live at 1:00 pm ET Thursday, July 30, 2015 or on demand afterwards.
Email is #1 source of risk in today's enterprise, yet also the #1 digital communication channel for businesses today. The United States Postal Service sends more than thirteen million emails per day, which makes their email channel and brand a high-profile target for criminal email cyberattacks. In this case study webinar, hear from Michael Ray, Inspector in Change of Revenue, Product & Cyber Security at the United States Postal Inspection Service, as he shares their story of how they implemented Agari to protect their brand and their customers against fraudulent attacks by securing their email channel.
Customer data is complicated. It lives everywhere and changes frequently. Creating a holistic view of the customer journey can be a challenge, even as the opportunities are obvious. Join Larry Drebes, Founder and CEO of Janrain for lessons learned from thousands of enterprises, challenges with different approaches to customer data management, and the benefits of managing customer identity in the cloud.
Operating from the belief that education is the most powerful weapon, one of our foremost security researchers will provide an analysis on a recently documented stealthy malware family named Stegoloader. Our upcoming webcast will unveil the sophistication of Stegoloader’s characteristics which make it hard to analyze and detect. This webcast will help you understand the nature of Stegoloader in order to counter it more efficiently and effectively.
Pierre-Marc Bureau, Senior Security Researcher from the Counter Threat Unit (CTU), will discuss how Stegoloader cloaks its main component as a harmless Portable Network Image (PNG) while it extracts and executes malicious code hidden within an image. Although CTU researchers have not observed Stegoloader being used in targeted attacks, it has significant information stealing capabilities. Malware authors are constantly looking for ways to adapt and improve detection mechanisms, which makes Stegoloader a prime candidate for cyber-criminals arsenals. Learn how digital steganography may be a new trend for threat actors globally.
In this webcast, you will:
- Gain insight on when and where Stegoloader was first encountered.
- Learn characteristics of Stegoloader and how it operates.
- Understand digital steganography trends and how to detect and remediate.
Tom Bowers, vCISO for ePlus and their clients, will cover what he sees as the looming threats for 2016, including Threat Intelligence and Sharing, State Sponsored Code and Commercial Malware, Security of Big Data, Embedded Systems, and the Physical and Cyber Convergence.
In this webinar, Chris Inglis, former Deputy Director of the NSA will share research and actionable insights on:
-What it takes to build a winning cyber security strategy
-Why cyber campaigns are much more effective than reactive cyber tactics
-How to enhance your organization's cyber security profile and maintain a sustainable security posture
About Chris Inglis:
Mr. Inglis retired from the Department of Defense in January 2014 following over 41 years of federal service, including 28 years at NSA and seven and a half years as its senior civilian and Deputy Director. Mr. Inglis began his career at NSA as a computer scientist within the National Computer Security Center followed by tours in information assurance, policy, time-sensitive operations, and signals intelligence organizations. Promoted to NSA's Senior Executive Service in 1997, he held a variety of senior leadership assignments and twice served away from NSA Headquarters, first as a visiting professor of computer science at the U.S. Military Academy (1991-1992) and later as the U.S. Special Liaison to the United Kingdom (2003-2006).
This webinar is for business leaders who wish to understand vulnerabilities in commercial software and how they can impact organizations:
Software vulnerabilities remain one of the most common attack vectors for security incidents and data breaches, either as the entry point for hackers or as the enabler of privileges escalation inside networks.
This webinar demystifies software vulnerabilities, shows how they relate to the wider ecosystem and demonstrates how this knowledge can be used to define strategies and improve security.
-What is a software vulnerability
-How a software vulnerability becomes a threat
-A glimpse of how threats multiply
-How closing vulnerabilities impacts risk reduction
In today’s global market place your organization needs network connectivity with external entities – suppliers, credit card processing companies, business partners, data feeds etc. But are you really sure these connections are secure and compliant? Are you really sure they are not inadvertently creating holes in your network and exposing your organization to cyber criminals? The Target breach – and many others like it – should at least make you double check your practices.
Presented by the renowned industry expert Professor Avishai Wool, this technical webinar will cover best practices for managing external connectivity lifecycle to and from your network, including:
• Defining the right infrastructure, network segmentation, security controls and additional security protections
• Managing changes to connectivity for third party applications or data feeds
• Routing partner traffic through your network
• Auditing and compliance challenges for both you and your partner
• Technical considerations for managing the business and ownership aspects of third party connectivity
Web application security is threatened not just by hackers but also by the complexity (and related cost) of keeping up with security challenges. Due to the ever-increasing strategic and financial importance of e-commerce and other web services, web application security is of paramount importance for nearly every organization. The difficulties of web application security are compounded by the growing complexity of web applications, the nearly constant changes in site content and the increasing sophistication of web application attacks. Add in migration to cloud-based and hosted environments and the cost of application security can start to become unmanageable.
Join this webinar as Trustwave discusses 4 approaches to reduce cost and complexity. Trustwave has helped hundreds of organizations adopt these approaches and secure their web applications with a solution offering advanced capabilities (continuous learning mode, bi-directional analysis, etc.), flexible architecture, and multiple delivery options to simplify your operations.
Cybercrime impacts millions of people around the world. David Finn, Executive Director of the Microsoft Digital Crimes Unit, gives you a behind the scenes look at how Microsoft is going on the offensive to stop criminals, refer perpetrators to law enforcement, and create a safe digital world.
3 Steps to Better Your Help Desk and Employee Access Management Practices
In this era of SaaS, moving your IT Service Desk and Identity Management to the cloud reduces operational friction and moves your business faster. Managing service requests and quickly closing tickets directly impact productivity and employee satisfaction. By bringing ITSM and IAM together in the cloud, IT can reduce time consuming manual tasks and streamline access controls.
Join Ryan van Biljon from Samanage and Chip Epps from OneLogin for an overview of contemporary service request management practices, including:
●Unifying User Stores and Directories
●Automating Employee Onboarding and Offboarding
●Facilitating Single Sign-On and Strong Authentication
●Enabling Self-Service Password Management