The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
Analytics--including machine learning and AI--is changing how security professionals approach cybersecurity.
During this webinar we will:
• Showcase the battle-tested strategies of the most successful information security organizations
• Survey the landscape of analytics-based security tools and solutions
• Walk through how to build a strategy based around current (and future) analytics and automation technologies
• Spotlight the critical security operational metrics that analytics can help improve
We look forward to sharing this information with you!
Like many technologies, artificial intelligence (AI) and machine learning (ML) are "just right" for some types of problems, but are often over-sold for others they are just not well-suited for. This webinar will dive into the characteristics of problems that AI/ML can greatly help enterprise security teams solve, but also contrast those against use cases where AI/ML is a much higher risk for those same resource-strapped teams. In those situations, the technology can actually worsen the skills deficit in the organization, rather than making it better.
Attending this webinar will give you a framework for evaluating AI/ML technologies, including:
- When can AI/ML indeed replace people, and when is it better suited to assist people?
- What types of threats is it best suited for?
- How does AI/ML fit in with other methodologies like security analytics, for threat detection?
- How can AI/ML help with security investigations and incident response?
- How can organizations evaluate vendor claims and ask them the right questions?
Recent cyber attacks and data breaches clearly show that traditional perimeter-based information security tools are ineffective against ransomware attacks, insider attacks, multi-stage attacks, and APTs.
Cyber criminals have crafted tools and devised techniques that enable them to evade detection by traditional security tools. Also, even if real alerts are triggered, they can either get lost among a large number of false alerts or lost in a deluge of alerts, resulting in very low signal/noise ratio.
Deception provides an alternative tool to traditional tools with nearly 0% false positive rate to detect, engage, trap and remediate inside-network attacks. Furthermore, by fusing deception with AI, one does not need to boil the ocean to detect anomalies in raw data. Instead anomalies are surfaced itself when an attacker bumps into the deceptions. Using AI, deception alerts are correlated with other data sources to provide actionable insights about the adversary profile, lateral movements and attack tactics. In this talk, we share our work on the fusion of deception and AI for active defense.
Artificial Intelligence and Machine Learning are impressive but not yet able to completely replace security professionals. So, what is the right solution for you and your organization?
In this webinar, we will demonstrate the shortcomings of using both technologies, without a security professional in the loop, and make the case that coupling the experience and intuition of a security professional with a machine learning system, can greatly improve the overall results.
We will also tap the insights of Arctic Wolf Networks's Chief Architect, Matthew Thurston, on how Hybrid-AI and Machine Learning can improve threat detection capabilities and reduce false positives.
After attending, you will be able to:
- Recognize how AI and Machine Learning are typically used in Cyber Security, and what are the gaps
- Define what is Hybrid-AI, why it improves detection accuracy and reduce false positives
- Understand how Arctic Wolf Networks uses human augmented machine learning to detect Ransomware attacks
About our guest speaker:
Matthew Thurston developed his technical vision and security industry experience working over 10 years at Blue Coat Systems as a key developer of the policy enforcement system. He was a co-inventor on patents covering network policy management and optimizing MS Exchange (MAPI) traffic. His work reverse engineering the MAPI protocol gave birth to his keen interest in all things packet-related. Prior to Blue Coat, Matthew cut his teeth as a developer working on a wide range of projects including laser projection systems at Virtek Vision, ergonomic automation at HumanCAD Systems and configuration management software at MKS. Matthew is a graduate of the University of Guelph with a bachelor of science in computer science.
2017 was filled with cybersecurity meltdowns. From WannaCry to BadRabbit, the cybersecurity landscape has only become more volatile. With cyber threats on the rise, is your organization’s security posture ready for 2018?
Join LookingGlass’ Vice President of Customer Support, James Carnall and Vice President of Intelligence Operations, Eric Olson as they take a closer look at 2017’s major cyber-related incidents and provide tips and recommendations on how your organization can prepare for 2018. Webinar attendees will learn:
· Major cybersecurity trends from the past year
· Cybersecurity tactics that worked – and didn’t work – in 2017
· How to take a proactive cybersecurity approach to fending off cyber threats
Breach detection systems (BDS) and breach prevention systems (BPS) are capable of providing enhanced protection against advanced malware, zero-day attacks, and targeted attacks. NSS Labs’ 2017 BDS and BPS Group Tests measured the effectiveness of these solutions in real-world threat scenarios that included exploits, malware, offline infections, and evasions. Breach detection and breach prevention solutions from Check Point, Cisco, FireEye, Fortinet, Juniper Networks, Lastline, Palo Alto Networks, and Trend Micro are included in one or both of our breach security group tests. Sign up for our webinar to learn more about these test and to see which products received the coveted NSS Labs Recommended rating.
A single weak point in a line of code can create an open door for attackers. Threats originating from applications are now more pervasive than ever. We believe that the best defense against application vulnerabilities is a good offense.
In this webinar, we will share results from our recent primary research study that reveals:
• The top five application security risks
• Where these risks originate
• How to remediate these risks
• Best practices to protect your business, protect your customers
API Security has moved from being an afterthought to a critical component of API deployments. Organizations are now evaluating many security services to meet business needs. Foundational security services, such as data encryption, rate limiting, and access control are now available across a range of on premise, CDN, and SAAS offerings to provide organizations the flexibility of aligning API security with overall security needs.
Advanced attacks, including bot detection, API data and control system attacks, and API DDoS attacks are a big data problem which requires applying Artificial Intelligence and Machine Learning techniques to reliably identify and remediate attacks. Once again, multiple security platform choices are becoming available. Moving forward, one can envision the availability of a security services menu that supports automated deployment and delivers the desired API security to protect an organization’s critical assets.
About the Presenter:
Bernard is the founder and CEO of Elastic Beam. He is a serial entrepreneur with a proven record of building high growth organizations and award-winning products. He brings strong expertise delivering security and data center software to large enterprises, government agencies, Telcos, and consumers. Most recently he was Chairman, President and CEO at Atlantis Computing. Previously, he was the CEO of Green Border (first security company acquired by Google), and the CEO of WorldTalk (acquired by Tumbleweed). Bernard was also the Chairman of Booshaka (acquired by Sprinkler), Chairman of Norskale (acquired by Citrix), and Chairman of BorderWare (acquired by WatchGuard). Bernard earned a MS in Engineering Management from Stanford University. Bernard was inducted into the University of California Irvine Engineering Hall of Fame in 2015.
Phishing and ransomware go hand-in-hand as the top online risks to today’s businesses, no matter their size. While many organizations have built out the technical aspects of their IT security strategy, that's not enough to stop these pervasive threats. A solid cybersecurity posture is built on a combination of people and processes, in addition to technology.
In this webinar, we’ll look at how Webroot helps combine end user education, security best practices, and fully cloud-based Smarter Cybersecurity® solutions to stay ahead of modern threats.
We hope you can join us for this live, educational session!
Protecting student and district data, privacy, and safety with their limited IT resources is a tall order for K-12 institutions. This no-cost webinar is for districts and their consultants considering the E-rate program for funding firewall services. Join our education and E-rate experts to learn:
•About Palo Alto Networks and how we uniquely protect students, data, and networks
•How your peers have successfully leveraged E-rate funding to create safe learning environments
•Which Palo Alto Networks products are eligible
•Where to find E-rate resources
David Cumbow is a Systems Engineering Manager with Palo Alto Networks. Prior to coming to Palo Alto Networks, David spent 13 years in the public sector working for the third-largest K-12 school district in Riverside County. Having worked jobs from Database Administration to Virtualization, David found a passion for Networking and Security. With eight years in the security field, David has led many K-12 Districts in California to a better security posture through guidance and peer-to-peer consulting. David holds a Bachelor of Science in Computer Science from California State University.
Greg Herbold is Director of the U.S. State/Local Government and Education (SLED) segment at Palo Alto Networks, where he is responsible for creating solutions and programs to protect our way of life in the digital age by preventing successful cyberattacks. In this capacity, he leads strategy and planning, marketing, solution development, sales programs, channel partner development, contracts, compliance and industry relations for the segment. Greg holds a Master of Arts from Georgetown University and an HP-Stanford Innovation and Entrepreneurship Certificate from the Stanford Graduate School of Business.
The recently disclosed Meltdown and Spectre vulnerabilities negatively impact the security of virtually every computer in the world today. These vulnerabilities allow an attacker to gain control of a computer’s processor and steal data located on that computer. Organizations that store data in the cloud are particularly susceptible.
During this webcast, Jimmy Graham, Director of Product Management for Qualys Threat Protection and Asset Inventory, will showcase solutions that can help you determine the impact of Spectre and Meltdown across your global IT environments.
By attending this webcast, you will understand how:
• To quickly and easily visualize Spectre and Meltdown vulnerabilities within your environment
• To track remediation progress as you patch against Spectre and Meltdown
• The Qualys Asset Inventory and Threat Protection apps, which will help you automate detection and track remediation progress
The webcast will include a live Q&A session.
Attend this brief webinar to get up to the minute updates on the E-rate program and ask our E-rate experts any questions you may have. We will review important information for Funding Year 2018, such as Key Dates, Eligible Services, and USAC Announcements.
Organizations have difficulties handling security auditing and compliance that can be scaled across many teams with varying infrastructure. Adobe found themselves in the same situation and in need of a tool that could provide a window into the complexities of their infrastructure. As a result HubbleStack was developed -- a free open source project.
Just like the Hubble telescope gives us a window into the complexities of our universe, HubbleStack gives a window into the complexities of your infrastructure. It includes components for information gathering, file integrity monitoring, auditing, and reporting. This webcast you learn:
- Detail on the HubbleStack project
- How Adobe has made use of it across all of its cloud services
- How you can get and try out HubbleStack for yourself
- How you can help us move HubbleStack forward
- How you and others can contribute to the development of Hubblestack
Gain insights into these important legal developments from two of the leading open source legal experts, Mark Radcliffe, Partner at DLA Piper and General Counsel for the Open Source Initiative and Phil Odence, Sr. Director and General Manager at Black Duck Software by Synopsys. This annual review will highlight the most significant legal developments related to open source software in 2017, including:
- Current litigation
- An open source security update
- Blockchain and its forks
- Software Package Data Exchange (SPDX) and OpenChain
- And more
Live attendees will be receiving a CLE credit for this webinar.
Presidio is radically simplifying customers datacenter environments with Nutanix. Come hear from Vinu Thomas, Presidio CTO, Raphael Meyerowitz, AVP of Datacenter Solutions, and Mike Berthiaume with Nutanix on how we are making it easier to manage, upgrade and deploy multi-cloud solutions.
Understanding the hacker advances in AI is critical to stop the new generation of cyber threats. At the same time, what techniques can we teach our AI's to examine and prevent new exploitations.
About the Presenter:
Alex Holden is the founder and CISO of Hold Security, LLC. Under his leadership, Hold Security played a pivotal role in information security and threat intelligence, becoming one of the most recognizable names in its field. Holden is credited with the discovery of many high-profile breaches including Adobe Systems, initial vendor breach that led to the discovery of the JPMorgan Chase breach, the independent discovery of the Target breach and the Veraz (Equifax Argentina) breach. In 2014, he discovered the largest breach of data to-date. Dubbed the CyberVor breach, he recovered a cache of over 1.2 billion stolen credentials gathered from over 420,000 exploited web sites.
Considered one of the leading security experts, he regularly voices his professional opinion in mainstream media.
Join us—the Verizon Threat Research Advisory Center —for our Monthly Intelligence Briefing to discuss the current cybersecurity threat landscape. Threats like MeltDown, Spectre and other hot topics will be shared by experts across Verizon and our partners.
Each month, we will have a specific theme to help promote awareness and best practices.
The adoption of SaaS applications continues to grow at an exponential pace. You do not want to clamp down on these applications because they are valuable tools for many of your employees. However, because the data and usage of these SaaS applications is invisible to IT administrators, they do expose your organization to potentially disastrous security and data theft risks.
Join us for a live webinar where you will learn how your organization can enable safe usage of SaaS applications and:
•Gain visibility and granular, context-based control of SaaS applications.
•Protect corporate data from malicious and inadvertent exposure after it has left the traditional corporate perimeter.
•Protect against new insertion and distribution points for malware.
•Satisfy compliance requirements while still maintaining the benefits of SaaS based application services.
The challenges of SaaS applications are already here whether they are enabled by IT or end users themselves. Find out how to take back control and safely enable their use.
As organizations migrate workloads to cloud computing, they benefit from flexibility and agility, but network security operations grow increasingly difficult.
Gaining visibility into cloud environments, extending existing security operations and workflows, ensuring compliance, and managing shared responsibility create new challenges for security professionals. Add to this the complexity of hybrid and multi-cloud environments — and the loss of control within those environments — and it’s no wonder security leaders are scratching their heads over how to best secure their organization’s journey to the cloud.
This session will look at approaches to addressing the many challenges around cloud security management and best practices for translating on-prem security controls and processes into hybrid and multi-cloud environments.
Join Skybox Security and (ISC)² on Jan 17, 2018 (Wed) at 14:00 Singapore time to learn more about security management in the cloud.
Aligning security with business goals remains a challenge for CISOs across industries. In an age of relentless attacks, CISOs need to be proactive, informed and have the resources to launch a resilient cyber defense.
Tune in to this interactive panel discussion to learn the key cyber priorities for CISOs this year:
- Cyber attacks and new threats on the horizon
- Understanding your company's cyber risk
- Cost of breaches
- Best practices for improving security in 2018
- Communicating security strategy to the board
- Dr. Christopher Pierson, Founder & CEO, Binary Sun Cyber Risk Advisors
- Roselle Safran, President, Rosint Labs
- John Cloonan, Director of Products, Lastline
GDPR is coming and anyone doing business with the EU will need a Data Officer to determine their data strategy.
With a third of all attacks coming in against web applications, mapping the data flows through those applications is required to satisfy due diligence in securing your customer data, EU citizen data, and is a good exercise in general to protect your own intellectual property.
In this talk, Jeannie Warner, Security Manager and Kurt Risley, Security Architect at WhiteHat Security will offer best application security practices for data in the following categories:
- Data Classification - how secure does it need to be?
- Data Categorization - which regulations will apply?
- Data Rules - what kinds of repeatable policies should be applied?
- Data Mapping - identify the flow from database to applications to client apps via APIs
- Data Securing - showing the best practices for securing the applications by use cases
Like most organizations, you’ve probably deployed endpoint security. Still, you can’t seem to stop all existing and new threats, particularly fileless malware. You’re being infected, getting ransomware and/or having unwanted downtime.
This presentation will include a dynamic discussion between Lenny Liebmann, founding partner at Morgan Armstrong and Nir Gaist, founder and CTO at Nyotron on why the Negative Security model that tries to track down everything “bad” will eventually miss some elusive new threat.
Although a multi-layered security strategy that includes a Positive Security model provides better and more continuous protection for endpoints, this model has historically been difficult since it involves complex and time consuming whitelist maintenance. Lenny and Nir will describe a new OS-Centric Positive Security model that is a game changing innovation for simpler and more effective endpoint security.
Whether you’re just getting your program off the ground or looking to optimize your current program, this webinar will give you the knowledge you need. It’s based on proven programs involving over 27 million end users across 160 countries. Tune into to find out what others have done to reduce end-user susceptibility by 95% and build resiliency among their workforce.
Some of the topics covered include:
- Best ways to introduce and communicate a program
- Tips for increasing engagement
- Most important metrics your Board and C-level Execs will want to review
- How to handle repeat clickers
This session will cover the various conflicting constituencies that CISO's deal with on a regular basis and future trends.
If you are a CISO, Board Member, CEO, CIO, COO or just want to better understand the role and challenges that today’s CISO’s Face, this is a must attend session. We are at a crossroad, and the CISO is crucial to helping navigate the way, but are they being heard?
Join this panel of experts for a highly controversial discussion:
• What is the Role and Goal of the CISO and What should it be.
• The Business of Being a CISO: It’s not just all about Technology
• The CISO as part of the Marketing Team
• The CISO vs. The Compliance Officer
• The CISO as a Technocrat
• It’s not all on the CISO: Do Boards bear some responsibility
• In an always on, 24x7, I want it now world; How does the CISO Succeed
• The CISO Reimagined
About the Speakers:
Barak Engel: Chief Geek at EAmmune, CISO at Amplitude Analytics. Decades in the information security field, and in CISO/ vCISO roles: WebEx, Loyalty Labs, MarketLive/Kibo, MuleSoft, Mashery/Intel, Wrap, Amplitude.
Lance James: Chief Scientist at Flashpoint, internationally renowned Cybersecurity Specialist who has advised Boards and CISO’s at a wide range of government and F-500 organizations. Frequent lecturer and speaker.
Ulf Mattsson: Innovation Officer at TokenEX. Member of the PCI Security Standards Council, ISSA and ISACA lecturer and ISACA Journal Contributor. Encryption and Tokenization Expert with over three decades of experience in Cybersecurity with more than 55 patents.
How the recent advanced threats execute on your endpoints and the Palo Alto Networks prevention advisory
Traps replaces legacy antivirus and secures endpoints with a multi-method prevention approach that blocks malware and exploits, both known and unknown, before they compromise endpoints, such as laptops, desktops and servers.
•Challenges with AV today
•Difference between exploits and malware
What is malware? What is an exploit? How to prevent against both attack vectors
•Prevention is better than a cure
Having a multiple method approach against APTs
•Automated Prevention Platform via Palo Alto Networks
Demo of live hack against Traps 4.1
Today’s complex, multi-faceted infosec challenges can cause IT and security teams to spend unnecessary cycles trying to perform the fundamentals – basic hygiene, assessing posture, and validating security “readiness”. With most organizations getting attacked weekly, ensuring these functions are efficient and effective is more important than ever.
In this session you’ll learn how end-to-end security visibility is a critical first step to improving your security posture. By combining endpoint, network, user activity, and threat intelligence you can be truly data-driven and:
- Identify malicious activity and gain key context to help prevent similar threats
- Apply methods to help improve accuracy and further mitigate risk
- Automate context gathering and response actions to accelerate investigations, and to more effectively contain and prevent threats
Join us and get the inside view into the latest technological advancements powering today’s cybersecurity solutions.
Three major trends define the Cloud Generation chaos that organizations face today. They are 1) Use of cloud applications, 2) An increasingly mobile workforce accessing these cloud applications from outside the perimeter and 3) Use of both corporate owned and BYO devices (PC, Mac and Mobile).
On the other hand, the threat landscape is constantly evolving with adversaries taking advantage of these trends to attack organizations with ransomware, targeted attacks and mobile malware.
Existing solutions from the industry have been largely a mixture of disjointed point products to solve these problems piece meal. All of these have led to operational complexity for Organizations who face a severe shortage of skilled IT security personnel.
Attend this webinar and learn how endpoint security can solve these problems while increasing operational efficiency and lowering total cost of operations with a single agent architecture.
In addition, Symantec will discuss how the latest evolution of Symantec Endpoint Security can:
-Turn the tables on attackers by exposing intent and delaying their tactics using deception techniques and proactive security
-Expose, investigate and resolve incidents including file-less attacks with integrated Endpoint Detection and Response
-Harden environments against cyber-attacks with complete visibility into application attack surface and isolating suspicious applications
-Extend advanced security to mobile devices to protect them from network based attacks and OS/App vulnerabilities.
A threat intelligence entrepreneur sits down with two former NSA spooks to discuss the future of security operations.
In this valuable executive panel, TruSTAR co-founder and CEO Paul Kurtz will interview two former seasoned cybersecurity executives from the NSA. Based on thousands of hours managing SOC operations and operators and developing defense strategies, the panelists will discuss the biggest events of 2017 and what’s ahead in 2018.
The panelists will also discuss what works, what doesn’t, and key gaps requiring attention in security operations centers today. Both SOC managers and operators will find Sherri and Tony’s insights helpful as we move into the new year.
This will be an interactive discussion infused with current threat intelligence research along with professional anecdotes from our highly-seasoned panelists.
1. 2017 Threat Trend Review
2. 2018 SOC Predictions and Gaps
3. Open Q&A
- Sherri Ramsay, Strategic Consultant and former Director of NSA's Threat Operations Center (NTOC)
- Tony Sager, Senior Vice President and Chief Evangelist for CIS (The Center for Internet Security), Director of SANS Innovation Center
- Paul Kurtz, Co-Founder and CEO of TruSTAR Technology
3-D Secure 2.0’s impact on the financial industry will be one of the most significant in recent years. Built around the increasing popularity of mobile commerce, 3-D Secure 2.0 is predicated on risk-based authentication, leveraging data points for accurate verification, while optimizing the consumer experience.
But, what about migration? How do you get from where you are to where you want to be? It’s time to fine-tune your authentication strategy. Join Hannah Preston, Solution Strategist, Payment Security at CA to learn how to:
• Design the best payment security architecture for your business
• Exploit the power of a consistent device identity across online channels
• Incorporate a global network of devices to shut down fraud fast
The future lies in turnkey cloud solutions like hyper-convergence, which is set to displace traditional server and storage models.
WinMagic’s SecureDoc product suite, coupled with Nutanix, provides customers greater control and certainty over their data security through intelligent enterprise-controlled, cloud-agnostic key management & VM-level encryption.
Join us as we unravel some of the most critical considerations for establishing a high performance IT infrastructure that is not only flexible, fluid, and affordable, but provides the consistent security and simplicity needed across your entire environment.
In this webinar you will learn:
Simplicity: Discover how to converge your entire datacenter stack into one solution, reducing silos, and simplifying your operations
Scalability: Learn how you can flexibly and securely scale out to support dynamic workloads and evolving business needs of any size
Manageability: Reduce the complexity of managing traditional infrastructure and security across a disparate array of platforms. Gain simplicity in meeting Compliance audits
Agile development and DevOps are built on a foundation integrated and automated testing that happens throughout the development lifecycle. Rather than waiting for a testing phase that happens late in the cycle, software quality and security must be verified at every step. In this session you will learn how to validate open source security, compliance, and quality across the SDLC, from design phase to production deployment and beyond.
Join us on January 18th, 2018 for a lively discussion with Ralf Buchroth, Team Lead in IT Infrastructure and Provider Management at RWE, the second largest utility provider in Germany.
We will discuss RWE’s challenges and success in moving their network operations into the future without compromising security and compliance, including:
• consolidating security and orchestrating connectivity across a hybrid network, including legacy firewalls and routers, next generation firewalls, and the AWS cloud platform
• incorporating a cloud-first strategy and a heavy investment in DevOps to identify and address security violations in AWS, and allow application developers to spin up new applications without knowing IPs, protocols and ports
• reclaiming visibility of their firewall configurations and moving from error-prone manual changes to automating the process
• vastly improving workflows to improve audit preparation from a previously non-auditable change process
Register now to gain amazing insight into how they have found success. We will wrap up with a live Q&A, so have your questions ready!
We’ve spent years just seeing data as ‘there’; whether it’s a spreadsheet, email or information on a website/social media – data just exists. However, with recent, and massive, growth in stored data its value throughout its lifetime has now changed.
Because of this changing value, data must be secured and protected – kept away from people who might pose a threat to its integrity and value. In this world of instantly available information a news leak informed by real data is something that can quickly reduce the value of a product, or even damage the revenue and reputation of your business.
Endpoint-based technologies can help to prevent an attack, but this is a defensive posture - we need to move and become more proactive. Understanding the data you have makes it easier to know what is ‘normal’, in turn this makes it easier to recognize unusual behavior of devices and data which might indicate a threat has breached the network. The faster you are able to see this, the faster you can react – ensuring maximum time possible to mitigate the potential damage.
After 25 years of speaking and writing about the impacts of technologies on “the human in the machine,” Richard Thieme documented the traumatic consequences for security and intelligence professionals of swimming in dark and turbulent waters that challenged our abilities, our ethos, and sometimes our very identity. Who we thought we were came up against what we had to do and the friction threw off sparks.
This webinar goes beyond those stories to explore in particular how what dominant cultures call “minorities” manage their unique challenges. Thieme has uncharacteristically lived as “a minority” in five different ways and the dynamics and resultant strategies he had learned port seamlessly to the experience of others. There’s more to it than “playing through the pain” - there’s real gold in discovering our capacities for the resilience, power, and self-transcendence intrinsic to the human condition.
Beginning with the “real facts” of the matter, Thieme draws on his experience to suggest ways to make this game a long distance run, not a sprint, and not lose our selves along the way.
With the ever increasing number of devices and applications that individuals use and access on a daily basis, the authentication of individuals has become paramount for organizations. It needs to be done faster, seamlessly and have less impact on the user. What can organizations do to meet this challenge? Are behavioral analytics an answer? What role does identity assurance play? What about multi-factor authentication? Biometrics? Join RSA and (ISC)2 on January 18, 2018 at 1:00PM Eastern for a discussion on where ID/Access management and authentication is going and how these future advancements can impact your organization.
Learn how enterprises can achieve immediate visibility across on-premises, endpoint, and cloud IT environments with Qualys Cloud Platform and its powerful, natively integrated security and compliance applications.
Since WannaCry and Petya took the world by storm in May of 2017, defending laptops, desktops, and IT assets from ransomware has become critically important for enterprises.
This webinar looks look at the newly released advanced capabilities of Symantec Endpoint Protection 14.1 that help protect against ransomware attacks and the strategies and the technologies that Symantec customers have deployed technology for effective protection against ransomware and unknown threats.
Join us to discover how you can:
· Block ransomware via latest enhancements into behavior monitoring, machine learning and intrusion prevention
· Gain enhanced visibility into suspicious activity across your endpoint estate
· Optimizing endpoint security across different environment needs such as high risk employee groups, low bandwidth environments, etc
In addition we’ll also show you SEP 14.1 in action, with a demo that showcases how unknown threats don’t stand a chance.
In the age of breaches and increased cyber attacks, security professionals are looking for the best ways to secure their organizations and prepare against upcoming cyber threats. Join this panel of experts are they look back the biggest events of 2017 and provide their recommendations for CISO's on what to look out for in the next months and how to improve their organization's cyber security in 2018.
- Breaches and (Compromised) Identity
- Lessons learned from 2017's major breaches (Equifax, Uber, etc.)
- Fighting cyber fraud, identity theft, account takeovers
- The likelihood of GDPR leading to companies not disclosing breaches
- Cyber attack trends on the horizon
- How to protect against these attacks and build a more resilient enterprise
- John Bambenek, Threat Systems Manager, Fidelis Cybersecurity
- Dennis Leber, CISO at Cabinet for Health and Family Services, Commonwealth of Kentucky
- Kevin Lee, Trust and Safety Architect, Sift Science
- Michael Bruemmer, VP Consumer Protection, Experian Consumer Services
With banks worldwide running proofs of concept for a number of use cases based on blockchain technology. It has become a question of when, not if, many of these initiatives will move into the production stage.
Now is a good time to consider what the expected adoption of blockchain and cryptocurrencies are likely to mean for fraud in banking and commerce.
Attend the webinar to learn:
-How banks and businesses are adopting distributed ledger technologies (DLT)
-What fraud and financial crime implications are created by the use of DLT
-What tools will be required in the future to mitigate DLT-related fraud
Security Information Event Management (SIEMs) systems have become the go-to application for cybersecurity practitioners, but it doesn’t come without a hefty cost or tradeoffs. These costs can include historic data being unreachable, advanced analytic limitations, and reduced enterprise visibility. Pairing SIEMs with a big data machine learning platform allows enterprises to proactively assess risk by accelerating anomaly detection, investigation, and response with machine learning and complete enterprise visibility.
Join TJ Laher, Cybersecurity Solutions Lead, as he discusses how big data and machine learning empowers cybersecurity innovators to optimize SIEM deployments. During this discussion, you will learn how open source technology is helping optimize SIEM deployments allowing organizations to:
• Infinitely scale data storage, access, and machine learning
• Deploy a community defined open data model to break vendor lock-in and gain complete enterprise visibility
• Open up application flexibility while building on a future-proofed architecture
Every business that handles personally identifiable data is subject to privacy regulations and standards, such as PCI-DSS for credit card transaction data, HIPAA for medical records privacy, SOC 2 for any organization that delivers services (including SaaS-delivered solutions) and the European Union’s soon-to-be-enacted GDPR (General Data Protection Regulation). There are also privacy and breach disclosure laws that vary from country to country (even state to state in the US), making it a big challenge to keep up with them all. Failure to comply can result in daily penalties and fines, and a data breach resulting from non-compliance could cost millions in settlements, legal fees, and loss of reputation.
Join special guest, Divya Jeyachandran of Coalfire and John McLeod, CISO of AlienVault to hear what auditors are looking for and how to best prepare for your next audit.
Overview of common compliance requirements
Best practices for preparing for and demonstrating compliance
Keys to overcoming challenges in your on-premises and cloud environments
How a unified security toolset can greatly simplify this process
Sr. Manager - Payments, Cloud & Technology, Coalfire
Divya is a Senior Manager in the Payments practice at Coalfire focusing on data security in cloud environments. She advises and assesses client environments to meet security and compliance requirements such as the PCI DSS. With 8 years of experience in cloud technology, IT security and audit, and network and systems administration combined with understanding the applicability of regulatory security and compliance requirements towards IT solutions, Divya has been the lead QSA for some of the major cloud service providers and security service providers in the industry.
During this 20 minute webinar, see how Veracode Static Analysis and Veracode Software Composition Analysis work together to automate application scans to deliver fast, repeatable results. When scanning entire applications in DevOps-friendly languages, more than 70% of scans complete in under an hour, and scans of microservices return even more quickly.
In this webinar you will learn how to
•Check for vulnerabilities in your open source components within a same scan
•Remove additional integration requirements within your continuous integration pipeline
•Enables your organization to speed applications to market without sacrificing security
“Make the trust zones smaller” is the rallying cry behind microsegmentation projects. Break up the network into smaller pieces and put firewalls in between those pieces to ensure attackers can’t get from one part of the network to the next. But making microsegmentation projects work relies on a great deal of knowledge of the network and attack pathways. And it’s an incredibly heavy lift–configuring and deploying a microsegmentation solution takes an immense amount of time and resources. Machine learning can significantly reduce the hurdles by learning the network’s intended state and defining the attack pathways that need to be secured, automating the microsegmentation process.
Edgewise’s Chief Data Scientist John O’Neil will deep-dive into the role of machine learning in microsegmentation and demonstrate how a machine learning driven solution could reduce the time and energy needed to deploy microsegmentation from months to hours.
In the digital world we all live in, a majority of IT operations and support center organizations still rely on spreadsheets and spray-and-pray emails to entire teams to communicate major IT events due to application failures, network outages, cyberattacks, datacenter outages… During this session, Vincent Geffray will share the eye-opening results from various surveys on state of incident management and best performing companies practices and will explain how the lack of response automation hurts business and negatively impacts IT employees’ work-life balance.
During this session you will:
* Understand why quickly engaging the right team of IT experts is such a hard thing to do
* Understand the mechanisms which lead to a call storm and learn how to prevent it
* Learn how you can improve your incident response process and streamline the communication between the Service Desk, your IT teams and the impacted business users
Vincent Geffray is Senior Director of Product Marketing with focus on IT Incident Response Automation, IT Service Alerting, team Collaboration and Process Orchestration at Everbridge. He has over seventeen years of experience in Digital Operations and Service Management with expertise in Critical Communications, Application Performance Management, IT Process, Runbook and Workload Automation. Vincent has an international experience and he worked in Europe and in North America.
Do you feel safe from DDoS attacks because you use a content delivery network (CDN)? Join Andy Shoemaker, founder of DDoS testing company NimbusDDOS, to uncover the limitations of this strategy. In this webinar he’ll perform a live DDoS attack to show how attackers bypass CDN defenses to directly target an organization’s critical resources.
In this webinar you will:
· Learn about the benefits and pitfalls of using CDNs as a DDoS protection strategy
· Watch a live DDoS attack from the attacker's perspective
· Participate in a live Q&A with DDoS experts
Cyber attacks are as unique as the attackers behind them and the organizations they target: both attackers and the organizations they target have different objectives. Analysis of attack trends can help determine where security efforts should be focused to prepare for the most common attack types and protect from the highest risk.
In this talk we will walk through the latest data from NTT Security’s Threat Intelligence Reports to show the most common threats facing organizations in various sectors and geographies today.