The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
Why is software so riddled with security defects? Are developers to blame? Is it just the nature of software? We’ve found that there are four primary ways that vulnerabilities end up in your software. Understanding these sources and how to prevent them is a good first step in making your apps less like a red carpet for cyberattackers, and more like a moat.
Benefits of attending:
1.Learn how vulnerabilities are getting in your code and how to keep them out from a VP of Engineering
2.Gain actionable tips and advice on application security– from a development manager who lives it day to day
3.Move beyond the buzz about the insecurity of open source components – what is the solution?
4.Identify the best ways to help developers learn to code more securely
5.Gain insight from the latest research into which languages are introducing what vulnerabilities
Protecting sensitive client and corporate data is one of the most important responsibilities in any organization. So if your current solution isn’t working for all stakeholders, is it really working at all?
1. Increase security and compliance, while maintaining user-friendliness
2. Deploy encryption without interrupting normal business processes
3. Ease the daily burden of your data security administration
Ransomware. Business email compromise (BEC). Social media phishing. Counterfeit mobile apps. Today’s advanced attacks use different tactics and vectors, but they all have one thing in common: they target people, not just infrastructure.
In this webinar, we use original research and data collected from real-world Proofpoint deployments around the world to explore who is being targeted, how attackers are getting people to click, and what you can do about it.
Register now to learn about:
•The latest social engineering targeting trends and techniques
•Top email fraud tactics, including business email compromise (BEC) and social media account phishing
•The rise of fraudulent mobile apps and how criminals target users on the go
What steps are you taking to minimise your risk of becoming a data breach victim? In this webinar, Symantec and a guest speaker from Forrester share best practices to proactively protect your critical data with data-centric security.
Get advice on preventing data breaches from these industry experts:
• Guest Speaker Heidi Shey, Senior Analyst, Forrester. Heidi serves Security & Risk Professionals with solutions for data security and privacy. She also researches sensitive data discovery, data loss prevention, cybersecurity, customer-facing breach response and more.
• Nico Popp, Senior Vice President, Information Protection, Symantec. Nico is the former CTO of VeriSign Security Services where he led efforts to develop new products and services for Trust Services and Identity Protection.
Join these authorities as they explain how a holistic approach to data security and identity puts you back in control.
AWS cloud is one of the leading cloud providers in the market—and Amazon solutions like Trusted Advisor, Cost Explorer, CloudTrail, CloudWatch, and Inspector can help organizations begin to manage their IaaS infrastructure more efficiently. However, the valuable data provided by these services can be more efficiently leveraged with tools that offer deeper visibility and control.
Join us to learn tools and tips to take your AWS investment to the next level, including:
- Forecasting and tagging tips to predict and optimize cloud spend
- A comprehensive approach to monitoring to ensure secure and compliant infrastructure
- Proactive risk detection and automated remediation tactics
Even the most sophisticated adversaries know it’s far easier to steal credentials and use them for covert activities than it is to locate a zero-day vulnerability in an external-facing system. Plus, since attackers will take the easiest path, most breaches still rely on stolen credentials.
Join our Unit 42 threat intelligence analyst for an insightful perspective on credential-based attacks and phishing. In addition to presenting its unique attack life-cycle, she will:
• Identify trends and techniques in methods used for credential theft and abuse.
• Review how cyber criminals have changed their tactics to compromise networks.
• Examine who is being targeted, and why.
• Discuss techniques to stop credential leakage.
Retailers are faced with the challenge of fast evolving consumer buying processes. Today and in the future consumers have greater choice in terms of how when and where they buy. Consumers expect an omnichannel experience across all available touch points with retailers.
According to the 2017 Customer Experience Benchmarking Report, 85% of retail and consumer goods organisations recognise CX as a competitive differentiator. Join us for this webinar where we’ll be discussing the retail specific findings from the report.
With the EU General Data Protection Regulation (GDPR) now agreed for implementation, now is the right time for organizations to review their data governance and protection requirements.
During this webinar, Martin Sugden discussed and explored practical advice for US organizations about EU GDPR and how it affects organizations located outside of the EU which hold information on EU citizens.
This webinar provides you with practical advice about how to identify the data that will be impacted by EU GDPR and how data classification can help improve your data governance measures and get data protection processes in shape in advance of EU GDPR
“I would not want to be a merchant responsible for managing fraud today,” Spear told Karen Webster in a live online discussion on the topic held last week with an audience of online retailers. “It is a full-time job, 24/7/365, against constantly evolving threats.”
Ecommerce fraud losses have fallen 34.7% since Q1 2016, helped by machine learning and new services like Guaranteed Fraud Protection. However, merchants across eight major industry segments are still expected to lose $48.2 billion this year. And not all industries have improved. For example, online Department Stores saw fraud losses rise by 146.5% between Q1 2016 and Q1 2017. What’s changing, and what’s next? Hear directly from experts responsible for protecting over 5,000 e-commerce merchants globally.
Join PYMNTS CEO Karen Webster and Signifyd’s Vice President of Partnerships, Skye Spear, as they discuss the first installment of the Global Fraud Index, covering 5 quarters from Q1 2016 through Q1 2017. The Index provides the most extensive data and reporting to date on ecommerce fraud across 8 major verticals. Specific types of fraud and key trends are examined for each major vertical, including apparel; department stores; consumer electronics; cosmetics and perfumes; furniture, appliances and home improvement; health, leisure and hobbies; jewelry and precious metals; and alcohol, tobacco and cannabis.
Operational Technology (OT) consists of hardware and software that are designed to detect or cause changes in physical processes through direct monitoring and control of devices. As companies increasingly embrace OT, they face a dilemma as to whether to keep these new systems independent or integrate them with their existing IT systems. As IT leaders evaluate the alternatives, there are 5 key barriers to IT/OT integration to consider.
Business Process Knowledge
Manageability & Support
Dependency Risk – Two of the key challenges of enterprise IT environments are managing the complex web of dependencies and managing the risk of service impact when a dependent component fails or is unavailable. With traditional IT, the impact is typical to some human activity, and the user is able to mitigate impact through some type of manual activity. For OT, companies must be very careful managing the dependencies on IT components to avoid the risk of impacting physical processes when and where humans are not available to intervene and mitigate the situation.
Management of OT Data – The data produced by OT devices can be large, diverse in content, time sensitive for consumption and geographically distributed (sometimes not even connected to the corporate network). In comparison, most IT systems have some level of tolerance for time delays, are relatively constrained in size and content and reliably connected to company networks, making them accessible to the IT staff for data management and support.
Security – IT systems are a common target for malicious behavior by those wishing to harm the company. The integration of OT systems with IT creates additional vulnerability targets with the potential of impacting not just people and but also physical processes.
Segmentation of IT
Enterprises cannot move to the cloud quickly enough. In fact, Gartner estimates that by 2020, “cloud-first” and “cloud-only” will be standard corporate policies rather than exceptions.
That’s a big problem for traditional security infrastructures. There’s a hodgepodge of disparate, disconnected security products that were not made to secure the cloud. Some vendors have “cloud-washed” their products, but these deliver questionable value. In real-world situations, these products perform poorly, lack critical functionality, and cannot provide the visibility time-strapped security teams require to be effective.
ProtectWise and Ixia make it easy to secure workloads in the cloud, including multi-cloud environments, in addition to traditional on-premises networks. Running entirely from the cloud, the ProtectWise Grid delivers pervasive visibility via automatic real-time and retrospective threat detection, long-term retention of full-fidelity packet capture (PCAP) and unlimited forensic exploration. Ixia CloudLens™ simplifies capture of network traffic from public cloud, virtual, or physical environments and delivers it to The ProtectWise Grid seamlessly. Through this integration, ProtectWise and Ixia give security teams a single solution for end-to-end visibility across heterogenous public cloud, enterprise, and hybrid environments.
Attend this webinar and learn how easy it is to secure the cloud with the joint ProtectWise-Ixia solution and:
Why security in mixed- and multi-cloud environments can be difficult
How moving to the cloud limits visibility for legacy security solutions
How a modern approach to security provides pervasive visibility
Our R&D teams have had a busy year thus far and we would like to invite you to learn more about recent releases and updates made to the SentinelOne platform.
Rajiv, our VP of Product Marketing, will lead you through the changing threat landscape and provide an overall platform update. Including:
VDI - full memory protection, threat visibility on decommissioned devices, and more
Updates to On-Premise Appliance for Fed, Gov, and GDPR use cases
A brief demo of SentinelOne with AWS workspaces
Highlights about recent ransomware attacks and our new executive team
2016 was a “Ransomware Horror Show”. If you've been in the IT trenches over the past year, you've probably noticed that announcements of new ransomware strains are accelerating and there is no end in sight for 2017.
In this webinar, we will cover the final 3 sections of the very popular KnowBe4 Ransomware Hostage Rescue Manual in depth.
Join Erich Kron CISSP, Technical Evangelist at KnowBe4 for the webinar “Ransomware Hostage Rescue Guide, Part 2”. We will look at recent infections, give actionable info that you need to prevent infections, and cover what to do when you are hit with ransomware.
To effectively respond to today’s complex cyberattacks, security teams need to coordinate their people and technology throughout the entire incident response (IR) process. When IR orchestration is supported by automation, organizations can accelerate their response and make their IR team more intelligent.
In this video, IBM Resilient CTO Bruce Schneier compares and contrasts orchestration and automation, and outlines how organizations can orchestrate response with an incident response platform.
Microsoft is struggling to stop phishing and ransomware in Office 365. Now there is a solution. Over 70 of the leading security vendors have joined together in one platform to create the most complete, cloud-native protection for SaaS-based email. Best of all, it works in parallel with Microsoft and Gmail to deploy as simply as an app-store one-click application.
As a Salesforce admin, you can allow your users to authenticate with a YubiKey any time they’re challenged to verify their identity. Once provisioned, users simply insert and tap their YubiKey to complete verification. It’s a secure, convenient alternative to using Salesforce Authenticator or one-time passwords sent by email or SMS.
In this on-demand webinar, Itzik Koren (Salesforce) and Jerrod Chong (Yubico) demonstrate why it is important to activate U2F with single sign-on (SSO) on Salesforce.com, and the cost savings you can achieve with YubiKey as a hardware-based second factor.
In this webinar, we’ll show you real-life examples of the ways Yubico and Centrify provide context-based, adaptive authentication across enterprise users and resources. Across a wide range of use cases, Centrify and Yubico provide IT the flexibility to enforce security without user frustration.
Centrify Identity Service can leverage the easy-to-use, multi-function YubiKey for use cases such as:
-- Smart card AD-based login to Mac or Linux
-- Smart card login to Centrify’s cloud service for SSO, secure remote access, or administration
-- OATH OTP as a second factor for secure SSO to cloud apps
-- OATH OTP for MFA to privilege elevation on servers
-- Physical NFC token-based MFA for secure access to apps on mobile devices
We’ll show you secure, simple, scalable solutions that both admins and users love.
During this session, with his extensive experience delivering data classification projects for leading global brands, Bob Mann (CISO) will explore the common challenges with data classification projects and provide practical guidance for senior security, audit and risk professionals on how to simplify data classification to ensure successful implementation without it becoming overwhelming.
We asked Amnon about the current key issues in data security and why having up-to-date threat information is becoming increasingly important, in what way malware attacks can be prevented, and how this intelligence can be harnessed and applied to the mobile and cloud environments.
We also learn about Check Point Software’s new security architecture, Software Defined Protection, and how it can be used to control your security environment by combining intelligence with segmenting your network.
View Amnon’s Executive Interview to learn how Check Point Software’s new architecture and other security solutions can be of benefit to your organisation.
Business units want a policy that allows them to save everything. Legal wants the minimum saved. IT just wants something easy to execute. What should we do? A committee is formed, with legal, IT, records management, HR, and others. The committee meets. Discussions ensue: Which are business records? How long should we save them? Do we allow exceptions?
The committee meets again. And again. We’re stuck.
Join Ed Rawson , Michelle Hanrahan, Shawn Cheadle and Mark Diamond as they discuss strategies for building consensus across your organization and making sure your initiative doesn't get stuck!
About the speakers:
Ed Rawson is a strategic, results-oriented thought leader who has dedicated over 30 years of his career to helping organizations manage their paper and digital content lowering cost and increasing productivity. Ed has helped organizations to align information with business value and operational direction to maximize the return on investments, lowering risk and maintaining compliance.
Michele Hanranhan is Records Manager at Sound Transit since January 2015 and is leading a RIM group to implement ECM solution organization wide. She previously worked at Federal Home Loan Bank of Seattle, PATH, and Washington State Department of Transportation and has over 16 years of experience in Records and Information (RIM) with a variety of business, government and non-profit organizations.
Shawn Cheadle is General Counsel to the Military Space line of business at Lockheed Martin Space Systems. He supports government and international contracts negotiations, drafting and dispute resolution. He also supports information governance, eDiscovery, records management, counterfeit parts investigations, and other functional organizations at Lockheed Martin. He is an ACC Global Board Member, current Information Governance Committee Chair and former Law Department Management Chair, and former Board member and President of ACC Colorado.
Legislators in Europe continue to expand the scope of the laws governing information security and personal data protection. As a result, organizations serving consumers and businesses in the region need to understand the implications these laws will have on their use of open source to build software applications.
During this educational webinar led by Dan Hedley, Partner, IT and Commercial from Irwin Mitchell, we’ll provide guidance on the General Data Protection Regulation (GDPR) and why a comprehensive approach to open source security management is essential for GDPR observance. In addition, we’ll review open source management best practices in context of other industry-specific developments like the Network and Information Services Directive and the Electronic Identification Regulation.
The upcoming GDPR legislation represents a sea change for organisations that store or process data relating to EU residents. With penalties for violations up to 4% of annual global turnover, organisations are scrambling to comply with GDPR provisions. Effective data governance and access control helps enterprises manage risk effectively, comply with regulations and gain competitive advantage through agile decision.
Join Srikanth Venkat, Sr. Director Product Management and Ana Gillan, Solutions Engineer as they discuss effective data governance and its role in complying with regulations such as GDPR. They will also cover Atlas and Ranger, the governance and security components of Hortonworks Data Platform and their role in effective data governance.
This webinar is not intended to constitute legal advice. Viewers should consult with their own legal counsel regarding compliance with GDPR and other laws and regulations applicable to their particular situation and intended use of any Hortonworks products and services. Hortonworks makes no warranties, express, implied, or statutory, as to the information in this webinar.
Application delivery infrastructure resources are increasingly strained. The new features in modern Application Delivery Controllers along with the demands for SSL to comply with search engine ranking algorithms are major contributors to the problem. It means organizations have to find ways to scale their ADCs. But do they scale up? Or scale out? And how?.
Join us for this live webinar to discover:
oThe drivers for the requirement of scalable application delivery infrastructure like SSL adoption and expanding ADC feature sets
oThe pitfalls and limits of vertically scaling your ADC
oHow you can use equal-cost multi-path (ECMP) routing to horizontally (and nearly infinitely) scale your ADC
oHow to use Route Health Injection (RHI) to ensure availability of your ADC cluster
oExamples of organizations who have accomplished this with HAProxy
IT planners have far more options as to where to run their workloads than ever before. On-premises data centers, co-location facilities and managed services providers are now joined by hybrid multi-clouds – a combination of Software-, Infrastructure- and Platform-as-a-Service (SaaS, IaaS, and PaaS) execution venues. All have unique operational, performance and economic characteristics that need to be considered when deploying workloads.
In this Webinar Carl Lehmann, Principal Analyst with 451 Research, and Don Davis, Technology Director for Iron Mountain’s Data Center business will discuss how industry leading enterprises determine the best execution venues for their workloads by addressing:
•The market and technology trends that influence workload, data center and cloud strategy
•How to evaluate the characteristics of various workloads and execution venues
•How to manage workloads across on-premises and off-premises ecosystems
Attendees will learn how to formulate an IT strategy that can be used to guide the decision criteria needed for placing workloads on their best execution venues, and enable the migration and ongoing management of workloads across a hybrid multi-cloud enterprise architecture.
- Broadcast LIVE from Las Vegas during Black Hat 2017 -
As cyber threats are evolving at a rapid pace, and firewalls and antiviruses are considered antiquated solutions, companies are constantly looking for the most advanced ways to protect their critical data.
Artificial intelligence and machine learning are now an integral part of cybersecurity. With cyber attacks becoming more serious, and in some cases endangering human lives, artificial intelligence could be the key to security.
Join this panel of top security experts as they discuss the role of AI and machine learning in cyber attacks, cyber protection and what the future of security looks like.
- The impact of AI/ML on security
- Trends in cyber attacks
- How to best protect against them and secure our critical assets
- Demetrios "Laz" Lazarikos, Three Time CISO, Founder of Blue Lava
- Sven Krasser, Chief Scientist, CrowdStrike
- Alex Pinto, Co-Founder & Chief Data Scientist, Niddel
- Jisheng Wang, Senior Director of Data Science, CTO Office - Aruba, a Hewlett Packard Enterprise company
Technology is improving retail operations and enhancing the customer experience. The “Smart Store” has come to life with the rise of the Internet of Things, inspiring stores to adopt applications such as digital signage and IoT sensors.
Sign up for this webcast with Ken Hosac, Vice President at Cradlepoint, to learn more about how Smart Stores concepts are changing the dynamics of the shopping experience, creating new retail store standards, and how it’s all dependent upon a foolproof network connection.
SQL injection attacks enable attackers to tamper with, delete or steal sensitive data from corporate databases. In this webinar, Zach Jones, senior manager for static code analysis from WhiteHat Security’s Threat Research Center, will discuss SQL injection attacks and how to best defend against them.
In this webinar, we will:
- Provide examples of vulnerable code
- Discuss data boundary concepts between input and target interpreters
- Explain the differences and advantages of using parameterized queries versus custom stored procedures
- Discuss the pitfalls of using selective parameterization or trying to sanitize inputs by escaping or encoding them manually
WhiteHat Security has extensive experience working with customers to identify and fix the latest web application vulnerabilities. Join us to gain a deeper understanding of common web application vulnerabilities, get expert technical advice on defensive tactics, and learn best practices to safeguard your apps from being exploited.
Interconnected networks are critical to the operation of a broad and growing range of devices and services, from computers and phones to industrial systems and critical infrastructure.
The integrity and security of routers, switches, and firewalls is essential to network reliability, as well as to the integrity and privacy of data on these networks. As increasingly sophisticated attacks are launched on network equipment, strong protection mechanisms for network equipment, both on the device and service level, is required.
TCG recently has issued its Guidance for Securing Network Equipment with use-cases and implementation approaches to solve these problems, designed to help system designers and network architects get the best security possible from this powerful technology.
Join TCG experts to learn about using device identity, securing secrets, protecting configuration data, inventorying software, conducting health checks, using licensed feature authorization and more.
Steve Hanna, Senior Principal at Infineon Technologies, currently chairs TCG’s Embedded Systems and IoT groups and driving the effort for a new industrial IoT group within the organization. He has been active in the Industrial Internet Consortium and its security efforts as well. He is the author of several IETF and TCG standards and published papers, an inventor or co-inventor on 41 issued U.S. patents; and holds a Bachelor’s degree in Computer Science from Harvard University.
Michael Eckel is a Security Technologist at Huawei Technologies. Previously, he was a researcher and software developer at Fraunhofer SIT; mobile software developer at boostix and a web and software developer for a number of other companies. He holds a masters degree in computer science. Eckel currently participates in the Trusted Computing Group’s NetEQ subgroup, working to secure vulnerable network equipment.
The effects of a credential-based attack differs by organization and by job function. In this session, we will cover a look at how these attacks affect different types of organizations, along with the analysis and demonstration of how an attack is done.
In this session, hear about:
* Credential theft industry research coverage
* Industry analysis of the problem space
* Application of the credential theft lifecycle in light of recent attacks
More than 90% of targeted attacks start with email fraud. Learn how to gain insight into, and effectively defend against, these attacks.
Join us for a Proofpoint technical webinar, brought to you by engineers, for engineers. This session will focus on effectively defending your domains from impostors and fraudsters attacking your organization, your customers and your partners.
Topics will include:
• The Threat Landscape
• SMTP Standards and Evolution
• Stop Attacks with Visibility & Authentication
• Configuring Email Protection to help block imposter threat
• Creating DMARC reporting in less than 10 minutes
- Broadcast LIVE from Las Vegas during Black Hat 2017 -
Small and medium businesses face countless threats, most of which have a human at their origin. These criminals, driven by financial gain, are essentially business owners – not unlike yourself – who are looking to spend as little money and as few resources as necessary to generate as much revenue as possible. Therefore, most cybercriminals target businesses that have a false sense of security.
Why would a cybercriminal spend a fortune going after a Fortune 1,000 when they can spend a few bucks to crack a small business? Exactly!
During this live webinar, we’ll explore the types of threats that small and medium businesses face and the business risk associated with these threats. It’s easier to get hacked than you think and it’s only a matter of time before it happens. Will your business be prepared? Are you doing everything you can to protect yourself beforehand?
Knowing that perfection is not possible, our panel of experts will look at 4 key steps that small and medium businesses should take to reach a reasonable level of cybersecurity:
- How to conduct an analysis to determine risk and the need to focus on cybersecurity within your business
- How to assess the cost of a breach, a loss of information and the impact that a cybersecurity event can have on your customers and partners
- How to create a plan to protect your systems, information, revenue and customers’ data
- Best practices for guiding your implementation, from segmentation to employee access control policies to information protection controls
Join us for an extremely informative session geared towards small and medium business owners and their IT staff.
Sean Martin, CISSP, Editor-in-Chief, ITSPmagazine
Rusty Sailors, President / CTO at LP3 and Chairman, Protecting Tomorrow
Russell Mosley, Director, Infrastructure & Security, Dynaxys
Tom Caldwell, Senior Director of Engineering at Webroot
- Broadcast LIVE from Las Vegas during Black Hat 2017 -
Innovation is moving so fast. Each day there's a new device or technological service to hit the market designed to make our lives easier, more convenient, and perhaps even healthier. They listen to us, watch us, learn about us. They help us make decisions. They “guess” our next move - our pending desire. They make decisions - even take action on our behalf. As a society we snatch up these new devices as quickly as they hit the shelves and use them with open arms, unknowingly putting our privacy and safety at risk.
How many devices are there? What are they used for? In this session, we’ll focus on the side effects associated with devices used to run our countries, our cities, our homes, our lives - even our physical being.
Ultimately, it’s about the lack of cybersecurity - because there is a lack of cybersecurity, there’s no conversation about it, and therefore there is no understanding (awareness) of what’s at risk for using these devices. It’s not necessarily a bad thing - but the fact we are making uninformed decisions as a society means we could be putting ourselves and our loved ones at risk without even knowing it.
This panel is part 1 of 2 parts - it’s all about the lack of security and the side effects it has on us as individuals and as a society. What are we trading in exchange for using these devices to make our lives “better”? Bottom line... are you (we) surrendering to the technology?
- Ted Harrington, Executive Partner at Independent Security Evaluators
- Gary Hayslip, Vice President & CISO, Webroot
- Mike Ahmadi, Director of Critical Systems Security, Synopsys Software Integrity Group
- Chenxi Wang, Host of The New Factor on ITSPmagazine
SSL/TLS Industry requirements are changing at an unprecedented pace. Over the last couple of years, new requirements have been passed down by the CA and browser community to help further solidify the security practices around obtaining and using SSL/TLS and other types of publicly trusted certificates. Over the next 12 months, more important changes are being introduced to continue that trend. Join Dathan Demone, Product Manager at Entrust Datacard, who will discuss both past and future changes that will have a major impact on all certificate subscribers. In this Webinar, we will discuss topics such as:
• New changes coming to browsers and how they notify end users about the proper use of SSL/TLS on all web pages
• Changes to certificate lifetime policies and verification rules that are being introduced in 2017
• New requirements around Certificate Transparency that are being introduced in October, 2017
• Updates to recommended security best practices and new vulnerabilities in the world of SSL/TLS
• Certificate Authority Authorization and how this can be used to protect your organization against fraud
Throughout 2017 organisations will continue to be confronted by increasingly frequent and complex cyber threats. It’s not a matter of if your organisation will be compromised, but when.
A traditional prevention-centric strategy naively assumes all threats can be blocked at the perimeter, which leaves you blind to the threats that do get in. Many organisations are shifting to a more balanced strategy including detection and response. Enter Threat Lifecycle Management (TLM) - your playbook for rapidly detecting and responding to cyber-attacks.
In this webcast, Seth Goldhammer, senior director of product management at LogRhythm, explains what TLM is, and demonstrates how the end-to-end security workflow helps reduce your mean time to detect and respond to cyber threats.
The Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network. The team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet.
What types of malware do we catch most often in the wild? Which network services do attackers commonly target? What are the most popular attacks in different regions of the world? Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.
- Broadcast LIVE on Wednesday 7/26 @ 9:00 am PDT from Las Vegas during Black Hat 2017 -
Cybersecurity investment has gone through the roof in recent years. Yet, there is a global shortage of qualified professionals to fill a growing number of open cybersecurity roles. According to a recent study by Frost & Sullivan, the global cybersecurity workforce will be short by around 1.8 million people by 2022.
How do organizations cope with the growing demand for security professionals, especially in an age of ever-expanding attack surface and more frequent and sophisticated cyber attacks?
Join this live video panel of experts as they discuss the current trends shaping the cybersecurity industry, the need for diversity and inclusion, and strategies enterprises can employ to stay ahead of the game.
- Joyce Brocaglia, Founder/CEO of Alta Associates & Founder of the Executive Women's Forum
- Angela Messer, Senior Partner, Cyber Business and Talent Lead, Booz Allen Hamilton
- Jason Painter, Co-Founder & President of Queercon, the largest social network of LGBT hackers in the world
- Suzanne Hall, Managing Director, Advisory Services, PwC
Network engineers and system administrators can spend a great deal of time responding to user complaints and troubleshooting slow performance issues that are difficult to diagnose or replicate. Resolving those issues can be especially problematic if those applications are provided by a third-party vendor or hosted by third parties, such as SaaS EMR applications, claims processing applications, and practice management applications. Often, IT teams do not have enough visibility to determine root causes or to counter claims from third-party vendors and managed service providers that host applications. With real-time insight into end-user experience for these hosted applications, including application-level transaction details, IT teams can hold vendors accountable and identify root causes faster.
Learn how ExtraHop helps you identify the root cause of your IT problems, avoiding unnecessary friction among your IT teams and ransomware by providing full, real-time visibility into which devices are accessing network share and what type of behavior they are exhibiting, backed by machine learning for immediate anomaly detection.
Traditional Endpoint Protection (EPP) products have failed to detect advanced malware that easily evade signature-based antivirus solutions. To counteract this problem, Gartner reports that 100% of EPP solutions will incorporate Endpoint Detection and Response (EDR) capabilities, focused heavily on security analytics and incident response.
Even so, customers are realizing that protecting endpoints alone is not enough to prevent security breaches. That’s where a managed detection and response (MDR) service comes into play. MDR provides 360-degree visibility into endpoints and security devices, and offers 24/7 network monitoring.
In this webinar, you will learn:
- What EDR vendors offer beyond EPP solutions
- Why Endpoint Detection and Response alone is not enough
- How Managed Detection and Response (MDR) makes up for EDR shortcomings
Learn how to use the Palo Alto Networks next-generation security platform to disrupt the unique attack lifecycle used in credential-based attacks. In this session, get details about the strategies and key technologies for preventing both the theft and abuse of credentials.
In this session, get details on:
* Why the platform plays a critical role towards disrupting credential-based attacks
* Preventing the theft of credentials, using new PAN-OS 8.0 technologies
* Stopping the use of stolen credentials, through new multi-factor authentication capabilities in PAN-OS 8.0
Containers are exponentially growing as an agile and efficient way to deploy applications on the cloud. This opens new security challenges for cloud environments. In this session, learn about how Imperva SecureSphere can protect applications leveraging Amazon’s EC2 Container Service (ECS) and walk through a brief demonstration on configuring SecureSphere alongside applications using ECS.
- Broadcast LIVE from Las Vegas during Black Hat 2017 -
As a society, we continue to focus on the capabilities that new technological products and services bring to bear, leaving the security - or rather, the safety - conversation for a later date and time… if at all.
Why is this? Perhaps it’s because we don’t care. Or, perhaps it’s because we don’t understand how things work. Or, maybe it’s because we don’t know all the technical mumbo jumbo. Or, it could just be that we expect “someone else” to take care of it for us. For example, every car has a seat belt, right? We don’t have to ask for the car dealer to add seat belts for us and there really aren’t different types of seat belts available in the commercial car arena. Cars just come with seat belts - period. We expect them to be there - even if some people choose to not wear them.
Regardless of the reason(s) behind the lack of conversation surrounding cybersecurity, we should all be able to agree on one simple fact: we use these new gadgets and services completely unfettered - with little to no regard to the risks we face for our privacy and even our safety.
Attend this session to gain the initial knowledge necessary by:
- Learning to ask is this thing secure?
- Understanding how or why it is or isn’t safe to use.
- Identifying your role in your own cyber safety and that of those around you.
It’s time to open our eyes and become aware of our surroundings. Join us to become aware.
- Debra Farber, Host of The Privacy Pact, ITSPmagazine
- Chris Roberts, Chief Security Architect, Acalvio Technologies
- Dr. Christopher Pierson, CISO, Viewpost
- Arun Vishwanath, Associate Professor at SUNY Buffalo & Black Hat Presenter