The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
When attackers compromise the perimeter or are operating from within, you need to know. You can only stop attackers from gaining a foothold in your network to expand their presence if you can see them. The indicators of a breach are often first observed within the network itself, therefore network monitoring and forensics plays an essential role in helping to detect, respond, and naturalize attacks.
In this webcast, Rob McGovern senior technical product manager at LogRhythm, will discuss how to quickly identify emerging threats in your IT environment using network monitoring and forensic tools.
•What Network Monitor is and the important role it plays in your security operations strategy
•Real-life use cases that highlight the power of Network Monitor
•How Network Monitor works with SIEM to reduce the mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to cyber attacks
Register now to learn how monitoring your network can help you detect and investigate potential malicious behavior within your IT environment.
Doing business in the European Union is changing. By May 2018, companies must comply with the new General Data Protection Regulation’s (GDPR) data breach notification requirements and the Network and Information Security (NIS) Directive’s security incident notification requirements.
Notification requirements make it imperative to prevent incidents before they happen. To help you prepare for these new requirements, Palo Alto Networks is hosting a webinar with cybersecurity and data privacy lawyers from Orrick Herrington & Sutcliffe to discuss:
· What are the requirements and the deadlines under each law?
· What are the thresholds for notification, and who needs to be notified?
· How should companies prepare for their oncoming obligations? What strategies should be in place? What have other international companies done to prepare and communicate?
· What might be the legal consequences of non-compliance?
Les SOC D’aujourd’hui se détournent de leur métier de base en devenant des centres de gestion d’alertes. Nous vous présenterons comment l’apport de la cyberveille peut permettre aux équipes de passer d’un mode réactif qui gère des alertes à un modèle proactif axé sur la chasse aux indicateurs et aux groupes d’assaillants présents sur vos environnements IT.
Representatives from a range of established KMIP Key Management server vendors answer questions from the moderators and from the audience on various aspects of encryption, standardized key management via KMIP and some of the deployment issues and opportunities brought about through enterprise key management.
With the widespread use of connected devices, hackers have configured new ways to access your smartphones and laptops, even without you knowing. The Pineapple is a router that stages a fake WIFI access point, compromising the security of any smart device that unknowingly connects to it. During the live webinar, Johan Hybinette, CISO at HOSTING, will be going over the following discussion points:
- The technical makeup of the pineapple router
- How the Pineapple hacks into connected devices
- What personal information is at the most risk
- What you can do to protect yourself from this malicious form of identity theft
As Cybersecurity shifts from the “best practice” environment to being mandated by regulations and prioritized by the high costs for data breaches, IT groups and data center operators are facing multiple challenges. One of these challenges is how to address the security of a mix of legacy storage devices, unencrypted devices, encrypted devices, new technology storage and eDrives in a single environment. Yet another challenge is how to construct a robust, trusted identity-based authentication (or role-based authentication or as a matter of coming the two) to fend off malware and Trojan infection. A system solution that can simplify the security management of mixed drives with high valued data content will be presented. The solution has at least one smart hardware interface controller that performs all security features internally while offers in-line cryptographic performance without degrading data rate.
As cyberattacks become more frequent, more sophisticated, and more costly, businesses are increasingly turning to cyber insurance to transfer some of the risk. In turn, insurance underwriters are challenged by the complexity of assessing cyber risk, and need a simple yet objective methodology to assist in decision making.
In response to this, Chubb has developed a new model for cyber underwriting, Cyber COPETM. Intended to simplify and improve the assessment of both cyber and privacy risks, this methodology is based on COPE, a time-tested underwriting model that has been used by property underwriters to analyze risk for nearly 300 years.
Mandiant Consulting has teamed with Chubb to create a Cyber Risk Insurance Assessment Process that aligns with the new Cyber COPETM methodology to allow a more effective evaluation of an insured’s cyber and privacy risk.
In this webinar, experts from Mandiant Consulting and Chubb will discuss the Cyber COPETM methodology, Mandiant's new CIRA service, and how organizations can use both to better understand their cyber and privacy risks.
Security and Storage covers a diverse range of technologies and approaches that can make it challenging to distill a workable strategy from the mix of architectures, tools, techniques, recommendations, standards and competing vendor solutions. Guidance on how to contrast the various security approaches in storage and evaluate the right mix for your specific problem domain forms the majority of the material covered in this session.
Over the past few years, malware authors have developed increasingly sophisticated and creative ways to infect endpoints. Encrypting ransomware is no longer merely an annoyance. It's a highly persistent and organized criminal activity in full deployment, with Ransomware-as-a-Service at its core. The damage from becoming a ransomware victim is considerable, and can even put organizations out of business.
At Webroot, we believe it's possible to effectively protect enterprises and users, but only by understanding your adversary and the techniques they use for their attacks. In this webinar, Webroot's own Senior Threat Research Analyst, Tyler Moffitt, will offer expert insights into the past, current, and emerging encrypting ransomware variants--and how businesses can stay ahead.
Representatives from a range of established KMIP conformant storage vendors answer questions from the moderators and from the audience on various aspects of encryption, standardized key management via KMIP and some of the deployment issues and opportunities brought about through enterprise key management.
It only takes one unsecured laptop for a security breach to occur. OneLogin Desktop can fix that. Cloud-first companies can use it to secure laptops by connecting them to our cloud directory. Companies with Active Directory can use it to secure laptops that aren’t domain-joined -- Macs, or PCs used by non-employees.
Join our live webinar to find out how OneLogin Desktop can help you:
Extend strong authentication policies to all your laptops, including operating system password complexity, rotation, and uniqueness
Implement frictionless multi-factor authentication that secures all SaaS application access without impacting employee productivity
Reduce service desk loads by presenting end users with a simplified sign-in experience that reduces password-reset requests.
With 20 billion connected devices expected to be in use by 2020, the Internet of Things (IoT) has emerged as a source of both incredible versatility and incredible susceptibility to mass legal liability. Left crushed behind the rush to “market and monetize” steamroller are coding standards, security (including IoT storage security) standards, and other “future-proofing” or “future-immunizing” measures typically adopted by manufacturers to prevent or minimize the potential for product liability on a mass basis. This keynote will discuss why manufacturers, developers and vendors must gain clear understanding of how IoT devices (and services) impact large segments of the population, and further understand how to mitigate or minimize the inherent susceptibility to defects and exploits to massive legal and financial liability.
Organizations are increasingly turning to container environments to meet the demand for faster, more agile software development. But a 2015 study conducted by Forrester Consulting on behalf of Red Hat revealed that 53% of IT operations and development decision makers at global enterprises reported container security concerns as a barrier to adoption.
The challenges of managing security risk increase in scope and complexity when hundreds or even thousands of different open source software components and licenses are part of your application code base. Since 2014, more than 6,000 new open source security vulnerabilities have been reported, making it essential to have good visibility into and control over the open source in use in order to understand if any known vulnerabilities are present.
In this webinar, experts from Red Hat and Black Duck will share the latest insights and recommendations for securing the open source in your containers, including protecting them from vulnerabilities like Heartbleed, Shellshock and Venom. You’ll learn:
• Why container environments present new application security challenges, including those posed by ever-increasing open source use.
• How to scan applications running in containers to identify open source in use and map known open source security vulnerabilities.
• Best practices and methodologies for deploying secure containers with trust and confidence.
In 2015, large-scale data breaches have hit all industries, leading to millions of compromised records. According to the Identity Theft Resource Center, there were 780 data breaches in which 177,866,236 records were compromised. While no industry is immune to data breaches, some are more prepared than others.
In this webinar, Jay Jacobs, Senior Data Scientist at BitSight explains how security posture differs in six key industries. This webinar will highlight new findings on:
- The most common ransomware infections
- The rate of ransomware infections found across major industries
- The aggregate BitSight Security Rating for each industry
Traditional approaches of detecting and remediating threats are becoming increasingly inadequate to effectively manage risk in today’s increasingly regulated, cyber threat landscape.
Join a live webinar and Q&A to learn how PwC and Palo Alto Networks have formed a strategic partnership to help more customers achieve cyber resilience.
The webinar will introduce
•The emerging regulatory landscape that is driving the need for organizations to redesign their incident response and data compliance programs
•A state-of-the-art security framework that serves as a guide for organizations to assess, develop, and implement a breach prevention security posture.
•Recommended security architectures, organizational structures, and computing processes that enable breach prevention.
•Live Q&A with cybersecurity experts from PwC and Palo Alto Networks, for practical insights and real world experiences.
The cynical would suggest that cyber insurance is growing as some look for a cheaper route to manage risk. However many see the cyber insurance industry as potentially the new enforcer of good security practices.
Palo Alto Networks customer Leaseweb is an organization that recently purchased cyber insurance. We invite you to join us on Thursday September 22 for an interview with Fred Streefland, IT Security Manager at Leaseweb Global. Palo Alto Network’s Dharminder Debisarun interviews him to learn more their decision to purchase cyberinsurance. You will hear what is generally covered and how it can be part of a prevention strategy. There will also be a chance to answer questions at the end of the session.
In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.
Gérer le nombre croissant des vulnérabilités est devenu un véritable challenge pour les entreprises.
Cependant, 97 % des attaques exploitent uniquement 10% des vulnérabilités connues.
De toute évidence, il est devenu impératif d'arrêter de jouer aux devinettes et d’identifier les vulnérabilités les plus menaçantes de façon effective afin d’y remédier rapidement.
ThreatPROTECT, dernière solution Qualys, corrèle en temps réel les données de vulnérabilités avec de multiples flux de menaces connues.
Les résultats sont fournis sous forme de tableaux de bord faciles à appréhender et offrent ainsi une vision claire des vulnérabilités à traiter en priorité.
L’objectif de ce webcast est de vous présenter en 3 points les usages et avantages de ThreatPROTECT.
* Identifiez vos assets les plus importants
* Détectez rapidement les vulnérabilités critiques via la corrélation en temps réel avec les menaces actives.
* Priorisez les remédiations et intervenez sur les vulnérabilités à traiter sans tarder
Traditional antivirus (AV) is not the solution to breach prevention on the endpoint – it is the problem. At best, traditional AV gives organizations a false sense of security.
To prevent security breaches, you must protect yourself not only from known and unknown cyberthreats but also from the failures of traditional antivirus solutions deployed in your environment.
In this webinar, you will learn:
· How to determine the true value of your endpoint security solutions
· What hidden costs traditional AV imposes on your organization
· Which five capabilities are critical to effective endpoint protection
· How the new Traps v3.4 prevents security breaches in your organization
Ransomware continues to evolve. Last year, the use of encryption as a weapon to hold companies’ and individuals’ critical data hostage grew by 35 percent.
Take this opportunity to learn directly about what can happen in a ransomware attack based on real-life events. Symantec’s Cyber Security Services experts will lead the discussion and will help you to understand how you can improve your line of defense against ransomware and minimise the loss of key data, money and intellectual property from your organisation.
Ransomware and business email compromise (BEC) scams have dominated the security threat landscape for the first half of 2016, truly making it the Year of Online Extortion. This webinar is designed to discuss these and other prominent threat trends we are currently seeing, as well as to give organizations possible security strategies and solutions that they can use to better defend their assets and data.
Wie können Sie angesichts des neuen Grads an Ausgereiftheit und Bedrohung, den Ransomware im vergangenen Jahr erreicht hat, sicher sein, dass Ihre Infrastruktur davor geschützt und Ihr Unternehmen ausreichend vorbereitet ist, um einen Angriff zu bewältigen?
Sicherheitsverantwortliche haben heute mit diesen Problemen zu kämpfen:
•Nicht genügend umsetzbare Threat Intelligence, um verstehen zu können, welche Akteure und Kampagnen eine Bedrohung für ihre Unternehmen darstellen.
•Zu wenig geschulte Sicherheitsanalysten, die die zunehmende Zahl von Bedrohungen identifizieren können, die in ihre Unternehmen eindringen. Beispielsweise konnte der Einsatz von Crypto-Ransomware als Angriffstool im Jahr 2015 eine weitere Zunahme verzeichnen, und zwar um 35 %. Dennoch brauchen Unternehmen, in denen ein Angriff stattfindet, in der Regel mehr als 200 Tage, um sich dessen bewusst zu werden.
•Zu wenig spezialisiertes Know-how hinsichtlich der Methoden, die erforderlich sind, um auf Bedrohungen zu reagieren und diese unschädlich zu machen, nachdem sie in ihrer IT-Umgebung Fuß gefasst haben.
Die Taktiken von Ransomware-Gangs werden immer ausgefeilter und Unternehmen müssen sich der Gefahr, die sie darstellen, vollständig bewusst sein. Nehmen Sie an einem Webinar von Symantec teil, in dem ein konkreter Ransomware-Angriff behandelt wird. Sie erfahren, was geschehen ist und welche Maßnahmen das betroffene Unternehmen ergriffen hat, um die Bedrohung zu beseitigen.
l est temps de protéger vos utilisateurs contre les menaces qui contournent facilement les antivirus.
Assistez à notre webinar en direct sur la sécurité des terminaux
•Les coûts cachés d'un antivirus classique pour votre entreprise
•Comment déterminer la véritable valeur d'une solution de sécurité des terminaux
•Les cinq fonctions indispensables à la protection de vos utilisateurs, systèmes et terminaux
•Comment Traps v3.4 prévient les failles de sécurité dans votre entreprise sans antivirus classique
Join us as we discuss how Trend Micro and VMware have partnered to deliver an optimized hybrid cloud security solution architected for VMware virtualized data centers, virtual desktops, and multi-cloud deployments that include AWS and Microsoft Azure.
In this webinar you will learn how to….
-Optimize data center resources with virtualization-aware security
-Deliver automated security across environments
-Manage and deploy security efficiently
-Achieve cost effective compliance
The security paradigm for nearly two decades has been to increasingly invest in technology. These solutions have not only failed to solve the problem but have made the challenge more complex. Even if true threats are detected, they are lost in a sea of alerts and lack the context to prioritize and build response. This security posture is only exacerbated by the skills deficit currently facing the industry.
In this webinar, we look at the emergence of a new security-as-a-service paradigm and the capabilities required to help organizations reduce risk and time to protection. The discussion will cover how the cost, specialization and complexity of cyber defense have positioned security to follow other markets in adopting an “as-a-service” paradigm.
We will also address the capabilities that define an ideal security-as-a-service partner such as:
•the availability of security expertise
•a broad intelligence capability and
•flexible deployment options
Not only does this approach improve a security posture and reduce risk but it does so with a lower total cost of ownership (TCO). Register today to learn more about this emerging security-as-a-service model.
Join us for this engaging webcast that will feature several healthcare security leaders and practitioners discussing the changing landscape of healthcare cyber security threats and HIPAA regulatory enforcement.
Specifically, the distinguished panel will focus on:
• Recent trends in healthcare cyber threats and breaches
• HHS guidance on “ransomware and medical equipment patching”
• Recent HIPAA enforcement activities by the HHS that are potentially game changing.
The panel will also discuss key mitigating steps that every healthcare organizations need to take to lessen potential breaches and escalating HIPPA enforcement sanctions.
Is your BI platform enterprise-ready? Give your IT team a supercharge!
IT oversees, facilitates, and orchestrates all BI solutions to make sure they integrate with existing systems and maximize resources. When you choose a comprehensive, enterprise-ready BI platform, IT is empowered to leverage data more effectively for your business.
Join this webcast to learn how, with the right BI solution, IT can:
•Control and monitor access to data and assets
•Help ensure security and compliance
•Partner with the business to help drive strategic projects
This webcast is part of our Building a Data Culture Leveraging Power BI webcast series. Sign up for this session, or the entire series today!
Learn how all employees can work and collaborate securely! The new world of work demands that people collaborate faster and more seamlessly than ever before.
Your employees have access to cloud-based apps, personal devices, and pervasive internet connectivity. All these things are great for getting work done, but your company is still held to high standards around security, and auditing, and you can't afford to make a wrong move.
Join this webcast to explore some common security scenarios such as:
•How do you provide access when you can't always control the endpoint?
•How do you know where all your company's files are right now?
•If you terminate an employee, how would you know what files they had in their possession.?
•Could you wipe a terminated employee's corporate data while leaving their personal content alone?
This webcast is part of our Digital security in the modern world webcast series. Sign up for this session, or the entire series today!
Next Generation Firewalls are Next Generation Firewalls…or maybe NOT.
In the light of new advanced attacks and the demands to lower security infrastructure costs, just how can one get the most out of the Next Generation Firewall (NGFW) solutions? Are all NGFW solutions the same?
What criteria should one consider for a NGFW solution that is best for your distributed enterprise environment? Join Forcepoint™’s Michael Ferguson and find out key value points when selecting a network security solution catered to your environment:
• Latest trends in NGFW
• Addressing total cost of ownership
• Security effectiveness in increasingly complex threat landscape
• Challenges in policy management
Also, find out why Forcepoint Stonesoft NGFW has won NSS Labs' coveted highest rating of “Recommended” for the 4th year in a row. Learn how it can provide the scalability, protection and visibility needed to effectively manage your distributed networks. Plus, rapidly and easily deploy, monitor and manage thousands of firewalls from a single pane of glass.
With the news Yahoo! was breached in 2014 and 500 million user accounts were potentially compromised, this breach became the biggest in history to date. However, the damage extends far beyond Yahoo! properties where the digital identities of users could be compromised on other sites, business documents leaked and other harm could come for users who don’t take immediate steps.
This talk will cover not only the breach, but the aftermath in what users and enterprises should do to protect themselves over breaches affecting other companies.
Lo scorso anno il ransomware ha raggiunto un nuovo livello di evoluzione e pericolosità: come essere certi che l'infrastruttura IT sia protetta e in grado di affrontare un attacco?
Oggi i leader della sicurezza hanno importanti sfide da risolvere:
•Un’intelligence sulle minacce insufficiente a individuare gli aggressori e le campagne che potrebbero attaccare la loro azienda.
•La penuria di analisti di sicurezza competenti in grado di identificare il numero crescente di minacce che penetrano all’interno delle aziende. Nel 2015, ad esempio, l’uso del crypto-ransomware come strumento di aggressione è aumentato del 35%, ma le aziende aggredite impiegano ancora più di 200 giorni per accorgersi del problema.
•Scarsa conoscenza specializzata delle tecniche di incident response e remediation per gli ambienti IT colpiti.
Gli autori dei ransomware continuano ad affinare le proprie tattiche, e le aziende devono imparare a conoscere bene le nuove minacce. Partecipa al webinar Symantec che descrive un attacco di ransomware, le sue conseguenze e la strategia di remediation adottata dall’azienda colpita.
El año pasado, el ransomware alcanzó un nivel de peligrosidad y profesionalidad nunca visto hasta ahora: ¿cómo puede estar seguro de que su infraestructura informática está protegida y de que está preparado para gestionar un ataque?
En la actualidad, los líderes de los equipos de seguridad se enfrentan a los siguientes desafíos:
•Una falta de inteligencia procesable sobre amenazas para mejorar su comprensión sobre los ciberdelincuentes y campañas que podrían tener como objetivo a su empresa.
•Muy pocos analistas de seguridad cualificados que puedan identificar el creciente número de amenazas que se infiltran en su organización. Por ejemplo, el uso del ransomware de cifrado como herramienta de ataque por parte de los ciberdelincuentes continuó aumentando en 2015, con un crecimiento del 35 %. Sin embargo, las empresas que sufren un ataque siguen tardando más de 200 días en conocerlo.
•Pocos conocimientos especializados en las técnicas necesarias para responder a las amenazas y repararlas una vez han invadido su entorno informático.
Los grupos de cibercriminales especializados en ransomware continúan evolucionando sus tácticas, por lo que las organizaciones deben ser plenamente conscientes de las amenazas que estos representan. Únase a Symantec en un webinar que se centrará en un ataque de ransomware para conocer más detalles sobre el incidente y sobre las medidas que tomó la empresa para reparar la amenaza.
Avec le degré de maturité et le niveau de menace atteint par les ransomwares au cours de l’an dernier, comment pouvez-vous être sûrs que votre infrastructure IT est réellement protégée et que vous êtes prêt à parer à une attaque ?
Aujourd’hui, les responsables sécurité sont confrontés à :
•un manque de renseignements exploitables sur les menaces, qui leur permettraient de mieux cerner les acteurs et les campagnes susceptibles de viser leurs entreprises
•une carence en analystes de sécurité qualifiés, capables d’identifier le nombre croissant de menaces pénétrant leurs organisations. Par exemple, les cryptoransomwares sont en augmentation constante (+35 % en 2015 ) et il faut encore en moyenne plus de 200 jours à une entreprise pour découvrir qu’elle victime d’une attaque.
•peu d’expertise spécialisée dans les techniques requises pour réagir à des menaces et les neutraliser une fois que celles-ci ont pénétré leur environnement IT
Les gangs de rançonneurs ne cessant d’affiner leurs tactiques, les entreprises ont besoin d’être parfaitement au courant des menaces et des risques qu’elles encourent. Symantec vous donne rendez-vous pour un webcast consacré aux attaques par ransomware. Vous y découvrirez ce qui est arrivé à une société et les mesures qu’elle a prises pour remédier à la menace.
The cyber threat landscape has never been more dynamic, than what we are seeing today. With an expanding surface area for attacks and a cybercriminal ecosystem worth billion of dollars on a global scale, cybercriminals are constantly pursuing new methods to obtain financial funds.
It is no different in the Nordics – a region that is well known for its natural resources, innovations in renewable energy and healthcare, proximity to the Arctic, and emphasis on transparency in government is also a prime target for cybercriminals. These unique attributes make the region a prime target for cyber threat groups looking to capitalize on Nordic countries’ robust economies and distinct geopolitical concerns.
Join Jens Monrad, Senior Intelligence Account Analyst at FireEye, who will discuss:
* The Threat Landscape in the Nordics
* Trends and Insights in Malware detections across the Nordics
* Geopolitical situations which can influence the threat landscape in the Nordics
* How having accurate and enriched threat intelligence can enable organisations to make tactical, operation and strategic decisions.
Register today and learn what tools, processes and information organisations need in order to allow them to fully reconstruct the attack scenario and help make the right decisions based on the attack, as well as prepare for the next one.
As application security moves into the realm of monitoring and protecting applications in production, it’s becoming even more critical to adopt solutions that are automated, continuous and natural. New technology innovations from HPE Security Fortify enable practitioners to continuously discover, profile and assess application portfolios of all sizes.
One in five businesses don’t test for security vulnerabilities. A recent study by Osterman Research found that many businesses fail to conduct frequent security testing despite believing that it’s critically important to securing their systems and data.
In this presentation Michael Osterman, President of Osterman Research, Inc., will discuss key findings from the “Security Testing Practices and Priorities: An Osterman Research Survey Report”, including:
•Common types of security issues experienced in the past 12 months.
•The extent to which organizations take a proactive approach to security testing.
•Types of security testing conducted during the past 6 months.
•How often organizations conduct detailed review of security tests.
•Challenges faced by organizations in the context of security testing.
Cyber attackers are going phishing in your network pond.
Learn how you can keep your people from taking the bait.
Nowadays there are as many ways to communicate as there are things to say. Even so, email continues to be the primary method to connect with others, and the preferred vector for cyber-attacks. The latest threat targeting higher learning institutions comes from Business Email Compromise, an emerging but sophisticated cyber-attack consisting of low-volume campaigns of highly targeted phishing emails.
In part 3 of our three-part Webinar series, we’ll take a deep dive into Business Email Compromise and explore the various approaches attackers are using to execute campaigns targeting higher education institutions. You’ll learn the indispensable tactics you need to protect your higher learning environment from Business Email Compromise phishing attacks. Register Now.
IT organizations have hit a breaking point in siloed management tools to address one of the most critical issues today - cybersecurity hygiene. In particular, numerous point solutions targeting the endpoints drive cost, complexity, and other challenges. New investments in cloud, distributed workforces and increasing numbers of connected devices only exasperate this problem. Addressing cybersecurity hygiene means that critical actions must be made on demand versus scheduled. Teams must also have confidence that assessment results and remediation actions are complete.
Come learn about the key issues why cybersecurity hygiene fails in most organization. We’ll discuss in depth how the platform approach and speed of Tanium are poised to fix this critical problem. Eric Hanselman, 451 Chief Analyst, and Erik Kristiansen, Senior Director of Product Marketing at Tanium will discuss.
State Garden, a top producer of salad greens in the northeastern U.S., had two serious cybersecurity issues that needed to be addressed:
1.) Internet of Things (IoT) endpoints on the company’s network were undetectable.
2.) Vulnerability Assessment (VA) scans were missing mobile Bring Your Own Device (BYOD) systems that come and go from the network.
Both issues were creating an attack surface that was increasingly harder to monitor and protect.
Billy Lewis, State Garden Director of IT, will share the challenges he faced to:
•Maximize efficiency of limited IT security resources and personnel
•Protect company assets from unauthorized or non-compliant devices connecting to the network
•Automate endpoint compliance and remediation
•Orchestrate multisystem security
In addition, Lewis will explain the role the ForeScout-Rapid7 solution played in reducing the attack surface and accelerating remediation on State Garden’s network.