The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
It’s probably not too often that you’ll get this perspective. Star Wars was really all about information disclosure threats! You’ll want to find out more as noted presenter and author Adam Shostack, references one of George Lucas’ epic sagas to deliver lessons on threat modeling. Not only was the Death Star badly threat modeled, the politics between Darth Vader and Gran Moff Tarkin distracted incidence response after the plans were stolen. This session will provide you with proven foundations for effective threat modeling as you develop and deploy systems. Adam will help you understand what works for threat modeling and how various approaches conflict or align. The force is strong with this session.
Many organizations have struggled with BYOD programs due to MDM/MAM deployment challenges, user privacy concerns, and low adoption. This is causing some to question BYOD altogether. Fortunately, data shows that there is huge demand for BYOD, but such programs must meet employee needs in addition to IT needs.
In this webinar, you'll learn where existing BYOD programs have fallen short, and how the next-generation of mobile security products will ensure secure, broad adoption of BYOD.
Receive (ISC)² CPE credits for attending this webinar.
Every day, your organization is creating more data that is critical to the operational success of your company. Making sure that you have a proper backup solution to recover data is not only important, it’s vital to the long term success of your business.
Even though users are creating more mission critical data than we have ever seen in the past, that doesn’t mean your backup solution has to be expensive. In this webinar we cover a wide range of options about how you can effectively backup your content without breaking the bank.
The solutions we will cover will take into account being highly fault-tolerant, mindful of high performance, and assurance that your data will be available when you need it.
Next-generation firewalls and sandboxes stop attacks at various steps, but they only react to malicious communications and code after attacks have launched.
There’s another way—observing where attacks are ‘staged’.
We’re going to demonstrate how we can visualize Internet infrastructures for visibility into where attacks will emerge. Then, we’ll know where advanced malware will be downloaded and where compromised systems will callback—before attacks launch.
In this live session, you’ll learn:
7 steps of an attack and how you can use this data to get ahead of new security events.
3 ways to uncover malicious activity by looking at domain names, IP addresses, and autonomous system numbers (ASNs).
How to apply this intelligence to your current defenses.
In this 30-minute webcast, industry experts Mike Rothman, President of Securosis Research and Wolfgang Kandek, CTO of Qualys will share their top recommendations for making the most of National Cyber Security Awareness Month. With data breaches in the headlines of nearly every online magazine, it’s never been a better time to maximize cyber security awareness and translate it into pragmatic results for the enterprise.
During this webcast, attendees will learn
* Which tactics have the greatest effect on fostering cyber security awareness throughout the enterprise
* How to foster a risk-aware security culture while still encouraging trust among your employees and partners
* How to bridge the gap between IT security and IT operations (hint: knowing more about your assets is the first step)
"Managing the process of writing secure code in a timely manner" is the first class in our series “Secure Code — Now and in the Future."
Writing secure code is a constant challenge. You must have the right policies, processes, and tools in place. Day 1 of this three-day class will start from the beginning, ensuring that your first step is in the right direction, then outline how security touches each point in the product life cycle, some of the pitfalls you will likely encounter and how to steer clear, and survey existing standards and guidelines with examples of good, bad, and ugly code.
Wishful thinking or a cursory security assessment may have worked in the past but dealing with persistent and advanced threats requires an equally sophisticated and mature approach.
While APT’s are on the rise and the use of zero-day vulnerabilities can be one of the weapons for such attacks, reality is that the large majority of incidents – advanced or not – occur using known vulnerabilities. Resolving these is, therefore, paramount to reducing the attack surface for cyber criminals.
Join Amar as he shares his tips on adopting a mature and continuing vulnerability management process that can help organizations reduce risk and be better prepared to respond to APT’s.
According to Verizon’s “2015 Data Breach Investigation Report,” the cyberattacks are becoming increasingly sophisticated. Cybercriminals have been successful in creating new techniques and deceptive tactics that outpace security efforts. Under these conditions, what would be your approach to dealing with security threats?
Join us for a live webinar session and discover how auditing can help mitigate the risk of data breaches and solidify your security strategy overall. During the session, we will talk about:
- The latest data breaches and their ramifications;
- How auditing complements threat-defense mechanisms;
- What should be audited and why.
Today’s cyber attacks have become increasingly more sophisticated, requiring organisations to embrace an agile and ever more adaptive approach to their cyber security strategy. Join our webinar as we discuss the changing landscape of advanced threats in EMEA, look into the anatomy of APTs and explain why conventional security methods are no longer equipped to deal with these advanced attacks. In addition, we’ll share insights into real-life case studies of advanced threat actors using zero-day attacks and how an adaptive defense model allows FireEye to quickly respond, detect and remediate such attacks.
Businesses are spending so much money on security -- almost $47 billion in 2013 -- and yet the number of breaches continues to increase. To mitigate the risks of increasingly sophisticated, innovative and persistent threats, we need to change the way we think about our security programs. In this webcast, Art Gilliland, General Manager of HP Enterprise Security Products, talks about the challenges all enterprises face from the bad guys -- and the critical steps businesses must take to defend against today's most advanced threats.
It is increasingly evident that organizations can realize the full potential value of their data assets by combining the structured transactional data with semi-structured and unstructured data. Businesses also notice that to be agile and react to situations in real time, access to transactional data with low latency is essential. Low-latency transactional data brings additional value especially for dynamically changing operations that day-old data, structured or unstructured, cannot deliver. Streaming transactional data into big data solutions in real time, without degrading the performance of the source production systems will lay the foundation for more efficient operations and improved customer experience.
In this webinar you will learn how Oracle GoldenGate 12c empowers organizations to capture, route, and deliver transactional data from Oracle and non-Oracle databases. Oracle GoldenGate for Big Data provides optimized and high performance delivery to Hadoop targets such as Flume, HDFS, Hive, Hbase, NoSQL, Kafka, Spark and others to support customers with their real-time big data analytics initiatives.
Jason will introduce some of the major challenges associated with monitoring and logging cyber security events, highlighting the need to identify indicators of compromise at a much earlier stage and in a more consistent, insightful manner.
He will present a cyber-security monitoring framework, emphasising the benefits of taking a balanced, intelligence-led approach, based on fundamental log management and situational awareness. He will then look at what a cyber-security incident actually is and outline how to prepare for and respond to a cyber-security incident effectively – ensuring that it is properly followed up - helping to reduce the frequency and impact of future cyber security incidents.
Finally, Jason will introduce a cyber-security incident response maturity model, showing how you can measure the maturity of a cyber-security incident response capability.
Advanced Threat Protection is built on the principle of Prevention, Detection and Mitigation. However, if the different technologies within each of these areas operate independently, there will be gaps between the different elements, gaps that can and will be exploited during an attack.
This session will focus the concept of bringing together all of the elements of Advanced Threat Protection to form a holistic, collaborative solution that encompasses all of the network.
Come capire cosa è accaduto e ripristinare rapidamente l'operatività
Nei primi due Webcast abbiamo parlato del perché una violazione sia un problema inevitabile e come rilevare rapidamente una minaccia avanzata. Nell'ultimo appuntamento, illustreremo come la tecnologia Advanced Threat Protection può rimediare al problema rimuovendo con efficacia il malware dai tuoi sistemi. Ma il tuo obiettivo non è solo ripristinare l'operatività, è soprattutto evitare che il problema si ripeta in futuro. Quindi ti proporremo un approccio utile anche per approfondire questo aspetto.
Hai perso i primi due Webcast della serie? Puoi guardarli on-demand adesso.
Many security vendors claim to have access to the security intelligence and analytical capabilities needed to identify the trace elements of malware activity before cyber-attacks take place.
They claim the ability to identify threats and data breaches at the earliest possible stage. Even accepting that the average time to detect a breach has halved over the last eighteen months, a discovery and remediation timeline that is still close to 200 days is by any standards far too long.
This presentation looks at what can be done to improve things and what businesses should be demanding from there security service providers.
We live in a world where technological change is rapid. There is a race against time to be faster and better than the competition. Businesses will need to change as a result of technology disruption or risk becoming irrelevant to their customers. It is during these times of tumultuous change and uncertainty when the unexpected - new attack opportunities and tools - are presented to cybercriminals to steal, harm or destroy the digital assets of organisations in an unprecedented way and scale.
In this presentation, Rik will identify the top disruptive technologies to government and business today and examine the impact of such innovations on the cybersecurity of corporate networks. He will also provide recommendations to assist organisations to prepare for the unexpected threats and challenges that will arise from technology disruption in the future.
Hear it from the experts: a realistic depiction of the DDoS attack landscape today. In this session Arbor’s Darren Anstee, Chief Security Technologist, will review current ATLAS statistics showing the frequency of attacks, the volume of attack traffic clogging the pipes of the world's largest enterprises and service providers networks and theorize as to why the upward trend in DDoS attacks is happening – and more importantly what you can do to protect your organizations from these attacks.
There’s little doubt that DDoS attacks continue to rise in size, frequency and complexity. It’s also true that DDoS attacks impact organizations of all types – from service providers to cloud/hosting providers to enterprises in all verticals and regions of the world. In this session, Arbor’s Carlos Morales, VP of Sales Engineering, along with a panel of Arbor Service Provider and Enterprise customers, will discuss their experiences with DDoS attacks and best practices for DDoS attack defense.
The panel will discuss:
-Their DDoS attacks trends and top challenges.
-Their recommended best practices in DDoS defense.
-The importance of threat intelligence.
-The future of DDoS and role of Arbor products and services.
Head of Network Security DDoS
Network Engineer II
Director of Security
J. Marc Hopkins
Network Services Manager
SouthWest Ohio Computer Association
As breaches of the network perimeter become more common, organizations that safeguard data where it lives - in the database - will prevail. Data stores are an enticing target for cybercriminals. This is only amplified by the common misconception many organizations have that their database assets - whether they are on premise, in a datacenter or in the cloud - are secure.
So, where do you start? What can you do right now to secure your databases with authority and finesse?
Join this webinar and learn:
• The top five threats to database security
• How a real-life database attack unfolds with Trustwave SpiderLabs Senior Security Researcher, Martin Rakhmanov
• The five quickest, highest-impact actions you can take right now to harden your databases
BONUS: Attendees may be eligible for a 6-month database security assessment tool license at no cost.