Hi [[ session.user.profile.firstName ]]

IT Security

  • Threat Hunting - An In-depth Explanation
    Threat Hunting - An In-depth Explanation Juanita Koilpillai, Mark Rasch, Andrew Johnston and David Morris Live 60 mins
    Threat Hunting is a complicated and often misunderstood cybersecurity activity that if properly used can add tremendous value to your cybersecurity posture.

    In this session you will learn:
    What is Threat Hunting?
    When do I use it?
    What will it tell me?
    How do I use it?
    What are the legal implications?

    Learn from the following leading experts:
    Juanita Koilpillai: Chief Technology Advisor, Digital Risk Management Institute
    Mark Rasch: Chief Legal Council,Digital Risk Management Institute
    Andrew Johnston: Associate Consultant,Mandiant
  • Scaling for the future: Evolving your intelligence-driven digital investigations
    Scaling for the future: Evolving your intelligence-driven digital investigations Stuart Clarke, Global Head of Security & Intelligence Recorded: Jul 23 2018 49 mins
    Investigative teams are under increasing pressure to respond to challenges caused by greater volumes of data and a more diverse range of digital devices.

    Key facts are often spread across multiple evidence sources, making it difficult to understand the bigger picture and often requiring an investigator to manually correlate their findings and identify connections. This places an increasing burden on overstretched teams, who need to respond faster and with more accuracy.

    Join Stuart Clarke, Global Head Security & Intelligence at Nuix who will introduce collaborative and intelligence driven investigations that can augment human investigative skills and expose the hidden relationships across people, objects, locations and events.

    Key takeaways:

    • Learn how a single pane of glass can help expose hidden relationships in the data
    • Understand the importance of efficient workflows that can make best use of technology
    • Find out how the latest technology can augment your investigative teams to enable you to make timely and informed decisions

    The presenter: Stuart Clarke, Global Head of Security & Intelligence Solutions

    Stuart is an internationally respected information security expert who is responsible for the overall security and intelligence strategy and delivery at Nuix. During his time at the company, Stuart has advised the United Nations’ peak cybersecurity body ITU and provided cybersecurity training for over 60 computer emergency response teams. He led the development of Nuix Investigation & Response, an innovative investigative tool used to delve into the causes and scope of data breaches.
  • 3 Lessons to Learn from Drupalgeddon 2
    3 Lessons to Learn from Drupalgeddon 2 Guy Rosefelt, Director of PM at NSFOCUS and Michelangelo Sidagni CoFounder and CTO at NopSec Recorded: Jul 20 2018 33 mins
    • An in-depth analysis of the Drupal vulnerabilities: CVE-2018-7600 & CVE-2018-7602
    • NSFocus & NopSec's research findings about the Drupal Vulnerabilities
    • Common themes with php vulnerabilities & how to protect your organization from them
  • Sophos Intercept X with Deep Learning
    Sophos Intercept X with Deep Learning Sophos Recorded: Jul 20 2018 4 mins
    A brief preview of how Sophos Intercept X utilizes deep learning technology to deliver unmatched next-gen endpoint protection.
  • Ovum + Ixia: What You Can Do To Strengthen Security Over Your Clouds
    Ovum + Ixia: What You Can Do To Strengthen Security Over Your Clouds Maxine Holt, Research Director, Security, Ovum Research. Scott Register, VP, Product Management, Ixia, A Keysight Business Recorded: Jul 20 2018 60 mins
    Cloud is transforming enterprises in every segment, yet security in the cloud may not be as strong as it should be. Responsibility for the security of data, applications, and services in the cloud remains with the enterprise, but control is limited. View this webinar to hear Maxine Holt, Research Director of Ovum, detail how to make your hybrid cloud environment visible and secure.

    Learn about how:
    •Cloud expands your attack surface
    •Your security architecture needs to adapt
    •To keep pace with cloud adoption

    Discover how you can leverage your existing security solutions to keep your cloud data, applications, and customer experience safe from cyberattacks.
  • RSA + Ixia: Cloud Security is a Marathon: How to Get a Running Start
    RSA + Ixia: Cloud Security is a Marathon: How to Get a Running Start Mike Gallegos, RSA. Sushil Srinivasan, Ixia, A Keysight Business Recorded: Jul 20 2018 36 mins
    The process of securing public, private and hybrid clouds is not unlike training for a marathon. To be successful in either endeavor, preparation—having a training plan—is key. During this webinar, experts from RSA and Ixia will share strategies for securing your workloads in various cloud environments.

    We’ll share insights into planning and implementing these strategies, review emerging designs and best practices, and provide a step-by-step demonstration of how you can:
    •Establish visibility into your workloads in public, private and hybrid clouds
    •Detect, identify, and remediate malicious activity
    •Complement data shared by cloud providers
    •Cost-efficiently retain data for long-term analysis
    •Future-proof investments / ensure scalability

    As with any test of skill and endurance, you need to set goals, develop a schedule and dedicate time to prepare and execute. Attending this session and viewing the demo will help you devise the right strategy to secure your cloud and go the distance.
  • I tuoi dati su Office 365 sono protetti?
    I tuoi dati su Office 365 sono protetti? Tristano Ermini, Systems Engineer Recorded: Jul 20 2018 41 mins
    Applicazioni SaaS come Microsoft® Office 365® sono molto apprezzate e sempre più diffuse nelle aziende, ma lo stesso può dirsi delle minacce che si nascondono in queste offerte:

    • Esposizione accidentale dei dati con SharePoint®
    • Uso non controllato di account personali di OneDrive®
    • Violazioni alla sicurezza dei dati in Exchange

    Sì, anche applicazioni SaaS affidabili come Office 365 possono far crescere il rischio di violazioni e problemi di conformità.

    La nostra Security Operating Platform può offrirti supporto. Registrati al webinar e scopri come soddisfare le tue esigenze CASB e proteggere i dati sul cloud da malware ed esposizione accidentale.

    Scopri anche come ottenere visibilità completa e reporting, classificazione dei dati e controllo granulare delle attività per utente, cartella e file, per una protezione efficace dei dati business-critical su Office 365.
  • Sysdig & SANS Institute: Forensics and Incident Response in Containers
    Sysdig & SANS Institute: Forensics and Incident Response in Containers Knox Anderson, Sysdig and Jake Williams, SANS Analyst Recorded: Jul 20 2018 61 mins
    Almost 5 years, 48,000+ github stars, and tens of thousand of production deployments later we can safely say containers are a technology that is a here to stay. They’re developer friendly, easy to operationalize, and allow organizations to provide stable and secure services to their customers.

    While there are clear best practices for what it takes to build and run containers, there isn't as much knowledge around the performing forensic analysis of incidents that occur inside your containers.

    In this webinar we'll cover:
    - How containers change incident response and forensics
    - Best practices around forensic data collection in container environments
    - Compare opensource and commercial forensics options
    - A live demo of multiple forensics investigations using Sysdig Inspect: an opensource container forensics tool
  • Malware of the Week | One-Two Punch
    Malware of the Week | One-Two Punch Proofpoint Recorded: Jul 19 2018 10 mins
    Each week we host a Threat of the Week webinar featuring a high-level look at interesting threats to help security teams navigate the attack landscape, in less than 10 minutes.

    This week on Threat of the Week – a Phish, a RAT and some LaZagne

    Malware like Sentinel are particularly dangerous due to their multi-stage infection progression. It kicks off with an emailed Word doc that, once downloaded it requests you to enable macros. After that it installs that RAT and then installs LaZagna.

    A nasty one-two punch.

    We also cover a new phishing campaign focused on Stripe and Square payments. Joins us to learn how these attacks worked and how to avoid them.
  • Tuition Rebate Info Session - Up to $4K to Help you Fast-Track Your Cyber Career
    Tuition Rebate Info Session - Up to $4K to Help you Fast-Track Your Cyber Career Dr. Victor Berlin and Christine Olyer Recorded: Jul 19 2018 20 mins
    Don’t let another year slip by without a top cyber job (avg. salary $126K). Let MCI help you make your move now!

    At this webinar you will learn how you can:
    • Earn up to $4K in Tuition Rebates
    • Fast-track your cyber career in 2018
    • Access 16,000+ Cyber Jobs/Day
    • Get NIST RMF/FedRAMP Project Experience
    • Hands-on prep for the CISSP, CEH, CAP or CCRMP
    • Plus more


    Dr. V. N. Berlin is the CEO of Mission Critical Institute (MCI). MCI enables universities to graduate career-ready cybersecurity risk management professionals by utilizing MCI’s cutting-edge online cybersecurity education system. Dr. Berlin has over 30 years of cybersecurity graduate level education experience which includes serving as the founding president of the first accredited cybersecurity graduate university, University of Fairfax.
    Over 12,000 adult learners advanced their cybersecurity careers through certification preparation, master’s and doctoral level programs offered by the organizations directed by Dr. Berlin. Mission Critical Institute has established a cybersecurity community with a membership of 100,000+ aspiring and established cybersecurity professionals from which it draws candidates for its academic and employer partners.
  • Career Conversations w/ Twitter Queens Tracy and Amanda
    Career Conversations w/ Twitter Queens Tracy and Amanda Jessica Gulick, MBA | PMP | CISSP Recorded: Jul 19 2018 59 mins
    Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?

    Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!

    Guest:
    Amanda Berlin, MCITP
    Tracy Maleeff, Masters in Library and Information Science
  • Zero to Hero: Blissfully Ignorant to Risk Focused
    Zero to Hero: Blissfully Ignorant to Risk Focused Casey Reid, Principal Security Engineer, Tenable Recorded: Jul 19 2018 36 mins
    Innovation is the key to survival in today's Digital economy. Providing fresh content in new ways to broader markets is expanding the attack surface. The adoption of DevOps, cloud proliferation and enterprise IoT has added significant challenges to understanding your Cyber Risk.

    In this webinar Casey Reid, Principal Security Engineer at Tenable will talk about:
    - Why there no such thing as "Secure"
    - How the "Race to Zero" is killing your productivity and increasing your Cyber Risk
    - How "Chasing the Zero Day" could be a big waste of time
    - What it takes to be Risk focused: Going from Zero to Hero

    About the Speaker:
    Casey Reid is a Principal Security Engineer at Tenable, responsible for helping enterprise customers reduce their Cyber Exposure and strengthen their Vulnerability Management program. He is an energetic, outspoken, problem solver and hobby hacker with over 15 years of diverse technical experience. When he's not learning new technologies or hacking in his lab, he is competing at local CrossFit competitions and Obstacle Course Races such as the World's Toughest Mudder.
  • How to Build and Mature a SecOps Program in the Cloud
    How to Build and Mature a SecOps Program in the Cloud Pete Cheslock, Threat Stack's Head of Ops and Pat Cable, Threat Stack's Sr. Infrastructure Security Engineer Recorded: Jul 19 2018 40 mins
    Scaling your business is hard, but scaling your business securely is even harder. While modern cloud infrastructure has fostered speed and innovation through DevOps, security still lags behind. When it comes to securing modern infrastructure, achieving your cloud security objectives should not mean sacrificing good operations principles for good security principles, or vice versa.

    In this webinar, Threat Stack’s Head of Ops, Pete Cheslock, and Sr. Infrastructure Security Engineer, Pat Cable, will discuss what it takes to bring good security and good operations into alignment. They will offer practical advice to help you build and mature a cloud secops program for your Organization

    - Understand how cloud security differs from traditional, on premise security frameworks
    - Learn the five core SecOps principles that will help fortify your cloud infrastructure
    - Develop a comprehensive understanding of cloud secops best practices, including both technology and team management
  • Mining AppSec Analytics to Manage Your Biggest Cyber Threat Vector
    Mining AppSec Analytics to Manage Your Biggest Cyber Threat Vector Setu Kulkarni, VP, Strategy & Business Development Recorded: Jul 19 2018 45 mins
    From development to DevOps to SecOps, and from day to day management to the Board of Directors, application security analytics are a necessity to drive action across your organization. We’ll discuss a crawl, walk, run approach including basic reporting, vulnerability management, CI/CD integration, and using analytics tools. You’ll learn how to mine your application security data to manage your biggest cybersecurity threat vector.

    About the Presenter:
    Setu Kulkarni is the VP, Strategy & Business Development for WhiteHat Security. Setu joined the WhiteHat leadership team in early 2016 after a 10+ year stint at TIBCO Software Inc., where he most recently led product management and strategy for the Operational Intelligence product portfolio. During his many years at TIBCO, he led a variety of strategic and operational initiatives – building the SOA platform for the Integration and BPM businesses, building the business launch platform for TIBCO’s cloud business, mainstreaming the LogLogic acquisition, and developing the next-gen ITOA offering. He earned an engineering degree in computer science and engineering from Visvesvaraya Technological University, India.
  • Applying Data Science to Measure Your True Risk
    Applying Data Science to Measure Your True Risk Michael Roytman, Chief Data Scientist at Kenna Security Recorded: Jul 19 2018 47 mins
    There’s a difference between threat data and threat intelligence, and while the former may give you a better understanding of malicious data sources, IPs, websites, and domains, what it fails to do is give you and your security team the context to remediate a threat. When CVEs are responsible for tens of millions of attacks, simply having threat data won’t cut it.

    When it comes to cybersecurity, knowledge is power. And as cyber criminals gain more sophisticated tactics, protecting yourself requires a more intelligent approach.
  • Master DNS Security for a Bulletproof, Tier One Network
    Master DNS Security for a Bulletproof, Tier One Network Tony Scott, DJ Goldsworthy, D.J. Long, Cricket Liu, Victor Danevich Recorded: Jul 19 2018 97 mins
    You're charged with building a bulletproof, tier one secure network. If your Domain Name System (DNS) goes down, nothing else matters. And, DNS is the leading attack vector for cyber villains. Say “Hack no! ” to DNS threats.

    Join guest speaker Tony Scott, former CIO of the United States, Microsoft, and the Walt Disney Company, alongside leading practitioners from Aflac and McAfee in this live panel discussion. This unique gathering of industry experts will discuss their perspectives on building a safe, secure network and actionable best practices in this era of cloud and mobile. Moderated by Infoblox Chief DNS Architect Cricket Liu, this discussion will give you an opportunity to hear from the experts and ask questions about.

    - What leading organizations are doing to secure their DNS
    - When to best utilize DNS data, network context, and threat intelligence in your security operations
    - How to integrate DNS data with your security ecosystem to accelerate threat mitigation and remediation
    - How Aflac blocked nearly 37 million threat connections with < 100 false positives

    Save your spot now.

    ----------------------------------------------------------------------------------------------

    Panelists:

    Tony Scott,U.S. CHIEF INFORMATION OFFICER (2015–2017), TONYSCOTTGROUP

    DJ Goldsworthy, DIRECTOR, SECURITY OPERATIONS AND THREAT MANAGEMENT, AFLAC

    D.J. Long, VICE PRESIDENT, STRATEGIC BUSINESS DEVELOPMENT, MCAFEE

    Cricket Liu, CHIEF DNS ARCHITECT, INFOBLOX

    Victor Danevich, VICE PRESIDENT, WORLDWIDE FIELD ENGINEERING, INFOBLOX
  • Impersonation: The Many Masks of Email Threats
    Impersonation: The Many Masks of Email Threats Ken Bagnall, Vice President, Email Security, FireEye Recorded: Jul 19 2018 50 mins
    You can’t always trust that the sender of your email truly sent it. Impersonation threats are becoming more popular and difficult for end users to spot.

    Ken Bagnall, Vice President, Email Security, presents “Impersonation: The Many Masks of Email Threats,” a FireEye webinar that digs into the details behind impersonation attacks:

    • What psychological authentication involves
    • How attackers prey on recipients’ imagination and emotions
    • How impersonation attacks are evolving
    • What is in the future for impersonation
    • How threat intelligence and the speed of email security impact cyber risk
  • Containers At-Risk: A Review of 21,000 Cloud Environments
    Containers At-Risk: A Review of 21,000 Cloud Environments Dan Hubbard, Chief Security Architect | Lacework Recorded: Jul 19 2018 40 mins
    Securing workloads in public clouds requires a different approach than that used for traditional data centers. The need to operate security at cloud speed, respond to continuous change, and adapt at scale all require a dramatic shift in the type of security solution required by today’s operation.

    This webcast will deliver a detailed analysis of the threats and risks discovered by recent research done by Lacework when it comes to deploying containers and orchestration services like Kubernetes running on AWS.
  • SOAR Like An Eagle: The Key to Fast, Full-Lifecycle Incident Response
    SOAR Like An Eagle: The Key to Fast, Full-Lifecycle Incident Response Jon Oltsik (ESG) and Stan Engelbrecht (D3 Security) Recorded: Jul 19 2018 58 mins
    Join Senior Principal Analyst and ESG Fellow, Jon Oltsik, and Director of Cyber Security at D3 Security, Stan Engelbrecht, CISSP, as they discuss the complexity of today’s security incidents and the need for organizations to utilize SOAR (Security Orchestration, Automation and Response) tools in order to seamlessly, and rapidly, coordinate the people, technology, and processes that make up their security infrastructure.

    In this webinar you will learn how to:

    •Ease the adoption of SOAR through out-of-the-box security product integration
    •Identify, contextualize and rank threats automatically (so your analysts don’t have to)
    •Eliminate silos with visual playbooks that weave human and machine tasks together
    •Automate case management activities, such as incident investigations, link analysis and forensics tracking
    •Extend automation and orchestration capabilities to compliance, privacy and investigative teams
  • Culture Club: Developing a Culture of Security at an Organization
    Culture Club: Developing a Culture of Security at an Organization Erich Kron, KnowBe4, Keri Pearlson, M.I.T.; Spencer Wilcox; Brandon Dunlap (Moderator) Recorded: Jul 19 2018 57 mins
    Human error. Unintentional security incident. It’s going to happen at every organization. Sooner or later, someone will click on a rogue link or open an attachment they shouldn’t, exposing your organization to malware, phishing and ransomware. Old-school training, testing and policies can only go so far. Actions need to replace rhetoric. Join KnowBe4 and (ISC)2 on July 19, 2018 at 1:00PM Eastern for a discussion on how to build a security-centric culture than can benefit any size organization. We’ll examine how to establish a solid foundation, making sure everyone is on the same page and leveraging leadership to help with accountability.
  • The Public Sector Guide to FISMA Accreditation
    The Public Sector Guide to FISMA Accreditation Jeff Valentine, Chief Product Officer, CloudCheckr, and Matt Jordan, VP Corporate Development, JHC Technology Recorded: Jul 19 2018 47 mins
    FISMA is the all-embracing legislative framework for protecting the security, integrity, and availability of federal information and information systems. To meet FISMA compliance requirements, governmental agencies and private contractors that handle federal data must maintain full visibility over their information system inventory.

    Attendees will learn:
    - How to leverage existing documentation
    - Shared responsibility
    - Gaining an ATO without FedRAMP assessed infrastructure
  • SEC Guidance - Cyber Security Disclosures
    SEC Guidance - Cyber Security Disclosures Aseem Rastogi CEO & Founder - CloudOptics Recorded: Jul 19 2018 32 mins
    Information / Discussion on SEC Guidance On Public Company Cyber Security Disclosures

    The Securities & Exchange Commission, in Feb-2018 has published a guidance to assist public companies in handling Cyber Security Risks and Incidents. In this webinar, participants will learn about -
    - Context Of SEC Guidance
    - Purpose Of SEC Guidance
    - Disclosure Approach
    - Steps to Adhere to Guidelines
    - Technology & Operational Considerations
  • Enforcing Immutability & Least Privilege to Secure Containers: Red Hat OpenShift
    Enforcing Immutability & Least Privilege to Secure Containers: Red Hat OpenShift Tsvi Korren - Chief Solutions Architect at Aqua Security Recorded: Jul 19 2018 48 mins
    One of the benefits of using containers, especially in microservices-based applications, is they make it easier to secure applications via runtime immutability—or never-changing—and applying least-privilege principles that limit what a container can do.

    With immutability, every attempt to change the runtime environment is interpreted as an anomaly. And, thanks to containers’ simplicity, it is easier to predict their behavior in the application context and create a tight security envelope, allowing them to perform only their required function and preventing behaviors outside that scope.

    In this webinar, Tsvi Korren, Chief Solutions Architect at Aqua Security, will explain and demonstrate how an approach that enforces immutability and least privilege can secure applications in an active container environment.
  • Watch & Learn: Advanced Next-Generation Firewall Deployment
    Watch & Learn: Advanced Next-Generation Firewall Deployment Diego Fontes & Michael Favinsky Jul 23 2018 7:00 pm UTC 60 mins
    This is the “Best of Ignite” Week. Day 1 will be learning how to deploy an advanced Next-Generation Firewall.

    Designed for security and network engineers, this session dives deep into Palo Alto Networks security policies and network configuration. It is designed to enhance your understanding of how to configure and manage some of the more advanced features of Palo Alto Networks next-generation firewalls.

    This session will focus on firewall and Panorama features useful for deployments in large and complex networks.
  • Interpreting the 2018 NSS Labs AEP 2.0 Test
    Interpreting the 2018 NSS Labs AEP 2.0 Test Mike Spanbauer, Vice President of Research Strategy, NSS Labs & Danny Milrad, Dir. of Product Marketing, Palo Alto Networks Jul 24 2018 2:00 am UTC 90 mins
    NSS Labs® recently published the results of its 2018 Advanced Endpoint Protection (AEP) 2.0 Group Test, which examines vendors’ ability to protect endpoints from malware, ransomware and exploits.

    In the test, Palo Alto Networks® Traps™ advanced endpoint protection achieved both high Security Effectiveness and low Total Cost of Ownership, earning a Recommended rating.

    Join this webinar to hear vice president of Research Strategy at NSS Labs, Mike Spanbauer, and director of Product Marketing at Palo Alto Networks, Danny Milrad, discuss:

    - Advanced endpoint protection must-haves
    - Understanding the AEP 2.0 test results
    - What a Recommended rating means to you
    - How Palo Alto Networks performed on the test
  • Top Five Benefits of Versa SD WAN
    Top Five Benefits of Versa SD WAN Danny Johnson, Dir-Verizon, Helen Wong, Verizon, Rob McBride, Dir-Versa Jul 24 2018 3:30 am UTC 60 mins
    Join us and our strategic partner, Versa Networks, for a discussion on Managed SD WAN Security Branch solutions. Through real use cases in deployments at scale, we will discuss how Managed SD WAN can help increase bandwidth, agility and reliability - while maintaining security.
  • TEMP.Periscope Surfaces in Cambodia: A Chinese espionage operation
    TEMP.Periscope Surfaces in Cambodia: A Chinese espionage operation Tim Wellsmore, Director, Government Security Programs, APAC and Ben Wilson, Threat Intelligence Analyst Jul 24 2018 4:00 am UTC 60 mins
    Earlier this month, FireEye revealed an extensive cyber espionage carried out by China-linked TEMP.Periscope which targeted Cambodia’s political system. The effort—which was covered by Bloomberg, Time, Associated Press and others—compromised multiple ministries, diplomats and opposition members. It was carried out by China’s second most active cyber espionage groups, which has previously targeted US-, Europe- and Asia-based organizations.

    Join Tim Wellsmore, Director, Government Security Programs, APAC and Ben Wilson, Threat Intelligence Analyst for the webinar to learn more about TEMP.Periscope’s mission, and its attacker tactics, techniques and procedures.
  • [APAC] Network security at the speed of DevOps
    [APAC] Network security at the speed of DevOps Anner Kushnir, VP Technology Jul 24 2018 5:00 am UTC 60 mins
    DevOps methodologies have become extremely popular to enable agile application development and delivery.
    Unfortunately, when it comes to the associated network connectivity, such as whenever a new application needs to connect to an external resource, the process breaks. The application developer then needs to open change requests and wait for approvals which effectively breaks the continuous delivery cycle. As a result security is in the uncomfortable position of being a bottleneck and an impediment to innovation.

    In this webinar, Anner Kushnir, AlgoSec’s VP of Technology will describe how the innovative 'Connectivity as Code' approach can be implemented to overcome these challenges, and seamlessly weave network security into the existing CI/CD pipeline in order to fully automate the application delivery process end-to-end.

    Attend this webinar to learn how to:
    •Seamlessly manage network connectivity as part of the DevOps process for faster, more agile and problem-free application delivery
    •Avoid external out-of-band network connectivity problems that require separate and manual handling
    •Ensure continuous compliance and auditability throughout the application delivery process
    •Get clearly documented application connectivity requirements which help prevent disruptions to the business
    •Bridge the gap between application developers and network security throughout the entire application lifecycle
  • Your Office 365 data & apps secured
    Your Office 365 data & apps secured Jason Montgomery, SaaS Security Expert Jul 24 2018 8:30 am UTC 60 mins
    SaaS applications like Microsoft® Office 365® are wildly popular, and adoption across enterprises continues to grow, but so do the hidden threats lying within these offerings, such as:

    • Accidental data exposure with SharePoint®
    • Uncontrolled use of personal OneDrive® accounts
    • Data security violations in Exchange

    Yes, even trusted SaaS applications like Office 365 can increase your risk of breaches and noncompliance.

    Our Security Operating Platform can help. Sign up for our webinar and learn what you need to meet your CASB needs as well as secure your cloud-based data against malware and accidental exposure.

    You’ll also find out how to achieve complete visibility and reporting, data classification, and fine-grained enforcement across users, folders and file activities to protect your business-critical data in Office 365.
  • Repenser la sécurité
    Repenser la sécurité Yann Samama, Consutlant Solutions de Sécurité Jul 24 2018 8:30 am UTC 45 mins
    Les évolutions technologiques, les nouvelles normes, l’augmentation constante du trafic, la complexité des infrastructures réseau au sein desquelles l’information est de moins en moins visible, ainsi que les cyber-menaces de plus en plus sophistiquées ont un impact majeur sur les entreprise et les obligent à repenser l’architecture de sécurité.

    Yann Samama discutera des défis actuels en matière de sécurité et comment ils peuvent être surmontés en abordant les sujets majeurs tels que :

    * Augmenter la disponibilité du réseau tout en simplifiant la  connectivité des outils grâce à une solution de module bypass
    * Disposer d’une visibilité en tout point réseau afin d’améliorer de l’efficacité de l’ensemble des outils connectés  tout en réduisant la complexité de leur exploitation
    * Diminuer les coûts OPEX et CAPEX via un  ROI très court-termisme

    Découvrez les raisons pour lesquelles Gigamon propose la solution la plus complète et efficace pour la connectivité des outils en mode « inline et Out of band » au sein des environnements physiques, virtuels et de cloud public.
  • Interpreting the 2018 NSS Labs AEP 2.0 Test
    Interpreting the 2018 NSS Labs AEP 2.0 Test Mike Spanbauer, Vice President of Research Strategy, NSS Labs & Danny Milrad, Dir. of Product Marketing, Palo Al Jul 24 2018 9:00 am UTC 90 mins
    NSS Labs® recently published the results of its 2018 Advanced Endpoint Protection (AEP) 2.0 Group Test, which examines vendors’ ability to protect endpoints from malware, ransomware and exploits.

    In the test, Palo Alto Networks® Traps™ advanced endpoint protection achieved both high Security Effectiveness and low Total Cost of Ownership, earning a Recommended rating.

    Join this webinar to hear vice president of Research Strategy at NSS Labs, Mike Spanbauer, and director of Product Marketing at Palo Alto Networks, Danny Milrad, discuss:

    - Advanced endpoint protection must-haves
    - Understanding the AEP 2.0 test results
    - What a Recommended rating means to you
    - How Palo Alto Networks performed on the test
  • Hacker Powered Cloud Security Testing
    Hacker Powered Cloud Security Testing Andy Condliffe, Solution Architect EMEA, Synack Jul 24 2018 9:00 am UTC 60 mins
    Cloud security has come full circle - back to the user. Early cloud vendors promised complete security only to find the truth more nuanced - there’s a shared responsibility. Both infrastructure and applications in the cloud need attention to stay clear of security vulnerabilities old and cloud new. Security testing has evolved to meet the needs of hybrid, public, and private cloud deployments. Attendees of this webinar can expect to learn:

    The shared model for cloud security
    What cloud providers protect...and what they don’t
    How to migrate securely to the cloud
    What penetration testing for cloud environments does differently
  • Phishing – Sensibilisez vos utilisateurs par la simulation et la formation
    Phishing – Sensibilisez vos utilisateurs par la simulation et la formation Mickael Omer, Sales Engineer Jul 24 2018 9:00 am UTC 45 mins
    Le phishing reste l’une des plus grandes menaces pour les entreprises. Ce type d’attaque ciblée exploite le facteur humain plutôt que la technologie, ce qui la rend plus difficile à détecter par les solutions de sécurité traditionnelles. Nous vous ferons découvrir comment réduire le risque d’hameçonnage en permettant la simulation de phishing et la formation pour aider vos utilisateurs finaux à détecter, signaler et se prémunir de cette menace.

    Durant cette session, nous couvrirons les sujets suivants :

    • Comment évaluer la vulnérabilité de vos utilisateurs aux attaques de phishing et de spear phishing
    • Sensibiliser et former vos utilisateurs pour qu’ils reconnaissent et évitent les attaques de phishing et autres escroqueries d'ingénierie sociale
    • Comment permettre à vos employés de signaler les messages suspects en un seul clic.
  • How to Deploy Your Service Desk Your Way - Seamlessly, Flexibly and Quickly
    How to Deploy Your Service Desk Your Way - Seamlessly, Flexibly and Quickly Nev Ward and Noel Hopkinson, Senior Solutions Architects Jul 24 2018 10:00 am UTC 60 mins
    While ITSM is often delivered via software as a service (SaaS), businesses today are looking for different deployment options. The world is in flux, and strategies evolve. Businesses using SaaS today may need to migrate to a private cloud in the future. Similarly, some companies have strict security and compliance policies around data sovereignty, making on-premises deployment mandatory. That’s why it’s important to factor deployment flexibility into your evaluation of modern ITSM solutions.

    This webinar will cover:
    1.How Flexible Container Technology provides Portability, Faster Time to Value, and Lower TCO
    2.How seamless upgrades can be achieved in conjunction with Codeless Configuration
    3.How you can now consume new and innovative capabilities with equal speed, whether the solution is on premise, in a SaaS model, or in the public cloud.
  • How to Build a Powerful Partner Sales Channel & The 13 Mistakes to Avoid
    How to Build a Powerful Partner Sales Channel & The 13 Mistakes to Avoid Marcus Cauchi, ISM Fellow Jul 24 2018 10:00 am UTC 60 mins
    Are setting up a new channel or trying to revitalise an old or underperforming sales channel?

    Have you invested time and money recruiting partners but feel disappointed they aren’t producing or have fallen silent?

    Do partners bring you requests for duck-shoot demos that result in sales cycles that seem never to close?

    Channel Partner Sales Managers have one of the toughest jobs in sales or sales management. They have to:

    * Lead and manage without power
    * Carry large targets and are responsible for key accounts
    * Recruit partners who produce predictably & consistently
    * Get the best out of partners
    * Create and maintain engagement across partner organisations (sales, technical & management)
    * Help partners make good money and stay committed & loyal

    If you want to gain marketshare and expand quickly, identifying and selecting the right Channel Partner Sales Managers can be the key. Providing them with the correct tools and resources is essential.

    Join us on 10th July for a webinar introducing a radical new approach to channel sales development.

    Ideal for:

    * Startup businesses looking to build a channel from scratch
    * Established business experiencing erratic or disappointing channel performance
    * Companies looking to launch new products and services
    * Companies launching into new markets
    * Direct sales organisations looking to reduce their sales costs & headcount without a loss of earnings or quality
  • How to Get the Most Bang for your Buck out of your AppSec Programme
    How to Get the Most Bang for your Buck out of your AppSec Programme John Smith, Snr. Principal Consultant Solutions Architect @ CA Veracode Jul 24 2018 10:00 am UTC 45 mins
    To invest, or not to invest? That is the question. An effective Application Security programme takes a lot of initial investment, particularly of time and effort, not to forget the money.

    In this session, John Smith - Principal Solutions Architect @ CA Veracode - will help you understand how to get the most out of your time, effort and financial investment that has gone into your Application Security Programme.

    You will leave this webinar understanding…

    - Why invest in AppSec?
    - How can you generate the largest ROI on your investment?
    - What positive business outcomes, come from an AppSec Investment?

    Join us on the 24th of July to find out how to get the most bang for your buck with Application Security!
  • Building a Collaborative Phishing Defense
    Building a Collaborative Phishing Defense Lindsay Drabwell, Head of Membership Services EMEA, (ISC)², Darrel Rendell, Mollie Holleman, Jul 24 2018 11:00 am UTC 60 mins
    What’s keeping you up at night? Ransomware? Phishing? Spyware? Malware? Data Breaches? A malicious email typically opens the door to those threats. Organizations spend great energy (and budget) preventing users from falling prey, but threat actors continue to find ways to get past automated controls, staying one step ahead of artificial intelligence tools. Cofense believes solving the phishing problem is more than just awareness: it’s about empowering humans to become instinctual nodes on the cyber defense network and feeding their real-time intelligence to security teams for immediate action.
    Speakers:
    Darrel Rendell, Principal Intelligence Analyst, Cofense
    Mollie Holleman, Senior Intelligence Specialist, Cofense
  • Reimagining telecom fraud prevention through the digital identity network
    Reimagining telecom fraud prevention through the digital identity network Jason Lane-Sellers Jul 24 2018 1:00 pm UTC 60 mins
    Please join our 45 minute webinar where we will present the latest Trust & Fraud patterns and trends from our Global Digital Identity Network of over 6,000 customers and 40 billion transactions per year. We will also discuss the leading edge technology behind the network followed by a case study of how it we helped a large MVNO launch.

    Ellie Burns - Product Marketing Manager - will present patterns and trends from our latest Cybercrime Report with some interesting observations for Telco.
    Richard Helliar - Telco Director EMEA - will present on what makes our technology different
    Jason Lane-Sellers - CFCA President and Director of Solutions, ThreatMetrix - will present a customer case study

    We look forward to seeing you at 2pm (London time) on Tuesday 24th July, 2018.
  • A CISO Perspective: Building a Modern Security Strategy
    A CISO Perspective: Building a Modern Security Strategy Tom Bain, VP of Marketing at Morphisec and Adrian Asher, CISO of the London Stock Exchange Group Jul 24 2018 2:00 pm UTC 60 mins
    Join us for a candid discussion with London Stock Exchange Group CISO Adrian Asher on what it takes to build a modern security strategy. We'll cover industry trends and challenges, architecting a modern stack and how moving target defense helps align security with your business.
  • Does your Network Have 3-D Compliance?
    Does your Network Have 3-D Compliance? Brian Kaplan, NOM Product Manager and Compliance Specialist and Frank Bonifazi, NOM Product Marketing Manager, Micro Focus Jul 24 2018 3:00 pm UTC 60 mins
    In this webinar we’ll be discussing the critical topic of network compliance, vectors of attack, and how to secure networks.

    We’ll introduce a new comprehensive model called 3-D Compliance to help you think about multiple aspects of being fully compliant.

    A recent specific Common Vulnerability and Exposures (CVE) will be analyzed and discussed as an example vulnerability.

    Learn more about 3-D Compliance in this series of Micro Focus blogs: https://community.softwaregrp.com/t5/IT-Operations-Management-ITOM/Defend-Against-Network-Attack-Vectors-Introducing-Three/ba-p/1656856#.W0j4k7nrseF
  • [US/UK] Network security at the speed of DevOps
    [US/UK] Network security at the speed of DevOps Anner Kushnir, VP Technology Jul 24 2018 3:00 pm UTC 60 mins
    DevOps methodologies have become extremely popular to enable agile application development and delivery.
    Unfortunately, when it comes to the associated network connectivity, such as whenever a new application needs to connect to an external resource, the process breaks. The application developer then needs to open change requests and wait for approvals which effectively breaks the continuous delivery cycle. As a result security is in the uncomfortable position of being a bottleneck and an impediment to innovation.

    In this webinar, Anner Kushnir, AlgoSec’s VP of Technology will describe how the innovative 'Connectivity as Code' approach can be implemented to overcome these challenges, and seamlessly weave network security into the existing CI/CD pipeline in order to fully automate the application delivery process end-to-end.

    Attend this webinar to learn how to:
    •Seamlessly manage network connectivity as part of the DevOps process for faster, more agile and problem-free application delivery
    •Avoid external out-of-band network connectivity problems that require separate and manual handling
    •Ensure continuous compliance and auditability throughout the application delivery process
    •Get clearly documented application connectivity requirements which help prevent disruptions to the business
    •Bridge the gap between application developers and network security throughout the entire application lifecycle
  • ISSA International Series: Trials & Tribulations of Social Engineering
    ISSA International Series: Trials & Tribulations of Social Engineering ISSA International Jul 24 2018 4:00 pm UTC 120 mins
    We all know about social engineering and phishing; but ‘Is it as simple as sending an email or asking for a click?’ probably not. As hackers and attacks evolve, they will go from simple tricks to very sophisticated attacks. So how do we know what these attacks will be? Simply, we can’t. So how can we detect the new attacks? This session will cover the state of the attacks and the directions they are taking. Ultimately, we will discuss strategies and how we can define the science that will evolve to thwart the evolving various attacks

    Moderated by: Pete Lindstrom, IDC

    Presenters:

    Roger Grimes, Data-Driven Defense Evangelist, KnowBe4
    Andrew Lewman, Laxdaela Technology
    Ben Rothke, Senior Security Consultant, Nettitude
    Paul Williams, former CTO, White Badger Group
  • Securing the Expanding Enterprise Cloud Footprint
    Securing the Expanding Enterprise Cloud Footprint Rich Campagna, CMO & VP of Product Management at Bitglass. Bill Hudson, VP IT at John Muir Health. Thomas August, CISO, JMH Jul 24 2018 4:30 pm UTC 60 mins
    For John Muir Health (JMH) and other leading healthcare firms, Office 365 is often IT's first foray into the public cloud and the start of a broader initiative to migrate from premises-based applications to cloud. Most are now looking to deploy cloud messaging, file sharing, collaboration apps, and more. Deploying this "long-tail" of SaaS applications shares a great deal with platforms like Office 365, but some considerations are different.

    In this webinar, learn how John Muir Health journeys to secure these lesser known cloud applications and gain actionable advice that you can bring to your organization to protect data in Office 365 and beyond.
  • Open source Kubernetes run-time security with Falco
    Open source Kubernetes run-time security with Falco Michael Ducy Jul 24 2018 5:00 pm UTC 30 mins
    Effective security requires a layered approach. If one layer is comprised, the additional layers will (hopefully) stop an attacker from going further. Much of container security has focused on the image build process and providing providence for the artifacts in a container image, and restricting kernel level tunables in the container runtime (seccomp, SELinux, capabilities, etc). What if we can detect abnormal behavior in the application and the container runtime environment as well? In this talk, we’ll present Falco - an open source project for runtime security - and discuss how it provides application and container runtime security. We will show how Falco taps Linux system calls to provide low level insight into application behavior, and how to write Falco rules to detect abnormal behavior. Finally we will show how Falco can trigger notifications to stop abnormal behavior, notify humans, and isolate the compromised application for forensics. Attendees will leave with a better understanding of the container security landscape, what problems runtime security solves, & how Falco can provide runtime security and incident response.
  • Reducing Risk in Public Cloud Environments
    Reducing Risk in Public Cloud Environments Greg Mayfield, Director of Product Marketing, Tenable Jul 24 2018 5:00 pm UTC 60 mins
    As organizations adopt their multi-cloud and hybrid cloud strategies, continuous visibility and protection of these dynamic cloud workloads remains the #1 challenge for security teams. It’s essential to gain live visibility into AWS, Azure and Google Cloud Platform assets in order to continuously assess cloud infrastructure to detect vulnerabilities, malware and misconfigurations.

    This webinar will benefit SecOps teams by highlighting how they can obtain a unified view into cyber risk across their cloud environment to better prioritize response and mitigation. The discussion will highlight processes and tools to eliminate blind spots, secure cloud assets and applications and better integrate with CI/CD processes for fast and efficient remediation.
  • Best Practices for Threat Hunting in Large Networks
    Best Practices for Threat Hunting in Large Networks Ofri Ziv - VP, GuardiCore Labs and Daniel Goldberg - Senior Security Researcher, GuardiCore Labs Jul 24 2018 5:00 pm UTC 45 mins
    Join our webinar to learn how threat hunters and security analysts can successfully secure large and complex enterprise networks. We’ll discuss challenges unique to immense networks, such as lack of accurate information, poor visibility and how to improve security without impacting operations.
  • 2018 Security Congress Preview – Cloud Security
    2018 Security Congress Preview – Cloud Security Mike Brannon, Dir, Infrastructure & Security, National Gypsum; Tim Sills,Accudata; Tyler Smith, IT Analyst, John Deere Jul 24 2018 5:00 pm UTC 75 mins
    (ISC)2 will hold its Security Congress 2018 in New Orleans, LA, October 8th – 10th. This conference will bring together 2000+ attendees and over 100 educational sessions. One of the 13 tracks that are being offered with focus on Cloud Security and challenges practitioners face when dealing with all things cloud. On July 24, 2018 at 1:00PM Eastern, join (ISC)2 and several of the speakers who’ll be presenting in the Cloud track as we preview their sessions, get an idea of what will be discussed and discuss the state of cloud security today.
  • Weighing the Cost of Data Security: Why It’s Important for All Business Sizes
    Weighing the Cost of Data Security: Why It’s Important for All Business Sizes Chase Cunningham, Forrester Analyst and John Macintosh, Enterprise Systems Engineer with Comodo Cybersecurity Jul 24 2018 5:00 pm UTC 60 mins
    The digital landscape is doubling in size every two years. By 2020, the data we create and copy annually will reach 44 zettabytes, or 44 trillion gigabytes.* With so much data to manage, one of the biggest challenges is knowing where sensitive data resides – on an endpoint? On a file server? In transit? Or possibly in the hands of a competitor or a bad actor. Only by building context around your most sensitive data will you gain a better understanding of how to protect, prioritize, lock down, and monitor your data, and to avoid damaging data breaches.
    Join Chase Cunningham, Analyst with Forrester and Kevin Santarina, Senior Systems Engineer with Comodo Cybersecurity as they discuss why data protection is a necessary addition to every organization’s security portfolio. Learn how you can:
    •Understand the structure and location of your organization’s high value data
    •Analyze the movement and storage of sensitive data across your network and beyond
    •Protect sensitive information from exposure by employees and third parties
    •Build an action plan to enforce a least privileged model and remediate when sensitive data is overexposed

    *Source: IDC Study 2014