Hi [[ session.user.profile.firstName ]]

Don't Bloat The Hypervisor! What to Know About Introspection

"Don't bloat the hypervisor" is the rallying cry for some security professionals worried about system virtualization security. Worried that access to APIs for security needs could end up making the same mistake with hypervisors that was made earlier with operating systems - bloat. And the larger a system is, whether it is the code base for a hypervisor or an operating system, the more difficult it is to secure. Other security professionals say that the lack of security capabilities inherent in hypervisors limits necessary tasks, such as forensics. This group argues that introspection capabilities are critical for actually securing virtualization.

This presentation will examine both sides of the introspection debate, and what the possible implications of it are for information security practitioners trying to secure virtualized environments.
Recorded Feb 23 2011 33 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Tim Mather, Consultant & Board Member of Cloud Security Alliance (CSA)
Presentation preview: Don't Bloat The Hypervisor!  What to Know About Introspection

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Social Engineering - Are you the weakest link? Recorded: Aug 30 2016 57 mins
    Greg Iddon, Technologist, Sophos
    Social Engineering has been around for as long as the crooks have but in a modern online world, running a con game has never been easier. And that’s why we need to be savvy.

    A social engineer can research you on Facebook and LinkedIn; read up about your company on its website; and then target you via email, instant messaging, online surveys…and even by phone, for that personal touch. Worse still, many of the aspects of a so-called “targeted attack” like this can be automated, and repeated on colleague after colleague until someone crumbles.

    Greg Iddon will take you into the murky world of targeted attacks, and show you how to build defences that will prevent one well-meaning employee from giving away the keys to the castle.
  • The GRC Evolution of Digital Enterprises with Convergence of ERM & Cybersecurity Recorded: Aug 25 2016 62 mins
    Colin Whittaker, Informed Risk Decisions; Yo Delmar, MetricStream; Chris McClean, Forrester; Sanjay Agrawal, CIMCON Software
    Cybersecurity has jumped to the top of companies’ risk agenda after a number of high profile data breaches, and other hacks. In an increasingly digitized world, where data resides in the cloud, on mobiles and Internet of Things enabling multitude of connected devices, the threat vectors are multiplying, threatening the firms’ operations and future financial stability.

    Organizations with the ability to view cybersecurity breaches as a risk, with associated probabilities and impacts, can strike the right balance between resilience and protection. By bringing together leadership and capabilities across fraud, IT, cybersecurity and operational risk, organizations can connect the dots and manage their GRC program more effectively. Organizations need to employ a proactive approach to review their existing risk management processes, roles and responsibilities with respect to cybersecurity to re-align them into an overall ERM strategy with boardroom backing.

    Attend this panel webinar, as we discuss these issues and address ways to develop an evolving GRC program to cope with the growing threat landscape.
  • BrightTALK Network Security & Hacking Preview Recorded: Aug 24 2016 3 mins
    This September BrightTALK will be hosting some of the industry's leading cyber speakers as they discuss Network Security & Hacking.

    Click below to register for the Summit:

  • Beyond the Sticker Price: Factors Impacting the Total Cost of Ownership of SIEM Recorded: Aug 24 2016 36 mins
    Michael Suby, Vice President of Research at Frost & Sullivan
    Unfortunately many organizations today are losing the race against the hacker community by a large margin. As noted in the Verizon 2016 Data Breach Investigation Report, the percent of compromises that transpired in “days or less” has risen from 67% to 84% over the last 10 years. Over this same time period, the percent of compromise discoveries that occurred in “days or less” also improved, but not enough to narrow the time gap between compromise and discovery. In other words, the bad guys are accelerating their exploits faster than the good guys are accelerating their ability to discover.

    The path to narrowing the time gap between compromise and discovery, and then neutralising business-impacting incidents, is through a comprehensive and mission-oriented Security Information and Event Management (SIEM). A well-designed SIEM not only advances security objectives, but it also works to direct personnel and process for maximum impact. With limited resources and a rising number of attacks, not all solutions are created equal. You need to ensure they are getting the best bang for your buck.

    In this webinar, Michael Suby, vice president of research at the global research and consulting organization Frost & Sullivan, will discuss the factors that contribute to SIEM’s total cost of ownership.

    You’ll learn:

    • How to calculate the total cost of ownership of a SIEM
    • The basic functionality that every SIEM should have to confidently breeze through preliminary activities
    • The SIEM attributes that will have a lasting impact on your organization’s cost efficiency in effectively managing risk

    Join us to learn the features that should be on the top of your scorecard when evaluating a SIEM for either first-time deployment or replacement.
  • Simplify Your Google Apps Collaboration and Management with IDaaS Recorded: Aug 18 2016 44 mins
    Nathan Chan, Solutions Architect at OneLogin
    Google Apps for Work is a preferred solution for productivity and collaboration in the modern enterprise. But with a large suite of tools, proper provisioning and maintenance is anything but easy. Attempting to roll out Google Apps to the right users with the right access often results in over-extended IT resources, delayed employee on- and off-boarding, and misallocated access to key documents and data.

    It doesn’t have to be this way. Hundreds of organizations are using OneLogin’s best-in-class directory integrations to achieve faster Google Apps time-to-value and on-going application security and automation.

    Join OneLogin for an informative webinar designed to get you through the most complex of Google Apps deployments.
  • Gaining real-time threat intelligence through the Enterprise Immune System Recorded: Aug 17 2016 31 mins
    Andrew Tsonchev, Darktrace Principal Consultant
    · The sophistication of today’s threat landscape
    · Lessons learnt in government intelligence on defending against fast- moving adversaries
    · Using machine learning for automatic threat detection and efficient resource allocation
    · Gaining visibility into 100% network activity and mitigate problems early
  • When Bots Attack! Stopping OWASP’s New Top 20 Automated Threats Recorded: Aug 16 2016 38 mins
    Rami Essaid, Co-Founder Distil Networks
    The OWASP Top 10 Vulnerabilities, last published in 2013, has been a valuable list of criteria by which any Web Application Firewall (WAF) is evaluated, but has a glaring flaw, it only focuses on vulnerabilities in the code, and ignores automated threats. In late 2015, this flaw was addressed and OWASP released the first Automated Threat Handbook specifically to help organizations better understand and respond to the notable worldwide increase of automated threats from bots. This presentation discusses these new bot threats, bot evolution, and how to fight back.

    - How malicious bots attack and cause problems

    - Why homegrown IT solutions have troubles keeping up with bots, threats

    - See Distil Networks in action finding, fighting bots
  • Cyber Intelligence Exchange: It's Possible and Absolutely Necessary Recorded: Aug 10 2016 34 mins
    Paul Kurtz, Co-Founder & CEO of TruSTAR Technology
    Despite the growing conversation around incident exchanges, few companies share broadly today. Join Paul Kurtz, Co-Founder and CEO of TruSTAR Technology to discuss:
    · Why it’s time for ‘good guys’ to embrace timely incident exchange,
    · The challenges of building effective intelligence exchange, and
    · How to design an intelligence exchange with broad participation and actionable reports.
  • User Behavior Analytics - A Game Changer in The Fight Against Cyber Attacks Recorded: Aug 10 2016 49 mins
    Stephan Jou, CTO at Interset
    High-profile breaches are on the rise. Insurance companies, government organizations, power utilities, even online gaming and dating sites are increasingly becoming targets of sophisticated cyber attacks.

    With the ever-changing landscape of threats and advanced cyber-attacks showing no sign of slowing down, organizations need to be prepared. As the breadth of corporate information expands, IT security teams face the daunting task of effectively protecting intellectual property, PII data, and PHI data from internal and external threats.

    Enter machine learning and user behavior analytics. Can this technology detect and help stop cyber-attacks? Stephan Jou, CTO at Interset, will discuss the current threatscape and how user behavior analytics plays in the fight to stop cyber-attacks.
  • Current Cyber Attack Trends and Forecasts for the Financial Industry Recorded: Aug 10 2016 33 mins
    David Swan, EVP Defence Intelligence Group
    Cyber attacks are on the rise, and financial institutions are increasingly becoming targets of sophisticated attackers. Join this presentation and learn about the current cyber-attacks affecting the industry.
    David Swan, EVP of the Defense Intelligence Group will discuss current attacks, attack trends and forecasts what banks and other financial institutions can expect in the near to middle term.
  • Using Endpoints to Accelerate Threat Detection, Protection and Response Recorded: Aug 10 2016 45 mins
    Simon Crosby, CTO at Bromium
    Distributed, automated detection and protection accelerates breach response.

    Sadly more than 90% of breaches start with a “click”: Attachments, downloads, malvertising, Java, the web, media, USB and executables all punch holes in the perimeter. Conventional “detect to protect” tools fail – because 99% of malware morphs in under a minute, making signatures useless. And the thousand-fold increase in crypto-malware signals a shift to machine-timescale breaches that can bring an organization to its knees before the first alert. CISOs find themselves in the awful position of having to detect a breach once an attacker has succeeded – without knowing what to look for or how to respond.

    In an era of targeted and machine-timescale attacks, luck and hope are not enough. This talk will present a way to use the endpoints themselves to accelerate enterprise detection, threat analysis and response. The approach relies on the use of virtualization based security on endpoints to isolate threat vectors, protecting the endpoint but more importantly providing an isolated environment in which malware will execute, with the advantage of tamper-proof monitoring. Insights from each endpoint are correlated to accelerate enterprise-wide response.
  • The Security Risks of Orphaned Network Traffic Recorded: Aug 10 2016 47 mins
    João Gouveia, CTO, AnubisNetworks
    As part of our research work focused on identifying automated network traffic that we can relate with malicious behavior and botnet communications, we often come across with traffic not necessarily related to malicious intent, but that represents a high risk for the companies allowing it to occur on their networks.

    Often associated with abandoned ware, policy control failures, or miss configurations, these traffic patterns end up exposing company information and assets to multiple risk levels.

    On this webinar, we are going to explore this byproduct of our botnet research, how widespread this problem is, how we can use this to relay risk information to companies, and the several degrees of exposure and impact that this type of traffic can represent.
  • The Three Axes of Evaluating Security Analytics Solutions Recorded: Aug 10 2016 28 mins
    Dr. Matthew Williamson, Chief Threat Defense Scientist at vArmour
    The problem of detecting attackers in today’s enterprises and data centers is harder than ever. Well-funded adversaries with time and patience use techniques that blend in with enterprise activities, making accurate detection difficult. Security analytics promises to address this situation by throwing advanced math at available data sources in the enterprise, with the goal of finding the proverbial threat needle in the data haystack.

    This presentation will enable attendees to evaluate security analytic solutions, cutting through the buzzwords and hype, and providing both a deep understanding of the detection problem and a framework to evaluate solution efficacy, based on three axes: breadth, depth and control.
  • Intel & Threat Analysis – The Defensive Duo Recorded: Aug 10 2016 41 mins
    Jens Monrad, Global Threat Intelligence Liaison, FireEye; Al Maslowski-Yerges Manager, Americas Systems Engineering
    The ongoing battle with cybercrime is asymmetric. You’ve invested millions in protection technology but unknown attackers still find a way in. So how do you stay ahead of the curve?

    "The core problem is that most cyber security tools do not make a distinction between everyday malware and advanced targeted attacks. If security tools cannot tell the difference, security teams have no way of prioritizing the alerts that matter the most."

    Join Jens Monrad, Global Threat Intelligence Liaison from FireEye in this webinar that will discuss:

    •How to ensure you are responding to the alert that matters

    •Benefits of Alerts with threat Intelligence

    •Using threat intelligence to think like your attacker

    •How to apply threat intelligence, expert rules and advanced security data analytics in order to shut down threats before they cause damage

    •How security teams can prioritize and optimize their response efforts.
  • Intelligent Endpoint Security: Why Taking A Modern Approach Matters Recorded: Aug 10 2016 58 mins
    Laurence Pitt, Solution Marketing - Symantec & Robert Westervelt, Research Manager - IDC Security
    Endpoint security is a critical component in an organisation's security program and is needed to gain the visibility necessary to rapidly detect threats and contain them before criminals gain access to critical resources. But identifying custom malware and sophisticated attacker techniques requires an approach that combines existing security investments with modern defenses to protect critical corporate assets.

    In this webinar you'll learn about:

    •Why organisations of all sizes are increasingly targeted by criminals using advanced tactics and zero-day attacks designed to bypass traditional antivirus and remain stealthy on systems.

    •What technologies typically make up modern threat protection solutions, from sandboxes, advanced machine-learning, to behavioral analytics systems to quickly identify infected endpoints and determine the scope of an attack

    •Why endpoint visibility must be combined with network, web, and messaging security solutions
  • How Secure Organizations Have Their Accounts Compromised Recorded: Aug 9 2016 26 mins
    Stan Bounev, Chief Product Officer, VeriClouds
    Enterprises spend millions of dollars on cyber security tools and services, but still many of them cannot distinguish the legitimate users from the attackers with legitimate, but stolen credentials.

    Stolen credentials leak at the Dark Web. Hackers take advantage of users who reuse their passwords. This fact allows attackers to hack an organization using the "front door" instead of using vulnerabilities or direct attacks to compromise the IT infrastructure. The account security of an organization is heavily dependent on the security of the other organizations where its employees or customers have accounts.

    In this talk, you will learn how attackers are able to compromise accounts of secure organizations which do not have vulnerabilities; and as an admin, what you can do to protect your organizations from Leaked Passwords attacks. We will look at case studies of organizations whose passwords have leaked and those that took proactive measures to keep their employees’ and customers’ accounts safe.
  • Protecting Online Games from In-Game Threats Recorded: Aug 9 2016 45 mins
    Matthew Cook, Co-Founder of Panopticon Laboratories
    The activities of cheaters, hackers, and fraudsters are killing virtual worlds for online game players, publishers, and developers. This presentation outlines the tools and techniques that bad guys have adapted from other industries to attack online games, why they're so financially motivated to do so, and what the consequences of allowing them to continue to operate were for a large, international Facebook and mobile game publisher.
  • Managing Your Security Policy: 10 Actionable Tips to Help Improve Your Firm Recorded: Aug 9 2016 38 mins
    Wes Stillman, CEO of RightSize Solutions
    As today’s technology becomes more and more sophisticated, human error remains the weak point. The most state of the art security technology is still hampered by human error and lack of awareness.

    In this insightful and action-oriented session, Wes Stillman, CEO of RightSize Solutions and a leading industry thought-leader on cybersecurity will offer actionable tips that firms can implement right away to drastically improve security including:
    · Survey Your Technology Infrastructure
    · Set Up Awareness Training
    · Run a Mock Disaster Recovery
    · What is BYOD and why it’s so important

    As one of the premiere providers of IT Outsourcing to RIA Firms and the Wealth Management community, this presentation ideal for COOs, CTOs or anyone interested in understanding how effective policies and procedures can be your best line of defense for the security of your firm and clients.
  • Fast Track Your Office 365 Deployment and Beyond Recorded: Aug 9 2016 36 mins
    OneLogin Solutions Engineer Nathan and Chan Mustafa Ebadi, VP of IT & Services at SOTI
    Whether you’ve just purchased Office 365 or have been using it for a while, deploying and managing safe access to Office 365 is not simple, fast, or pleasant. It’s your job to get the most value from your application investments, and while Microsoft has tools to assist like ADFS and DirSync, they are not only cumbersome and costly to maintain, but do not meet industry standards that can be scaled across your organization. And let’s face it, you’re not just implementing Microsoft products. Can you extend ADFS beyond Office 365 in a timely matter?

    Join OneLogin and customer SOTI, a proven product innovator and EMM Industry leader in mobile consulting, for an informative webinar about deployment best practices for Office 365 integrated with Active Directory.
  • Top Tools and Solutions to Fight Data Mining Malware Recorded: Aug 9 2016 48 mins
    John Bambenek, Threat Systems Manager at Fidelis Cybersecurity
    Nearly 1 million new malware threats are released every day. The sheer deluge of unique malware samples makes it difficult for incident responders to keep up to protect their networks. Even more difficult is the task for investigators and law enforcement to keep up with the size and number of command-and-control networks and criminal operations.
    Join this presentation to learn about the solutions and tools you can employ to monitor criminal infrastructure and make it easy for incident handlers to identify problems on their network, for security analysts to protect their networks and for law enforcement to have reliable near-time information for their operations.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Don't Bloat The Hypervisor! What to Know About Introspection
  • Live at: Feb 23 2011 5:00 pm
  • Presented by: Tim Mather, Consultant & Board Member of Cloud Security Alliance (CSA)
  • From:
Your email has been sent.
or close