The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.
Global organizations need tools that create the appropriate balance between collecting relevant evidence for investigations and maintaining privacy rights. Learn how AccessData’s solutions help ensure you’re protecting data integrity and privacy throughout an investigation.
In this session, ExtraHop Deputy CISO Jeff Costlow will discuss how security operations teams can escape the cycle of reactivity characterized by constantly responding to a flood of alerts, and move toward a more proactive stance by using the right data sources and workflows, driven by network traffic analysis, to focus on developing proactive capabilities like continuous encryption auditing, policy auditing, and more advanced use cases like threat hunting.
Mikhael Felker, Director of Information Security & Risk Management for Farmers Insurance
Jeff Costlow, CISO, ExtraHop
Michael Wylie, Director of Cybersecurity Services, Richey May Technology Solutions.
CJ Breaux - Systems Engineer, Dell EMCRecorded: May 24 201950 mins
On average, it takes an organization 108 days to detect a security breach. Endpoint security solutions must work with the way employees work today. They not only need to do the job of protecting data and preventing threats, but they should also enable worker productivity – not hinder it. Join us to learn how you can prevent, detect, and respond to threats faster and more efficiently with Dell SafeGuard and Response.
Marc Rogers, Kurt Opsahi, Jon Callas, Sara-Jayne Terp, Joseph MennRecorded: May 24 201943 mins
2018 was yet another hallmark year of data breaches, and this time with them came along a new slew of consumer privacy problems. Amid the chaos looms a larger set of questions: what is our digital identity?
Who is the custodian of that information? And what rights do we, as citizens of the digital globe, have? Companies today have a wealth of knowledge beyond identifying numbers like SSNs or credit card numbers that get at the crux of who we are as individuals, such as biometrics and behavior.
So what needs to change when it comes to protecting the privacy of our most precious information – our identities?
Marc Rogers Executive Director, Cybersecurity Strategy Okta
Kurt Opsahl Deputy Executive Director General Counsel EFF
Jon Callas Senior Technology Fellow ACLU
Sara-Jayne Terp Data Scientist Bodacea Light Industries
Joseph Menn Investigative Journalist Reuters
Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't!
Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, and security expert with over 30-years experience, for this webinar where he will explore 12 ways hackers can and do get around your favorite MFA solution.
The webinar includes a (pre-filmed) hacking demo by KnowBe4's Chief Hacking Officer Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security.
You'll learn about the good and bad of MFA, and become a better computer security defender in the process, including:
- 12 ways hackers get around multi-factor authentication
- How to defend your multi-factor authentication solution
- The role humans play in a blended-defense strategy
Brandon Levene, Head of Applied Intelligence; Chronicle; Brandon Dunlap (Moderator)Recorded: May 24 201959 mins
Get a deeper look into malware campaigns using VirusTotal's newest tools. Learn from the expert how to use the platform and how best to leverage the data available to you and your security team. By better understanding the breadth and depth of malicious campaigns, researchers can better investigate and mitigate impact. Recently introduced improved relational metadata as well as expanded retroactive and proactive hunting capabilities allow investigators to dive deep into malware within a global data source.
Vicente Diaz, Artem KarasevRecorded: May 24 201955 mins
Counteracting modern cyberthreats requires a 360-degree view of the tactics and techniques used by threat actors. While the C&Cs and tools cybercriminals use change frequently, it’s extremely difficult for attackers to change their behavior and methods during an attack execution. Identifying and exposing these patterns quickly helps deploy effective defensive mechanisms in advance, disarming cybercriminals and disrupting the kill chain.
Kaspersky Lab's APT Intelligence Reporting now tracks 100+ threat actors, uncovering the most sophisticated and dangerous targeted attacks, cyber-espionage campaigns, major malware, ransomware and underground cybercriminal trends in 85 countries. Join our webinar and learn how to use our unique expertise and knowledge to enable bulletproof protection from the most damaging threats.
Does your organization successfully communicate risk across departments? Or does essential information get lost in translation? Effective communication is the ‘glue’ for a successful risk management program. Making sure every part of an organization is on the same page can be challenging when language changes from department to department.
In this can’t miss webinar, Lockpath’s, Dennis Keglovits will share his experience with communicating risk successfully across an organization, from the IT department to the executive suite.
As an attendee you’ll learn:
• Key concepts for standardizing your risk language
• Options for establishing better lines of communications
• Better communication leads to better collaboration
Oliver Lomer, Senior Marketing Manager - Sungard ASRecorded: May 24 201917 mins
When people think of disasters that disrupt business operations they often think of the extreme – major weather incidents, cyber-attacks or terrorist incidents for example – but are these really the main causes of disruption? Should businesses be focused on other threats to their operations? In this webinar Oliver Lomer dives into Sungard AS’ invocation statistics from 2018 to uncover the truth of the Disaster Landscape.
Arno Edelmann and Nathan HoweRecorded: May 24 201946 mins
Die Herausforderung der netzwerkzentrierten Sicherheit
30 Jahre lang haben Unternehmen auf netzwerkzentrierte Methoden gesetzt, um User mit dem Netzwerk und den Anwendungen darauf zu verbinden. Doch die Arbeitsweise der User hat sich gewandelt; mit dem Verlagern von Apps in die Cloud wurde das Netzwerk auf das Internet ausgeweitet. Dies macht netzwerkzentrierte Lösungen wie Remote-Access-VPN überflüssig.
Wir zeigen eine Möglichkeit, den Übergang zu User- und App-zentrierter Sicherheit mithilfe von Zscaler Private Access (ZPA) zu schaffen.
El pasado mes de septiembre, British Airways alertó unos 380.000 clientes que habían comprado billetes entre el 21 de agosto y el 5 de septiembre de 2018, de que su información personal, incluidos los datos de sus tarjetas de crédito, podría haberse visto comprometida. En este seminario virtual, explicaremos qué ocurrió y cómo un firewall de aplicaciones Web (WAF) puede evitar que le ocurra a su empresa.
Toni Gonzalez, Account Manager, Aruba & Jordi García, System Engineer, ArubaRecorded: May 24 201952 mins
En 2019, 92% de las industrias habrán adoptado la tecnología Internet de las cosas (IoT) y un 77% creen que esta transformará sus métodos de producción actuales. Pero, de que formas estas compañías implementa IOT hoy y qué expectativas tienen en el futuro? Únete a este webinar y descúbrelo.
Haris Sethi, Senior Systems Engineer, UtimacoRecorded: May 23 201945 mins
In today’s world where cashless payments are surpassing cash transactions, organizations are under pressure to make payment and data security their number one priority. Sensitive transactional payment data is a hot commodity on the dark web and hackers are always on the lookout for vulnerabilities that serve as easy targets for cyber attacks. Compromised data means compromised trust, which is why data security is so critical to business success.
Today, organizations are faced with the challenge of not just protecting customer data, but also adhering to strict data security regulations and compliance standards. Regulatory and standards bodies, along with governments are regularly publishing new requirements compelling organizations to step up their efforts in securing sensitive data. A recent example of this would be the new “key bundling” requirement released by the PCI Security Council requiring organizations to increase security for encrypted keys. Many organizations in the payments ecosystem understand that security and compliance should go hand in hand, but struggle to address both in an effective and cost-efficient way.
Register for this Utimaco webinar to learn about:
•The threats and challenges associated with payment data security
•Legacy vs New Payment use cases and the associated security implications
•Evolving payment data security regulations (laws) and standard – PCI DSS, PCI HSM, PCI Keyblocks, PSD2
•How to be secure while meeting compliance
Haris Sethi, Utimaco
Haris is a Senior Systems Engineer at Utimaco specializing in payment security, compliance and innovation. Working for Utimaco Information Security unit, Haris brings almost a decade of payment security related experience working for companies like MasterCard, Barclaycard, and Thales.
Lisa Parcella, VP of Product and Marketing and Brandon Cooper, Cyber Range Support SpecialistRecorded: May 23 201947 mins
Finding security experts is hard, but training emerging experts is becoming easier! Security Innovation’s CMD+CTRL Cyber Ranges feature intentionally vulnerable web and mobile applications that teach teams how applications are attacked by actively exploiting them, creating higher engagement and retention.
The CMD+CTRL Cyber Range suite includes several banking websites - you may have heard of ShadowBank, the original and most popular cyber range - as well as a back-office HR application, social media app , mobile fitness tracker app and our newest edition, LetSee!
LetSee is an online marketplace that lets users shop and sell a variety of hand-made and vintage goods. LetSee is also our first Single Page App (SPA) with a heavy focus on API vulnerabilities.
Come see LetSee along with our entire Cyber Range suite and get 24 hour access post-webinar to test your hacking skills with our newest application!
Scott King, Senior Director of Advisory Services at Rapid7Recorded: May 23 201960 mins
Every security leader runs into this challenge at multiple points in their career. How can you support your team and their technology needs, while ensuring alignment with the business and not overreaching to make vendor selections? This issue can easily put security leaders at odds with their teams charged with engineering and operating the technology that manages risk and enables the protection of company data and systems.
Join Rapid7’s Scott King for an interactive webcast where he will share his personal experiences as the security leader for one of America’s largest energy companies and how he navigated these potentially treacherous waters.
Rich Groves and Don Shin, A10 NetworksRecorded: May 23 201962 mins
DDoS attacks against encrypted web and application-based services continue to skirt traditional volumetric-focused DDoS defenses.
To distinguish real users from malicious bots, organizations must implement a layered defense that provides full attack spectrum protection with minimal exposure of private data for HTTP and HTTPS services.
Join our webinar to learn best practices to ensure your users have unfettered access to the applications that drive your business.
In this webinar you will learn:
• HTTP and HTTPS attack techniques
• How layered DDoS and application security pipelines can achieve DDoS resilience
• Mitigation strategies that prevent collateral damage against real users
• Techniques that minimize the expense of decrypting attack traffic
Rich Groves, Director of Research and Development, A10 Networks
Don Shin, Sr. Product Marketing Manager, A10 Networks
Marc Mombourquette and Michael Carcerano, Dell EMCRecorded: May 23 201950 mins
Enterprise Class Data Protection for Customers of All Sizes with IDPA DP4400
Existing data protection solutions targeted at the mid-size orgs sacrifice comprehensive coverage, efficiency, and support in the name of simplicity. The IDPA DP4400, including the new 8-24TB option, delivers a converged data protection solution that is the perfect mix of simplicity and power for SMB organizations and remote office/branch office (ROBO) environments. In addition, it offers the lowest cost-to-protect and is guaranteed under the Future-Proof Loyalty program.
In this webinar, you’ll learn how Dell EMC’s IDPA DP4400 is not only receiving plaudits from industry experts, but also winning the trust of new and existing customers. According to IDC, both IDPA revenue and unit shipments have grown by more than 10x from 2017 to 2018 with an annual run rate exceeding $100 million in just six quarters in the market.
The IDPA DP4400 is a turnkey data protection appliance tailor-made for mid-size organizations. It offers complete backup, deduplication, replication, recovery, search & analytics, system management—plus, cloud readiness with disaster recovery and long-term retention to the cloud—all in a convenient 2U appliance.
Come learn how your organization can benefit from all that IDPA DP4400 has to offer.
Marc Mombourquette - Product Marketing, Dell EMC
Michael Carcerano – Product Management, Dell EMC
Shawn Ryan, Sr. Product Marketing Manager, Imperva; Brandon Dunlap (Moderator)Recorded: May 23 201958 mins
Data capture, storage, and usage continues to grow at exponential rates. As a result, and in an effort to obtain operational efficiencies, many new organizations are “born in the cloud”, while for others, the migration of data and data driven business processes to cloud environments continues to escalate rapidly. The use of third party database and related cloud service offerings to support cloud and hybrid environments is also growing and evolving. However, security teams consistently report concerns with respect to the lack visibility and oversight of their data in the cloud. Typical questions being asked by CISOs are complex and not easy to answer. Join Imperva and (ISC)2 on May, 23, 2019 at 1:00PM Eastern for an examination of these questions and how to address them effectively.
NNT has integrated its award-winning Change Tracker ™ Gen7R2 with Cherwell's leading service management framework to enable a closed-loop environment for change management. Approved and authorized changes issued by Cherwell can be validated by NNT Change Tracker Gen7 R2, with a full audit trail of what actually changed and reconciled with the Change Request(s).
By leveraging NNT’s Closed-Loop Intelligent Change Control Technology, repeated or recurring change patterns can be captured and identified as either harmless or potentially harmful as well, discriminating pre-approved changes from unexpected and unwanted changes. Pre-approved changes may also be forensically profiled ahead of time in order to spot any deviations that may indicate ‘insider threats’.
This approach drastically improves the ability to spot potential breaches by reducing the “change noise”
and exposing insider and zero-day malware activity. This approach also helps enable SecureOps.
Tom Meese, Director of Client ServicesRecorded: May 23 201938 mins
Aerospike Client Services is a new suite of professional services, including a new highly innovative virtual and on-site training program - Aerospike Academy. Aerospike Client Services are designed to reduce friction and accelerate the time to value of putting applications built on the Aerospike database into a high scale production environment.
Join us on May 23th at 10am PT to hear from Aerospike Director of Client services, Tom Meese, who will cover:
-The Aerospike Client Services strategy
-Service Packages for New Customers
-Service Packages for Existing Customers
-How the Services packages can accelerate the deployment of Aerospike databases in large scale enterprise environments
Brenda Leong, Senior Counsel & Director of Strategy, FPF & Gabriela Zanfir-Fortuna, Senior Counsel, FPFRecorded: May 23 201950 mins
A discussion of how various facial detection and recognition systems operate, the privacy risks associated with different levels of identification, and the impact under GDPR. Facial recognition technology can help users organize and label photos, improve online services for visually impaired users, and help stores and stadiums better serve customers. At the same time, the technology often involves the collection and use of sensitive biometric data, requiring careful assessment of the data protection issues raised. Understanding the technology and building trust are necessary to maximize the benefits and minimize the risks.
Equally relevant is the need to expand stakeholders’ awareness and understanding of the many types of facial scanning systems, as well as the impact of accuracy differences among the many systems available today.
It is important to understand the distinctions between facial detection systems (which, when properly designed neither create nor implicate any Personally Identifiable Information) with full-scale facial identification programs (matching a person’s image to a database in order to identify the individual to a store clerk or stadium employee who otherwise wouldn’t recognize them).
The consumer-facing applications of facial recognition technology continue to evolve, and the technology will certainly be used in new ways in the future, and the legislative environment under GDPR must consider how such uses should be implemented to protect consumer privacy rights.
Sohini Mukherjee, Security Analyst & Andres Martinson, Sr. Security Engineer, AdobeRecorded: May 23 201950 mins
An enterprise has a diverse environment (cloud instances, servers, workstations) in which to try and detect potential security incidents. The ability of an incident response team to work quickly and at necessary scale is imperative when incidents do unfortunately occur. After an initial compromise, attackers often move laterally in an environment, trying to establish a foothold and escalate privileges. While they try to remain stealthy, they almost always leave behind footprints. Detecting and analyzing these footprints quickly and accurately to scope the issue is critical.
This webcast will explore a scalable approach developed by the Adobe security team that relies on open source tools like OSQuery. The goal was to develop techniques that can be leveraged to more quickly and easily investigate large groups infrastructure components for initial triage, basic forensic analysis, and to also help proactively detect threats. Attendees will learn about the techniques we developed that they can then go apply to their own environments to help with their incident response efforts in the cloud.
Wes Purvis and Gene SawyerMay 27 20198:00 amUTC69 mins
The cloud brings a variety of benefits to network management – from simplified configuration to faster troubleshooting. But, not all clouds are created equal.
In the past 10+ years, new technologies like microservices and AI have emerged that have made first-generation cloud platforms obsolete.
Join us for a deep dive into both the Mist and Meraki solutions, comparing/contrasting how you can leverage the different cloud architectures to do the following:
-Deploy access points simply and quickly
-Roll out new features on an ongoing basis
-Monitor and optimize the wired/wireless user experience
-Proactively troubleshoot problems
-Collect and use detailed analytics
Andre Priebe, CTO, iC Consult GroupMay 27 20191:00 pmUTC60 mins
Kunden Identity und Access Management und API-Management - Eine symbiotische Beziehung
Customer Identity & Access Management und API Management sind als Business Enabler bekannt. Aber in Kombination sind sie sogar mehr als die Summe ihrer Teile.
Erfahren Sie, wie digitale Identitäten Ihrer Kunden und Ihrer APIs das digitale Ökosystem Ihrer Kunden infiltrieren, um sie noch stärker an Ihr Unternehmen zu binden. Verstehen Sie, warum die Weitergabe von Kontrolle an Dritte und externe Entwickler der Schlüssel zum Erfolg dieses Ansatzes ist und dass die Einhaltung von Standards Voraussetzung dafür ist.
Die zentralen Thesen:
· API-Management ist die Schlüsseltechnologie, um Teil des digitalen Ökosystems Ihrer Kunden zu werden
· Wichtigste Akteure einer API-Management-Lösung sind externe Entwickler
· Customer Identity & Access Management und API Management beschleunigen sich gegenseitig
Edwin Yuen, Anne McCarthy, Stephen LuedtkeMay 28 20194:00 amUTC31 mins
Artificial intelligence and machine learning are the latest buzz words – but what does it actually mean to you and what should you do about it? Watch this webinar to hear ESG analyst Edwin Yuen and our Splunk experts discuss:
● AI & ML trends
● Benefits of leveraging AI & ML
● Barriers to adoption and how to overcome them
● AI & ML approaches – what’s right for you?
Encrypting data-in-transit with SSL/TLS is standard practice among organisations today. Important security initiatives, such as built-in web browser warnings and stronger legislative GDPR changes, have significantly improved privacy awareness and helped to prevent data breaches. However, cybercriminals commonly hide threats within encrypted payloads and use encrypted channels to propagate malware and exfiltrate data, knowing they can bypass traditional security inspection solutions.
Join us for this webinar to learn about:
- Challenges with encrypted traffic and risks to businesses
- How to efficiently decrypt and orchestrate traffic to reduce latency
- How to intelligently manage decryption and re-encryption across your entire security inspection solutions (IPS, NGFW, DLP, WAF, Anti-Malware, etc.)
Geoffrey Hughes, Capgemini, Former CISO, Architect, Compliance Officer, Karen Crowley, Sr. Product Marketing Manager, TufinMay 28 20196:00 amUTC51 mins
Join us on May 28th at 2pm SGT/4pm AEST to hear Capgemini talk about the challenges of improving operational efficiency in the age of increasing network complexity and digital transformation.
Former CISO, Security Architect and Compliance Officer, Geoff Hughes of Capgemini will address:
Why organisations struggle to deploy automation at scale
Best practices for getting started with automation
The role application security plays in digital transformation
Register now for this 30-minute discussion to learn how you can improve operations and meet business agility goals with automation.
Kasey Cross, Sr. Product Marketing Manager and Bryan Lee, Unit 42 Principal Researcher,May 28 20199:00 amUTC60 mins
You can locate and stop attackers from within your infrastructure if you know what to look for – and if you can get out of your own way.
To predict common attack tactics like use of stolen credentials, learning your organization’s topology and managing compromised systems from the internet, you need a new way to detect, investigate and respond.
Watch the webinar with Bryan Lee, Unit 42 principal researcher, and Kasey Cross, senior product marketing manager, to learn:
* Five tactics attackers often use to find, access and steal data
* Best practices to detect and stop sophisticated attacks
* Real-world examples of highly evasive as well as low-and-slow attacks
You’ll learn how to identify and stop attackers by removing security silos, automating and stitching together all network, endpoint and cloud data, and moving from labor-intensive, manual tasks to automated processes with Cortex XDR™ detection and response.
Join us and learn how to identify and stop attackers by removing security silos, automating and stitching together all network, endpoint and cloud data, and moving from labor-intensive, manual tasks to automated processes with Cortex XDR™ detection and response.
Patrick Grillo, Senior Director, Security Solutions, FortinetMay 28 20199:00 amUTC45 mins
When something is so fundamentally part of something else, it’s difficult to imagine them not being mentioned in the same breath. All too often however, networking and security are not.
Whether for historical or organisational reasons, security is typically layered on top of the network with little to no integration between them. While you can say that there is security in the network the open question is “How Effective is it”.
This session will focus on an architectural approach where the network and security are fully integrated rather than layered, eliminating weak links in the security chain and provide consistent end to end protection and visibility.
Brett Raybould, Solutions Architect, Menlo SecurityMay 28 20199:00 amUTC60 mins
Protecting organisations from web threats has typically been done with a proxy or DNS solution, but a new approach has emerged.
Isolation defends against today’s sophisticated zero-day exploits using an “air-gapped” browsing approach.
Identified by Gartner as “one of the single most significant ways to reduce web-based attacks,” remote browser isolation has become an important line item in IT budgets around the world. But not all Isolation is created equal. With so many offerings how do you weed through the noise?
Join us and Menlo Security to learn:
- Why remote browser isolation technology adoption is on the rise
- Key use cases for Isolation that should be evaluated
- 3 critical requirements when selecting a practical browser isolation solution
Ramses Gallego, Giampiero Nanni, Damase Tricart, SymantecMay 28 20199:00 amUTC45 mins
Companies still working to get their digital houses in order to comply with rules that offer promise of better governance and more transparency. Join Symantec experts and ask the questions that matter.
Mélissa Lafitte (Cloudi-Fi) & Ivan Rogissart (Zscaler)May 28 20199:00 amUTC60 mins
Plus qu’un accès rapide et sécurisé à Internet, offrez de la valeur à vos visiteurs grâce au partenariat innovant entre Cloudi-Fi et Zscaler.
Zscaler et la pertinence du modèle pour le retail
• Pertinence du modèle Cloud Security pour le vertical Retail
• Evolution des infrastructures Retail vers Zero Trust pour les Shops/Stores
• Présentation de l’écosystème Zscaler
Cloudi-Fi et la phygitalisation des points de vente à travers le smartphone
• Introduction au Phygital
• Réinventer le WiFi pour offrir une expérience omnicanale réussie
• Présentation de la technologie Cloudi-Fi
Rejoignez-nous pour ce webinaire de 45 minutes, qui vous permettra de découvrir comment les solutions conjuguées de Zscaler et Cloudi-Fi peuvent vous aider à améliorer et sécuriser l’expérience phygitale de vos clients.
Ce webinaire sera présenté par Mélissa Lafitte (Cloudi-Fi) et Ivan Rogissart (Zscaler)
Steve Caltagirone, Dell EMC’s EMEA Product Line Manager for Data ProtectionMay 28 201910:00 amUTC60 mins
Organizations today, especially small- and medium-sized businesses and ROBO environments, are faced with increased complexity data growth, application diversity, increased numbers of users, and resource constraints – driving the need for solutions that enable them to do more with less. Dell EMC – understanding the needs of SMB and ROBO – has just announced the availability of an 8-24TB version of its popular Dell EMC Integrated Data Protection Appliance (IDPA) DP4400. This lower capacity version of IDPA DP4400 is ideal for smaller organizations and remote offices and still allows the ability to grow in place up to 96TB.
The IDPA DP4400 is a converged, integrated data protection appliance: It offers complete backup, deduplication, replication, recovery – plus, cloud readiness with disaster recovery and long-term retention to the cloud - all in a convenient 2U appliance. All these features are now available in 8 TB-24 TB Usable Capacity.
Join the webcast & hear from Steve Caltagirone, Dell EMC’s EMEA Product Line Manager for Data Protection how you can benefit from the recently launched Dell EMC Entry Level IDPA.
Mollie MacDougall, Threat Intelligence Manager, David Mount, Product Marketing, Cofense, Brandon Dunlap, Moderator, (ISC)²May 28 201912:00 pmUTC60 mins
Despite investment in next-gen technologies and employee awareness training, phishing threats continue to become more sophisticated and more effective. It’s time for organisations to accept that REAL phish are the REAL problem. Join the Cofense Phishing Threat Landscape review to discover the trends defining phishing in 2019 and priorities for defending your organisation going forward.
Attend this webinar to learn how attackers are:
•Using major malware types and their innovative tactics, techniques, and procedures
•Intensifying credential theft as organizations move infrastructure and applications to the cloud
•Evolving Emotet and the threat actors behind the botnet
•Increasing proliferation of sextortion phishing emails
We’ll examine the obvious changes in the phishing threat landscape, plus look ahead at trends shaping 2019.
Mission Critical InstituteMay 28 20191:00 pmUTC41 mins
Learn how to analyze exam answer choices so you can select the best answers.
In Clinic #4, you will learn tactics for analyzing the answer choices and then selecting the “best answer”. Often there is no “right” answer and you need to eliminate the less likely answers.
If you want to pass your CISSP Exam the first time, you’ll want to attend and then review this series of five live online CISSP Exam Prep Clinics. In these five valuable CISSP exam clinics you will learn about:
• The new CISSP exam format, the “adaptive exam format”
• How hands-on labs will help you prepare for your exam
• Tactics to select the best answer for each question
• How to get your employment endorsement and what happens if you need more experience
These five Clinics include tips for all 8 CISSP domains covered in the exam.
Neil Briscoe - CTO Cloud GatewayMay 28 20191:00 pmUTC60 mins
As the evolution of cloud technologies and providers jostle for position in their respective USPs, many enterprises are opening their eyes to multicloud to leverage the best-of-breed to cover all aspects of their business and IT needs. Along with this, we tend to create a trust boundary between either (a) the cloud and the user on the internet (b) the cloud and users on the enterprise network in hybrid architectures. But what about the inter-cloud security considerations, potential threats, disparate support teams and governance? In this session, we discuss some real-life scenarios, potential issues and solutions.
Andre Priebe, CTO, iC Consult GroupMay 28 20192:00 pmUTC60 mins
Customer Identity & Access Management and API Management - A symbiotic relationship
Customer Identity & Access Management and API Management are known as business enablers. But, in combination, they are even more than the sum of their parts.
Learn how the digital identities of your customers and your APIs infiltrate your customers’ digital ecosystems to further engage them with your business. Understand why sharing control with third parties and external developers is essential to this approach, and why compliance with standards is a prerequisite.
- API Management is the key technology allowing you to become part of your customers’ digital ecosystems
- External developers are the key players in an API Management solution
- Customer Identity & Access Management and API Management accelerate each other
Gary Richardson, MD, Emerging Technology, 6point6 ; Aaron Regis, Solutions Engineer, DataStaxMay 28 20193:00 pmUTC60 mins
Building on the FCA/PRA discussion paper of July 2018, operational resiliency is now one of the 5 key priorities for the UK regulators for 2019/2020 as published in their annual business plans on 17 April 2019.
"Technology is integral to the delivery of financial products and services. It is evolving more rapidly than ever before, bringing significant benefits for consumers, market participants and the wider economy. The disruption from technology outages and cyber-attacks is an ongoing challenge and cyber-enabled fraud is a focus of the Government’s economic crime reform agenda. The potential for harm is increased by complex and ageing IT systems, increasing use of third-party service providers and complexity of changes to systems and processes. " - FCA Business Plan 2019/2020
Join 6point6 and DataStax as we explore how architecting and delivering the operationally resilient bank can be achieved by focusing on architecting and designing for failure, legacy workload offloading onto modern resilient data fabrics and adopting a multi cloud hybrid approach delivers value for the bank and ultimately benefits customers.
Gary Richardson, MD, Emerging Technology, 6point6
With over 17 years’ of consulting experience, Gary leads a team of data scientists and data engineers in the agile development of Blockchain, AI and Machine Learning solutions. The focus of the team is bringing a collaborative approach to analytics, underpinned by machine learning and data engineering. He believes mainstream business adoption of AI solutions are the key to accelerating innovation enabling businesses to compete, reduce cost and ensure compliance.
Aaron Regis, Solution Architect, DataStax
Aaron previously worked as a Solutions Engineer in the Cyber Threat Analytics space and as a Technical Consultant implementing Financial Crime Detection software in the Financial Services sector. He is passionate about technology particularly Database technology.
Brian Shimkaveg Account Manager in Intelligence Middleware, Red HatMay 28 20193:00 pmUTC22 mins
A key competitive advantage of the U.S. Intelligence Community (IC) is the use of powerful, innovative mission applications delivered to analysts on reliable and robust technology platforms. Unfortunately, legacy systems and processes may hinder their ability to adapt quickly to new threats and build capabilities to accommodate unknown future threats critical to our nation's security. This webinar will highlight 5 imperatives the IC must adopt including modern application development methodologies that will help transform its IT and compete with its adversaries.
Red Hat has a unique understanding of the IC given our global customer reach and on-site security-cleared associates. Red Hat® software helps customers create and sustain thousands of enterprise applications critical to businesses, institutions, and governments.
Join this webinar where we’ll cover:
- Establishing and enact high standards
- Rethinking acquisition and operations and maintenance (O&M)
- Respecting the dev, trusting the ops
- Getting modern stay modern
- Owning your outcome
Organizations in and outside the EU had to take significant measures to revisit the way they stored, shared and processed personal data in preparation to the entry into force of the General Data Protection Regulation (GDPR) on 25 May last year. However, compliance with the GDPR is not a tick box activity, it requires continuous evaluation of data flows in and outside the company.
This webinar brings together Daniele Catteddu, Chief Technology Officer of the Cloud Security Alliance (CSA) and Istvan Lám, CEO of Cloud encryption company, Tresorit to discuss the key learnings since the GDPR entered into force with focus on data breach prevention and mitigation.
The speakers will reflect, in particular, on the following aspects:
- Key learnings from data breach notifications & fines imposed so far
- Best practices for breach detection and reporting
- Challenges regarding the assessment of the severity of personal data breaches
- The most common types of data breaches and how to mitigate their impact
- Assessment of real-case data breaches, determination of what went wrong, and discussion on the implications for compliance with the GDPR going forward
Bassam Kanh, VP - Product and Technical Marketing at GigamonMay 28 20194:00 pmUTC15 mins
This presentation highlights the importance of having web traffic visibility and ensuring that your tools can keep a watchful eye over the whole of your network using technology from Gigamon and nCipher.
At the end of the day it is not about the technology that runs the system but the humans that detect, respond, and or are co-opted to circumvent it. This session will provide insight into attacks as well as the human breach interactions.
Jason Dobies & Marcus HesseMay 28 20195:00 pmUTC60 mins
How to Accelerate Business Agility with Zero Trust Security Posture
Kubernetes-orchestrated microservices and containers is a boon for business agility. By enabling a more agile and distributed software architecture, Kubernetes allows businesses to release new features and capabilities faster than ever before. Red Hat OpenShift is the enterprise choice for a supported Kubernetes release.
Distributed software architectures require a new approach to security. Aporeto secures all workloads on any infrastructure with identity-based access control, making it the enterprise choice for visualizing and protecting Kubernetes-orchestrated applications on hybrid infrastructures.
Together, Red Hat OpenShift and Aporeto Identity-Powered Cloud Security enable organizations to achieve greater agility while implementing a Zero Trust security posture.
Join this webinar to learn:
- Security benefits of using Aporeto in Red Hat OpenShift
- Benefits of adding open ID connect (OIDC) to any web service with Aporeto
- Understanding the future of Red Hat OpenShift 4
Jason Dobies, Red Hat
Jason has 18+ years of experience as a software engineer,12 of those being his time at Red Hat. He is currently working as a Principal Technical Marketing Manager on the Cloud Platforms team where he provides direction and technical advice for applications integrating with OpenShift. Prior to that, Jason's experience includes being a core contributor on multiple OpenStack projects and leading the Red Hat Satellite content management project.
Marcus Hesse, Aporeto
Marcus is an Open Source and Security Enthusiast, and a DevOps Engineer with 15 years of experience. Before joining Aporeto as a Principal Engineer, and driving forward the Kubernetes and Layer 7 development and integration efforts, he worked in FinTech, helping to modernize application deployments. As a previous Aporeto customer, he knows Aporeto can be paramount to achieve security and compliance in Kubernetes environments.
Tim Vanevenhoven (Aruba), Jake Dorst (CIO, Tahoe Forest Health System)May 28 20195:00 pmUTC60 mins
Join us May 28th, 10am PDT to hear Tahoe Forest Health System CIO, Jake Dorst, share how they have worked with Aruba to strengthen their IT network infrastructure and save money with the goal of improving patient care. Attend and you could qualify for a FREE Access Point and a 90-day trial of Aruba's network cloud-management solution, Aruba Central.
Tod Beardsley, Research Director at Rapid7 and Jon Hart, Principal Security Researcher at Rapid7May 28 20196:00 pmUTC48 mins
Java Serialized Objects (JSOs) are a mechanism to allow for data exchange between Java services. Because they also give attackers a stable and reliable vector for gaining remote control of systems running Java applications, they are increasingly responsible for vulnerabilities and public exploits against internet-accessible services. Join Tod and Jon as they discuss the exposure of Java Serialized Objects and the recent uptick in vulnerability research around JSO exploitation, culminating in Rapid7’s most recent research report, Java Serialization: A Practical Exploitation Guide.