Hi [[ session.user.profile.firstName ]]

IT Security

  • 2019년 클라우드 보안 위협 보고서: 최신 클라우드 보안 동향 파악
    2019년 클라우드 보안 위협 보고서: 최신 클라우드 보안 동향 파악
    김봉환 상무 , 시만텍코리아 SE 본부 Live 60 mins
    현재 클라우드 보안이 현실에 올바르게 대응하고 있다고 생각하십니까?

    시만텍은 클라우드 보안 환경에 대한 인식과 관련하여 전 세계 보안 의사 결정자를 대상으로 설문 조사를 실시하고, 그 결과를 시만텍이 모니터링한 경험적 데이터 소스와 비교했습니다.

    클라우드 보안 전문가들이 함께하는 웹 세미나에 참여하십시오. 김봉환, 시만텍 수석 시스템 엔지니어링 관리자가 아래와 같은 내용을 논의합니다.

    • 2019년 클라우드 보안 위협 보고서의 주요 내용
    • 보안 위협 관련 실제 사례와 클라우드 보안에 대한 인식이 갈수록 진화하는 클라우드 보안 위협에 적절하게 대응하는지 여부
    • 제로 트러스트 보안 아키텍처를 통해 갈수록 확장되는 공격 범위에 대응하고 베스트 프랙티스 구현을 지원하는 방법
  • The Risks From Unsecured Networks (APAC)
    The Risks From Unsecured Networks (APAC)
    Jonathan Barnett, Sales Engineer Recorded: Aug 21 2019 19 mins
    ** This is an APAC focused webinar **

    More than 88% of malware trying to enter your network can be stopped with a DNS filtering solution. These allow admins to take back control of their network, securing all devices, preventing internet misuse, and improving productivity. A filtered DNS solution is capable of blocking DDoS attacks, botnets, cache poisoning, and other threats.

    In this webinar, we’ll discuss the importance of network security and how Webroot® DNS Protection can benefit your business and protect against attacks.
  • How to Fix Cybersecurity - From Patching Leaks to Building Better Dams
    How to Fix Cybersecurity - From Patching Leaks to Building Better Dams
    Tatu Ylonen, Founder & SSH Fellow, SSH Communications Security, Inc. Recorded: Aug 20 2019 59 mins
    This talk will address how we need to develop and configure systems and software to eliminate common forms of malware and exploits. It is an engineering challenge that requires substantial change in tools and how we write applications and operating systems and how we design hardware. None of it is rocket science, but the pieces must be put together.

    Viewers will learn about:
    - Attack vectors and hidden risks
    - How to build better dams, rather than trying to patch every leak and crack

    Do we want our dams to be strong and safe, or is it more important to ensure that we can easily blow up the dams of any opponents, even if ours will break too? As a society increasingly living downstream of the dams, building better dams is a matter of survival.

    Presented by a 20+ year security pioneer and inventor of SSH (Secure Shell, the de facto standard for system administration) and the principal author of NIST IR 7966 (guidelines for managing SSH access).
  • The Importance of Risk Management Solutions in the “Age of the Breach”
    The Importance of Risk Management Solutions in the “Age of the Breach”
    Matt Duench, Product Marketing Manager, Arctic Wolf Recorded: Aug 20 2019 33 mins
    As you read this, a business somewhere is falling victim to a new cyberattack and potentially losing millions of dollars. That’s because on average it takes hackers only a week to exploit new vulnerabilities, while businesses take four months to patch them. Don’t let your company be next.

    Attend this important webinar on vulnerability assessment and risk management where security expert Matt Duench from Arctic Wolf examines the challenge of breaches, how they happen, and what you can do to stop them. Find out:
    - Why the cybersecurity skills shortage leaves companies especially vulnerable
    - How to extend your perimeter security with risk management
    - How a SOC-as-a-service provides comprehensive security for companies of every size
  • Find and Fix the Vulnerabilities Posing the Greatest Risk to Your Business
    Find and Fix the Vulnerabilities Posing the Greatest Risk to Your Business
    Gavin Millard, Vice President, Product Marketing, Tenable Recorded: Aug 20 2019 38 mins
    According to recent polling, 80% of infosec professionals want an efficient and effective way to prioritize vulnerabilities based on risk. Of those polled, 50% are attempting to risk rate vulnerabilities, but finding the process really hard.

    Tenable is resolving the vulnerability prioritization challenge with a new process we call Predictive Prioritization.

    Join us at 2pm ET, August 20, 2019 to learn more about the data and computer science behind Predictive Prioritization by attending the webinar: " To Reduce Cyber Exposure, Find and Fix the Vulnerabilities that Matter Most."

    Topics covered will include:

    * How to overcome the limitations of CVSS scoring for risk rating vulnerabilities

    * How you can effectively identify the vulnerabilities that will most likely be exploited in the near term

    * Ways to dramatically improve your remediation efforts by focusing on the the highest risk vulns

    * Answers to your questions during live Q&A

    All IT and infosec professionals responsible for ensuring the efficient and effective delivery of vulnerability management programs are encouraged to attend this webinar.

    Save your spot. Register now.
  • Prep Your Business to Face 2019’s Most Advanced Cyber Threats
    Prep Your Business to Face 2019’s Most Advanced Cyber Threats
    Brook Chelmo, Senior Product Marketing Manager, SonicWall Recorded: Aug 20 2019 38 mins
    The speed and progression of the cyber arms race requires a constant, detailed and unwavering commitment to threat analysis.

    Reserve your spot to gain a better understanding of what’s at stake as we explore:

    •New intelligence on shifts in malware and ransomware strategies
    •Insight on changes to cryptojacking attacks
    •Overview of record-breaking IoT malware
    •Shocking spikes in encrypted threats
  • Achieve Development Speed and Code Quality with Behavior Testing
    Achieve Development Speed and Code Quality with Behavior Testing
    Dr. David Brumley Recorded: Aug 20 2019 41 mins
    Join Dr. David Brumley, CEO of ForAllSecure, as he shares a proven method known as behavior testing for achieving both development speed and code quality. In this session, viewers will learn:
    -How to add continuous behavior testing to their shift-left strategy.
    -How behavior testing can help organizations not only develop quickly and securely, but also manage inherited risk from developers’ software supply chain.
    -Real-world use cases on how behavior testing is used to secure Dockerized applications.
  • Increase Network Resilience and Optimize Uptime with Inline Bypass
    Increase Network Resilience and Optimize Uptime with Inline Bypass
    John Lehane Senior Product Marketing Manager, Gigamon, Haider Jarral Technical Marketing Engineer, Gigamon Recorded: Aug 20 2019 37 mins
    IT teams are adding newer and more Digital Transformation capable tools. Deployment agility and network resiliency are primary concerns. Inline appliances present potential points of failure in the network. Whether due to a power outage, software malfunction, or processing bottlenecks, failing inline tools can disrupt the very applications and services they are meant to protect.

    With bypass protection, traffic continuity can be maintained as new tools are deployed and tools outages occur.

    Join us to learn how the Gigamon Visibility Fabric with Inline Bypass can enhance the day-to-day operations for Network Operations teams. Topics covered include;

    • Enhancing Infrastructure resiliency and availability
    • Reducing operating and monitoring Costs
    • Improved operation efficiencies and cooperation between IT teams
    • Step by step GUI configuration examples
  • The New Age of Multi-Factor Authentication
    The New Age of Multi-Factor Authentication
    Lysa Myers & Cameron Camp, Security Researchers Recorded: Aug 20 2019 52 mins
    Trying to navigate the stormy seas of multi-factor authentication (MFA) to find the “killer app” both you and your organization can use to bolster security? In this webinar, we look at:

    - The various factors of authentication
    - Factor vs “steps”
    - Considerations in choosing a factor
    - The various technologies that people are using
    - What seems to be working

    Whether you’re pondering Near Field Communication (NFC) ninja tech for your smart phone, or those new biometric doo-dads that verify you based on the smell of your ears (really), we can help you sort out what might work for you and what would be crazy to implement. And as a bonus: this tech will all keep you far safer that your plain old password ever did.
  • Modern Streaming Data Stack with Kinetica & StreamSets
    Modern Streaming Data Stack with Kinetica & StreamSets
    Matt Hawkins - Principal Solutions Architect - Kinetica | Mark Brooks - Solutions Architect - StreamSets Recorded: Aug 20 2019 60 mins
    Enterprises are now faced with wrangling massive volumes of complex, streaming data from a variety of different sources, a new paradigm known as extreme data. However, the traditional data integration model that’s based on structured batch data and stable data movement patterns makes it difficult to analyze extreme data in real-time.

    Join Matt Hawkins, Principal Solutions Architect at Kinetica and Mark Brooks, Solution Engineer at StreamSets as they share how innovative organizations are modernizing their data stacks with StreamSets and Kinetica to enable faster data movement and analysis.

    During this webinar, we will discuss:

    -The modern data architecture required for dealing with extreme data
    -How StreamSets enables continuous data movement and transformation across the enterprise
    -How Kinetica harnesses the power of GPUs to accelerate analytics on streaming data
    -A live demo of StreamSets and Kinetica connector to enable high speed data ingestion, queries and data visualization
  • Security Tool Misconfiguration and Abuse
    Security Tool Misconfiguration and Abuse
    Thomas Richards, Network and Red Team Practice Director Recorded: Aug 20 2019 40 mins
    As any security program matures, it will use tools and techniques to automate processes to improve the security posture of the organization. This includes asset management and discovery, patch management, deploying software, and vulnerability discovery. However, if these tools are improperly configured, they can lead to a total compromise of your network by an attacker. In this talk we will go over a few case studies of abusing these tools while on penetration tests as well as remediation methods to prevent these attacks from occurring.
  • Unified IT-OT Security Management: Strengthening Critical Infrastructure Defense
    Unified IT-OT Security Management: Strengthening Critical Infrastructure Defense
    Terry Olaes, Sales Engineering Lead, Central US Skybox Security Recorded: Aug 20 2019 56 mins
    Critical infrastructure — from energy production to manufacturing to public utilities — is becoming a more prevalent attack vector for nation-state threat actors as well as the common cybercriminal. These attackers are frequently exploiting the interconnectedness of IT and operational technology (OT) networks, finding their foothold in the disconnect between their security management.

    In response, many organizations are looking to unify and align their IT-OT security programs to better understand and tackle cyber risks in both environments. In this session, Skybox Security SE Terry Olaes will cover what challenges to expect in this an endeavor, and how to use comprehensive visibility and contextual intelligence to overcome them.

    In this webinar, you will learn:
    - What are the inherent risks to OT security and how the continued integration with IT impact risk in both environments
    - What are the key concerns for IT and OT security teams and how can they can align to improve security throughout the organization
    - Which elements and capabilities needed to gain seamless visibility of on-prem, cloud and OT networks
    - How to use modeling and analytics to put risk in the context of your attack surface and effectively prioritize response
  • Optimize Phishing Detection and Response with LogRhythm and Office 365
    Optimize Phishing Detection and Response with LogRhythm and Office 365
    Randy Franklin Smith (UWS) | Greg Foss (LogRhythm) Recorded: Aug 20 2019 77 mins
    Today’s hackers often favor the phishing email as their weapon of choice. Phishing attacks are not only common, but are also very difficult to defend against. What if you could detect and mitigate a phishing attack before its intended target clicks on that fatal link or opens that malicious attachment?

    When your Exchange server is in the Office 365 cloud, solutions such as constant inbox scanning or relying on synchronous mail flow aren’t viable options. Instead, you can find a strong defense against phishing emails in the Message Tracking log in Exchange.

    The Message Tracking log is available in both on-prem Exchange and Office 365 Cloud’s Exchange Online. Message Tracking logs include valuable information about the client, servers, sender, recipients, message subject, and more. If you can access this information and know how to mine it, you can detect likely phishing emails.

    In this webinar, you’ll learn how to:

    - Recognize the format of message tracking logs
    - Pull message tracking logs from Office 365 using PowerShell’s Get-MessageTrackingLog cmdlet
    - Work through a list of checks to perform against message tracking events to detect phishing emails
    - Move suspect emails to a sandbox where you can use analysis tools like PhishTank, ThreatGRID, or OpenDNS
    - Remove copies of phishing emails from other recipients
    - Automatically detect and respond to phishing attacks with no analyst intervention
    - To optimize your phishing response efficiency, LogRhythm has introduced a new open-source Phishing Intelligence Engine (PIE). PIE is a PowerShell framework focused on phishing attack detection and response.

    Register for the webinar now to learn how you can use LogRhythm’s PIE and Office 365 to better detect and respond to phishing attacks.
  • (ISC)²’s Digital Transformation Journey - Part 2
    (ISC)²’s Digital Transformation Journey - Part 2
    Bruce Beam, (ISC)²; Beth Paredes, (ISC)²; Sommer Hess, (ISC)²; Brandon Dunlap (Moderator) Recorded: Aug 20 2019 58 mins
    (ISC)² recently completed our multi-year Digital End-to-End Transformation (DETE) project, which positions us to deliver a more a seamless and user-friendly experience to all members. In addition to revamping our online presence, we launched a new Learning Management Systems where members can access all the courses developed by our Professional Development Institute. In Part 2 of the (ISC)² Digital End-to-End Transformation (DETE) will examine how (ISC)² executed the plan for the project, following the AGILE Project Management framework and the buy-in and support from other departments and stake holders within the organization. Additionally, there was board governance and oversight to contend with. Join Bruce Beam, CIO; Beth Paredes, Sr. Corporate Member Services Manager; and Sommer Hess, Director PMO, Quality and Training on August 20, 2019 at 1:00PM Eastern for a discussion on these items and the speed bumps that were run into on this project.
  • Defending Your Network – Practical Advice
    Defending Your Network – Practical Advice
    Alex Holden, CISO, Hold Security Recorded: Aug 20 2019 61 mins
    We invest a lot of time, skill, and technology into our defenses yet the hackers are still successful. What lessons can we learn from the recent attack techniques and breaches to make our networks less vulnerable?
  • How Machine Learning is Taking Cyber Security Teams to the Next Level
    How Machine Learning is Taking Cyber Security Teams to the Next Level
    Tom Cignarella, Director, Security Coordination Center (SCC) at Adobe Recorded: Aug 20 2019 43 mins
    Ten years ago, security leaders couldn’t wait to tell you about their cutting edge use of Linux – nowadays, that’s considered table stakes. Today, the big buzzwords are AI and machine learning – and for good reason. With the computational power we have today, we can apply straightforward math tricks to data and surface insights that are not only interesting and valuable but also may not have been possible five or ten years ago – helping us become faster, more effective and increasingly innovative in our approach to defending systems from the evolving threat landscape we face today.

    While the excitement around machine learning is deserved, Tom believes that much like Linux, it will eventually be something everyone in security is doing. In this webcast, Tom will outline how machine learning fits into the broader cyber security toolbox as a tool to augment – not replace – security teams, surfacing data-based insights and automating mundane, time-consuming tasks to free up precious security analysts time. He’ll also include key learnings from Adobe that security organizations should keep in mind as they explore machine learning, including the type of talent needed to succeed and the importance of good data.
  • Transformation towards digital and automated ordering process
    Transformation towards digital and automated ordering process
    Katherine Gilbert-O'Neil, Anand Sagar- Wipro | Neil Becker, Lokesh Verma- Apttus Recorded: Aug 20 2019 65 mins
    Wipro and Apttus on Cognitive Commerce & CPQ
  • Level Up with Dell Technologies
    Level Up with Dell Technologies
    Paul Zonfrillo and Mark Green, Strategic Pathways and Neil Swoyer, Dell EMC Recorded: Aug 20 2019 5 mins
    Are you an IT professional looking to get more of your initiatives funded?
    •Level Up teaches attendees how to connect your technology strategy to business outcomes.
    •Learn how to craft and deliver an effective pitch to business executives
    • Elevate the perception of IT within the business
  • How To Gain Board of Director Support For Cybersecurity Initiatives
    How To Gain Board of Director Support For Cybersecurity Initiatives
    24by7Security, Inc Recorded: Aug 20 2019 40 mins
    When a company makes their case to the Board of Directors and C-Suite, they don’t always seem to appreciate the urgency and often turn down your request for funding. As such, there must be a better way to gain Board and C-Suite support. Hear directly from Michael Orenchuk, Principal of 24by7Security, discuss how the Board of Directors interest in cybersecurity is increasing and how regular discussions with the Board has started to increase.

    CPE/ CEU Credits: You may be eligible for CEUs or CPE credits at some professional associations by attending this webinar. Please check with your professional association and its policies to see if you may apply for CEUs or CPE credits for this webinar. You can download a certificate of completion from BrightTALK after viewing the entire webinar.
  • Driving Increased Productivity with Your Vulnerability Management Program
    Driving Increased Productivity with Your Vulnerability Management Program
    Tori Sitcawich, Product Marketing Manager, Rapid7 Recorded: Aug 20 2019 46 mins
    In today’s world, security teams are faced with challenges that can oftentimes hinder the productivity of their vulnerability management programs. These challenges include working with operations teams, demonstrating ROI to leadership, and finding ways to accelerate remediation. In this session with Rapid7, learn about best practices to overcome these challenges and improve collaboration, communication, and overall productivity.

    We’ll cover:
    1. How to break down organizational silos
    2. How to track meaningful progress and build effective reports for leadership
    3. How to effectively make automation a part of your day-to-day remediation workflow
  • Live Demo: Proofpoint Security Awareness Training
    Live Demo: Proofpoint Security Awareness Training
    Sean Walker, Enterprise Account Executive Recorded: Aug 20 2019 31 mins
    Engage your end users and arm them against real-world cyber attacks using personalized training based on our industry-leading threat intelligence. Instead of wasting time with one-size-fits-all content, we help you deliver the right training to the right people at the right time.
    Join us for a live demo of Proofpoint Security Awareness Training to see for yourself! 

    You'll learn how to: 
    - Assess your users’ susceptibility to phishing attacks and knowledge of cybersecurity beyond the phish
    - Deliver customized training to your end users to drive behavior change and make them a stronger last line of defense
    - Enable your employees to report suspicious messages with a single mouse click
  • CISSP Exam Prep Clinic #1: How to pass your CISSP the 1st Time, New Exam Format
    CISSP Exam Prep Clinic #1: How to pass your CISSP the 1st Time, New Exam Format
    Mission Critical Institute Recorded: Aug 20 2019 30 mins
    Learn how the new exam format works and how to handle it

    In Clinic #1, you will learn how the new CISSP exam format works. Then, you will learn tactics on how best to respond to this “adaptive exam format”.

    If you want to pass your CISSP Exam the first time, you’ll want to attend and then review this series of five live online CISSP Exam Prep Clinics. In these five valuable CISSP exam clinics you will learn about:

    • The new CISSP exam format, the “adaptive exam format”
    • How hands-on labs will help you prepare for your exam
    • Tactics to select the best answer for each question
    • How to get your employment endorsement and what happens if you need more experience

    These five clinics include tips for all 8 CISSP domains covered in the exam.

    Register today and move closer to your goal!

    SPONSORED BY: Mission Critical Institute

    Presenter
    Alan Belshaw,| M.S., MBA | Senior Cybersecurity Solutions Architect| Booz Allen and Hamilton
    Certifications: CISSP, CAP, CSSLP, CEH, CIWSA, CWNA
    Authorized instructor for CEH, CAP, CSSLP and CISSP
  • [PANEL] Top Threats to Network Security and How to Protect Against Them
    [PANEL] Top Threats to Network Security and How to Protect Against Them
    Kalani Enos, kenos Technologies LLC | Greg DeBrecourt, Aerovironment | Gavin Millard, Tenable | Peter Wood, Naturally Cyber Recorded: Aug 20 2019 64 mins
    Securing the networks from attackers remains a key challenge in 2019. With billions of people affected by data breaches, governments and businesses are continuing to spend more time and money trying to better protect against cyber attacks.

    Join this panel of experts as they discuss the biggest threats to enterprise networks and how to better protect against them:
    - Top threats to network security
    - Watering hole attacks: Explanation and examples
    - Microsegmentation and lateral movement prevention
    - How to improve the security of network infrastructure devices
    - Real time breach detection: Myth or reality?
    - Steps to take to better secure your networks

    Speakers:
    - Kalani Enos, Founder and CEO, kenos Technologies LLC (moderator)
    - Greg DeBrecourt, Cyber Security Manager, Aerovironment
    - Gavin Millard, Vice President of Product Marketing, Tenable
    - Peter Wood, Partner, Naturally Cyber LLP
  • ¡No es Magia, Es DevSecOps!
    ¡No es Magia, Es DevSecOps!
    Ronen Riesenfeld, Sales Engineer Checkmarx Recorded: Aug 20 2019 61 mins
    La seguridad perimetral, el análisis dinámico y otras soluciones de seguridad no estática dan una incorrecta percepción de que las aplicaciones están seguras, percepción que reduce el sentido de urgencia por la implementación holística de la seguridad. Las soluciones de seguridad estática, fortalecen los cimientos de las aplicaciones sin entorpecer los procesos e integrándose de manera orgánica como por arte de magia, facilitando así el desarrollo seguro a alta velocidad

    ¿QUÉ APRENDERÁS EN ESTE WEBINAR?

    Aprenderá que nos motiva a la prevención y su relación con la seguridad en aplicaciones; se explicará que es la seguridad en las Aplicaciones, su importancia y mejores prácticas de la industria.
    Se explicarán las distintas soluciones de seguridad en aplicaciones dentro del ciclo de desarrollo y las tendencias actuales en seguridad en desarrollo de aplicaciones.
    Descubrirá las distintas maneras de integrar la seguridad en aplicaciones dentro del ciclo de desarrollo y las maneras más eficientes de remediar vulnerabilidades.
    Conocerá sobre la administración del Software Expuesto y su integración dentro de DevSecOps
  • Tackling the Top 5 Incident Response Challenges with SOAR
    Tackling the Top 5 Incident Response Challenges with SOAR
    John Moran, Senior Product Manager, DFLabs Recorded: Aug 20 2019 41 mins
    Incident response can feel like a constant battle, especially for those analysts who are on the front lines of the organization’s response, struggling every day to protect its resources and minimize risk from any potential security events.

    While there are some inherent challenges in incident response which will exist no matter the circumstances, it is the responsibility of security managers and executives to reduce or remove impediments to the incident response process as much as possible. Incident response will never be a frictionless process, however, there are many things we can do to minimize the impediments and provide analysts with the needed resources in order to be successful.

    Year after year, security analysts express the same challenges, across all verticals. Even though we have made many important strides in the past several years, it is clear that our current approach is not adequate to completely solve the most pressing challenges we are facing.

    Incident response analysts typically possess a high drive and passion for their chosen career. Not being given the proper tools to perform a job can be demoralizing and cause the types of analysts you really want on your team to look elsewhere for career satisfaction. With competition for skilled analysts as strong as ever, this is a real concern.

    In order to overcome these challenges, organizations today are increasingly turning to the capabilities of Security Orchestration, Automation and Response (SOAR) technology to help.

    Join this webinar to learn more in-depth about these top 5 incident response challenges and how a SOAR solution can be utilized to successfully resolve them:

    - Shortage of staffing and skills
    - Lack of budget for tools and technology
    - Poorly defined processes and owners
    - Organizational silos between IR and other groups or between data sources and tasks
    - Lack of integration with our other security and monitoring tools
  • Webinar: How to Build a Change Workflow to Increase Control
    Webinar: How to Build a Change Workflow to Increase Control
    Maya Malevich Director of Product Marketing, Tufin & Ruth Gomel Director Product Design, Tufin Aug 21 2019 6:00 am UTC 58 mins
    “The only thing that is constant is change.” However, change can also be risky.

    Network security changes may lead to broken connectivity, exposure to cyberattacks, or even compliance violations that may result in an audit failure. How do you control and document changes to firewall access?

    Join this session to learn best practices for building a change workflow to:
    • Ensure all changes are documented and audit-ready
    • Enforce a security policy check within every change to improve control
    • Increase efficiency and eliminate errors through automation

    Register now to gain insight into what an effective workflow looks like and how you can streamline the change process you currently use.
  • 제로트러스트 세상에서 보안 태세 정의하기
    제로트러스트 세상에서 보안 태세 정의하기
    김 현 도, Senior Solution Engineer, Akamai Technologies; 한 준 형, Technical Account Manager, Akamai Technologies Aug 21 2019 6:00 am UTC 60 mins
    일반적으로 제로트러스트 접근방식에는 접근시도과 신원 확인, 그리고 기기확인이라는 3가지 핵심 축으로 살펴볼 수 있습니다.

    이전 웨비나에서는 아이덴티티 기반 접근 방식을 클라우드 프록시와 함께 사용하여 내부 어플리케이션에 보다 안전하게 액세스 하는 방법을 살펴보았습니다.

    이번 웨비나는 두가지 파트로 나뉘어 집니다. 첫번째 부분에서는 앞서 언급한 3가지 제로트러스트 접근 핵심축에 대해 좀 더 자세히 알아보고 사용자와 접근 장비에 대한 의미에 대해 더 살펴보는 과정을 통해 제로 트러스트 아키텍처를 구현하는 방안에 대해 알아보겠습니다.

    두번째 부분에서는 Web에서 API로 전환되는 보안의 트렌드에 대해 살펴보겠습니다.
    여기서 우리는 모바일 어플리케이션의 폭발적인 증가와 함께 웹에서 API로 공격이 이동하는 API의 공격 트랜드와 Credential Fraud의 라이프 사이클을 살펴볼예정입니다.

    발표자: 김 현 도, Senior Solution Engineer, Akamai Technologies
    발표자: 한 준 형, Technical Account Manager, Akamai Technologies
    진행자: 박 선 영, Senior Business Development Manager, APAC, (ISC)²
  • Danger! High Vault-age!: Exposing the myths around passwords vaults
    Danger! High Vault-age!: Exposing the myths around passwords vaults
    Chris Owen, Director of Product Management, Centrify Aug 21 2019 9:00 am UTC 45 mins
    Join this webinar to find out:
    •How Password Vaults have evolved
    •The challenges in using today’s Password Vault solutions
    •How Centrify enables customers to operate without the overhead of legacy Vault solutions
    •The Zero Trust Privilege Management Approach
  • Protecting your Portal from File-based Malware
    Protecting your Portal from File-based Malware
    John Stevenson Aug 21 2019 10:00 am UTC 45 mins
    About this Webinar:

    The essential everyday business requirement of receiving uploaded content from the internet opens the user to significant risk from attackers, intent on stealing the user’s credentials and/or compromising the endpoint device to gain access to the corporate network.
    Uploaded documents contain malware specifically designed to bypass reverse Web proxies, Firewalls/WAFs, AV and sandboxes. Thankfully there are steps you can take to eliminate the threat.

    On Wednesday 21st August, join Deep Secure’s Head of Content John Stevenson – a 25 year veteran of the cyber security industry - and learn what it takes to stop document-based malware getting in via your portal. You’ll find out:

    •How the typical security stack deals with the advanced threat
    •How to add-in “zero trust security”
    •Tips and tricks for ensuring documents are 100% threat-free

    You’ll also get to see just how easy it is for one of the most common and notorious pieces of malware on the planet can escape detection and walk right through your defences!
  • Threat Hunter: Implications of an Active Cyber Defense
    Threat Hunter: Implications of an Active Cyber Defense
    Griff James (Damrod Analysis) | Wyatt Hoffman (CEIP) | Will Lymer (Loki Labs) | Philip Thomas (Reed Smith) Aug 21 2019 12:00 pm UTC 61 mins
    It is beyond the ability or willingness of the world’s governments to protect and secure information technology. What role then can the private sector play in making cyberspace safer? Can private enterprises do anything to strike back at attackers, curtailing their freedom of action and raising the costs of malicious activity?

    Consisting of academics and industry experts, this panel will explore the potential for active cyber defence to impede and deter malicious activity and the conditions under which it could be conducted responsibly.

    Speakers:
    - Griff James, Director at Damrod Analysis
    - Wyatt Hoffman, Research Analyst, Cyber Policy Initiative at Carnegie Endowment for International Peace
    - Will Lymer, Chief Growth Officer at Loki Labs
  • NTT 2019 Digital Means Business Benchmarking Report
    NTT 2019 Digital Means Business Benchmarking Report
    Wayne Speechly -VP: Advanced Competencies – NTT Ltd. Aug 21 2019 2:00 pm UTC 60 mins
    Key highlights from the NTT 2019 Digital Means Business Benchmarking Report which provides insights and analysis from surveying more than 1,150 executives across five regions, 15 countries, and 11 industry verticals.

    Digital is starting to gain meaningful traction in organizations. They’re focusing internally to see quick wins but are still grappling with prioritization and organization-wide execution of digital transformation.
  • Verizon Threat Research Advisory Center Monthly Intelligence Briefing (MIB)
    Verizon Threat Research Advisory Center Monthly Intelligence Briefing (MIB)
    John Grim, Senior Manager, PS Advisory Services Aug 21 2019 2:00 pm UTC 90 mins
    Join us—the Verizon Threat Research Advisory Center – for our Monthly Intelligence Briefing (MIB) to discuss the current cybersecurity threat landscape.

    Our Verizon Threat Research Advisory Center presenters will be:

    •Erika Gifford, Senior Manager, GSS | Security Operations Advisory
    •Hayden Williams, Senior Manager, VTRAC | Investigative Response
    •John Grim, Managing Principal, VTRAC | Innovations and Development
    •David Kennedy, Managing Principal, VTRAC | Open Source Intelligence

    Preparing for and responding to data breaches and cybersecurity incidents is never easy. It takes knowledge of your environment and its unique threats, effective teamwork, and just as importantly, a rigorous Incident Response (IR) Plan. We'll introduce our monthly listeners to the VIPR Report – the Verizon Incident Preparedness and Response Report. We'll provide a high-level overview of our findings across three years of IR Plan assessments and data breach simulations. Insight will include:

    •Observations and recommendations across the six phases of incident response
    •Top takeaways for building a solid IR Plan and capability
    •Breach Simulations Kits and using these resources to run data breach tabletop exercises

    This webinar will also cover:

    •Current Intelligence Overview
    •Attacks and Threat Indicators
    •Latest Malware Trends
    •Significant Vulnerabilities

    If you have any questions related to social attacks and data breaches that you'd like us to cover on the call, please send them to the following email address: Intel.Briefing@verizon.com

    Then tune in for an information-packed session brought to you by our very own Verizon Threat Research Advisory Center investigators, analysts, assessors, and researchers!
  • Latest Trends in TLS & SSL, Q3-2019
    Latest Trends in TLS & SSL, Q3-2019
    Dean Coclin CISSP, Vice Chair, CA/Browser Forum | Jeff Barto, CSMIE - Identity Advocate & Value Strategist Aug 21 2019 3:00 pm UTC 60 mins
    This webinar updates and prepares you for the latest trends in TLS and SSL. We’ll build your awareness of current industry & market motion, suggest ideas on how to prepare, and provide insight into the future of the online security and digital certificate space. Where applicable, we’ll cover specific geographies and verticals, plus pending/trending ballots and discussion within the CA/Browser Forum.
  • Digital Transformation Discussion with Forcepoint Connectivity and Security
    Digital Transformation Discussion with Forcepoint Connectivity and Security
    Jim Fulton, Forcepoint Solution Director & David LePage, Forcepoint Solution Engineering Manager Aug 21 2019 3:00 pm UTC 64 mins
    Digital transformation is driving change across the world, creating new opportunities to boost business productivity, while cutting the costs of infrastructure and operations. Increasingly distributed organizations are re-architecting their networks and security to move their most valuable data and applications to the cloud, in order to give their users much richer, faster, less expensive access than ever before. Enabling remote sites and off-network users to securely connect direct-to-cloud is the new challenge facing enterprises and government agencies. 

    How can distributed organizations achieve the reliable, secure connectivity to the cloud they need? Many are now using internet technologies for connect all of their users to cloud-based applications more productively and cost-effectively than ever before.

    Included in this session:

    • How to accelerate the adoption of productivity-enhancing SaaS/cloud apps
    • How to overcome MPLS limitations including costs and issues with speed
    • How to quickly add security to direct-to-cloud SD-WAN deployment to keep intruders out and protect use of web content and cloud apps
    • How to streamline operations by integrating connectivity and security across thousands of sites in the cloud and on-premises from one console
    • Demonstrations of Forcepoint SD-WAN Connectivity, Securing Internet Access and Use, Operating at Scale to Drive Better Business Outcomes
  • Part 2 - Moving off of a Legacy System: How to Migrate Successfully
    Part 2 - Moving off of a Legacy System: How to Migrate Successfully
    Chaitanya Yinti, ForgeRock and Steve Giovannetti, Hub City Media Aug 21 2019 3:00 pm UTC 60 mins
    Based on the state of my organization’s legacy IAM system, what is the best plan for migrating to a more modern platform? What is the best way to execute that plan, while also maintaining the current platform, its availability and integrity of data?

    Join ForgeRock and Hub City Media to learn how to make migrating IAM systems seamless, and the best strategies to consider for deployment.

    •Parallel Deployments vs. Coexistence vs. Rip-and-Replace: Which method makes sense for your organization? What are the pros and cons of each?
    •How to migrate efficiently, successfully and securely
    •Why migrating a wide variety of applications can be a roadblock, and how to overcome it
    •Use Case Spotlight - Successful client journeys

    By registering for this webinar you agree ForgeRock will maintain and process your personal information for communicating with you.
    The following partner(s) of the the above webinar(s) will have access to the list of registrants, including your contact information:
    Hub City Media (https://www.hubcitymedia.com/privacy-policy)
  • Best Practices in Threat Hunting: Optimizing the Anomalous Activity Search
    Best Practices in Threat Hunting: Optimizing the Anomalous Activity Search
    Brenden Bishop, Data Scientist, the Columbus Collaboratory Aug 21 2019 3:00 pm UTC 43 mins
    Join us for this webinar that will present an advanced data science approach to detecting anomalous behavior in complex systems like the typical corporate network that your IT Security team is trying to defend. Generalized anomaly detectors, without tuning for a specific use case, almost always result in high false alarm rates that lead to analyst alert fatigue and a detector which is effectively useless. In this session, Brenden Bishop, Data Scientist at the Columbus Collaboratory, will present an open source tool and best practices for building specific, repeatable, and scalable models for hunting your network’s anomalies. Through iteration and collaboration, defenders can hone in on interesting anomalies with increasing efficiency.
  • Change Your Mind, Change Your Life
    Change Your Mind, Change Your Life
    Mia Zambarano, Psychotherapist, Lifestyle Coach & Author Aug 21 2019 4:00 pm UTC 60 mins
    Mia Zambarano joins us to discuss the importance of mindset and the way we think.

    Everyone has bad days, but do you have to simply put up with them? What can you do to dispel those nagging self-doubts and expose your potential? Cognitive behavioral techniques help create positive changes in all aspects of life – including business and personal.

    When you take control of your mindset and learn to use it in your favor, success follows. As a licensed psychotherapist, Mia can open a window into your thought processes and show you how they impact our realities. She will discuss how to crush our limiting thoughts and build self-belief.
     
    Learn how to:
    - Use the power of your mind for good
    -Crush negative thought processes and behaviors
    -Harness your super powers and control and create the life you want

    About Mia:

    Mia Zambarano is a Licensed Psychotherapist and Lifestyle Coach, specializing in cognitive behavioral work. Mia has worked as a psychotherapist in since 2015; where she specializes in child, adolescent and family therapy. In her coaching practice, Mia focuses on empowering individuals to create positive changes and improve their overall wellness. Mia received her Master’s in social work in 2015 from Boston University and has a Bachelor of Science in psychology from Sacred Heart University.

    Mia’s work involves understanding what contributes to our reality, the interactions between our thoughts, feelings, and actions, and ways to create a better reality for ourselves through better insight and positive thinking.
  • Webisode 6: Proofpoint Demo - Advanced People-Centric Cybersecurity
    Webisode 6: Proofpoint Demo - Advanced People-Centric Cybersecurity
    Joel Sierra, Security Sales Engineer, Proofpoint Aug 21 2019 5:00 pm UTC 38 mins
    What are the best practice elements of a people-centric cybersecurity strategy, and in what order should your organization prioritize them?

    Proofpoint has developed a three-phase cybersecurity maturity model to help organizations go from simply protecting their email to stopping compromised cloud accounts and data loss to executing a comprehensive people-centric security program.

    Join us for a demo to learn about the third phase of this maturity model, and see for yourself how the tools work. We'll demonstrate how to:

    1. Gain deeper visibility into attacks and respond when things go wrong
    2. Solve for unified data protection
    3. Defend against email fraud and social media fraud
  • Don't Just Detect - Protect (Bromium Customer Panel)
    Don't Just Detect - Protect (Bromium Customer Panel)
    Paul Hershberger, Tyler Timek, and Kimberly Becan Aug 21 2019 5:00 pm UTC 75 mins
    Join Bromium customers CISO, Paul Hershberger, and Security Analyst, Tyler Timek as they takes us on their journey to add isolation to their endpoint security stack. Detection alone cannot combat modern malware as it continues to circumvent even the most advanced enterprise perimeter and endpoint security tools. Learn how security leaders are protected against ransomware, polymorphic malware, and threats that lurk inside email attachments, phishing links, file downloads and malicious websites.
  • Getting to Yes: How to Justify your Network Packet Broker Purchase
    Getting to Yes: How to Justify your Network Packet Broker Purchase
    Zeus Kerravala, Principal Analyst at ZK Research & Gordon Beith, Sr. Product Marketing Director, Gigamon Aug 21 2019 5:00 pm UTC 60 mins
    “Is it worth it?” is a question you must overcome when purchasing new equipment. Fortunately, when it comes to next-generation network packet brokers (NG-NPBs), getting to Yes is easier than you think.

    The latest data from ZK Research shows that next-generation NPBs have grown from simply a nice-to-have to a must-have technology, making it easy to green light your purchase:

    •Winning organizations deploy next-generation NPBs for a faster, more agile infrastructure with fewer disruptions during updates
    •Enables faster transition to hybrid, multi-cloud model without ever losing out on management and security
    •Eliminates blind spots, so fewer security tools are needed

    Arm yourself with the right information to justify your next-generation NPB purchase before you fall into the widening gap between winners and losers. You – and your infrastructure – deserve it.
  • Take the Industry’s Most Authentic Cyber Range for a Security Test Drive
    Take the Industry’s Most Authentic Cyber Range for a Security Test Drive
    Brandon Cooper, Sales Support Engineer Aug 21 2019 5:00 pm UTC 30 mins
    Unique to the industry, CMD+CTRL are interactive cyber ranges where staff compete to find vulnerabilities in business applications in real-time – learning quickly, that attack and defense are about thinking on your feet, creativity and adaptability.

Every two weeks, we will offer the opportunity to test drive CMD+CTRL for 24 hours. We'll open up our CMD+CTRL to anyone to participate, score points, and see how they do.

We will start with a 30 minute live demo to go over the features and functionality of CMD+CTRL, Q&A, and provide the login URL and credentials for your free 24 hour access and you can begin testing your skills immediately.

Sign up to test drive CMD+CTRL!
  • SOC as a Service – What you must know?
    SOC as a Service – What you must know?
    Senthil Palaniappan, CEO & Founder at Sennovate Inc. | Kumar K, Lead Solution Architect at Sennovate Inc. Aug 21 2019 5:00 pm UTC 60 mins
    Running SoC on-premise is highly complex and expensive. This calls for expertise (for example -Firewall, DNS, Network analyst, Active Directory Domain, IAM), and well preparedness to handle unique situations. This is key in protecting any organization's digital assets. It becomes imperative for starter companies to build the credibility success factor to stay competitive as against large enterprises. This raises the question of how you would leverage various security products, to build a true Security Operations Center (SoC) yet delivered as a Service.

    Register for this webinar and you will learn about:
    > SoC as a Service, and its Importance
    > Key Components of SoC - Asset Discovery, Threat detection, Vulnerability Assessment, > Behavioral Monitoring
    > Rapid Incident Response & Event Investigation
    > Better Risk & Compliance Management
    > Role of AI/ML to simplify the process
    > Choosing SoC as a Service vs Build your own SoC
    > Things to consider while choosing SoC as a Service provider

    About the speakers:

    Senthil Palaniappan, CEO & Founder at Sennovate Inc.
    - Over 25 Years of Industry Experience in Information technology
    - Specializes in Information Security, Identity and Access Management, Infrastructure and Integration
    - Consulted with various fortune companies

    Kumar K, Lead Solution Architect at Sennovate Inc.
    - Over 18 years of industry experience
    - Specializes in various Identity and Access Management products including oracle and various cloud products
    - Vast experience in building custom solutions with Oracle Access Manager.
  • A Look into our Secure Internet Gateway
    A Look into our Secure Internet Gateway
    Jonny Noble, Technical Marketing Engineer – Cisco Umbrella Aug 21 2019 5:00 pm UTC 75 mins
    Join us on for our webinar, A Look into Cisco Umbrella’s Secure Internet Gateway. This session will illustrate the benefits enabled by cloud-delivered security with practical examples. The following services will be reviewed: DNS-layer, intelligent proxy, full proxy, firewall as service, cloud access security brokerage service and roaming users coverage.

    Participants will also learn how Umbrella enables branch transformation, increases security posture with leading DNS-layer (added layer) protection, allows for secure XaaS adoption and supports customers' cloud-first strategies.
  • ISSA Thought Leadership Series: Paving the Way to a Passwordless Future
    ISSA Thought Leadership Series: Paving the Way to a Passwordless Future
    ISSA International Aug 21 2019 5:00 pm UTC 60 mins
    It is increasingly apparent that authenticating only with username and password is no longer sufficient as stolen passwords are responsible for 81% of data breaches. And even though many organizations have implemented multi-factor authentication (MFA) through mobile push, or One Time Passwords (OTP) via SMS and mobile apps, these authentication techniques have been shown to be vulnerable to account takeovers.

    Attend this webinar to learn:

    * How WebAuthn, the new web authentication standard, is paving the way for a highly secure passwordless future
    * The key benefits of passwordless login for your employees, partners, and customers
    * Best practices for enterprise authentication

    Speaker:
    Abby Guha, Senior Director, Product Marketing, Yubico
  • Modernize Your SAP Environment with Red Hat and AWS
    Modernize Your SAP Environment with Red Hat and AWS
    Sherry Yu, Principal Partner Success Architect, SAP, Red Hat and Sabari Radhakrishnan, Principal Solution Architect, AWS Aug 21 2019 6:00 pm UTC 55 mins
    Organizations can no longer delay serious consideration of modernizing their data centers. Among those are many SAP customers who will be required to migrate to SAP HANAⓇ by 2025.

    In this webinar, learn about the benefits of modernizing your data center with the premier partners for SAP HANA, Red Hat and Amazon Web Services (AWS).

    We’ll examine:

    • How AWS and Red Hat can accelerate your journey to SAP S4/HANA.
    • Technical considerations and best practices for SAP HANA and cloud migration.
    • Benefits of scalable, on-demand, elastic infrastructure with enterprise support.
  • Fuel your digital transformation with a cloud-based Customer Identity solution
    Fuel your digital transformation with a cloud-based Customer Identity solution
    Richard Chetwynd & Martin Day Aug 21 2019 6:00 pm UTC 60 mins
    Delivering a secure and elegant customer experience is more critical than ever for businesses who want to seamlessly engage with their customers. And for many organizations, Customer Identity and Access Management (CIAM) is an important first step in engaging customers and reinforcing the company’s brand, while keeping customer data secure.

    Learn about cloud-based CIAM and why organizations are looking to migrate their legacy or homegrown solution to the cloud. In this webinar, Richard Chetwynd, OneLogin Product Manager, and Martin Day, Solution Architect, will discuss:

    - Why and when your organization should move away from managing user identities in-house
    - How to overcome the barriers when it comes to moving CIAM to the Cloud
    - Key CIAM capabilities to look for when evaluating solutions
  • Office 365 Man-in-the-Middle Attack Demo
    Office 365 Man-in-the-Middle Attack Demo
    Ryan O'Boyle Aug 21 2019 6:00 pm UTC 19 mins
    Trick a user into entering creds into our fake O365 login page. Make Microsoft send a passcode to the user’s phone
    User enters their passcode on OUR fake page. Hijack the user’s session token.Gain access to SharePoint Online environment
    Exfiltrate data from O365. Pivot to on-prem and steal CEO’s emails
  • Gaining Complete Visibility of Your Environment with Attack Surface Monitoring
    Gaining Complete Visibility of Your Environment with Attack Surface Monitoring
    Tori Sitcawich, Product Marketing Manager; Jon Hart, Principal Security Researcher Aug 21 2019 6:00 pm UTC 56 mins
    Join Rapid7 experts for an in-depth look into Attack Surface Monitoring with Rapid7s Project Sonar research and industry reports. Learn how data from these sources can be leveraged in Rapid7s industry-leading vulnerability management solution, InsightVM, to provide complete visibility into your environment.

    During this webinar, youll learn about:

    1. The importance of having complete visibility of both your organizations known and unknown assets
    2. Rapid7s unique research project, Project Sonar, that regularly catalogs the public internet
    3. Industry reports released by Rapid7 based on data from Project Sonar, among other sources
    4. How data from Project Sonar can be leveraged within Rapid7s industry-leading vulnerability management tool, InsightVM
  • The Dangers of Siloed Security
    The Dangers of Siloed Security
    Ken Dang, Senior Product Marketing Manager, SonicWall Aug 21 2019 6:00 pm UTC 60 mins
    Complete security. One viewpoint.

    A splintered security platform opens threat gaps and adds overhead costs and complexity.. See how you can unify, monitor and manage all your security ecosystem with the Capture Security Center.
  • Connect SaaS to SD-WAN: Optimize your WAN for the Cloud
    Connect SaaS to SD-WAN: Optimize your WAN for the Cloud
    Irwin Lazar of Nemertes Research, top Unified Communications expert Aug 21 2019 8:00 pm UTC 47 mins
    What SD-WAN means for SaaS and UCaaS. How to provide a breakout at the branch and how to overcome global delivery challenge of real-time communications