Detecting Insider Threats - A Case Study

McAfee and Securonix
The insider is the stealth weapon of cyber threats. Insiders, or people posing as insiders, are able to easily penetrate the defenses and operate from within the network as they are trusted with access and privileges to sensitive data. Hijacked credentials allow attackers to circumvent traditional security systems and pose as insiders, going unnoticed by the organizations security measures. Organizations today are using signature-less behavior modeling solutions to identify these targeted threats and mitigate the risks and exposure from them to the organization's sensitive information.

Join McAfee and Securonix who are leading this transformation in the industry, as they walk through an investigation of a manufacturing company that utilized McAfee and Securonix technology to identify a data breach.
Jul 31 2012
33 mins
Detecting Insider Threats - A Case Study
Join us for this summit:
More from this community:

Virtualization

Webinars and videos

  • Live and recorded (1867)
  • Upcoming (67)
  • Date
  • Rating
  • Views
  • Rob Sherwood, CTO of Big Switch Networks, will present an end-to-end open source technology stack for SDN R&D, spanning switch hardware, software and SDN controllers. He will touch on the Open Compute Projects' switch design, Open Network Linux, Project Indigo, Project Floodlight and others. He will also discuss how these projects fit together, their various evolutionary paths, and how this stack fits in the landscape of emerging commercial and open source SDN products.
  • Automation is a powerful tool. It strips time and cost out of processes, minimizes errors, and frees up skilled staff to focus on higher value activities. Most IT teams have already capitalized in some part on automation, and most IT professionals can see the potential in extending automation across the enterprise. But how do you embed automation in the company IT DNA? Where do you start in the journey from script automation towards enterprise-wide process automation?

    In this session you will learn how you can scale automation to an enterprise-level through the adoption of a Center of Excellence. Our proven approach creates a cohesive framework for automation and breaks through silos, so your organization benefits from economies of scale and the advantages that automation brings.
  • The IT industry is currently undergoing one of the most radical disruptions in its history, as traditional data centers are being replaced with cloud computing environments. New workloads such as mobile computing, social networking, and big data analytics are driving the need for a more dynamic, agile approach to enterprise computing. It is most prevalent in the networks within and between modern data centers.

    This presentation will discuss a new approach to application-aware data networking based on open industry standards (the Open Datacenter Interoperable Network, ODIN). In particular, we focus on recent approaches to SDN and NFV which deliver real value in next generation data networks. We will also discuss case studies which demonstrate the value of emerging cloud based, software defined environments.
  • The IT industry is currently undergoing one of the most radical disruptions in its history, as traditional data centers are being replaced with cloud computing environments. New workloads such as mobile computing, social networking, and big data analytics are driving the need for a more dynamic, agile approach to enterprise computing. It is most prevalent in the networks within and between modern data centers.

    This presentation will discuss a new approach to application-aware data networking based on open industry standards (the Open Datacenter Interoperable Network, ODIN). In particular, we focus on recent approaches to SDN and NFV which deliver real value in next generation data networks. We will also discuss case studies which demonstrate the value of emerging cloud based, software defined environments.
  • Scientists at CERN deployed PowerEdge C class servers to increase computing power and process data from the CMS experiment at the world-famous Large Hadron Collider (LHC) as they searched for the Higgs boson.
  • "Technology underpins everything at the Glasgow 2014 Commonwealth Games, and Dell plays an integral part, providing an end-to-end solution comprising all of the laptops, desktops, servers, storage and services we need"
    Brian Nourse, Chief Information Officer, Glasgow 2014 Commonwealth Games, United Kingdom
  • The Operations Bridge is “the” solution for IT Operations to effectively address the challenges they face when it comes to managing the new style of IT: complex composite applications, virtualized environments, cloud-based services, big data, and a variety of management solutions from different vendors. In this session, you will learn how the HP Operations Bridge solution allows you to take up those challenges and consolidate all your existing IT monitoring solutions, providing a unique solution to maximize efficiency and improve runtime and performance of your IT services.
  • Now that NIST has published Version 1.0 of the Framework for Improving Critical Infrastructure Cybersecurity, the long awaited CSF, what are the implications for companies? How can the CSF help your business improve its defenses? Cameron camp investigates.
  • Deploying and managing network security at remote locations can be time consuming and expensive. McAfee Next Generation Firewalls give your organization a simple solution for centrally deploying, managing and updating remote locations. No technical skills are required to install at remote locations, freeing your skilled staff to focus on more important security management.

    Join us for an in-depth look at how plug-and-play deployment and remote management can reduce manual effort, reduce costs, and improve your network service. Steve Smith, Senior Technical Manager at McAfee, will review how the McAfee NGFW can be installed and up and running in a matter of minutes using our cloud-based installation server. He will also review how the McAfee NGFW Security Management Center gives you remote management and enterprise-wide situational awareness.
  • Are attacks on your network and users still occurring, despite continuing efforts to stay on top of security? What impact would malware have on your business if it was able to gain internal access and steal sensitive information?

    Without solutions that can disrupt the chain of events that occur during an advanced attack, many businesses are still being infiltrated and losing data every day. This webinar will cover the best practices in disrupting attacks with content security solutions - connected to optimize protection.
    Join this webinar as:
    •You will learn the tactics used by attackers today to infiltrate businesses
    •You will hear about the leading technologies available to disrupt advanced attacks
    •You will walk away with the knowledge to assess your own environment, and optimize your security
    Businesses today face more advanced attacks than we’ve ever seen in the past – and defending against them takes a connected approach which can disrupt the multiple points of infiltration and exfiltration used in the process of a breach. With most attacks seen in the wild using phishing emails to reach their target, a web link or malicious file to deliver a payload, and an outbound stream of communication to exfiltrate data – implementing a Secure Email Gateway, Secure Web Gateway, and Data Loss Prevention technology together will provide a barrier difficult for even the most advanced attacks to overcome.

    Don’t miss this webinar if you have a stake in the security of your most valuable information, or are directly responsible for the implementation of security solutions to protect it. Register now for this 30 minute webinar.
  • Channel
  • Channel profile
Up Down
  • Catch Advanced Malware That Evades the Typical Sandbox May 13 2014 5:00 pm UTC 60 mins
    Many vendors are rushing to bring malware protection systems to market, but today’s advanced malware is stealthy and can often evade these systems. Organizations need a more comprehensive approach that looks beyond behavior seen in the sandbox, uncovering the hidden danger in malware's latent code.

    Anne Aarness, Senior Manager at McAfee, explains how McAfee Advanced Threat Defense combines in-depth static code and dynamic malware analysis for a comprehensive malware protection system. Combined, this represents the strongest advanced anti-malware technology in the market, and effectively balances the need for both security and performance.
  • McAfee and Norse present: Combating Advanced Cyber Threats with McAfee Global T May 8 2014 5:00 pm UTC 60 mins
    Threat intelligence is a critical tool in the never-ending struggle to protect the world’s networks, but many threat intelligence solutions lack visibility into the parts of the Internet where bad actors operate—the darknets. As the effectiveness of these solutions declines, organizations are exposed to increased risk of security breaches, data ex-filtration, and loss of reputation and revenue from today’s advanced cyber threats.
    McAfee and Norse have developed an integrated threat intelligence approach leveraging the strengths of McAfee GTI along with Norse’s unique ability to provide visibility into the darknet and dark web. This integration of McAfee Network Threat Response Cloud Analysis and Deconstruction Services with Norse IPViking provides the strongest web-based reputation protection available against botnets, distributed denial-of-service (DDoS), and advanced persistent threats. When combined in an automated fashion with machine-to-machine interface, users now have a single-pane-of-glass with rich context to track new organizational threats not detected through traditional means.
    Join McAfee and Norse to learn about:
    •The value of Dark Threat Intelligence and its role in preventing compromise and data breaches
    •Threat intelligence-based strategies for advanced threat prevention and detection
    •Using threat intelligence to streamline and improve the incident response process
  • Using NSS Labs' 2014 Security Value Map for IPS May 8 2014 3:00 pm UTC 60 mins
    Choosing the best network security solution for your organization can be complicated. Many organizations turn to third party analysts, each offering their unique perspective and insight, to help narrow the choices. However, their different viewpoints and methodology can make it difficult to understand.

    Nat Smith, Director of Network Security at McAfee, will discuss NSS Labs' 2014 Security Value Map for Data Center Intrusion Prevention Systems (IPS) and also touch on other third party analysts reports on IPS, each with a keen value when understood in context.
  • Real-time data protection with McAfee DLP and McAfee ESM May 2 2014 4:00 pm UTC 45 mins
    Data sprawl posts a big challenge to data protection today. Having visibility to data movement and how it is being used is a key step to controlling data at the source. This session will focus on how DLP discovery along with user and file activity monitoring can give you contextual awareness of the file being used.

    1)Learn how event and application monitoring enables visibility into data movement within and out of the enterprise
    2)Leverage McAfee ePO to automate DLP policies based on situational awareness
    3)See how McAfee DLP and ESM work together to provide real-time data protection
  • McAfee and Intel Team Together to Provide You Superior Data Protection May 1 2014 5:00 pm UTC 45 mins
    This webinar is presented by McAfee and Intel to help customers understand their Data Protection solution from McAfee and to get the most business value out of their Intel based endpoints. Products that apply to this webcast include McAfee Complete Data Protection Suites, featuring Endpoint Encryption, and EPO Deep Command to extend the reach of your IT department to lower your total cost of ownership. The webinar will include a special highlight on Intel® Core™ vPro™ Processors and associated technologies that increase productivity and hardware-assisted security in the enterprise. This webcast is provided as a 35-40 minute overview and includes 5-10 minutes of Q & A.

    Join this webinar on Data Protection and learn about:
    • The key features of Data Protection and how it can provide you with the security you need
    • Use cases on utilizing the synergy between Intel® vPro™ and McAfee Data Protection technologies to reduce your overall TCO
    • How you can extend the reach of your IT team with the ability to remotely wake up or even power on PC’s, remediate “disabled” endpoints and remotely reset pre-boot passwords
    • How to securely manage your endpoints from a single console while simultaneously providing self-service features for your end-users

    Presenter Info
    Pat Correia is responsible for Endpoint Encryption Product Marketing at McAfee.
    Jason Kennedy is Director of Business Client Platforms Marketing at Intel.
  • Improve Security Management Efficiency with Centralized Management Apr 30 2014 5:00 pm UTC 45 mins
    Your network security team must know and manage what is happening on your network at all times. Running back and forth to different devices doesn’t work even if you can log in remotely. It takes too much time and is not coordinated. You have to rely on a centralized management system.

    Join Steve Smith, Senior Technical Marketing Manager, as he shows you how the McAfee NGFW acts as the core of your network security, centralizing the monitor, managing and reporting across diverse virtual, physical and third-party devices. He will show you how a single console view can give your team real-time visualization of network operations, improving response time for recognition and remediation of incidents and threats.
  • The Power of the Hybrid Web Protection Model Apr 22 2014 5:00 pm UTC 45 mins
    McAfee is unique among secure web gateway solution providers with its hybrid delivery model, which provides the flexibility to deploy a web gateway on-premises, in the cloud, or in combination. In this session, McAfee will discuss details of the hybrid web protection deployment model and the various elements that comprise it, along with provide guidance on to choose the deployment scenario that best addresses your organization’s specific business needs.
  • Plug-and-Play Deployment: “Save Travel Time and Expense Securing Remote Offices” Recorded: Apr 16 2014 27 mins
    Deploying and managing network security at remote locations can be time consuming and expensive. McAfee Next Generation Firewalls give your organization a simple solution for centrally deploying, managing and updating remote locations. No technical skills are required to install at remote locations, freeing your skilled staff to focus on more important security management.

    Join us for an in-depth look at how plug-and-play deployment and remote management can reduce manual effort, reduce costs, and improve your network service. Steve Smith, Senior Technical Manager at McAfee, will review how the McAfee NGFW can be installed and up and running in a matter of minutes using our cloud-based installation server. He will also review how the McAfee NGFW Security Management Center gives you remote management and enterprise-wide situational awareness.
  • Expanding the Capabilities of McAfee ePolicy Orchestrator Recorded: Apr 10 2014 54 mins
    Autonomic Software significantly expands the capabilities of McAfee ePO. Autonomic’s three suites are all integrated into ePO with no need for separate console, databases, and reports. They are “As McAfee As McAfee”!

    Autonomic Patch Manager, EndPoint Manager and Power Manager suites provide improved security, and managing of end points, at virtually no charge when incorporating Power Manager.

    Join McAfee and its 2013 MVP Partner of the Year to learn how the integrated solution provides:
    • Increases Scalability – Delivery of patches to both large organizations and small-to-mid-sized organizations
    • Reduces Costs - Using Power & Patch Management Suites
    • Simplifies Complexity - Maintains a secure environment with minimal human intervention using EndPoint Suite
    • Easily Customizable Solutions – For unique requirements
  • Using SIEM and Big Data to detect invisible threats Recorded: Apr 10 2014 51 mins
    The alarming rise of advanced persistent threats (APTs) makes security analytics around Big Data an imperative. In light of the challenges of converting Big Data into actionable information with first generation SIEMs, security professionals have become skeptical about the ability to use SIEM beyond compliance needs. Yet, today’s advanced SIEM technology takes threat detection, understanding and response to a whole new level. Join us to learn how to use next generation SIEM technology to specifically detect security threats within an ocean of Big Data. Discover how the latest technologies in security analytics such as the quad-correlation methods of rules, statistics, risk, and history can help your organization execute SIEM best practices in detection with intelligence, integration, and ease.
  • Deep Packet Inspection: “Know Who is on Your Network and Stop Advanced Threats” Recorded: Apr 9 2014 45 mins
    Every application, email, web page and Internet connection relies on information encapsulated into a data packet that can be easily distributed across networks. These packets include information about the sender and receiver, as well as the actual contents, or payload. By manipulating pieces of the packet data, criminals can infiltrate networks, applications, data centers, and individual computers.
    How do you defend your network against advanced threats that manipulate data at the packet level? Join Steve Smith, Senior Technical Marketing Manager at McAfee for a revealing presentation on the current state of threat prevention. Find out why you should be using deep packet inspection (DPI) for protocol identification, normalization, and data stream-based inspection to detect and block threats, in both clear-text and encrypted connections. And stop Advanced Persistent Threats (ATP) that rely on packet manipulation to thwart most common firewall and IPS defenses.
  • Achieve High Availability and Scalability through Always-On Connectivity Recorded: Apr 1 2014 34 mins
    Everyone knows computer downtime is unacceptable. The world runs on data and it needs it fast. But securing that growing data network is time-consuming, expensive and often inefficient. Security professionals are looking for answers that can provide high availability and scale as the business changes. And they want solutions that are both highly secure and not a drain on computing and bandwidth resources.

    Join Steve Smith, Senior Technical Marketing Manager at McAfee for an in-depth discussion of how the next generation of firewall technology delivers scale and zero downtime performance. And learn how active-active clustering, dynamic server load balancing, management application redundancy and unique, augmented VPN capability is bringing resiliency to mission critical data networks.
  • Building an Integrated Security Platform Recorded: Mar 27 2014 37 mins
    Over the past decade, the web has become an increasingly dangerous place, as attackers launch ever more sophisticated attacks. Enterprises of all sizes, from small to global, need to protect their internal systems against both inbound and outbound attack vectors.

    External attacks can take many forms. A user’s email address may be exposed to hackers who send a phishing message with links to a web site that downloads malicious software onto the user’s PC without them being aware of it. Or, an advanced malware attack may use sophisticated obfuscation techniques to hide its true identity, enabling it to slip past a signature-based malware detection tool.

    Data leakage can come from internal users who, inadvertently or deliberately, transfer sensitive or confidential information outside the network perimeter, or a botnet client transmitting a password file to a master server located overseas.

    To counter these threats, security professionals need to deploy interlocking, coordinated security systems designed to work together. In this session, McAfee will discuss how its security platforms work together to comprehensively address the multiple security threats that customer’s encounter.

    •Overview: current malware trends and frequently encountered attack types
    •Interlocking lines of defense:
    oFirewall, Intrusion Prevention Service
    oWeb Gateway
    oEmail Gateway
    oAdvanced Threat Defense
    oData Loss Prevention
    oePO
    oMcafee Content Security Suite
  • Augmented VPN: “A New Way to Address Resilient Connectivity” Recorded: Mar 26 2014 39 mins
    No connection to the Internet is 100 percent reliable. But most enterprises demand always-on connectivity. Stop investing in overpriced MPLS and other complicated solutions. By integrating multiple connections of commonly used, less expensive Internet connections, you can ensure inbound, outbound and VPN traffic is uninterrupted.
    Steve Smith, Senior Technical Marketing Manager at McAfee, explains how an augmented VPN solution can deliver a simple and cost-effective way to create fast, secure, high-capacity connections between sites and ensure uninterrupted Internet connectivity. And find out more about how this McAfee NGFW capability is designed for ease of use, while the implementation requires no special equipment, software, or Internet service provider peering agreements.
  • McAfee and Apperian present: Secure What Matters Most in a BYOD World Recorded: Mar 20 2014 50 mins
    Leading enterprises understand the value of mobility, but are struggling to create secure mobile environments while delivering on the promise of higher productivity that mobile can provide. Add BYOD, contracted workers, and scalability requirements to the mix and your mobility strategy can become highly complex.

    Join this webinar to learn how one integrated mobile solution delivers on the promise and power of mobile app management and security.

    By attending you will learn:

    •The importance of app and data level mobile security
    •Use cases for how mobile application management is currently being used by best-in-class mobile enterprises to improve security
    •Tips on how to secure, distribute, monitor, and update mobile applications and content with a mobile governance approach
    •How the Apperian and McAfee partnership will provide you with integrated management across all endpoints
  • Advanced Evasion Techniques Recorded: Mar 19 2014 35 mins
    What’s slipping past your current network security solution?

    Even the most up-to-date network security solutions are vulnerable to new game-changing threats that every enterprise needs to be aware of—advanced evasion techniques (AET). Difficult-to-detect AETs can bypass traditional security devices, attacking your network at will. The good news is that there is something you can do about them—with a strong strategy and the help of McAfee® Next Generation Firewall.
  • Security With Increased Productivity and Usability Recorded: Mar 13 2014 56 mins
    To address insider security threats, many organizations deploy data loss prevention (DLP) solutions. Often, the scope of the process and policies are overwhelming to accommodate every scenario. Administrators quickly find it impossible to accurately identify every type of sensitive document, as well as predict the behavior of every type of user. As a result, some businesses deploy their DLP systems in “watch-mode”, where they monitor for behavior, but don’t realize the true benefits of actually preventing data loss.

    McAfee DLP leverages TITUS Classification metadata to set active DLP policy and improve policy inforcement. Join TITUS and McAfee for a discussion about:

    •Why it is crucial to include users as the first line of defense
    •How DLP, NDLP, and ESM leverage TITUS
    •And the role of TITUS Classification in the DLP architecture
  • Protection Capabilities to Consider While Preparing for Advanced Malware Recorded: Mar 13 2014 42 mins
    We learned a few things about advanced malware in 2013. Namely, zero-day and targeted attacks continued to evade more traditional protection methods. And while many organizations are stepping up detection efforts, there’s still more that can and should be done. So what will 2014 bring?

    Join McAfee and featured analyst firm Gartner for an in-depth look at what advanced threats are on the horizon for 2014 and what you can do to improve your security posture. Our conversation will cover:

    Threat predictions for 2014 and beyond
    Key capabilities to consider in your detection and protection arsenal
    Planning for a successful advanced malware protection strategy
  • Supercharge Next Generation Network Security Recorded: Mar 5 2014 40 mins
    Advanced Evasion Techniques (AETs) are a way for cybercriminals to deliver an exploit, attack, or other forms of malware to networks or systems without detection. This technique makes previously detectable malware completely undetectable, enabling it to bypass most firewalls, intrusion prevention systems (IPS) and next-generation firewalls.

    Attend this webinar to learn how AETs work. We’ll demonstrate how McAfee® Next Generation Firewall identifies and stops the more than 800 million variants of AETs.
  • McAfee and Guidance Software's EnCase: Accelerating Incident Response and Breach Recorded: Feb 20 2014 37 mins
    In today’s post-breach world, organizations need technology aligned with new strategies to accelerate and automate incident response and breach investigation workflows to reduce mean time to resolution. In this webcast, we will demonstrate the need for on-demand access to endpoint for the purposes of understanding what happened after the attackers got in, and what — if anything — was taken as a result.

    You will learn how together, McAfee and Guidance Software help:

    •Reduce time to deploy incident response capabilities
    •Streamline the response and investigation process
    •Ensure a complete understanding of breach impact
    •Manage digital investigations on assets managed by McAfee ePO
Security Connected for Enterprises
Security Connected provides McAfee customers the ability achieve optimized security each day, enabling their business while reducing risk, driving compliance and realizing operational efficiencies
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Detecting Insider Threats - A Case Study
  • Live at: Jul 31 2012 5:00 pm
  • Presented by: McAfee and Securonix
  • From:
Your email has been sent.
or close
You must be logged in to email this