If you are struggling to keep up with selecting, testing and deploying new security tools, you won’t want to miss this webinar.
You’ll learn how to:
- Address the unique challenges of securing your unique network.
- Implement smart network segmentation and intelligent tool routing.
- Facilitate testing and deploying tools through a security delivery platform.
- Handle the challenges of setting up realistic tests.
Learn how the GigaSECURE security delivery platform strengthens new security tool testing and streamlines deployment.
After you’ve solved your core authentication needs, what’s the next step in securing access to your critical resources? Your users are validated, but they still connect through a network from potentially vulnerable computers and mobile devices.
So how do you identify which of these devices are compromised endpoints?
In a 2017 SANS survey of IT professionals, 79% said hunting for compromised endpoints is “difficult or impossible.” Finding the right balance of security and user convenience is daunting, especially with BYOD and hosted applications added to the mix. The good news is that there are ways to make this easier, and this webinar will show you how.
In a survey of 722 IT leaders by CIO Magazine, four out of five respondents were concerned about shadow IT projects lacking proper IT oversight in their organizations*. This concern is justified -- when users create "shadow IT" workarounds or avoid security processes altogether, it can leave organizations at risk.
Security teams are learning that when you account for the human element, you can develop policies that users actually want to adopt. Join us for a discussion on how you can build a strong security culture by learning from user behavior research, and employing concepts like gamification to collaborate with your users.
Cybersecurity disasters dominated the news in 2017. WannaCry alone bashed hundreds of thousands of targets. Now is the time for CIOs and CSOs to scrutinize multiple components of their security because, let’s face it, attackers are busy working up new creative ways to hijack your data in 2018.
Attend this webinar to learn what it takes to build an in-depth defense. This straightforward presentation will cover:
• Security KPIs with risky validation processes (far more common than you think)
• A checklist of security points that need tight inspection (and where to drill down)
• New security services that streamline the process
Faster time-to-market and business value driven application functionality are the biggest drivers for DevOps. With DevOps, more frequent releases require shorter development and test cycles creating a higher risk of breaches exploiting the application layer. The last couple of years have shown business value can take a significant hit with security breaches. Building security features at the speed of DevOps, and reducing risk with the right security architecture, processes, and collaboration is key to staying in business. This is the genesis of DevSecOps.
In this Webinar, Derek Brink from Aberdeen Research describes how the shift towards rapid application delivery methods creates new opportunities for improving application security and reducing risk. MicroFocus’ James Rabon (Product Manager, Fortify Software Security Center and Tools) and Paladion's Vinod Vasudevan (Co-founder and CTO) discuss how MicroFocus and Paladion are helping customers integrate security and compliance into DevOps processes.
Key Takeaways from the Webinar:
- Trends in application delivery: from waterfall, to Agile and DevOps
- How characteristics of Agile, DevOps provide a high-level blueprint for what application security in that environment should look like
- Capabilities you should be looking for to improve application security at the speed of DevOps
- How to adopt non-disruptive and continuous application security processes
- Bringing in around-the-clock security monitoring for cloud assets
Making the connection between “Cause and Effect” is difficult enough but when technology executives need to explain their strategy to a non-technical audience, all too often the key message is lost in technical jargon.
When technology is embraced by business leaders, it’s because of the perceived business benefit the technology could bring to the organization. What is frequently not discussed, or even thought about at this level, are the security implications associated with technology. The challenge for the senior technology executives is to be able to associate technology with risk, and risk with business disruption, without resorting to a Fear, Uncertainty and Doubt strategy.
This session will focus on how senior technology executives can better relate to a non-technical audience, using tangible and quantifiable examples, to both inform and persuade of the need of making security an essential component of any business plan.
VMware transforms security by providing a ubiquitous software layer across application infrastructure and endpoints, maximizing visibility and context of the interaction between users and applications, aligning security controls and policies to the applications they are protecting, and enabling the insertion of third-party security services for additional intelligent protection.Read more >
The cloud and mobility have fundamentally changed the IT landscape. Both apps and users have left the network, however traditional security has struggled to keep pace. Developing a strong cloud security strategy is important to help restore visibility and reduce risk, but what is the best approach? While there are many opinions and perspectives, the best security strategy starts in the beginning with the proper architecture. Join this webcast to hear:
- 5 key architectural requirements your cloud security strategy can’t live without.
- What core building blocks you need to enable and secure your users and apps
- Learn how leading enterprises are transforming their security to cloud
Steve House is a seasoned Product Management leader with over 20 years of experience in the networking and security industries. During that time, he has worked for multiple market-leading organizations including Zscaler, Blue Coat Systems, Packeteer and CacheFlow where he has a consistent track record of helping them innovate and grow their market share.
At Zscaler, Steve leads the Product Management team responsible for driving product strategy and execution. Steve’s goal is to help the company through its next phase of growth becoming the standard Internet security platform delivered as a service to any user on any device in any location. Steve holds a Bachelor of Science in Electrical Engineering from Duke University.
For more questions about Zscaler, go to www.zscaler.com
When planning a go-to-market strategy, it’s common practice to build detailed marketing and sales personas for key security individuals such as the CISO, the IT administrator, the developer, and the end user. Each of these roles has different needs and priorities when considering a security tool, and sales strategy recognizes the need to address each of them. Organizations have different types of business drivers, priorities, constraints, and capabilities as well: for example, an 80-year-old manufacturing company may not care what cute new IoT ideas you might have.
These organizational personas must be considered when searching out peers for benchmarking. Security decisions made only by looking at other companies in the same industry doesn’t provide enough data, because there are many other variables that come into play. Building a security anthropology model for comparing organizations provides more context to better design products and services to align with their needs, while helping the security community speak the language of the users it’s serving. Join us for a discussion on how we can excavate a better approach with Wendy Nather, Principal Security Strategist at Duo Security.
Wendy Nather is a former CISO in the public and private sectors, and past Research Director at the Retail ISAC (R-CISC) as well as at the analyst firm 451 Research. She enjoys extreme weather changes while shuttling between Austin and Ann Arbor.
AuditD is a very useful feature on the linux kernel. Ryan Huber, Security Architect at Slack, discusses go-audit, the golang-based open source alternative to the auditd daemon.
He also discusses how he uses go-audit along with a reliable logging pipeline consisting of streamstash, elasticsearch, and elastalert to collect and process data from thousands of hosts.
When it comes to building a security program, focusing only on technology and processes puts organizations in a weak and unbalanced position. People need to be equally factored in—and that’s where culture comes in. Listen as Bo talks about the importance of a strong security culture and walks through four essential components needed to build one.Read more >
In this clip, discover some key insights from Sam McLane, Head of Security Operations, at Arctic Wolf Networks (AWN), on the importance of having a Concierge Security Engineer(CSE) on your side, who can act as your trusted advisor for your IT team.Read more >
Most businesses are rapidly moving to the cloud to be fast and nimble, reduce their cost structure, and reach more customers anywhere, anytime. These new architectures have powerful new capabilities—but also expose businesses to a new universe of risk.
When dealing with outsourced infrastructure like AWS, or a SaaS solution like Office365, it is easy for IT managers to assume that security is out of their hands, for better or worse. But, this assumption may not always be true. Businesses must develop an active cloud security strategy as they pursue their migrations, and become a proactive security partner with their cloud providers—or they will find themselves vulnerable to attack.
In this upcoming webinar, hear from security experts at Arctic Wolf Network (AWN), on:
- The top cybersecurity risks and best practices for securing cloud deployments
- How AWN security monitoring compliments the native security features in AWS and Office365
- The role of AWN cloud security in integrating observations from cloud and on-premise systems
To see how AWN CyberSOC™ can secure your cloud, register now.
About our speakers:
Narayan Makaram is a Sr. Director of Product Marketing at Arctic Wolf Networks, a Managed Detection and Response (MDR) company that provides SOC-as-a-service. Narayan has over 15 years of information security experience, with in-depthexpertise in application security, malware detection, SIEM, vulnerability management and network security, in leading cyber security companies – Imperva, FireEye, ArcSight, Tenable, and Hewlett-Packard.
Louis Evans is a new member of the Arctic Wolf team. He’s passionate about cybersecurity, defeating the next generation of threats, and Alan Turing.
Rapid adoption of cloud apps and services is driving the need for Cloud Access Security Brokers (CASB)
It is time for CASB systems to weave into your overall security infrastructure. There are many intersections to consider, such as DLP, Advanced Malware Protection, Web Security and Endpoint where organizations are navigating how to best integrate cloud security solutions into their environment to improve security and reduce operational overhead.
This talk will explore this next frontier of CASB solutions.
Orchestration and automation theory has graduated to a concrete architecture for implementation. An action-driven architecture supports more proactive analysis and investigation for more effective detection, triage, investigation, and response.
The foundation of a successful security architecture in this model requires:
- Rich, trustworthy data covering all aspects of the environment
- Consolidated data sources and analytics processes
- Automated investigation and response capabilities
- Integration between tools and services for total coverage of every critical asset and data set.
In this webinar, we'll discuss how to build an action-oriented security architecture, key use cases, and critical success factors.
A common approach for addressing a security initiative is to make assumptions about the underlying problem that needs to be solved. Too often, those assumptions are incorrect. In those cases, security practitioners end up wasting resources with little to show for it.
Join Fernando Montenegro, Senior Analyst at 451 Research, as he presents an alternative framework for evaluating the fundamental issues that may hinder an initiative’s progress in a specific scenario. This framework allows practitioners to consider whether the issue is driven by incentives, information, investment, or irrationality which will help determine the appropriate path for addressing them in the context of security. With this knowledge, the security practitioner can tackle the problems with confidence and make real progress in their environment.
Join 451 Research and SecureAuth+Core Security for a peek into the emerging trends in cyber security and identity in 2018. Register today and learn how these trends will impact your strategy, organization, and job in the coming year.
Security experts Garrett Bekker, 451 Research and Chris Sullivan, SecureAuth+Core Security will share insight on these trends and more:
•Why network-based approaches to security are no longer sufficient in the age of cloud and IoT
•Why identity is the new gating factor for access to sensitive resources
•How various methods for securing cloud resources – CASB and IDaaS - need to converge
•The need for risk-based approaches to authenticating users – and machines
Offering organizations of all sizes the benefits of agility and scalability, the adoption of public cloud continues at a pace rivalled only by that of the early days of the Internet era. As was the case then, the speed of adoption often means that “good enough” security is viewed as acceptable. With the underlying premise that the public cloud is someone else’s computer, and an extension of your network this session will cover public cloud security concerns, what the shared security responsibility model really means and recommendations for protecting your public cloud workloads and data.Read more >
New security challenges in 2018
Hackers are already scheming their next wave of targets: will they replicate the colossal Equifax breach and cash in on reams of personal data or freeze up IoT devices simply in order to disrupt critical systems?
Join Forcepoint's Bob Hansmann, Director, Security Technologies for a Forcepoint 2018 Security Predictions Report webcast on the most pressing security issues for the upcoming year.
You’ll receive an advance copy of the Forcepoint 2018 Security Predictions Report just for attending.
We've known for a long time that the idea of a fixed perimeter and trusted internal network doesn't work too well, especially since a successful attacker looks exactly like an insider. The concepts variously known as de-perimeterization, zero-trust, software-defined perimeter and BeyondCorp all try to address this, and they represent a fundamental change in how you architect security for your enterprise.
In this presentation, we talk about what you can do to make your old perimeter less lonely, and most importantly, how to explain this new way of thinking to the rest of the business.
Software-defined datacenter technologies are a foundational pillar of datacenter transformation to enable digital business and agile IT. In addition to enabling datacenter agility, automation and cost containment, the software-defined datacenter presents new challenges and offers new opportunities as they pertain to securing hybrid workloads.
Watch this webinar by VMware® and Bitdefender® to learn about the following:
Software-defined technologies, including software-defined compute, storage and networking and their value to the modern datacenter
Security requirements for the software-defined datacenter
How the joint Bitdefender-VMware solution helps enterprises meet these requirements effectively and efficiently
We’ve all seen the emails: someone shared a Google doc with us, our bank wants to verify our password, we’ve received an “important” attachment, you name it.
Phishing is common. It’s common because it’s easy. Not only is phishing common, but it’s getting worse. There’s no “magic bullet” to eliminate phishing as a threat, so what can you do to mitigate your risk?
Join Jordan Wright for a hands-on, method-focused deep dive into how you can reduce the threat posed by phishing. This will cover mitigation tactics at each stage of a phishing attempt, from before an email reaches the inbox to what you can do after a user clicks the phishing link.
As more of our business data will exist in the cloud and as the scale of IoT creates more weak links in the security chain, what systems in the network are designed securely that CIOs and CSOs can leverage? And will a lack of industry standards and technology architecture around the IoT makes it difficult to create security policies? Also, why do some contend that the IoT is impossible to secure?
On this edition of NMGs podcast series, we invite Gee Rittenhouse, Senior Vice President, Security Business Group at Cisco and Mike Iwanoff, SVP/CISO/CIO at iconectiv.
Key takeaways for listeners:
a.Fraudsters are out in full force: Yesterday’s solution might not solve tomorrow’s problems/challenges
b.Tips and Info: Top three things I can do to get more info/more data and improve my posture in this area
c.Determine whether you have the technology requirements for an acceptable risk posture:
•segmentation of the network
•automation – allowing you to implement controls to recover from a threat, find the source and mitigate the threat from reoccurring.
d.Communicate that risk posture to exec team and to the board - At the end, the company should know what their risks are and what
they are willing to accept
e.Understand the challenge and know that you don’t have to build your own security solutions.
The new 2017 Gartner Magic Quadrant for Web Application Firewalls (WAF) is based on detailed responses to questionnaires from experienced Web App Firewall customers. Attend the webinar and hear the experiences of major customers who participated in the Gartner MQ for WAF research and how they implemented web app firewall to protect their applications and critical data.
This webinar will cover:
* Detailed results and considerations of the report
* Effective deployment options to meet enterprise demands
* Success stories and implementation options you can leverage within your own environment
Join us to hear Morgan Gerhart, Vice President of Product Marketing at Imperva, discuss the Gartner MQ for WAF with:
*Rob McCurdy, CIO of Michigan State University
*Darío Eduardo Herrera Yáñez, CTO of Sm4rt Security Services
This Modern Security episode introduces a security based chaos testing tool and methodology. ChaoSlingr is a Security Chaos Engineering Tool focused primarily on the experimentation on AWS Infrastructure to bring system security weaknesses to the forefront.Read more >