Hi [[ session.user.profile.firstName ]]
Sort by:
    • Application Security at the Speed of DevOps
      Application Security at the Speed of DevOps James Rabon - Product Manager, Fortify Software Security Center and Tools Upcoming: Oct 24 2017 6:00 pm UTC 60 mins
    • Faster time-to-market and business value driven application functionality are the biggest drivers for DevOps. With DevOps, more frequent releases require shorter development and test cycles creating a higher risk of breaches exploiting the application layer. The last couple of years have shown business value can take a significant hit with security breaches. Building security features at the speed of DevOps, and reducing risk with the right security architecture, processes, and collaboration is key to staying in business. This is the genesis of DevSecOps.

      In this Webinar, Derek Brink from Aberdeen Research describes how the shift towards rapid application delivery methods creates new opportunities for improving application security and reducing risk. MicroFocus’ James Rabon (Product Manager, Fortify Software Security Center and Tools) and Paladion's Vinod Vasudevan (Co-founder and CTO) discuss how MicroFocus and Paladion are helping customers integrate security and compliance into DevOps processes.

      Key Takeaways from the Webinar:

      - Trends in application delivery: from waterfall, to Agile and DevOps
      - How characteristics of Agile, DevOps provide a high-level blueprint for what application security in that environment should look like
      - Capabilities you should be looking for to improve application security at the speed of DevOps
      - How to adopt non-disruptive and continuous application security processes
      - Bringing in around-the-clock security monitoring for cloud assets

      Read more >
    • Security Anthropology: How Do Organizations Differ?
      Security Anthropology: How Do Organizations Differ? Wendy Nather with Duo Security Upcoming: Nov 16 2017 5:00 pm UTC 60 mins
    • When planning a go-to-market strategy, it’s common practice to build detailed marketing and sales personas for key security individuals such as the CISO, the IT administrator, the developer, and the end user. Each of these roles has different needs and priorities when considering a security tool, and sales strategy recognizes the need to address each of them. Organizations have different types of business drivers, priorities, constraints, and capabilities as well: for example, an 80-year-old manufacturing company may not care what cute new IoT ideas you might have.

      These organizational personas must be considered when searching out peers for benchmarking. Security decisions made only by looking at other companies in the same industry doesn’t provide enough data, because there are many other variables that come into play. Building a security anthropology model for comparing organizations provides more context to better design products and services to align with their needs, while helping the security community speak the language of the users it’s serving. Join us for a discussion on how we can excavate a better approach with Wendy Nather, Principal Security Strategist at Duo Security.

      Wendy Nather is a former CISO in the public and private sectors, and past Research Director at the Retail ISAC (R-CISC) as well as at the analyst firm 451 Research. She enjoys extreme weather changes while shuttling between Austin and Ann Arbor.

      Read more >
    • Addressing The Security Challenges of the Cloud Generation
      Addressing The Security Challenges of the Cloud Generation Gerry Grealish, Head of Product Marketing, Network and Cloud Security Products Upcoming: Oct 24 2017 4:00 pm UTC 45 mins
    • Welcome to the Cloud Generation, where employees demand flexibility and access wherever they are, but can expose your most sensitive data to risk.

      Distributed environments—like mobile and distributed workforces—introduce new attack surfaces that must be protected and increased use of SaaS Cloud Apps are driving the need for new compliance and security controls. The result? Security and IT teams are being forced to rethink network designs to better answer questions like:

      - How do we effectively govern access to data, apps and systems?

      - How can we combat advanced threats targeting our business through the web, cloud and e-mail?

      - How should we secure information that is moving between our network, endpoints and the cloud?

      Join Gerry as he discusses the key Cloud Generation security challenges facing Symantec’s enterprise customers and learn how Symantec’s Cloud-delivered security solutions can be used to protect users, devices and corporate data, wherever it resides.

      Read more >
    • Why VMware NSX, AirWatch & vSphere will redefine your Approach to Cyber Security
      Why VMware NSX, AirWatch & vSphere will redefine your Approach to Cyber Security Christopher Campbell, Director of Solution Marketing | Security & Tim Davis, Sr. Systems Engineer, NSX Enterprise, VMware Recorded: Oct 6 2017 9:40 pm UTC 68 mins
    • Data breaches, cyber-attacks, security lapses and new regulations have made IT security more challenging than ever now that every organization has gone digital. IT teams are struggling with points solutions, as the traditional security approach no longer works. Explore how VMware makes cyber security intrinsic with a footprint throughout IT organizations with a security solution that includes products such as Workspace ONE, AirWatch, Horizon, NSX, AppDefense, vSphere, vSAN and vRNI that simplifies and consolidates IT security. Also, learn about what’s new with NSX and our newest security solution AppDefense.

      Technical Demo’s will include looks into the Horizon with NSX solution, and how it interacts with 3rd party solutions such as Trend Micro’s Deep Security to automate security processes. You will also get a look into the vRealize Network Insight tool, and how it is helping our customers operationalize these new security models, maintain operational visibility into the network, and ensure best practices and health of the networking and security services.

      Read more >
    • Security by Design – Modernizing Technology Governance
      Security by Design – Modernizing Technology Governance Tim Sandage, Sr. Security Partner Strategist, AWS Recorded: Oct 12 2017 11:00 pm UTC 33 mins
    • Up-front design of your cloud environment can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Security by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability across, such as:

      - Organizational governance
      - Asset inventory and control
      - Logical access controls
      - Operating system configuration
      - Database security
      - Applications security configurations

      Why this session:

      Cloud Computing is becoming the new normal, the question isn’t “if” anymore, it’s really just “how fast can we move?” and “what are we going to move first”

      Because of this trend organizations need to understand their security and compliance capabilities and shared responsibilities for security as they migrate resources to the cloud. Whether its clinical trial simulations with Bristol Myers-Squibb, who uses AWS to run clinical trial simulations for 64% less cost; in 1.2 hours vs. 60 hours or Galata Chemicals who are running their development and test workloads in the cloud. Organizations need to start with a “Secure by Design approach, which support security at scale as they increase their use of cloud resources.”

      Read more >
    • Hybrid Mobile Apps: From Security Challenges to Secure Development
      Hybrid Mobile Apps: From Security Challenges to Secure Development Dr. Achim D. Brucker, Security Consultant & Senior Lecturer, University of Sheffield Recorded: Aug 16 2017 12:00 pm UTC 35 mins
    • Cross-platform frameworks, such as Apache Cordova, Adobe PhoneGap, or SAP Kapsel are becoming increasingly popular. They promote the development of hybrid apps that combine native, i.e., system specific, code and system independent code, e.g., HTML5/JavaScript. Combining native with platform independent code opens Pandora's box: all the security risks for native development are multiplied with the security risk of web applications.

      In this talk, we will give a short introduction into hybrid app development, present specific attacks and discuss how Android developers are using Apache Cordova. In the second half of the talk, we will focus on the secure development of hybrid apps: both with hands-on guidelines for defensive programming as well as recommendations for hybrid app specific security testing strategies.

      Speaker bio:

      Dr. Achim D. Brucker (https://www.brucker.ch) leads the Software Assurance & Security Research Team (https://logicalhacking.com) at the University of Sheffield, UK. Until December 2015, he was a Security Testing Strategist in the Global Security Team of SAP SE, where, among others, he defined the risk-based security testing strategy of SAP. He is a frequent speaker at security conferences.

      Read more >
    • Women in Cyber Security
      Women in Cyber Security Chanel Suggs, IT Security Manager, Professor and Advisory board member, EC-Council Recorded: Jan 27 2016 4:00 pm UTC 47 mins
    • The future for women in Cyber Security is NOW.

      Despite the growing demand and tremendous opportunities in the job market, cyber security remains an area where there is a significant shortage of skilled professionals regionally, nationally and internationally.

      At EC-Council University we want to empower and recognize women who are results-driven and able to manage multiple disparate tasks while leading groups to achieve positive outcomes and astonishing professional successes.

      Even worse, women’s representation in this male-dominated field of security is alarmingly low. Women are detail oriented with an analytical mind that quickly assess and achieve solutions to the most difficult problems, prioritizing and executing in a rapid, dynamic environment.

      “At EC-Council University we wish to highlight these prestigious women and set examples for others to follow suit.”

      Read more >
    • It’s Time to Think Differently About Network Security
      It’s Time to Think Differently About Network Security Franklyn Jones, VP, Spikes Security Recorded: Jan 20 2016 3:00 pm UTC 35 mins
    • Something is seriously wrong here. Businesses spend millions every year on the latest security technologies to keep their businesses safe – and then they still get attacked! Why does this continue to happen over and over again, and what can we do about it? This presentation – loaded with compelling research data from many different industry sources – provides revealing statistics on how bad this cyber security problem really is, and why it has continued to get worse despite your best efforts. But, if you’re willing to think differently about network security, there is now a way you can eliminate a huge number of attacks on your network, improve productivity of your IT staff, keep your business safe, and save a significant amount of money in the process. Skeptical, right? Well attend this session, learn the facts, then decide for yourself.

      Read more >
    • Risk-based Security: Having the Right Security in the Right Place
      Risk-based Security: Having the Right Security in the Right Place Illyas Kooliyankal (Middle East CISO of the Year), CISO, ADS Securities Recorded: Jan 19 2016 4:00 pm UTC 49 mins
    • -- Middle East CISO of the Year -- Global CISO of the Year Runner Up --

      An overall deep level analysis of why it is important to go back to basics, and basics of risk based approach towards information security. The session will be covering the current and historical state of information security, its challenges, and the way to get the right security for any organisation. Risk based approach, frameworks, high level steps, cost-benefit analysis, prioritisation of corrective measures based on risk categories, and presenting the information security plans to executive management based on a risk based approach. This is extremely key, when the organisational perimeters are not physical anymore, and organisational boundaries cannot be clearly defined within a firewall or a router, due to the adoption of new technologies and solutions like cloud, big data, mobiles etc.

      Read more >
    • What’s New in the Windows 10 Security Log
      What’s New in the Windows 10 Security Log Randy Franklin Smith, Ultimate Windows Security & Erick Ingleby, LogRhythm Recorded: Dec 10 2015 4:00 pm UTC 84 mins
    • Randy Franklin Smith of Ultimate Windows Security has been busy researching the changes to audit policy and the security log in Windows 10. He’ll be updating the Security Log Encyclopedia to reflect these changes and I’m going to show you these changes live in this upcoming real training for free ™ webinar. Here’s what to expect:

      • Microsoft has added a new “Audit Group Membership” subcategory to audit policy that documents all the groups a user belongs to at the moment of logon – whether an interactive logon to a workstation or a remote logon as to a file server. Smith will discuss the interesting ways you can use this information to enhance your monitoring of different types of users.

      • The other new audit policy, “Audit PNP Activity” allows you to audit connection of external devices by the Windows plug and play system.

      • Microsoft has new events and more fields to some existing events so that get additional useful information on activity like: Logons, process creation, enumeration of the local SAM account database and changes to Boot Configuration Database (BCD).

      A lot of these changes are valuable enhancements that will help you catch endpoint security threats more effectively. Furthermore, Smith will show specific examples of these new events and point out the new fields in existing events.

      LogRhythm, has sponsored this real training for free ™ session. LogRhythm has a new version of their cool SIEM out and Erick Ingleby will demo the new version 7.1. This includes the introduction of a new back-end technology for storing all log data that provides greater scalability, search performance, faster indexing rates, and enables new capabilities such as unstructured search against the full log message text.

      Read more >
    • Creating a network of security champions at Diageo
      Creating a network of security champions at Diageo John Haren, Head of Information Security Governance, Risk & Compliance, Diageo Recorded: Sep 15 2015 11:00 am UTC 38 mins
    • Since 2013 we have created a Security Champions network in Diageo across our 21 markets globally.Given limited resources, we had a clear vision of what we wanted to achieve and we took a top-down approach to gain support for the initiative. We developed SMART objectives with a view to slowly and demonstrably driving value for Diageo employees and management over time. This is the story of how we achieved mutual benefit both for us in the central Security team and for the market Security Champions & their colleagues. Key takeaways will include;
      1: Aim for a Win-Win situation;
      2: Gain support from senior management first;
      3: Empower your champions;
      4: Build the program into champions’ annual targets or development plans;
      5: Actively drive network continuous improvement.

      Read more >
    • Evolving Your Cloud Security Stack With a CASB
      Evolving Your Cloud Security Stack With a CASB Gartner's Cloud Security Research Director Steve Riley and Netskope CEO Sanjay Beri Recorded: Jul 28 2017 3:50 pm UTC 30 mins
    • Hear from Gartner’s cloud security research director Steve Riley.

      New API-driven cloud and web services, along with mobile devices, have unlocked new and unsurpassed levels of productivity.

      The reality, however, is that while the way people work has evolved, legacy security tools were designed for a different time — and new tools such as cloud access security brokers (CASBs) are quickly gaining the attention of security architects and CISOs worldwide.

      Netskope is proud to sponsor this webcast where attendees will hear from Gartner’s cloud security research director Steve Riley.

      Attendees will learn:

      - how organizations are rethinking visibility, governance, data security, and threat protection

      - how to build a new security stack as resilient and nimble as the new workforce they protect.

      Featured presenters

      Steve Riley
      Cloud Security Research Director

      Sanjay Beri
      Chief Executive Officer

      Read more >