Hi [[ session.user.profile.firstName ]]
Sort by:
    • Application Security at the Speed of DevOps
      Application Security at the Speed of DevOps James Rabon - Product Manager, Fortify Software Security Center and Tools Recorded: Oct 24 2017 6:00 pm UTC 60 mins
    • Faster time-to-market and business value driven application functionality are the biggest drivers for DevOps. With DevOps, more frequent releases require shorter development and test cycles creating a higher risk of breaches exploiting the application layer. The last couple of years have shown business value can take a significant hit with security breaches. Building security features at the speed of DevOps, and reducing risk with the right security architecture, processes, and collaboration is key to staying in business. This is the genesis of DevSecOps.

      In this Webinar, Derek Brink from Aberdeen Research describes how the shift towards rapid application delivery methods creates new opportunities for improving application security and reducing risk. MicroFocus’ James Rabon (Product Manager, Fortify Software Security Center and Tools) and Paladion's Vinod Vasudevan (Co-founder and CTO) discuss how MicroFocus and Paladion are helping customers integrate security and compliance into DevOps processes.

      Key Takeaways from the Webinar:

      - Trends in application delivery: from waterfall, to Agile and DevOps
      - How characteristics of Agile, DevOps provide a high-level blueprint for what application security in that environment should look like
      - Capabilities you should be looking for to improve application security at the speed of DevOps
      - How to adopt non-disruptive and continuous application security processes
      - Bringing in around-the-clock security monitoring for cloud assets

      Read more >
    • Security is NOT an Abstract Concept – Building Consensus in the Boardroom
      Security is NOT an Abstract Concept – Building Consensus in the Boardroom Patrick Grillo, Senior Director, Security Solutions, Fortinet Upcoming: Apr 24 2018 9:00 am UTC 45 mins
    • Making the connection between “Cause and Effect” is difficult enough but when technology executives need to explain their strategy to a non-technical audience, all too often the key message is lost in technical jargon.

      When technology is embraced by business leaders, it’s because of the perceived business benefit the technology could bring to the organization. What is frequently not discussed, or even thought about at this level, are the security implications associated with technology. The challenge for the senior technology executives is to be able to associate technology with risk, and risk with business disruption, without resorting to a Fear, Uncertainty and Doubt strategy.

      This session will focus on how senior technology executives can better relate to a non-technical audience, using tangible and quantifiable examples, to both inform and persuade of the need of making security an essential component of any business plan.

      Read more >
    • Cutting through the Cloud Security Noise: 5 Must-have Architectural Requirements
      Cutting through the Cloud Security Noise: 5 Must-have Architectural Requirements Steve House of Zscaler Recorded: Jan 11 2018 5:00 pm UTC 47 mins
    • The cloud and mobility have fundamentally changed the IT landscape. Both apps and users have left the network, however traditional security has struggled to keep pace. Developing a strong cloud security strategy is important to help restore visibility and reduce risk, but what is the best approach? While there are many opinions and perspectives, the best security strategy starts in the beginning with the proper architecture. Join this webcast to hear:

      - 5 key architectural requirements your cloud security strategy can’t live without.
      - What core building blocks you need to enable and secure your users and apps
      - Learn how leading enterprises are transforming their security to cloud

      Speaker Bio:
      Steve House is a seasoned Product Management leader with over 20 years of experience in the networking and security industries. During that time, he has worked for multiple market-leading organizations including Zscaler, Blue Coat Systems, Packeteer and CacheFlow where he has a consistent track record of helping them innovate and grow their market share.

      At Zscaler, Steve leads the Product Management team responsible for driving product strategy and execution. Steve’s goal is to help the company through its next phase of growth becoming the standard Internet security platform delivered as a service to any user on any device in any location. Steve holds a Bachelor of Science in Electrical Engineering from Duke University.

      For more questions about Zscaler, go to www.zscaler.com

      Read more >
    • Security Anthropology: How Do Organizations Differ?
      Security Anthropology: How Do Organizations Differ? Wendy Nather with Duo Security Recorded: Nov 16 2017 5:00 pm UTC 33 mins
    • When planning a go-to-market strategy, it’s common practice to build detailed marketing and sales personas for key security individuals such as the CISO, the IT administrator, the developer, and the end user. Each of these roles has different needs and priorities when considering a security tool, and sales strategy recognizes the need to address each of them. Organizations have different types of business drivers, priorities, constraints, and capabilities as well: for example, an 80-year-old manufacturing company may not care what cute new IoT ideas you might have.

      These organizational personas must be considered when searching out peers for benchmarking. Security decisions made only by looking at other companies in the same industry doesn’t provide enough data, because there are many other variables that come into play. Building a security anthropology model for comparing organizations provides more context to better design products and services to align with their needs, while helping the security community speak the language of the users it’s serving. Join us for a discussion on how we can excavate a better approach with Wendy Nather, Principal Security Strategist at Duo Security.

      SPEAKER INFO:
      Wendy Nather is a former CISO in the public and private sectors, and past Research Director at the Retail ISAC (R-CISC) as well as at the analyst firm 451 Research. She enjoys extreme weather changes while shuttling between Austin and Ann Arbor.

      Read more >
    • Why Native Security Features in AWS and Office365 aren't Enough
      Why Native Security Features in AWS and Office365 aren't Enough Narayan Makaram - Senior Director of Product Marketing & Louis Evans - Product Marketing Manager at Arctic Wolf Networks Upcoming: May 8 2018 6:00 pm UTC 60 mins
    • Most businesses are rapidly moving to the cloud to be fast and nimble, reduce their cost structure, and reach more customers anywhere, anytime. These new architectures have powerful new capabilities—but also expose businesses to a new universe of risk.

      When dealing with outsourced infrastructure like AWS, or a SaaS solution like Office365, it is easy for IT managers to assume that security is out of their hands, for better or worse. But, this assumption may not always be true. Businesses must develop an active cloud security strategy as they pursue their migrations, and become a proactive security partner with their cloud providers—or they will find themselves vulnerable to attack.

      In this upcoming webinar, hear from security experts at Arctic Wolf Network (AWN), on:

      - The top cybersecurity risks and best practices for securing cloud deployments
      - How AWN security monitoring compliments the native security features in AWS and Office365
      - The role of AWN cloud security in integrating observations from cloud and on-premise systems

      To see how AWN CyberSOC™ can secure your cloud, register now.

      About our speakers:

      Narayan Makaram is a Sr. Director of Product Marketing at Arctic Wolf Networks, a Managed Detection and Response (MDR) company that provides SOC-as-a-service. Narayan has over 15 years of information security experience, with in-depthexpertise in application security, malware detection, SIEM, vulnerability management and network security, in leading cyber security companies – Imperva, FireEye, ArcSight, Tenable, and Hewlett-Packard.

      Louis Evans is a new member of the Arctic Wolf team. He’s passionate about cybersecurity, defeating the next generation of threats, and Alan Turing.

      Read more >
    • A Bias for Action: Security Analytics for the Advanced SOC
      A Bias for Action: Security Analytics for the Advanced SOC Jon Oltsik, ESG and Barbara Kay, ExtraHop Upcoming: May 17 2018 5:00 pm UTC 60 mins
    • Orchestration and automation theory has graduated to a concrete architecture for implementation. An action-driven architecture supports more proactive analysis and investigation for more effective detection, triage, investigation, and response.

      The foundation of a successful security architecture in this model requires:
      - Rich, trustworthy data covering all aspects of the environment
      - Consolidated data sources and analytics processes
      - Automated investigation and response capabilities
      - Integration between tools and services for total coverage of every critical asset and data set.

      In this webinar, we'll discuss how to build an action-oriented security architecture, key use cases, and critical success factors.

      Read more >
    • The Four I's of Information Security
      The Four I's of Information Security Fernando Montenegro, Senior Analyst - Information Security at 451 Research Upcoming: Apr 26 2018 12:00 pm UTC 60 mins
    • A common approach for addressing a security initiative is to make assumptions about the underlying problem that needs to be solved. Too often, those assumptions are incorrect. In those cases, security practitioners end up wasting resources with little to show for it.

      Join Fernando Montenegro, Senior Analyst at 451 Research, as he presents an alternative framework for evaluating the fundamental issues that may hinder an initiative’s progress in a specific scenario. This framework allows practitioners to consider whether the issue is driven by incentives, information, investment, or irrationality which will help determine the appropriate path for addressing them in the context of security. With this knowledge, the security practitioner can tackle the problems with confidence and make real progress in their environment.

      Read more >
    • Top 10 Public Cloud Security Recommendations
      Top 10 Public Cloud Security Recommendations Matt Keil of Palo Alto Networks Recorded: Dec 14 2017 5:30 pm UTC 43 mins
    • Offering organizations of all sizes the benefits of agility and scalability, the adoption of public cloud continues at a pace rivalled only by that of the early days of the Internet era. As was the case then, the speed of adoption often means that “good enough” security is viewed as acceptable. With the underlying premise that the public cloud is someone else’s computer, and an extension of your network this session will cover public cloud security concerns, what the shared security responsibility model really means and recommendations for protecting your public cloud workloads and data.

      Read more >
    • Stop Phishing Attacks: What You Need To Know
      Stop Phishing Attacks: What You Need To Know Jordan Wright, Senior R&D Engineer - Duo Security Upcoming: May 1 2018 10:00 am UTC 60 mins
    • We’ve all seen the emails: someone shared a Google doc with us, our bank wants to verify our password, we’ve received an “important” attachment, you name it.

      Phishing is common. It’s common because it’s easy. Not only is phishing common, but it’s getting worse. There’s no “magic bullet” to eliminate phishing as a threat, so what can you do to mitigate your risk?

      Join Jordan Wright for a hands-on, method-focused deep dive into how you can reduce the threat posed by phishing. This will cover mitigation tactics at each stage of a phishing attempt, from before an email reaches the inbox to what you can do after a user clicks the phishing link.

      Read more >
    • The Practical Execution of Security in the Enterprise
      The Practical Execution of Security in the Enterprise Gee Rittenhouse, SVP Security Business Group, Cisco; Mike Iwanoff, SVP/CISO/CIO, iconectiv Recorded: Dec 5 2017 9:00 pm UTC 28 mins
    • As more of our business data will exist in the cloud and as the scale of IoT creates more weak links in the security chain, what systems in the network are designed securely that CIOs and CSOs can leverage? And will a lack of industry standards and technology architecture around the IoT makes it difficult to create security policies? Also, why do some contend that the IoT is impossible to secure?

      On this edition of NMGs podcast series, we invite Gee Rittenhouse, Senior Vice President, Security Business Group at Cisco and Mike Iwanoff, SVP/CISO/CIO at iconectiv.



      Key takeaways for listeners:

      a.Fraudsters are out in full force: Yesterday’s solution might not solve tomorrow’s problems/challenges

      b.Tips and Info: Top three things I can do to get more info/more data and improve my posture in this area
      •Threat Modeling
      •Risk Assessment
      •Risk Framework

      c.Determine whether you have the technology requirements for an acceptable risk posture:
      •Multi-cloud security
      •Visibility
      •segmentation of the network
      •automation – allowing you to implement controls to recover from a threat, find the source and mitigate the threat from reoccurring.

      d.Communicate that risk posture to exec team and to the board - At the end, the company should know what their risks are and what
      they are willing to accept

      e.Understand the challenge and know that you don’t have to build your own security solutions.

      Read more >