Hi [[ session.user.profile.firstName ]]
Sort by:
    • Seeing the Unseen – Detecting the Advanced Persistent Threat
      Seeing the Unseen – Detecting the Advanced Persistent Threat Justin Turner, Director of the Targeted Threat Hunting & Response Team, SecureWorks Recorded: Sep 14 2016 6:00 pm UTC 63 mins
    • Learn how Threat Hunting delivers high certainty in detecting compromise

      Many organizations have information security protections in place that still fail to answer with high a level of certainty, "Have we already been compromised?" A cyber threat such as malware or even a large scale Advanced Persistent Threat could be hiding in areas of your network and go unnoticed by the untrained eye.

      That’s where Threat Hunting comes in.

      During this interactive webinar, Justin Turner, Director of the Targeted Threat Hunting & Response Team, will share what Hunting is, what it should tell you, and cut through industry noise. He will share experiences and insights from actual hunting engagements and will also provide recommendations for security leaders and practitioners on how to identify indicators of attacker presence leveraging threat intelligence for context to determine how to engage and resist the adversary.

      In addition, you will:
      - Learn what Targeted Threat Hunting must do for you
      - Hear real-world examples of previous incidents and how targeted threat hunting was used to remove entrenched adversaries
      - Get recommendations on strategies and tactics to aid you in your hunting

      Read more >
    • How Threat Intelligence Helps You Combat Targeted Malware
      How Threat Intelligence Helps You Combat Targeted Malware Jeremy Linden of Cisco Umbrella, Jessica Bair of Cisco Threat Grid and Mike Clark of ThreatQuotient Recorded: Sep 7 2017 5:00 pm UTC 38 mins
    • As malware becomes more complicated and harder to detect, cyber analysts are increasingly inundated with more work. The more menial tasks a security team performs, the less likely they are to have the time to properly analyze or defend against malware. There are steps you can take to defend against malware and protect your organization.

      Join this webinar with experts Jeremy Linden of Cisco Umbrella, Jessica Bair of Cisco Threat Grid and Mike Clark of ThreatQuotient as they discuss how to utilize a Threat Intelligence Platform to enhance malware analysis capabilities and prevent access to malicious domains. Visit the Cisco Marketplace to learn more.

      In the webinar, you will learn to:
      - Streamline malware analysis workflow
      - Add context to malware analysis results using validated threat intelligence
      - Make informed decisions efficiently and effectively
      - Take action from a centralized workbench to minimize your risk window

      Read more >
    • Using Threat Intelligence to Prevent a Ransomware Attack
      Using Threat Intelligence to Prevent a Ransomware Attack Join Bardia Omran, Cyber Threat Intelligence Analyst at BT, and Allan Liska, Intelligence Architect at Recorded Future Recorded: May 9 2017 3:00 pm UTC 58 mins
    • Ransomware hit between 1 in 3 businesses during 2016 and is the fastest growing malware threat according to the U.S. Department of Justice. If you've been laid back about ransomware attacks, now might be a great time to change your ways.

      Join Bardia Omran, Cyber Threat Intelligence Analyst at BT, and Allan Liska, Intelligence Architect at Recorded Future, to learn how you can use threat intelligence to help prevent a ransomware attack. This informative webinar will review strategic, educational, and operational approaches your company can employ to help in this fight including:

      • Tactics and procedures you should consider implementing.
      • How ransomware is used as a tool rather than a stand-alone weapon in targeted attacks.
      • Common risks to avoid such as password reuse and the lack of safety training.
      • How threat intelligence is used to contextualize indicators of compromise.


      Bardia Omran is a Threat Intelligence Analyst in BT Security, UK. Previously, Bardia worked on a service desk where he gained an in-depth knowledge of operating systems. He has a keen interest in malware and has spent the past two years researching it and contributing to BT's Security Threat Intelligence product.

      Allan Liska is a solutions architect at Recorded Future. Allan has more than 15 years of experience in information security and has worked as both a security practitioner and an ethical hacker. Through his work at Symantec, iSIGHT Partners, FireEye, and Recorded Future, Allan has helped countless organizations improve their security posture using more effective intelligence. He is the author of “The Practice of Network Security, Building an Intelligence-Led Security Program,” and “Securing NTP: A Quickstart Guide” and the co-author of “DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.”

      Read more >
    • How Hackers Exploit Your Windows Tools, Part 2: The WMI Threat
      How Hackers Exploit Your Windows Tools, Part 2: The WMI Threat Lee Lawson, Special Operations Researcher, SecureWorks Counter Threat Unit Recorded: Sep 13 2017 1:00 pm UTC 51 mins
    • Windows Management Instrumentation (WMI) is a Microsoft Windows administrative tool that has access to all system resources, making it powerful for both legitimate and illegitimate use. Via WMI you can do things like execute, delete and copy files; change registry values; and identify which security products are installed to aid in bypassing them.

      The malicious use of WMI and other legitimate tools continues to grow and was identified as a top trend in a recent SecureWorks Threat Intelligence Executive Report. Like PowerShell, WMI is often used to create file-less attacks that are difficult to identify and stop with technology alone. This makes WMI the perfect tool for threat actors to use as camouflage while acting inside your organisation.

      Join Counter Threat Unit - Special Operations Researcher, Lee Lawson, for the second webcast in our two-part series on how threat actors are exploiting Windows tools in “living off the land” attacks.

      You will learn:

      - Why WMI is so risky
      - Tips to identify malicious use of WMI
      - How threat actors hide their tracks and how you can unmask them
      - WMI threats identified by SecureWorks researchers
      - How you can avoid becoming a victim to this growing threat vector

      Read more >
    • Prioritizing Cyber Threats With Real-Time Threat Intelligence
      Prioritizing Cyber Threats With Real-Time Threat Intelligence Greg Reith, Threat Intelligence Analyst, T-Mobile Recorded: Nov 17 2016 7:00 pm UTC 63 mins
    • Creating a threat intelligence strategy is essential for a company to identify and prioritize threats effectively. Curating the necessary relevant data for this strategy, however, can be incredibly time consuming and resource intensive.

      In this webinar, Greg Reith, Threat Intelligence Analyst at T-Mobile, will discuss how to use real-time threat intelligence from Recorded Future to create a forward-looking strategy, including:

      • Identifying and analyzing hard-to-find threat data from the entire web including content in multiple languages.
      • Gaining relevant intelligence effectively from large volumes of threat data with smart automation, alerts, and queries.
      • Discovering trends and patterns that are useful in developing a forward-looking shift in strategy from multiple perspectives.

      Find out how you can reduce the time to collect the necessary information for building an effective threat intelligence strategy by over 400 percent.

      Read more >
    • Breach Prevention Week: Use Automation to Prevent Evasive Threats and C2 Traffic
      Breach Prevention Week: Use Automation to Prevent Evasive Threats and C2 Traffic Scott Simkin, Sr. Manager Threat Intelligence at Palo Alto Networks Recorded: Jun 21 2017 12:00 pm UTC 45 mins
    • Turn Raw Threat Intelligence Into Context and Action

      Attackers don’t stand still; your defenses shouldn’t either. See how multi-method threat prevention can be used to detect and prevent the most evasive threats and command-and-control traffic, and open up any source of threat intelligence to be used for automated prevention. These capabilities drive up the cost of successful data breaches for attackers, making their efforts too expensive to consider.

      You will learn more about:

      •How an evasion-resistant analysis environment defeats whole classes of VM evasion techniques.
      •Threat prevention capabilities that automate the blocking of command-and-control traffic in a way that previously required teams of signature writers.
      •How to enable security teams to gain leverage from any source of threat intelligence and drive automated prevention.

      Read more >
    • Prevention Week Pt 3: Use Automation to Prevent Evasive Threats and C2 Traffic
      Prevention Week Pt 3: Use Automation to Prevent Evasive Threats and C2 Traffic Scott Simkin, Sr. Manager Threat Intelligence at Palo Alto Networks Recorded: Mar 30 2017 8:00 am UTC 46 mins
    • Turn Raw Threat Intelligence Into Context and Action

      Attackers don’t stand still; your defenses shouldn’t either. See how multi-method threat prevention can be used to detect and prevent the most evasive threats and command-and-control traffic, and open up any source of threat intelligence to be used for automated prevention. These capabilities drive up the cost of successful data breaches for attackers, making their efforts too expensive to consider.

      You will learn more about:

      •How an evasion-resistant analysis environment defeats whole classes of VM evasion techniques.
      •Threat prevention capabilities that automate the blocking of command-and-control traffic in a way that previously required teams of signature writers.
      •How to enable security teams to gain leverage from any source of threat intelligence and drive automated prevention.

      Read more >
    • Prevention Week Pt 3: Use Automation to Prevent Evasive Threats and C2 Traffic
      Prevention Week Pt 3: Use Automation to Prevent Evasive Threats and C2 Traffic Scott Simkin, Sr. Manager Threat Intelligence at Palo Alto Networks Recorded: Mar 30 2017 2:00 am UTC 46 mins
    • Turn Raw Threat Intelligence Into Context and Action

      Attackers don’t stand still; your defenses shouldn’t either. See how multi-method threat prevention can be used to detect and prevent the most evasive threats and command-and-control traffic, and open up any source of threat intelligence to be used for automated prevention. These capabilities drive up the cost of successful data breaches for attackers, making their efforts too expensive to consider.

      You will learn more about:

      •How an evasion-resistant analysis environment defeats whole classes of VM evasion techniques.
      •Threat prevention capabilities that automate the blocking of command-and-control traffic in a way that previously required teams of signature writers.
      •How to enable security teams to gain leverage from any source of threat intelligence and drive automated prevention.

      Read more >
    • 2016 Malware Year in Review: Tricks, Threats, and Triumphs
      2016 Malware Year in Review: Tricks, Threats, and Triumphs Brendan Griffin, Threat Intelligence Manager at PhishMe Recorded: Mar 14 2017 8:00 pm UTC 60 mins
    • In 2016, the PhishMe Intelligence team saw over 2,500 active threat reports, the widespread implementation of anti-analysis methods, a notable evolution in techniques and tools to deliver malware, and the growing threat of encryption ransomware.

      Now more than ever, it has become more important to detect and interdict malware during the delivery phase. What can you do to defend your environment? What will threat actors do to step things up in 2017?

      Join Brendan Griffin, to learn about:

      •The evolution of malware and encrypted ransomware
      •2016’s most prevalent threats
      •Identifying the latest malware delivery tools and techniques
      •Developing a modern defense strategy and empowering your users
      •What to look out for in 2017

      Read more >
    • Prevention Week Pt 3: Use Automation to Prevent Evasive Threats and C2 Traffic
      Prevention Week Pt 3: Use Automation to Prevent Evasive Threats and C2 Traffic Scott Simkin, Sr. Manager Threat Intelligence at Palo Alto Networks Recorded: Mar 15 2017 5:00 pm UTC 45 mins
    • Turn Raw Threat Intelligence Into Context and Action

      Attackers don’t stand still; your defenses shouldn’t either. See how multi-method threat prevention can be used to detect and prevent the most evasive threats and command-and-control traffic, and open up any source of threat intelligence to be used for automated prevention. These capabilities drive up the cost of successful data breaches for attackers, making their efforts too expensive to consider.

      You will learn more about:

      •How an evasion-resistant analysis environment defeats whole classes of VM evasion techniques.
      •Threat prevention capabilities that automate the blocking of command-and-control traffic in a way that previously required teams of signature writers.
      •How to enable security teams to gain leverage from any source of threat intelligence and drive automated prevention.

      Read more >
    • Top cyber threats in the financial sector
      Top cyber threats in the financial sector Candid Wueest, Principal Threat Researcher, Symantec Upcoming: Nov 16 2017 3:00 pm UTC 45 mins
    • Financial institutions are increasingly facing attacks on multiple fronts.

      Cyber criminals continue to target online banking using malware to hijack customer transactions and banking sessions. While there has been an overall drop in infections related to these consumer threats, financial institutions are now facing new types of attacks in the form of large-scale financial heists.

      Attack groups such as Fin7 and Lazarus are deliberately targeting financial institutions in audacious attacks that are reaping large rewards. They are using living off the land and fileless attack tactics similar to APT groups. But also extortion with DDoS attacks or business email compromise (BEC) scams are increasingly bothering financial corporations.

      In this webcast on the current financial threat landscape, Symantec takes a look at the most prevalent and significant financial threats.

      In this webcast we will review:
      - The top threats facing financial institutions with statistics and examples
      - Explore the most common techniques employed in financial attacks
      - Provide case studies of the most high-profile financial attacks of the past 12 months

      Read more >
    • How St. Jude Medical Uses Threat Intelligence in Its SOC
      How St. Jude Medical Uses Threat Intelligence in Its SOC Russ Staiger, Lead Analyst, Cyber Threat Action Center, St. Jude Medical Recorded: Jun 7 2016 6:00 pm UTC 54 mins
    • St. Jude Medical is a leading global medical device manufacturer and is dedicated to transforming the treatment of some of the world’s most expensive epidemic diseases.

      In this webinar, Russ Staiger, lead analyst of the Cyber Threat Action Center (CTAC) at St. Jude Medical, will explain how the company combines real-time threat intelligence from Recorded Future with its Splunk SIEM to more effectively fulfill CTAC’s mission to identify, protect against, respond to, and enhance resiliency against cyber security threats.

      Register now to learn:

      • How St. Jude Medical uses threat intelligence to monitor for emerging threats against the healthcare industry.
      • How St. Jude Medical makes informed verdicts on events in its SIEM using context gained from Recorded Future threat intelligence.
      • How Recorded Future helps St. Jude Medical detect more complex events and potential incidents that could have possibly been missed without enrichment.
      • How the team fosters secure collaboration between the SOC, other security teams, and the business.

      Featured Speaker Bio:

      Russ Staiger is the Cyber Threat Action Center lead for information security teams concerned with investigation of APT (advanced persistent threats), malware remediation, and SIEM-based security strategies. Russ’s expertise also includes defensive systems data analysis, operational metrics (ITSM), in-line IDS-IPS implementation and action planning, security training and education, incident response, and team operations SLA enforcement.

      Read more >