Learn about the first signature-less engine to be integrated into VirusTotal
CrowdStrike recently made headlines by announcing that it is the first machine learning-based engine to be integrated into VirusTotal. VirusTotal is the premier nexus where all reputable AV vendors transparently publicize their detection results and share malware data for the greater good. The addition of CrowdStrike’s advanced machine learning engine to this anti-malware industry staple is a major leap forward for users who rely on VirusTotal capabilities to help defend their endpoints.
In this live CrowdCast, CrowdStrike’s Chief Scientist Dr. Sven Krasser offers an exclusive look “under the hood” of this unique machine learning engine, revealing how it works, how it differs from all other signature-based engines integrated into VirusTotal to date, and how it fits into the larger ecosystem of techniques used by CrowdStrike Falcon to keep endpoints and environments safe.
Topics will include:
•What CrowdStrike Falcon machine learning is and how it works
•How to interpret results of machine learning-based threat detection
•How users can benefit from the CrowdStrike Falcon machine learning engine
•How this cutting-edge technology fits into the CrowdStrike Falcon breach prevention platform
Dr. Sven Krasser
Chief Scientist, CrowdStrike
Dr. Sven Krasser is a recognized authority on network and host security. He currently serves as Chief Scientist for CrowdStrike, where he oversees the development of endhost and cloud-based Big Data technologies. Previously, Dr. Krasser was at McAfee where he led the data analysis and classification efforts for TrustedSource. He is the lead inventor of numerous key patented and patent-pending network and host security technologies and is the author of numerous publications on networking and security technologies.
As malware and malware variants proliferate across the globe, it is increasingly difficult to defend against these advanced threats. Business-critical transactions, access requests and information must be protected in a manner that does not rely on traditional, out-of-date security solutions. Secure mobile devices enable organizations to move business-critical processes out-of-band and off infected computing platforms, namely traditional desktops and laptops. With powerful native functions, mobile provides an excellent solution to thwart advanced threats — all while improving user experience and security, and offering organizations a flexible platform for security.Read more >
In 2016, the PhishMe Intelligence team saw over 2,500 active threat reports, the widespread implementation of anti-analysis methods, a notable evolution in techniques and tools to deliver malware, and the growing threat of encryption ransomware.
Now more than ever, it has become more important to detect and interdict malware during the delivery phase. What can you do to defend your environment? What will threat actors do to step things up in 2017?
Join Brendan Griffin, to learn about:
•The evolution of malware and encrypted ransomware
•2016’s most prevalent threats
•Identifying the latest malware delivery tools and techniques
•Developing a modern defense strategy and empowering your users
•What to look out for in 2017
Automation is key when it comes to production. The same is true for malware. Malware production has moved on from the traditional manual method to a more efficient automated assembly line. In this talk, I will take the audience on an over-the-shoulder look at how attackers automate malware production. Discussion will focus on the tools and methodologies the attackers use to produce thousands of malware on a daily basis. The talk will then conclude with a live demonstration of how malware is produced in an automated fashion.Read more >
Antimalware Updates from the Experts: From your perspective, what are the biggest differentiators between individual antimalware products?Read more >
Malware analysts spend a lot of time analyzing code and looking for indicators of compromise from advanced persistent threats and even for the most seasoned analysts the volume of analysis can be prohibitive. In today's environment malware analysts need to leverage automated tools to power through large volumes of sample code and quickly receive valuable threat summaries.
Letting the computers do the work allows the analyst to quickly identify files of greatest concern, and focus on remediating especially pernicious attacks. Malicious behavior can now be viewed right down to the kernel level, giving a complete picture of how your network was targeted by a specific cyber threat.
Join Thomas Quinlan as he explores integrating automated threat assessment processes and defining indicators that identify specific threats to your system.
- RSA 2016 -
BrightTALK caught up with Menlo Security CTO Kowsik Guruswamy to get his thoughts on eliminating malware, the websites with the highest risk and vulnerability, plus how to protect the connected home.
Understanding Malware Lateral Spread Used in High Value Attacks
APTs are known to use advanced Techniques, Tactics, and Procedures (TTP), including advanced malware design with protection layers, sandboxing evasion, and lateral movement inside penetrated networks to seek out high value targets.
In this webinar, Nick Bilogorskiy of Cyphort Labs will:
Review various lateral movement techniques and methods used by past advanced threats
Look at some APT samples like Shamoon, in detail to show the specific steps in the lateral movement by the malware
Provide an understanding of how lateral movement of APT should help security defenders to better select and implement protection solutions
Today’s advanced persistent threats evade traditional security controls with techniques such as SSL encryption and require an integrated, simple and automated approach that can detect and defend at every stage of an attack.
During this EMEA Breach Prevention Week, Ronald den Braven, EMEA Consulting Engineer Malware/APT will cover how your organization can simplify it’s response to the most dangerous threats, automatically detecting unknown malware and quickly preventing threats before an enterprise is compromised.
BitTorrent is a very well-known protocol for large files distribution over the internet and it’s used by every industry from Linux distributions to copyrighted software and also for more questionable uses. Loved and hated by many, it is today unquestionably part of the internet landscape.
With over 300 million users swapping files via BitTorrent every month, according to startup Tru Optik, with little or no supervision or control, it has also became an important target for malware distribution, explored by criminals worldwide, making both users as well as organizations victims.
In this session we will present a research done by AnubisNetworks Labs team that shows how Bittorrent is an infection vector used by malware creators to compromise machines at a global scale, with minimum effort.
We will provide a historic view concerning the P2P Networks evolution from the early players such as E-Mule, Napster, Kazaa; highligh the Bittorrent protocol and how it works. The methodology used in this research unveiled which applications and operating systems are more vulnerable but more importantly which botnets are more common shipped with torrents and what type of risk they pose to users and organizations.
· Why P2P file sharing is a security risk to both users and organizations
· How malware is disseminated using different type of applications
· Most common types of malware shipped with torrents
While many are familiar with the more mainstream security conferences, such as RSA, BlackHat and Virus Bulletin, AVAR is an international conference put on by the Association of Anti-Virus Asia Researchers, meeting for the 18th year, which focuses on the specific topic of malware research and analysis.
This presentation will review the content delivered at this conference and highlight the challenges and successes researchers have faced over the past year when analyzing malware to secure our online future.
How do you protect against unseen security risks like zero-day and advanced persistent threats? Use existing anti-virus protection or an anti-malware solution that needs specialist security analysts to operate it? Either way, you’d be putting your business at risk, slowing down time-to-remediation and experiencing excessive TCO. Join us for this webinar to learn about a powerful solution capable of helping you win in the battle against ever sophisticated and targeted threats.Read more >
2015 has been a huge year for malware. Learn about highlights and revelations from Black Hat 2015, specifically how the windows software update services can be hacked, the future of biometrics, and the progress of scams and other victim-initiated payments like ransomware.
We will also discuss the spikes we've seen from phishing attacks this year and what it means for an end user.
What do you do when adversaries don’t use any malware or exploits? We will show how to deal with malware-free intrusions; how to detect, prevent, attribute and respond. This session will feature techniques we’ve observed in the field, from the stealthiest adversaries who leave no malware footprints behind. We will demonstrate a live attack and show how CrowdStrike’s next-generation endpoint protection solution, Falcon Host, can detect the activity in real-time and provide relevant countermeasures for protection and response.
In this session, you will learn how to:
•Determine whether advanced adversaries have gained a foothold in your organization without using malware
•Identify and observe adversary’s lateral movement to understand what they want and who they are targeting in your organization
•Gain the ability to record and reconstruct an incident completely to understand what systems and data the adversary has touched
There are now more than 1 billion websites in existence, with more than 100,000 additional ones created every day. The Web is the primary attack vector for the vast majority of malware.
Join Kowsik Guruswamy, CTO of Menlo Security, as he presents the findings of a recent study on the security vulnerabilities of the world's most popular websites.
This webinar will cover:
- A review of the findings of a recent Menlo Security Vulnerability report into the top 1m website and their security vulnerabilities.
- An analysis of the current state of web security, it's evolution and why it is not effective in blocking modern malware attacks.
- An introduction to the concept of "Isolation Security'.
- A demonstration of the innovation Menlo Security Isolation Platform, illustrating how to eliminate web-borne malware.
This webinar will describe how isolation technology can be used to definitively eliminate malware from Web & email.
- Web and email vulnerabilities and exploits (compromised & malicious Web sites, Java, Flash)
- How malware evades detection
- Isolation as an alternative to detection for preventing malware
- 5 key considerations of an isolation system
- Isolation in action: Case studies for uncategorized Web sites, elimination of Java and Flash, phishing prevention
In conjunction with Osterman Research, Trustwave will present a live panel discussion on the challenges of modern malware and how to effectively combat it.
Trustwave editor Dan Kaplan will facilitate this discussion with Analyst Michael Osterman of Osterman Research, and Steve Brunetto, Director of Anti-Malware Product Management for Trustwave. This deep-dive session will investigate techniques modern malware uses to evade even “zero-day” detection methods, debunk misconceptions, and discuss what the next generation of malware prevention looks like.
Following the discussion, audience members will be able to ask the panelists questions. Please join us for this interview-format webcast.
The rapid rise in cloud adoption – of which corporate IT has underestimated the scope by as much as 10x - has created a new effect: a “cloud attack fan-out.” Between many connected devices, which increase the attack surface, and capabilities like sync and share, which increase data velocity in the cloud, both the propensity and the severity of a breach rise.
Join Krishna Narayanaswamy, Founder and Chief Scientist of cloud security company Netskope, as he takes an in-depth look at data breaches involving cloud services and how they come about. Krishna will take a fun, CSI-like presentation approach and draw upon unique, anonymized data seen in the cloud to illustrate:
- The multiplier effect that that the cloud can have on the probability of a data breach
- Three real-world examples in which the cloud can play a role in data breaches, including a step-by-step review of a recent exploit found in a cloud storage app
- How to identify data breaches in an enterprise cloud environment using advanced anomaly detection techniques
- A forensic walk-through in the reconstruction of a complex audit following a data breach
- Best practices for mitigating breaches as well as monitoring and protecting sensitive enterprise data in the cloud
Many vendors are rushing to bring malware protection systems to market, but today’s advanced malware is stealthy and can often evade these systems. Organizations need a more comprehensive approach that looks beyond behavior seen in the sandbox, uncovering the hidden danger in malware's latent code.
Anne Aarness, Senior Manager at McAfee, explains how McAfee Advanced Threat Defense combines in-depth static code and dynamic malware analysis for a comprehensive malware protection system. Combined, this represents the strongest advanced anti-malware technology in the market, and effectively balances the need for both security and performance.
Businesses today face more advanced attacks than we’ve ever seen in the past – and defending against them takes a connected approach which can disrupt the multiple points of infiltration and exfiltration used in the process of a breach. With most attacks seen in the wild using phishing emails to reach their target, a web link or malicious file to deliver a payload, and an outbound stream of communication to exfiltrate data – implementing a Secure Email Gateway, Secure Web Gateway, Advanced Anti-Malware, and Data Loss Prevention technology together will provide a barrier difficult for even the most advanced attacks to overcome.
Don’t miss this webinar if you have a stake in the security of your most valuable information, or are directly responsible for the implementation of security solutions to protect it.
Cloud adoption is quickly becoming a must-have for enterprises, as organizations clamor to exploit the cost savings and increase in collaboration and productivity that are now established benefits of many cloud apps But at the same time, this rise in adoption – of which corporate IT has underestimated the scope by as much as 10x - has created a new effect: a “cloud attack fan-out.” Between many connected devices, which increase the attack surface, and capabilities like sync and share, which increase data velocity in the cloud, both the propensity and the severity of a breach rise.
Attend this webinar with Adrian Sanabria, Senior Analyst, Enterprise Security, 451 Research and Abhay Kulkarni, VP Engineering, Netskope for a spirited discussion that will explore the following:
- Trends in the market related to cloud adoption and the steps being taken to address security concerns;
- How to securely enable the use of cloud services for enterprise employees;
- A “how to” for identifying data breaches in an enterprise cloud environment using advanced anomaly detection techniques;
- Best practices for mitigating breaches as well as monitoring and protecting sensitive enterprise data in the cloud.