If you and your on-call team feel overwhelmed or exhausted by the volume of alerts, this is for you. In it, we explore methods to not only identify and deal with alert fatigue but reduce it over time by fine-tuning your monitoring and alerting services. We'll also discuss the iterative process of identifying which data sets really represent actionable issues, which ones are redundant or overlap, and which ones are valuable only for information, and are never actionable. Join us to hear how you can make on-call suck less.Read more >
In 2008, a US district court said that expired patent numbers fall within the scope of “unpatented articles”, as defined by the section of the US statute relating to the standards for bringing lawsuits for false patent marking. Then, in December last year, the Federal Circuit ruled in Forest Group v Bon Tool that false marking defendants are subject to potentially much greater fines than had been previously awarded.
These two cases have arguably incited a false marking frenzy in the US, with hundreds of suits having been filed this year alone. This webinar will discuss how we got here, proposals to curb the problem, and strategies for companies to both avoid and successfully navigate such actions.
Eileen McDermott, Managing IP (moderator)
Lawrence M. Sung, University of Maryland School of Law
Robert Krebs, Nixon Peabody
Maia Harris, Nixon Peabody
First instalment of security Q&A sessions on whether organisations are operating under a false sense of security with the current measures they have in place.Read more >
• How to distinguish between statements that might be subject to false advertising claims and mere "puffery"
• What types of evidence might be needed to refute a claim of false advertising, and where to find that evidence
• How to use false advertising law as a weapon against a competitor's advertising campaign
Data Loss Prevention (DLP) is a computer security term referring to systems that enable organizations to reduce the corporate risk of the unintentional disclosure of confidential information. Data-loss prevention of stored data typically involves a Data Security Software installed on your computer to prevent unauthorized access to the data stored on your hard drive and USB/External drives. These systems identify, monitor, and protect confidential data while in use (e.g. endpoint actions), in motion (e.g. network actions), and at rest (e.g. data storage) through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination and so on) and with a centralized management framework.
The purpose of this talk is to provide an overview of DLP tools/software and why it is generally ineffective in preventing data loss. Organizations need to establish best practices in addition to (possibly?) deploying DLP to reduce risk of data loss. This talk will include a discussion of these best practices.
Today’s criminals and terrorist organizations are outpacing the performance of anti-money laundering (AML) programs by using new and unconventional ways to hide illicit transactions. While financial services firms have taken measures to improve programs, such as fine-tuning alert systems to reduce false positives, and investing in human capital to manage the growing number of investigations, they must look to Big Data to take their AML programs to the next level.
In this one-hour webinar, we’ll discuss how Big Data can be used today to bring AML programs into the new frontier, including how to:
· Improve transaction monitoring and reduce false positives
· Reduce the handle time for AML investigations
· Provide more sophisticated and automated customer risk-scoring
Third-party tests can be extremely caluable for evaluating anti-malware products. In-fact, more tests are available than most people realize, covering not only detection rates and scanning speeds, but also factors like number of false positives and ability to block zero-day attacks. But an educated evaluator can both avoid the snares of misleading tests and find a surprising number of useful third party tests.Read more >
Any organization deploying or looking to deploy an IPS recognizes that false positives are the bane of such systems, while intelligence about active and new threats is vital to keeping an IT organizations defensive posture at its utmost effectiveness and efficiency. Hewlett Packard Enterprise (HPE) TippingPoint IPS appliances inspect traffic in real time and take advantage of the latest warnings of network-based threats while reducing, and often eliminating, false positives; this webcast will discuss the technology behind the next-generation features and present the results of a review by SANS senior analyst and instructor Dave Shackleford.Read more >
User behavior analytics is growing more sophisticated, using machine learning and big data analysis to precisely identify true malicious activity on a network. The big challenge for such solutions is to optimize the use of security analysts' time by avoiding false positives and by giving them complete context when activity is genuinely thought to be malicious. In this session, you’ll learn about innovations in this space that help you find insider threats and quickly shut them down.Read more >
Security demands countless decisions to determine whether or not log data or other surveillance data are positive indicators of adverse activity or merely false positives. Knowing when, and how, to make and document those decisions can be critical to how legal and compliance sanctions may be imposed. Designing your security controls to do so effectively can make all of the difference. Learn how rules-based design can transform your design frameworks and keep lawyers and regulators away.Read more >
Is your Security Operations Center capable of handling high incident volumes? Is it applying the latest tools and technologies to detect and analyze threats? How can you deepen your SOC capabilities quickly an cost-effectively?
In this webinar, our SOC expert will share best practices for making your security response faster and more accurate by using Symantec Managed Security Services.
Learn how to:
- Reduce false positives
- Fill knowledge gaps
- Prioritize security incidents for quick resolution
So, you've got an alarm - or 400 alarms maybe, now what? Security incident investigations can take many paths leading to incident response, a false positive or something else entirely. Join this webcast to see security experts from AlienVault and Castra Consulting work on real security events (well, real at one point), and perform real investigations, using AlienVault USM as the investigative tool. Process or art form? Yes.
- Tips for assessing context for the investigation
- How to spend your time doing the right things
- How to classify alarms, rule out false positives and improve tuning
- The value of documentation for effective incident response and security controls
- How to speed security incident investigation and response with AlienVault USM
Joe, Tony and Grant, collectively known as "JTaG", have been working with packets one way or another for a combined 50 years. During their tenure at AT&T, they managed IDS for some of the world's largest companies and have used every IDS available from NetRanger to Suricata. They also stood up SIEMs capable of processing billions of events per day in their "Threat Management" SOC environment. These days, they use their powers for good, helping customers of all sizes understand the ever-changing security landscape.
Without the right context and perspective to a situation, you cannot make an unbiased and fair decision. Any decision maker needs a 3D view of a situation to make informed decisions and opinions. It is similar in the security industry, if you have no context and you are not aware of the who, what, why and when in terms of a cyber attack then how do you know what to prioritise and where potential gaps maybe. This has never been more prevalent than during todays cyber threat landscape, attacks are becoming so sophisticated and specifically targeted that the right threat intelligence is absolutely key in surviving and being able to attribute correctly in your security strategy.
So why is attribution so important?
With the sophistication of todays cyber attacks its is almost impossible to expect a security manager to be able to stop all of them, so in the event of a breach it is important to have the intelligence to allow the security manager to establish the depth of an attack.
With so many alerts that organisations have to deal with on a daily basis, how do you know which ones ones are false positives and which ones to pay attention too? How do you differentiate in the crowds to find that one alert that should be stopped.
Should you "trust thy neighbour" in the world of cyber? Having the right technology, intelligence and expertise in place ensures you know exactly who is attacking you and why and how you can ensure you and your organisation is not a target again.
Register for this short webinar to learn how telematics can help you better manage your vehicles and drivers.
•Cut fuel costs by improving routing and reducing speeding and idle time.
•Improve arrival time estimates and boost customer satisfaction.
•Keep vehicles running reliably so they can stay on the road and on the job.
•Protect drivers from false claims of speeding or not showing up as scheduled.
No one understands the strain of constant battle better than those in Incident Response (IR). Daily cyber assaults require an unattainable perfect response – every time. However, teams are constantly working within constraints and breaches continue to occur in record number. Technology has been introduced to help but has failed time and time again. Breach identification takes an exorbitantly long time. And above all, attackers continue to target that last line of defense – the vulnerable, easily fooled human assets. When that last line of defense is surpassed, the IR team is expected to catch the attacks in progress – wading through millions of false alerts while attackers continue to hone their approach and deliver evolved malicious payloads.
It’s enough to make you wonder why you got into this line of work!
Join PhishMe’s David MacKinnon and Will Galway to hear why it’s not all doom and gloom. Previous to PhishMe, both David and Will worked as incident responders in the Fortune 500 market, collecting years of security operations insight and best practices to share. In this session, you’ll gain tips and knowledge around new threats and solutions for Incident Responders such as:
•The new wave of malware to watch for and trends and threats collected from 2015
•The evolution of phishing emails, their targets and the payloads they deliver
•How to forge a new line of defense and triage potential attacks – quickly and easily