Hi [[ session.user.profile.firstName ]]
Sort by:
    • Fight the false marking fiasco Fight the false marking fiasco Managing IP, Nixon Peabody, University of Maryland School of Law Recorded: Dec 8 2010 5:00 pm UTC 94 mins
    • In 2008, a US district court said that expired patent numbers fall within the scope of “unpatented articles”, as defined by the section of the US statute relating to the standards for bringing lawsuits for false patent marking. Then, in December last year, the Federal Circuit ruled in Forest Group v Bon Tool that false marking defendants are subject to potentially much greater fines than had been previously awarded.

      These two cases have arguably incited a false marking frenzy in the US, with hundreds of suits having been filed this year alone. This webinar will discuss how we got here, proposals to curb the problem, and strategies for companies to both avoid and successfully navigate such actions.

      Speakers:

      Eileen McDermott, Managing IP (moderator)
      Lawrence M. Sung, University of Maryland School of Law
      Robert Krebs, Nixon Peabody
      Maia Harris, Nixon Peabody

      Read more >
    • DLP:  False Sense of Security or a Real Solution? DLP: False Sense of Security or a Real Solution? Edward Ray, CISO/CTO, MMICMAN, LLC Recorded: Apr 5 2012 4:00 pm UTC 42 mins
    • Data Loss Prevention (DLP) is a computer security term referring to systems that enable organizations to reduce the corporate risk of the unintentional disclosure of confidential information. Data-loss prevention of stored data typically involves a Data Security Software installed on your computer to prevent unauthorized access to the data stored on your hard drive and USB/External drives. These systems identify, monitor, and protect confidential data while in use (e.g. endpoint actions), in motion (e.g. network actions), and at rest (e.g. data storage) through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination and so on) and with a centralized management framework.

      The purpose of this talk is to provide an overview of DLP tools/software and why it is generally ineffective in preventing data loss. Organizations need to establish best practices in addition to (possibly?) deploying DLP to reduce risk of data loss. This talk will include a discussion of these best practices.

      Read more >
    • New Frontiers in Intrusion Protection New Frontiers in Intrusion Protection Elisa Lippincott, Network Security Product Marketing Lead Recorded: Dec 14 2015 5:30 pm UTC 61 mins
    • Any organization deploying or looking to deploy an IPS recognizes that false positives are the bane of such systems, while intelligence about active and new threats is vital to keeping an IT organizations defensive posture at its utmost effectiveness and efficiency. Hewlett Packard Enterprise (HPE) TippingPoint IPS appliances inspect traffic in real time and take advantage of the latest warnings of network-based threats while reducing, and often eliminating, false positives; this webcast will discuss the technology behind the next-generation features and present the results of a review by SANS senior analyst and instructor Dave Shackleford.

      Read more >
    • Security Incident Investigations: What am I looking at here? Security Incident Investigations: What am I looking at here? Joe Schreiber, AlienVault; Grant Leonard and Tony Simone, Castra Consulting Recorded: Dec 1 2015 7:00 pm UTC 59 mins
    • So, you've got an alarm - or 400 alarms maybe, now what? Security incident investigations can take many paths leading to incident response, a false positive or something else entirely. Join this webcast to see security experts from AlienVault and Castra Consulting work on real security events (well, real at one point), and perform real investigations, using AlienVault USM as the investigative tool. Process or art form? Yes.

      You'll learn:
      - Tips for assessing context for the investigation
      - How to spend your time doing the right things
      - How to classify alarms, rule out false positives and improve tuning
      - The value of documentation for effective incident response and security controls
      - How to speed security incident investigation and response with AlienVault USM

      Presenters:

      Joe, Tony and Grant, collectively known as "JTaG", have been working with packets one way or another for a combined 50 years. During their tenure at AT&T, they managed IDS for some of the world's largest companies and have used every IDS available from NetRanger to Suricata. They also stood up SIEMs capable of processing billions of events per day in their "Threat Management" SOC environment. These days, they use their powers for good, helping customers of all sizes understand the ever-changing security landscape.

      Read more >
    • The Importance of Attribution Against Today's Cyber Adversaries The Importance of Attribution Against Today's Cyber Adversaries Stuart Davis, Mandiant Director Recorded: Apr 21 2016 1:00 pm UTC 49 mins
    • Without the right context and perspective to a situation, you cannot make an unbiased and fair decision. Any decision maker needs a 3D view of a situation to make informed decisions and opinions. It is similar in the security industry, if you have no context and you are not aware of the who, what, why and when in terms of a cyber attack then how do you know what to prioritise and where potential gaps maybe. This has never been more prevalent than during todays cyber threat landscape, attacks are becoming so sophisticated and specifically targeted that the right threat intelligence is absolutely key in surviving and being able to attribute correctly in your security strategy.

      So why is attribution so important?
      With the sophistication of todays cyber attacks its is almost impossible to expect a security manager to be able to stop all of them, so in the event of a breach it is important to have the intelligence to allow the security manager to establish the depth of an attack.
      With so many alerts that organisations have to deal with on a daily basis, how do you know which ones ones are false positives and which ones to pay attention too? How do you differentiate in the crowds to find that one alert that should be stopped.
      Should you "trust thy neighbour" in the world of cyber? Having the right technology, intelligence and expertise in place ensures you know exactly who is attacking you and why and how you can ensure you and your organisation is not a target again.

      Read more >
    • Phishing, Malware and Incidents – Oh my! How to handle the daily deluge. Phishing, Malware and Incidents – Oh my! How to handle the daily deluge. David MacKinnon, Director of Research and William Galway, Product Manager and former Incident Responder Recorded: Mar 23 2016 4:00 pm UTC 59 mins
    • No one understands the strain of constant battle better than those in Incident Response (IR). Daily cyber assaults require an unattainable perfect response – every time. However, teams are constantly working within constraints and breaches continue to occur in record number. Technology has been introduced to help but has failed time and time again. Breach identification takes an exorbitantly long time. And above all, attackers continue to target that last line of defense – the vulnerable, easily fooled human assets. When that last line of defense is surpassed, the IR team is expected to catch the attacks in progress – wading through millions of false alerts while attackers continue to hone their approach and deliver evolved malicious payloads.

      It’s enough to make you wonder why you got into this line of work!

      Join PhishMe’s David MacKinnon and Will Galway to hear why it’s not all doom and gloom. Previous to PhishMe, both David and Will worked as incident responders in the Fortune 500 market, collecting years of security operations insight and best practices to share. In this session, you’ll gain tips and knowledge around new threats and solutions for Incident Responders such as:

      •The new wave of malware to watch for and trends and threats collected from 2015
      •The evolution of phishing emails, their targets and the payloads they deliver
      •How to forge a new line of defense and triage potential attacks – quickly and easily

      Read more >