Hi [[ session.user.profile.firstName ]]
Sort by:
    • When Bots Attack! Stopping OWASP’s New Top 20 Automated Threats
      When Bots Attack! Stopping OWASP’s New Top 20 Automated Threats Rami Essaid, Co-Founder Distil Networks Recorded: Aug 16 2016 3:00 pm UTC 38 mins
    • The OWASP Top 10 Vulnerabilities, last published in 2013, has been a valuable list of criteria by which any Web Application Firewall (WAF) is evaluated, but has a glaring flaw, it only focuses on vulnerabilities in the code, and ignores automated threats. In late 2015, this flaw was addressed and OWASP released the first Automated Threat Handbook specifically to help organizations better understand and respond to the notable worldwide increase of automated threats from bots. This presentation discusses these new bot threats, bot evolution, and how to fight back.

      - How malicious bots attack and cause problems

      - Why homegrown IT solutions have troubles keeping up with bots, threats

      - See Distil Networks in action finding, fighting bots

      Read more >
    • Understanding your Attack Surface - Research into FT30 organisations
      Understanding your Attack Surface - Research into FT30 organisations Terry Bishop, EMEA Technical Director, RiskIQ Recorded: Nov 21 2017 2:00 pm UTC 37 mins
    • Businesses are accelerating their digital transformation, expanding their online presence to enrich products, deepen customer relationships, and boost their brand ecosystems. However, with this rapid growth comes security challenges as web assets get created outside of corporate controls and the overall Internet presence expands to unmanageable proportions. Cyber adversaries are taking advantage of this sprawling digital attack surface, looking forweaknesses to exploit. The attack surface has become the battle line between malicious actors and an organisation’s external threat defenders and its compromise is behind many of the breaches that get reported with alarming frequency.

      In an effort to highlight and quantify the risks which organisations have in their attack surface, we conducted research on the top 30 UK organisations (FT30) to highlight the issues we believe all companies face. We will present the various types of risk we uncovered and offer practical advice on ways to mitigate them and harden your attack surface.

      Read more >
    • Malware in Disguise & How to Spot It [Ransomware, Phishing]
      Malware in Disguise & How to Spot It [Ransomware, Phishing] Alex Holden, CISO of Hold Security Recorded: May 24 2017 6:00 pm UTC 56 mins
    • On the surface, spotting malicious attacks can be difficult. Hackers are expanding their malware distribution networks by exploiting commonly used applications to carry and distribute their malicious software. In the wake of the three major attacks Wanna Cry, DocuSign, and Google Docs malware outbreak we will examine how malware is distributed and provide guidelines on how to secure infrastructures against the next attack.

      About the Presenter:
      Alex Holden is the founder and CISO of Hold Security. Holden is credited with the discovery of many high profile breaches including Adobe Systems, initial vendor breach that led to the discovery of the JPMorgan Chase breach, and the independent discovery of the Target and Yahoo breaches. Considered one of the leading security experts, he regularly voices his professional opinion in mainstream media.

      Read more >
    • How to Detect and Investigate Brute Force Attacks with AlienVault USM Anywhere
      How to Detect and Investigate Brute Force Attacks with AlienVault USM Anywhere Sacha Dawes, Principal Product Marketing Manager, AlienVault Recorded: Apr 18 2017 5:00 pm UTC 49 mins
    • A brute force attack is one of the more common types of attack that malicious actors use to try and gain access to your IT servers, applications and data. In theory, a brute-force attack can be used to attempt to decrypt any encrypted data (except for data encrypted in an information-theoretically secure manner). These attacks are relatively simple for attackers to implement and they can wreak havoc on your organization when successful. However, many IT security teams may not be aware that they are at risk from these attacks, or what to do about them.

      Join us for a live demo where we'll demonstrate how the AlienVault Unified Security Management (USM) approach, delivered as a SaaS solution with our USM Anywhere offering, can help you detect and investigate these types of attacks.

      You'll learn:

      - How attackers can use brute force attacks to gain access to your network
      - Steps you can take BEFORE an attack to identify systems or applications that may be at greater risk
      - How USM Anywhere can alert you immediately of brute force attacks targeting your cloud, hybrid cloud and on-premises environments
      - How to use USM Anywhere to investigate brute force attacks and identify compromised assets

      About the Presenter:
      Sacha Dawes is responsible for the technical marketing of the AlienVault Unified Security Management (USM) family of solutions. He brings multiple years of experience from product management, product marketing and business management roles at Microsoft, NetIQ, Gemalto and Schlumberger where he has delivered both SaaS-delivered and boxed-product solutions that address the IT security, identity and management space.

      Read more >
    • Inside The New Generation of Phishing Attacks
      Inside The New Generation of Phishing Attacks Michael Landewe, Researcher, Avanan Cofounder Recorded: May 23 2017 5:00 pm UTC 37 mins
    • What we know and have trained users about phishing attacks has changed. Old methods no longer apply.

      IT teams have deployed filters and taught our users to detect phishing attacks by scanning for suspicious URLs, spoofed login pages, and unrecognized senders. We've told people to change passwords, turn on two factor authentication and watch for suspicious logins.

      None of these methods can defend against the next generation of automated, malicious API-based phishing attacks that are invisible to users and unmonitored by SaaS.

      Once exclusive to advanced state-sponsored actors, the recent Google Docs worm pushed this sophisticated method into the headlines.

      In this webinar we will dig deep into the next generation of phishing attack and describe the new methods every IT team must deploy to defend against them. Because the vulnerability is not unique to Google, we will also discuss Office 365, Box, Salesforce and other popular business apps.

      Read more >
    • Your Hidden Adversary: Understanding and Responding to Fileless Attacks
      Your Hidden Adversary: Understanding and Responding to Fileless Attacks Scott Hardie, Prinicipal Solutions Engineer, ATP, Symantec & David Berman, Sr. Mgr, Product Marketing, ATP, Symantec Recorded: Mar 8 2018 6:00 pm UTC 55 mins
    • Attackers are increasingly using stealthy attacks that exploit common tools and techniques that reside in memory and never touch the disk.

      This webinar covers the fileless methods targeted attack groups and cybercriminals use and how the capabilities of Symantec Endpoint Detection and Response expose fileless threats that ‘hide in plain sight’ and quickly remediate their impacts – before the worst effects of a breach occur.

      Join us to learn how you can:

      - Detect Fileless attacks with machine learning, behavioral analysis and precise heuristics

      - Gain visibility into suspicious PowerShell activity and shutdown malicious scripts

      - Leverage built-in Malware Analysis file detonation and conviction

      - Streamline deployment of Endpoint Protection and EDR while lowering total cost of ownership

      In addition, we’ll show you Symantec’s EDR solution, ATP: Endpoint, in action, with a demo that showcases powerful investigative tools and one-click remediation of impacted endpoints.

      Register Today

      Read more >
    • Optimise phishing detection and response with LogRhythm and Office 365
      Optimise phishing detection and response with LogRhythm and Office 365 Randy Franklin Smith (UWS) | Greg Foss (LogRhythm) Upcoming: Apr 3 2018 9:00 am UTC 120 mins
    • Today’s hackers often favour the phishing email as their weapon of choice. Phishing attacks are not only common, but are also very difficult to defend against. What if you could detect and mitigate a phishing attack before its intended target clicks on that fatal link or opens that malicious attachment?

      When your Exchange server is in the Office 365 cloud, solutions such as constant inbox scanning or relying on synchronous mail flow aren’t viable options. Instead, you can find a strong defence against phishing emails in the Message Tracking log in Exchange.

      The Message Tracking log is available in both on-prem Exchange and Office 365 Cloud’s Exchange Online. Message Tracking logs include valuable information about the client, servers, sender, recipients, message subject, and more. If you can access this information and know how to mine it, you can detect likely phishing emails.

      In this webinar, you’ll learn how to:

      - Recognise the format of message tracking logs
      - Pull message tracking logs from Office 365 using PowerShell’s Get-MessageTrackingLog cmdlet
      - Work through a list of checks to perform against message tracking events to detect phishing emails
      - Move suspect emails to a sandbox where you can use analysis tools like PhishTank, ThreatGRID, or OpenDNS
      - Remove copies of phishing emails from other recipients
      - Automatically detect and respond to phishing attacks with no analyst intervention
      - To optimise your phishing response efficiency, LogRhythm has introduced a new open-source Phishing Intelligence Engine (PIE). PIE is a PowerShell framework focused on phishing attack detection and response.

      Register for the webinar now to discover how you can use LogRhythm’s PIE and Office 365 to better detect and respond to phishing attacks.

      Read more >