While cyberspace continues to provide opportunities for organisations they risk becoming disorientated and losing their way in a maze of uncertainty, as they grapple with complex technology, proliferation of data and increased regulation.
In this webinar Steve Durbin, Managing Director, ISF, discusses the threats organisations will be facing in 2018 and offers insights into how to address them.
In today’s digital marketplace, your applications are the backbone of your business. However, cloud-based apps create a host of complex challenges and new risks. With automated tools and hackers for hire, threats are increasing and cybercrime has turned into a game for profit. The digital world has opened the door to unprecedented threats, putting your corporate data and reputation at risk.
Join us for this webinar to learn about:
• The 7 most common threats to your apps and data: Malicious bots, Credential stuffing, DDoS, Ransomware, Web fraud, Phishing, and Malware
• How you can leverage threat intelligence to secure your apps and data
• Where to spend your security budget to provide the strongest level of protection
DON'T FALL PREY TO SOPHISTICATED CYBER ATTACKS IN 2018
Join Patrick Wheeler, Proofpoint’s Director of Threat Intelligence, on Wednesday, January 24th at 10 AM PT for our webinar, “How to Prepare for the 2018 Cyber Threats.” This live event will cover:
- Predictions for the 2018 threat landscape
- Key actions you can take to prepare your organization
- Top resources to help support your security efforts
The Internet of Things is finally here. We know because it attacked everyone in October! If you are working at a company that is making—or even using—an Internet-connected gadget, you’ll want to learn how to properly model the threats against it. Legendary security guru David Holmes will walk you through a full threat model assessment process specific to the IoT. Hilarious examples of what not to do are included.
This presentation was originally delivered at the F5 Agility conference August, 2017.
Cyber attacks are as unique as the attackers behind them and the organizations they target: both attackers and the organizations they target have different objectives. Analysis of attack trends can help determine where security efforts should be focused to prepare for the most common attack types and protect from the highest risk.
In this talk we will walk through the latest data from NTT Security’s Threat Intelligence Reports to show the most common threats facing organizations in various sectors and geographies today.
Learn how Threat Hunting delivers high certainty in detecting compromise
Many organizations have information security protections in place that still fail to answer with high a level of certainty, "Have we already been compromised?" A cyber threat such as malware or even a large scale Advanced Persistent Threat could be hiding in areas of your network and go unnoticed by the untrained eye.
That’s where Threat Hunting comes in.
During this interactive webinar, Justin Turner, Director of the Targeted Threat Hunting & Response Team, will share what Hunting is, what it should tell you, and cut through industry noise. He will share experiences and insights from actual hunting engagements and will also provide recommendations for security leaders and practitioners on how to identify indicators of attacker presence leveraging threat intelligence for context to determine how to engage and resist the adversary.
In addition, you will:
- Learn what Targeted Threat Hunting must do for you
- Hear real-world examples of previous incidents and how targeted threat hunting was used to remove entrenched adversaries
- Get recommendations on strategies and tactics to aid you in your hunting
Chief Information Security Officer Reveals How With Arbor Spectrum.
Attackers continuously have new tools, tactics and practices in their weapons arsenal. Human defenders must shift their strategies to more proactively uncover meaningful threats, and find ways that dramatically accelerate threat investigation.
Join us to hear:
- NETSCOUT’s Chief Security Officer discuss how the Arbor Spectrum threat analytics platform was used to help her team take detection and investigation to a new level.
- In depth examples of how security teams can begin or enhance their detection and investigation of attack campaigns.
Join us for a new spotlight interview with Matthew Hosburgh, threat hunter for Radian. We'll be talking about:
-Offensive Countermeasures/Decoy Platforms: what they are, and how to use them
-How to build a threat hunting program
-Threat hunting vs. alert-based investigations
It’s that time when we strive to rid ourselves of old habits and embrace fresh ideas. In security, threat intelligence is certainly seen as one of those fresh ideas. According to Gartner’s recent “Market Guide for Security Threat Intelligence Products and Services,” “One benefit of threat intelligence is that it improves decision making in core security processes, such as incident response and policy enforcement. Better visibility of the threat landscape helps CISOs justify the need for additional resources and understand the problems they encounter.”
In this webinar, Allan Liska, author of “Threat Intelligence in Practice,” will address five practical steps from Gartner’s report to help you make better use of threat intelligence in your organization, including:
• Understanding the threat intelligence lifecycle.
• Knowing the difference between data feeds and threat intelligence.
• Centralizing, customizing, and collaborating with intelligence.
• Integrating with your existing security infrastructure.
• Using vulnerability intelligence to power smarter patching.
Recent Recorded Future research has uncovered financial services insiders selling their services to threat actors in criminal and dark web forums.
You may already be managing and monitoring access to critical systems and data in an effort to secure against insider threats, but external threat intelligence has a role to play in identifying potential rogue employees and their targets.
Join this webinar to learn how you can:
• Expose threat actors in underground forums and criminal marketplaces.
• Monitor for breaches by insiders on paste sites, forums, or code repositories.
• Detect early indications of insider threats, as well as breaches resulting from their actions.
As malware becomes more complicated and harder to detect, cyber analysts are increasingly inundated with more work. The more menial tasks a security team performs, the less likely they are to have the time to properly analyze or defend against malware. There are steps you can take to defend against malware and protect your organization.
Join this webinar with experts Jeremy Linden of Cisco Umbrella, Jessica Bair of Cisco Threat Grid and Mike Clark of ThreatQuotient as they discuss how to utilize a Threat Intelligence Platform to enhance malware analysis capabilities and prevent access to malicious domains. Visit the Cisco Marketplace to learn more.
In the webinar, you will learn to:
- Streamline malware analysis workflow
- Add context to malware analysis results using validated threat intelligence
- Make informed decisions efficiently and effectively
- Take action from a centralized workbench to minimize your risk window
As the scope for security skill and expertise demanded of organisations extends, CISOs are increasingly turning to security consulting partners for strategic guidance and technical and advisory expertise.
There are a broad range of organisations in today’s market offering security consultancy services based on best practices and standard frameworks. Partnering with one of these firms can provide your organisation with the technical expertise to improve network visibility and gain a clearer understanding of your vulnerabilities, provide the strategic and practical guidance that helps you prioritise and build out programmes that enable business objectives, as well as advise on how to effectively engage with the C-suite.
What truly sets Secureworks’ information security consulting services apart is how we utilise our Counter Threat Unit™ and knowledge garnered from thousands of client engagements to ensure you are being consulted on the latest industry trends and threats. This way, the outcome is based on real-world scenarios that matter to your organisation.
Join consultants across our technical and strategic practices as they share lessons learned from their most challenging engagements and the value that real-time threat intelligence has brought to those engagements.
Key topics discussed include:
- Examples of real-world engagements where the CTU™ and Consulting Practice improved the outcomes for clients
- Tools consultants use to ensure that your outcome is based on real-world scenarios and threats that matter to your organisation
- Lessons learned from our most strategic and complex engagements
There’s no shortage of educational content on ransomware. This webinar takes an end-to-end look at the crime’s inner workings. Hear from a security researcher who built a ransomware operation from the ground up to gain a better understanding of its origins, how it works, and why we can expect exponentially more attacks. Then, get practical advice and prevention techniques from an expert in advanced threat detection and research. You’ll learn strategies for building a holistic IT security program and preventative methods your organization can implement today with near zero business impact.
Moderated by: Ben Johnson, Security Executive, Carbon Black Co-Founder
Ben Johnson is currently working on his next move in the cyber security space. Previously, Ben co-founded Carbon Black, a next-generation endpoint security company, where as CTO he helped drive technology vision, product effectiveness, and security evangelism while the company grew from 2 to 750 employees. Ben serves on the boards of several security start-ups and is routinely sought out for advice regarding security strategy, product strategy, or to help venture capitalists with due diligence.
Presenter: Michael Haag, Director of Advanced Threat Detection and Research, Red Canary
Michael has over a decade of experience across the security spectrum, from architecting security programs to overseeing day-to-day tuning and operations. His expertise includes advanced threat hunting, investigations, technology integrations, and hands-on development of tools, processes, and frameworks to drive efficient security operations.
Presenter: Jamison Utter, Cyber Security Researcher
A lifetime technologist and enthusiast, Jamison has 20 years of experience as an engineer, security consultant, and thought leader. Natural curiosity has taken Jamison beyond the technical hack into the workings of the criminal industry: how and why malware is written, how people make money at it, and what their motivations are.
Join Ryan Olson, Senior Director of Threat Intelligence for Palo Alto Networks as he looks at the multiple instances of compromises we make within the Software Supply Chain, and get this predictions of what to expect from 2018.
Discover more by reading the blog in the attachments.
Join Derek Manky, Global Security Strategist at Fortinet, to learn about the top Threat Predictions for 2018, as identified by FortiGuard Labs' 200 expert threat researchers, and gain the latest intelligence on the threat landscape and our predictions for every critical area including malware, botnets, mobile threats and more.
You can also access our 2018 Threat Prediction Report attached to understand what cybercriminals have in store for us and what you, as an IT security professional, should be most prepared to address.
Ransomware hit between 1 in 3 businesses during 2016 and is the fastest growing malware threat according to the U.S. Department of Justice. If you've been laid back about ransomware attacks, now might be a great time to change your ways.
Join Bardia Omran, Cyber Threat Intelligence Analyst at BT, and Allan Liska, Intelligence Architect at Recorded Future, to learn how you can use threat intelligence to help prevent a ransomware attack. This informative webinar will review strategic, educational, and operational approaches your company can employ to help in this fight including:
• Tactics and procedures you should consider implementing.
• How ransomware is used as a tool rather than a stand-alone weapon in targeted attacks.
• Common risks to avoid such as password reuse and the lack of safety training.
• How threat intelligence is used to contextualize indicators of compromise.
Bardia Omran is a Threat Intelligence Analyst in BT Security, UK. Previously, Bardia worked on a service desk where he gained an in-depth knowledge of operating systems. He has a keen interest in malware and has spent the past two years researching it and contributing to BT's Security Threat Intelligence product.
Allan Liska is a solutions architect at Recorded Future. Allan has more than 15 years of experience in information security and has worked as both a security practitioner and an ethical hacker. Through his work at Symantec, iSIGHT Partners, FireEye, and Recorded Future, Allan has helped countless organizations improve their security posture using more effective intelligence. He is the author of “The Practice of Network Security, Building an Intelligence-Led Security Program,” and “Securing NTP: A Quickstart Guide” and the co-author of “DNS Security: Defending the Domain Name System and Ransomware: Defending Against Digital Extortion.”
2017 has been another year full of front-page computer security events and incidents. Headlines have bulged with state-sponsored attacks, ransomware, leaks, and a continuing wave of data breaches.
In this webcast, Ryan Sommers, threat research manager, and Erika Noerenberg, senior malware analyst, recap 2017 and discuss the biggest breaches and events, including WanaCry and NotPetya. The pair will provide valuable threat intelligence and key defensive strategies to help you improve your security operations in 2018.
• Notable security events of 2017
• Notable malware threats of 2017
• Common themes and trends exploited by hackers
• Key defensive strategies for 2018
Register now to gain critical threat intelligence on the biggest threats of 2017 and tips to help protect your organization in 2018.
Evrim Eroglu, Head of Security Infrastructure at VakifBank discusses how traditional signature based systems are not enough to protect the bank’s endpoints. Traps with exploit techniques integrated with WildFire provides more secure endpoints.
Learn how VakifBank strengthened their endpoint security for approximately 16,000 employees by implementing Palo Alto Networks Traps to block both known and unknown threats.
Windows Management Instrumentation (WMI) is a Microsoft Windows administrative tool that has access to all system resources, making it powerful for both legitimate and illegitimate use. Via WMI you can do things like execute, delete and copy files; change registry values; and identify which security products are installed to aid in bypassing them.
The malicious use of WMI and other legitimate tools continues to grow and was identified as a top trend in a recent SecureWorks Threat Intelligence Executive Report. Like PowerShell, WMI is often used to create file-less attacks that are difficult to identify and stop with technology alone. This makes WMI the perfect tool for threat actors to use as camouflage while acting inside your organisation.
Join Counter Threat Unit - Special Operations Researcher, Lee Lawson, for the second webcast in our two-part series on how threat actors are exploiting Windows tools in “living off the land” attacks.
You will learn:
- Why WMI is so risky
- Tips to identify malicious use of WMI
- How threat actors hide their tracks and how you can unmask them
- WMI threats identified by SecureWorks researchers
- How you can avoid becoming a victim to this growing threat vector
The Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network. The team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet.
What types of malware do we catch most often in the wild? Which network services do attackers commonly target? What are the most popular attacks in different regions of the world? Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.
Creating a threat intelligence strategy is essential for a company to identify and prioritize threats effectively. Curating the necessary relevant data for this strategy, however, can be incredibly time consuming and resource intensive.
In this webinar, Greg Reith, Threat Intelligence Analyst at T-Mobile, will discuss how to use real-time threat intelligence from Recorded Future to create a forward-looking strategy, including:
• Identifying and analyzing hard-to-find threat data from the entire web including content in multiple languages.
• Gaining relevant intelligence effectively from large volumes of threat data with smart automation, alerts, and queries.
• Discovering trends and patterns that are useful in developing a forward-looking shift in strategy from multiple perspectives.
Find out how you can reduce the time to collect the necessary information for building an effective threat intelligence strategy by over 400 percent.
With everything from children’s toys to thermostats connecting to the Internet, it should come as no surprise that the average home has no less than seven IoT devices in use every day. But as pressure grows to release new products faster and faster, we’re all left to wonder: is security really a priority? Needing an answer, WatchGuard’s Threat Lab launched an ongoing project to test some of these connected devices and determine for ourselves how secure they really are.
Join Marc Laliberte, information security threat analyst, and Ben Brobak, technical product manager, on June 29 as they analyze the surprising results of this project and share their best tips for defense.
Turn Raw Threat Intelligence Into Context and Action
Attackers don’t stand still; your defenses shouldn’t either. See how multi-method threat prevention can be used to detect and prevent the most evasive threats and command-and-control traffic, and open up any source of threat intelligence to be used for automated prevention. These capabilities drive up the cost of successful data breaches for attackers, making their efforts too expensive to consider.
You will learn more about:
•How an evasion-resistant analysis environment defeats whole classes of VM evasion techniques.
•Threat prevention capabilities that automate the blocking of command-and-control traffic in a way that previously required teams of signature writers.
•How to enable security teams to gain leverage from any source of threat intelligence and drive automated prevention.