Name: Supercharge Incident Response with Data Your Network Team Already Collects
Start: 2021-06-03T01:00:00Z
End: 2021-06-03T01:01:00.000Z
Location: BrightTALK
Rating: 5

Infoblox unites networking and security to deliver unmatched performance and protection. Trusted by Fortune 100 companies and emerging innovators, we provide real-time visibility and control over who and what connects to your network, so your organization runs faster and stops threats earlier.

The traditional malware-centric approach to threat detection is fast becoming obsolete and inadequate. Most security solutions use a post-incident-centric approach to threat detection, blocking attacks once an initial compromise has happened. But that is too late.
 
Threat actors have become more sophisticated, often exploiting the vulnerability of remote employees and using lookalike domains to launch MFA attacks, which in fact was the single most visible and threatening attack of 2023. While some actors like to register and age domains before using them in attacks several months down the line, others like to register a domain and launch an attack within minutes, sometimes targeting a specific organization.
 
A true paradigm shift is necessary—one that can proactively protect enterprises from criminal actors as they build their infrastructure. Infoblox Threat Intel combines market-leading DNS expertise with cutting-edge data science to identify threat actor infrastructure before the actors use them and disrupts communications to those high-risk domains.
 
Join this webinar to learn from the global head of threat intel on how Infoblox:
 
- Connects the dots and tracks threat actors in DNS, with examples
- Reduces MTTD  and proactively mitigates targeted attacks within minutes of a domain getting registered
- Improves the efficacy of existing security and observability tools

Infoblox Threat Intel – Disrupting Cybercrime Where It Begins – DNS

New research by the Enterprise Strategy Group highlights how Leaders Tame Complexity, Increase Efficiency, and Innovate at the Speed of Business

Cloud computing and its security solutions are pivotal for modern business operations, yet managing a hybrid, multi-cloud setup poses numerous hurdles. IT faces the challenge of harmonizing diverse cloud providers with varying architectures and costs while ensuring consistent performance and minimizing expenses and vendor dependency. Meanwhile, optimizing developer experiences is paramount, as developers drive competitive advantage. Meeting their diverse needs, from seamless development and deployment to robust monitoring and security tools, strains IT resources. Balancing these demands is critical for organizational success.

New research by the Enterprise Strategy Group surveyed 1,000 knowledgeable IT decision-makers, highlighting how organizations with the most mature approach to hybrid, multi-cloud operations are improving ITOps and SecOps outcomes in their cloud environments. Some of the most compelling advantages leaders see included:

·    Increasing profitability while also accelerating cloud deployments
·    Delighting developers and accelerating developer agility
·    Reducing cloud costs
·    Achieving greater application resilience in the cloud
·    Empowering agile SecOps.

Join this LIVE webinar to learn more about the results organizations with a mature approach to managing hybrid multi-cloud operations are achieving and what they are doing to lead the way.

Hybrid, Multi-Cloud Management Is Key to Delivering Better Business Outcomes

SOC Teams are at a crossroads between choosing platform solutions or best-of-breed products. This webinar, hosted by Infoblox and ThreatQuotient, champions a strategic shift towards integrating best-of-breed solutions, specifically through Infoblox's SOC Insights and ThreatQuotient's DataLinq Engine. One strategic, yet underused, best-of-breed solution to protect the security infrastructure is DNS data and security. 

Infoblox is a leader in DNS security and our AI-driven analytics transform DNS and other data into actionable insights, streamlining threat prioritization. Meanwhile, ThreatQuotient's approach to data—emphasizing integration from more than 400 data sources, plus normalization, correlation, prioritization, and automation—illustrates the critical role of a sophisticated data-driven approach in effective cybersecurity operations. Put the two together and you can leverage DNS data and security across the entirety of your security infrastructure to support the SOC’s threat detection, investigation and response initiatives.

Building an Integrated SOC Powerhouse with Best-of-Breed Solutions

As your network keeps pace with technology changes by deploying multiple cloud providers, management challenges multiply. Fragmented views, lack of integration, inadequate automation—all erode network performance and drive costs higher and increase security risks. We explore ways to simplify networking across hybrid and multi-cloud environments. Attend and discover:

• The unique management challenges and risks that multi-cloud environment present
• Integrated approaches for gaining visibility and control of multi-cloud workloads
• Why automation is vital to network performance and resilience—and how to achieve it

Unified Network Management in a Multi-Cloud World

The MITRE ATT&CK framework is a powerful defensive tool, enabling security teams to “think like an attacker”. Because DNS plays a pivotal role in cyber threats, knowledge of DNS is critical to the effectiveness of MITRE ATT&CK.

Watch Episode 5 of Infoblox Insights and learn:
o Where in attack sequences DNS is invoked
o Ways that DNS data provides early detection of threats described in MITRE ATT&CK
o How DNS Detection and Response can close security gaps MITRE ATT&CK reveals

Where DNS Fits into MITRE ATT&CK

Access to our webinar to developments and best practices in this field. Learn from our experts about the latest developments and best practices in the field, featuring vendor-agnostic insights and common ideas that transcend specific technologies. In this webinar series, you will discover the most relevant industry trends, effective strategies, and practical solutions to improve your network management knowledge.

Why Attend?

- Explore the privacy benefits and challenges posed by evolving DNS encryption protocols.
- Understand how CSPs can maintain control, visibility, and compliance over DNS traffic.
- Discover strategies to enhance security, reduce latency, and streamline DNS management.

Overcome the Challenges of Evolving Encrypted DNS Protocols!

IT departments are struggling to keep pace amidst mounting pressure changes. CloudOps teams spin up resources in hours now as DevOps pipeline speed accelerates exponentially. Workloads are migrating to the cloud yet on-prem systems persist too. But fragmented DNS management spreads NetOps and CloudOps teams thin. And the business demands an adaptable DNS infrastructure to speed mergers, acquisitions, and other pivots. Can you NetOps teams still see what is getting provisioned?
 
Join us to explore why organizations must modernize DNS, DHCP and IP Address Management (DDI) capabilities now to capitalize on hybrid momentum rather than allow infrastructure to choke progress. Learn from real-world customer stories where proactive DDI transformations enhanced IT efficiency, speed, and application performance.

As Change Accelerates, Is Your DNS Keeping Up?

New, AI-driven SOC Insights are an industry-first, AI-driven set of analytics to help address the barriers preventing full SOC utilization in three critical areas:

- Understanding and dealing with alerts faster
- Limited integration or automation between tools
- Performing key tasks with available staff and skills

Learn about this latest BloxOne Threat Defense innovation and see it in action. Attendees will discover how SOC Insights tackles alert fatigue and analyst burnout by applying unique AI-driven analytics to massive amounts of event, network, and DNS intelligence data to highlight security gaps and the threats that matter most, reduce response times, lower analyst stress, and raise overall SOC efficiency.

Raising SecOps Efficiency at AI Speed with SOC Insights

Most organizations face challenges supporting rapid organizational growth and scale in complex hybrid multi-cloud network environments. Traditional network infrastructure-with diverse systems and siloed management are being choked by complexity. 

Please join this panel of experts moderated by Cricket Liu to discuss trends, insights and best practices for modernizing the network to innovate faster and maintain competitive advantage in today's fast-paced business environment. 

- Insights from ESG about how mature organizations are modernizing network operations for scale and growth
- Recent reporting from Network Computing explains imperative to upgrade and unify your critical network services (DNS, DHCP, IPAM)

The Speed of Network Modernization

In mainstream media, cybercriminals are often portrayed as exotic figures that employ dark arts of computer programming to disrupt social order. Realistically, many of them function like a typical e-commerce business and much of their operation mirror those of online advertising networks. To thrive in the cybercrime industry, they require a continuous stream of web traffic to their malicious infrastructure. A practical way of achieving this is by partnering with web traffic brokers. Such entities play a key role in fueling cybercrime because they feed downstream threat actors with potential victims. VexTrio, a web traffic broker and malicious content creator, is responsible for driving victim traffic to a large number of cyber criminals.

Join Infoblox’s Head of Threat Intelligence, Renée Burton, for an in-depth discussion with researchers Christopher Kim and Randy McEoin, who will discuss new research on VexTrio and its role in the cybercrime economy as a traffic distribution system (TDS).

Traffic Distribution Systems at the Heart of Cybercrime

Year after year, surveys show the same thing: threat investigation and incident response take too long. More specifically, security and risk leaders report that the average threat investigation takes over half a day while infection dwell times are still measured in weeks and months. Yet SANS experts suggest that the most critical incident response steps of identification and containment provide an opportunity for your defenders to gain back the advantage.

Part of the challenge is that today’s enterprise infrastructures are nothing like they’ve been even in the recent past: hybrid environments, multi-cloud, mixed vendors, worldwide assets, mobile/remote workforces, microservices, and more. All these changes mean your approach must change, too. Instead of relying on external data points, there are ways of intelligently blending network data you already collect with accurate threat intelligence to accelerate your threat investigation and response capabilities.

Join SANS author Matt Bromiley and Infoblox cybersecurity expert Bob Hansmann to learn how to enhance and supercharge your incident response process with concepts and ideas you can implement right away.

Supercharge Incident Response with Data Your Network Team Already Collects

Cyber Security

Microservices

Multi Cloud

Network Security

Network Infrastructure

Cloud Infrastructure

Incident Response

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Supercharge Incident Response with Data Your Network Team Already Collects

Presented by

About this talk

More from this channel