Hi [[ session.user.profile.firstName ]]

Achieving Cloud Visibility With Cloud-Native Network Detection & Response

Without native network visibility in the cloud, enterprises have been limited to log or agent centric tools to support their cloud migration and to secure their workloads, making it challenging to detect and investigate complex threats in a timely manner. The introduction of Microsoft Azure V-Tap and Amazon VPC Traffic Mirroring finally provides access to context-rich network data for threat detection, investigation and response.

Join this webinar to learn how to gain visibility in your cloud workloads by leveraging the new network tap features released by the leading public cloud providers. During this session, Amelie Darchicourt, Cloud Product Marketing Manager at ExtraHop, will present the benefits of adopting a cloud-first approach to Network Detection and Response (NDR) and will share insights about how SecOps teams can hold up their side of the shared responsibility model and deliver unified security across the hybrid attack surface.
Recorded Aug 29 2019 52 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Amelie Darchicourt, Cloud Product Marketing Manager & Eric Thomas, Director of Cloud Product Marketing, ExtraHop
Presentation preview: Achieving Cloud Visibility With Cloud-Native Network Detection & Response
  • Channel
  • Channel profile
  • Deep Fakes, Disinformation and Social Engineering Sep 24 2020 4:00 pm UTC 60 mins
    Etay Maor, Chief Security Officer, IntSights
    In information security, we always talk about PPT – People, Processes, and Technology. We tend to focus mostly on the tech: new sophisticated malware, surprising zero-day vulnerabilities, and advanced detection evasion techniques. But attackers are often one step ahead of security teams because they focus on people and processes. Nation states do the same - whether its meddling in elections, engaging in military PSYOPS or getting a foothold on a target’s network - there is a plethora of tools and tactics that target the person and not the technology.

    Register for, Deep Fakes, Disinformation and Social Engineering, presented by IntSights Chief Security Officer Etay Maor to learn why these technologies should be of interest to businesses and how they may "spill" from election interference to business interference.
  • Impact of COVID-19 on Cloud Adoption & Security Recorded: Sep 24 2020 41 mins
    Moderator: Vandana VERMA | Panelists: Satyavathi DIVADRI, Dr. Eiji SASAHARA , Dr. Hing-Yan LEE
    Panel Discussion
  • CCM Addendum - Mapping of ABS Cloud Computing Implementation Guide 2.0 to CCM Recorded: Sep 24 2020 22 mins
    Arun VIVEK, Head of Cloud & Container Security – Cyber Security Services, Standard Chartered Bank
    The financial services industry is one of the most critical sectors in any market, and financial institutions (FIs) face myriad regulations. In the case of Singapore FIs, for example, the Banking Act oversees banking institutions, the Securities and Futures Act governs capital market intermediaries, and the Insurance Act regulates insurers. Additionally, there are numerous guidelines, frameworks, and best practices recommended for FIs designed to improve operations, enhance governance, and reduce risks, among other goals. For example, the Monetary Authority of Singapore issued the Technology and Risk Management (TRM) Guidelines to help FIs minimize technology usage risk. While challenging, it is imperative that conscientious FIs routinely review these available regulations, guidelines, frameworks, and best practices. These FIs should comply with mandatory regulations and carefully analyze which best practices and recommendations to adopt to reduce overall risk exposure and keep up with industry progress.
  • Blockchain Use Cases & their Documentation Recorded: Sep 24 2020 37 mins
    Dr. Hing-Yan LEE, EVP, CSA APAC | Ashish MEHTA, Co -chair, CSA Blockchain WG
    This presentation will showcase the optimum way to document & identify a use case and whether deployment in the blockchain makes sense or not. Also,it will be sharing some of the use cases which the CSA Blockchain Working group has worked on and published in a peer-reviewed document available for the wider global cybersecurity community to learn from when they are actually deploying blockchains in their enterprises.
  • Security Automation: Principles, Opportunities, Risks, and Examples Recorded: Sep 23 2020 39 mins
    Mike Mellor, Senior Director of Information Security, Adobe
    One of the fundamental principles of any security program is a focus on reducing the “timeline to compromise” for security issues. Not only are attacks getting more and more sophisticated, but they are also starting to get more aggressive as all of us have been forced by the pandemic crisis into new modes of working. Responding well to these challenges requires the ability to focus your resources on your most challenging security problems. Manual processes just cannot keep up with these changing security needs, especially as your organization grows. Thus, using automation as much as possible can help you scale to better manage necessary change.

    In this presentation, Mike Mellor, Head of Security for the Digital Experience Business at Adobe, will share his insights on these issues and talk about how Adobe is using automation throughout our security efforts to better focus our resources, be smarter about resource expansion as our business continues to grow, and better “foolproof” our processes. Mellor will provide details on automation techniques Adobe is using in application security, operational security, compliance, and enterprise security teams. These are techniques based upon industry best practices that you will be able to leverage for your own organization.
  • Harmonizing Serverless Security - Principles, Patterns and Controls Recorded: Sep 23 2020 31 mins
    Madhav Chablani, Chairman, CSA NCR Chapter
    Serverless architecture aims at changing the economic model of cloud computing, with the hope of introducing efficiency and cost savings. Serverless computing means that there are no servers to manage services. Hence in a serverless world, one no longer has to work on an operating system level. With the complexity of this business model, it is imperative that industry best practices are established to provide companies with guidelines to achieve compliance and security, that developers can effortlessly work with and employers are able to evaluate developers' work, and perceive the serverless architectural model at the same time.
  • Security Implementation Acceleration in the Fast Lane of Digital Transformation Recorded: Sep 23 2020 21 mins
    Ramesh Narayanaswamy, CTO, Aditya Birla Capital
    Significant acceleration in digital transformation implementation in the last four months , along with regulatory changes has created a need to change some of the data / cyber security strategies . In this session we will learn about what are the key steps that needs to be taken to course correct the short term and long term needs of the organization from a security point of view
  • Cloud Security Alliance Resources & Trends Recorded: Sep 23 2020 31 mins
    Jim Reavis, CEO, CSA
    Welcome Message & Opening Keynote
  • In the Trenches of Cloud Governance Battles Recorded: Sep 21 2020 39 mins
    Jim de Haas
    When a large organization adopts cloud computing, it goes through several learning curves. Especially when during this journey, a transformation towards a DevOps way of working is implemented. It goes through multiple growth stages. After two to three years, one reaches a stage with turf wars. A true story that reads like an Asterix and Obelix comic book, I will tell a story of an organization adopting both AWS and Azure cloud. While doing so they drastically change their IT strategy. As the years go by, more managers learn about cloud computing and consider themselves to be responsible for govern.
  • How to Prepare for an Audit Against the CSA STAR Standard Recorded: Sep 18 2020 51 mins
    Walt Williams, CISO, Monotype & John DiMaria, CSA
    The CSA STAR allows for both an attestation under a SOC 2 audit or certification under ISO 27001. While most organizations self attest to the CSA Star, this presentation will discuss how to prepare for a successful audit under either SOC 2 or ISO 27001 to demonstrate compliance with the CSA STAR standard.

    Thank you to our sponsors of the SECtember Experience: Adobe, ExtraHop, Qualys, OneTrust, Trendmicro, and Whistic.
  • Vendor Risk Assessment: Secrets for Procuring Secure Cloud Services Recorded: Sep 17 2020 61 mins
    Jerry Cochran, Nick Sorenson, Gary Gooden, Walton Stephens, Steve Quane
    In this panel, our experts will share lessons learned and best practices for securing cloud services. From proactive risk assessments within the procurement process to architectural considerations to secure systems management, our diverse panel will provide a holistic perspective on the strategic programs organizations should have in place to secure their cloud experience.

    Thank you to our sponsors of the SECtember Experience: Adobe, ExtraHop, Qualys, OneTrust, Trendmicro, and Whistic.
  • “The More You Know” About Securing E-Learning Recorded: Sep 17 2020 44 mins
    Amanda Rogerson, Product Marketing Manager & Leya Leydiker, Technology Partnerships Manager, Duo
    Securing a good education for students has always been a top priority, but information security isn’t the first consideration to come to mind for most parents and educators. However, the move to eLearning and virtual lessons has increased the importance of cybersecurity -- with more and more students and teachers accessing school materials through a variety of devices and platforms in a variety of remote locations, the attack surface widens and the risk of breaches increases.

    So what if someone gains access to your/student’s/child’s information? What happens if someone’s identity is breached? To handle these situations and prevent them from happening in the first place, we need to stop thinking of cybersecurity as a “nice-to-have,” and instead see it as a “need-to-have,” with all parties onboard -- parents, teachers, students, tutors, and other caretakers.

    Luckily, there are many tools and resources available to help secure account access, prevent breaches, and which don’t take excessive resources to set up. For example, tools like password managers can help prevent insecure passwords or old password re-use.

    Schools implementing eLearning should incorporate tools like this early in the rollout process, and it can seem like a daunting challenge, but it doesn’t have to be -- with the right guidance and resources, security can be a seamless and lightweight part of an institution’s distance learning plan. As both security professionals and parents of children in distance learning, Duo’s Leya Leydiker and Amanda Rogerson are invested in getting you started. Join them on September 17 for a discussion on prioritizing security for student eLearning, handling breaches, and the best ways and places to teach and maintain security hygiene for parents, students, and educators alike.
  • XDR: Myth or Reality Recorded: Sep 16 2020 42 mins
    Sumedh Thakar, President and Chief Product Officer, Qualys
    In this session, Sumedh will discuss XDR a term that’s been trending in the security industry of late. Is this just a buzz word, or is there something real behind its rapid rise in popularity? He will discuss the current interpretations of the term, the background of why this is trending and possible reasons for the interest. He will discuss the pain points an XDR solution may address and which types of companies and departments will benefit from its implementation.
  • Risk Appetite & the Alignment of Cybersecurity w/ Business Agility. Recorded: Sep 15 2020 58 mins
    Andy Kirkland, CISO, Starbucks
    Risk Appetite and the Alignment of Cybersecurity with Business Agility. Are You Hungry?

    Most organizations would like you to believe they are agile. In 2020, they get to prove it. Everything has changed. Historical trend and proforma comparisons suddenly mean nothing. Sales drivers and market dynamics are now being influenced at a hyper-local level. Meanwhile, a workforce that used to pile into conference rooms to review data together now have to find a quiet place at home and find other ways to be heard. Join me as we discuss how a business value-driven cybersecurity organization keeps up with a rapidly evolving business.

    Thank you to our sponsors of the SECtember Experience: Adobe, ExtraHop, Qualys, OneTrust, Trendmicro, and Whistic.
  • Open Security – From Patchwork to Platform Abstract Recorded: Sep 15 2020 44 mins
    Patrick Vowles, NA Marketing Team Lead, IBM Security
    As organization adopt new technologies and utilize the cloud for business innovation and growth, security teams are challenged with ensuring that those initiatives and missions are successful. To do that they are faced with creating an effective security program from a fragmented patchwork of solutions and data sources that really don’t interoperate very well without a great deal of development work.

    Join us to hear how a number of leading vendors are coming together with the intent of creating an open source platform to allow security solutions to communicate over a standard fabric during the entire threat management life cycle, from threat hunting, analytics and detection through to incident response and orchestration.
  • Maturing Your Cloud Security Recorded: Sep 14 2020 43 mins
    Mike Rothman, President, Securosis
    In this session, Mike will go through the Cloud Security Maturity Model, developed in partnership between Securosis and IANS, to provide perspective on your cloud security journey. The session will describe the 12 categories across 3 domains, as well as laying out success criteria to improve maturity (and there improve cloud security posture). Anchored by a number of stories of success (and failure) in cloud security, attendees will leave with a clear view of what lies ahead for them.

    Thank you to our sponsors of the SECtember Experience: Adobe, ExtraHop, Qualys, OneTrust, Trendmicro, and Whistic.
  • Software Defined Perimeter, Microsegmentation & Zero Trust Recorded: Sep 11 2020 34 mins
    Juanita Koilpillai, Founder and CEO, Waverly Labs
    Security has become of paramount importance in recent times, especially due to the advent of cloud computing and virtualization. With so many devices in the mix, users have the choice of working from anywhere they want. The rapid increase in global IP traffic has challenged network service providers to scale and improve infrastructure to meet this new demand. We explore the merits and performance of Software Defined Perimeters to withstand DDoS attacks in multiple network implementations, including hybrid cloud applications, network function virtualization and software defined networks.

    Thank you to our sponsors of the SECtember Experience: Adobe, ExtraHop, Qualys, OneTrust, Trendmicro, and Whistic.

    All participants who attend this session in its entirety will receive one free exam token for CSA’s new online, self-paced SDP course, available on the Knowledge Center at the end of September. Check your email following this session for more details on the training and information on how to redeem your complimentary exam.

    Interested in more information on CSA’s trainings? Visit www.cloudsecurityalliance.org/education
  • Talking to the Board About the New Realities of IT Security Recorded: Sep 10 2020 46 mins
    Jeff Costlow, Deputy CISO, Extrahop
    With the sudden shift of the global workforce from in-office to remote, IT teams quickly transformed their operations to accommodate the new realities of business — including large-scale adoption of work-from-home technologies, heightened activity on customer-facing networks, and greater use of online services. While these examples of agility allowed business to continue, they also greatly increased the risk of misconfigurations and cyberthreats. Now, it's looking like they could be here to say for a while. On top of that, bad actors have wasted no time trying to exploit new vulnerabilities. In the past several weeks, we've seen ransomware attacks affect several major organizations. These attacks come on the tail of a surge of attacks across the board brought on during the pandemic, as hackers scanned and took advantage of new workloads, and vulnerable VPN connections and misconfigurations left the gates to the network open.

    When attacks like these make headlines, panicked board members have one question for CISOs: how can we be sure that won’t happen to us? Drawing from nearly 25 years of experience in the security industry, Jeff Costlow, CISO at ExtraHop, will share his top strategies for CISOs to lead board-level conversations about risk management amidst the stark new realities of IT.
  • How to Build a Security Training Program that Creates More than Awareness Recorded: Sep 10 2020 34 mins
    Josh Douglas, VP of Threat Intelligence, Mimecast & Bryn Donovan, Product Marketing Manager, Mimecast
    Best Practices for Security Awareness Training

    It’s everyone’s responsibility within an organization, from the CEO down, to remain aware of threats used to attack the business and personal information. So, if employees are expected to be “the last line of defense,”, organizations need to invest in them as such. The good news is that planned spend for security awareness training has increased in the last three years. However, employees remain unenthusiastic about security, and understandably distracted by the news cycle.

    Join Mimecast’s Josh Douglas and Bryn Donovan to discover:
    - The 3 best ways to engage end users
    - Best practices to roll out the first year of your program
    - How to identify and make allies of your riskiest end users
  • Aftermath of Pandemic Lockdown Cloud Adoption – Curse or Boon Recorded: Sep 9 2020 40 mins
    Moderator: Dr. Hing-Yan LEE | Panelists: Onn Chee WONG, Philip VICTOR, Dr. Sudsanguan NGAMSURIYAROJ
    Panel Discussion
Educational series on cloud computing, security and privacy.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. It also allows audience members the opportunity to earn (ISC)2 CPE Credits.

Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Achieving Cloud Visibility With Cloud-Native Network Detection & Response
  • Live at: Aug 29 2019 4:00 pm
  • Presented by: Amelie Darchicourt, Cloud Product Marketing Manager & Eric Thomas, Director of Cloud Product Marketing, ExtraHop
  • From:
Your email has been sent.
or close