Under the Hoodie: enseignements tirés d’une année de pen-tests (FR)

A Guide to Operational Security in 2021: Episode 9

When it comes to operational security, a holistic risk-based approach allows you to break down every level of your business to provide first-class security for your organization.

But what are the essential, core pillars of an effective approach to security? From availability to transparency, this session will discuss best practices, use cases, and how to adopt a security program that puts the client and their data at the center.

This session will give a comprehensive, one-stop shop approach to security, and discuss the essential pillars of cybersecurity that every company should have.

Join as we discuss:
- What is meant by “trust,” and how to achieve it
- The value of transparency, privacy, and availability
- The state of cybersecurity in 2021
- Trends and patterns we expect to see in 2022

A Guide to Operational Security in 2021: Episode 8

Organizations are relying more and more on the flexibility and efficiency provided by cloud services. But it’s important to remember that cloud service providers only take responsibility for some security tasks. The customer is responsible for securing end user data, network traffic, and operating systems, as well as ensuring compliance with industry standards and regulations.

Cloud platforms also introduce some extra complications for security, such as complex cloud-based security tools, security information silos that make identifying attacks difficult, and attacks that focus on cloud platforms. To address risks and navigate cloud security challenges, you need to find a vulnerability management solution that continuously monitors misconfigurations in cloud networks. But what solution is best for your organization, and what does cloud security look like on a day-to-day basis?

In this session, we will discuss:
- How to find vulnerabilities in the cloud
- Cloud security complications and how to address them
- How to detect threats and ensure compliance across hybrid and multi-cloud environments

A Guide to Operational Security in 2021: Episode 7

Deception technology deceives attackers by distributing traps and decoys across your system infrastructure. As breaches and attacks become more sophisticated, it is vital that security teams can detect suspicious activity as soon as possible in order to neutralize the threat. Deception technology is also beneficial because it decreases attacker time within the network, reduces alert fatigue, and produces useful metrics that demonstrate indicators of compromise, helping to prevent future breaches.

When it comes to incident detection, time and context are crucial, and the quicker threats are neutralized the better. Choosing deception technology that recognizes malicious activity early on in the attack chain buys your security team the time needed to respond quickly, and is the difference between a business just keeping up with new threats, and a business that is always one step ahead of attackers.

In this session, we will discuss:
- How deception technology provides a 360-degree approach to security
- Why it’s important to have a deep understanding of attacker behavior
- How deception technology improves visibility

Speakers:
- Tod Beardsley, Director of Research at Rapid7
- Chris Dodt, Information Security Specialist at Freedom Financial Network

A Guide to Operational Security in 2021: Episode 6

User behavior analytics (UBA) uncover patterns and insights, and are able to identify intruder compromise, insider threats, and suspicious activity within your network. As UBA is based on behavior, it can detect attacks that bypass threat intelligence, providing alerts earlier on in the attack chain and giving security teams more time to respond.

Join us in this episode as we uncover the inherent value that UBA can provide, and why it is so useful for unveiling and neutralizing threats.

In this session, we will discuss:
- How user behavior analytics can accelerate your incident detection and response
- Why having insight into user behavior is so critical for businesses today
- The value of an integrated detection and investigation solution, and how it uses UBA to detect attacks early on

A Guide to Operational Security in 2021: Episode 5

In a recent SANS survey, it was found that phishing was observed in 78% of organizations. With this amount of phishing occurring, it is crucial that organizations prepare themselves with effective and impactful phishing protection strategies.

Though technology alone can’t stop phishing, it can help to reduce the harmful impact of phishing attacks on your business. For example, phishing protection allows employees to report suspected phishing attacks, while also providing your organization with the collaborative tools needed to tackle phishing when it occurs.

So, given the business benefits of phishing protection, what solution is right for your business?

In this session, we will discuss:
- Why phishing protection solutions are a must-have for your business
- How to help employees more easily report suspected phishing
- How to provide security teams with the necessary tools to investigate phishing reports

Speakers:
- Tod Beardsley, Director of Research at Rapid7
- Carl Stern, CISSP, Director, Information Security at Experity
- Michael Palazzolo, IT Analyst Technical Architect at Herman Miller
- Ryan Manni, Senior Manager, Information Security at Hologic

Working remotely has become the new normal. This, and many other changes organizations adopted last year in response to the pandemic are likely to stay for the long term. According to Gallup, about two-thirds of U.S. remote workers want to continue to work remotely. So, how can organizations continue to support their growing distributed workforce at a time where reports of security threats have increased by 400% compared to pre-pandemic levels?

Here is where the zero-trust approach to security comes into play.

Join this month's episode of The (Security) Balancing Act with Diana Kelley and guests as they discuss the emergence of zero trust (“Trust Nothing, Verify Everything”) and what it helps achieve for enterprises in the age of cloud and remote work.

Viewers will learn about:
- The evolution of the security perimeter and the shift to zero trust
- Why zero trust is an approach and not a product
- Zero Trust Network Access (ZTA) vs. corporate VPN
- Real-world stories and practical hands-on guidance from people who have deployed a ZTA

Today’s security operations–whether part of a formal SOC or not–require IT and Security teams to identify and address threats as quickly and decisively as possible. The growing list of threats, along with their methods of entry, techniques used, and means of detection and resolution have grown to a point where it’s nearly impossible to address manually. Part 4 of 4 of series: Focus on What Matters Most with Detection and Response

Join Incident Response Consultants, Robert Knapp, Ted Samuels, and Zach Paul as they discuss various techniques to help prevent many cyberattacks making headlines today. Learn about common trends in cyberattacks across all industry verticals, gleaned from recent Rapid7 Incident Response engagements. Viewers will leave with a list of actions they can take, using their existing tools and technology, to better harden their environment against attackers.

The threat landscape continues to evolve and adapt, requiring organizations to have a high level of security visibility. However, when security teams, managers, and leaders have limited time and budget, prioritizing investments to achieve the greatest impact and reduction in risk becomes even more critical. Part 3 of 4 of series: Focus on What Matters Most with Detection and Response

A Guide to Operational Security in 2021: Episode 4

Nowadays, it's not a question of if you'll be breached, but when. Therefore, you need the people, processes, and technology in place to respond quickly and efficiently to attacks.

While breaches have become a certainty, by adopting the mindset of an attacker, you can detect breaches in your network before they’re able to cause damage. This approach to incident detection and response directly informs the software and services needed to equip security professionals to do their best work.

In this session, we will discuss:
- Why it is so important to have an incident detection and response program before you are compromised
- The kinds of technology solutions needed to support your organization
- The value of incident detection solutions that adopt the mindset of an attacker, and what this can do for your business

Speakers:
- Tod Beardsley, Director of Research at Rapid7
- Chad Kliewer, Information Security Officer at Pioneer
- Steve Winterfeld, Advisory CISO at Akamai