Hi [[ session.user.profile.firstName ]]

Cloud Identity Security: Challenges and Solutions

Strong identity and access management (IAM) is one key to preventing data breaches and limiting the blast radius should a security incident occur. But cloud IAM presents a new set of constructs for organizations to build and manage. Is cloud IAM the best identity and access control ever, or yet one more reason to tear your hair out in frustration?

Join Jeremy Snyder, Senior Director of Solutions Engineering from DivvyCloud by Rapid7 as he discusses why managing cloud IAM is so complex, what challenges this creates for IT and cybersecurity professionals, and how leading organizations governing cloud IAM to reduce risk and the chance of a data breach.

Key takeaways include understanding how to:
-Gain visibility to assess, prioritize and remediate improper permission combinations that grant unintended or overly permissive access.
-Reduce access down to least privilege.
-Work to minimize cloud security blast radius.
Recorded Dec 17 2020 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jeremy Snyder, Senior Director of Solutions Engineering
Presentation preview: Cloud Identity Security: Challenges and Solutions

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Series: SOC Automation 101: The Future of Detection and Response Feb 2 2021 3:00 pm UTC 62 mins
    Sydney Coffaro, Senior Technical Advisor, SOAR at Rapid7 and Jeffrey Gardner, Practice Advisor at Rapid7
    Today’s security operations–whether part of a formal SOC or not–require IT and Security teams to identify and address threats as quickly and decisively as possible. The growing list of threats, along with their methods of entry, techniques used, and means of detection and resolution have grown to a point where it’s nearly impossible to address manually. Part 4 of 4 of series: Focus on What Matters Most with Detection and Response
  • [APAC] The 2021 Security Predictions “Woe”binar Jan 28 2021 3:00 am UTC 15 mins
    Tod Beardsley, Research Director, Bob Rudis, Senior Director, Chief Data Security Scientist
    Here’s a positively woeful spin on what we think the top security related threats will be as we head into 2021. Join Research Director, Tod Beardsley and Senior Director, Chief Data Security Scientist, Bob Rudis as they discuss how the price of Bitcoin is impacting the rate of ransomware and what you need to know about the COVID vaccine as it relates to the pharma-spam industry.

    We promise it’s not totally woeful, but there are some things you need to know and be prepared for as we enter 2021. Check it out and let us know what you think, are we spot on or far from it.
  • Series: Looking Ahead: The 2021 Threat Landscape Jan 26 2021 3:00 pm UTC 54 mins
    Jeremiah Dewey, VP Managed Services MDR at Rapid7 and Wade Woolwine, Principal Security Researcher at Rapid7
    The threat landscape continues to evolve and adapt, requiring organizations to have a high level of security visibility. However, when security teams, managers, and leaders have limited time and budget, prioritizing investments to achieve the greatest impact and reduction in risk becomes even more critical. Part 3 of 4 of series: Focus on What Matters Most with Detection and Response. Part 3 of 4 of series: Focus on What Matters Most with Detection and Response
  • The 2021 Security Predictions “Woe”binar Jan 21 2021 3:00 pm UTC 16 mins
    Tod Beardsley, Research Director, Bob Rudis, Senior Director, Chief Data Security Scientist
    Here’s a positively woeful spin on what we think the top security related threats will be as we head into 2021. Join Research Director, Tod Beardsley and Senior Director, Chief Data Security Scientist, Bob Rudis as they discuss how the price of Bitcoin is impacting the rate of ransomware and what you need to know about the COVID vaccine as it relates to the pharma-spam industry.

    We promise it’s not totally woeful, but there are some things you need to know and be prepared for as we enter 2021. Check it out and let us know what you think, are we spot on or far from it.
  • [APAC] SolarWinds attack: What you need to know Recorded: Jan 20 2021 51 mins
    Bob Rudis, Senior Director, Chief Security Data Scientist, Scott King, Senior Director, Security Advisory Services, Harley Ge
    On December 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform.

    The information that has since come out continues to highlight the importance of understanding the security in the supply chain as part of a vulnerability management program.

    Our number one priority is working to strengthen the security of our customers and the broader community. We have brought together a panel of experts to provide you with the information to help you further secure your environments—we hope that by sharing the details of our investigation, the entire community will be better equipped to fight and defeat cyber attacks.
  • Series: A CISOs guide to Security Planning Recorded: Jan 19 2021 29 mins
    Jeffrey Gardner, Detection and Response Practice Advisor at Rapid7
    The Cybersecurity industry’s resource gap has been well documented over the years, but in 2020 we've seen that gap widen. The attack surface has grown with remote workforces and a slew of new applications, but in many cases budgets are tightening and teams are wearing many hats. Part 2 of 4 of series: Focus on What Matters Most with Detection and Response
  • SolarWinds attack: What you need to know Recorded: Jan 14 2021 51 mins
    Bob Rudis, Senior Director, Chief Security Data Scientist, Scott King, Senior Director, Security Advisory Services, Harley Ge
    On December 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform.

    The information that has since come out continues to highlight the importance of understanding the security in the supply chain as part of a vulnerability management program.

    Our number one priority is working to strengthen the security of our customers and the broader community. We have brought together a panel of experts to provide you with the information to help you further secure your environments—we hope that by sharing the details of our investigation, the entire community will be better equipped to fight and defeat cyber attacks.
  • [APAC] Cloudy with a Chance of Misconfiguration Recorded: Jan 13 2021 42 mins
    Bulut Ersavas, Senior Manager, Product Management, Rapid7 and Brandon Turner, Senior Director, Software Engineering, Rapid7
    Misconfigurations in the cloud are becoming a prevalent source of risk for organisations as more and more businesses move their infrastructure to the cloud. The root cause of this increased risk is that in a cloud environment, far more people can set up and deploy network infrastructure, whereas in an on-premises network, that ability is usually restricted to IT professionals who are well-versed in security best-practices.

    It’s important to note that while misconfigurations are a risk, they can be effectively managed. With the right tools and processes in place, you can leverage cloud infrastructure in a secure way. Correctly configuring cloud infrastructure requires close collaboration among development, IT, operations, and security teams. It also requires an understanding of proper configurations.

    As a result, scanning for vulnerabilities alone is not enough to manage risk in your cloud infrastructure—you also need a strategy to prevent misconfigurations, as well as a purpose-built way to detect them when they still manage to sneak their way through.

    Join Rapid7’s Bulut Ersavas, Senior Manager, Product Management and Brandon Turner, Senior Director, Software Engineering to learn about:

    -Common types of misconfigurations
    -How to discover misconfigurations
    -How to prevent misconfigurations
    -How to implement cloud security best practices
  • Series: Doing More with Less: Detection and Response Planning for 2021 Recorded: Jan 12 2021 61 mins
    Margaret Wei, Product Marketing Manager at Rapid7 and Jake Williams, SANS analyst
    Despite a year of “new normals,” one thing that most teams can still count on this fall is annual security planning. However, this year, in addition to supporting growing remote workforces, many SOCs are facing increased budget scrutiny and pressure to demonstrate ROI as they go into 2021. Part 1 of 4 of series: Focus on What Matters Most with Detection and Response
  • How to secure budget and every layer of your IT environment Recorded: Jan 7 2021 50 mins
    Trevor Christiansen, Sr. Web Application Pentester at Rapid7, Brian Carey, Consulting Services Manager at Rapid7
    The bad guys will utilize any vulnerabilities to gain access to your data. Countering their attacks requires proactive protection of your IT environment with activities such as patching known vulnerabilities, performing vulnerability scanning, and penetration testing.
  • [APAC] Behind the Scenes of Managed Detection & Response Service Recorded: Jan 6 2021 47 mins
    Marcus Eaton, Lead Security Solutions Engineer, Jason Prescott, Manager Threat Detection, Douglas Wainer, Threat Analyst
    You might think of a security operations center like a stereotypical movie war room: a dark room filled with complex maps, fancy monitors, and analysts on headsets. However, most SOCs aren't really a physical presence or room; more accurately, they're a formally organised team that's dedicated to a specific set of security roles and responsibilities for detecting and validating threats within your environment.
    No matter a company's size or purpose, it’s valuable to have a dedicated organisational-level team whose job is to constantly monitor security operations and incidents and respond to any issues that may arise. The various responsibilities within a cybersecurity team can be extremely complex, and a SOC can not only serve as the tactical console to empower team members in performing their day-to-day tasks, but also as a strategic center to keep the team aware of bigger, longer-term security trends.

    In this webcast, our threat detection specialists will reveal;
    · How known and unknown threats are identified in our customer environments
    · The intelligence behind threat hunting
    · How our SOC uses threat intelligence to detect, investigate and respond to incidents
    · What a typical day in the life of a SOC Analyst looks like
  • [APAC] Best Practices for Threat Detection and Response for Business Resilience Recorded: Dec 22 2020 57 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 & Ellis Fincham, Incident Detection & Response Specialist, Rapid7
    A Gartner survey suggests that 41% of employees are likely to continue working from home once a return to normal working is permitted. That puts companies under pressure to maintain and improve their security operations even in the pandemic aftermath. Leaders are now developing cybersecurity strategies on how to maintain operations while shifting and dividing workforces safely and efficiently.

    Learn the best practices for scaling threat detection and response programs to levels now required to encompass both remote workers and the office workers, and how to connect your teams and tools for clear communication and complete integration across your tech stack.
  • How to Understand and Communicate the Security Implications of IoT Recorded: Dec 21 2020 48 mins
    Deral Heiland, Principal Security Research, IoT
    With such a large number of IoT devices connected to our personal and corporate networks and expected to continue to expand at an alarming rate, a strategic and focused effort is crucial to successfully secure today’s IoT-driven world. To help us understand and resolve these issues while embracing these new emerging technologies we will be discussing:

    >Building a sound understanding of IoT
    >Communication methods
    >Developing policies
    >Building processes around IoT security management

    Join Rapid7's Principal Security Researcher of IoT, Deral Heiland to learn more!
  • Cloud Identity Security: Challenges and Solutions Recorded: Dec 17 2020 47 mins
    Jeremy Snyder, Senior Director of Solutions Engineering
    Strong identity and access management (IAM) is one key to preventing data breaches and limiting the blast radius should a security incident occur. But cloud IAM presents a new set of constructs for organizations to build and manage. Is cloud IAM the best identity and access control ever, or yet one more reason to tear your hair out in frustration?

    Join Jeremy Snyder, Senior Director of Solutions Engineering from DivvyCloud by Rapid7 as he discusses why managing cloud IAM is so complex, what challenges this creates for IT and cybersecurity professionals, and how leading organizations governing cloud IAM to reduce risk and the chance of a data breach.

    Key takeaways include understanding how to:
    -Gain visibility to assess, prioritize and remediate improper permission combinations that grant unintended or overly permissive access.
    -Reduce access down to least privilege.
    -Work to minimize cloud security blast radius.
  • [UK] Under the Hoodie 2020: Report Highlights Recorded: Dec 16 2020 43 mins
    Chris Hartley - Regional Director UK & Ireland, Rapid7. Matt Rider - Director, International Engineering, Rapid7
    Rapid7’s Under the Hoodie report is an annual, statistical study of the art of penetration testing. This year, we collected data from 206 penetration testing engagements from June 6, 2019 through June 4, 2020 and distilled it to reveal the most successful penetration tactics and common areas of exploitation.

    Join Rapid7’s Chris Hartley, Director UK & Ireland and Matt Rider, Director, International Engineering, to hear the highlights from this year’s report and stories from the trenches, you’ll also get the opportunity to ask your most pressing questions!
  • [APAC] 5 Reasons to Outsource Detection & Response Operations Recorded: Dec 15 2020 38 mins
    Chris Hartley - Regional Director for UK & Ireland, Rapid7, and Warwick Webb - Security Practitioner, Rapid7
    Security has played a positive role in enabling business over the recent weeks. This has been demonstrated by allowing remote workforces to remain productive and the hard work of security teams to keep operations running. However all this is putting a strain on the internal resources trying to protect their critical business assets from both external attackers and insider threats.

    At Rapid7 we are taking a practical role in helping ensure security advice and guidance is available for all, and we will be running a series of talk tracks to help provide a measured perspective on how to remain secure and operational with the resources you have.

    Join us for this live talk where Chris Hartley, Director at Rapid7 UK & Ireland, and Warwick Webb, Security Practitioner, will discuss the top 5 reasons why some organisations are looking to augment or outsource their threat detection and response operations including:

    · Talent shortage in cybersecurity and why specialisation is key
    · Business continuity and the impact of ‘always on’
    · Threat intelligence and global visibility of the threat landscape
    · Role of threat hunters in incident response

    We’ll also be joined by customer, Simon Parry from the Development Bank of Wales to reveal how they are using managed services in their own environment and which elements of managed detection and response are most important the success of their security program.
  • Application Security: Wer breiter testet, testet besser Recorded: Dec 10 2020 12 mins
    Phillip Behmer, Security Solutions Engineer | Rapid7
    Der Trend zur Heimarbeit, der auch die Pandemie überleben wird, damit verbunden die deutlich beschleunigte Migration in die Cloud sowie der Zwang zu agilen Entwicklungsmethoden stellen erhebliche Herausforderungen an die Anwendungssicherheit.

    In unserem 15-minütigen Vortrag beleuchten wir die neuen Herausforderungen des Software Development Lifecycle (SDLC), die Trends zu "Shift-Left"- und "Shift-Right" und sprechen von einem neuen Ansatz für den SDLC, der hohe Sicherheit und Geschwindigkeit bei der Entwicklung von Webanwendungen vereint.
  • [APAC] Has recent rapid cloud adoption increased your threat risk? Recorded: Dec 10 2020 64 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 & Christopher Hertz, VP Cloud Security Sales, Rapid7
    It is through this period of disruption that businesses' priorities change & IT leadership has to evolve and adapt to support their businesses in order to find success at this difficult time. We have seen a rapid adoption of cloud services to enable businesses to continue to function and importantly change their business models to succeed.

    Remote working is not new, but the scale of it has shifted considerably. As such, the risk profile associated with our remote working changes, and the focus that we need to put on securing the technologies used by the employees increases.

    It’s time to embrace cloud capabilities that can help businesses address speed to market through agility, lower TCO and an increased security posture. Now is the time to look at using technology intelligently in order to help our economy and way of life recover, but it needs to be done securely.

    In this session, we’ll discuss how organisations accelerate their cloud adoption to allow business resilience and competitiveness, while cybersecurity leaders must address new and heightened cyber risk concerns surrounding such rapid change.
  • [Panel Talk] 2020 NICER Report: Focus on the UK Internet Risk Landscape Recorded: Dec 9 2020 41 mins
    Rapid7’s Chris Hartley - Director, UK & Ireland, Matt Rider - Director, International Engineering
    Rapid7’s National / Industry / Cloud Exposure Report (NICER) for 2020 is the most comprehensive census of the modern internet. In a time of global pandemic and recession, the Rapid7 research team offers this data-backed analysis of the changing internet risk landscape, measuring the prevalence and geographic distribution of commonly known exposures in the interconnected technologies that shape our world.

    Join Rapid7’s Chris Hartley, Director UK & Ireland and Matt Rider, Director, International Engineering, for an informational session diving into the key findings and UK observations of the 2020 NICER report.

    Key takeaways:
    - Discover the state of the UK’s security posture in 2020
    - Understand how internet risk has been affected by the pandemic and technological movements to the cloud
    - Learn actionable next steps to help keep yourself and your organisation safe on the internet
  • Best Practices for Threat Detection and Response for Business Resilience Recorded: Dec 8 2020 57 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 & Ellis Fincham, Incident Detection & Response Specialist, Rapid7
    A Gartner survey suggests that 41% of employees are likely to continue working from home once a return to normal working is permitted. That puts companies under pressure to maintain and improve their security operations even in the pandemic aftermath. Leaders are now developing cybersecurity strategies on how to maintain operations while shifting and dividing workforces safely and efficiently.

    Learn the best practices for scaling threat detection and response programs to levels now required to encompass both remote workers and the office workers, and how to connect your teams and tools for clear communication and complete integration across your tech stack.
Cloud. SaaS. Threat Detection & Response
Organizations around the globe trust Rapid7 technology, services, and research to help them securely advance. The visibility, analytics, and automation delivered through our Insight cloud simplifies the complex and helps security teams reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks, on-prem or in the cloud. Learn more at www.rapid7.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cloud Identity Security: Challenges and Solutions
  • Live at: Dec 17 2020 3:00 pm
  • Presented by: Jeremy Snyder, Senior Director of Solutions Engineering
  • From:
Your email has been sent.
or close