Hi [[ session.user.profile.firstName ]]

Integration und Automatisierung gegen Ransomware und andere Bedrohungen (German)

Die Kompromittierung der eigenen IT-Infrastruktur ist heute keine Frage des "ob" mehr, sondern eine des "wann". Die Kombination aus Cloud und Home Office sowie der Übergang zu DevOps-Modellen mit Containern und Microservices bieten eine Vielzahl neuer Angriffsmöglichkeiten. Traditionelle, signaturbasierte Abwehrmaßnahmen wie etwa Antiviren-Programme sind oft nicht geeignet, aktuelle Angriffsmuster wie etwa Emotet zu erkennen.
Insbesondere die Gefahr von Zero-Day-Attacken erfordert einerseits ein konsequentes Schwachstellen-Management, um die Angriffsfläche wirkungsvoll zu verringern. Andererseits werden Detection&Response-Systeme benötigt, die einen dennoch erfolgreichen Eindringling früh erkennen und unverzüglich Gegenmaßnahmen einleiten können.
Die enge Integration beider Systeme sowie ein hoher Grad an Automatisierung sorgen dafür, dass die Zahl der aufwändig zu bearbeitenden falsch-positiven Alarme minimiert und die Untersuchung von Verdachtsfällen erheblich beschleunigt werden.
Recorded May 18 2021 54 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Daniel Prauser
Presentation preview: Integration und Automatisierung gegen Ransomware und andere Bedrohungen (German)

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • BrightTalk Originals: Cloud-Native DevOps: Speed, Scale, Efficiency Jun 15 2021 2:00 pm UTC 61 mins
    Helen Beal - Chief Ambassador at DevOps Institute, Gadi Naor - Rapid7, Raghu Thummisi - Radware
    According to IDC, 80% of application development will occur on cloud platforms using 2021. The benefits of cloud-native applications - including automation, flexibility and faster time to market - can be championed and scaled with a cloud-native DevOps set-up.

    But what is cloud-native DevOps? And how is it different from ‘standard’ DevOps?

    Join us for episode 13 of Day-to-Day DevOps to find out. Host Helen Beal, Chief Ambassador of DevOps Institute, and guests will be discussing:

    - What makes cloud-native DevOps different from other DevOps iterations
    - The business benefits of agile, resilient and observable cloud-native DevOps
    - How the automation and scalability benefits of Kubernertes and containers can supercharge your DevOps teams
    - Cultural changes that cloud-native DevOps requires
    - And more

    Guests:
    Venkat Thummisi - Global Cyber Security Market Strategist at Radware
    Gadi Naor - VP, Software Engineering, Cloud Security at Rapid7
  • Forrester Analyst Webcast: Vulnerability Management Strategy Recorded: Jun 10 2021 51 mins
    Sandy Carielli: Principal Analyst, Forrester & James Thompson: Information Security Manager, Hypertherm
    These days, it’s crucial to quickly evolve beyond attacker methods. A successful VRM program should provide enhanced visibility into web applications as well as traditional on-prem and cloud infrastructure. Join R7 customer Hypertherm and Forrester Analyst, Sandy Carielli for an informative webcast.
  • Harness the (Super) Power of SOC Automation Recorded: Jun 9 2021 57 mins
    Sydney Coffaro, Jeffrey Gardner and Margaret Wei
    With security being at the forefront of most companies, Security Orchestration, Automation and Response (SOAR) solutions are in high demand. SOAR tools have emerged to allow organizations to improve their overall security posture by aggregating security events and provide essential automated responses that may help to repel an attack.
  • [APAC] Series: You can't protect what you can't see Recorded: Jun 9 2021 39 mins
    Matt Rider, Director, Sales Engineering, International & Graeme McMillan, Senior Security Solutions Engineer
    As organisations continue to transform to what is for many, a hybrid cloud environment interspersed with multi - clouds, things become incredibly complex very quickly.Yet with the drive towards innovation, also comes risk - and the balance between the two can be fraught with ‘debate’ among the business stakeholders, developers and security teams alike.

    As such, integrations across the range of environments need detailed consideration. The security puzzle needs to be carefully put together to ensure other factors are not compromised either up or downstream the business. Disparate systems for example, leave environments vulnerable to attack caused by gaps in visibility and the noise and confusion of managing multiple tools.

    In this session, we'll cover:

    - Total Infrastructure Assessment: you can't improve your visibility until you first know where you stand.
    - SOC Visibility Triad: a network-centric approach to threat detection and response (SIEM, NDR, EDR)
    - Cyber Risk as a Business Problem
    - Always be Alert: You're only as secure as your most insecure asset
  • IoT Security Trends: Common IoT Misconfigurations from the Field Recorded: Jun 8 2021 58 mins
    Aaron Herndon & Carlota Bindner
    Join Aaron Herndon and Carlota Bindner as they discuss vulnerabilities and misconfigurations discovered within Internet of Things (IoT) devices. Learn about common trends in IoT devices across different industry verticals, gleaned from real world assessments of hundreds of devices. The discussion is tailored for anyone interested in IoT security, device manufacturers, or security practitioners looking to secure IoT devices designed by their company.
  • 10 Minute Take: How to Accelerate Risk Identification & Threat Remediation Recorded: Jun 3 2021 14 mins
    Meaghan Donlon and Jane Man
    Join Rapid7's Meaghan Donlon, Product Marketing for the Detection & Response practice and Jane Mann Product Management for Vulnerability Management practice as they discuss how the Insight Platform can help identify risks and remediate threats more quickly. They will discuss how Rapid7 aims to combat complexity by investing in areas that help drive customer value. Join us for this quick and insightful 10 minute talk!
  • ICER Report Series: 2021 Industry Cyber Exposure Report ASX 200 Recorded: Jun 3 2021 57 mins
    Tod Beardsley, Director of Research and Neil Campbell, VP Sales, APAC
    As the world's knowledge workers were driven home amid a pandemic and cases of ransomware ran rampant across the internet, measuring the world's most critical businesses’ internet exposure is more important than ever.

    In this round of Industry Cyber-Exposure Reports (ICERs), researchers at Rapid7 focus on ASX 200 companies and evaluate five areas of cybersecurity that are both critical to secure to continue doing business on and across the internet, and are squarely in the power of CISOs, their IT security staff, and their internal business partners to address.

    These five facets of internet-facing cyber-exposure and risk include:

    1. Authenticated email origination and handling (DMARC)
    2. Encryption standards for public web applications (HTTPS and HSTS)
    3. Version management for web servers and email servers
    4. Risky protocols unsuitable for the internet (RDP, SMB, and Telnet)
    5. The proliferation of vulnerability disclosure programs (VDPs).
  • Anatomy of a Cloud Breach Recorded: Jun 2 2021 26 mins
    Jeremy Synder, Senior Director of Business Development and Solutions Engineering, Cloud Security Practice
    Introduced by our friends at ISMG as part of their virtual Cybersecurity & Fraud Chicago Summit, this presentation will outline why cloud security is fundamentally different from traditional data center environments. We’ll explore the top services and errors that have led to large-scale data breaches in the past several years, discuss ways to prevent future breaches, and review a few case studies of prominent breaches.
  • Critical Elements of a Sound Cybersecurity Practice Recorded: Jun 1 2021 61 mins
    Josh Harr & Anna Hartman
    When building a comprehensive cybersecurity program, structure is key. Just like a house, a solid foundation can help you withstand many types of threats. How you approach building your organization’s security program starts with laying groundwork based on some of the proven practices in the industry, and there are multiple security frameworks out there that can help your organization get started.
    In this webinar, we will break down what you should think about when looking at frameworks and how to choose the best one for your organization. Join us as we give you key components to think about when building your cybersecurity foundation so that your house—and everything inside it—remains both safe and stable.
  • [APAC] Best Practices for Threat Detection and Response for Business Resilience Recorded: May 27 2021 58 mins
    Matthieu Rider, Director of Sales Engineering, Rapid7 & Ellis Fincham, Incident Detection & Response Specialist, Rapid7
    A Gartner survey suggests that 41% of employees are likely to continue working from home once a return to normal working is permitted. That puts companies under pressure to maintain and improve their security operations even in the pandemic aftermath. Leaders are now developing cybersecurity strategies on how to maintain operations while shifting and dividing workforces safely and efficiently.

    Learn the best practices for scaling threat detection and response programs to levels now required to encompass both remote workers and the office workers, and how to connect your teams and tools for clear communication and complete integration across your tech stack.
  • Demystifying Kubernetes Vulnerabilities & Their Relationship to Risk Management Recorded: May 26 2021 59 mins
    Dane Grace, Technical Product Manager at Rapid7 and Nick Cavalancia, Cybersecurity Expert at Ultimate Windows Security
    Containerizing applications has grown in popularity over the years, making Kubernetes a core part of an organization’s critical workloads. Because these containerized applications are Internet-facing, contain access to critical data, or both, they become targets of cyberattacks. And it’s not just the container itself; the target can be Kubernetes, Docker, Linux, or even cloud services hosting the environment.

    What’s missing is visibility into each layer of your Kubernetes clusters and the applications they host; from misconfigurations to needed patches, to the container code itself – without visibility into where your risks are, it’s impossible to form a mitigation and/or remediation plan.

    To add to the problem, containerizing applications and using cloud hosting completely changes who is responsible for security response when vulnerabilities are found, increasing the challenge of ensuring Kubernetes and everything it manages remains secure.

    During this webcast you'll learn about:

    • Exposures within your Kubernetes environment
    • The vulnerabilities that exist at each layer
    • Recent vulnerabilities to check for
  • Angriffserkennung und -abwehr: Aufbauen oder kaufen? Recorded: May 25 2021 55 mins
    Daniel Prauser Manager, Solutions Engineering
    Die IT Landschaften der Unternehmen unterziehen sich aktuell einer starken Veränderung. Security-Teams stehen vor der Herausforderung die Sicherheit und Sichtbarkeit trotz der steigenden Anzahl an Remote Arbeitsplätzen zu gewährleisten.

    Wenn ein Mitarbeiter remote arbeitet, kann es für Sicherheitsteams eine Herausforderung werden, zu definieren, welches Verhalten für den Benutzeraccount “normal” ist. Wie unterscheidet man nun zwischen einem legitimen und einem verdächtigen Standortwechsel? Wie erkennt man schnell ungewöhnliches Nutzerverhalten, und was passiert dann?

    Wer sich auf die Suche nach einer technologischen Lösung begibt, stößt schnell auf eine ganze Reihe an Abkürzungen: SIEM, IDR, MDR, SOC, UBA, ABA, EDR, IDS und viele andere.

    Ein SIEM-System ist womöglich das bekannteste Tool. Doch ist das für Sie das richtige? Nach welchen Kriterien entscheiden Sie sich? Wann ist es sinnvoll, sich mit dem Aufbau eines eigenen SOC zu beschäftigen? Wann sollte man lieber outsourcen?

    Im Webinar besprechen wir folgende Punkte:

    • Was ist was: Begriffe und deren Einordnung
    • Angriffserkennung und -abwehr: Lösung im Haus vs. Managed Service
    • Anforderungen an das eigene Programm zur Angriffserkennung und -abwehr
    • Wie ausgereift ist IT-Sicherheit in Ihrem Unternehmen?
    • Wann ist es sinnvoll auf Managed Service zu setzen?
    • Was ist für Sie das Richtige?
  • Cloud Security - Understanding Your Total Risk Recorded: May 20 2021 26 mins
    Harsharn Puar - Lead Security Solutions Engineer, Cloud & Graeme McMillan - Senior Security Solutions Engineer, UK & Ireland
    Join us for this short session as we discuss how to assess your organisation’s risk across multi-cloud and traditional infrastructure environments using visibility and automation.
  • SOAR: IT Security Automatisieren – Ganz Ohne Code (German) Recorded: May 20 2021 28 mins
    Phillip Behmer
    Im Durchschnitt benutzen Security-Teams 57 unterschiedliche Produkte. Und selbst wenn es nur 10 sind, reicht dies oftmals schon aus, um einen Mitarbeiter durch den ständigen Kontextwechsel zu überlasten. Berücksichtigt man darüber hinaus die wachsende Komplexität moderner IT-Landschaften und die damit einhergehende Alarmüberflutung, ist es kein Wunder, dass es im Schnitt 279 Tage dauert, bis ein Angriff erkannt und eingedämmt wird.

    Der Einsatz moderner Technologien hingegen ermöglicht es Ihnen zeitintensive Prozesse automatisiert auszuführen. Mit spezialisierten Tools zur Automatisierung & Orchestrierung der gängigen Security-Workflows können Sie Unmengen an Zeit sparen und Ihre Mitarbeiter dort einsetzen, wo menschliches Know-How unverzichtbar ist.

    In unserem Webinar beleuchten wir:

    Welche gängigen Prozesse sich automatisieren lassen
    Wie diese Workflows in der Praxis aussehen
    Welcher Aufwand damit verbunden ist, automatisierte Prozesse einzuführen
    Ein kleiner Ausblick vorweg:

    Onboarding eines neuen Mitarbeiters: 5 Minuten statt 8 Stunden
    Eine Phishing-Alert-Investigation: 5 Minuten statt 75 Minuten
    Schwachstellen-Remediation: Minuten statt Stunden oder gar Tage
    Im Webinar lernen Sie zudem, wie Sie diese Aufgaben mit Hilfe von InsightConnect bewältigen können.
  • [APAC] Managing Cyber Risk from Infrastructure to Cloud Recorded: May 20 2021 28 mins
    Chris Hartley - UK & Ireland Lead, Matt Rider - Applied Engineering Director & Jeremy Snyder - Snr Director, Cloud Practice
    Adoption of the cloud is rapidly accelerating. One estimate of spending on cloud in 2022 is $360bn, and the agility and ability for businesses to innovate and keep pace is a key driver of this. Businesses are at a variety of stages on their journey - from digital natives born and developed in the cloud, to the majority of organisations who are moving from traditional infrastructure to the cloud. This level of adoption allows organisations to support the evolution of their business and business models.
    During this talk, our panel will discuss some of the many challenges and areas for consideration, including managing cyber risk from traditional infrastructure and managing this risk in the cloud.

    What you will learn:

    • How to mitigate common cyber risks and challenges of cloud migration
    • Explosion of the edge and the impact of shifting to remote working
    • The implications of the growing number of applications to enable workforces and support customers
    • Recommendations of focus points given the pace of change as you migrate to the cloud
  • Integration und Automatisierung gegen Ransomware und andere Bedrohungen (German) Recorded: May 18 2021 54 mins
    Daniel Prauser
    Die Kompromittierung der eigenen IT-Infrastruktur ist heute keine Frage des "ob" mehr, sondern eine des "wann". Die Kombination aus Cloud und Home Office sowie der Übergang zu DevOps-Modellen mit Containern und Microservices bieten eine Vielzahl neuer Angriffsmöglichkeiten. Traditionelle, signaturbasierte Abwehrmaßnahmen wie etwa Antiviren-Programme sind oft nicht geeignet, aktuelle Angriffsmuster wie etwa Emotet zu erkennen.
    Insbesondere die Gefahr von Zero-Day-Attacken erfordert einerseits ein konsequentes Schwachstellen-Management, um die Angriffsfläche wirkungsvoll zu verringern. Andererseits werden Detection&Response-Systeme benötigt, die einen dennoch erfolgreichen Eindringling früh erkennen und unverzüglich Gegenmaßnahmen einleiten können.
    Die enge Integration beider Systeme sowie ein hoher Grad an Automatisierung sorgen dafür, dass die Zahl der aufwändig zu bearbeitenden falsch-positiven Alarme minimiert und die Untersuchung von Verdachtsfällen erheblich beschleunigt werden.
  • How to Implement a DevSecOps Culture in Your Organization Recorded: May 13 2021 62 mins
    Chaim Mazal, VP of InfoSec, ActiveCampaign | Gareth Rushgrove, VP of Product, Snyk | Dane Grace,Technical Product Mgr, Rapid7
    A conversation with Chaim Mazal, ActiveCampaign CISO, on his teams journey to DevSecOps

    Modern development practices have forced organizations to combine development and IT operations under one DevOps umbrella in order to build and release code at a faster rate than ever before. However, due to this newfound developer agility, as well as the widespread use of open source technology in modern applications, companies have found themselves scrambling to keep up with this eye-popping pace of innovation and the amount of risk its introduced.

    Join Chaim Mazal, ActiveCampaign's CISO, as he shares his experience in transforming his teams approach to security at each layer of the technology stack, from development to staging and production, and how he used the right tools and practices to share security responsibilities among different teams to scale security throughout the IT organization.

    In this webinar, Chaim, along with security experts from Rapid7 and Snyk, will walk you through some of the steps he took to implement a DevSecOps culture by:

    Changing the way development and security teams interact
    Choosing the right tools to implement a DevSecOps practice
    Implementing code dependency checks
    Implementing automated security tests in CI/CD
    Implementing threat modeling and risk assessment in your code logic
  • [APAC] How to accelerate innovation through better governance and optimisation Recorded: May 13 2021 29 mins
    Brian Johson, SVP, Cloud Security Practice
    How do companies improve their security, compliance, and governance while becoming more productive in their multi-cloud environments? More than 70 percent of enterprises today are multi-cloud, either through organic growth, through mergers and acquisitions, or as a corporate strategy. While cloud offers a powerful opportunity to unleash innovation within the enterprise, IT and security teams struggle to devise governance strategies to support that innovation. Join DivvyCloud by Rapid7’s Brian Johnson (co-founder and SVP, Cloud Security Practice) as he discusses how companies can accelerate innovation through better governance and optimisation of their multi-cloud environment.

    This session will cover:

    - The signal and noise problem that many organisations are facing today
    - Why a self-service approach to cloud is the best way to innovate and remain competitive
    - How companies can remain secure and complaint while still going through a self-service culture shift
  • Ransomware in the Remote Work Era Recorded: May 12 2021 61 mins
    Diana Kelley, SecurityCurve | Nicole Hoffman, GroupSense | Courtney Radke, Fortinet | Patrick Lee, Rapid7
    Phishing and ransomware attacks continue to rise, according to Proofpoint’s State of the Phish report for 2020. Organizations in the U.S. are at risk, the increase in remote work due to the pandemic has fueled a spike in attacks, and phishing attempts are up by 14 percent compared to the previous year.

    Email continues to be the number 1 delivery vehicle, but other social engineering schemes that rely on social media, voicemail (“vishing"), SMS phishing (“smishing”), and malicious USB drops are also of concern for organizations. Ransom demands are also on the rise, but according to the report, paying the ransom is not guaranteed to work as many companies that paid the ransom failed to receive a decryption key.

    Join this month's episode of The (Security) Balancing Act as Diana Kelley and guests discuss why ransomware is surging again, which sectors are most at risk, the threat to enterprises and how it is being used for more than just ransom (ex: distractionware, destructionware, etc).
    - The rise in ransomware under the cloak of the pandemic
    - Why email continues to be the channel of choice
    - The difference between fully automated and human-operated campaigns
    - How to decide whether or not to pay or not to pay the ransom
    - Why your backups may not be immune to ransomware
    - Addressing the threat with best practices

    Speakers
    - Nicole Hoffman, Intelligence Analyst, GroupSense
    - Courtney Radke, CISO for National Retail, Fortinet
    - Patrick Lee, Senior Incident Response Consultant, Rapid7

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • Using Behavior to Detect Intrusions Involving Edge Devices Recorded: May 12 2021 83 mins
    Jeffrey Gardner, Nick Cavalancia, Ted Samuels
    Any Internet-facing device, appliance, server, or VM is fair game as an initial attack vector to a cyber attacker. They are readily accessible remotely and offer security teams little visibility into whether they are secure, under attack, or compromised.

    Additionally, those devices running on a Linux kernel can prove to be valuable assets to an attacker: A Linux device can be made a stealthy persistent foothold from which to pivot and begin attacks on your Windows infrastructure, it can be used to assist in exfiltration, and just because it’s been patched doesn’t mean it hasn’t already been exploited and continues to provide access via web shell. All this while your security team may be unaware these devices are still compromised.

    Attackers choosing to pivot and focus on gaining access to your Windows environment, historically expose themselves to detection through indicators of compromise (IoC) on the network, as well as within the Windows OS, applications, and Active Directory. But with many attackers working to hide their tracks, how can organizations detect attacks and trace them back to edge devices?
Supercharge Your Security Impact
Rapid7 is advancing security with visibility, analytics, and automation delivered through our Insight platform. Our solutions simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Over 9,300 customers rely on Rapid7 technology, services, and research to improve security outcomes and securely advance their organizations. For more information, visit our website rapid7.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Integration und Automatisierung gegen Ransomware und andere Bedrohungen (German)
  • Live at: May 18 2021 8:00 am
  • Presented by: Daniel Prauser
  • From:
Your email has been sent.
or close