Today, it’s hard to find an organization that operates without pen tests. Thanks to heightened awareness among management and growing adoption of compliance standards such as PCI DSS, pen tests are on every CISO’s to-do list.
Multiple varieties of pen tests have emerged and many organizations have a detailed plan to perform these tests every year. Yet, 95% of the organisations were found to be breached with clear evidence of advanced attackers controlling their internal systems. While penetration tests attempt to answer the question, “Can our controls be breached?”, the more critical question is “Am I aware of any existing breach?”
In the new threat landscape, where attackers employed advanced means to bypass controls and got in without being noticed, just how pen tests are standing up to the challenge? How would one determine if these annual penetration tests are really providing value?
Vivek Chudgar takes this on in our live webinar. He will examine the role of pen testings in an organization, and how the new threat landscape has changed the function of these testings. He will also discuss other new approaches to help organizations be assured of their secure status.
RecordedJun 12 201448 mins
Your place is confirmed, we'll send you email reminders
Bryce Boland, Chief Technology Officer for Asia Pacific; Tim Wellsmore, Director of Consulting and Intelligence, Mandiant
Major events of 2016 have created great uncertainty about the future, but in cyber security, one thing is certain: Some attacks and crimes will continue and new challenges will emerge.
What new developments in cyber security should you expect in 2017 in Asia Pacific?
Join us to hear from some of FireEye’s top experts about our predictions for 2017 which draw from our executive team, Mandiant incident responders, FireEye iSIGHT Intelligence, and FireEye Labs.
Register to understand what lies ahead, so you can prepare to stay one step ahead of cyber security threats.
Join Bryce Boland, Chief Technology Officer for Asia Pacific and Tim Wellsmore, Director of Consulting and Intelligence, Mandiant in this presentation about emerging trends in the Asia Pacific region.
Rajiv Raghunarayan, Sr. Director, Product Marketing, FireEye. Robert Westervelt, Research Manager, IDC.
Advanced threats continue to grow in severity, complexity and reach as threat actors expand their attacks to hit soft targets. Adding to this, as business workloads move to the cloud, and as shadow IT continues to proliferate, unforeseen security gaps expose new vectors for exploit and abuse.
Attacks are not just targeting the core of a network, nor are they limited to just large scale enterprises. More and more, threat actors are aiming at vulnerable endpoints, distributed network environments and porous perimeter defenses. To combat this, security solutions need to be as agile as today’s threat actors.
In this webinar, we will discuss the changing threat landscape and how today’s threat actors and advanced malware are impacting businesses of all sizes and types. Additionally, we will examine new security solutions and deployment models that provide agility, flexibility and widespread protective reach that scales and grows with IT and security needs.
Jens Monrad, Global Threat Intelligence Liaison, FireEye; Al Maslowski-Yerges Manager, Americas Systems Engineering
The ongoing battle with cybercrime is asymmetric. You’ve invested millions in protection technology but unknown attackers still find a way in. So how do you stay ahead of the curve?
"The core problem is that most cyber security tools do not make a distinction between everyday malware and advanced targeted attacks. If security tools cannot tell the difference, security teams have no way of prioritizing the alerts that matter the most."
Join Jens Monrad, Global Threat Intelligence Liaison from FireEye in this webinar that will discuss:
•How to ensure you are responding to the alert that matters
•Benefits of Alerts with threat Intelligence
•Using threat intelligence to think like your attacker
•How to apply threat intelligence, expert rules and advanced security data analytics in order to shut down threats before they cause damage
•How security teams can prioritize and optimize their response efforts.
Vipul Kumra,Consulting Engineer, FireEye India,Shantanu Mahajan, Consulting Engineer, FireEye India
Are you ready to handle a security breach? In the age of relentless cyber crimes and nation state sponsored cyber attacks, companies need to be breach-ready, and be proactive in their incident preparedness. This could essentially save organisations from devastating cost.
Incident preparedness is more than having an incident response plan, it’s more than having skilled personnel on staff. Come join us for a discussion on key elements that every company should consider. Major security breaches have become part of everyone’s daily news feed—from the front page of the newspaper to the top of every security blog—you can’t miss the steady flood of new breaches impacting the world today. In today’s ever-changing world of business and technology, breaches are inevitable: you must be prepared and know how to respond before they happen
Russell Teague, Managing Director, Mandiant, a FireEye Company
Are you ready to handle a security breach? Russell Teague, Managing Director, Mandiant, a FireEye Company, will discuss the Next Generation of Incident Preparedness. Mandiant is the world leader in Incident Response Management; no other company is involved in more of today's largest breaches. Russell will discuss what companies need to do to be breach ready, and how being proactive in your incident preparedness is essential and could save you from devastating cost.
Incident preparedness is more than having an incident response plan, it's more than having skilled personnel on staff. Come join us in an eye-opening discussion on key elements that every company should consider. Major security breaches have become part of everyone's daily news feed, from the front page of the newspaper to the top of every security blog, you can’t miss the steady flood of new breaches impacting the world today. In today’s every changing world of business and technology, breaches are inevitable, you must be prepared before they happen. Learn how to become prepared from the industry leader in breach management and ultimately control your cost in post breach recovery.
The security paradigm for nearly two decades has been to increasingly invest in technology. These solutions have not only failed to solve the problem but have made the challenge more complex. Even if true threats are detected, they are lost in a sea of alerts and lack the context to prioritize and build response. This security posture is only exacerbated by the skills deficit currently facing the industry.
In this webinar, we look at the emergence of a new security-as-a-service paradigm and the capabilities required to help organizations reduce risk and time to protection. The discussion will cover how the cost, specialization and complexity of cyber defense have positioned security to follow other markets in adopting an “as-a-service” paradigm.
We will also address the capabilities that define an ideal security-as-a-service partner such as:
•the availability of security expertise
•a broad intelligence capability and
•flexible deployment options
Not only does this approach improve a security posture and reduce risk but it does so with a lower total cost of ownership (TCO). Register today to learn more about this emerging security-as-a-service model.
Bryce Boland – CTO FireEye Asia Pacific and Rob van der Ende, Vice President for Mandiant Consulting, Asia Pacific and Japan
Our Mandiant consultants have responded to and investigated many of 2015's biggest security incidents. The insights gained from these consultancies provide us with a unique vantage point when it comes to understanding the ever-evolving cyber threat landscape.
This webinar will discuss key trends, statistics, and case studies to illustrate the evolution of the advanced threat actors over the last year in Asia Pacfic.
Register for the webinar and join Bryce Boland – CTO FireEye Asia Pacific and Rob van der Ende, Vice President for Mandiant Consulting, Asia Pacific and Japan at FireEye as they dicsuss the top findings from this report and explains how to prepare and respond to a breach when it occurs
Steve Elovitz, Manager, Consulting Services (Mandiant), Ian Ahl, Manager, Incident Response (Mandiant)
Beginning in January 2016, Mandiant identified a financially-motivated threat actor that launched several tailored, spear-phishing campaigns—targeting industries that process large volumes of consumer credit cards such as retail, restaurant, and hospitality. To date, Mandiant has seen this group at over 150 organizations. This group is interesting due to the large number of organizations they quickly targeted, how quickly they shift tools, tactics, and procedures (TTPs), and their unusual persistence in attempting to re-compromise an organization after remediation.
During this conversation, we will walk through examples from several Mandiant investigations of this groups activity. We will take a technical look at this threat actor's TTPs as well as talk about what to look for to determine if they are active in your environment.
Register for this webinar as our experts share key insights on this new cyber threat group!
Vipul Kumra,Consulting Engineer, FireEye India,Shantanu Mahajan, Consulting Engineer, FireEye India
Cyberattacks against Banking and Financial Institutions have evolved from annoying pop-ups and machine crashes to denial-of-business events. CxO resignations and losses/damages running into crores of Rupees have heightened the awareness around cyber security, and shifted it from an IT problem to a business priority risk.
Recently, Asia has been a hotspot for such cyberattacks, with many high-profile attacks being the subject of headlines across the region, including the most recent Bangladesh Bank breach.
In its latest annexure to banks titled “Cyber Security Framework in Banks”, RBI has outlined a number of proactive measures that Banks in India need to take to ensure a robust cyber security/resilience framework, and to ensure adequate cyber security preparedness on a continuous basis.
Here are just a few requirements:
-Board approved cyber security policy
-Cyber crisis management plan
-Cyber resilience framework
-Cyber security awareness among stakeholders / top management / board
FireEye invites all banks and financial institutions to join this exclusive webinar where the speakers will review the RBI guidelines and suggest ideas to bolster your response strategy and limit the consequences of a breach.
Date: 26th July, Tuesday
Time: 11:00 am
Duration: 40 mins. With Q&A
Vipul Kumra, Consulting Engineer, FireEye India
Shantanu Mahajan, Consulting Engineer, FireEye India
Ron Bushar, Managing Director, Mandiant (a FireEye company)
Over the last decade, cyber security has evolved from a niche concern confined to IT professionals to a major priority for CEOs and boards of directors. Company leaders are now charged with managing cyber risk with the same urgency that they have managed traditional business risk.
The emergence of cyber risk as a centerpiece of risk management is being fueled by new and increasingly complex threats. Organizations must deal with a quickly evolving set of threats to their information systems and data. Many of these threats were unimaginable just a few years ago.
In this discussion, we explain the different forms of cyber risk and show how the threat level has risen in recent years. We also provide a basic framework for managing cyber risk, and finally, we pose five key questions business leaders should ask themselves to ensure their security posture is sufficiently robust and resilient to meet evolving threats.
Register for this webinar today. As usual, we’ll leave time for Q&A.
“Good Enough Security: Is It Hurting Your Business “
Imagine a continuous state of alarm - that alarm sounding every second …24 hours a day …7 days a week …all year long …
That’s the situation IT security teams around the world face with their cybersecurity tools. With so many alerts, it is not your security that is working hard, it’s your security team. And with so many alerts to review a security team can end up with alert fatigue, causing them to ignore a high percentage of the messages. When that happens, cyber attacks can slip by.
Organizations with traditional defenses often face an uncomfortable and expensive tradeoff: add security staff and tools at considerable cost or risk fatigue and missing a critical alert.
Truth is, you can avoid this tradeoff.
Join the FireEye webinar “Good Enough Security: Is It Hurting Your Business” where we will throw some light on:
1.The true costs of ineffective security
2.Detection Efficacy: Invest in security tools that highlight alerts that matter
3.Key considerations when evaluating a cyber security solution - The need for a platform that includes response
The FireEye Team
Time to check your security posture!
It is 8:00 am, and you are on the way to work. You get a frenetic call from your office – “hackers are holding your computers hostage in exchange for a ransom”. Your order processing application is one of the casualties. Your last successful backup was over a month ago. Do you pay the ransom and regain control? Your money or your data?
This scene may seem to be straight out of a Hollywood movie, but for several organisations, it has become an unfortunate reality today. Ransomware is a growing menace to enterprises and consumers alike, and given the recent trends observed by FireEye, it is here to stay. Some ransomware variants encrypt your critical files, others lock you out of the systems. Some demand bitcoins, others demand payment vouchers. Some are a disruption to your business, others are just a distraction.
Join the FireEye webinar “Ransomware: A Disruption or Distraction", and get an in-depth view into the mechanics of ransomware. You will learn about:
1.Ransomware: Impact & Trends
2.The Economics of Ransomware
3.A Distraction or Disruption
4.Lessons Learned: Tackling Ransomware
Bill Hau, VP, Mandiant Consulting, a FireEye company & Tony Lee, Technical Director, Mandiant Consulting, a FireEye company
SYNful Knock, once a theoretical cyber attack, is now a reality. This Cisco router implant was recently discovered in multiple organizations and several countries.
Based on research from Mandiant, a FireEye company, we believe this is just the first of many possible router implant techniques and expect similar attack methods to become more popular and sophisticated in the future.
In this webinar, you’ll learn about the malware and its capabilities, as well as tools to detect the threat in your organization.
Join us to discover:
- How SYNful Knock works
- Why SYNful Knock is so difficult to detect, even when you suspect an implanted router
- How you can better detect and foil SYNful Knock
- What future variants of this attack might look like
How can your company ensure all threat vectors are protected? In this webinar you will:
- Find out what it takes to secure your organization from today’s evasive advanced cyber threats
- Discover how to detect blended attacks that point products miss
- Learn how to safeguard your intellectual property, critical infrastructure, and customer records from multi-vector, targeted attacks
- Understand how to respond to incidents faster by reducing the number of false positives your security team has to sift through
- Get introduced to the FireEye products that can help achieve enterprise network security
Learn more about the tools, tactics, and procedures of APT30 - the cyber threat group that had successfully compromised entities for at least ten years, and how to detect, prevent and respond to this threat.
FireEye recently released a report that details how a cyber threat group APT 30, had successfully exploited largely in Southeast Asia countries and India – in both government and commercial entities — who hold key political, economic, and military information about the region for at least a decade.
Join us on this webinar with Bryce Boland, CTO of FireEye Asia Pacific, who will share more on this threat intelligence.
In this webinar, you can understand more about the operations behind APT30 as we outline the profile of the attacker so that you can better understand their threats.
• Learn about their tools, tactics and procedures (TTP)
• Find out how you can detect, prevent, analyze and respond to this threat
This session is for business and security professionals, especially in South East Asia and India, who would like to know more about this APT group which is one of the longest running advanced threat groups we have observed.
Steve Ledzian, Director of Systems Engineering, Asia
A report from FireEye detailed a study of over 1200 real world production networks and found that 96 percent of those networks experienced a breach during the study.
Even some of the largest of companies had their defenses defeated by attackers despite millions of dollars invested in cybersecurity. Cyber-criminal organizations and nation state threat actors alike are also constantly evolving in sophistication. With more at stake than ever and against these increasingly advanced threats, many organization who are looking at their own in-house security teams are feeling outgunned in cyberspace.
For organisations that are concerned about the ever increasing rate of cyber-attacks, but do not have the ability or desire to build their own team of dedicated cyber defenders, what are their options available against these attackers? Are there strategies that can help organizations instantly level the playing field? How can FireEye-as-a-Service (FaaS) help?
Attend this webinar and find out how FireEye-as-a-Service (FaaS) can be an arsenal for these organisations.
In this webinar, Steve Ledzian, Director of Systems Engineering, Asia will explore these topics, and discuss how FaaS leverages a unique combination of Technology, Intelligence, and Expertise, to defend against evolving cyber-attacks, and resolve any incident in minutes and not months.
Nart Villeneuve (FireEye), Daniel Regalado (FireEye), John Scott-Railton (The Citizen Lab)
FireEye recently released a new report “Behind the Syrian Conflict’s Digital Frontlines” that documents a well-executed hacking operation that successfully breached the Syrian opposition.
Between at least November 2013 and January 2014, the hackers stole a cache of critical documents and Skype conversations revealing the Syrian opposition’s strategy, tactical battle plans, supply needs, and troves of personal information and chat sessions. This data belonged to the men fighting against Syrian President Bashar al-Assad’s forces as well as media activists, humanitarian aid workers, and others within the opposition located in Syria, the region and beyond.
We have only limited indications about the origins of this threat activity. Our research revealed multiple references to Lebanon both in the course of examining the malware and in the avatar’s social media use. While we do not know who conducted this hacking operation, if this data was acquired by Assad’s forces or their allies it could confer a distinct battlefield advantage.
Join us for a roundtable discussion with subject matter experts where we’ll talk about the details of the report and explore surrounding topics, to include:
• An overview of the conflict in Syria and why cyber-espionage is an increasingly important factor
• An in-depth analysis of a critical breach of the Syrian opposition including an overview of the tools and techniques used by the threat actors
Find out more and learn from this Syrian report how you can defend yourself against these cyber attackers
Bryce Boland, Vice President/CTO, Asia Pacific, FireEye
From Cryptolocker to the Apple iOS vulnerability, 2014 may well be remembered as the Year of the Data Breach. With the ever-changing threat landscape and advanced cyber-attacks showing no sign of slowing down, organizations need to be prepared as we head into 2015.
To prepare yourself for the coming year and be armed with the necessary knowledge to strengthen your security posture, you will need to anticipate the security needs and trends of the future.
•What are the key security predictions in 2015?
•What new developments in technology will shape your security posture?
•How can your organization not just survive—but thrive—in the face of new danger?
Bryce Boland, CTO for Asia Pacific at FireEye, will share top, global security predictions and challenges for 2015. In this webinar:
• Find out the top 10 security predictions for 2015 and how they impacts organizations
• Discover the trends that drive these predictions
• Learn about key strategies to take a proactive stance against advanced attacks
Bill Chang, CEO (SingTel), Dave DeWalt, CEO (FireEye), Dave Merkel, CTO (FireEye), William Woo, Managing Director (SingTel)
Today’s advanced threats can steal your business data, eavesdrop on your communications, and demolish your network, bringing your business to a complete stand still. FireEye and SingTel’s strategic partnership represents a new era in how enterprise customers in Asia Pacific will address today’s cyber threats. SingTel Managed Defence Powered by FireEye is an innovative service offering developed by two best of breed technology providers. Together with FireEye, SingTel will deliver continuous monitoring, detection and the quick containment of malware and other perceived threats to enterprises and government organisations.
Join us at this live webinar where leadership from SingTel and FireEye will discuss:
-The value and concept behind Managed Defense against APT
(Advanced Persistent Threat) in APAC
-The availability of the “Data Store” that will keep your data local.
-Quarterly threat reporting with an emphasis on APAC
-The intelligence, expertise and technology you can depend on the
protect your greatest assets
Vivek Chudgar, Director of Mandiant Security Consulting Services, APJ, FireEye Inc
Your organization’s resilience against cyber-attacks is dependent on its capacity to withstand unknown threats and advanced attacks. When building its capacity against cyber-attacks, most organizations focus on people i.e. hiring professionals with relevant skillets. However, is focusing on the security workforce the right approach or are there key pieces that you may be missing?
Vivek Chudgar takes this on in our live webinar. He will examine how organizations build a resilient security infrastructure in the new ever evolving threat landscape.
- Key considerations in building capacity
- Preventative vs Detective Controls
- Building a SWAT Team
- How to build SOC and CERT Consulting
Be sure to register now and find out more in this webinar.