Hi [[ session.user.profile.firstName ]]

From Incident Response to a Continuous Monitoring & Active Threat Hunting

With over 13 years of front-line experience dealing with advanced threat actors from around the globe, our Mandiant team know how the bad guys think and can help you win the battle against cyber attackers.

In this webinar, Stuart Davis and David Grout will cover:
- Best practices in regards to Security as a Service
- How organisations can move from an alert-led security to an intelligence-led security
- How FireEye can provide the adequate tools, processes and expertise required to build a next generation security program
Recorded Apr 27 2017 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Stuart Davis, Director, Mandiant & David Grout, Systems Engineering Director, FireEye
Presentation preview: From Incident Response to a Continuous Monitoring & Active Threat Hunting
  • Channel
  • Channel profile
  • APT34 - New Targeted Attack in the Middle East Dec 19 2017 1:30 pm UTC 60 mins
    Recent investigations by FireEye’s Mandiant incident response consultants combined with FireEye iSIGHT Threat Intelligence analysis have given us a more complete picture of a suspected Iranian threat group, that we believe has been operating since at least 2014.

    APT34 are involved in long-term cyber espionage operations largely focused on the Middle East. This threat group has conducted broad targeting across a variety of industries, including financial, government, energy, chemical, and telecommunications.

    Join us in a live webinar as we discuss this threat group whom we assess to be working on behalf of the Iranian Government, with a mission that would benefit nation-state geopolitical and economic needs. APT34 uses a mix of public and non-public tools, often conducting spear phishing operations using compromised accounts from trusted third parties, sometimes coupled with social engineering tactics.

    Register today to gain deeper insights into this threat group!
  • [ARABIC] 2017 - How FireEye can help MEA organisations to protect against APTs Dec 19 2017 11:00 am UTC 45 mins
    Yazan Hammoudah, Director of System Engineers, Middle East and Africa
    From cyber criminals who seek personal financial information and intellectual property to state-sponsored cyberattacks designed to steal data and compromise infrastructure, today’s advanced persistent threats (APTs) can sidestep cyber security efforts and cause serious damage to your organisation. 2017 is already one of the most prolific years in terms of APT activity. Indeed, since the beginning of the year, there have been several examples of major cyberattacks across EMEA and more specifically in the Middle East. How can FireEye help your organisations protect against these persistent threats?

    Join this live webinar in Arabic as we will discuss the following topics:
    - FireEye Adaptive Defense
    - Technology
    - Intelligence
    - Expertise

  • Cyber Security Predictions: What is in store for the EMEA region Recorded: Dec 14 2017 37 mins
    Jens Monrad, Senior Intelligence Account Analyst, FireEye iSIGHT Intelligence
    2017 was an eventful year in cyberspace, especially in Europe and the surrounding areas. We saw politically motivated industrial espionage attacks, changes in cyber legislation, a constantly adapting criminal ecosystem targeting various industries throughout the region – and that’s not even the half of it.

    Join us for our webinar on Dec. 14, 11am GMT, as Jens Monrad, Senior Intelligence Account Analyst with FireEye, discusses various aspects about the cyber threat landscape in the EMEA region in 2018, including:

    •Continued political tension in the region
    •Upcoming elections
    •Mixed security maturity
    •The effect of new compliance and data protection laws

    Register today to learn what lies ahead, and stay one step ahead of cyber security threats.
  • Cyber Crime, Data Breaches e GDPR Recorded: Dec 6 2017 65 mins
    Marco Rottigni, Sr Manager Prod. Marketing, FireEye; Davide Gabrini, Laboratorio di Informatica Forense, University of Pavia
    Indicazioni pratiche su come far evolvere la gestione del cyber risk
    Il ripetersi di attacchi ransomware (WannaCry, Petya) che hanno colpito ultimamente anche i computer di importanti aziende italiane, mette in luce la necessità impellente di rivedere i programmi di ICT Security, comprendere meglio l’esposizione al Cyber Risk, impostare monitoraggi, intelligence e capacità di risposta immediata.

    Anche il nuovo regolamento europeo per la Data Protection (GDPR) concorre a elevare la soglia di attenzione sul tema della protezione dei dati. Tradurre in pratica questo intento (come richiesto dagli articoli 33-34 e 84 del GDPR) significa agire valutando la propria postura di sicurezza, ma soprattutto sviluppando capacità di visibilità, analisi e risposta nei confronti degli attaccanti.

    Il webinar CYBER CRIME, DATA BREACHES E GDPR organizzato da The Innovation Group in collaborazione con FireEye, il prossimo 19 settembre, partendo dalla presentazione dello stato dell’arte dell’evoluzione del cyber crime, la nuova generazione di ransomware, l’importanza di disporre di “prove digitali” propone alcune soluzioni pratiche per raggiungere una maturità operativa nella resilienza agli attacchi avanzati, in linea con gli standard più elevati.
  • Protection des Endpoint, dotez-vous de l'expertise nécessaire Recorded: Nov 30 2017 47 mins
    Lluis Coma, Systems Engineer, FireEye
    La protection Antivirus a été l’une des fondations de la sécurité des Endpoints depuis des années, on sait aujourd’hui que celle-ci est nécessaire mais non suffisante.
    L’évolution de la menace oblige à repenser la sécurisation des Endpoints en mettant en place différents moteurs de protections capables de répondre à différents types de menaces.
    Cette évolution force aussi le constat « que 100% de sécurité n’existe pas » et qu’il faut donc se doter de solution d’investigations et de réponses à incidents aux niveaux des Endpoints en support de ces moteurs de protections.

    Jeudi 30 Novembre, Lluis Coma, Ingénieur FireEye, détaillera :

    - Les enjeux sur les Endpoints aujourd’hui
    - Les fonctionnalités de protections nécessaires pour une améioration de sa posture de sécurité
    - Les fonctionnalités d’investigations et d’analyses permettant une réaction rapide et une limitation des impacts
    - Les modifications de processus et d’organisations pour mettre en place une approche de « Hunting » proactive.

    Un webinar vous permettant de béneficier de l’experience FireEye appliquée au Endpoint.
  • Webinar in italiano - The Next Level of Smarter Endpoint Protection Recorded: Nov 29 2017 45 mins
    Marco Rottigni, Senior Manager, Product Marketing, FireEye
    Per decenni, la protezione antivirus (AV) è stata la base per la sicurezza degli endpoint, nonostante tutti i suoi limiti. Per affrontare le minacce sempre piu evolute, le organizzazioni devono dotarsi di una soluzione integrata di endpoint che possa migliorare le loro difese.
    Il 29 novembre, Marco Rottigni, Senior Manager, Product Marketing di FireEye, offrirà una panoramica di dettaglio sui seguenti punti:
    • Perché i prodotti per la sicurezza degli endpoint non sono sufficienti a fornire una protezione efficace
    • Le funzionalità necessarie per dotarsi di una soluzione completa per la protezione degli endpoint:
    -AV con Threat Intelligence
    -Detection e Response
    -Behaviour e Exploit
    -Visibilità e automazione
    • Come la soluzione FireEye Endpoint Security consente di passare rapidamente dall'individuazione all'indagine e alla remediation, tutto con un solo agente
    Partecipa a questo webinar come primo passo verso un approccio più intelligente e flessibile alla sicurezza degli endpoint.
  • APTs - Cómo funcionan y cómo protegerse Recorded: Nov 23 2017 49 mins
    Ferran Orosola, Solutions Architect FireEye; Alvaro Culebras Sanchez & Noa Blanco Fernandez, Cybersecurity Engineers, Minsait
    Crees que estas protegido frente a las APTs? Te explicamos cómo funcionan y como protegerse

    Los ataques de hoy en día se han vuelto cada vez más sofisticados, lo que ha provocado que las medidas de seguridad tradicionales ya no sean eficaces. Las organizaciones deben adoptar nuevas estrategias de Ciberseguridad que permitan una mayor protección, adaptándose a estas nuevas amenazas.

    En este webinar FireEye y Minsait, la unidad de negocio de Indra encargada de la transformación digital de las empresas, muestran qué son las Amenazas Persistentes Avanzadas (Advanced Persistent Threats), cómo funcionan y qué medidas se deben implementar en las organizaciones para protegerse ante las APTs que utilizan el correo electrónico como principal vector de ataque.
  • [Panel] Defending Against the Evolving Cyber Threat Landscape in 2018 Recorded: Nov 15 2017 60 mins
    Amar Singh, Cyber Management Alliance | Stuart Davis, Mandiant | Ed Tucker, DPG | Dharminder Debisarun, Palo Alto Networks
    2017 was the year of cyber attacks and high profile data breaches. Discover what cyber security professionals should be focusing on in order to secure their organizations in 2018.

    This interactive Q&A panel will discuss:
    - The trends shaping the cyber threat landscape in 2018
    - Lessons from the biggest cyber events of the year
    - Recommendations for CISOs on securing the enterprise in an age of frequent and persistent attacks
    - The technological advancements in the fight against cyber criminals and the processes organizations need to have in place to enable their security teams

    - Amar Singh, Cyber Management Alliance
    - Stuart Davis, Director, Global Services & Intelligence Europe, Middle East & Africa at Mandiant
    - Edward Tucker, CIO, DP Governance
    - Dharminder Debisarun, Industry Security Architect, Palo Alto Networks
  • 2017 - An active year for APT groups Recorded: Nov 14 2017 49 mins
    David Grout, Director, Southern Europe Systems Engineering, FireEye
    From cyber criminals who seek personal financial information and intellectual property to state-sponsored cyber attacks designed to steal data and compromise infrastructure, today’s advanced persistent threats (APTs) can sidestep cyber security efforts and cause serious damage to your organization.
    2017 is already one of the most prolific years in terms of APT activity. Indeed, since the beginning of the year, there have been several examples of major cyber attacks.

    Join us for a live webinar as we discuss:
    - The most severe cybercriminal activities of 2017
    - The motivations, approaches and TTPs of the threat groups behind these attacks
    - Insights into APT10, APT32 & APT33
  • 2017- Une année déjà active pour les groupes APT Recorded: Oct 26 2017 49 mins
    David Grout, Director, Southern Europe Systems Engineering, FireEye
    2017 est d’ores et déjà une des années les plus prolifiques en ce qui concerne l’activité des groupes APT. On a en effet depuis le début de l’année plusieurs exemples d’attaques majeures, d’extorsions ou de tentatives d’influences relayées dans la presse.

    Prenons une pause et regardons plus attentivement les TTPs de ces groupes, les techniques Outils et procédures qu’ils utilisent.

    Pendant 45mn nous regarderons dans le détails leurs motivations, leurs approches et nous en définirons les moyens possibles à mettre en place pour limiter voire éviter leur attaques.

    Nous couvrirons plusieurs domaines incluant les groupes sponsorisés par des états avec des volontés de prises d’avantages économiques voir de destructions de l’adversaire comme APT32 ou 33. Nous étudierons aussi les groupe jouant d’influence géopolitique et de fake news comme APT28 ou 29 et nous finirons sur le cyber espionnage (APT10) et les cybers criminels spécialisés dans l’extorsions de fond.
  • Simplify Threat Response Through Integration & Automation Recorded: Oct 25 2017 39 mins
    Anthony Leigh, Systems Engineer, FireEye
    FireEye Security Orchestrator helps you improve response times, reduce risk exposure, and maintain process consistency across your security program. It unifies disparate technologies and incident handling processes into a single console that codifies experiences from the frontlines to deliver real-time guided responses.

    In this technical session we hear from an orchestration expert on best practices to simplify and automate security tools and processes. We will look at real-life examples of providing teams with greater control of incident response process for improved efficiency, thus saving time & resources and increasing efficiency and performance. We will also look at orchestration services with incident response playbooks, plug-in development, automation and workflow deployment.
  • Endpoint Security: No longer taking a back seat! Recorded: Oct 25 2017 57 mins
    Remon Verkerk, Systems Engineer, FireEye
    Endpoint security has long been an obvious necessity, but mostly proved a resource heavy burden with limited value. The threat landscape has changed and so have the attack vectors. Endpoints are a popular and often easy in to customer networks. This ideal stepping stone needs proper protection and NGAV is no longer sufficient. Privacy laws and regulations demand answers quickly when things go south and data breaches occur. The endpoint is usually a good starting point to provider answers to questions like:

    - Is there command and control activity?
    - Did lateral movement occur?
    - What other systems were accessed?
    - Et cetera…

    This webinar explains how FireEye Endpoint Security (HX) helps our customer to protect their endpoints, and enable you to go from alert to fix in a matter of minutes. Visibility, speed and cost efficiency are the key components in this solution.

    After this webinar, you will have good understanding of the capabilities on countering attacks on your endpoints, and how Fireeye’s Endpoint Security can be of added value to your organisation.

    Keywords/tags: protection, prevention, detection, hunting, exploit prevention, AV
  • The Security Paradigm: "From the Cloud, To the Cloud, In the Cloud" Recorded: Oct 24 2017 49 mins
    David Grout, Director, Southern Europe Systems Engineering, FireEye
    Cloud adoption is a reality today, every company is moving applications and businesses in the cloud to get more flexibility, agility and to potentially reduce their costs.

    Security operations need to enable this transformation and help the business to activate capabilities in the cloud infrastructure. Risks exist and cannot be ignored if companies want to provide a sustainable and secure environment for themselves and their customers.

    During this webinar, we will describe the main risks associated with cloud adoption and cover how to mitigate those risks.  
  • Best Practices for Enterprise Cyber Intelligence Operations Recorded: Oct 24 2017 48 mins
    Igors Konovalovs, Director, FireEye iSIGHT Intelligence
    Identifying effective threat intelligence is not easy. Learn what it means to have timely, relevant and actionable threat intelligence and how it can help you respond to threats quickly and decisively.

    This webinar explains:

    · Why do organisations require Cyber threat intelligence?
    o To aid technical and business decision making
    o To identify and manage risks
    o To efficiently deploy capital against the threats that matter to enterprise

    · The key requirements for establishing a cyber threat intelligence function
    · Basic cyber threat intelligence workflows
    · Resource and training requirements to support a Cyber Threat intelligence function
  • The Cost of Building a Threat Hunting Team in Your SOC Recorded: Oct 24 2017 60 mins
    Stuart Davis, Director, Mandiant
    At this point your SOC is effectively covering SIEM, IDP, Vulnerability Management and a number of other areas.
    However, the next phase of maturity is to build the APT Threat Hunting capability.

    Join us for a short webinar to discuss the costs of building a hunting team versus buying it.
  • APT33: Panoramica FireEye sulle attività cyber iraniane Recorded: Oct 11 2017 49 mins
    Gabriele Zanoni, Systems Engineer, FireEye
    Le recenti investigazioni condotte da Mandiant, la divisione di Incident Response di FireEye, combinate con le analisi del nostro servizio di Threat Intelligence iSIGHT, hanno fornito una panoramica completa sulle attività di un gruppo di Cyber attaccanti iraniani operante dal 2013.
    Durante il webinar, spiegheremo come questo gruppo di attaccanti sia stato coinvolto in attività di cyber spionaggio al fine di raccogliere informazioni strategiche di intelligence da aziende nel settore dell’aviazione e dell’energia, con il fine ultimo di mettere le informazioni trafugate a disposizione di uno sponsor statale o militare.
    Registrati al webinar per saperne di più!
  • APT33: New Insights into Iranian Cyber Espionage Group Recorded: Sep 21 2017 49 mins
    Stuart Davis, Director, Mandiant; Nick Carr, Senior Manager, TORE Detection & Analysis
    Recent investigations by FireEye’s Mandiant incident response consultants combined with FireEye iSIGHT Threat Intelligence analysis have given us a more complete picture of a suspected Iranian threat group, that we believe has been operating since at least 2013. 
    Join us in a live webinar as we discuss this threat group whom we asses to be involved in a long-term, resource intensive cyber espionage operation motivated by the prospect of collecting strategic intelligence, including information related to the aviation and energy industries, which would ultimately benefit a nation-state or military sponsor.
    Register today to gain deeper insights into this threat group!
  • T-72 hours: Building Your GDPR Breach Response Plan Recorded: Aug 17 2017 49 mins
    Jeroen Herlaar, Regional Director, Mandiant; Alister Shepherd, Director, Consulting, META, Mandiant
    The first half of 2017 was the tipping point for cyber threats in Northern Europe. Organizations had to defend themselves against two cyber attacks involving rapid spreading malware. The latest incident severely disrupted global enterprises, causing significant downtime and impacting their revenue.
    Such high-profile, large-scale attacks show us that no organisation is safe from the reach of cyber-criminality. Post-GDPR, responding to these attacks will become all the more critical as breaches will have to be reported to the relevant regulatory body. By understanding your current security posture - internal processes and technology – combined with the external threat landscape – organisations can prepare themselves should a breach occur.

    In this webinar, you will learn how to assess your risk profile, evaluate your operational strengths and weaknesses as well as your tactical approach to responding to co-ordinated, targeted attacks.

    Register your interest here.

    Many thanks,
    The FireEye Team
  • BrightTALK's GDPR Benchmark Special: How Prepared are You for May 2018? Recorded: Aug 17 2017 63 mins
    Josh Downs, BrightTALK; Stuart McKenzie, Mandiant; Sian John, Symantec; Nigel Tozer, Commvault & Tim Hickman, White & Case
    9 months until the GDPR deadline - are you completely up-to-speed?

    Our panel of data protection experts will be discussing the compliance considerations that you need to be assessing for May 2018 along with suggesting next steps from a cyber and general security standpoint.

    We'll also be asking YOU at what stage you're at in terms of your preparations via a series of interactive benchmarks as we go through the session to get a sense of where the security community is at in terms of preparations.


    GDPR and its May 2018 deadline are now fully the minds of the vast majority of security professionals and with massive fines on the horizon for non-compliance, now is a better time than ever to get to grips with the legislation and ensure that your organisation is secure and compliant.

    It’s vital that your business has carried out the relevant preparations for compliance by then to make sure you don’t get whacked with a huge fine of up to £15m or 4% of your organisation’s global annual turnover.

    Not only are there potentially huge financial repercussions, but leaving your business open to attack and your customers at risk can cause serious reputational damage.
  • Security Orchestration In Action: Integrate – Automate –Manage Recorded: Aug 10 2017 53 mins
    Silvio Pappalardo & Alex Ruhl, FireEye
    Simplify & Accelerate Security Operations through integration and automation

    Join us to hear how Security Orchestration from FireEye can:

    Unify your security assets into a homogeneous platform and remove the operational silos that have bogged down security personnel for years. Improve operational efficiency and streamline processes with automation.
    Save time and resources & Improve your overall ROI

    Give your team an edge on attackers with deployment, design, and pre-built playbooks from our team of experts.
    Leverage our real-world, frontline Mandiant investigation experience & get access to class leading content, best practice playbooks and a global services breadth to assist clients anywhere in the world they need support.

    Eliminate errors through standardised process and automation while reducing time demands on already stretched SOC teams.
    Minimise error prone manual processes while maintaining response and process consistency &
    Automate repeatable tasks enabling you to re-allocate staff to higher value tasks such as proactive hunting.

    Towards the end of the session we will be delivering a LIVE demo of FireEye Security Orchestrator.
Security Re-Imagined
FireEye is the leader in stopping today’s advanced cyber attacks by combining the world most advanced technology, intelligence, and expertise. FireEye has over 2,200 customers across more than 60 countries, including over 130 of the Fortune 500.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: From Incident Response to a Continuous Monitoring & Active Threat Hunting
  • Live at: Apr 27 2017 11:30 am
  • Presented by: Stuart Davis, Director, Mandiant & David Grout, Systems Engineering Director, FireEye
  • From:
Your email has been sent.
or close