Learn more about APT32 (OceanLotus Group), a Southeast Asian cyber espionage group threatening multi-national companies operating in Vietnam. After long-term monitoring and response of their activities, FireEye has given this threat actor the newest APT designation.
Join Nick Carr, Sr. Manager of Incident Response, as he shares how Mandiant, iSIGHT Intelligence and FireEye as a Service teams reveal:
• Who is part of APT32, where they are based, whom they target and how they operate
• Advice on how to defend against, hunt for and respond to APT32
• How your organization can improve your ability to detect, prevent and remediate APT32 attacks
RecordedMay 24 201757 mins
Your place is confirmed, we'll send you email reminders
Nicole Cavaleri, Senior Director, Expertise On Demand, Mandiant
With an estimated 3.5 million unfilled cyber security positions forecasted globally by 2021, and with research suggesting it’s only getting worse, it’s time to think differently about how to acquire cyber security expertise.
Join Nicole Cavaleri, Senior Director with Mandiant, for an introduction to Expertise On Demand, an annual subscription that extends your security capabilities and capacity with flexible access to a wide range of industry-leading Mandiant security skills and experience, including investigations, intelligence, training and consulting.
This unique service can help reduce the business and management risks associated with hiring, training and retaining cyber security talent by providing the expertise you need, when you need it.
For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
Renze Jongman, Principal Intelligence Enablement Consultant, Intel Capability Development, Mandiant
This on demand session will be available starting at 5:00 a.m. PT.
Demand for threat intelligence is in high demand and different organizational stakeholders have broad set of requirements.
Learn from our enablement specialists how you can maximize threat intelligence investments and what the steps are in building out a global threat intelligence program that aligns stakeholders with ROI for the business.
For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
Jonathan Rendal, Consulting Sales Engineer, Iberia, FireEye
Las soluciones de protección del endpoint, requieren una evolución constante, tanto en las tecnologías más tradicionales de protección (EPP), como las tecnologías mas avanzadas (EDR).
En el próximo webinar de FireEye, le mostraremos las nuevas funcionalidades y la evolución de las tecnologías de protección completa de los endpoint.
Los objetivos serán comentar en detalle:
•Nueva versión de FireEye Endpoint Security y módulos de seguridad.
•Nuevas funcionalidades en las tecnologías para la protección del endpoint
•Demo de la solución y de la nueva consola de administración.
Back by popular demand, join BlueFort and FireEye at 09:00 - 10:30 on 6th October 2020 for our next Cyber Attack Simulation.
BlueFort run regular Cyber Attack Simulation events to help companies to consider how they would respond to a cyber attack. Typical feedback we get is that these are simulation events are ‘eye-opening’ ‘thought provoking’ ‘valuable’ and ‘scary!’.
We will once again be joined by our expert panel consisting of Director of UK & Ireland for FireEye Mandiant, a law partner who specialises in cyber breaches and a crisis communications expert too to give you the latest advice, insights and different perspectives at each stage.
A great event for anyone working in leadership, security, legal, risk, communications and of course IT!
- Participate in a real time attack to understand how to take back control
- Build confidence in taking the right actions that will protect your company
- Gain a deep understanding of the consequences of specific actions
- Hosted by cyber breach response experts from FireEye Mandiant
- Focused event for anyone working in leadership, security, legal, risk or communications
- Practical and engaging way to understand threats, risks and responses
Ransomware continues to be one of the most disruptive cyber threats facing organizations today and has been further underscored by the COVID-19 pandemic. Attackers have more aggressively pivoted their targets and tactics, techniques and procedures (TTPs) to broaden their impact to affect public infrastructure trickling down to individuals and their day-to-day lives.
In this latest episode of FireEye Chat, we’ll bring together Mandiant experts to further discuss:
• How ransomware has transitioned from business risk to national security risk
• The wider implications of ransomware in today’s environment observed from the frontlines
• How threat intelligence is vital in identifying trends and informing decisions that will help to better protect organizations
• Sandra Joyce, EVP, Head of Mandiant Threat Intelligence
• Kimberly Goody, Sr. Manager, Mandiant Threat Intelligence
• Charles Carmakal, SVP and CTO, Mandiant
The single most heated conversation during every incident response engagement has always been around the topic of remediation. When to remediate, what to remediate, how to remediate, should we remediate?
We can even take that a step back and ask ourselves “is it a technical question? a legal one? a business decision? Join our upcoming webinar during which we’ll analyse the topic from multiple different angles to understand why there’s no easy answer to the question and how to best deal with it depending on the specific context of the breach you’re dealing with.
Matt Shelton, Director, Technology Risk and Threat Intelligence, FireEye
The Expanding Attack Surface: How Continuous Validation Helps Protect the Supply Chain
Organizations are increasingly using third party providers to manage critical components of their infrastructure. The introduction of cloud services, managed service providers, and Software-as-a-Service (SaaS) has increased the size of an organization’s attack surface. A breach of proprietary and confidential information is just as impactful coming from the supply chain as it is from an organization’s infrastructure. Join Matt Shelton, Director, Technology Risk and Threat Intelligence, as he explains how intelligence-led validation can help tighten controls and reduce risk. In this webinar:
-Hear about the realities of today’s threat landscape, sophisticated attackers and the implications on managing your security stack and processes
-Learn how threat intelligence helps you take decisive action
-Find out how continuous validation helps you understand the true measure of your security
-Get insights into an actual use case where a company’s supply chain was breached to see how intelligence-led validation could have helped prevent it
Organisations value cyber threat intelligence (CTI) because it helps their security teams stay focused on, and stay ahead of, the most impactful threats. One of the critical strategic and tactical roles that CTI plays is in the tracking, analysis, and prioritisation of software vulnerabilities that could potentially put an organisation’s data, employees and customers at risk.
Join us to hear FireEye Threat Intelligence expert, Jamie Collier, as he shares:
• The importance of comprehensive CTI to drive better-informed vulnerability management decisions
• Insight into how FireEye tracks, prioritises and categorises vulnerabilities to help organisations more effectively manage and mitigate the risks associated with these potential threats
• The latest research findings around the speed and frequency of exploitation
This presentation will cover five major threat actors which Mandiant Consulting has seen during intrusions that it responded to in Europe. War stories, as well as unique techniques and malware used by the attackers will be covered by an incident response consultant who has worked on all of the engagements.
Red team assessments help organizations evaluate their readiness to defend against advanced attacks. They identify relevant weaknesses in current detection and response procedures that advanced threat actors routinely exploit to avoid detection, break in and complete their attack objectives.
This session reviews a red team case study in which an objective-based assessment involved emulating the activities of an advanced, nation state attacker across the entire attack lifecycle. Come learn valuable insights from how one organization dealt with genuine attack conditions.
Dan Caban, Manager Professional Services Consulting, Mandiant & Hussein Khalifa, Senior Consultant, Mandiant
Operationalising Cyber Threat Intelligence (CTI) helps mitigate risk by focusing people, processes, and technology on the threat activity that matters. Above all, it allows organisations to take a more proactive, structured, and holistic approach to security that reduces dwell time and shortens the time frame from detection to remediation. In today's dynamic threat environment, CTI it is critical to ensure you have an understanding of the adversaries you are hunting for and responding to.
Join us as we look specifically at how cyber threat intelligence can help improve computer network defence (CND) operations. Our experts will share:
• A review of FireEye’s Iranian relevant threat intelligence
• Case studies that:
•will provide examples of how Mandiant incident response consultants operationalise threat intelligence when responding to intrusions
• will examine how operators can pivot from intelligence reporting to high confidence alerting and targeted threat hunting
• Along with the MITRE ATT&CK framework to help decision makers improve their overall network security posture by prioritising security investments based on adversary capabilities
• How intelligence enhances your overall cyber security investment and places your operations ahead of the threat
Organisations today remain reliant on reactive, technology based, security solutions to protect their most valuable assets. The problem is that technology alone does not fully protect against a determined attacker.Unfortunately, it's difficult and costly to find, hire, train and retain security experts to protect against threats 24x7x365.
The shortage of cybersecurity workers continues to be a major concern. Unfilled cybersecurity jobs are expected to reach 1.8 million by 2022, up 20% from 1.5 million in 2015, according to the Center for Cyber Safety and Education.
FireEye Managed Defence is an expert driven managed detection and response service that provides 24 x 7 protection against threats, combining front line experience with industry leading technology and intelligence to detect threats early and help prevent a security incident.In this webinar, you'll hear from Billy Glynn, Principle Consultant, Managed Defence, as he discusses:
-The benefits of Managed Detection and Response (MDR)
-How Managed Defence can augment your security team
-A Day in the Life of a Managed Defence Consultant
-Hear real world examples and stories from the trenches
Do you know that on average, it takes up to two months before data breaches are discovered? And of these breaches, only 4% are actually investigated? This is because most of the time malicious actors are in systems blind and have to move slowly to minimize detection. Just imagine all of the potential data exfiltration, among other damage, that malicious actors can cause during this time. Reducing business risk and improving security start with controlling your internal environment and making people realize that security is everyone’s problem. Tackling the lateral movement is becoming crucial in addressing this risk from within your environment.
This webinar will discuss the following:
1.Introduction to Lateral Movement
2.Lateral Movement Techniques and tactics
3.Lateral Movement risks and impact
4.How to Defend and mitigate
5.How FireEye can help
Ransomware threat actors are upping their game along with their ransom demands, which are climbing into millions of dollars. Large organizations with significant security controls in place are still falling prey to the attackers' tactics. This session examines how ransomware has evolved, and more importantly, what you can do about it. Come learn how to can gain some control your next ransomware experience.
Matt Keane, Principal Consultant at FireEye Mandiant, & Jennifer Guzzetta, Product Marketing Manager at FireEye Mandiant
Most C-suite leaders believe their investment decisions in security risk management is not keeping up with the new and heightened levels of cyber risks. This is often due to their use of the decade old, top-down approach in leveraging risk models, which leaves gaps between attacker and defender behaviors.
Transformation of your risk management processes, plus the people behind them, can solve for this.
Aligning your organization’s security efforts with the risk appetite of data owners and business leaders must become a priority.
This webinar spotlights a transformational model that operationalizes security risk management to improve and optimize decision making by:
•Identifying challenges in your current cyber risk management program
•Establishing a modern cyber risk management strategy
•Shifting the players and processes involved in your cybersecurity decision support
•Integrating risk management priorities across the entire security function
•Monitoring progress with the right kind of security metrics
Join Matt Keane, Principal Consultant at FireEye Mandiant, for his expertise on transforming your security risk management approach by bridging the gap between vital security teams and improving their decision making.
A recent SANS study showed that while organizations used threat intelligence to hypothesize where attackers may be found, they lack the investigative skills to conduct searches. This continues to be a growing problem in the cyber security industry as organizations struggle to justify the high-cost of their defences.
We make significant investments to justify our methods of stopping evil. However, we rarely spend time in measuring our methods or investments. Instead, we rely on assumptions to guide our decisions and justify our judgements. In this session, we will explore real world data and dive deep into the performance of cybersecurity controls across enterprise networks; from email, endpoint, network to cloud-based controls and examine some alarming results. As organizations continue to struggle to justify the high-cost of their defences, Security Validation provides a solution to validate, consolidate, recoup and maximize the value from existing investments.
John Hurley, Solutions Architect EMEA, FireEye & Thomas Scriven, Senior Mandiant Consultant
For the last several years, organisations around the world have been moving applications and services to the cloud at an increasing pace. Despite this investment, many organisations fail to fully understand the security controls they have at their disposal and fail to effectively harden their cloud environments against attack. As a result, FireEye experts have observed a significant rise in cloud-related breaches driven by both targeted and opportunistic threat actors over the past several years.
In this session, FireEye, EMEA Solutions Architect John Hurley shares lessons learned from real-world incident response experiences, as well as identifying some common pitfalls, whilst also providing best practices for organisations to harden their cloud environments and reduce the risk of compromise.
FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 7,700 customers across 67 countries, including more than 50 percent of the Forbes Global 2000.