Name: Malware Maelstrom: Guarding Against the Return of APT10 and its Subsets
Start: 2021-04-13T11:00:00Z
End: 2021-04-13T11:00:45.000Z
Location: BrightTALK
Rating: 0

Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix’s security experts, along with an extensive partner ecosystem, accelerate technology innovation through data science and automation to empower over 40,000 business and government customers. More at www.trellix.com.

Organizational data lakes have become a critical component in modern business operations, but they also present significant security challenges. While most organizations focus on collecting and centralizing their data, they often struggle to detect and investigate potential threats within that data. This is where Trellix and AWS come in.
 
In this live webinar, you'll learn how Trellix and AWS are helping organizations apply detection and investigation logic to their data lakes to identify and respond to potential security threats. Our experts will share their insights on how to gain visibility into the various business app data, infrastructure logs, endpoint traces, and other massive data sets that are typically housed in data lakes. You'll also hear about the latest advancements in threat hunting techniques and how to leverage them to improve your data security posture.
 
Join us for an engaging session with experts from Trellix and AWS, and discover how to effectively address the security challenges of managing data lakes. You'll also have the opportunity to learn from real-world examples of organizations that have successfully implemented Trellix and AWS solutions to enhance their data security measures.

Security Data Gravity: Visibility and Threat Detection for Your Data Lakes

Email remains the most successful attack vector. Over 91% of cyberattacks begin with spear phishing and can be highly targeted and customizable. Only one email needs to be compromised to gain access to an enterprise's network and valuable data.
Your email security should protect against the most dynamic threats. Join this webinar to discover how Trellix Email Security uses the industry's most comprehensive set of detection engines to keep your email environment safe—on-premises or in the cloud.

Email Security for Tomorrow

In the last decade, enterprise data has exploded across all sectors.   Enterprise data has grown enormously, and organizations must not only manage data, but also deal with the perimeters of the traditional physical boundaries of a network that have disappeared with more employees than ever working remotely.  

With more data to track, classify, and store, that also means more data to protect. This task has become increasingly difficult due to sheer data volume as well as limited visibility, organizational silos, and changing compliance needs.  A data loss prevention solution is vital to secure data, protect intellectual property and stay compliant with regulations.

Our agenda will cover the following topics:
• Understand the pillars of Trellix Data Protection ((the why's and the fundamentals behind preventing data loss)
• Understand Common use cases
• Learn more about the solution
• How to use Trellix Data Loss prevention to get some quick wins on your journey to implementing a Data Prevention Program

Not able to join the live session?   Register anyway to receive the recording link, presentation slides and Q&A that you can view on-demand. 

Need help registering or have questions?   e-Mail Juliet Huffman @ Juliet.Huffman@trellix.com.

Prevent Data Loss and Ensure Compliance with Trellix Data Protection Solutions

En el último informe de Trellix Threat Labs, se proporcionó detalles sobre la evolución del ciberdelito, tendencias sobre amenazas a la infraestructura crítica y del correo electrónico, además de investigaciones sobre vulnerabilidades encontradas en sistemas de control de acceso, riesgos
exclusivos de la atención médica y los servicios comerciales se han convertido en el principal objetivo de los ataques de ransomware.

Informe Trellix: La ciberseguridad fue más una evolución que una revolución

Entendería  que  todos  estamos  de  acuerdo  que  las  amenazas  pueden  tomar  muchas  formas,  pueden  provenir  de  todas  partes  y  posiblemente  cada  organización  lo  aborda  de   manera   diferente   en   función   de   sus   necesidades, industria y entorno.Con  la  omnipresencia  del  intercambio  de  archivos,  las  organizaciones  enfrentan  aun  mayores   riesgos,   cuando   alguien   intenta   intencionalmente  infectar  una  red  con  un  archivo    malicioso,    o    bien    un    usuario           comprometido  puede  estar  compartiendo  un archivo que no sabe que es malicioso.

La detección de contenido malicioso es un enfoque eficaz en la nube

Imagine if you could get ahead of your adversaries through comprehensive threat insights and customized prescribed prevention guidance. Join us to learn how MVISION Insights intelligently augments endpoint security to proactively protect against threat campaigns. With advanced modeling to predict future trends, Trellix is the FIRST and ONLY proactive endpoint security solution that can show you what's coming, if you're protected, and if not, prescribe what is needed to ensure adequate endpoint protection against these threats.

About our speakers: 

James Jaggers
 
Originally from Sacramento, California, Jimmy Jaggers has been with Trellix for over a year and has been in the security space since 2020. He manages accounts for customers in the North Texas area after relocating to Dallas. His passion for security has helped lead customers effectively and efficiently to their desired outcome.
 
Kyle Long
Masters Degree from Regis University
Account Executive GHE US, Commercial 
 
Commercial Account Executive excited to help business and clients secure their data in this post COVID new normal. Working for Trellix, we have combined McAfee and FireEye's best attributes to move forward as a new company. Currently, living in Oregon with my wife and two little boys.  

John Kim

John Kim has more than 20 years combined experience in Information Technology and Information Security. He has worked for several Fortune 50 companies and has a myriad of experience in working with small, mid and very large networks (250K+). John was hired by Trellix (formerly McAfee Enterprise) as a Sales Engineer and has been with us for over 12 years.  He has a broad knowledge of our endpoint, network and cloud security solutions.

Get Ahead Of Your Adversaries

As ameaças evoluíram, mas a segurança não. Até agora. As ameaças cibernéticas estão mais dinâmicas e sofisticadas. As soluções estáticas e isoladas simplesmente não são suficientes para manter as empresas protegidas. Ter um sistema de detecção e resposta expandida é de extrema relevância para que se priorize as ameaças reais e se alcance o desempenho desejado na hora de correlacionar e investigar dados com a intenção de detectar possíveis vulnerabilidades. Um ecossistema vivo e de aprendizado que se torna mais forte, mais inteligente e mais ágil a cada dia.

Dê vida à sua segurança!

En un mundo global y digitalizado en el que esta inmerso el sector financiero, se debe desarrollar capacidades para anticiparse a las amenazas, absorber los impactos de los adversarios y responder de forma rápida y flexible para asegurar que los servicios transaccionales puedan continuar con la actividad normal. La ciber-resilencia se perfila para anticipar, resistir, recuperarse y evolucionar para mejorar las capacidades ante condiciones adversas.  Acompáñenos durante esta sesión  a conocer como la ciber-resiliencia permite que una organización se prepare para mejorar los aspectos que protegen y mantienen el servicio del negocio.

Ciber-resiliencia en un entorno financiero dinámico

The cloud brings the promise of accelerating business, increasing access to data and enabling remote capabilities, but it comes with unique risks. We’ve responded to many cloud breaches and protect customers in very unique cloud configurations. We’ve seen that small mistakes can have a critical impact, and we’ve learned what it takes to build a secure cloud. 

There is a right and wrong way to defend cloud infrastructure, containers and software-as-a-service, and with vulnerabilities like Log4j coming to light, it's more important than ever.

Join the discussion to learn the five crucial differences between a secure, defensible and resilient cloud environment and one that my (already) be compromised. From ransomware and supply chain to zero days and zero trust, we will discuss how to secure the cloud you need for your specific environment.

Presented by Martin Holste, Cloud CTO, FireEye

How to Avoid The Top 5 Cloud Security Mistakes and Defend Against Log4j

To protect against advanced threats, organizations need to integrate their security and apply the right expertise and processes. FireEye Helix - the FireEye XDR management and monitoring platform - is a SaaS security operations platform that allows organizations to take control of any incident from detection to response.

Helix Detect is for customers who want superior detection and response, without the overhead of a full SIEM and SOAR.

With an easy-to-use interface that helps reduce time between security threats and response, Helix Detect provides peace of mind to customers - protecting their business from the most advanced threats, including Ransomware, Phishing, and Targeted (APT), so they can focus on what matters most - running their business.

Register now to discover all the new features!

Tech Talk: FireEye Helix Detect paves the way for XDR

Given their nature, zero-day attacks are inherently unpredictable to prepare for and defend against, offering the path of least resistance for threat actors. Because security teams are improving protections against threat actors, these actors are adapting to sneak attack, or engineered, methods, particularly targeting remote workers and OT environments. Now more than ever, everyone has an important role in strengthening the kill chain. Organizations are encouraged to support these efforts wherever possible. In addition to adopting new guidelines, they should look to partner with cybersecurity vendors that participate in industry alliances and work closely with government agencies and law enforcement, as these alliances allow them to further align cybersecurity forces to defeat adversaries. Shared data and collaboration can enable more effective responses and better predict future techniques to deter adversary efforts. Join our conversation to discuss how organizations can mitigate zero-day attacks by cultivating a culture of cybersecurity; building trusted partnerships with law enforcement, government agencies and solution providers; and taking a Zero Trust approach with automated detection and AI.

Everything Is Connected: The Role We All Play in Stopping Zero-Day Attacks

During this session, a Mandiant Consultant will share his experiences while working on the development of security metrics plans with organizations of different size, region, and industry vertical. 

He will discuss typical scenarios affecting metrics requirements, and present a metrics framework to address the security needs of a sample organization.

Expert’s Talk: Executive Security KPIs and Dashboarding

To protect your cloud infrastructure, you need to be able to actively monitor files for the presence of malicious content. FireEye Detection On Demand is a threat detection service that uncovers harmful objects in the cloud.   FireEye Detection On Demand delivers flexible file and content scanning capabilities to identify file-borne threats in your cloud, SOC, SIEM or files uploaded to web applications.   The discussion will drive us around:   - How does it work? - Why is it different? - What is the added value for your business? - A demo  Register now!

Tech Talk: FireEye Detection On Demand helps you detect malicious threats

The professionalisation and commoditisation of the cybercriminal ecosystem continues to evolve. This has amplified the threat posed by cybercrime and particularly ransomware operations. We explore the development of cybercriminal communities over time and what it means for organisations today. You will gain an understanding of not just how cybercrime has matured, but also what to do about it.
 
·  How ransomware operators are increasingly specialising in specific components of the attack lifecycle.
·  The difficulties of attribution in the context of an increasingly agile and dynamic cyber criminal ecosystem.
·  The challenges that today's ransomware operations pose for both security functions and threat intelligence teams.
·  Common attack vectors used by ransomware groups.
·  Lessons learned from FIN12 - Mandiant’s most recently graduated threat actor.

The Evolution and Commoditisation of the Cybercriminal Ecosystem

In part three, the last part of our webinar series for "FireEye XDR: Bringing New Meaning to Extended Detection and Response", we discuss how to reduce the security complexity of modern corporate IT infrastructure.  

The strengths and limitations of SIEM, SOAR and EDR solutions are detailed to illustrate the need for and value of XDR in an organization’s cyber environment. 

Register to learn how FireEye XDR platform can improve your security posture.

Refer to the attachment section of this webinar, to register for previous or upcoming parts of this webinar series "FireEye XDR: Bringing New Meaning to Extended Detection and Response".

Part 3 | FireEye XDR: Moving Beyond the Limits of SIEM, SOAR, and EDR

In part two of our webinar series for "FireEye XDR: Bringing New Meaning to Extended Detection and Response", we discuss how FireEye relentlessly protects its customers against major cyber threats. Our frontline human expertise and intelligence helps you prioritize risks, guide responses and accelerate security operations. 

Register to learn how FireEye XDR can simplify threat detection, investigation and incident response. 

Refer to the attachment section of this webinar, to register for previous or upcoming parts of this webinar series " FireEye XDR: Bringing New Meaning to Extended Detection and Response".

Part 2 |  FireEye XDR: Born from Frontline Intelligence

According to ESG research, many organizations plan to increase investments in threat detection and response this year. Unfortunately, this is because current threat detection and response strategies aren’t working well, so security operations center (SOC) teams need improvement across people, process, and technology.
Recognizing the myriad of issues with threat detection and response, security technology providers are pushing new technology solutions dubbed eXtended Detection and Response or XDR. These tools are designed to address many of today’s technology issues with an integrated security architecture, advanced analytics, and simplified operations. Sounds great, but users remain confused about what XDR is and where to start.
In this webinar, Jon Oltsik, Senior Principal Analyst and Fellow, at the Enterprise Strategy Group (ESG) and Robert Kusters, Senior Product Marketing manager at FireEye will discuss:
• What is XDR?
•	Which are the most important attributes of XDR?
•	What your organization should be doing right now to start its XDR implementation

Register today!

ESG & FireEye - The future of XDR is Now!

For many decades now, emerging threats have put organizations at risk. As the IT landscape evolved and threat actors found new ways to attack, security teams needed to find new ways to detect and respond to threats. While security tools such as SIEM, SOAR and EDR technologies all have their benefits, organizations must look beyond the limits of these offerings to extended detection and response (XDR).

FireEye XDR protects organizations though unmatched detection, protection and response technologies delivered through an extensible cloud-based platform. By simplifying and correlating incident data across the entire security stack, FireEye XDR applies frontline intelligence and analytics to help you find and resolve the threats that matter most.

Join us for a webinar series on FireEye XDR, where we will cover how XDR security came about, why FireEye’s take on XDR is focused on security outcomes, and how we have been delivering on this for years.


Register for all parts of this webinar series:

Part 1| Understanding XDR Security 
August 25, 2021 at 10am PT | 1pm ET

Part 2| FireEye XDR: Born from Frontline Intelligence 
September 1, 2021 at 10am PT | 1pm ET

Part 3| FireEye XDR: Moving Beyond the Limits of SIEM, SOAR, and EDR
September 8, 2021 at 10am PT | 1pm ET

Part 1 | FireEye XDR: Understanding XDR Security

In 2020, during an incident response engagement, FireEye Mandiant stumbled upon APT10 for the first time since the U.S. indictments against the group in late 2018. Upon re-discovery and identification of the group’s new and evolved tooling, FireEye Mandiant determined that other previous incident response engagements that were largely unrecognized had likely featured APT10.

This presentation will take a deep dive look into: 
●	How FireEye Mandiant re-discovered APT10 and the threat actor’s new malware and updated tools
●	The difficulties in conducting malware-based attribution and possible subsets of APT10 
●	How organizations can spot this threat group and what defensive steps to take

Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15.  https://virtualsummit.fireeye.com/

Malware Maelstrom: Guarding Against the Return of APT10 and its Subsets

Cyber Attacks

Cyber Crime

Cyber Defence

Cyber Intelligence

Security Awareness

Security Breach

FireEye

Mandiant

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Finance

Get powerful insights to run your business. CEOs, CFOs, CMOs, COOs, CTOs and CIOs are among the leaders in this community who connect with peers and experts to grow their businesses.

CxO Strategy

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Malware Maelstrom: Guarding Against the Return of APT10 and its Subsets

Presented by

About this talk

More from this channel