Name: Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Start: 2015-05-28T15:00:00Z
End: 2015-05-28T15:59:03.000Z
Location: BrightTALK
Rating: 4.2

The leading provider of business-driven security management solutions, AlgoSec helps the world’s largest organizations align security with their business processes. With AlgoSec users can discover, map and migrate business application connectivity, proactively analyze risk from the business perspective, tie cyber-attacks to business processes and intelligently automate network security changes with zero touch - across their cloud, SDN and on-premise networks. Over 1,800 leading organizations, including 20 of the Fortune 50, have utilized AlgoSec’s solutions to make their organizations more agile, more secure and more compliant - all the time. Since its inception, AlgoSec has provided the industry’s only money-back guarantee.

The advanced security features of public clouds are clear. But when it comes to maintaining security, things get murky.

Organizations must share the burden of network security—Amazon Web Services’ (AWS) cloud framework may be secured by AWS, but secure deployment and operation fall on the end user’s CISOs and IT personnel.  

Join our live webinar, as Yonatan Klein, AlgoSec’s Director of Product, and Ram Dileepan, Amazon Web Service’s Partner Solutions Architect, will share best practices for network security governance in AWS and hybrid network environments.

Amazon Web Services & AlgoSec | Security in Hybrid Networks: A Joint Operation

No organization is immune to ransomware. 

We are constantly experiencing a rise in ransomware attacks, targeting everyone from small companies to global enterprises. 

So how do you protect your network from such attacks? Join our discussion with AlgoSec CTO and Co-Founder Prof. Avishai Wool, and Guardicore CTO Ariel Zeitlin, to discover how micro-segmentation can help you reduce your network attack surface and protect your organization from cyber-attacks.

Topics:
  1.	Why It Matters: Understand micro-segmentation’s critical role in fighting ransomware and cyber threats
  2.	Micro-Segmentation Miscalculations: Avoid common mistakes when implementing micro-segmentation projects
  3.	Finding Connections: Discover applications’ connectivity requirements across complex network environments.
  4.	Accurate Writing: Write precise micro-segmentation filtering policy within and outside the data center

Fighting Ransomware with Micro-segmentation | CTO Round Table

As time goes by, once effective firewall rules can become outdated. This results in bloated security policies which can slow down application delivery. Therefore, best practice and compliance requirements calls for rule recertification at least once per year.

While rule recertification can be done manually by going through the comments fields of every rule, this is a tedious process which is also subject to the weaknesses of human error. Automation can simplify the process and help determine which rules are still necessary, if done right.

Join security experts Asher Benbenisty and Tsippi Dach to learn about:

· Rule recertification as part of application delivery pipeline
· The importance of recertifying rules regularly
· Methods used for rule recertification
· The business application approach for rule recertification

Play by the Rules: Automation for Simplified Rule Recertification

You’re always making changes to your network—commissioning and decommissioning servers, moving data to and from the cloud, revising connectivity policies, or swapping business applications.

But while you’re adapting your network at full speed, you may be running blind in the face of security.

In this webinar, Prof. Avishai Wool, AlgoSec Co-Founder and CTO, and Yoni Geva, AlgoSec Product Manager, will demonstrate how to leverage application visibility to make necessary changes without causing outages, opening firewall backdoors, or leaving your network vulnerable to inside and outside threats.

Join us live, and learn how to:
  •  Associate business applications with security policy rules
  •  Identify relevant network traffic for each application
  •  Expose hidden risks and vulnerabilities in your applications
  •  Match compliance violations with the relevant business applications
  •  Improve troubleshooting by identifying affected applications
  •  Develop superior app documentation across your network

Stop Running Blind. Expand Your Security Vision with Application Visibility.

Are you maximizing the capabilities your Juniper solutions offer? In this webinar, Max Shirshov explores securing homogeneous and multi-vendor network with intelligent automation.

Join to learn how to assess risk and audit the firewall estate for regulatory compliance, address security breaches caused by misconfigured network devices, and provide fast and efficient change management utilizing the AlgoSec Security Management solution for your Juniper devices.

You’ve invested in Juniper. It’s time to expand its potential and maximize your ROI with AlgoSec.

Topics:
   1.	Full Visibility: Gain complete visibility into your Juniper-estate as well as multi-vendor and hybrid networks
   2.	Intelligent Security: Push security policy changes to your Netscreen and SRX firewalls, MX routers and Juniper Space, other vendors’ security devices, and SDN and public clouds
   3.	Automated Alignment: Automate application and user-aware security policy management, and ensure your Juniper devices are properly configured
   4.	Assess Risk, Stay Compliant: Ensure risk-free operation and regulatory compliance across your entire enterprise environment

Optimize Your Investment with Intelligent Network Security Automation

It’s time to call out network misconfigurations for what they really are: Potentially fatal security flaws.

Firewall misconfigurations cause 99% of all successful breaches, according to Gartner, and they hold a worrying sixth place in OWASP’s Top 10 Web Application Security Risks.

In this illuminating webinar, Avivi Siman-Tov illustrates how an incorrect keystroke can open far-reaching security holes. Learn how firewall misconfigurations create backdoors for cybercriminals, impact audits, and bring business to a standstill—and most importantly, learn how to avoid it all.

Step 1: Understand and map your entire network before making a change
Step 2: How to proactively assess the impact of a change to your entire network
Step 3: Maximize the capabilities of network management automation to avoid common misconfigurations
Step 4: Know the common mistakes in network security changes, and how to avoid them

Burning Down the House: Avoiding the Danger of Firewall Misconfigurations

Your network extends into hybrid environments. It may include private clouds running Cisco ACI as well as on-premises devices.

Needless to say, managing network security policies in your multi-vendor estate is complex.

The good news is, building centralized management of your entire network isn’t impossible. In this webinar, Roxana Diaz from Cisco and Yonatan Klein from AlgoSec will discuss how to manage the Cisco and multi-cloud estate and explain how to unify, consolidate, and automate your entire network security policy management across your infrastructure.

Topics:
   1.	Centralize visibility, automation, and compliance monitoring in your Cisco and multi-vendor network ecosystem
   2.	Oversee your entire hybrid network estate, including items in and outside the Cisco ACI security environment, Cisco firewalls and routers, and multi-vendor devices
   3.	Leverage Cisco Secure Workload (formerly Cisco Tetration) and AlgoSec’s Intelligent Discovery to see network and app traffic from a bird’s-eye view, and provides a fitting micro-segmentation network policy
   4.	Unify, consolidate, and automate your network security policy management
   5.	Proactively assess risk throughout your entire network, including Cisco ACI contracts, and adapt to eliminate misconfigurations and compliance violations

App-Driven Security Across Your Hybrid Network

You use multiple network security controls in your organization, but they just don’t talk to each other. 

And while you probably get alerts from SIEM solutions and vulnerability scanners, responding to them feels like a never-ending game of whack-a-mole. 

If you’ve had enough of manual policy changes but security concerns are holding you back from automating policy change management, this webinar is just for you.   

Learn how to transform your network security policies without replacing existing business processes -with enterprise-wide change automation.  

*  AlgoSec security expert Avivi Siman Tov will guide you how to: 
*  Increase agility, accelerate incident response, and reduce compliance violations and security misconfigurations. 
*  Automate security policy changes without breaking network connectivity. 
*  Analyze and recommend changes to your network security policies. 
*  Push network security policy changes with zero-touch automation to your multi-vendor security devices. 
*  Maximize ROI of your existing security controls by automatically analyzing, validating, and implementing network security policy changes.

Quick guide to change automation: Turning network security alerts into action

When malware finds its way into your multi-connected network, micro-segmentation is a sure way to prevent it jumping from system to system. But micro-segmentation isn’t employed nearly as much as it should be, mostly because its implementation is hugely complicated.

If this sounds familiar, this technical webinar is for you. Join Jothi Prakash Prabakaran from Cisco, and Yoni Geva from AlgoSec, as they lay out a step-by-step micro-segmentation strategy. Watch as they demonstrate granular, micro-segmented policies enforced on workloads with Cisco Tetration, and enterprise-wide, coarse-grain policies delivered through AlgoSec Network Security Policy Management.

Topics:
   1.	Know Your App: Better micro-segmentation strategy through better application understanding
   2.	Know the Facts: Validate the accuracy of your micro-segmentation policy
   3.	Enforce Policy: Implement granular policies on workloads, summarized policies network-wide
   4.	Close the Gaps: Tighten workload and network security through risk and vulnerability analysis
   5.	Mitigate Risk: Identify and manage compliance and security risk in your micro-segmented environment

Comprehensive Micro-Segmentation Strategy

Episode 3 of Keeping Up-to-Date with Your Network Security

Micro-segmentation allows you to isolate workloads, and secure them individually. In a world
that relies on computerization and automation, and in a world full of sophisticated cyber
criminals, micro-segmentation is key for tightening your network security. The ability to
tighten internal processes and procedures allows you to minimise the risk of threats, and
also target breaches before they can disrupt your network.

However, many businesses approach micro-segmentation in the wrong way, which can
cause issues for multiple layers of your security. For example, not having efficiently trained
staff, failing to map out existing application flows and failing to set up a firewall policy before
beginning the process of micro-segmentation are all common challenges and mistakes
made by security professionals on their micro-segmentation journey.

Given the benefits of a micro-segmentation strategy, it is worth understanding how to
navigate these common challenges, and move towards a more consolidated, secure
network.

In this session, we will discuss:
- What micro-segmentation is and what it can do for your network
- Why we need micro-segmentation now more than ever
- The common mistakes made when implementing micro-segmentation, and how to avoid
these common errors

Rescuing Your Network with Micro-Segmentation

You may use multiple network security controls in your organization, but chances are, they’re not talking to each other. And while you probably get alerts from SIEM solutions and vulnerability scanners, responding to them feels like a twisted game of whack-a-mole.

So, if manual, error-prone changes are insufficient for your multi-device, multi-vendor, and heterogeneous environment network landscape, what’s the solution?

Simple: Network security change automation.

In this webinar, Dania Ben Peretz, Product Manager at AlgoSec, shows us how enterprise-wide change automation can transform your network security policies—without replacing existing business processes:

   1.	Comprehensive Change Automation: Increase agility, accelerate incident response, and reduce compliance violations and security misconfigurations
   2.	Smarter Security, Part 1: Automate security policy changes without breaking core network connectivity
   3.	Smarter Security, Part 2: Analyze and recommend changes to your network security policies
   4.	Smarter Security, Part 3: Push network security policy changes with zero-touch automation to your multi-vendor security devices
   5.	Use What You’ve Got: Maximize ROI of your existing security controls by automatically analyzing, validating, and implementing network security policy changes

Change Automation Changes Your World: Turn Network Security Alerts into Action

If you still have Cisco Nexus 7000 devices in your environment, surely you have been inundated with end-of-life warnings and next-gen messaging touting the benefits of upgrading to Nexus 9000 with Cisco ACI. 

We know, modernizing your infrastructure can be a real pain, but with change also comes opportunity! 
 
Find out in this session how to leverage your Nexus refresh to increase your efficiency and productivity, and reduce security concerns at the same time. 
 
Join us on Wednesday, June 9 at 9 AM PST | 12 PM EST.
 
AlgoSec’s Jeremiah Cornelius, along with Cisco’s Cynthia Broderick, will guide you on how to:
 
•	Migrate your current Nexus flows to ACI using your preferred mode – network or application centric.
•	Remove vulnerabilities caused by human error via automation of network change processes.
•	Instantly identify and remediate risk and compliance violations.
 
Can’t make it in person? Sign up and we’ll send you the recording when it’s over.

Migrate & modernize: Supercharging your Cisco Nexus refresh with ACI

Episode 2 of Keeping Up-to-Date with Your Network Security

There is a lot of value in moving enterprise applications onto the cloud. These benefits range from security and data protection and business agility, to financial benefits and faster time to markets. However, efforts can sometimes be misplaced, which causes disruption to the network and leaves you with inadequate security and compliance measures. Cloud network security is made up of multiple layered security, and before making the decision to use enterprise applications in the cloud, you must thoughtfully consider the variety of security controls you will use to secure your data. 

So, how can you elevate digital transformation and cloud migration efforts, without neglecting your security? Does it have to be one or the other, and if not, what steps should be taken in your transformation journeys to ensure that network security remains a priority?

Join us in this session to learn more about:
-  What is required to move the security portion of your application        
-  Challenges and solutions to lower the cost, better prepare for the migration and reduce the risks involved
-  How to enhance visibility, and why this is so important when modernising your infrastructure
-  How to unify your network security management across a hybrid and multi-cloud environment

How to Modernise Your Infrastructure Without Neglecting Your Security

As your organization adapts to virtual work arrangements due to new public health guidelines, your network security policies need to be reviewed and adjusted as more activities move to digital platforms and bad actors use this pandemic to launch new cyberattacks.  

Are your network security policies up to the challenge?  

In our live, interactive technical demo webcast, Jason Williams, Senior Sales Engineer, will show you how network security visibility is an important part of your security arsenal.  

Join the session to discover how to:   

Gain visibility of your multi-vendor devices and traffic flows throughout your entire network – on-premises and in the cloud.  

Ensure continuous compliance and reduce the effort needed to prepare for audits with out-of-the-box regulatory compliance reports.  

Visualize and map firewall rulesets.  

Identify and mitigate risky rules and provide intelligent recommendations to remediate the risks.  

 

Join the live demo webcast in the convenience of your home or office.

How to Gain Control of Your Network Security with Complete Visibility

Where enterprises invest heavily in network security solutions, but still struggle to close security gaps, micro-segmentation helps protect against the lateral movement of malware and minimizes the risk of insider threats. The concept has received plenty of fanfare as a possible security solution, but many IT security professionals still aren’t sure how to define it—let alone implement it—for their organizations.

In this webinar, Professor Avishai Wool, AlgoSec CTO and Co-Founder guide us through each stage of a micro-segmentation project, from developing the right strategy to effectively implementing and continually maintaining a micro-segmented network.

Topics covered in the webinar:
   1.	What Is Micro-Segmentation?
   2.	The Stages of Successful Micro-Segmentation
   3.	Common Pitfalls & How to Avoid Them
   4.	Policy Change Management & Automation in Micro-Segmentation

Micro-Segmentation: A Guided Tour from Strategy to Execution

Episode 1 of Keeping Up-to-Date with Your Network Security

Securing your data was once much simpler, and has grown more complex in recent years. In fact, the Covid pandemic has only revealed further weaknesses in tired security methods. As the workforce becomes more distributed, so does your data. Spreading your data across multiple public and private clouds complicates your network. While data used to sit behind lock and key in guarded locations, today’s data sits in multiple locations and geographies, and is made up of multiple public clouds, private clouds and other on-premises network devices. This is why managing your cloud journey can be tiresome and complicated. 

Enter cloud management. 

Cloud management enhances visibility across a hybrid network, processes network security policy changes in minutes, and reduces configuration risks. But how can you leverage your cloud management to reap these benefits? What does effective cloud management look like, and how can you achieve it when workloads, sensitive data, and information are so widely dispersed? 

In this episode we’ll discuss:
-  How to manage multiple workloads on the cloud
-  What successful security management looks like for today’s enterprises
-  How to achieve simple, effective security management for your hybrid network

How to Manage Your Cloud Journey

What if we told you that there were just six things that you can start doing to be more secure in your hybrid cloud environment? 

In this session, you’ll get clear insight on what you can do right away to tighten your hybrid cloud network security.  From visibility through network management, to risk and cleanup – security expert Omer Ganot will guide you through the steps to help you stay secure.

The 6 best practices to stay secure in the hybrid cloud

In our live, interactive technical demo webcast, Kyle Wickert, Worldwide Strategic Architect, will show you how network security visibility is an important part of your security arsenal.  
Join the session to discover how to:   
•	Gain visibility of your multi-vendor devices and traffic flows throughout your entire network – on-premises and in the cloud.  
•	Ensure continuous compliance and reduce the effort needed to prepare for audits with out-of-the-box regulatory compliance reports.  
•	Visualize and map firewall rulesets.  
•	Identify and mitigate risky rules and provide intelligent recommendations to remediate the risks.  
 
Join the live demo webcast in the convenience of your home or office.

A Day in The Life of AlgoSec's Application-Centric Approach To Policy Management

Ever wish you could get inside your QSA’s head before your next PCI audit? 
Join QSA Adam Gaydosh of Anitian, and Nimmy Reichenberg, VP of Strategy at AlgoSec to get the inside scoop on what QSAs are looking for when they audit you. Aimed at security and networking professionals, this webinar will provide insider tips and tricks to help you prepare for and pass your audit – wherever your credit card data is stored – and remain continuously compliant even if you’re breached.
 
Don’t miss the chance to hear about the pitfalls your colleagues have already faced, and how to make the audit experience less stressful, including: 
- Less is more: demystifying the scope of a PCI audit
- What’s in and what’s out: Segmenting your network for compliance
- Best practices for configuring your security infrastructure
- PCI in the public cloud – it’s not an oxymoron

Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective

security

firewall

audit

IT Security

Security Management

Network Security

Compliance

Risk Based Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective

Presented by

About this talk

More from this channel