Name: RASP has your WAF's back: Protect against zero days by default
Start: 2019-11-05T19:00:00Z
End: 2019-11-05T19:44:00.000Z
Location: BrightTALK
Rating: 0

Imperva is a leading provider of cyber security solutions that protect business-critical data and applications in the cloud and on-premises.

In a recent IDC study, 87% of organizations identified their businesses as well on their way to becoming digital first. Inevitably, there will be a surge in the growth of sensitive data and workloads to fuel new applications, services, and tools distributed across hybrid and multicloud environments that not only engage customers, but also increase business efficiencies.

If your organization is in this growth cycle, your IT and security teams will need to rethink the state of your data security strategy from multiple perspectives including preventing a breach, proactively planning to limit risk, and adhering to data privacy and industry regulations.

In this webinar, you will learn:
- Key considerations for building a multicloud data security strategy
- Best practices to extend data protection to all data no matter where it lives.
- How Imperva DSF is helping organizations like Discovery Inc. save time and resources by making it easier to get the visibility it needs to extend compliance requirements to cloud data.

Before concluding, the speakers will open the discussion to answer questions from the audience. All materials used in the webinar will be available for download after the webinar ends.

IDC Spotlight: Effective Multicloud Data Security Requires a Unified Approach

DDoS attacks were the cyber weapon of choice last year, used widely by hacktivists to disrupt governments and national security assets to create instability in the run-up to and during a turbulent time of conflict. 

The ransom DDoS issue was still prevalent in 2022. DDoS attacks continued to be leveraged as a threat by extortionists looking for a ransom payout, as a warning of a larger attack to come. 

Our research also shows several examples of accounts that have been targeted by a DDoS attack only to be hit by further attacks later, not limited to DDoS. One possible explanation is that the DDoS attacks served as a smokescreen for other malicious activity. 

The common theme running through each of these examples is that a DDoS attack appears to be a warning sign of worse to come. 

Join us to hear our guest speaker, David Holmes, Senior Analyst - Forrester, and Karl Triebes, SVP Product Manager and GM Application Security at Imperva, discuss the current DDoS threat landscape and how cyber attackers and hacktivists appear to be turning to DDoS attacks as part of a wider attack strategy.

The DDoS Threat Landscape 2023

Take Control of Your Cloud Data Security: Best Practices for Proactive Protection in Any Cloud Service

Looking to secure your cloud data but don't know where to start? Join our upcoming webinar and learn how to take a proactive approach to protect your data in any cloud service.

With cloud vendors providing a secure infrastructure and foundational set of security tools for data access control, it's up to you to use these tools and support them with necessary compliance and security business processes under a Shared Responsibility Model. But how can you ensure your data is truly secure and compliant?

Join cloud security expert and industry analyst, Richard Stiennon of IT Harvest, as he shares best practices and the essential elements of a data-centric enterprise cloud security framework. Alongside him, Imperva executive Terry Ray will lead an interactive discussion sharing real-world experiences of organizations like yours that have implemented and successfully managed secure and compliant cloud workload migrations.

In this webinar, you'll discover the attributes of the most common cloud data service types, which data security requirements are met by cloud-native tools, and how their capabilities can be augmented. You'll also learn how to avoid migration pitfalls and gain valuable insights from the experiences of real-world clients and customers.

Don't miss your chance to gain visibility and control over data repositories in private, hybrid, and multi-cloud environments. Register now for our upcoming webinar and take control of your cloud data security. 

All materials used in the webinar will be available for download after it ends.

Take Control of Your Cloud Data Security

Online retailers are getting ready for the holiday shopping season, but they're not the only ones preparing to make a profit.  Cyber attackers are gearing up to take advantage of consumers by targeting retail websites. This time of year sees an increase in Bot and DDoS attacks, as well as online fraud activity such as payment fraud and account takeover, which are a real threat to your business.

Join Imperva Director of Technology, Office of the CTO, Peter Klimek to find out how you can ensure peak performance of your web applications, and maximize online sales during the busiest time of the year for the retail industry.

The State of Security in eCommerce: The Rise of “Buy Now, Pay Later” Fraud (APJ)

Application modernization is the result of many digital transformation projects, but that journey can create security challenges. Third-party software and APIs are used to modernize application stacks and often integrate with older applications and data stores. To secure this application sprawl, industry analysts now consider Web Application and API protection (WAAP) products as the gold standard — protecting against vulnerabilities and malicious actors looking to gain access to your valuable data.

Join Imperva’s own, Peter Klimek Director of Technology, Office of the CTO, and Luke Babarinde, Principal Solution Architect, as they discuss why WAAP is the key to application security and API protection.

In this webinar, you’ll find out:
• Why the industry is changing its view of application security
• What to look for in an API Security solution
• API Security recommended best practices

Why WAAP: API Security and Application Modernization

2022 proved to be a year of global disruption on a variety of levels. As a result, IT professionals were forced to reprioritize their approach to cyber and data security quickly. With 2023 on the horizon, security leaders must continue adapting to the changing public health, political and technological landscapes impacting organizations’ data security strategy and posture.

Please join security experts from the Imperva Office of the CTO, Kunal Anand and Peter Klimek, who will provide key trends, insights, and examples to consider going into 2023:

• The new digital “normal” put greater reliance on microservices
• Digital transformation projects implode into data security liabilities
• Supply chain disruption becomes a playground for cybercriminals
• The ever-growing skills gap in cybersecurity
• The U.S. catches up with the world on data privacy

*Post any questions that you may have in the chat window on the webinar platform and we will get back to you after the replay.

Looking Forward in 2023 - Cybersecurity Trends and Predictions (APJ)

2022 proved to be a year of global disruption on a variety of levels. As a result, IT professionals were forced to reprioritize their approach to cyber and data security quickly. With 2023 on the horizon, security leaders must continue adapting to the changing public health, political and technological landscapes impacting organizations’ data security strategy and posture.

Please join security experts from the Imperva Office of the CTO, Kunal Anand and Peter Klimek, who will provide key trends, insights, and examples to consider going into 2023:

• The new digital “normal” put greater reliance on microservices
• Digital transformation projects implode into data security liabilities
• Supply chain disruption becomes a playground for cybercriminals
• The ever-growing skills gap in cybersecurity
• The U.S. catches up with the world on data privacy

Looking Forward in 2023 - Cybersecurity Trends and Predictions

Managing the security of APIs is one of the key business risks organizations face today as they accelerate the pace of digital transformation. Given the rise of importance for APIs as a business enabler; protecting APIs should be seen as a critical dimension of a strong application and data security strategy. Various application security tools provide a measure of protection against API abuse, but very few tools offer the right balance of visibility and protection that Security and DevSecOps teams require. 

Attend this session to learn about:
* The trends driving rapid adoption of APIs and the emerging risk surface 
 that results from an outdated API inventory
* Where application security fits in protecting APIs and reducing risks
* Which tools are best to cover each part of the OWASP API Top 10 
* A strategy to discover and classify every API, in and out of production

Hear from two industry experts on API Security and how APIs have become the lingua franca of the Internet today, and why businesses need to act quickly to prevent data breaches.

API Security: Demystifying Risks of the Next Big Attack Vector

Imperva’s Threat Research Team continuously analyzes data breaches in real time to help you secure data more effectively in your organization’s on-premise and cloud-managed infrastructures. 
 
In this webinar, we’ll present critical information on: 
 
- The types of data that are most frequently stolen 
- The profiles and tendencies of the four main types of cyberattackers
- The root causes of most breaches 
- Common mistakes most organizations make that lead to breaches and how to avoid them
- The steps you need to take now to make your organization a hard target and avoid a significant data breach

After the discussion the experts will hold an open Q&A session so you can ask questions most relevant to your situation. All session materials will be made available to attendees at the end.

Lessons Learned from Analyzing 100 Data Breaches

Imperva Sceneは、Impervaが提供する新しいバーチャルシリーズで、企業組織が日々直面する重要なセキュリティ課題に対して、30分以内でタイムリーな回答やソリューションをお届けします。

第３回目となるこのウェビナーでは、サプライチェーン攻撃について取り上げます。コモディティマルウェアと既知の脆弱性は依然として根強い問題ですが、オープンソースの組み込みライブラリやサードパーティのコードを経由した攻撃も増加しています。この30分のショートウェビナーではサプライチェーン攻撃の現代の脅威について分析、その対策について考察していきます 。

セッション 3 -  サプライチェーン攻撃の脅威から組織を守るために必要なことは ？

ウェビナーでカバーしている内容 : 
● サプライチェーン攻撃の現状5つ
● 一般的なソフトウェアセキュリティにおける課題
● セキュアSDLCのはじめかた、クライアントサイド攻撃とは
● Imperva RASP/ Client-Side Protectionデモンストレーション
● お客様事例紹介

Note: The webinar is conducted in Japanese.

Imperva Scene: セキュリティスペシャリストがお届けするミニデモセッション Vol.3 サプライチェーン攻撃対策 (Japanese)

As we enter into the new year 2023, one key priority for Critical Information Infrastructure (CII) operators to be mindful of, is the need to comply with the CCoP 2.0 (Cybersecurity Code of Practice for Critical Information Infrastructure) that came into effect on 4 July 2022 (to comply by 4 July 2023), issued by the Cyber Security Agency of Singapore (CSA).
 
With database security flagged as a key focus in CCoP 2.0, we invite you to join us in this webinar, where our subject matter expert would be diving into areas on:
 
• What does CCoP 2.0 & Database Security in Clause 5.13 means to you?
• How do you address & simplify Database Security compliance, specifically on:
o Unauthorized Database Access
o Privileged Account Database Access
o Excessive Database Query
o Detect Anomalous Database Activities

Webinar: Complying with CSA’s Cybersecurity Code of Practice (CCoP) 2.0

Imperva Sceneは、Impervaが提供する新しいバーチャルシリーズで、企業組織が日々直面する重要なセキュリティ課題に対して、30分以内でタイムリーな回答やソリューションをお届けします。

第2回目のミニデモセッションは、DDoS攻撃とサイバー脅威分析・レポーティングツールAttack Analyticsについてです。

近年Webアプリケーションを狙った攻撃ランドスケープは多種多様となっています。そのなかでもレイヤー3、4、7を狙った大規模かつ継続的なDDoS攻撃というものが増えています。今回の短いウェビナーでは近年のこれらDDoS攻撃の事例と傾向、そしてその対策方法の他、サイバー脅威分析・運用の課題、効果を向上させる、ImpervaのAttack Analyticsについてもご紹介します。

セッション 2:  DDoS攻撃対策と脅威分析のHow-To

このウェビナーでカバーしている内容 : 
• DDoS攻撃の種類と今日の課題
• サイバー攻撃分析のHow-To
• デモンストレーション
• お客様事例紹介

Note: The webinar is conducted in Japanese.

Imperva Scene: セキュリティスペシャリストがお届けするミニデモセッション Vol.2 DDoS/サイバー脅威分析 (Japanese)

In today’s fast-moving world, where everything is connected, a company’s data is and should be considered as valuable and easily transported as diamonds. 

There’s a perception in some companies that encryption, DLP, and access control are sufficient measures for safeguarding company data. While these are reasonable security practices to have, they are not a complete data security posture and can lead to a false sense of security. This webinar will assist you in understanding the pros and cons of various security measures like encryption, DLP, and access control software. 

During this webinar, we will cover some of the more critical questions that you should think about (and know the answers to) when you are evaluating your company’s security posture.

- What data does my company have and where is it located?
- Are there data sources that are more sensitive than others? 
- What types of data (structured, unstructured, and semi-structured) does my company have that should be protected?
- How can my company classify all this data rapidly?

Join Imperva and Partner subject matter experts: Imperva - Terry Ray SVP, Data Security GTM, and Field CTO; Fortanix - Dr. Richard Searle, VP Confidential Computing; Oracle - Bipin Mistry, Sr. Principal Product Manager - OCI; Ohalo - Kyle DuPont, CEO; as they discuss the above questions, as well as, what an effective and comprehensive data security posture should look like.

Why Encryption, Access Control are Not Enough Protection for Your Data (APJ)

Imperva Sceneは、Impervaが提供する新しいバーチャルシリーズで、企業組織が日々直面する重要なセキュリティ課題に対して、30分以内でタイムリーな回答やソリューションをお届けします。

そんな記念すべき第1回目のミニデモセッションは、Cloud WAFについてです。

Webアプリケーションは今や企業組織にとって、とても重要な役割を果たしています。しかしその貴重なデータ資産へのアクセスを試みてサイバー犯罪者は、世界中のあらゆる地域でWebアプリケーションの脆弱性を狙った攻撃を仕掛けています。

アナリストに評価され続けているImperva Cloud WAFのオールインワンセキュリティなら、様々なWebアプリケーションを狙ったサイバー脅威から大事なデータを守ることができます。

セッション 1: 9年連続Gartner社にリーダーポジションと評価されるImperva Cloud WAFとは？ 

このウェビナーでカバーしている内容 : 
• Cloud WAFで守れること&今日のWebアプリケーション攻撃の種類
• Cloud WAF機能紹介、特徴
• Cloud WAFデモンストレーション
• お客様事例紹介

Note: The webinar is conducted in Japanese.

Imperva Scene: セキュリティスペシャリストがお届けするミニデモセッション Vol.1 Cloud WAF (Japanese)

Join us to hear a dynamic conversation between Imperva’s Chief Technology Officer and Chief Customer Officer, as they share real-world digital transformation stories from our customers. 

Find out how other companies have overcome their cybersecurity challenges with Imperva technology. This is one webinar you won’t want to miss!

Win with Imperva

Application security that only consists of Web Application Firewall protection does not deliver sufficient protection in today’s threat landscape. Industry analysts now consider Web Application and API protection (WAAP) as the best practice in protection against vulnerabilities and malicious actors.  However, moving from WAF to WAAP might seem daunting.

Join Peter Klimek Director of Technology, Office of the CTO, and Luke Babarinde, Principal Architect, as they discuss why WAAP is the modern way to think about application security and how to adopt this into your security strategy.

Attend this session to understand:
• Why the industry is changing its view of application security
• What the table stakes are for protecting your web applications and APIs in this ever-changing threat landscape
• The expanding role of WAF services in your security strategy

Why WAAP: Advanced Application Security Replay (APJ)

With nefarious actors constantly evolving their tactics, leading companies should adopt a layered defense approach to mitigate their risk of exploitations. On the edge, WAFs provide the first line of defense against things like bot attacks, DDoS, ATOs and known technical attacks. RASP sits within your app protecting against known and zero day vulnerabilities in your code - with no signatures and no learning mode.

Join Drew Roy and Andrew Johnson from the RASP Product team at Imperva to learn how adding RASP to your existing WAF strengthens your security posture and lower your overall risk.

RASP has your WAF's back: Protect against zero days by default

DDoS

Security

Security Analytics

DevOps

Bots

Vulnerabilities

Zero Day Threats

Vulnerability Management

Risk Mitigation

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

RASP has your WAF's back: Protect against zero days by default

Presented by

About this talk

More from this channel