Hi [[ session.user.profile.firstName ]]

A Red Teaming Case Study

Red team assessments help organizations evaluate their readiness to defend against advanced attacks. They identify relevant weaknesses in current detection and response procedures that advanced threat actors routinely exploit to avoid detection, break in and complete their attack objectives.
This session reviews a red team case study in which an objective-based assessment involved emulating the activities of an advanced, nation state attacker across the entire attack lifecycle. Come learn valuable insights from how one organization dealt with genuine attack conditions.
Recorded Jun 11 2020 42 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Vivek Chudgar, Sr. Director - Mandiant Consulting
Presentation preview: A Red Teaming Case Study
  • Channel
  • Channel profile
  • Validate Security Performance to Rationalize Investments Sep 29 2020 9:00 am UTC 51 mins
    General Earl Matthews, VP of Strategy for Mandiant Security Validation
    Security assumptions do not equal security effectiveness. With increasing pressure on boards of directors and CEOs to provide evidence that business assets are protected from the fallout of a potential breach, the need to justify security investments is now a key performance metric. Only through security validation and continual measurement of security effectiveness across technology, people and processes can you rationalize cyber security investments and prove value to the C-suite.

    In this session, led by General Earl Matthews, VP of Strategy for Mandiant Security Validation, you can learn:

    - Best practices for investment prioritization when it comes to hiring, training and security solution procurement
    - How security validation testing can identify areas of overlap in capabilities, inefficiencies in product expectations, and gaps in overall security posture, and help you optimize performance and value
    - Steps to take to strengthen your security posture and minimize cyber risk in order to protect your brand reputation and economic value
  • Dicas de Segurança na Nuvem para Ambientes Multi-Cloud Recorded: Jun 17 2020 62 mins
    Arthur Cesar Oreana, Brazil Sales Leader
    Nos últimos anos, organizações em todo o mundo vêm transferindo aplicativos e serviços para a nuvem em um ritmo crescente. Apesar desse investimento, muitas organizações não conseguem entender completamente os controles de segurança que têm à sua disposição e não conseguem proteger efetivamente seus ambientes de nuvem contra ataques. Como resultado, a Mandiant observou um aumento significativo de brechas e violações relacionadas à nuvem, impulsionadas por atores de ameaças direcionados e oportunistas.

    Neste seminário online compartilharemos as lições aprendidas da experiência da Mandiant em respostas a incidentes, identificaremos algumas armadilhas comuns e forneceremos práticas recomendadas para que as organizações reforcem seus ambientes de nuvem, a fim de reduzir o risco de comprometimento. Isso incluirá uma discussão mais detalhada das armadilhas e melhores práticas discutidas no M-Trends 2020.
  • Recomendaciones seguridad para entornos multi-nube Recorded: Jun 16 2020 54 mins
    Stephen Fallas, FireEye Solution Architect
    Durante los últimos años las organizaciones han estado trasladando aplicaciones y servicios a la nube a ritmo cada vez mayor. A pesar de estas inversiones, hay muchas organizaciones que no comprenden que controles de seguridad se tienen a disposición y no se logra fortalecer de una manera mas efectiva sus entornos de nube contra amenazas. Como resultado, FireEye Mandiant ha observado un aumento significativo en las brechas relacionadas con la nube, impulsadas por diferentes grupos de actores criminales en los últimos años.

    En este webinar, el arquitecto de FireEye Stephen Fallas compartirá las lecciones aprendidas de la experiencia de FieEye Mandiant con la respuesta a incidentes en la nube, en donde se identificará desafíos comunes y proporcionará buenas practicas para que las organizaciones fortalezcan sus entornos de nube con el fin de reducir el riego de compromiso. Incluyendo aspectos detallados en el reporte de M-Trens 2020.
  • 5 Steps to Security Validation Recorded: Jun 15 2020 60 mins
    Major General Earl Matthews (USAF)
    Organizations have been managing security based on assumptions, hopes and best guesses for decades. We assume our technology will detect, block and send alerts, we hope our incident response techniques will be efficient and effective when under assault, and we believe that our security teams are well trained and practiced when everything goes wrong. These assumptions result in financial and operational inefficiencies, defensive regression and an inability to determine if we are investing in the right areas to communicate the state of our security effectiveness to stakeholders.

    Join this webinar to hear from Retired Major General Earl Matthews (USAF), as he discusses:

    • How to move beyond assumptions with automated and continuous security controls validation
    • Identify and measure vulnerability gaps
    • Manage and suggest remediation steps by arming security practitioners with meaningful evidence
    • Validate an organization's ability to defend itself by using real adversary behaviors

    Save your seat today!
  • Validate Security Performance to Rationalize Investments Recorded: Jun 11 2020 52 mins
    General Earl Matthews, VP of Strategy for Mandiant Security Validation
    Security assumptions do not equal security effectiveness. With increasing pressure on boards of directors and CEOs to provide evidence that business assets are protected from the fallout of a potential breach, the need to justify security investments is now a key performance metric. Only through security validation and continual measurement of security effectiveness across technology, people and processes can you rationalize cyber security investments and prove value to the C-suite.

    In this session, led by General Earl Matthews, VP of Strategy for Mandiant Security Validation, you can learn:

    - Best practices for investment prioritization when it comes to hiring, training and security solution procurement
    - How security validation testing can identify areas of overlap in capabilities, inefficiencies in product expectations, and gaps in overall security posture, and help you optimize performance and value
    - Steps to take to strengthen your security posture and minimize cyber risk in order to protect your brand reputation and economic value
  • C-Suite Conversations: The Value of Threat Intelligence Recorded: Jun 11 2020 47 mins
    Nigel Gardner, Sr. Cyber Threat Intelligence Leader, MGM & Bart Lenaerts-Bergmans, Sr. Product Marketing Manager, Mandiant
    Economic changes put new pressures on cyber risk and threat management spending. All the while, attackers maintain or even increase their activities. So how to adapt to this new dilemma and communicate the value of threat intelligence to all stakeholders?
    Join this session to hear Nigel Gardner, Senior Cyber Threat Intelligence Leader at MGM Resorts discuss:

    • Types of threat intelligence consumers
    • Whether to use outcomes or operational metrics to communicate threat intelligence
    • Whether ROI-based justification is required to measure the success of threat intelligence
    • Use cases that illustrate working and nonworking approaches
  • Cloud Security for Government: A Conversation with the CyberWire and FireEye Recorded: Jun 11 2020 59 mins
    Host, Producer: Dave Bittner, CyberWire; Martin Holste and Steve Booth, FireEye; Lisun Hung, Cloudvisory, now part of FireEye
    Cloud usage in the public sector has evolved significantly, and so has its security. Still, federal agencies continue to face many new challenges, such as lack of continuous visibility, inability to detect misconfigurations and credential misuse, lack of detection capabilities for cloud-hosted artifacts and confusion around the shared responsibility model.

    On June 11th at 3:00 PM ET, the CyberWire and FireEye subject matter experts will discuss how government IT managers can overcome these challenges and pave the way for a successful path forward. Our conversation will cover not only the state of cloud for government use, but also how to:

    - Gain greater visibility across hybrid, public, private, and multi-cloud environments
    - Achieve cloud compliance, enforcement, and control
    - Manage and mitigate risks in the cloud, from a CISO’s perspective
    - Secure the remote workforce
  • How to Fortify Your Security Operations with Technology and Expertise Recorded: Jun 11 2020 52 mins
    Patrick O’Sullivan, Director of Security Engineering, Alorica​, & Stanley Parret, Principal Consultant, Mandiant​
    Today is the day you outplay cyber attackers. They can deliver easy to execute, threats with immediate impact through an as-a-service model. To beat them, CISOs must assemble skilled cyber security staff, threat intelligence and technology into an innovative managed detection and response (MDR) capability.

    Navigating the MDR marketplace can be difficult without insight from peer organizations with established programs. Stanley Parret, Mandiant Principal Consultant and Patrick O'Sullivan, Director of Security Engineering at Alorica can give you insights and advice for selecting the best MDR solutions for your needs and show you how you can outmaneuver attackers.

    Join this session to:
     Understand emergent threats and tactics that drive your need to quickly detect and respond to cyber threats.
     Realize that you’re not in an either-or situation and learn how to align people, technology and operations in your SOC.
     See what it looks like to outplay your attacker in a live tabletop exercise.
  • Sandworm Resurfaced: The Continuing Story Recorded: Jun 11 2020 59 mins
    Andy Greenberg Author, Journalist, WIRED & John Hultquist, Sr. Director, Intelligence Analysis, Mandiant Threat Intelligence
    A few years ago, in the wake of the annexation of Crimea by the Russian Federation, the world became aware of the extent of Russia's cyber attack capabilities. The story of this first real instance of sustained, unrestricted cyber war is captured in WIRED journalist Andy Greenberg’s award-winning book SANDWORM: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers.

    In this session, Andy Greenberg is welcomed by John Hultquist of Mandiant for a review of Sandworm activities, from blackouts in Ukraine to NotPetya, the most costly cyberattack in history. They will also discuss the enduring relevance of the Sandworm group in light of the recent U.S. National Security Agency warning about the group’s continuing activities to disrupt global government and corporate networks and systems.
  • Mandiant’s Perspective On The Threat Actors In Europe Recorded: Jun 11 2020 60 mins
    Adrien Bataille, Senior Consultant, FireEye Mandiant
    In this session hear from a leading consultant who constantly interacts with customers dealing with issues from technical response to crisis management. Mandiant investigates some of the most complex breaches: learn from a front-line specialist about both existing and emerging threat actors and their rapidly changing tactics, techniques and procedures.
  • A Red Teaming Case Study Recorded: Jun 11 2020 42 mins
    Vivek Chudgar, Sr. Director - Mandiant Consulting
    Red team assessments help organizations evaluate their readiness to defend against advanced attacks. They identify relevant weaknesses in current detection and response procedures that advanced threat actors routinely exploit to avoid detection, break in and complete their attack objectives.
    This session reviews a red team case study in which an objective-based assessment involved emulating the activities of an advanced, nation state attacker across the entire attack lifecycle. Come learn valuable insights from how one organization dealt with genuine attack conditions.
  • FireEye Endpoint Security War Story Recorded: Jun 11 2020 50 mins
    Anthony Ng, Vice President of Systems Engineering, APAC
    When Mandiant respond to a breach they need equally elite weapons to facilitate their response. This war story will look at how Mandiant Incident Responders fought off APT38 using some of the more sophisticated functions of FireEye Endpoint Security.
  • Proactive Cyber Crime Defense Through Public-Private Partnerships Recorded: Jun 10 2020 59 mins
    Tim Wellsmore, head of Mandiant government programs across Asia Pacific and Japan
    Cyber crime has redefined security operations for governments and the private sector. A continually evolving threat environment means cyber crime is growing in both scale and diversity. Public and private organizations must shed any pre-disposed focus on cyber espionage to adopt a proactive, intelligence led mission.

    Tim Wellsmore, head of Mandiant government programs across Asia Pacific and Japan, helps Australia manage national efforts on financially motivated cyber security threats and related cyber intelligence collection. In this session, he’ll:

    - Examine an intelligence led model for uplifting government cyber defense operations to counter cyber crime threat activity.
    - Show you how the private sector can uniquely support governments as they implement a proactive intelligence-led cyber mission.-
    - Deliver insights on the tactics and methods cyber criminals use against both public and private sector organizations.
  • Modern Cyber Risk Management for Better Decision Making Recorded: Jun 10 2020 43 mins
    Matt Keane, Principal Consultant at FireEye Mandiant, & Jennifer Guzzetta, Product Marketing Manager at FireEye Mandiant
    Most C-suite leaders believe their investment decisions in security risk management is not keeping up with the new and heightened levels of cyber risks. This is often due to their use of the decade old, top-down approach in leveraging risk models, which leaves gaps between attacker and defender behaviors.

    Transformation of your risk management processes, plus the people behind them, can solve for this.

    Aligning your organization’s security efforts with the risk appetite of data owners and business leaders must become a priority.

    This webinar spotlights a transformational model that operationalizes security risk management to improve and optimize decision making by:

    •Identifying challenges in your current cyber risk management program
    •Establishing a modern cyber risk management strategy
    •Shifting the players and processes involved in your cybersecurity decision support
    •Integrating risk management priorities across the entire security function
    •Monitoring progress with the right kind of security metrics

    Join Matt Keane, Principal Consultant at FireEye Mandiant, for his expertise on transforming your security risk management approach by bridging the gap between vital security teams and improving their decision making.
  • Security Without Barriers: How to Adopt, Implement, and Measure Cyber Resilience Recorded: Jun 10 2020 48 mins
    Christian Schreiber, CISM, PMP Cybersecurity Platform Strategist, FireEye
    Adoption of cloud computing, an increasingly remote workforce and more reliance on mobile devices to access enterprise applications has radically changed how technology is deployed and used. Organizations need to protect their digital assets with strategies that evolve to support changing conditions.
    Attend this session to learn how a cyber resilience strategy can help protect your organization, as well as how you can explain the new cyber security landscape to your stakeholders.
    Topics include:
    • How cyber resilience can better protect your assets whenever and wherever your users require access
    • How to maintain an open and collaborative environment while still meeting security needs
    • How you can explain your security program goals to stakeholders
  • Held Hostage by Ransomware: One City’s Story Recorded: Jun 10 2020 58 mins
    Stephen Schommer, CISO, City of Sammamish & Shelly Tzoumas, Sr. Product Marketing Manager, Mandiant
    In the security community, stories are how we warn, educate and inform one another, if only so others will learn from and avoid the same mistakes. Because ransomware has seen such a resurgence in recent years, almost everyone has a ransomware story to tell, but very few are willing to share details about their trials so that others might be more fortunate.

    Join Stephen Schommer from the City of Sammamish, Washington as he recounts past ransomware experiences, and provides insights and advice to better prepare for and navigate this all-too-common cyber security horror story. Attendees can ask questions after the presentation.
  • Election Protection: Real World Guidance and Best Practices Recorded: Jun 10 2020 59 mins
    Ron Bushar, Sr. Vice President & CTO - Government Solutions, FireEye, Ben Woolsey, Manager, Mandiant Services
    Election security is a top concern for national and local governments across the world. With real-world experience from the frontlines of cyber attacks, our experts share hard-won guidance on strategies to reinforce elections infrastructure against malicious cyber activity.
    Join us to learn best practices and get frontline insights into how officials at all levels should address the threats to election security. We will share the current threat landscape and best practices to address the challenges.
  • Get Your Data Protection Ahead of Impending Threats Recorded: Jun 10 2020 56 mins
    Vinoo Thomas, Product Line Manager, FireEye
    With new attack vectors and application exploits being discovered, legacy endpoint protection products cannot keep up. They leave your data, information and intellectual property at risk. Endpoint protection (EPP) and detection and response (EDR) needs to evolve with the emerging threats and threat vectors.

    Join Vinoo Thomas, Product Line Manager, for Endpoint, at FireEye, as he shares how a new model for an endpoint defense agent can keep up keep pace and match wits with the evolving threats using the knowledge of the industry-leading incident response teams.

    Register Now.
  • TIBER-EU - How Mandiant Engagements Enhance Your Cyber Resilience Recorded: Jun 10 2020 60 mins
    Angelo Perniola, Senior Consultant & Jay Christiansen, Principal Consultant
    The Framework for Threat Intelligence-based Ethical Red Teaming (TIBER-EU) enables European and national authorities to work with financial infrastructures and institutions to put in place a programme to test and improve their resilience against sophisticated cyber-attacks. Among the core objectives of TIBER-EU are improving the protection, detection and response capabilities of entities, enhancing the resilience of the financial sector; and providing assurance to the authorities about the cyber resilience capabilities of the entities under their responsibility.

    Join FireEye Mandiant Senior Consultant Angelo Perniola and Principal Consultant Jay Christiansen to:

    -Understand how the TIBER scheme aims to improve Financial Service organisations resilience to advanced persistent threats by conducting Red Team Operations leveraging cyber threat intelligence and targeted attack scenarios that focus on high value targets and assets.
    -Gain insight into how FireEye Mandiant leverages its world-leading Threat Intelligence and Incident Response capabilities to understand attackers and their modus operandi in order to identify the most relevant attack scenarios in line with threats such as ransomware, SWIFT frauds and Customer PII leaks.
    -See how the Mandiant Red Team uses the compiled intel, in the form of a Targeted Threat Intelligence Report, to create attack plans and risk management trackers for the engagement, as well as how they carry out the stealthy TIBER cyber-attacks using tools and techniques mapped against MITRE ATT&CK framework and each APT’s specific capabilities
    -Understand how all the pieces fit together to create and end-to-end test and what deliverables can be expected from Mandiant in terms of root cause analysis of issues, strategic recommendations, technical findings and analysis, as well as follow on opportunities for collaboration with the client tech teams in the Purple Team and Security Validation follow-ons.
  • Cyber Threat Intelligence as a Business Enabler Recorded: Jun 10 2020 57 mins
    Jens Monrad, Head of Mandiant Threat Intelligence, EMEA
    Join Jens Monrad, Head of Mandiant Threat Intelligence – EMEA, for ‘Cyber Threat Intelligence as a Business Enabler’.
    This session will cover how accurate and relevant Cyber Threat Intelligence can help organisations make smarter decisions around cyber defence, alert & event prioritisation. Jens will also discuss how cyber threat intelligence enables businesses to make decisions based upon the cyber threat landscape and their risk appetite.
FireEye Private Channel for Partners and Customers
FireEye Channel for Partners and Customers

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: A Red Teaming Case Study
  • Live at: Jun 11 2020 6:00 am
  • Presented by: Vivek Chudgar, Sr. Director - Mandiant Consulting
  • From:
Your email has been sent.
or close