The Holy Grail of Incident Response: A Single, Correlated Source of Intelligence
Time is of the essence when you’re investigating security incidents. While it’s critical to find out as much as you can about the incident from internal sources (logs, network activity, endpoint data, etc.), you also need context about what type of threat you’re facing.
When you come across an domain, IP, or file hash during investigations, you need to answer dozens of questions ASAP.
-Is this malicious? What’s known about it?
-What other domains, IPs, or file hashes are related?
-Is this a widespread threat or more targeted?
And to answer these questions today, you probably need to go to multiple sources and manually piece the puzzle together. What if you had a single, correlated source of intelligence instead?
OpenDNS Investigate now includes malware file data from Cisco AMP Threat Grid. Join our webcast to learn how Investigate provides the most complete view of the infrastructure used in attacks. With Investigate, you can:
-Instantly validate malicious domains, IPs, and file hashes
-Identify the Internet infrastructure and malware files related to attacks
-Uncover infrastructure being staged for future attacks
-Speed up investigations and stay ahead of threats
RecordedOct 18 201627 mins
Your place is confirmed, we'll send you email reminders
Long gone are the days when Security Professionals could protect their actual network and not have to worry about organization, employee, student or customer information being at risk. In today's always-connected world, much happens beyond the network (especially in the cloud) and the concept of perimeter security has all but evaporated.
Wherever Users are - the office, the classroom, traveling, or working from home - organizations need to enable security so Users can easily and safely to do their jobs. Users want to be able to just "connect" and work-- oblivious to the dangers out there. Moving security "behind the scenes" means needing to be more predictive about how attacks will happen and engaging early in the attack cycle. DNS-layer security is an important component piece of an overall security strategy that aims to stop attacks before they cause irreparable harm. Watch this webcast to learn more.
Younsey Nunez, Group Information Security @ Wells Fargo & Richard Fairhurst, Regional Information Security @ Wells Faro
Mining for cryptocurrencies is no small task; it takes a lot of CPU and GPU cycles to process the data necessary to generate the currencies. Not everyone has the technical wherewithal, financial resources and the massive amount of hardware to build their own cryptomine, so what options do they have? The answer is simple and as old as time: If you don’t have the resources, you “borrow” (steal?) from someone who does.
This webcast looks at how cryptomining works and how to determine if your computing resources are being used without your knowledge for cryptomining.
Lee Kim, JD, CISSP, CIPP/US Director, Privacy & Security HIMSS North America
The healthcare sector has been significantly impacted by ransomware in the last five years. Ransomware locks down computers, encrypts files, locks users out of their systems, and may disrupt patient care and business operations. A ransom is demanded for the safe return of the data by malicious actors. But, there is no guarantee that the data will be successfully recovered.
Lee Kim, director of privacy and security for HIMSS North America shares how the ransomware threat has evolved over time, the current ransomware threat, and information on mitigating the threat. Lee will also share her predictions on what the healthcare and public health sector can expect in the future and the emergence of cryptojacking as a future threat.
As summer vacations draw to an end, and kids return to school, we’re hoping you have more time to focus on how to improve your organization’s security posture. Cisco cloud security product expert Casey Ulaky will walk you through our Back to School Cybersecurity Checklist, where you will learn how to:
- Know if you are experiencing a targeted attack.
- View unsanctioned cloud services and gain a better understanding of your internet activity across all devices, on and off the network.
- Highlight some of our new features, like iOS protection, cryptomining security category, app discovery and more!
As the industry’s first secure internet gateway, Cisco Umbrella provides the first line of defense against threats on the internet anywhere users go. Because Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes.
Cisco Cloudlock is a cloud-native CASB and cloud cybersecurity platform that helps accelerate use of the cloud, including the apps you buy and build. Cloudlock helps you to secure your identities, data, and applications in the cloud.
Join us to see how Cisco cloud security complements existing network security by providing an additional layer of protection when users connect directly to the internet and cloud services. Through a live demonstration, you'll see first-hand how our innovative approach sees threats other security solutions miss. If you or someone from your team would like to join us at an upcoming webinar session, please be sure to reserve your spot.
Meg Diaz is a member of the Cisco Umbrella (formerly OpenDNS) products team at Cisco, where she is responsible for the go-to-market strategy and execution across multiple products. Diaz has been in the security industry for more than seven years, with experience in network, endpoint, cloud, and data security. Prior to Cisco Umbrella, she worked at RSA, the Security Division of EMC in various roles. Diaz graduated with honors from Cornell University, where she majored in Applied Economics and Management and minored in Communication.
SANS Principal Instructor, Ted Demopoulos, sets the stage for Cisco Security Research Analyst, Josh Pyorre, to walk you through a brief history of cryptomining and cryptojacking, how it all works and the various steps you or your organization can take to detect and stop it.
Josh Pyorre is a security researcher with Cisco. Previously, he worked as a threat analyst with NASA, where he was part of the team that initially built out the Security Operations Center. He has also done some time at Mandiant. His professional interests involve network, computer, and data security with a goal of maintaining and improving the security of as many systems and networks as possible
Kate MacLean Sr. Product Marketing Manager Cisco Cloud Security
We don’t think having the best security for your users, data and apps should have to be a fairy tale. If you’re looking for speed, reliability and the best threat intelligence to see and stop attacks before they happen, look no further. Cisco Umbrella provides the first line of defense against threats on the internet, anywhere your users go. And we can prove it.
Kevin Beaver Author, Hacking for Dummies, Andrew Baker Virtual CIO, Brainwave Consulting Company, Karen Bannan Moderator
Cryptojacking, the latest form of malware spreading across the globe, is a credible threat with a growing impact on enterprise security. Left ignored, the costs associated with not addressing this threat and its associated vulnerabilities can be much higher than the actual cure.
In this webinar, independent information security consultant and author of Hacking For Dummies, Kevin Beaver and consultant and Virtual CIO Andrew Baker will discuss cryptojacking and its tangible business risks. Join this discussion to learn not only what cryptojacking is about but how you can detect it, prevent it, and address it in the context of your endpoint security controls.
Cisco® Security solutions help you adopt the cloud, endpoint and network with confidence and better manage security for the way the world works today. Cisco’s cloud security is a cohesive and complementary solution that includes both Cisco Umbrella and Cisco Cloudlock. Cisco Umbrella secures access to the cloud while Cloudlock secures usage of the cloud. This combines both breadth and depth to provide you with the security you need, where you need it; to protect users against threats anywhere they access the Internet and secure your data and applications in the cloud. With Cisco’s cloud security, you gain visibility into Internet activity across cloud applications, all office locations, and roaming devices. You can also detect and respond to threats faster. Cisco Security provides an effective security platform that is open, automated, and simple to use.
Steven McLean, Sr. Manager, Global Information Security at Ortho-Clinical Diagnostics, Artsiom Holub, Cisco Security Research
Join us for a discussion with Steven McLean, Sr. Manager, Global Information Security at Ortho-Clinical Diagnostics, Artsiom Holub, Cisco Security Researcher and Meg Diaz, Sr. Product Marketing Manager, Cisco Cloud Security, as they discuss and debate how they use threat intelligence to transform the incident response process, reduce dwell time, and cut response time for better security.
In this webinar you will:
- Learn how Ortho-Clinical Diagnostics benefits from using Cisco Umbrella Investigate for threat hunting
- Gain a perspective on emerging developments in the threats landscape, including how malicious hackers are infecting unsuspecting users’ computer with code that commandeers devices for cryptocurrency mining
- Understand how Cisco Umbrella uses statistical models to automatically score and classify data to detect anomalies, and uncover known and emergent threats
Today, IT departments are under pressure to do more with less. With limited budgets and smaller teams, the race is on to deliver more effective security without any reduction in reliability or performance. The high cost of enterprise WAN connectivity and support, combined with the growth of cloud-based services and bandwidth-hungry streaming applications, is forcing many network admins and security professionals to search for alternative solutions. With more branch offices connecting directly to the internet, how can you quickly and easily protect users on any device, anywhere they roam?
Find out how Cisco Umbrella is making it easier than ever to provide effective cloud security with centralized visibility and control. Watch to see how you can say bye bye to backhauling and hello to better branch security.
2017 brought forth an increase in breaches, attacks, and ransomware instances. Trends around mobility, the growing number of IoT devices, SaaS app usage and the amount of sensitive data stored in the cloud will continue to increase. While increased mobility and flexibility in the workplace has led to reduced costs and booming productivity and independence, it comes at a price. Attackers are getting bolder and employees are no longer safely protected behind their firewall or secure web gateway. Is your security stack ready for 2018? Watch to learn about the shift towards secure internet gateway and why a new approach to security is needed. Kevin, Ayse, and Austin will explain why existing network security solutions need to adapt. We’ll look at the shifts in the market and the safe bets for protecting your data, users and apps in 2018.
Aaron Baillio, University of Oklahoma; Dave Gormley, Cisco Cloud Security
Customer Story: University of Oklahoma
Are your users accessing the Internet from many locations and devices? Are you relying on SaaS apps like Office 365, G-Suite, Box and Salesforce to improve collaboration and productivity? The University of Oklahoma is embracing the cloud to empower users while reducing costs and they have embraced advanced cloud security to protect their users and data. Hear how Cisco Umbrella is securing their internet access and Cisco Cloudlock is protecting their SaaS users, data and applications.
Join us to learn:
- How to reduce the risk of ransomware and other malware in your environment
- How a CASB (Cloud Access Security Broker) can reduce the risk from compromised accounts
- How you can easily secure access to and usage of the cloud
Cisco Security Product Experts, Meg Diaz, Joe Malenfant, and Neil Patel,
70% of breaches start on endpoint devices. Unfortunately, gaps in protection exist when users and endpoints are off-network, often leaving AV as the only form of protection. And reacting to malicious communications and code after attacks launch is simply too late. It’s time to prevent, detect and respond to attacks targeting endpoints, both on and off your network before damage occurs.
Join Cisco security product experts, Meg Diaz, Joe Malenfant, and Neil Patel, to learn how you can not only stop attacks before they occur, but contain and remediate threats that evade front-line defenses, anywhere your users travel.
Julie Tsai, Sr. Director, Security Operations at Box and Michelle Dennedy, Chief Privacy Officer at Cisco
A roundtable discussion hosted by women leading in cybersecurity. Join women leading in cybersecurity, Julie Tsai, Sr. Director, Security Operations at Box and Michelle Dennedy, Chief Privacy Officer at Cisco, for a lively roundtable discussion on security and data privacy. They will offer us their perspective on their success, lessons learned in their careers and how women are making their mark on the security industry, in addition to debating key changes and trends facing the cybersecurity industry and how we approach data privacy.
70% of breaches start on endpoint devices. Unfortunately, gaps in protection exist when users and endpoints are off-network, often leaving AV as the only form of protection.
And reacting to malicious communications and code after attacks launch is simply too late.
It’s time to prevent, detect and respond to attacks targeting endpoints, both on and off your network before damage occurs.
Join Cisco security product experts, Meg Diaz, Joe Malenfant, and Neil Patel to learn how you can not only stop attacks before they occur, but contain and remediate threats that evade front-line defenses, anywhere your users travel.
Register today and reduce your risk of breaches on the endpoint.
Jeremy Linden of Cisco Umbrella, Jessica Bair of Cisco Threat Grid and Mike Clark of ThreatQuotient
As malware becomes more complicated and harder to detect, cyber analysts are increasingly inundated with more work. The more menial tasks a security team performs, the less likely they are to have the time to properly analyze or defend against malware. There are steps you can take to defend against malware and protect your organization.
Join this webinar with experts Jeremy Linden of Cisco Umbrella, Jessica Bair of Cisco Threat Grid and Mike Clark of ThreatQuotient as they discuss how to utilize a Threat Intelligence Platform to enhance malware analysis capabilities and prevent access to malicious domains. Visit the Cisco Marketplace to learn more.
In the webinar, you will learn to:
- Streamline malware analysis workflow
- Add context to malware analysis results using validated threat intelligence
- Make informed decisions efficiently and effectively
- Take action from a centralized workbench to minimize your risk window
Dan Cummins - 451 Research & Meghan Diaz - Cisco Umbrella
Your employees are using more cloud apps than ever, and mobile workers frequently work without turning on their VPN. You need new ways to extend protection anywhere your employees work — and you need it to be simple, yet incredibly effective.
Exciting innovations in network security-as-a-service offer distributed organizations the potential to extend and meaningfully increase security effectiveness. Join this 451 Research webinar with Cisco Security to hear a discussion about new cloud-delivered protection for mobile workers, lean branch offices, and cloud applications.
In the webinar we will discuss:
- The changing cloud security landscape
- The emergence of the Secure Internet Gateway
- Important buying considerations for companies looking to add these capabilities
Jeff Olen, Product Manager at AlienVault and Kate MacLean, Product Manager at Cisco Umbrella
Threats continue to increase in sophistication and frequency, your environment is getting more complex with the addition of cloud infrastructure, and your siloed security tools leave you struggling to get a unified view of your security posture. How can you reduce the time to detect and defend against malware in today’s environment? It’s not enough to wait for malware to reach your network or endpoints before you try to detect and stop it. What if you could identify and block threats earlier? With Cisco Umbrella and AlienVault USM Anywhere, you can.
Join us for a 45-minute webcast to learn how you can quickly improve your threat detection and response time with AlienVault USM Anywhere and Cisco Umbrella. During this session, you’ll learn about each product and see how the integration enables you to:
- Focus on threat response and not writing complex security analytics rules
- Get prioritized, contextual alarms leveraging threat intelligence from both Cisco Umbrella and AlienVault
- Automate policy enforcement between the platforms for rapid response
- Enhance threat visibility and reduce mean time to detection & response
Alex Chiu, threat researcher for Cisco Talos, and Brad Antoniewicz, security researcher for Cisco Umbrella
On May 3rd, over a million Gmail users granted a fake, but convincing, application full access to their emails and contacts. Two weeks later, a major ransomware attack spread rapidly and affected a multitude of organizations across the world. Needless to say, it’s been a busy month in the infosec world.
Now that the dust has started to settle, join our security researchers Alex Chiu, threat researcher for Cisco Talos, and Brad Antoniewicz, security researcher for Cisco Umbrella, as they take you through the details of the recent attacks.
In the session, our researchers will share:
- Key findings from their research
- Details uncovered about the attackers’ infrastructure, including analysis of the malware, domains, and IPs used in the attack
- How Cisco identified and blocked the attacks, including a timeline of events
- Steps you can take to protect your organization
We’ll also look ahead at how these types of attacks could potentially evolve over time and how you can better prepare.
Cisco Umbrella provides a cloud-delivered network security service that blocks advanced attacks, as well as malware, botnets and phishing threats regardless of port, protocol or application. Our predictive intelligence uses machine learning to automate protection against emergent threats before your organization is attacked. Umbrella protects all your devices globally without hardware to install or software to maintain.