Hi [[ session.user.profile.firstName ]]

Better Vulnerability Awareness for IT and Development

The increasing rate of vulnerability reporting, combined with the number of sources producing those reports has made it more difficult than ever to monitor critical issues affecting your organization. While monitoring vulnerabilities has traditionally been most important for IT teams, it is becoming rapidly more relevant for software development teams as well, especially as the use of open source / third-party libraries increases.

Join Cytenna and (ISC)2 on November 22, 2016 at 1:00PM Eastern as we discuss solutions to this problem at both the IT and development level. Among other things, we'll cover Vulnerability Central, a free member benefit for all (ISC)2 members that can help you stay more aware of recent vulnerabilities, especially with its new e-mail notification feature.
Recorded Nov 22 2016 58 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Greg Barish, CTO, Cytenna; Brandon Dunlap, Brightfly (Moderator)
Presentation preview: Better Vulnerability Awareness for IT and Development

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Swimlane #3: Reactive to Proactive Threat Hunting: Transforming Your SOC with Au Dec 17 2020 6:00 pm UTC 60 mins
    Nick Tausek, Security Research Engineer, Swimlane; Brandon Dunlap, Moderator
    Are your analysts drowning in low-value, high-noise alerts and constantly playing catch-up? Is this hurting your mean time to detect (MTTD) and mean time to resolution (MTTR)? A security orchestration, automation and response (SOAR) solution can help in this area. A SOAR solution can enable an organization to realize some time and resource savings which can result in more research and active threat hunting for a more proactive approach to cybersecurity. On December 17, 2020 at 1:00 p.m. Eastern, Swimlane and (ISC)2 will explore how automation can help you dedicate your limited security resources to proactive threat hunting. We’ll also discuss how to:

    · Integrate your threat intelligence sources with a SOAR platform for faster and more accurate threat identification and verification.

    Use information from analyst research or automated feed ingestion to facilitate threat hunting across your security toolset and environments.

    · Reduce MTTD/MTTR by automating repetitive, manual tasks.
  • Swimlane #2: SOARing Beyond Expectations - Automating Atomic Red Team Testing Nov 5 2020 6:00 pm UTC 60 mins
    Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
    Organizations around the world struggle protecting their environments and determining where vulnerabilities exist. Open-source projects, such as Red Canary’s Atomic Red Team, can help by providing methods for evaluating defensive security controls and identifying areas of vulnerability. Additionally, a framework like MITRE ATT&CK can give the organization a full security view, ensuring a comprehensive strategy is in place. Such resources provide useful information for security teams, but the manual processes still needed to execute tests and map them to active detections from existing SIEM, EDR or other tools is too time consuming for many security operations centers (SOCs) to conduct effectively. Join Swimlane and (ISC)2 on November 5, 2020 at 1:00 p.m. Eastern as we examine how to do automate testing with a security orchestration, automation and response (SOAR) solution.

    In this session you will:

    · Learn how to automate the testing of your security controls

    · See how SOAR can help you visualize areas of concern with the MITRE ATT&CK dashboard

    · Get an overview of a helpful open-source tool recently developed by the Swimlane Deep Dive Research Team
  • Swimlane #1: Five SOAR Use Cases to Address Analyst Burnout Oct 8 2020 5:00 pm UTC 60 mins
    Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
    A recent study revealed how security orchestration, automation and response (SOAR) can deliver impressive gains in your security operations center's (SOC) efficiency, productivity, and consistency within a relatively short time-frame—11 months or less on average. But, how do you get there, and what SOAR use cases can lead to these remarkable gains? Join Swimlane and (ISC)2 on October 8, 2020 at 1:00 p.m. Eastern for a pragmatic approach to automation and orchestration as we dig into the use cases where organizations are seeing significant impacts in their SOCs. We’ll also examine:

    •Typical challenges that SOAR platforms address.

    •Five SOAR use cases that can be used immediately to alleviate analyst burnout and provide more effective use of existing tools.

    •How to further increase the ROI of a SOAR platform with robust reporting and metrics.
  • Ransomware Deep Dive: Examining Disturbing Ransomware Trends Sep 29 2020 5:00 pm UTC 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Successful ransomware attacks are at an all-time high. And so is the number of organizations paying ransoms to recover their data. But why? And what can smart IT security teams do to mitigate the risks of falling victim? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2020 Cyberthreat Defense Report. In this webinar, we’ll:

    - Examine disturbing ransomware trends, by country and by industry
    - Postulate why more organizations are paying ransoms
    - Underscore the importance of investing in your company’s “human firewall”
    - Review technologies to help give security teams the upper hand
  • Blackberry #3: Preparing for the Future of Work Recorded: Sep 25 2020 55 mins
    Ebudo Osime, BlackBerry, Threat Intelligence Analyst
    Part three will examine how a Zero Trust security strategy built on AI-based security technologies could better prepare you to face the modern threat landscape. We will walk through some current, pervasive threats to gain a better understanding of why and how the unique features of AI-driven technologies are better suited to prevent, detect, and respond to them.
  • Blackberry #2: Combating Cyber Chaos with Unified Endpoint Security Recorded: Sep 25 2020 55 mins
    John McClurg, CISO, BlackBerry (formerly Cylance)
    In Part two, we’ll discuss strategies for securing remote workers using Zero Trust. As millions of us have grown accustomed to and continue working from home, the delineation between work and home has become increasingly porous. Devices – no matter the environment in which they are situated – must be secure without any performance trade-offs. We will explore how emerging solutions like continuous authentication and unified endpoint security that leverage AI, machine learning, and automation could play a critical role in deploying a robust Zero Trust security framework to secure all devices – anytime, anywhere.
  • Blackberry #1: Zero Trust Framework: What’s the Best Approach to Implement It? Recorded: Sep 25 2020 56 mins
    Rich Thompson, VP of Sales Engineering, BlackBerry (formerly Cylance)
    In this first part, we’ll explore the important preliminary questions about whether Zero Trust should be a priority for your organization and provides guidance on defining trusted users and devices, and how to integrate identity and network. It will address how to build a business case for Zero Trust, addressing business drivers such as cloud environments and business continuity needs.
  • Darktrace #1: Securing the New Normal: Cyber AI for Email Recorded: Sep 24 2020 55 mins
    Dan Fein, Director, Email Security Products, Darktrace; Brandon Dunlap, Moderator
    The future of work remains unpredictable and uncertain. More than ever before, business leaders need to remain confident that their operations can continue securely. However, 94% of cyber-threats still originate in the inbox, and ‘Impersonation attacks’ that expertly mimic the writing style of trusted contacts and colleagues are on the rise. Humans can no longer distinguish real from fake on their own – businesses are increasingly turning to AI to distinguish friend from foe and fight back with autonomous response. . Join Darktrace and (ISC)² on September 24, 2020, at 1:00 p.m. Eastern for expert insight into how cyber AI is the only tool that can keep pace with the rapidly evolving threat landscape facing organization’s inboxes every day. The webcast will examine:

    · Exploration of the most recent email threat trends and statistics

    · Overview of Darktrace’s latest developments to secure the email environments of the dynamic workforce

    · Case studies and use cases from industry leading customers
  • Gigamon #3: Network Visibility in Today’s Complex World Recorded: Sep 15 2020 58 mins
    Jim Mandlebaum, Senior Security Engineer, Gigamon; Brandon Dunlap, Moderator
    Having visibility into your network, what’s on it and how it’s preforming, is critical to any sized organization. The use of network monitoring tools like SPAN and TAP can certainly help, as can Network Aggregation and Packet Brokers. Join Gigamon and (ISC)2 on September 15, 2020 at 1:00 p.m. Eastern as we dive into visibility topics such as Data Deduplication, Slicing, Masking, TLS Decryption, Inline and Out of band… and more. We’ll even include Virtual Environments and Cloud to make it even more interesting.
  • How to Build and Govern a Multi-cloud Strategy that Accelerates Innovation Recorded: Sep 4 2020 59 mins
    Jeremy Snyder: Sr Dir, Business Development & Solution Eng, DivvyCloud by Rapid7; Thomas Martin, Frm GE CIO/Founder, Nepho
    More than 70% of enterprises today are multi-cloud, either through organic growth, through mergers and acquisitions, or as a corporate strategy. While cloud is a powerful opportunity to unleash innovation within the enterprise, IT and security teams must then devise governance strategies to support that innovation. Join DivvyCloud and (ISC)2 to hear about some real-world experiences, a top 10 list of governance starting points and key takeaways that include:

    · Top 3 mistakes made in multi-cloud governance
    · A set of related resources, including industry reports on the state of cloud, cloud misconfiguration security and more
  • Imperva #3: How to Protect Your Data in the Cloud Recorded: Aug 27 2020 58 mins
    Ran Rosin,Director of Product Management, Imperva; Brandon Dunlap, Moderator
    The cloud is a popular destination for companies of all sizes. As companies plan their migration to the cloud, there is pressure to use database services from public cloud vendors. What are the compliance and visibility requirements and what does a secure cloud data deployment looks like. Join Imperva and (ISC)2 on August 27, 2020 at 1:00PM Eastern for a discussion on protecting data in the cloud and how to deploy securely and quickly.
  • Think Outside the Box: Mitigating the IT Security Skills Shortage Recorded: Aug 25 2020 60 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Nearly nine in 10 organizations are experiencing a shortfall of skilled IT security personnel, according to CyberEdge’s 2020 Cyberthreat Defense Report. That’s up from eight in 10 organizations just two years ago. This weighs heavily on the minds of IT security professionals as ‘lack of skilled personnel’ is rated as the #1 inhibitor to successfully defending against cyberthreats. So, what can organizations do to mitigate the effects of this crisis? Well, if you’re willing to ‘think outside the box,’ there is hope. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he:

    - Examines the shortage of IT security personnel by job role
    - Proposes creative ways for recruiting new security talent
    - Suggests clever ways for retaining the talent you already have
    - Identifies technologies that enable security teams to do more with less
  • Gigamon #2: What Zero Trust Networking Means for Network Visibility Recorded: Aug 13 2020 60 mins
    Ollie Sheridan, Principal Sales Engineer, Security, (EMEA) Gigamon; Brandon Dunlap, Moderator
    There is much talk in the Industry with regards to Zero Trust Networking (ZTN) - but what does it involve and what does this mean for Network Visibility? In this Webinar we will explore the reason for ZTN, some of the current ideas surrounding the implementations of ZTN and where Network Visibility plays a key role in securing such environments. With one of the key concepts of ZTN being the encryption and authentication of data in motion, we will also discuss the need for Metadata and why this can be an advantage over traditional methods of monitoring. Join Gigamon and (ISC)2 on August 13, 2020 at 1:00PM Eastern for an examination of:

    - Understanding the ZTN trust model at a high level

    - See which components are important within ZTN and why

    - Understand why the perimeter is changing and why the need for segementation goes beyond physical devices

    - How Metadata can play a key role in understanding the activity of applications on your network
  • Gigamon #1 - Here Be Dragons: The Double-Edged Sword That is TLS Recorded: Jul 30 2020 61 mins
    Ian Farquhar, Consulting Sales Engineer, Gigamon; Brandon Dunlap, Moderator
    TLS is becoming ubiquitous, but it’s a double-edged sword. On the one side, organizations can mitigate risk vectors using this protocol. On the flipside is the misuse of TLS by threat actors trying to hide their activities and prevent your security monitoring infrastructure from detecting their activities. How do you benefit from TLS, but avoid the risks? Is decrypting everything the right approach? And if so, where? What about non-decrypting approaches to threat detection, like JA3? TLS 1.3 was a significant change, what do I need to know about it? Join Gigamon and (ISC)2 on Thursday, July 30, 2020 at 1:00PM Eastern to get answers to these questions and more.
  • The 'Hottest' IT Security Technologies in 2020 Recorded: Jul 28 2020 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group; Brandon Dunlap, Moderator
    Want to know which IT security technologies are hot and which ones are not? 2020 has thrown many purchasing and deployment plans into a state of flux and your organization has probably been caught up in this. Join Steve Piper, Founder & CEO of CyberEdge (and a proud CISSP) and (ISC)2 on Tuesday, July 28, 2020 at 1:00PM Eastern as Steve reviews key purchase insights from the 2020 Cyberthreat Defense Report. Specifically, this webcast will examine which security technologies are most widely deployed and most planned for acquisition in 2020 so you can benchmark your company’s current and planned investments against your peers. Purchase intent across five key security technology categories will be focused on including:

    •Network security
    •Endpoint security
    •Application and data security
    •Security management and operations
    •Identity and access management
  • Imperva #2: Application Security as the Business Transforms Recorded: Jul 9 2020 61 mins
    Kim Lambert, Sr. Product Marketing Manager, Imperva; Brandon Dunlap, Moderator
    As transformations continue at breakneck speeds, how are these changes impacting security? Specifically, applications are being written in new ways and deployed across clouds. How do you maintain consistent app security in a way that enables agility and speed of deployment? Join Imperva and (ISC)2 on July 9, 2020 at 1:00PM Eastern for a discussion on applications and their addition to the computing infrastructure is impacting organizations both small and large.
  • Approaching Application Security in the Enterprise Recorded: Jun 30 2020 60 mins
    Daniel Kennedy, Senior Analyst, 451 Alliance; Brandon Dunlap (Moderator)
    A significant percentage of data breaches in the last year came as a result of the targeting of web applications. ‘Software’ continues to eat the world, but not all of the code behind it is being constructed in conditions that ensure security. DevSecOps is oft talked about, but what does implementation mean from a practical standpoint? What’s really meant by ‘shift left’?

    Join Daniel Kennedy, Senior Analyst for 451 Alliance and (ISC)² on June 30, 2020 at 1:00PM Eastern for a discussion drawing on multiple years of peer market intelligence around application security, including tool usage within enterprises. We’ll examine what challenges emerge as security and development share responsibility for ensuring application security, and how can the needs of each be met.
  • Imperva #1: How Automated Attacks Can Derail Your Company’s Business Recorded: Jun 18 2020 59 mins
    Edward Roberts, Director of Product Marketing, Imperva; Brandon Dunlap, Moderator
    You are a security professional. The world is changing - there are transformation initiatives being accelerated across your company - What are they, what is the impact on security and how can you ensure that a consistent security profile is maintained as your business transforms? Transformation is driving your company to engage with customers and partners in new ways, but automated attacks can steal your revenue and kill your business. How can the security team stop that happening? Join Imperva and (ISC)2 on June 18, 2020 at 1:00PM Eastern for a discussion on the processes and tools which will help to enable key transformation initiatives while protecting the integrity and security of your company.
  • PerimeterX #3: Limiting the Damages Resulting from Carding Bots Recorded: Jun 4 2020 59 mins
    Liel Strauch, Dir, Cyber Security Research, PerimeterX; Deepak Patel, VP Security Strategy, Brandon Dunlap, Moderator
    Stolen payment card information usually needs to be validated before they can be used to run larger fraudulent transactions or be sold on the black market. Typically, automated bots run these tests or validation through smaller websites that lack anti-bot defenses. Join PerimeterX and (ISC)2 on June 4, 2020 at 1:00PM Eastern as we discuss how to detect and stop fraudulent transactions originating from carding bots and save thousands of dollars in payment processing charges. We’ll also cover :

    ● Carding attacks from the wild

    ● How carding attacks evade detection

    ● Trends leading into the holiday season
  • Axonius #3: Navigating the Coming IoT Asset Visibility Gap Recorded: May 21 2020 58 mins
    Lenny Zeltser, CISO, Axonius; Nathan Burke, CMO, Axonius; Brandon Dunlap, Moderator
    As IT complexity increases at organizations, gaining visibility into a comprehensive asset inventory becomes progressively difficult for information security teams. The convergence of three trends account for this new era of complexity: the increase in the number and types of devices, rapid public cloud adoption, and the looming IoT explosion. Axonius commissioned a research survey with Enterprise Strategy Group (ESG) to uncover what kinds of visibility gaps, challenges, and strategies are top of mind for information security professionals. Join Axonius and (ISC)2 on May 21, 2020 at 1:00PM Eastern for the third of three webinars focusing on the looming and inevitable IoT explosion. By some reports, there will be 500 billion connected devices by 2030 (Cisco). Organizations are most concerned about visibility into the volume and diversity of devices.

    Webinar attendees will learn:

    • Detailed research findings on the looming IoT explosion, visibility challenges, and security implications

    • An understanding of the key asset inventory challenges and how organizations are addressing these issues

    • Best practices when implementing and improving an asset inventory process

    • Emerging innovations and approaches to continuous asset discovery and automation
(ISC)2 Security Briefings - In-depth examination of infosec topics.
(ISC)2 Security Briefings brings attendees multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Better Vulnerability Awareness for IT and Development
  • Live at: Nov 22 2016 6:00 pm
  • Presented by: Greg Barish, CTO, Cytenna; Brandon Dunlap, Brightfly (Moderator)
  • From:
Your email has been sent.
or close