Hi [[ session.user.profile.firstName ]]

Swimlane #2: SOARing Beyond Expectations - Automating Atomic Red Team Testing

Organizations around the world struggle protecting their environments and determining where vulnerabilities exist. Open-source projects, such as Red Canary’s Atomic Red Team, can help by providing methods for evaluating defensive security controls and identifying areas of vulnerability. Additionally, a framework like MITRE ATT&CK can give the organization a full security view, ensuring a comprehensive strategy is in place. Such resources provide useful information for security teams, but the manual processes still needed to execute tests and map them to active detections from existing SIEM, EDR or other tools is too time consuming for many security operations centers (SOCs) to conduct effectively. Join Swimlane and (ISC)2 on November 5, 2020 at 1:00 p.m. Eastern as we examine how to do automate testing with a security orchestration, automation and response (SOAR) solution.

In this session you will:

· Learn how to automate the testing of your security controls

· See how SOAR can help you visualize areas of concern with the MITRE ATT&CK dashboard

· Get an overview of a helpful open-source tool recently developed by the Swimlane Deep Dive Research Team
Recorded Nov 5 2020 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
Presentation preview: Swimlane #2: SOARing Beyond Expectations - Automating Atomic Red Team Testing

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Cloud Gambit: Advanced Moves for a Cloud Security Career Nov 17 2021 6:00 pm UTC 59 mins
    Keatron Evans, Dave Hatter, Charlie Platt
    Taking the step toward earning the (ISC)² Certified Cloud Security Professional (CCSP) credential puts you on a path to excel as an expert in cloud security. CCSP empowers individuals and organizations with the highest level of mastery in cloud security.

    But how do you get started? How do you prepare? And why…what tangible benefits will you gain? Join (ISC)² for a panel discussion as industry professionals share their stories, experience and tips toward preparing for the Certified Cloud Security Professional certification. Areas for discussion will include:

    - Why you should consider CCSP
    - How to prepare for CCSP
    - How CCSP can accelerate your career progression
  • Cyber Insurance: Optimizing Costs While Minimizing Risk Nov 11 2021 6:00 pm UTC 60 mins
    Srikrupa Srivatsan, Director, Product Marketing, Infoblox; Brandon Dunlap, Moderator
    With hybrid workplaces now the new norm and supply chain attacks on the rise, there’s an increased exposure to cyber-attacks, which can cause substantial disruption to any organization or industry. This increased exposure is forcing companies to not only invest and improve their own cybersecurity posture, but also manage third party risk and protect against cyber risks with cyber insurance. Certain best practices and technologies help reduce your risk and improve your security score while helping to keep insurance premium costs low. DNS security is one such approach that provides extended visibility, protection and security automation to improve a company’s security posture.

    Join Infoblox and (ISC)2 November 11th, at 1 p.m., ET/ 10 a.m. PT for this webinar to learn more about:

    o Why organizations invest in cyber insurance

    o Getting the most out of cyber insurance

    o How DNS security improves security scores and reduces cyber insurance premiums
  • (ISC)2 Town Hall 2021 Oct 18 2021 5:00 pm UTC 90 mins
    Clar Rosso, Zachary Tudor, Lori Ross O'Neil and Dr. Casey Marks
    Join us for (ISC)2 Security Congress Town Hall to learn what’s next for (ISC)2 and hear directly from members of the Board of Directors.

    CEO Clar Rosso will provide a strategic update for our association, including recent accomplishments and milestones, as well as what members can expect in 2022 and beyond.

    Then, a panel consisting of (ISC)² Board members and management will answer members’ questions about the association, membership, certifications, workforce trends and other cybersecurity issues and challenges facing the profession.

    Town Hall is open to (ISC)2 members and associates, as well as all Security Congress attendees.

    Featuring:
    Clar Rosso, CEO, (ISC)2
    Zachary Tudor, CISSP, Board of Directors Chairperson
    Lori Ross O'Neil, CISSP Board of Directors Vice Chairperson
    Dr. Casey Marks, Chief Qualifications Officer, (ISC)2
  • Surviving a Ransomware Attack: Disaster Recovery for Critical Cloud & PC Data Sep 28 2021 5:00 pm UTC 60 mins
    Chris Alden, Senior Sales Manager, Synology; Brandon Dunlap, Moderator
    During 2020, the worldwide shift to remote work led to a staggering rise in cybercrime, as criminals targeted gaps in previously secure on-site networks. With over 50% of employers expecting to keep employees working remotely, and payments for a ransomware attacks averaging $100,000, businesses must work proactively to protect their data. It is essential for business to have an effective plan in place to protect at-risk systems, detect and mitigate ransomware attacks in real time, and quickly restore affected systems. Join Synology and (ISC)2 on September 28, 2021 at 1:00 p.m. Eastern/10:00 a.m. as we discuss actionable strategies for ransomware preparedness and look at real-world examples and case studies.

    Key takeaways include:

    Actionable ransomware preparedness tips

    Protecting PC data and the elements of a robust ransomware recovery plan

    Why and how to backup Microsoft 365 & Google Workspace data

    Setting up remote backup to a secondary server or cloud
  • Prioritizing Security for Your Cloud Native Initiatives – A Maturity Model Recorded: Sep 23 2021 62 mins
    Rani Osnat,VP Strategy & Product Marketing,AquaSecurity;Doug Cahill, VP Analyst Services & Senior Analyst, ESG;B Dunlap, Mod
    Aqua Security and ESG Research have partnered to survey and understand how organizations go about addressing challenges of security cloud native applications. With multiple stakeholders across engineering, DevOps, cloud, security and compliance teams, and competing priorities for addressing security pain points, many organizations are either stopping short of fully implementing the needed processes and tools, or conversely fail because they try to do too much at once. Join Aqua Security, ESG Research and (ISC)2 on September 23, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as we review some of the key considerations as well as benchmark results from our survey to date.
  • CISSP- Tales of the Unexpected Recorded: Sep 21 2021 59 mins
    AJ Yawn, Jerome Leach and Angus Macrae
    When you tell people you’re thinking about CISSP, you’ve probably been told:

    • CISSP is globally renowned - those holding it are highly sought-after.
    • Achieving certification means you get paid more.
    • CISSP is HARD to earn.
    • It’s a LONG exam.

    But what you probably haven’t heard are the unexpected surprises along the way CISSPs never imagined in their certification journey. For example, learning that CISSP is a broad certification that focuses on governance: Do you understand the technology? The people? The management?

    Join us for a panel discussion as CISSP-certified members share their personal stories and the unanticipated ways certification continues to benefit their careers. After all is said, you’ll be amazed at what CISSP can do for you in your professional growth and career.

    Hear expert insights from: AJ Yawn, Jerome Leach and Angus Macrae
  • Crossing the CAASM: The Evolution of "Asset Management" Recorded: Sep 16 2021 60 mins
    Ronald Eddings & Chris Cochran, Hosts, Hacker Valley Studio Podcast; Brandon Dunlap, Moderator
    As IT and security teams struggle to manage a complex sprawl of devices, users, cloud services, and software, there's one certainty we can rely on (thanks to the second law of thermodynamics): things will only get more complex.

    But there's good news.

    What we previously thought of as "asset management" has evolved. Today, we have “asset intelligence”, which moves from a spreadsheet approach — focused on getting an inventory of devices — to an API-driven, always up-to-date way of seeing all assets through integrations of existing tools, data correlation at scale, and querying capabilities to find and respond to gaps. Join Axonious and (ISC)2 on September 16, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific and hear from Ronald Eddings and Chris Cochran, producers and hosts of the Hacker Valley Studio Podcast and learn how this new approach to asset intelligence and the emerging Cyber Asset Attack Surface Management (CAASM) category helps IT and security teams improve security hygiene, reduce manual work, and remediate gaps.
  • DoD 8570 and Beyond: (ISC)2 Certifications to Get Your Team in Compliance Recorded: Sep 15 2021 50 mins
    Mirtha Collin, Elizabeth Cardona
    The U.S. Department of Defense (DoD) Directive 8570.1 requires every full- and part-time military service member, defense contractor, civilian and foreign employee with "privileged access" to a DoD system — regardless of job series or occupational specialty — to get an approved IA baseline certification. Which certifications are the right fit for your team?

    Government agencies have trusted (ISC)² to train and certify their cybersecurity personnel for more than two decades. With the recent addition of (ISC)2 Certified Cloud Security Professional (CCSP) and HealthCare Information Security and Privacy Practitioner (HCISPP) certifications, the entire portfolio of (ISC)² certifications now meet the requirements for different security workforce categories within the Department, depending on the functional area the role covers. Discussion topics include:

    • How to Become DoD 8570 Compliant
    • (ISC)2 Certifications Overview: IA Baseline Certification Requirements
    • How to Maximize Your Training and Certification Budget
    • Keep Your Team’s Cybersecurity Skills Sharp

    Be prepared for 45 minutes well-spent and discover how (ISC)2 can help you train and certify your team to become DoD 8570 compliant.
  • Building Cyber Resilience with Managed Phishing and Security Awareness Training Recorded: Sep 14 2021 59 mins
    Mark Sangster, V.P. and Industry Security Strategist, eSentire; Brandon Dunlap, Moderator
    The majority of crippling cyberattacks begin with a simple phishing email. And while most companies provide some form of annual training, they focus on overly simplistic lures taken from public events that fail to represent the real danger of targeted criminal campaigns. Join eSentire and (ISC)2 on September 14, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as they explore how to build a comprehensive training and testing program that leverages realistic threat scenarios to foster context-relevant security awareness that drives behavioral change:

    · Use risk management data and accurate phishing lures to build comprehensive awareness training

    · Maximize your resources and programs to increase return on investment

    · Conduct testing that improves resilience

    · Meet regulatory requirements and demonstrate program success to your leadership
  • Ransomware Deep Dive: To Pay or Not to Pay? Recorded: Sep 9 2021 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Colonial Pipeline, CNA Financial, JBS Foods, Garmin, and Travelex. All victimized by high-profile ransomware attacks. All paid ransoms. Did these companies do the right thing by paying ransoms to accelerate data and system recovery? Or are they merely funding the ransomware industry and prompting even more attacks? Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he reviews key findings from CyberEdge’s 2021 Cyberthreat Defense Report. In this webinar, Steve will:
    - Examine disturbing ransomware trends, by country and by industry
    - Evaluate key factors that go into deciding whether to pay ransoms
    - Outline ways to be prepared for a successful ransomware attack
    - Review technologies to help give security teams the upper hand
  • Inside (ISC)2: Updates on Global Events Program Recorded: Aug 31 2021 59 mins
    Clar Rosso, CEO, (ISC)2; Megan Gavin, Director, Events, (ISC)2
    Clar Rosso, CEO of (ISC)2 shares her insights on what’s happening at our association. Join us for this quarterly update in which we cover the latest developments at (ISC)2, ranging from certification to member benefits, continuing education and events, to major milestones and achievements. On August 31, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific, Megan Gavin, Director of Events at (ISC)2 joins Clar to provide an overview of what to expect at this year’s annual Security Congress taking place this October 18-20, as well as the new global (ISC)2-hosted events being planned for 2022.
  • Inside (ISC)² Quarterly Board Update, 2021 (Q3) Recorded: Aug 20 2021 14 mins
    Zachary Tudor, CISSP, (ISC)² Board of Directors Chairperson and Clar Rosso, CEO, (ISC)²
    (ISC)² Board of Directors Chairperson, Zachary Tudor, CISSP and CEO Clar Rosso update members on accomplishments in Q3 of 2021 including the association’s strategic roadmap, new achievements and milestones, the latest on our certifications, new professional development opportunities, member offers and more. The Q3 2021 update includes membership milestones, association accreditations and new executive leadership focused on member benefits and advocacy. (ISC)² continues to concentrate on global diversity, equity and inclusion initiatives and examining the workforce gap.
  • DDoS Trends and the Ransomware Threat Recorded: Aug 19 2021 58 mins
    Ameet Naik, Product Marketing, Cloudflare; Brandon Dunlap, Moderator
    DDoS attacks have dominated the charts in terms of frequency, sophistication, and geo-distribution over the last year. More recently, we have seen a surge in Ransom DDoS attacks — that usually accompany or follow ransomware attacks. This can cripple an organization’s attempt to respond effectively to these threats. Join Cloudflare and (ISC)2 on August 19, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as we examine key DDoS attack trends from Q2 2021, ransom DDoS threats (and what you can do if you are affected) and steps organizations can take to make the impact of DDoS attacks a thing of the past.
  • The 'Hottest' IT Security Technologies in 2021 Recorded: Aug 18 2021 59 mins
    Steve Piper, CISSP, Founder & CEO, CyberEdge Group
    Want to know which IT security technologies are hot and which ones are not? Join Steve Piper, Founder & CEO of CyberEdge (and a proud CISSP), and (ISC)2 as Steve reviews key purchase insights from the 2021 Cyberthreat Defense Report. Specifically, this webcast will identify those security technologies most widely deployed and most planned for acquisition in 2021 so you can benchmark your company’s current and planned investments against your peers. We'll review adoption rates of emerging technologies, such as ZTNA and SASE, and examine purchase intent across five key security technology categories, including:

    • Network security
    • Endpoint security
    • Application and data security
    • Security management and operations
    • Identity and access management
  • Ransomware and Your Remote Workforce: Zero Trust for the Endpoint Recorded: Jul 29 2021 54 mins
    Katey Wood, Product Marketing Director, Illumio; Brandon Dunlap, Moderator
    How well is your remote workforce secured against Ryuk and other ransomware – or will you find out once they return to the office? How businesses are protecting employee endpoints, on or off the corporate network, as we shift to a hybrid work model? Join Illumio and (ISC)2 on July 29, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific to find out how to benchmark your own IT efforts to prevent mass infections, and learn how to achieve Zero Trust for the endpoint, with default containment to stop the spread before it starts. We will also cover:

    · What security visibility and control does IT have into endpoints on ungoverned home networks?

    · How can businesses prevent the spread of ransomware like Ryuk to avoid mass endpoint infections?

    · How can Zero Trust security support a hybrid model as employees – and their endpoints – start returning to the office?
  • Darktrace #3: Securing Smart Cities with Cyber AI Recorded: Jul 27 2021 60 mins
    Marcus Fowler, Director of Strategic Threat, Darktrace; Brandon Dunlap, Moderator
    In recent months, major incidents such as the attack related to SolarWinds has led organizations to reevaluate their cyber security strategy. Governments and municipalities in particular, who are facing threats from increasingly professional threat-actors, need robust and adaptive defenses to secure critical data and infrastructure. While traditional tools rely on rules and signatures to spot signs of known threats, cyber-criminals continue to innovate and circumvent these defenses with new tools, techniques, and procedures. For this reason Cyber AI is becoming increasingly critical for its ability to understand ‘normal’, and detect and respond to subtle deviations indicative of a cyber-threat. Join Darktrace and (ISC)2 on July 27, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Darktrace’s Director of Strategic Threat, Marcus Fowler explores:

    o The unique challenges facing the digital infrastructures of cities and nations

    o Top cyber incidents of 2021 and what they show us about government cyber-risk

    o Case studies of Darktrace municipal customers
  • Is your Network Security Prepared for the Post-Pandemic World? Recorded: Jul 22 2021 62 mins
    Vikram Phatak, CEO, CyberRatings.org; Amritam Putatunda, Sr. Tech Product Manager, Keysight; Brandon Dunlap, Moderator
    The pandemic Work From Home (WFH) era fueled a dramatic shift to edge networking using technologies like SASE, SD-WAN, and cloud. With all the changes in the network, it is only reasonable to expect change in how you test and troubleshoot these new technologies and approaches. Join Keysight and (ISC)2 on July 22, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as we explore the industry’s first cloud-native test solution, Keysight CyPerf as a new way of testing.
  • Key Results from the 2021 Cloud Security Report Recorded: Jul 20 2021 59 mins
    Holger Schultze and Steve Prentice
    The 2021 Cloud Security Report, sponsored by (ISC)2, explores current cloud security trends and challenges, how organizations are responding to security threats in the cloud and reveals tools and best practices organizations are considering.

    Based on a comprehensive survey of 783 cybersecurity professionals conducted in early 2021 to uncover how cloud user organizations are responding to security threats in the cloud, and what training, certifications and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

    Join (ISC)2 on July 21, 2021 at 1:00PM Eastern for highlights of the results and to get key insights including:
    •A majority of cybersecurity professionals (96%) confirm they are at least moderately concerned about public cloud security, a small increase from last year’s survey.
    •For the second year in a row, the key barrier to cloud adoption, organizations mention was a lack of qualified staff (39%) as the biggest impediment to faster adoption.
    •More than half of organizations (57%) expect their cloud budgets to increase over the next 12 months.
    •When asked how organizations rate their overall security readiness, 73% rate their team’s security readiness average or below average. Of those, 78% believe their teams would benefit from cloud security training and/or certification.
  • Your Ransomware Hostage Rescue Guide Recorded: Jul 15 2021 58 mins
    Erich Kron, CISSP, Security Awareness Advocate, KnowBe4; Brandon Dunlap, Moderator
    Ransomware attacks are on the rise — and they’re estimated to cost global organizations $20 billion by 2021 with government agencies, healthcare providers, and educational institutions in the U.S. impacted by ransomware attacks at a cost of more than $7.5 billion in 2019 alone. As ransomware attacks become more targeted and damaging, your organization faces increased risk that can have your networks down for days or even weeks. So, how can your organization avoid getting held hostage? Join KnowBe4 and (ISC)2 on July 15, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as Erich Kron CISSP, Security Awareness Advocate at KnowBe4 looks at the scary features of new ransomware strains, gives actionable info that you need to prevent infections, and provides tips on what to do when you are hit with ransomware.
  • Darktrace #2: Cyber AI and Protecting the Innovation that Drives Transportation Recorded: Jul 13 2021 59 mins
    Justin Fier, Darktrace Director of Cyber Intelligence & Analytics; Brandon Dunlap, Moderator
    Organizations in the automotive industry and cyber-physical transportation ecosystems face unique security challenges. Self-learning AI has provided an answer to keep pace with the rapid changes in the threat landscape and industrial technologies, with its ability to detect never-before-seen attacks and adapt to any changes in infrastructure. Join Justin Fier, Darktrace’s Director of Cyber Intelligence & Analytics and (ISC)2 on July 13, 2021 at 1:00 p.m. Eastern/10:00 a.m. Pacific as he examines the security challenges facing the automotive industry and cyber-physical transportation ecosystems. We’ll also examine:

    o How CASE innovations in the transportation sector complexify the cyber threat landscape

    o How McLaren Racing is using AI to protect their critical systems

    o The benefits of Autonomous Response in fighting back against emerging cyber-threats at machine speed
(ISC)² Security Briefings - In-depth examination of infosec topics.
(ISC)² Security Briefings brings attendees both stand alone webcasts and multi-part series on cutting edge infosecurity topics that gets deeper into the subject matter and technologies presented by subject matter experts.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Swimlane #2: SOARing Beyond Expectations - Automating Atomic Red Team Testing
  • Live at: Nov 5 2020 6:00 pm
  • Presented by: Julie Rockett, Sr Prod Marketing Mgr, Swimlane; Jay Spann, Technical Prod Marketing Mgr, Swimlane; Brandon Dunlap, Moderator
  • From:
Your email has been sent.
or close