Hi [[ session.user.profile.firstName ]]

Maintain Control of Your Business: Protect your Domain Controller from Kerberos

Advanced threats follow a regular pattern of crashing through the perimeter, compromising a credential and then using the acquired access to move throughout the network and escalate privileges until sufficient privileges are obtained for the threat actor to complete their primary objective.

In many cases, the attack requires, or is focused on, achieving domain administrator privileges because of the unrestricted access and control these credentials provide. With domain administrator credentials, attackers are able to execute one of the most dangerous Kerberos attacks that exists: a Golden Ticket attack. This enables attackers to operate completely under the radar by impersonating authorized users. Organizations can mitigate the risk of Golden Ticket attacks and other Kerberos-based attacks with proactive controls.

In research conducted by CyberArk Labs, it has been shown that in many networks, most machines can serve as a starting point for an attack that can compromise the network using hijacked credentials. This means that an attacker only has to get lucky once to gain access to the majority of the network.

Join (ISC)² and CyberArk in this webinar and learn how to:
•Mitigate the risk of credential theft
•Manage and secure domain administrator credentials
•Control and isolate privileged sessions
•Detect malicious behaviour in real time
Recorded Dec 8 2015 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Adrian Davis: Managing Director, (ISC)² EMEA; Alex Wilson: Professional Services Manager, CyberArk
Presentation preview: Maintain Control of Your Business: Protect your Domain Controller from Kerberos

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Jul 9 2018 11:00 am UTC 60 mins
    Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, Membership Services Team, (ISC)² EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Cybercrime, Cults and Confraternities: The Evolution of Nigerian 419 Email Scams Jun 26 2018 11:00 am UTC 60 mins
    Lindsay Drabwell, Head of Membership Services EMEA, (ISC)², Zeki Turedi, Technology Strategist EMEA, CrowdStrike
    As eCrime has evolved over the past decade, Nigerian cybercriminals have evolved too. 419 scammers or 'Yahoo Boys' running simple Nigerian prince scams have graduated to criminal confraternities conducting sophisticated business email compromise (BEC).

    In 2017 CrowdStrike Services were repeatedly called in to organisations affected by BEC. Although non-technical in nature, the operations yield highly effective results.

    In this webinar we'll share CrowdStrike Intelligence outlining:
    - The techniques, tactics and procedures of these threat actors
    - How BEC affects all geographical regions, involving fraud on multiple continents
    - Steps you can take to protect your organisation
  • Using Inline Security Tools to Achieve Your Security Goals Jun 19 2018 11:00 am UTC 60 mins
    Adrian Rowley, Technical Director EMEA, Gigamon, Lindsay Drabwell, Head of Membership Services EMEA, (ISC)²
    Inline security tools operate by actively preventing threats in your network, but deploying and optimising these tools presents several challenges to both network and security engineers. The downsides can include a potential point of failure, degradation of network and application performance, difficulty to scale and upgrade.
    The use of a next-generation packet broker and its inline bypass functionality can mitigate these challenges.
    Join Gigamon and (ISC)² EMEA in this webinar where we aim to examine how inline bypass can overcome physical deployment obstacles, maximise network availability, increase the scale of inspection and reduce the impact to network performance.
  • The War Against Ransomware: Can You Afford the Downtime? May 31 2018 11:00 am UTC 60 mins
    Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, Björn Leenen, Engineer, Datto
    This session will review the history of Ransomware and the need to know strategies to protect business against it, particularly how business continuity and disaster recovery can save your company when disaster strikes. Delivered by Björn Leenen, CISSP, solution provider and sales engineer by day and night with 20 years of IT and security experience, participants will also be treated to an inside view of the a real ransomware infection with all the statistics and facts to go with it.
  • Crypto Crime: Hunting for Cryptocurrency Mining in Your Enterprise May 29 2018 1:00 pm UTC 60 mins
    Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, Tom Kellermann, CISO, Rick McElroy, Sec. Strategist, Carbon Black
    2018 is shaping up to be an important year for not just Bitcoin, but the many new cryptocurrencies that seem to be popping up by the day. Attackers have discovered that mining cryptocurrency can prove to be a very profitable endeavor if they can leverage someone else's computing resources.
    To ensure that organisations have full visibility into all activity in their environments, Tom Kellermann – Chief Security Officer and Rick McElroy – Security Strategist from Carbon Black will walk you through the key pointers you need to know about how to hunt for malicious mining malware in your enterprise and ensure your critical business resources aren't generating profit for the adversary on your dime.
    In this webinar you will hear all you need to know for a Cryptocurrency Mining 101, as well as learning about:
    •Monero - What is it, and why use it?
    •Indicators of cryptominers
    •Using Carbon Cb Response to hunt for miners
  • The SIEM That Gives SIEM a Good Name Recorded: May 22 2018 59 mins
    Lindsay Drabwell, Head of Membership Services EMEA, (ISC)², Avi Chesla, CTO and Founder, empow
    In their attempt to defend against the increasing volume of advanced attack campaigns, organisations are buying more and more security solutions, unwittingly creating a complex and cumbersome cybersecurity architecture.
    SIEM systems were supposed to be the industry’s solution to this problem, but they have failed miserably. Today’s SIEM systems create more problems than they solve, are very expensive, and ultimately ineffective.

    This webcast led by Avi Chesla, empow founder and CTO, will review the evolution of SIEM technology over the years, the fundamental flaws in its design, and why it has failed. He will then dive into the technology behind next-generation SIEM, and the major role played by AI in it, so that InfoSec teams can cut through the noise in the cybersecurity arena and effectively evaluate the next wave of solutions: SIEM that finally works for you, instead of the other way around.
  • Security as a Service: Bringing Security Into the DevOps Age Recorded: May 15 2018 45 mins
    Lindsay Drabwell, Head of Membership Services, (ISC)² EMEA, Josh Kirkwood, DevOps Security Lead, CyberArk
    DevSecOps seems to be the magic word, but for many people it may lack definition and clarity. During this presentation, Josh Kirkwood from the CyberArk DevOps team explains how normal security folk can become part of this revolution and start seeing how they can contribute to the velocity.
  • The Secrets to an Effective Insider Threat Program Recorded: May 8 2018 53 mins
    Nathaniel Ford, Moderator, (ISC)² EMEA, Mayank Choudhary, Vice President, Observe IT
    With three million records stolen every day, insider threats are quickly becoming the greatest cybersecurity threat organisations face today. Unfortunately, the most trusted people - contractors, vendors, privileged users and business users - often create the most risk. Whether insider threats are unintentional or malicious, the secret to quickly identifying and eliminating them starts with a people-centric approach. Attend this webinar to learn best practices for building and maintaining an effective insider threat program.

    You will learn:
    - Why insider threats are prevalent, despite many organizations implementing a layered defense approach
    - How to stop insider threats in their tracks, through comprehensive visibility, real time intelligence and policy enforcement
    - Why you need to focus on people, process and technology, in that order
  • CISO Says: Interview with David Fox, Head of Security at BAE Systems Recorded: Apr 30 2018 47 mins
    Nathaniel Ford, Moderator, (ISC)² EMEA, David Fox, Head of Security, BAE Systems Applied Intelligence
    In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Apr 16 2018 58 mins
    Nathaniel Ford, Moderator (ISC)² EMEA, Membership Services Team, (ISC)² EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
  • Why I Am Ignoring GDPR and Focusing on Protecting My Data by Design Recorded: Apr 3 2018 61 mins
    Adrian Davis, Director of Cybersecurity Advocacy for EMEA, (ISC)², Matt Middleton-Leal, EMEA General Manager, Netwrix
    Why is it better to implement data protection by design than just meet the regulatory requirements of GDPR? The answer is simple: if you build privacy and security directly into your technology, design and operations, you will create a secure foundation for the future, improving your security posture and reducing costs going forward. This concept is not new, however we continually see organisations taking the reactive approach, and then being surprised when they are compromised.
    In our webinar General Manager EMEA at Netwrix, CISSP Matt Middleton-Leal will discuss, how to create and implement data protection by design strategy:

    What are the 7 Foundational Principles of privacy by design?
    How can privacy assurance become an organization’s default mode of operation?
    What is the risk-based approach for implementation of data protection by design?
  • Part 2: Is DNS a Part of Your Cyber Strategy? Recorded: Mar 29 2018 61 mins
    Adrian Davis, (ISC)² EMEA, Peter Goodwin, Infoblox, Mo Cashman, McAfee
    Today, 91% of malware uses DNS to carry out campaigns once it has breached the perimeter. In a recent SC Magazine survey, 46% of survey respondents said they experienced DNS-based data exfiltration. DNS traffic is not investigated or filtered by firewalls and thus is a gap that is commonly exploited by malicious actors.

    Solving these challenges requires:
    •Visibility into DNS traffic
    •Plugging the DNS security gap with a multipronged approach to threat detection
    •Integration between DNS Security and other security tools that are part of the ecosystem

    As part of the continued DNS Security webinar series, please join (ISC)², Infoblox and McAfee for this interactive discussion and learn more on why DNS should be part of your cyber strategy.

    For part 1 in this series: paste the following URL into your browser: https://www.isc2.org/News-and-Events/Webinars/EMEA-Webinars/Focused-Webinars?commid=293803&part2
  • CISO Says: Interview with Mike Loginov, Public Sector Cyber Security Strategist Recorded: Mar 26 2018 62 mins
    Adrian Davis, Director of Cybersecurity Advocacy for EMEA, (ISC)² EMEA, Mike Loginov, Cyber Security Strategist
    In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format. They provide insight into the path he took to become CISOs and how they are reinventing the role in the face of accelerating industry change.
  • As Attackers Evolve, So Must Machines:Advancing Machine Learning Beyond the Hype Recorded: Mar 20 2018 55 mins
    Adrian Davis, Director of Cybersecurity Advocacy, (ISC)² EMEA, Jon Ross, Director of Engineering, Carbon Black
    The demand for machine learning (ML) in security is growing fast. There are countless approaches, but there’s also a lot of hype. This webinar provides a frank assessment of the strengths and weaknesses of static analysis, decompilation, detonation, in-context analysis, artificial intelligence and other emerging approaches, all grounded in real-world examples and specific algorithmic details.
  • GDPR Compliance - Don’t Let Your SIEM Be Your Downfall Recorded: Mar 13 2018 61 mins
    Adrian Davis, Director of Cybersecurity Advocacy for EMEA, (ISC)², Matthias Maier, Product Director, Splunk
    Whatever SIEM solution you operate, it is highly likely that personal information is captured in the log data such as phone numbers, email addresses, cookies, RFID’s, geolocation and more. If it can identify an individual in combination with other data, you must ensure that you’re not in breach of the GDPR. To help give guidance on this, we have conducted detailed analysis on how you should treat your SIEM solution and log data under the GDPR. Join the webinar to:
    •Learn the most relevant aspects of GDPR, to understand its impact on log management
    •Understand the risk of processing and storing log data in the context of GDPR
    •Discover your obligations and the precautions you can take to comply and maintain visibility
    •Observe specific compliance guidance and relevant use cases for network and information security logs
  • Detecting the Risk Obscured in Hidden Parts of Kerberos Recorded: Mar 8 2018 51 mins
    Nathaniel Ford, Moderator, (ISC)² EMEA, Ido Hoorvitch, Security Research, CyberArk Labs
    As long as Kerberos communication is not being decrypted, attackers get an opportunity to act freely using Kerberos without being detected because the encryption is being handed to them on a silver platter. Because Microsoft’s native software uses Kerberos, once control over a computer in a network is obtained, attackers can hide their activities and easily blend into a detection-less highway.

    Attend this webinar presented by the CyberArk Labs team to learn how decrypting the Kerberos protocol can bridge the gap between attackers and the defensive side by providing the defenders a real view over the network.

    We’ll discuss:
    •Why SIEM solutions are blind to this attack maneuver
    •Kerberos basics
    •Kerberos attacks overview
    •Kerberos attacks detection – considerations and limitations
    •Decryption – exposing the attack

    Speakers:
    Ido Hoorvitch
    Lavi Lazarovitz
  • 2018 Phishing Trends: New year. New threats. Same dark intentions. Recorded: Feb 20 2018 61 mins
    Adrian Davis, Director of Cybersecurity Advocacy for EMEA, (ISC)², Mollie Holleman, Senior Intelligence Specialist, Phishme
    Join (ISC)² EMEA and PhishMe for a look back at 2017’s threats and a look ahead. We’ll provide an overview of what PhishMe's Intelligence team uncovered, discuss trends in phishing-delivered malware, and analyse how various delivery vectors evolved.

    Some of the trends we’ll discuss:
    •The implications of last year’s major global cyber-events, such as WannaCry and NotPetya
    •The emergence of new ransomware families
    •The abuse of legitimate functions built into business-critical software platforms to deliver malware
    •The favouring of modularity and plug-in accompaniments to lightweight botnet and stealer malwares
    •New ways cyber-criminals are obtaining cryptocurrency

    Cyber-crime won’t slow down. Take this opportunity to learn from the recent past as you deal with current threats and prepare for whatever’s next.
  • GDPR - Burden or Benefit? Recorded: Feb 7 2018 62 mins
    Adrian Davis, Ardi Kolah, William Richmond-Coggan, Mandeep Sandhu
    Ask a CISO what is keeping them awake at night and all too often, they will mention their organisation’s readiness for the upcoming General Data Protection Regulation (GDPR) legislation. A recent survey showed that only a third of respondents are already compliant or on target to be compliant with the GDPR. But how has the GDPR earned its fearsome reputation?
    Supporting this debate is Ardi Kolah, Executive Fellow and Director of the GDPR Transition Programme at Henley Business School who will be discussing the implications of GDPR for business, along with William Richmond-Coggan from Pitmans Law who will be addressing the legal implications of GDPR as well as the opportunities for your business.
    The panel will be joined by Mandeep Sandhu, Compliance Technical Director for Carbon Black who will show how the security threat landscape could affect your business's GDPR compliance.
    Key Takeaways:
    •What you need to do to approach the May 2018 GDPR deadline with confidence.
    •How taking data security and privacy seriously is actually a great opportunity for your business
    •The security threat landscape, and how current threats could affect GDPR compliance
    Moderator: Adrian Davis, MD (ISC)² EMEA
  • Golden SAML Are The New Golden Tickets Recorded: Jan 30 2018 59 mins
    Nathaniel Ford, Moderator, (ISC)² EMEA, Shaked Reiner, CyberArk Labs Researcher
    In this webinar, we will explore a new attack vector that CyberArk Labs has discovered and dubbed “golden SAML.” The vector enables an attacker to create a golden SAML, which is basically a forged SAML “authentication object,” and authenticate across every service that uses SAML 2.0 protocol as an SSO mechanism.

    The team from CyberArk Labs will discuss how in a golden SAML attack, attackers can gain access to any application that supports SAML authentication (e.g. Azure, AWS, vSphere, etc.) with any privileges they desire and be any user on the targeted application (even one that is non-existent in the application in some cases).

    They'll then demonstrate their new tool, shimit, that implements a golden SAML in order to compromise an AWS account from within a Microsoft domain.
  • Guide to your (ISC)² Membership in EMEA: Benefits, Maintenance & Opportunities Recorded: Jan 29 2018 61 mins
    Nathaniel Ford, (ISC)² EMEA, Membership Services Team, (ISC)² EMEA
    Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
    - CPE opportunities, member benefits and getting involved
    - Updates on (ISC)² news, developments and changes in your region
    - Your membership requirements summarized
    - Who are the (ISC)² EMEA team and how we can help you
    - Focus discussions
    - Q&A session
(ISC)² EMEA Secure Webinars
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² EMEA Secure Webinars Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Maintain Control of Your Business: Protect your Domain Controller from Kerberos
  • Live at: Dec 8 2015 12:00 pm
  • Presented by: Adrian Davis: Managing Director, (ISC)² EMEA; Alex Wilson: Professional Services Manager, CyberArk
  • From:
Your email has been sent.
or close