Michael Katz, Security Specialist, Infoblox, Brandon Dunlap, Moderator, (ISC)²
Constantly evolving threats and shortage of qualified cybersecurity professionals have led security teams to move to security workflow automation to meet the demands. It’s not enough to have a great tool nowadays. These tools have to work better together to meet today’s security challenges. Security orchestration, automation and response (SOAR) tools improve efficiency and efficacy of security operations by automating threat intel management, event monitoring and incident response processes.
One of the key sources of contextual network and threat intel data comes from infrastructure that organizations already rely on for connectivity – DNS, DHCP and IPAM. This data along with timely, reliable and accurate threat intel can be used to improve scoring and investigation, assist in prioritizing incoming incidents, and can be relied upon to build automation.
Join this webinar to learn how a well architected DNS, DHCP and IPAM can power SOAR platforms to:
-Block/unblock domains using context
-Enrich other security tools with valuable IPAM data
-Enhance and improve incident response with better threat intelligence
Defending against modern adversaries requires the ability to detect and to understand threats quickly, and to respond decisively. CrowdStrike’s experts fight and win these battles every day, and have one of the industry’s most comprehensive pictures of today’s top cyber threats. Join CrowdStrike for a deep dive into global observations and trends, and real-world intrusion case studies, delivering deep insights on modern adversaries, and their tactics, techniques, and procedures (TTPs).
-Why “speed” is the new critical metric in cybersecurity.
-How organisations are using the MITRE ATT&CK framework to shorten the time to investigate and understand threats.
-Trends in adversary tradecraft, as seen across 1000s of real-world intrusion attempts.
-Action plans that you can use to ensure your organisation is ready to anticipate and defend against the most dangerous threats of tomorrow.
Matthias Maier, EMEA Director of Product Marketing, Splunk, Brandon Dunlap, Moderator, (ISC)²
What is the MITRE ATT&CK framework? Where did it come from? Why and how should you use it? Get the answers to all of these questions, as security experts from Splunk take a practical look at how your SOC and SIEM can apply the MITRE ATT&CK framework. Ensure the coverage of known TTP’s of threats your business is exposed to, to improving threat hunting and detection of Adversary’s. Join this webinar to discover:
• What the MITRE ATT&CK framework is, and why it should be used
• How to align your use cases to the MITRE ATT&CK framework
• How to navigate an ATT&CK Threat group TTP's
• How to track and monitor your detection capabilities to ensure wide coverage
Ollie Sheridan, Principal Engineer Security, Gigamon, Chris Green, Head of PR and Comms EMEA, (ISC)²
For many years the choice for monitoring networks has been focussed on the collection and Analysis of raw packets. With the increasing need for multiple tools and SIEM's to get access to this data, along with requirements from Forensic Response teams, a more streamlined method of understanding the behaviour of traffic and user behaviour is required. Whilst NetFlow version 5 and 9 do provide some visibility, there are challenges such as sample rates and lack of Application Layer inspection that need to be addressed.
Join us for this webinar to learn more about how you can:
-Produce rich Metadata from network traffic and dive into the Application Layer
-Use this rich Metadata for Security, Forensics and Business Intelligence purposes
-Generate Metadata based on the application rather than the IP & Port
-Ensure that the Application traffic, regardless of port spoofing, produces the correct Metadata
Liam Cleary, Microsoft MVP, CEO, SharePlicity, Dan Goater, Solutions Engineer, Netwrix, Brandon Dunlap, Moderator, (ISC)²
Office 365 has become the platform of choice for document collaboration and sharing. If you’re using Microsoft Office 365 or planning to migrate there, understanding the types of security attacks you can expect is imperative.
Discover how to:
- Simulate common Office 365 attacks
- Test and educate your end users
- Spot attacks in their early stages
David Warburton, Senior Threat Research Evangelist, F5 Networks, Brandon Dunlap, Moderator, (ISC)²
Distinguishing between good bots, bad bots, and humans is a major challenge. Today, over 50% of online traffic is generated by bots and they are involved in nearly every attack. Identifying malicious bots and safeguarding against them is now a top priority for organisations developing a sustainable security strategy.
Join us for this webinar to learn:
• How bots infect, propagate, and attack applications
• What types of application attacks are commonly performed by bots
• How you can defend against bad bots without disrupting the good ones
Despite investment in next-gen technologies and employee awareness training, phishing threats continue to become more sophisticated and more effective. It’s time for organisations to accept that REAL phish are the REAL problem. Join the Cofense Phishing Threat Landscape review to discover the trends defining phishing in 2019 and priorities for defending your organisation going forward.
Attend this webinar to learn how attackers are:
•Using major malware types and their innovative tactics, techniques, and procedures
•Intensifying credential theft as organizations move infrastructure and applications to the cloud
•Evolving Emotet and the threat actors behind the botnet
•Increasing proliferation of sextortion phishing emails
We’ll examine the obvious changes in the phishing threat landscape, plus look ahead at trends shaping 2019.
James Packer, CISSP, London; Chuan-Wei Hoo, CISSP, Singapore; James R. McQuiggan, CISSP, United States; B. Dunlap (Moderator)
More than 130,000 information security professionals have invested time, determination and resources to attain the CISSP certification. Join (ISC)² members from different regions on May 21, 2019 at 10:00AM Eastern as we discuss what pain points, issues and challenges they encounter in their day-to-day work life, as well as solutions, tips and best practices they have developed along the way. We’ll also examine how the CISSP certification has helped them with their job and career.
Lee Clark, System Engineer, Infoblox, Brandon Dunlap, Moderator, (ISC)²
Today, your users directly access cloud applications from everywhere. Transformative technologies such as SD-WAN, IoT and the cloud are borderless and complicate security. Non-standard IoT devices using non-standard protocols are rapidly proliferating. And yet, securing your digital transformation doesn’t require a new tool.
Instead, it takes a simple, scalable and integrated security solution that makes your existing security infrastructure smarter and more efficient. DNS is foundational to the Internet and IP-based communication. It is also the perfect foundation for security: simple to deploy, ubiquitous in networks, essential for connectivity and scalable to Internet size.
Join this webinar to learn how using DNS as a foundational security architecture can:
• Protect your brand by securing traditional networks and digital transformations
• Reduce time and cost of defending your enterprise against threats
• Detect and remediate problems automatically and provide data to the entire ecosystem
Max Heinemeyer, Director of Threat Hunting, Darktrace, Brandon Dunlap, Moderator, (ISC)²
Every day, security professionals around the globe face advanced cyber-threats, ranging from opportunistic malware to targeted, human-driven attacks. As we enter a new era of AI attacks that are hyper-stealthy and self-masking, how can organizations adapt their defenses? Join Darktrace’s Director of Threat Hunting, Max Heinemeyer, as he shares expert insights on the future of AI-driven cyber-attacks and the need for AI that fights back.
In this webinar, Max will:
· Present three scenarios of advanced cyber-attacks
· Illustrate how these sophisticated attacks can be supercharged with AI
· Explore the critical importance of deploying AI to prepare for this paradigm shift in the threat landscape
Rich Campagna, Bitglass, Steve Armstrong, Bitglass, Brandon Dunlap, Moderator, (ISC)²
As more organisations deploy cloud apps like Office 365, AWS, and Slack securing corporate data becomes a challenge. Cloud Access Security Brokers (CASBs) have emerged as the go-to solution for organisations that need end-to-end data security, from cloud to device. In fact, Gartner believes that by 2022, 60% of large enterprises will use a CASB to govern some cloud services.
In this webinar, we'll explore:
•Critical gaps in cloud applications that must be filled
•The 4 pillars of CASB
•What makes CASBs different from security solutions built natively into cloud apps like Office 365.
•Case studies on how leading enterprises leverage CASB to secure their cloud footprint.
Join us to learn how a CASB can help you meet your security and compliance requirements.
Abeer Khedr, InfoSec. Dir. at National Bank of Egypt, Brandon Dunlap, Moderator, (ISC)²
In the CISO Says Series, information security leaders share their experiences of what it means to be responsible for establishing and maintaining an enterprise's security vision and strategy in an interview format.
In this session Abeer Khedr, Information Security Director at the National Bank of Egypt will provide insight into the path she took to become a Cybersecurity Leader and how she is reinventing the role in the face of accelerating industry change.
This year’s CrowdStrike global threat report – Adversary Tradecraft and The Importance of Speed – is one of the industry’s most comprehensive reports on today’s leading cyber threats. It combines CrowdStrike’s comprehensive global observations with real-world case studies, delivering deep insights on modern adversaries and their tactics, techniques and procedures (TTPs).
Join us for a webcast featuring CrowdStrike’s John Titmus as he explores the global trends and observations the report reveals.
-Learn from real-world examples of how cybercriminals combine advanced, targeted attack techniques with ransomware to cause massive financial loss
-Gain insight into global ‘breakout time’ metrics and achieving the “1-10-60” rule to defeat adversaries and prevent a mega-breach
-Prepare for the now: discover the favourite TTPs seen over the last 12 months to predict what you should expect to see in 2019
Miguel Pinto, Senior Product Manager at BitSight, Brandon Dunlap, Moderator, (ISC)² EMEA
BitSight’s Peer Analytics allows organisations to understand their security programme performance at a more granular level, providing visibility to develop achievable improvement plans, allocate resources appropriately & consistently measure outcomes.
In this session you will learn how to:
• Determine the level of security performance that your company should attain to be ‘best-in-class’
• Profile organisations for communication and benchmarking purposes.
• Understand how specific risk vectors drive security performance.
• Determine the initial conditions for BitSight Forecasting
Join the Guide to Your (ISC)² Membership in EMEA webinar to learn more about these topics and others including:
- CPE opportunities, member benefits and getting involved
- Updates on (ISC)² news, developments and changes in your region
- Your membership requirements summarized
- Who are the (ISC)² EMEA team and how we can help you
- Focus discussions
- Q&A session
If you ask Gartner about the problems with today’s EDR technologies, they will say most solutions don’t deliver EDR capabilities in an operationally feasible or complete manner.
The purpose of an EDR solution is to provide advanced detection & response capabilities to complement an EPP solution. At SentinelOne, we deliver the very best of EDR & EPP in a highly differentiated manner and in one single lightweight agent.
Join us and learn about a new EDR- Active EDR - a new world of EDR capabilities and user experience. Explore how to:
- Eradicate benign alert noise, focus on what’s important.
- Optimise threat hunting time with curated and focused story lines.
- Maximise staff efficiency and let staff become expert threat hunters.
Ollie Sheridan, Principal Engineer Security, Gigamon, Brandon Dunlap, Moderator, (ISC)²
Traditional methods of filtering traffic have relied upon a knowledge of the network and transport behaviours of the applications running across the network. Whilst most applications being run across the network use standard ports, many threat actors will use methods to obfuscate their communications by abusing these standards, with port spoofing being one such example. This represents a challenge when gathering traffic to ensure that this simple evasion method does not create a blind spot to your security countermeasures.
Join us for this webinar to learn more about how you can:
•Ensure that the Application traffic regardless of port spoofing gets to the right tool
•Improve tool efficiency by discarding irrelevant Application traffic
•Filter the traffic based on the application rather than the IP & Port
Steven Tee, Senior Systems Engineer, Infoblox, Brandon Dunlap, Moderator, (ISC)²
DNS is a ubiquitous network service which has a front row seat when it comes to malware activities. Most organizations neglect to consider the scale and simplicity of using DNS as a visibility and control point. DNS servers are also home to a wealth of essential operational data that can accelerate incident investigation.
This session will discuss the role that DNS could and should play in security architecture and operations as well as identify how DNS itself is increasingly used as an attack vector by malicious actors.
Tiago Pereira, Team Lead, BitSight, Brandon Dunlap, Moderator, (ISC)²
Attacks and data breaches are a regular challenge for organisations and their cybersecurity practitioners today. The consequences for a company that falls victim to a hacking attack or other form of data breach can be significant, incurring both financial as well as reputational damage as a result. Measuring and determining the security posture of an organisation is essential to understand the liability and exposure to risk your business faces at any given moment, to reassure staff, shareholders, customers, insurers and suppliers.
In this webinar, we will explore in more detail how a variety of real-time and historical risk vectors and underlying security data can be used to determine current posture. Furthermore, we will examine some of the current research work being used by the security sector to understand, quantify and measure posture in a uniform way, and how that research as resulted in the creation of specific data sets and risk vectors that are unique to measuring security posture.
Brandon Dunlop, Moderator, (ISC)², David Warburton, Senior Threat Research Evangelist, F5 Labs
Encrypting data-in-transit with SSL/TLS is standard practice among organisations today. Important security initiatives, such as built-in web browser warnings and stronger legislative GDPR changes, have significantly improved privacy awareness and helped to prevent data breaches. However, cybercriminals commonly hide threats within encrypted payloads and use encrypted channels to propagate malware and exfiltrate data, knowing they can bypass traditional security inspection solutions.
Join us for this webinar to learn more about:
• Challenges with encrypted traffic and risks to your business
• How to efficiently decrypt and orchestrate traffic to reduce latency
• How to intelligently manage decryption and re-encryption across your entire security inspection solutions (IPS, NGFW, DLP, WAF, Anti-Malware, etc.)
Forming part of the (ISC)² commitment to Inspiring a Safe and Secure Cyber World, we welcome you to the (ISC)² Secure Webinars - EMEA Channel. Sign up to join us for educational Security Briefings, Roundtables and eSummits aimed at all those vested in the world of information security. We welcome members and non members alike.
Trust No One Part 3 - User Authentication for a Zero Trust Security ModelLindsay Drabwell, Head of Membership Services EMEA, (ISC)², Josh Green, Richard Archdeacon, Duo[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]58 mins