Hi [[ session.user.profile.firstName ]]

Mitigating the risks of insider threats with UEBA

To avoid a data breach, your organisation must detect and respond quickly to anomalous activity. The Verizon Data Breach Investigations Report, 2017 states that user-based threats are on the rise:

• 69% of organisations report incidents of attempted data theft — by internal threats.
• 81% of breaches involve stolen or weak credentials.
• 91% of firms report inadequate insider threat detection programs.

User and entity behaviour analytics (UEBA) can help you monitor for known threats and behavioural changes in user data, providing critical visibility to uncover user-based threats that might otherwise go undetected.

In this on-demand webinar, Mohan Raj and Ashok Chokalingam from our iMETA team at LogRhythm,l outline the various types of insider threats, the risk they pose to an organisation, the various contributors that may lead to this threat and how to identify and mitigate the risks.
Recorded Jul 15 2020 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ashok Chokalingam CISSP, Senior Sales Engineer & Mohan Raj, Enterprise Sales Manager
Presentation preview: Mitigating the risks of insider threats with UEBA

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How to Build a SOC with Limited Resources Recorded: Oct 15 2020 32 mins
    Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO
    Whilst some organisations have a 24x7 security operations centre (SOC) with teams of dedicated analysts carefully monitoring for threats around the clock, every day of the year. Unfortunately, most organisations cannot afford a 24x7 SOC. The cost of having well-trained analysts onsite at all times outweighs the benefit.

    In this on-demand webinar, Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO, outlines how to create an effective SOC, by combining three components — people, processes, and technology — to build an efficient security operation.

    You’ll learn:
    • What makes a SOC effective, including best practises for success
    • Cost comparisons of various SOC staffing models
    • Steps for building a SOC with limited resources
    • How a NextGen SIEM solution is the ideal technology for building a SOC
  • NextGen SIEM & Saudi ECC regulations Recorded: Oct 7 2020 61 mins
    Abdulrahman Aldalbahi, LogRhythm Enterprise Sales Manager & Muntaser Bdair, Chief Operation Officer, SecurityMatterz
    In this webinar, Abdulrahman Aldalbahi, LogRhythm Enterprise Sales Manager & Muntaser Bdair, Chief Operation Officer, SecurityMatterz, will outline how you can align with Saudi ECC compliance and MITRE ATT&CK for rapid threat detection and response.

    Join us to:
    • discover the LogRhythm KSA-ECC module including compliance use cases and predefined reports
    • learn more about using MITRE ATT&CK techniques to enhance your threat detection
    • gain insight into how LogRhythm's NextGen SIEM can effectively detect and respond to cyberthreats
  • Best Practices For Reducing Ransomware Risk Recorded: Sep 30 2020 48 mins
    Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO and Dan Crossley, SE CISSP, LogRhythm
    As ransomware attacks continue to hit the headlines around the globe they pose a major threat to businesses of all sizes. How do you protect your organisation against ransomware effectively to reduce the associated risk?

    In this on-demand webinar, Dan Crossley CISSP, Sales Engineering Manager at LogRhythm, and Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO, discuss:

    • Recent ransomware incidents
    • Why ransomware attacks are more prevalent and destructive than ever before
    • Practical tips to help you detect and respond to ransomware attacks
    • How a SIEM can be used to reduce the risk
  • Keeping pace with ransomware: Lessons learnt in the past year Recorded: Sep 22 2020 69 mins
    Randy Franklin Smith (Ultimate Windows Security) and Brian Coulson (LogRhythm)
    Today, ransomware attackers won’t simply back down if their demands are not met. Even companies who have great backups and a fast recovery process are vulnerable to an emerging strategy: exfiltrating the victim’s most private data before demanding a ransom. If victims refuse to make the payment and initiate restoring their systems, the attacker reveals what information they have exfiltrated and threatens to post it online.

    That threat is completely different from the standard ransomware threat. This is because we’ve now shifted from an Integrity and Availability threat to a Confidentiality threat and of course there is the possible nightmare of privacy and other compliance regulations depending on the nature of the data that’s been exfiltrated.

    During this webcast, Randy Franklin Smith from Ultimate Windows Security provides an overview of some recent high-profile attacks that have employed this strategy, including those against Honda, Xerox and Garmin. He will also discuss detection methods and MITRE ATT&CK® techniques commonly used in ransomware attacks.

    Then, Brian Coulson from LogRhythm’s Threat Research team will demonstrate how to detect and respond to these types of threats using MITRE ATT&CK, UEBA capabilities, and more.

    Join this webinar to learn about the latest trends in ransomware and how you can protect your organisation from them.
  • The State of the Security Team: Are Executives the Problem? Recorded: Sep 15 2020 39 mins
    Andrew Hollister, Senior Director LogRhythm Labs & Security Advisor to the CSO
    Working in security can sometimes feel as though you are sitting on top of a powder keg. It’s a fact that cybersecurity professionals are reporting higher levels of stress than they did just two years ago. We wanted to learn the causes of tension and anxiety — as well as understand potential ways teams might alleviate and remediate the potential of job burnout.

    Our global survey of more than 300 security professionals and executives investigated the reasons behind increased stress on security teams, solution capabilities, deployment strategies, technology gaps, and more. In this on-demand webinar, we explore some of the key findings from this research, including:

    - Why security professionals say they have more work stress than they did just two years ago.
    - Just how many teams feel that they have adequate executive support.
    - How capable teams say they are to detect known security threats.
    - The number one reason security professionals say they would leave their jobs.

    If you work in security, hearing that stress is impacting your space is likely no surprise.

    Watch on-demand to hear Andrew Hollister, Head of LogRhythm Labs & Security Advisor to the CISO at LogRhythm, outline why your team may be experiencing more stress than ever before, the effect executive support has on your program and some indicators on how to alleviate some of the issues your team may be facing.
  • Mitigating the risks of insider threats with UEBA Recorded: Jul 15 2020 60 mins
    Ashok Chokalingam CISSP, Senior Sales Engineer & Mohan Raj, Enterprise Sales Manager
    To avoid a data breach, your organisation must detect and respond quickly to anomalous activity. The Verizon Data Breach Investigations Report, 2017 states that user-based threats are on the rise:

    • 69% of organisations report incidents of attempted data theft — by internal threats.
    • 81% of breaches involve stolen or weak credentials.
    • 91% of firms report inadequate insider threat detection programs.

    User and entity behaviour analytics (UEBA) can help you monitor for known threats and behavioural changes in user data, providing critical visibility to uncover user-based threats that might otherwise go undetected.

    In this on-demand webinar, Mohan Raj and Ashok Chokalingam from our iMETA team at LogRhythm,l outline the various types of insider threats, the risk they pose to an organisation, the various contributors that may lead to this threat and how to identify and mitigate the risks.
  • Live demo - MITRE ATT&CK with LogRhythm Recorded: Jun 17 2020 46 mins
    Dan Crossley, Manager, Enterprise Sales Engineering, LogRhythm
    This product demo follows the MITRE ATT&CK session available on our BrightTALK channel. Watch this on-demand technical demonstration to hear how the LogRhythm platform can help you align to the MITRE ATT&CK framework.
  • MITRE ATT&CK 2020: An update in SIEM alignment Recorded: Jun 17 2020 41 mins
    Andrew Hollister, Senior Director, LogRhythm Labs Security, LogRhythm
    In this on-demand webinar Andrew provides an overview of how security professionals and the businesses that employ them can benefit from integrating the MITRE ATT&CK framework into their SIEM. He also expands on how feeding data from a wide set of technologies including endpoint detection and response (EDR), antivirus/anti-malware, intrusion detection/prevention systems (IDS/IPS), and other products can help businesses get the most out of their SOCs.
  • Live demo - Threat hunting with LogRhythm Recorded: Jun 17 2020 44 mins
    Jake Anthony, Enterprise Sales Engineer, LogRhythm
    Threat hunting refers to the process of proactively searching for advanced threats that may have eluded security systems. In other words, going after the ones that slipped through the net.

    In this on-demand session, you will learn some practical threat hunting tips and tricks using the LogRhythm NextGen SIEM Platform.
  • Logging & threat detection in the cloud: AWS, GCP, Microsoft Azure & Office 365 Recorded: Jun 17 2020 44 mins
    Dan Crossley, SE CISSP, LogRhythm
    The momentum behind the growth of cloud services is unstoppable, as businesses seek software, applications, and infrastructure that are more flexible and cost-effective. According
    to analysts, nearly half of all application spend is now invested in cloud services, and this cloud-first trend is only going in one direction.

    In this on-demand technical webinar LogRhythm’s Daniel Crossley outlines logging and threat detection strategies within cloud environments, including Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure and Office 365.

    The session covers:
    • Logging: An overview of cloud logging mechanisms
    • Log ingestion: Log collection from cloud environments
    • Analytics: Threat detection use cases for cloud environments

    The aim of this session is to give you a better understanding of logging and threat detection in cloud environments.
  • Maximising the productivity of your SOC with UEBA and SOAR Recorded: Jun 16 2020 44 mins
    Ed Carolan, Manager, Enterprise Sales Engineering
    If your team is struggling with resource constraints, you’re probably facing longer-than-ideal response times. This puts your organisation at risk. In this on-demand webinar Ed Carolan, Manager, Enterprise Sales Engineering, outlines how you can maximise the benefits of time optimisation and reduce the burden on your team with SOAR and UEBA.

    Understand how you can:
    • Leverage UEBA and SOAR to increase automation within the SOC
    • Enable team collaboration and workflow automation
    • Arm your analysts to be more effective in their work
    • Increase the ROI from your SIEM
  • Cybersecurity: A CISO’s perspective Recorded: Jun 16 2020 60 mins
    Martin Smith MBE,Founder The SASIG; James Carder, CSO, VP LogRhythm Labs; Craig Goodwin,CTRO Fujitsu; Michael Strong,CISO GCI
    Watch our Q&A panel session to gain insight into how James Carder, LogRhythm CISO and our guest speakers build and maintain a cybersecurity culture at their organisations, how they manage board-level reporting, exec-level relationships, and how they achieve their goals as a security leader, while appealing to the board’s mission and the core mission of their business.

    Moderated by Martin Smith MBE, Chairman & Founder, The Security Awareness Special Interest Group (SASIG)

    You’ll hear:
    - Key metrics you can use to show the value of you security operations/program
    - Actionable tips to get board-level support for your security program
    - How to use a security maturity model to map your risk reduction over time
    - How to achieve and present cost predictability
  • Getting value from your NextGen SIEM project Recorded: Jun 16 2020 46 mins
    Andy Habibi-Parker, Director, Professional Services EMEA & APJ & Adam Thompson, LogRhythm
    In this on-demand webinar Andrew Habibi-Parker, Director, Professional Services EMEA & APJ and Adam Thompson, Principal Professional Services Consultant will walk you through how a good deployment methodology can pave the way to SIEM success.

    Adam & Andrew outline:
    - Five tips to ensure your SIEM project is a success
    - The LogRhythm value-focused methodology
    - What to expect from a Professional Services engagement
    - What you can do to prepare for a new SIEM project

    This webinar is part of our two-day virtual summit, for full details please visit: https://www.brighttalk.com/summit/4761-logrhythm-europe-virtual-summit/
  • How to map your risk reduction over time, and achieve cost predictability Recorded: Jun 16 2020 52 mins
    Jonathan Zulberg, VP Field Engineering, UK, EMEA & APJ, and James Carder, CSO, VP LogRhythm Labs
    As a cybersecurity professional, your success rides on your ability to not only protect your organisation from damaging cyberattacks but demonstrate the meaningful business impact and value of your security program to your company’s board.

    In this on-demand webinar, LogRhythm’s Jonathan Zulberg and James Carder introduce the LogRhythm Security Operations Maturity Model (SOMM), which was developed to help cybersecurity professionals assess their organisation’s current level of security maturity and plan for making improvements over time.

    You will also hear about the critical measures of security operations effectiveness and an outline of how to use the SOMM to prove the value of your security program to the board.

    This webinar is part of our two-day virtual summit, for full details please visit: https://www.brighttalk.com/summit/4761-logrhythm-europe-virtual-summit/
  • Customer testimonial: Security Manager Recorded: May 22 2020 11 mins
    Kevin Merolla, Security Manager, Manufacturing
    We bought LogRhythm simply because it is awesome, it is fast and less expensive than Splunk
  • Customer testimonial: Information Security Manager Recorded: May 22 2020 5 mins
    Steve Bonek, TRIMDEX Holdings, LLC
    We find the single pane of glass and the ability to see everything that's going on in the environment a valuable feature
  • Customer testimonial: Security Analyst Recorded: May 22 2020 3 mins
    Tim Sueck, Security Analyst, Financial Industry
    LogRhythm improves our organisation by giving us insight into user activity and potential security threats
  • Five practical use cases to enhance threat detection and response Recorded: May 7 2020 44 mins
    Jake Anthony, Systems Engineer and Simon Hamilton, Client Manager, LogRhythm
    Without rapid and accurate threat detection, your mean time to detect and respond to damaging cyberattacks is compromised, allowing attackers time to steal your organisation’s sensitive data. From collecting security and log data to utilising machine analytics, your team can effectively reduce the time it takes to discover threats on your network.

    In our webinar Jake Anthony and Simon Hamilton from LogRhythm outline five practical use cases to enhance threat detection and response with your existing tools.

    These include:

    • Integrating endpoint detection for improved threat hunting capabilities
    • Combining logical and physical authentication to spot anomalous access
    • Automating detection and response to Phishing attacks
    • Detecting possible indicators of bit-coin mining
    • Improving incident response times through audio and visual alerting

    View this webinar: if you are a SOC manager, security analyst, security architect and you are responsible for managing your organisations cybersecurity.
  • Practical advice from SANS 2020 Women in Cybersecurity Survey Recorded: May 5 2020 59 mins
    Heather Mahalik of SANS, sponsored by LogRhythm
    Women are rising through the cybersecurity ranks to become recognised leaders, experts and mentors. The 2020 SANS Women in Cybersecurity Survey drew on the shared experiences of successful women in cybersecurity to provide practical advice on becoming leaders in their organisations.

    Join this webinar to learn why opportunities for women in security have never been better, including survey data points such as:

    - More than 70% of respondents feel respected by their teammates
    - 64% report that they are sought out for their opinions on cybersecurity issues
    - 37% are advancing rapidly, moving into a senior position within one to four years

    In this webinar, we'll discuss gender bias, the effects of mentorship and practical advice on how to get ahead.
  • How to get started with a secure remote workforce Recorded: Apr 30 2020 47 mins
    James Carder, Andrew Hollister, and Brian Emond (LogRhythm)
    In light of COVID-19, we’ve seen businesses across industries implement remote work policies. This brings about new security concerns, many of which either weren’t considered or prioritised beforehand.

    During this webinar LogRhythm experts including James Carder, CSO and VP of LogRhythm Labs, will review best practices for securing a remote workforce and what to expect when your employees make this kind of shift, whether it needs to happen now or in the future. Specific topics include:

    - Getting started with log collection for remote systems
    - Priority use cases you should employ, such as monitoring VPN access and collaboration tool security
    - The types and levels of activity you should expect to see on your network, depending on your industry

    We will also discuss the impacts we’ve seen from the rush to support remote work due to COVID-19. These reveal lessons that others can implement now or work into a future plan to support a rise in remote workers.
Build your security operations centre on a strong foundation
We know your job isn’t easy. That’s why we combine log management, machine learning, SOAR, UEBA, and NDR to give you broad visibility across your environment so you can quickly uncover threats and minimise risk.

But a mature SOC doesn’t just stop threats. With LogRhythm, you’ll easily baseline your security operations program and track your gains — so you can easily report your successes to your board.

Hear best practices, see technology demos, listen to speaker panels on our European BrightTALK channel.

Visit our website for more information:
http://www.logrhythm.com/

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Mitigating the risks of insider threats with UEBA
  • Live at: Jul 15 2020 7:00 am
  • Presented by: Ashok Chokalingam CISSP, Senior Sales Engineer & Mohan Raj, Enterprise Sales Manager
  • From:
Your email has been sent.
or close