Name: Threat Hunting Log4j Exploits with Falcon OverWatch
Start: 2022-02-22T16:30:00Z
End: 2022-02-22T16:30:59.000Z
Location: BrightTALK
Rating: 4.5

CrowdStrike has redefined security with the world’s most advanced cloud-native platform for protecting critical areas of risk — endpoints and cloud workloads, identity, and data. The Falcon® platform harnesses real-time threat intelligence and enterprise telemetry to automate threat prevention, detection, remediation, hunting, and vulnerability observability through a single, intelligent, lightweight agent.

User identities, endpoints, applications, and networks have all turned into attack vectors, expanding the attack surface and elevating business risk.  

Point security solutions target an area but often fail to integrate well with others. This leads to a false sense of security, leaving security gaps and exposing organizations to cyber risks and costly remediation efforts. 

Beyond the Perimeter brings together leaders from Zscaler, CrowdStrike and Okta to discuss the pivotal role AI plays in cybersecurity and why best-of-breed integrations provide critical defense for a resilient end-to-end Zero Trust architecture. 

Join us to:
- Discover key considerations when building an AI-powered Zero Trust security architecture

- Learn how best-in-class integrated solutions provide superior security and improve operational efficiencies

- Hear from our customers on how to future-proof your security investments as threats evolve in the face of AI

- Watch integration demos showcasing real-life scenarios that empower security teams on how to build a robust end-to-end protection

Speakers: 
Syam Nair, CTO and EVP of R&D, Zscaler
Elia Zaitsev, CTO, CrowdStrike
Sagnik Nandy, President & Chief Development Officer, Okta
Eddie Parra, Sr. Director Partner Solutions, Zscaler 
Chris Kachigan, Vice President, Global Solution Architecture, CrowdStrike

Beyond the Perimeter 2024: Cybersecurity Designed for the AI Revolution

In the first session of the Unstoppable Innovations CrowdCast Series, Jason Waits, CISO of Inductive Automation, a CrowdStrike customer, shares how Charlotte AI — CrowdStrike’s conversational AI assistant — enables his team to turn hours of work into just minutes or even seconds. Jason will be joined by CrowdStrike’s VP and Head of Portfolio and Product Marketing, Scott Simkin, to discuss how Charlotte AI turns every user into a power user of the Falcon platform, simplifying cybersecurity management and helping security teams stop modern cyberattacks. Lucia Stanham, Sr. Product Marketing Manager at CrowdStrike will hold a demo of Charlotte AI and how it enables security teams to stay a step ahead of adversaries like COZY BEAR.

You'll also learn how Charlotte AI:

Elevates analysts of all skill levels by delivering actionable answers in easy-to-understand summaries and workflow automation
Accelerates investigation and response times and expediting workflows, from writing queries to incident investigations to summarizing threat intelligence
Enables safe, responsible adoption of generative AI with built-in controls, such as viable source data and role-based access controls

Learn more and register now to attend sessions two and three: https://www.crowdstrike.com/resources/crowdcasts/unstoppable-innovations

Accelerate | Transforming Security Operations with Generative AI

Legacy vulnerability scanners are just not cutting it. While the average breakout time for eCrime has shrunken to 62 minutes, most legacy vulnerability scanners are still taking weeks and months to complete a scan of the entire infrastructure. Outdated tooling is putting security teams on the backfoot, giving adversaries an edge.

Don’t settle for outdated methods. Discover how the emerging approach of Exposure Management innovates beyond legacy Vulnerability Management, not just in speed, but a variety of other ways, to put the power back in the hands of security teams to safeguard the modern enterprise. 

We’ll break it down by dissecting the struggles and limitations of traditional scanner-based VM approaches, discuss what exposure management is, and showcase why Exposure Management is crucial in today's dynamic threat landscape.

Join us and expert security practitioners as we reveal the game-changing ways Exposure Management empowers proactive security, surpassing legacy methods. Learn how our AI-native Crowdstrike Falcon platform, with its Falcon Exposure Management module, offers unmatched visibility across your entire attack surface and can help reduce intrusion risk by up to 50%.

Why attend?
Out with the old: Understand the limitations of legacy Vulnerability Management in today's threats.
In with the new: Explore the importance of Exposure Management in risk management.
Real power in action: See and discover how Exposure Management leads the charge in proactive security

Don't miss your chance to become more aware of exposure management strategies and how you can proactively defend your enterprise. Join us as we unveil the future of security with AI-native Exposure Management.

How AI-Powered Exposure Management Outpaces Legacy Vulnerability Management

Organizations have adapted to a cloud-first world but still face challenges implementing an effective data protection strategy that goes beyond just compliance. Despite the use of endpoint data loss prevention (DLP) tools, many organizations still can’t confidently identify sensitive data movement — from origin to destination — without impacting the user experience and business productivity.
 
CrowdStrike and Enterprise Strategy Group (ESG) have teamed up to provide insights and best practices on the latest data protection trends. Join this CrowdCast as we discuss:
-    The latest data protection trends
-    Challenges with traditional DLP implementations
-    How to address data leaks through Generative AI
-    How to protect data without impacting user experience

Effective data protection solves security, not just compliance

An average enterprise manages 45 different security tools. The average time for a lateral attack is less than 80 minutes.* As cyber threats evolve, managing security tools to combat these threats is growing increasingly complex.

How do you solve this security puzzle? Cybersecurity platform consolidation. Enhance your organization’s ability to manage security and combat threats by bringing harmony and integration to your team’s security stack.

Join this unique event to hear customers share their keys to success in solving this complex security challenge. You’ll hear from:
- Matt Morgan, VP, Customer & Integrated Marketing at CrowdStrike, on getting started in your consolidation journey
- Imran Akhtar and Robert Peden, Cybersecurity Managers at Cox Automotive, about how they achieved consolidation success with the CrowdStrike + Zscaler joint solution
- Ken Collins, Sr. Director of Information Security at Sunbelt Rentals, about how they utilize the CrowdStike partner ecosystem to effectively manage their security tools
- Andrew Candella, Senior Analyst, Identity Management at Ciena, as he shares how he uncovered and mitigated app overlap in his organization 
* https://www.crowdstrike.com/cybersecurity-101/secops/cybersecurity-platform-consolidation/

Customer Spotlight: The Value of Cybersecurity Simplicity

Fireside chat: Getting the most out of threat intelligence

Adversaries are getting faster and attacks are becoming more sophisticated, targeting identities, cloud environments and leveraging an onslaught of vulnerabilities. Join us for a live webinar with special guest, Brian Wrozek, Principal Analyst at Forrester, and Adam Meyers, CrowdStrike’s Head of Intelligence, as they explore the evolving landscape of threat intelligence.

Discover key insights from Forrester’s evaluation, “Forrester Wave: External Threat Intelligence Service Providers, Q3 2023,” and gain valuable knowledge on:

-The 2023 Forrester Wave criteria and methodology for evaluating threat intelligence services
-Why threat intelligence is now a requirement for effective cybersecurity, and where it’s headed next
-The critical components of a threat intelligence service in 2023 and beyond
-Tips for selecting the right intelligence service for your organization
-The potential impact of emerging technologies, like AI, on enhancing security outcomes

Stay informed and stay ahead in the ever-changing world of cybersecurity threats. Watch our webinar for expert perspectives and actionable insights.

Defeat Adversaries with a Modern Threat Intelligence Program

Organizations like yours rely on third parties more than ever. These third parties often work from unmanaged endpoints, which introduces remarkable cyber-risk to your enterprise. Everyday, new reports surface about companies suffering data leaks, ransomware attacks, and malware intrusions due to a lack of security and visibility on unmanaged endpoints – offering you an opportunity to learn from their experiences and enhance your own protections.

But what if you could include these devices into your security stack and greatly reduce the risk of a devastating attack? 

Join this panel discussion featuring endpoint experts from CrowdStrike, Talon and TechTarget’s Enterprise Strategy Group as they explore how enterprise browsers and integrated security solutions defend unmanaged endpoints against malware, block access to risky websites, and prevent confidential data leakage. This talk will cover:
• Why traditional endpoint security is no longer enough
• Use cases for enterprise browsers, including unmanaged personal devices & unmanaged 3rd-party devices
• CrowdStrike and Talon’s integrated solution for securing unmanaged endpoints

Taking Control: Securing Unmanaged Endpoints with CrowdStrike and Talon

Learn which key cybersecurity controls are most effective for reducing your cyber risk


As adversaries continue to exploit weak identity security controls to launch attacks, cyber insurance companies are emphasizing the need to tighten controls to reduce cyber risk.

Join CrowdStrike and our special guest presenters from Marsh McLennan, Scott Stransky and Tim Marlin, as they discuss Marsh’s recent groundbreaking research that reveals which key cybersecurity controls result in the most impactful cyber risk reduction.

In this session, Marsh experts will share current cyber insurance market conditions and key findings from their research:

-The top five most impactful controls
-How to allocate resources toward controls that provide the best protection
-How to better position your risk with insurers and build cyber resiliency
-The likely impact to terms and conditions when insureds prioritize their investments in the top 5 and how underwriting evaluates the investment

Five Best Practices to Stay Insurable and Reduce Cyber Risk

Proactive Identity Protection with Best of Breed Security Solutions
Did you know…

80% of all breaches use compromised identities and can take up to 250 days to identify (1)
50% of organizations experienced an Active Directory (AD) attack in the last two years (2)
40% of those attacks were successful because adversaries exploited weak AD hygiene (2)
With evolving adversary tactics involving valid credentials on the rise, Identity Threat Detection and Response are integral elements to a comprehensive cyber security strategy.

In this unique session, join experts from CrowdStrike, Okta, Zscaler and AWS and learn how you can:

-Gain continuous unified visibility of all users and assets across the organization
-Activate a strong, flexible identity security architecture using partners with deep integrations to protect your organization from threats
-Learn the benefits of receiving a complimentary Active Directory Risk Review from CrowdStrike experts
-Safely provide remote and on-premises workers with intuitive authentication into network resources from any device



1 2022 CrowdStrike Global Threat Report
2 EMA Research Report – The Rise of Active Directory Exploits

Stop Modern Active Directory Threats with CrowdStrike, Okta, Zscaler and AWS

Building cyber capability and maturity is not for the faint of heart. MSPs who have embraced a mission and vision to deliver security services that once seemed out of reach, are now reaping significant rewards. Through a discussion with a panel of your peers, we will explore the MSP to MSSP journey, the business challenges they faced and how they ultimately succeed in the market. 
 
In this webinar, you will learn:
 
— Where and how to start your journey.
— When it makes sense to build, buy or partner.
— How to build a sales strategy that provides insights, change customer perception, and ultimately aligns to the services that makes your MSP/MSSP unique.

The Journey - From MSP to MSSP

It’s no secret: your external attack surface is expanding. Digital transformation, remote work, cloud migration and increased reliance on third party vendors have drastically inflated your digital footprint – resulting in an explosion of unknown internet facing assets. Their risky exposure, if gone unchecked, can be a recipe for a damaging breach.

It is important to stay ahead of adversaries, and stop them from exploiting these assets. External Attack Surface Management (EASM) is a must-have tool in your arsenal to fight back, but in these tough economic times, many enterprises are looking to consolidate, do more with less, and are directing their security teams to prioritise and focus on what matters most. With this in mind, should you invest in a new EASM point product?

Join Tina Thorstenson, VP, Industry Business Unit & Executive Strategist and Kamil Imtiaz, Director, Product Marketing, IT SecOps as they help you to:

- Demystify EASM: What is it? Why is it important? And why now?
- Understand whether or not all EASM technologies are created equal and what 5 strategies will help you better evaluate the EASM capabilities
- Know how to leverage EASM capabilities and reduce exposure risk from the outside-in to the inside-out
- Learn about the newly launched CrowdStrike Falcon® Surface Technology, which extends the visibility and protection of the Falcon Platform with EASM capabilities to provide a complete picture of where exposures lie.

5 KEY CONSIDERATIONS BEFORE INVESTING IN AN EXTERNAL ATTACK SURFACE MANAGEMENT

Threat actors are getting bolder, stakes are higher, ransom costs and extortions are growing exponentially. These attacks can cause huge financial and reputation damage to organizations and affect their customers, or even worse, critical infrastructure or supply chains.

This webinar will be delivered by the CrowdStrike Falcon Complete team where they will execute a live Ransomware attack scenario. A public facing host that is unprotected by Falcon has become compromised. The intruder is leveraging it to laterally move across the environment via RDP in attempts to deploy ransomware.

Speakers:
Tom Brown (Falcon Complete, EMEA Lead),
Alex Sayavedra (Director, Falcon Complete),
Alice Allsop (Sr. Analyst, Falcon Complete),
Marc Paridimal (Sr. Analyst, Falcon Complete)

Ransomware Live Attack & Defend Demo

The adversary has evolved. 80% of modern attacks are identity-driven and Active Directory (AD) is often considered the weakest link in an organization's cyber defenses.

Unsurprisingly, over 50% of organizations experienced an AD attack in the last 2 years—and 40% of those attacks were successful. These breaches are incredibly hard to detect and adversaries can often lurk in your environment undetected for days, moving laterally across systems, escalating privileges in AD and eventually launching catastrophic attacks.

Join this webinar to:

• Learn about these modern attacks that target Active Directory and how Falcon Identity Protection can provide comprehensive, frictionless protection against Active Directory attacks in real-time
• Walk through a real attack scenario targeting Active Directory and see how Identity Protection can protect you against a modern Active Directory attack.

Protect Against Modern Active Directory Attacks

On this session, Jason Rivera, Director, Strategic Threat Advisory Group, at CrowdStrike will share his perspective on how to detect, react and remediate advanced cyber intrusions through achieving scalability, reducing cybersecurity complexity and increasing speed.

Cyber Security: One Problem, One Purpose, One Answer

Many organizations today use machine learning (ML) for malware classification and static file analysis. While this can be useful for detecting and responding to file-based threats pre-execution, adversaries continue to evolve their methods. Today’s attacks more often use malware-free or fileless attacks, which have rapidly grown to represent over 70% of all attacks*. 

Join CrowdStrike’s Joel Spurlock, Sr. Director, Malware Research and Joe Faulhaber, Principal Engineer for a webinar where you will: 

• Hear how behavioral ML and AI-powered indicators of attacks help cybersecurity teams stay ahead of today’s adversaries
• Discover how behavioral ML at runtime enables you to analyze adversary intent and movement, regardless of malware or tools used
• See a demo of CrowdStrike’s ML and AI-power detection and investigation processes

How AI-Powered IOAs and Behavioral ML Detect Advanced Threats at Runtime [NAM]

Leveraging the benefits of the cloud also comes with the requirement of managing an even larger attack surface. Adversaries are following data to the cloud and taking advantage of the complexity of the control plane to find and exploit security gaps.

CrowdStrike and Forrester have teamed up to address cloud security pain points with insights and best practices based on the latest trends. Tune in for important considerations to protect your data and applications in the cloud. You’ll learn how to:
• Select the right tooling
• Maintain compliance standards
• Reduce cost and duplication
• Bring together CWPP and CSPM
• Navigate the intersection between DevOps and DevSecOps
• Adversary activity, technical complexity, and the ephemeral nature of clouds make secure adoption an ongoing challenge. 

Speakers:
• David Puzas (Sr. Product Marketing Manager, Cloud Security, CrowdStrike)
• Scott Fanning (Senior Director, Product Management, CrowdStrike)
• Andras Cser (Vice President, Principal Analyst, Forrester)

Best Practices And Trends In Cloud Security [NAM]

Ransomware is one of the most serious cybersecurity threats facing organizations today. The past few years have seen a rise in such attacks and in the number of adversaries behind them, creating significant risk for enterprises in terms of lost or stolen data, business downtime and regulatory compliance issues.
 
CrowdStrike and ServiceNow forged a partnership combining their strengths and experience to enable organizations of any size to remain a step ahead of ransomware cybercriminals.
 
Join this webinar and hear from cybersecurity experts on:
— Why ransomware is such a major threat
— How the CrowdStrike and ServiceNow solutions can provide tools to defend your organization
— The best practices to protect your organization from ransomware and other cyberattacks

Defending Against Ransomware With CrowdStrike And ServiceNow

Since the initial disclosure of Log4j, the OverWatch team, CrowdStrike’s elite team of threat hunters, has maintained around-the-clock vigilance, tracking the evolution of the Log4j threat, and developing techniques to uncover stealthy attempts to exploit it.

Join our OverWatch experts for a summary of the team’s threat hunting insights. You’ll get a real-world view from the experts on the front lines and gain insights you can use to kickstart your own Log4j threat hunting efforts.

Join this CrowdCast to hear more about:

• A look at the Log4j vulnerability through the eyes of elite threat hunters
• Case studies providing insights into how adversaries are carrying out their campaigns in the wild
• Ideas for suggested threat hunting techniques you can put into action in your own environment

Threat Hunting Log4j Exploits with Falcon OverWatch

Cyber Security

Cyber Attacks

Cyber Crime

Cyber Incident Response

Incident Response

Threat Detection

Threat Defence

IT Security

Endpoint Security

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Threat Hunting Log4j Exploits with Falcon OverWatch

Presented by

About this talk

More from this channel