Hi [[ session.user.profile.firstName ]]

Leveraging Threat Hunting To Investigate Advanced Threats

Warning - this is a technical webinar.

The reality: Many organizations have information security protections in place that still fail to reliably answer the question: "Have we already been compromised?". A truly advanced and persistent threat could be hiding in areas of your network, systems or devices and harvesting information for extended periods of time, undetected by security software and unnoticed by an untrained eye.

Join us to
* -See a Live Demo of actual tools used to detect, analyse and hunt down advanced malware.
- Understand how advanced threats evade detection
- Get a clear understanding of exactly how threat hunting works
- Learn how you can begin threat hunting in your organisation.
* -Ask and interact with the specialists in threat analysis.

Following on from our successful webinar titled A Day in the Life of a Threat Analyst, we bring you another informational and educational webinar on how an experienced threat analyst goes about investigating an advanced threat and the tools he/she would use to detect, analyse, hunt and remediate.

Join Amar Singh, CEO and globally acknowledged CISO along with Damien Townsend, deeply experienced senior security analyst and threat hunter on this interactive webinar.
Recorded May 3 2018 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Amar Singh, Damien Townsend
Presentation preview: Leveraging Threat Hunting To Investigate Advanced Threats

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How to Modernize the SOC with Autonomic Security Operations Oct 26 2021 5:00 pm UTC 60 mins
    Iman Ghanizada, Erik Gomez, Jeremy Hehl
    For most enterprises, the Security Operations Center (SOC) has never been able to keep up with the speed of innovation. The cloud transformation has further exacerbated the gap between what attackers see and what defenders know. Customers across the board have shared the challenges –

    - Too many vendors, data sources, alerts, and false positives
    - A never-ending talent shortage and lack of cloud expertise
    - The rise of ransomware and highly capable attackers

    While Google and other industry-leading Security Operations teams have resilient infrastructure and hyper-active defense capabilities, this has been far from reality for the majority of enterprises. In this session, Iman Ghanizada (Global Security Solutions Manager, Google), Jeremy Hehl (VP of Business Development, CYDERES), and Erik Gomez (Associate CTO, SADA) join forces to discuss a tangible path to modernize your SOC through the new, Autonomic Security Operations approach.
  • What Really Happened in the SolarWinds Cyber-attack? Oct 21 2021 2:30 pm UTC 60 mins
    Amar Singh, Joel Bork
    What makes this attack so unique and pervasive? What does the attack methodology look like when we piece it all together? These are the questions we’ve all been seeking answers to as a community.

    Staying true to its commitment of continuously building educational resources for the community, Cyber Management Alliance is embarking on a journey to unpack the hidden lessons in Solorigate.

    Join IronNet's Joel Bork and Cyber Management Alliance's Amar Singh as they assess where we all stand in the aftermath of one of the most massive and advanced cyber-attacks the world has ever seen and unravel how to work on our collective defense.

    In the first of a series of webinars, we’ll be:
    - Reviewing what really happened (yes, the stuff you probably won't read too often)
    - How Joel and his team actually detected the early signs of this attack before many others!
    - Sadly, why this is NOT the last time you will see these type of advanced attacks.

    Register now for what promises to be an exciting, educational and perhaps eye-opening 45 minutes for many.
  • Cloud Adoption & Migration: Making Security a Priority in your Strategy Recorded: Sep 22 2021 52 mins
    Jonathan Campbell, Sattwik Gill, Amar Singh
    Whether you are migrating workloads to the cloud or developing new applications, securing multiple assets follows much the same path. You must consider management of access and connectivity as well as demonstrate an adherence to multiple directives – whether compliance or business mandates. Without full visibility of all possible controls, it is difficult to completely understand connectivity and access risks both at the perimeter and “inside” the cloud. As Cloud and Security teams seek to balance agility with security, the value of security policy management has proven critical to timely and successful deployment:

    - Understand current and future security risks
    - Build repeatable (and automated) processes
    - Articulate guidance for deployment
    - Ensure end-to-end visibility across the migration/development lifecycle

    These considerations will drive alignment across the organization as you seek to programmatically control risk with comprehensive security policies -- and get to production quickly. Join Sattwik Gavil, Jonathan Campbell and Amar Singh for a live walkthrough of the insights and technology that supports this path.

    Sattwik Gavli is the Director of Cloud Products at Tufin. Prior to working at Tufin, Sattwik helped enterprises with their digital transformation journey in the cloud while working for companies like Oracle, Ribbon Communications, and most recently for a cloud-native security startup, Privafy Inc. At Tufin, Gavli continues to work with Fortune 1000 companies to accelerate their adoption of security policy management in cloud.

    Jonathan Campbell is a highly experienced product manager with a wealth of knowledge in the security industry from Public Cloud and DevOps to traditional firewalling and networking.
  • How to Break Automatic Policy Enforcement in Network Security Recorded: Aug 11 2021 50 mins
    Amar Singh, Hadas Lahav, Sagi Bar-Zvi
    4 facts you need to know.

    - Misconfigurations are a major root cause of cyber-attacks.
    - Manual changes within complex infrastructure often lead to these misconfigurations.
    - Compound that with emergency changes made during critical events, a major contributor to misconfigurations and cyber-attacks.
    - Your current security policies are being breached regularly and its humanly impossible to enforce those policy violations without automation.

    For increased certainty that your network and cloud infrastructure are mitigated against the calamitous ability of the human, you need to implement automated and hyper-speed change management along with security orchestration.

    This is not another webinar about SOAR! Rather, we are going to discuss:

    - What true automated change management means.
    - How you can implement and automate your network and cloud security activities.
    - Implementing policy based controls that match your requirements, ensuring both hyper and accurate change management.
    - How you detect and remediate catastrophic emergency changes that are often made with little attention to risk exposure.

    Join our special guests Hadas Lahav and Sagi Bar-Zvi on this webinar as they explain what you can do and more importantly how you can implement fully automatic policy based security orchestration for your infrastructure.

    Hadas Lahav is the Director of Product Management for Automation Products, and is leading Tufin’s SecureChange and SecureApp products. Hadas joined Tufin 3.5 years ago, and prior to that served in senior product management and product development positions at top security and service companies.

    Sagi Bar-Zvi is Tufin’s Global Strategic Pre-Sales Manager. He oversees global strategic projects from conception to completion. Being with Tufin for many years, Sagi started in Tufin’s RnD and then moved to the states to act as a Lead Solutions Architect in the Americas.
  • Managing the Weakest Link in the Cyber Attack Workflow Recorded: Aug 4 2021 57 mins
    Dr. Marshall Kuypers, Amar Singh
    The good attackers are really lazy, but in a good way! They automate every possible activity to ensure an error free successful attack, and one of the steps they automate is discovery. They need an entry point to your organisation, and they are constantly scanning the internet for that one open door to get in.

    The question is: Are you continuously scanning the internet to discover the doors you have open before the attackers do? Attack Surface Management is the act of continuously scanning and monitoring the web to discover your organisation's exploitable assets and mitigating those vulnerabilities.

    Join Dr. Marshall Kuypers and Amar Singh as they discuss how to effectively manage your internet attack surface and why this activity should be in the top three things to do on your priority list.

    Dr. Marshall Kuypers received his doctorate from Stanford, focusing on data-driven methods for quantifying cyber risk. Marshall was a fellow at the Center for International Security and Cooperation (CISAC) from 2014-2016 where he worked on projects ranging from policy to technical matters in computer security. Marshall has also modeled cyber risk for the Jet Propulsion Lab, and assessed supply chain risk in cyber systems with Sandia National Labs. He was also the Co-President of the Stanford Complexity Group while at Stanford.
  • Designing and Testing Cyber Incident Response Plans Part-1 Recorded: Nov 24 2020 73 mins
    Amar Singh
    Designing an incident response plan may seem like an easy task. Most people will download a template assuming it’s the best way to create a response plan.

    What do most templates do? Most templates will tell you to 'chuck it all in the plan', including the 'kitchen sink'. Most templates, when filled in, equal to 50 - 100 pages..

    Guess what folks. No one ever reads the cyber incident response plan before the actual incident! No surprise there. Imagine having to land a plane on the Hudson. You have 60 seconds to read 100 pages. Not workable is it?

    There is a better way.

    Join us as we show you how to design and then test your Cyber Incident Response Plans. We also will share 5 key components you should focus when creating your cyber incident response plan.

    You also get EXCLUSIVE access to our Cyber Incident Response Plan Template that you can use immediately.
  • How to Hack Any Active Directory in One Hour! Recorded: Oct 22 2020 58 mins
    Amar Singh, Sylvain Cortes, Chris Eves, Johnathon Taghavi
    If you want to kill someone, the easiest way is to attack the heart. When cyber-criminals want to unleash a fatal attack on your organisation, they go for the Active Directory!

    During the webinar, we will demonstrate how attackers are using Active Directory misconfigurations to spread ransomware inside the organisation, and ultimately take control of your data. We will expose the most common techniques attackers use to infect the first PC, catch credentials, move laterally to other machines, and take control of Active Directory.

    The session will focus on actual demonstration, not just a boring slide deck – you will learn first hand about primo-infection, lateral movement, and privilege escalation. We will reveal the main counter strikes and what accurate defence mechanisms are efficient to deploy inside your organisation.
  • How to Ensure your Corporate Data is Unreadable by Cyber Criminals Recorded: Sep 24 2020 54 mins
    Amar Singh, Fredrik Forslund
    The new normal, that of working from anywhere, is starting to significantly impact organisations and their governance, compliance and information security postures.

    Fact: If you had 10,000 staff working from one office today you have 10,000 remote-offices!
    Fact: You still remain 100% responsible and liable for a data-breach or other non-compliance activities!

    To say that the size of the threat and resulting risks has grown thousandfold is an understatement with the normal creating the largest ever data-sprawl risk we have ever seen. In addition, the CISO, the compliance and governance officers are going to have to deal with constantly growing threats like

    - Cross contamination of corporate data & personal data.
    - The decreased ability to manage corporate IT assets with rigour and diligence.
    - Data Spillages & Data theft: Accidental or by cyber-criminals.

    Join Amar Singh and Fredrik Forslund as they share their experience and knowledge on how to:

    - Ensure cyber-criminals are unable to read ANY data from your corporate hard drives
    - Ensure you have 100% compliant data sanitisation across the organisation.
    - Conduct REMOTE data cleansing across every 'remote-office'

    Fredrik Forslund, VP, Enterprise and Cloud Erasure Solutions, is a member of the Blancco global leadership team. With more than 20 years industry experience, he previously founded SafeIT Security in Sweden, a security software company now a part of the Blancco Technology Group.

    Amar Singh is the CEO and co-founder of Cyber Management Alliance Ltd and a practising Chief Information Security Officer and creator multiple UK Government certified training courses.
  • Designing an API based, Enterprise-ready WiFi Network Recorded: Aug 20 2020 55 mins
    Neil Goddard, Paul Melvin, Amar Singh
    These are the 3 major requirements when designing a WiFi network:

    • DESIGN: The WiFi network must be efficient and error-free. At all times.
    • MANAGEMENT: The WiFi Access points & network must be super-easy to manage. From
    • AUTOMATION: You must be able to automate every aspect of the management and security. No excuses.

    Join Paul Melvin from IGXGlobal and Neil Goddard from Juniper Networks as they take you through this educational session on how to transform your network with a modern microservices cloud architecture and inline engine that provides unprecedented scale, agility, insight, and automation.

    We’ll cover the following:

    - How to design an API based, highly scalable WiFi network.
    - How to automate large-scale deployment of APs - create 500 sites in 5 minutes!
    - How to apply business logic using APIs - a must see.
    - How you can authenticate a user’s IoT device like a Point of Sale machine with secure corporate credentials and create a group pre-shared key - facilitating either a “home from home” experience, or segregation of device types.

    In addition to the above, Mist Systems will run a live demos on how to use APIs to interact with your WiFi devices and how to integrate IoT device management directly from your WiFi device.
  • Creating the Fastest Cyber-Attack Response Tool Using Machine Learning Recorded: Jul 29 2020 55 mins
    Amar Singh, Karsten Desler, Joss Penfold
    One of the biggest challenges in building a cyber resilient organisation is the ability to rapidly detect and even more importantly, rapidly respond to a malicious confirmed cyber-attack.

    Here is a question? Can your cybersecurity toolset detect a sophisticated attack and take a calculated, automatic and immediate (stress on immediate, say between 0-10 seconds max) mitigating response?

    Karsten Desler set out to create just that. He wanted to create a solution based on proven machine learning algorithms that can continuously learn and analyse malicious traffic and automatically take corrective action, with no human interaction.

    Is this really possible or hyperbole?

    Join Amar Singh as posts this question to the co-founder of Link11 company. Karsten is the chief developer who designed and produced the technology behind Link11.

    We will also be joined by Joss Penfold, Regional Director UK & Ireland, Link11.
  • Unexpected Security Orchestration (SOAR) Use Cases Recorded: Jul 21 2020 56 mins
    Amar Singh, Patrick Bayle
    Cyber Management Alliance and Palo Alto Networks have earlier shed extensive light on SOAR - Security, Orchestration, Automation & Response and their platform that plugs in critical gaps in the incident response lifecycle.

    Now, it’s time to pull out the stops and share the unusual, the strange, the unexpected. Because when it comes to security & network operations, there’s always room to reduce the boring, repetitive tasks that sap the life out of your day.

    Need some examples? Here's what you can expect:
    - How to build a playbook to automate on-boarding and off-boarding of employees;
    - Better manage your physical security;
    - Semi-automating remediation tasks (with strict workflows)
    - Getting married and need to send out invitations? Believe it or not, we can do that too, and much more…

    Join Patrick Bayle from Palo Alto and Amar Singh from Cyber Management Alliance Ltd as they review the possibility of Orchestration and how it can help you in increasing your cyber resilience posture.

    Patrick Bayle CISM CISSP, Senior Systems Engineer @ Cortex (a Palo Alto Networks company) spent his first ten years of employment working on the security front line for one of the largest financial institutions in the world.
  • Extending your Enterprise Network to All Staff - with a Single Click Recorded: Jun 25 2020 50 mins
    Amar Singh, Jan Van de Laer
    How to Extend your Enterprise to All Staff with one Single Click & other operational strategies to secure your Staff Connectivity.

    Large scale and regular remote working poses unique operational and security challenges that need a new and optimised approach. The question is NO longer about remote working. The question is can you

    - Safely segregate your corporate data from your staff's personal digital artefacts.
    - Protect your corporate data from compromised home wifi
    - Proactively troubleshoot and resolve connectivity issues fully remotely. Quick.
    - Ensure that your staff can safely work from anywhere NOT just the home.

    Join Jan Van de Laer and Amar Singh as they discuss the challenges, the threats and importantly

    - Give you a live demo of how the ZERO Touch configuration and remote troubleshooting works.
    - How REAL Machine Learning helps in keeping remote staff safe and secure whilst vastly reducing the support burden on technical staff.
    - The simple and easy to implement steps to greatly reduce the current risk of remote working.
  • How to Build & Maintain One of the World's Largest Threat Intel Repositories Recorded: Jun 25 2020 54 mins
    Amar Singh, Anoop Das
    An Insider's Story on How One Company Created a Treasure Trove of Threat Intelligence.

    Join us to hear the details of Mimecast, a company that is synonymous with email security, ended up building one of the world's largest repository of security threat intelligence. Malware, ransomware, word or excel documents. You name the threat vector the chances are they have seen it.

    We all know that good and timely threat intelligence is one and very effective way to try to keep up with the cyber criminal. However, there are three major challenges when it comes to good quality threat intel

    - Sourcing: You need to have a reliable source
    - Scale: Especially when it comes to automated threat-intel, the larger the footprint of the source the better (we will explain more on this during the webinar)
    - Credibility: As it implies, you need to know that the provider has credibility and integrity

    Join the webinar to listen to Anoop Das who shares how Mimecast built and maintains this treasure trove of threat intelligence.
  • Rebooting security awareness: from hygiene to resilience Recorded: Mar 5 2020 54 mins
    Amar Singh, Nick Wilding, Stuart Coulson
    Despite significant investments in security, many organisations are still grappling with building a strong cyber-resilient business. Amongst their top challenges; How can they can be more effective in building the awareness and employee behaviours required to be more resilient to growing cyber-attacks.

    Join us to hear about the awareness training journey a large organisation with 80,000 staff has been on, the challenges they’ve faced and the lessons they’ve learnt. What can we learn from their experience to enhance our own campaigns?

    In addition during this webinar we will :
    Join us as we

    ---> Share practical real-world examples and a blueprint for showing how your cyber awareness training could work based on a set of evidence-based principles.

    ---> Corporate learning in the digital age needs to enable and support behaviour change and we will assess the ways in which immersive training and active employee engagement can form the backbone of your cyber awareness blueprint.

    --> Assess ways in which we can start to re-wire our ‘human operating systems’ – helping to ensure we help our employees become our most effective defence rather than just hoping they don’t make simple mistakes. Mistakes that our adversaries are counting on us to make.

    The Panellists:

    - Stuart Coulson, Director, HiddenText
    - Nick Wilding, General Manager, Cyber Resilience, AXELOS and Head of RESILIA
    - Amar Singh, Founder and CEO, Cyber Management Alliance
  • Four Security Hurdles with SD-WAN Recorded: Jan 16 2020 39 mins
    Amar Singh, Lee Dolsen
    Businesses are facing specific threats that include

    - Vastly dispersed offices, across multiple continents
    - Increasingly erratic (even called flexible) work patterns
    - Ever increasing threats from the wild-west cyberspace

    SD-WAN is proposed as a technology that can solve the above and more but there are several obstacles that you need to be aware of before you embrace this technology.

    Join us on this educational webinar on SD-WAN as we discuss the challenges and opportunities offered by this technology and what you can do to decrease your risk exposure.

    The panelists on this webinar:

    Amar Singh, CEO, Cyber Management Alliance
    Lee Dolson, Director of Engineering, ZSCALER
  • Rewiring The Brain For Cyber Awareness Behaviour Change Recorded: Jan 15 2020 53 mins
    Amar Singh, Nick Wilding, Lizzie Coles-Kemp
    The author Maya Angelou has said: “…people will forget what you said, people will forget what you did, but people will never forget how you made them feel.”

    The fact is security that doesn’t work for your people, doesn’t work.

    We need to understand our own ‘human operating systems’ to ensure we can be effective in designing and managing innovative and collaborative solutions for our own ‘human error’ – the most significant threat to our organisations security and resilience. If, like us, you believe that there is a better way to achieve lasting behaviour change, then join us and share your experiences and insights.

    The webinar will:

    - Outline and illustrate some of the principles that should underpin an engaging and effective cyber awareness training.
    - Highlight the critical questions you should be asking in assessing any awareness training solution.
    - Highlight techniques now being used to make cyber awareness training engaging and fun,
    - Discuss new research designed to develop real ‘people-centred’ security.

    The Panellists

    - Nick Wilding, General Manager, Cyber Resilience, AXELOS and Head of RESILIA Frontline
    - Amar Singh, Founder and CEO, Cyber Management Alliance
    - Lizzie Coles-Kemp, Professor of Information Security, Royal Holloway, University of London
  • Why Hackers are Targeting and Succeeding in India and the Asia Pacific Recorded: Dec 17 2019 49 mins
    Amar Singh, Ben Verschaeren
    Interesting new research reveals that organisations in India and APJ face a series of cybersecurity shortcomings in the areas of education, company culture, skills, budgeting and operational management.

    The attackers are attracted to the "low hanging fruit" and green pastures as companies in India and the region are only just coming to terms with the negative impact of being insecure and not ready for cyber-attacks.

    Join Amar Singh & Ben Verschaeren as they discuss why overcoming these challenges won’t be easy and the opportunities available to strengthen these areas in addition to the hardening of the technology platforms and tools used.

    Ben, based in Australia, is Sophos' Global Solutions Engineer and threat researcher. Ben is responsible for researching the threat landscape and educating the Sophos team, customers and partners on the latest threats. This includes building demonstration and training tools, focusing on real world exploits and malware.

    Amar is based in London, UK and is a globally recognised cyber and privacy specialist and a practising CISO. Amar and his firm Cyber Management Alliance Ltd are trusted advisors in cybersecurity and privacy to global organisations and mentor CISO and C-Level executives on cyber resilience and data-privacy.
  • The Truth Behind Cybersecurity’s Biggest Lie Recorded: Nov 28 2019 55 mins
    Amar Singh, Chris Eves
    What the Industry Tries to Cover Up and What you Need to know.

    "This is the most secure solution that you will ever need. It has Machine Learning, advanced Artificial Intelligence, block-chain and blah blah blah."

    Yet, cyber-crime is increasing!

    Like in other sectors, IT and cyber have their fair share of Snake-oil sellers. However, if you include the blow-out-of-proportionists and aggressive selling tactics, it gets more complicated, dangerous and sometimes leaves you with little more than unadulterated lies.

    Join Amar Singh and Chris Eves from Alsid as they separate the wheat from the chaff and filter-out the noise to show you the stuff that really matters when it comes to building a cyber-resilient business.

    Amar Singh is an experienced Cyber and Privacy practitioner and is the CEO of Cyber Management Alliance Ltd and the founder of Wisdom of Crowds.

    Chris Eves is a Data Protection expert helping to protect enterprise organisations from cyber attacks, both internally and externally. During Chris's 10 years in IT, he has built up knowledge of Networking, Infrastructure, Backup, Data Storage and more recently Data Protection & Governance and Active Directory Cyber Security.
  • Rapid Incident Response - How to Respond to Cyber-Attacks at Cyber-Speed Recorded: Sep 30 2019 31 mins
    Amar Singh (Cyber Management Alliance), Steven Peake (Barracuda)
    To-the-point webinar that shows you the key technology stack you need to ensure you are able to detect and swiftly respond to the early stages of a cyber-attack. There are enough statistics and figures available to convince anyone - criminals will succeed in breaking-in. The question you have to ask yourself? - Are you prepared for Rapid Detection and Rapid Response.

    Furthermore, successful and swift response requires the right technology stack where all the various technology solutions work together. Review this educational webinar to see how a harmonious eco-system works as one to make Rapid Incident Response real and effective.
  • Beyond the Gateway: Steps to Significantly Increase Your Cyber Resilience Recorded: Aug 27 2019 28 mins
    Junior Birkett (Barracuda Networks), Peter Mullens (Barracuda Networks), Amar Singh (Cyber Management Alliance)
    Discover how email security is moving beyond the gateway, using new techniques such as artificial intelligence and machine learning to protect organizations against the latest emerging threats such as spear phishing and account takeover.
View our exclusive "Insights with Cyber Leaders Series" and webinars
Cyber Management Alliance presents an exciting series of interviews with International Cyber Security Leaders. Want to know what they look for when hiring for their teams? Want to know the secrets to their success and what keeps them awake at night? Theses exclusive interviews are presented by industry thought leader and Chair of ISACA's UK Security Advisory Group and Global CISO Amar Singh. Series but humours and light hearted interviews. See the leading figures in Cyber Security like you've never seen them before. From Eugene Kaspersky to CTO HP Enterprise and CTO of Intel Security we have an amazing line up. Subscribe for updates.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Leveraging Threat Hunting To Investigate Advanced Threats
  • Live at: May 3 2018 1:00 pm
  • Presented by: Amar Singh, Damien Townsend
  • From:
Your email has been sent.
or close