Hi [[ session.user.profile.firstName ]]

APIに求められるセキュリティ基盤とその実装方法

モダンなアプリケーションを支えるAPI基盤をどのようにセキュアに構築すれば良いのか?
本セミナーでは以下トピックに関してご案内致します。

・アプリケーションを支えるAPI基盤概要
・API Managementと必要なセキュリティ機能
・API Gateway実装パターン

Presenter: 伊藤 悠紀夫, CISSP, ソリューションアーキテクト, F5 ネットワークスジャパン合同会社
Moderator: 小熊 慶一郎, CISSP, Director of Business Development, Japan, (ISC)²
Recorded Feb 5 2020 53 mins
Your place is confirmed,
we'll send you email reminders
Presented by
伊藤 悠紀夫, CISSP, ソリューションアーキテクト, F5 ネットワークスジャパン合同会社
Presentation preview: APIに求められるセキュリティ基盤とその実装方法

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • State of the Internet / Security: Financial Services — Hostile Takeover Attempts Mar 25 2020 5:00 am UTC 60 mins
    Sid Deshpande, Director of Security Strategy, Akamai Technologies
    Attacks against financial services institutions are growing in both quantity and sophistication. In this webinar, we will explore distinctive attack trends on financial services organizations that may spread to other industries, including:

    • A special focus on APAC statistics
    • The targeting of APIs in credential stuffing
    • How error response messages help criminals improve their targeting
    • Where criminals are finding new LFI vulnerabilities, and new ways to exploit them
    • High-density, multi-vector DDoS attacks
    • The elements of the Zero Trust toolkit that can help limit the effectiveness of known and unknown attack types

    Join Akamai Technologies and (ISC)² on Mar 25, 2020 (Wed) at 13:00 (GMT +8) to learn about cybersecurity for financial services.

    Presenter: Sid Deshpande, Director of Security Strategy, Akamai Technologies
  • (ISC)² Info Session: SSCP -The Premier Security Administrator Certification Mar 19 2020 3:00 am UTC 60 mins
    Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
    Earning a globally recognized advanced security administration and operations certification like the SSCP is a great way to grow your career and better secure your organization’s critical assets.

    The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organization’s critical assets.

    In this info-session, you will learn:
    - How large is the cybersecurity workforce gap today
    - The value of (ISC)² certification
    - What you will learn in training for the SSCP exam
    - What to expect from the SSCP exam
    - How to become endorsed and earn the SSCP certification
    - And, ask any question that will support your certification journey

    =====================================================================
    SSCP certification demonstrates you have the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures.

    Prove your skills, advance your career, and gain the support of a community of cybersecurity leaders here to help you throughout your career.

    www.isc2.org/sscp

    Are you ready to prove yourself? Register and begin your SSCP journey today!
  • Prove Your Cyber Strategy Works with Security Ratings! Mar 18 2020 3:00 am UTC 60 mins
    Terence Cheong, Senior Consulting Engineer, BitSight Technologies
    Measuring cybersecurity program performance is critical, but often times is clouded in ambiguity and low confidence results. Yet, it has never been more important for executives and board members to understand the performance of their organization’s cybersecurity programs, and treat cybersecurity like any other business risks. Reports with quantitative metrics and comparisons, as well as developing a more strategic approach to cyber risk are no longer nice to have — these are required.

    This session Is ideal for infosec personnel with minimal exposure to security ratings. It will cover how cybersecurity and risk professionals can take a more quantitative approach to measuring their security program performance, and how others have benefitted from this approach to reduce cyber risk.

    HR, marketing, legal, procurement and senior management will also find this session informative as it shows you how you can easily understand the effectiveness of your cybersecurity posture without being a geek.

    Join BitSight Technologies and (ISC)² on Mar 18, 2020 (Wed) at 11:00 (GMT +8) to learn about security ratings.

    Presenter: Terence Cheong, Senior Consulting Engineer, BitSight Technologies
  • Using DNS for Foundational Enterprise Security Mar 11 2020 6:00 am UTC 60 mins
    James Ellerman, Senior Solution Engineer, Infoblox
    DNS plays an enormous role in enterprise security. It is the attack vector for more than 90% of malware and a key avenue for data theft. Against this backdrop, networks are becoming harder to defend as the focus shifts from the traditional data center to the WAN perimeter in what Gartner calls the secure access service edge (SASE).

    Attend this live webinar and discover how DNS and other core network services (aka DDI) can provide foundational enterprise security for today’s edge-centric networks. Join Infoblox and (ISC)² on Mar 11, 2020 (Wed) at 14:00 (GMT +8) and learn:

    • Why DNS has become the leading threat vector for damaging attacks
    • How to turn DNS and related services into your most effective network defenders
    • Cloud and on-premises solution options that close the door to DNS-based threats

    Presenter: James Ellerman, Senior Solution Engineer, Infoblox
  • CISSP 认证宣讲会 2020 Mar 5 2020 7:00 am UTC 60 mins
    顾伟, CISSP, (ISC)²授权讲师,(ISC)²上海分会理事
    抓住机遇,自我升值,2020年让网络安全“金牌认证”CISSP为您和您的职业发展加速!

    享誉全球的CISSP认证含金量高,颇受行业雇主和专家青睐,多次被SC Magazine评为“最佳职业认证项目”,是信息安全专业人士证明网络安全策略、认知和实践经验的理想之选。

    通过2020首次中文宣讲会,您将了解到:
    • 行业对网络安全专业人才的需求;
    • (ISC)² 认证价值;
    • CISSP认证的全面介绍,包括CISSP概况、持证者福利、考试介绍、知识域、官方培训等;
    • CISSP认证的备考路径;
    • 与CISSP认证相关的问题答疑。

    2020年3月5日周四15:00-16:00,敬请期待!
  • (ISC)² Info Session: CCSP - The Industry’s Premier Cloud Security Certification Feb 20 2020 6:00 am UTC 60 mins
    Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
    Earning the globally recognized CCSP cloud security certification is a proven way to build your career and better secure critical assets in the cloud.

    The CCSP is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration.

    In this info-session, you will learn:

    - How large is the cybersecurity workforce gap today
    - The value of (ISC)² certification
    - What you will learn in training for the CCSP exam
    - What to expect from the CCSP exam
    - How to become endorsed and earn the CCSP certification
    - And, ask any question that will support your certification journey

    ===================================================================

    The CCSP shows you have the advanced technical skills and knowledge to design, manage and secure data, applications and infrastructure in the cloud using best practices, policies and procedures.

    Prove your skills, advance your career, and gain support from a community of cybersecurity leaders here to help you throughout your professional journey. More details>> www.isc2.org/ccsp

    Are you ready to prove yourself? Register and begin your certification journey today!
  • (ISC)² Info Session: CISSP - The World's Premier Cybersecurity Certification Recorded: Feb 13 2020 87 mins
    Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
    Accelerate your cybersecurity career with the CISSP certification in 2020!

    The CISSP is the global gold standard in cyber security certification for professionals and has received countless accolades and awards, the most recent being awarded the top cyber security certification program by SC Media magazine in 2019.

    Becoming CISSP certified demonstrates your deep skills, experience and knowledge in cybersecurity and opens the doors for career and salary advancement.

    Join this online info-session hosted by (ISC)² and learn everything you need to know about the globally recognized credential CISSP!

    During the online info-session, you will learn:
    - How large is the cybersecurity workforce gap today
    - The value of (ISC)² certification
    - What you will learn in training for the CISSP exam
    - What to expect from the CISSP exam
    - How to become endorsed and earn the CISSP certification
    - And, ask any question that will support your certification journey

    ==================================================================
    Earning the CISSP proves you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program. With a CISSP, you validate your expertise and become an (ISC)² member, unlocking a broad array of exclusive resources, educational tools, and peer-to-peer networking opportunities.

    Prove your skills, advance your career, and gain the support of a community of cybersecurity leaders here to support you throughout your career.

    More details >> www.isc2.org/cissp
  • How to Manage Risk in the Cloud (以粵語進行) Recorded: Feb 12 2020 61 mins
    Clive Chan, Manager, Systems Engineering, F5 Networks Hong Kong & Macau
    Businesses are racing to deploy or move their applications to the cloud—often without considering whether it will make their security posture better, or worse.

    Cloud allows organizations to offload many responsibilities to third-party providers, but mitigating the risk to your applications isn’t one of them. In fact, the use of cloud and other third-party resources is rapidly expanding your attack surface, while reducing visibility and control over applications and data.

    We aim to document the most common form of information supply chain breaches as well as suggest some frameworks and methodologies for reducing the risk in the use of cloud and third parties.

    Join F5 Networks and (ISC)² on Feb 12, 2020 (Wed) at 14:00 (Hong Kong time) to learn:
    • Which common risks can affect your security in the cloud
    • Which solutions can help reduce those risks
    • How to increase control of your applications in the cloud

    Presenter: Clive Chan, Manager, Systems Engineering, F5 Networks Hong Kong & Macau
    Moderator: Otto Lee, CISSP, CCSP, CSSLP, Membership Chair, (ISC)² Hong Kong Chapter

    *This webinar will be conducted in Cantonese. (本次網上研討會將以粵語進行。)
  • APIに求められるセキュリティ基盤とその実装方法 Recorded: Feb 5 2020 53 mins
    伊藤 悠紀夫, CISSP, ソリューションアーキテクト, F5 ネットワークスジャパン合同会社
    モダンなアプリケーションを支えるAPI基盤をどのようにセキュアに構築すれば良いのか?
    本セミナーでは以下トピックに関してご案内致します。

    ・アプリケーションを支えるAPI基盤概要
    ・API Managementと必要なセキュリティ機能
    ・API Gateway実装パターン

    Presenter: 伊藤 悠紀夫, CISSP, ソリューションアーキテクト, F5 ネットワークスジャパン合同会社
    Moderator: 小熊 慶一郎, CISSP, Director of Business Development, Japan, (ISC)²
  • クラウドセキュリティ資格「CCSP」のご紹介 Recorded: Feb 3 2020 45 mins
    小熊 慶一郎, CISSP, (ISC)² Director of Business Development, Japan
    CCSP(Certified Cloud Security Professional)は、CISSPで知られる(ISC)²が提供する最新の資格制度で、クラウドサービスを安全に利用・運用するために必要な知識やスキルを世界で初めて体系化し、人材を認定します。Webinarでは、このCCSPについてわかりやすく説明します。

    Presenter: 小熊 慶一郎, CISSP, (ISC)² Director of Business Development, Japan
  • Market Trends in DNS Privacy, DoT and DoH Recorded: Jan 15 2020 63 mins
    Paul Adair, Principal Product Manager, Infoblox
    Traditionally, DNS has had a “last mile” security problem: Communications from a local DNS server to a client are almost always unencrypted, and hence vulnerable to spoofing, hijacking and more. DNS privacy standards have emerged to help encrypt those communications.

    Join Infoblox and (ISC)² on Jan 15, 2020 (Wed) at 10:00 (GMT +8) as we explore the two leading DNS privacy standards—DNS over TLS (DoT) and DNS over HTTPS (DoH). Attend and learn:

    • The pros and cons of each protocol
    • Which option makes the most sense for your level of security risk and why
    • Who benefits from your DNS data
    • Simple ways to secure your network and prevent misuse of your DNS

    Presenter: Paul Adair, Principal Product Manager, Infoblox
    Moderator: Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
  • ID認識型プロキシ(IAP)のユースケース&クライアントサイドアタックの防御戦略 Recorded: Dec 4 2019 60 mins
    金子 春信, CISSP, シニア・プロダクト・マーケティング・マネージャー, Akamai Technologies; バンダリ・ハレンドラ, セキュリティ・プロダクト・マネジャー, Akamai Technologies
    このウェビナーでは、2つの重要なセキュリティトピックについて説明します。

    1. ゼロトラスト・セキュリティのコンポーネントの1つとしてのIdentity Aware Proxies(IAP)– IAPを実装し、そのアーキテクチャを活用してセキュリティ運用を改善するユースケースを解説します。

    2. Magecartやクレジットカードスキミングなど、標的を絞ったクライアントサイドアタックに対する防御方法–議論を3つのコンポーネントに分けます。主要な攻撃手法は何か、攻撃を検知する方法、最後に攻撃をブロックする方法です。

    Presenter: 金子 春信, CISSP, シニア・プロダクト・マーケティング・マネージャー, Akamai Technologies
    Presenter: バンダリ・ハレンドラ, セキュリティ・プロダクト・マネジャー, Akamai Technologies
    Moderator: 小熊慶一郎, CISSP, Director of Business Development, Japan, (ISC)²
  • 为API经济保驾护航 - 整体API防护解决方案 Recorded: Dec 4 2019 54 mins
    闫海波, 资深解决方案顾问, F5 Networks
    API经济迅猛发展,各个行业都在试图通过API技术手段将自己的传统服务与外部建立更多的连接,提供更多的服务,建立一个以自己核心价值为基础的生态系统,从而获得更大的经济利益。

    参加F5 Networks和(ISC)²在12月4日下午2:00至3:00的在线研讨会《为API 经济保驾护航 - 整体API防护解决方案》,您将了解到针对API的多层级的保护措施,以及具体的防护参考架构,还等什么?赶紧加入我们吧。

    演讲人: 闫海波, 资深解决方案顾问, F5 Networks
    主持人: 顾伟, CISSP, CCSP, (ISC)² 授权讲师及(ISC)²上海分会理事

    *本次在线研讨会将以普通话进行
  • Key Attributes of a Modern Phishing Awareness Program Recorded: Nov 27 2019 64 mins
    Ryan Jones, Principal Sales Engineer, APAC, Cofense
    As the phishing threat landscape continues to evolve at a pace that technology is unable to keep up with, organizations are turning to phishing awareness and simulation programs to plug the gap. Is your phishing awareness program keeping up with this changing landscape?

    Join Cofense and (ISC)² on Nov 27, 2019 (Wed) at 14:00 (GMT +8) as we explore the attributes of a modern phishing awareness program and see what our data, based on millions of phishing simulations, shows about awareness programs and simulation exercises.

    You will learn:
    - The statistical advantage of using an email reporting tool
    - The important role the end user plays in active defense
    - How often you need to send simulations for maximum resiliency
    - The advantages of basing simulations on active threats, not random dangers
    - Why ‘phish testing’ is the enemy of true phishing defense

    Presenter: Ryan Jones, Principal Sales Engineer, APAC, Cofense
    Moderator: Kawin Boonyapredee, CISSP, Chief Cyber Strategist, Booz Allen Hamilton
  • Demonstrating Credential Stuffing Against Public Authentication Systems Recorded: Nov 20 2019 64 mins
    Ajay Mishra, Senior Enterprise Security Architect; Sid Deshpande, Director of Security Strategy, Akamai Technologies
    Enabling consumers to have personalized, meaningful interactions with a brand online is an essential component of digital business. While this unlocks tremendous business value, it also increases the risk surface as attackers are quick to leverage techniques such as credential stuffing to cause financial losses to the business. This session, featuring a technical attack demo, will help highlight key architectural considerations for security practitioners to mitigate these risks and stay ahead of attackers.

    Join Akamai Technologies and (ISC)² on Nov 20, 2019 (Wed) at 13:00 (GMT +8) to learn about public authentication system security.

    Presenter: Ajay Mishra, Senior Enterprise Security Architect, Akamai Technologies
    Presenter: Sid Deshpande, Director of Security Strategy, Akamai Technologies
    Moderator: Clayton Jones, Managing Director, APAC, (ISC)²
  • Why You Need A Globally Recognized Cloud Security Certification Recorded: Nov 7 2019 63 mins
    Tony Vizza, CISSP, CCSP, Director of Cyber Security Advocacy - APAC, (ISC)²
    Earning the globally recognized CCSP cloud security certification is a proven way to build your career and better secure critical assets in the cloud.

    In this info-session, you will learn:

    - Trends in cloud security
    - Why you should pursue CCSP
    - How to earn the CCSP certification: exam and experience requirements
    - And, ask any question that will support your certification journey

    Each presentation is followed by a Q&A period to answer your questions about your certification journey.

    ===================================================================

    The CCSP shows you have the advanced technical skills and knowledge to design, manage and secure data, applications and infrastructure in the cloud using best practices, policies and procedures established by the cybersecurity experts at (ISC)².

    Prove your skills, advance your career, and gain support from a community of cybersecurity leaders here to help you throughout your professional journey. More details>> www.isc2.org/ccsp

    Are you ready to prove yourself? Register and begin your certification journey today!

    NOTE: Join this info-session and earn 1 CPE.
  • 제로 트러스트 베스트 프랙티스와 금융권 DDoS 공격 트렌드 Recorded: Nov 6 2019 62 mins
    백 용 기, Senior Enterprise Security Executive; 정 덕 진, Security Technical Project Manager, Akamai Technologies
    제로 트러스트 보안에는 내부(국내외 지점) 및 외주직원이 온프라미스와 클라우드에 위치한 기업의 애플리케이션을 원격에서 안전하게 액세스하고, 기업내부에서 외부로 나가는 DNS쿼리를 제어하여 데이터 유출을 차단 할 수 있는 활동이 필요합니다. 원격 네트워크 액세스, DNS 기반 보안 및 응용 프로그램 계층 공격 방어 측면에서 가장 성공적인 모범 사례를 살펴보겠습니다.

    이 웹 세미나는 두 부분으로 나뉩니다.

    첫 번째 부분에서는 원격 네트워크 액세스 및 DNS 기반 보안 측면에서 Zero Trust Security Reference Architect를 통해 기존 경계 기반보안 모델의 문제점과 고려사항 및 해결방안을 살펴 봅니다.

    두 번째 부분에서는 금융 서비스의 DDoS 트렌드를 살펴 보겠습니다. 또한 한국에서 발생한 L7 계층 7 볼륨 공격의 실제 사건과DDoS 완화 모범 사례에 대한 권장 사항을 공유 할 것입니다.

    발표자: 백 용 기, Senior Enterprise Security Executive, Akamai Technologies
    발표자: 정 덕 진, Security Technical Project Manager, Akamai Technologies
    진행자: 박 선 영, Senior Business Development Manager, APAC, (ISC)²
  • Why Your Cyber Security Career Will Benefit From the CISSP Certification Recorded: Nov 5 2019 62 mins
    Tony Vizza, CISSP, CCSP, Director of Cybersecurity Advocacy, APAC, (ISC)²
    The cybersecurity skills shortage is a significant problem for many organisations today. (ISC)² research shows an estimated 2.13 million cybersecurity jobs will go unfilled in the Asia-Pacific region by 2022.

    Do you have what it takes to become an information security professional? Do you have the skills, experience and team culture to help keep your organization secure? Plan your next career advancement goal – Become CISSP certified in 2020!

    The CISSP is the global gold standard in cyber security certification and has been awarded the top cyber security certification program for 2019 by SC Media magazine. Becoming CISSP certified opens the doors for career and salary advancement.

    Join this online info-session hosted by (ISC)² and learn everything you need to know about the globally recognized credential CISSP!

    During the online info-session, you will:
    • How large the cybersecurity workforce gap is today.
    • Why you should consider pursuing the CISSP.
    • How to earn the CISSP certification including exam and experience requirements.
    • And you can ask any question you may have to help you on your certification journey

    Each presentation is followed by a Q&A period to answer your questions about your certification journey.

    ==================================================================
    Earning the CISSP proves you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program. With a CISSP, you validate your expertise and become an (ISC)² member, unlocking a broad array of exclusive resources, educational tools, and peer-to-peer networking opportunities.

    Prove your skills, advance your career, and gain the support of a community of cybersecurity leaders here to support you throughout your career. More details >> https://www.isc2.org/cissp
  • 你的 VRM 漏洞风险管理有多深? Recorded: Oct 30 2019 61 mins
    郑学辉, Senior Solution Architect - APAC, Tenable Inc
    过去数年网络及应用的漏洞数量不断上升,去年新被披露的漏洞数量高达18,000。 再加上网络环境日益复杂,网络攻击面频繁发生,导致企业极大商业的损失。 过去一直未被重视的漏洞风险管理 (Vulnerability Risk Management - VRM) 终于获得企业IT的极大重视。

    参加Tenable和 (ISC)² 在10月30日下午2:00至3:00的在线研讨会,Tenable 亚太区资深架构顾问 Disney Cheng 郑学辉,将与大家精选几个用户案例及技术要点及管理手法,希望有助大家建立有效漏洞及风险管理流程。探讨一些全新技术、工具和应用场景。

    演讲人: 郑学辉, Senior Solution Architect - APAC, Tenable Inc
    主持人: 邵菊, CISSP, CCSP, (ISC)² 南京分会财务官兼理事

    *本次在线研讨会将以普通话进行
  • 知己知彼 - 了解爬虫和爬虫管理应考虑的事项 Recorded: Oct 23 2019 63 mins
    梁医, 技术顾问, Akamai Technologies
    爬虫管理是当今网络安全中不容忽略的一项内容。爬虫活动几乎影响了所有行业,包括金融企业,电子商务,旅行酒店等。而且它的形式百变-可能是刮板爬虫,撞库爬虫等。 爬虫很好地隐藏了自己,不断变换并迅速发展。

    在这在线研讨会上,我们想分享一下企业所面对的爬虫威胁状况以及管理爬虫时应做好的准备。

    • 爬虫的演变
    • 行业重点:针对金融企业,电子商务和酒店业的爬虫
    • 爬虫管理应考虑的事项

    参加Akamai Technologies和 (ISC)² 在10月23日下午2:00至3:00的在线研讨会,此次演讲将为您带来爬虫管理应考虑的事项,敬请期待!

    演讲人: 梁医, 技术顾问, Akamai Technologies
    主持人: 卢佐华, CISSP-ISSAP, (ISC)²北京分会会长

    *本次在线研讨会将以普通话进行
Live Webinars for InfoSec Professionals in Asia Pacific Time Zone
Looking for expertise and information to advance your career and tackle your challenges? Subscribe and join us for the educational webinars in APAC time zone. Earn CPEs quickly and at no cost by attending webinars: 1 hour of webinar equals 1 CPE. We welcome members and non members alike.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: APIに求められるセキュリティ基盤とその実装方法
  • Live at: Feb 5 2020 8:00 am
  • Presented by: 伊藤 悠紀夫, CISSP, ソリューションアーキテクト, F5 ネットワークスジャパン合同会社
  • From:
Your email has been sent.
or close