Name: Securing the Cloud Native Software Supply Chain
Start: 2021-10-13T03:00:00Z
End: 2021-10-13T04:01:33.000Z
Location: BrightTALK
Rating: 4.7

Looking for expertise and information to advance your career and tackle your challenges? Subscribe and join us for the educational webinars in APAC time zone. Earn CPEs quickly and at no cost by attending webinars: 1 hour of webinar equals 1 CPE. We welcome members and non members alike.

Join us for a live Q&A where our panel of experts will answer your questions about CCSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• Why vendor-neutral certification is in demand
• How CCSP complements vendor certifications
• What training tools are available
• And much more

Bring your questions and join us on Friday, April 28, 2023, at 1:00 p.m. ET

Save your spot now.

CCSP EXAM READY: Ask the Experts Before You Sit

Join us for a live Q&A where our panel of experts will answer your questions about CISSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day. 

You’ll learn:
• How CISSP builds your end-to-end foundational understanding of cybersecurity
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Bring your questions and join us on Friday, April 14, 2023, at 1:00 p.m. ET

Save your spot now.

CISSP EXAM READY: Ask the Experts Before You Sit

Join us for this live Q&A where our panel of experts will answer all of your questions about the Certified Information Systems Security Professional (CISSP) Concentrations in architecture, engineering and management before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• How the ISSAP, ISSEP and ISSMP concentrations build upon the CISSP
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Save your spot now.

CISSP Concentrations (ISSAP, ISSEP, ISSMP) EXAM READY: Ask the Experts

DNS traffic is a highway of information, which can include many aspects of a modern attack, including Command-and-Control (C2) traffic, multi-staged attacks, and exfiltration. Analyzing more than 7 trillion DNS queries per day, Akamai has unique insight into dominant threats worldwide and in Asia Pacific. 

From our latest State of the internet/Security report, we will share our findings and insights into the latest attack trends based on DNS traffic of corporate and home networks that Akamai monitors and protects in real-time. 
 
Join us where we will take a closer examination and uncover:


• How Asia Pacific compares against rest of world in C2 traffic 
• Updated insights of the most prevalent threats and attacker groups in Asia Pacific today
• The role of DNS in a typical cyber breach kill chain
• Practical advice and recommendations

Presenter: Reuben Koh, Director, Security Technology and Strategy, APJ, Akamai
Moderator: Alan Chan, CISSP-ISSMP, CSSLP, Member, (ISC)² Hong Kong Chapter

Command and Control - a deeper look at DNS (ab)use

Join us for a live Q&A where our panel of experts will answer your questions about CCSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• Why vendor-neutral certification is in demand
• How CCSP complements vendor certifications
• What training tools are available
• And much more

Bring your questions and join us on Friday, March 24, 2023, at 1:00 p.m. ET

SSCPは、国際的に認められた情報セキュリティ資格であり、サイバー攻撃から防御する能⼒があることを証明します。システムやネットワーク、ITインフラの開発、構築、運用に従事するエンジニアがSSCP資格を取得することによって、組織において重要な資産を保護し、組織のミッション達成をサポートするために必要となるサイバーセキュリティのスキルセットを獲得することができます。本セミナーでは、SSCP資格についてご紹介した後、(ISC)²認定講師によるドメインレビューを開催します。

第一部：「(ISC)² とSSCP資格のご紹介」 (小熊 慶一郎氏)
資格のご紹介、取得までの道のり、資格の維持についてお話します。

第二部：SSCP CBKのドメインレビュー「国際資格(ISC)² Systems Security Certified Practitioner（SSCP）」（福井 将樹氏）

SSCPの共通知識分野(CBK)は、 組織のプロセスとシステムを保護するための適切なサイバーセキュリティ管理策を設計するために必要な知見と情報を提供します。SSCP CBKの7つのドメインでは、実務に必要な基本的かつ実用的な知識を取り扱い、情報セキュリティを専業としていない実務経験年数が少ない方にとっても、より実践に近い内容をグローバルの標準に則って理解することができます。

Online Information Session 2023: グローバル情報セキュリティ資格「SSCP」紹介セミナー

Join us for this live Q&A where our panel of experts will answer all of your questions about Certified Secure Software Lifecycle Professional (CSSLP) certification before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn:
• How CSSLP prepares you to incorporate best security practices into each phase of the SDLC
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Save your spot now.

CSSLP EXAM READY: Ask the Experts Before You Sit

The Domain Name System (DNS) is essentially the central nervous system of the internet—everyone needs it to work because without DNS services, digital business would come to a halt. Cybercriminals know this, too, and use DNS services to launch their attacks while they simultaneously attack the DNS services of their targets.

Therefore, it’s not only important to protect your organization’s DNS service, but also to use the data available from DNS services to more rapidly detect and more surgically block threat activity such as phishing, DNS tunneling-based data exfiltration, and ransomware.

To accomplish these goals, join Infoblox Senior Product Marketing Manager Bob Hansmann as he discusses best practices for an effective DNS security architecture.

Presenter: Bob Hansmann, Senior Product Marketing Manager, Infoblox
Moderator: Melvin Leong, CC, Sub-Committee Member, (ISC)² Singapore Chapter

A DNS Security Architecture as SecOps Force Multiplier

Join us for this live Q&A where our panel of experts will answer all of your questions about CC before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day.

You’ll learn about: 

• Career opportunities in cybersecurity 
• Why vendor-neutral certification is in demand
• What training tools are available
• What to expect on exam day 
• And much more

SAVE YOUR SPOT NOW.

CC EXAM READY: Ask the Experts Before You Sit

より多くの企業がクラウドに移行する中、クラウドセキュリティのプロフェッショナルの需要が高まっています。世界的に認められているCCSPを取得することで、クラウドにおけるデータ、アプリケーション、インフラを設計・管理・保護するための高度な知識とスキルを有していることをアピールできます。本セミナーでは、CCSP資格についてご紹介した後、(ISC)²認定講師により効率的にクラウドサービスの評価を行う方法について説明します。また、クラウドサービスの評価に利用するツール、リスク管理の方法等について、CCSPのCBKで説明されている内容を紹介します。 
 
第一部：「(ISC)² とCCSP資格のご紹介」 (小熊 慶一郎氏) 
資格のご紹介、取得までの道のり、資格の維持についてお話するとともに参加者からの質問にお答えします。
 
第二部：「クラウド利用者の説明責任とクラウドサービスのセキュリティ評価」（諸角 昌宏氏）

Online Information Session 2023: クラウドセキュリティ資格「CCSP」紹介セミナー

Threat hunting and SOC teams find themselves in an ever-changing landscape where identifying infrastructure TTPs and adversary domains can be critical to stay ahead of attacks. Manual processes can only get you so far before you’re inundated with so much noise that the bigger picture is lost; parsing through that much data manually hinders prioritization of what’s most important and correlating relevant data points in a campaign becomes challenging.

With that said, you can increase your speed of analysis using security orchestration automation response (SOAR) platforms to help manage and better understand alerts encountered on a daily basis.

Join DomainTools and ISC2 on March 7 to discuss how to separate signal from noise and to automate complex actions and investigations with world class domain and DNS data.

Presenter: Taylor Wilkes-Pierce, Global Director of Solutions Engineering, DomainTools
Moderator: Anthony Lim, CSSLP, Director Advocate, (ISC)² Singapore Chapter

Take the Leap and SOAR with DNS

Join us for this live Q&A where our panel of experts will answer all of your questions about SSCP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training options and more to help you build confidence so you’re ready on exam day. 

You’ll learn: 
• How SSCP proves your knowledge, skills and experience as an ISO-accredited certification 
• Why vendor-neutral certification is in demand 
• What training tools are available 
• And much more 

SAVE YOUR SPOT NOW.

SSCP EXAM READY: Ask the Experts Before You Sit

Over the past decade, sandboxes have become the standard tool for the analysis of previously unseen malware. They are embedded in security controls such as NGFWs, email- and web-gateways, play an important role in EDR and XDR implementations, and are widely used for incident response and threat hunting. 

However, while you may already have a sandbox, what is it good for, how does it work and does it protect you? In this webinar we discuss a technology you may have ignored. 

We’ll cover:
• Background: Common sandbox technology
• Avoidance techniques: How malware avoids detection
• Benchmarking: Ensuring your sandbox is doing what it should
• Sharing IoCs: Generating value throughout your security landscape

Join VMRay and (ISC)2 for a deep-dive into sandboxing and learn how to stop worrying and love your sandbox.

Presenter: Michael Bourton, CISSP, CCSP, CISSP-ISSAP, Senior Security Solutions Engineer, VMRay
Moderator: Alan Chan, CISSP-ISSMP, CSSLP, Member, (ISC)² Hong Kong Chapter

Getting Sand in Funny Places: Understanding Malware Sandboxing

Hardcoded credentials like passwords and API tokens can speed up development, but if they fall into the wrong hands they can lead to unauthorized access, data leakage, and more. But finding where your secrets are hiding in plain sight is easier said than done.

Join us as we explore how exposed secrets can be leveraged in an attack and best practices to keep your secrets secret wherever they are. In this technical webinar, you’ll learn how to identify and prevent any kind of hard coded secrets throughout the supply chain by following secrets security fundamentals.

Register now to learn:

- Best practices for securely storing secrets without sacrificing efficiency
- How to identify secrets early in the SDLC by adopting developer-first integrations
- Why leveraging both keyword and entropy-based secrets scanning is key to getting complete secrets security coverage and more
 
Presenter: Ajay Mishra, Field Chief Technology Office, Cloud Security, Palo Alto Networks
Moderator: Dr. Great Gu, CISSP, CCSP, Committee Member, (ISC)² Shanghai Chapter

Can You Keep A Secret? Best Practices For Dev-first Secrets Security

「今なぜCISSPが求められているのか」

 
デジタル化やデジタルトランスフォーメーションが推進させる中、セキュリティをハンドリングするスキルとしてサイバーセキュリティ資格「CISSP」への注目が高まっています。ICT企業やセキュリティベンダーにとどまらず、あらゆる業界、業種においてCISSPが求められるようになって来ています。本セミナーでは、CISSPについてご紹介し、「今なぜCISSPが求められているのか」をテーマに、CISSPがカバーするスキルの範囲やCISSPの持つ独特のセキュリティ感をひもとくことでいまなぜCISSPが求められているのかについてお話しします。

内容：
「(ISC)² とCISSP資格のご紹介」 (小熊 慶一郎氏) 
「今なぜCISSPが求められているのか」（淵上 真一氏）※2022年10月録画版 

Presenters:
小熊 慶一郎, CISSP, (ISC)² Director of Business Development, Japan  
淵上 真一, CISSP, SSCP,  (ISC)² 認定講師

Online Information Session 2023: サイバーセキュリティ資格「CISSP」紹介セミナー

Join us for a live Q&A where our panel of experts will answer your questions about CISSP before you sit for the exam. We’ll go over certification requirements, the domains, self-study resources, training strategies, career paths and more to help you build confidence so you’re ready on exam day. 

You’ll learn:
• How CISSP builds your end-to-end foundational understanding of cybersecurity
• Why vendor-neutral certification is in demand
• What training tools are available
• And much more

Bring your questions and join us on Friday, February 17, 2023, at 1:00 p.m. ET

Save your spot now.

The Center for Cyber Safety and Education is transforming with a new mission for today’s cybersecurity reality. Be among the first to learn about the exciting changes underway at the Center, including new and familiar ways (ISC)2 members and others will be able to get involved. As we start our journey, the Center is putting out a call for new Trustees for the Center Board to help guide the great work we will do together.  
 
Join us to learn about the new mission of the Center, what it means to be a Center Trustee, and the process for applying to become a Trustee.

The Center for Cyber Safety and Education – A Call for New Center Trustees

We’ve seen this story play out in grand fashion over the last year: attackers are using the software supply chain to inject malicious artifacts into CI/CD pipelines and execute elaborate kill chains in production. Traditional software testing techniques are ill-equipped to detect these advanced threats that only initiate during runtime, and cloud native ecosystems add multiple layers of complexity. Now, today’s best practices for DevSecOps all but oblige security teams to implement complete pre-production analysis of runtime behavior, to provide detailed documentation of the attack kill chain, and to facilitate proper remediation at the risk’s source.

Join Aqua Security as we discuss supply chain security for today’s cloud native software ecosystems, exploring:
• Advanced threats in the software supply chain
• Security implications of cloud native and DevOps methodologies
• Best practices for detecting malware and mitigating risks before production deployment

Presenter: Zhihao Tan, Director, Solution Architects – APJ, Aqua Security
Moderator: Paolo Miranda, CISSP, Volunteer Outreach Director, (ISC)² Singapore Chapter

Securing the Cloud Native Software Supply Chain

Security Awareness

Supply Chain

Cyber Security

Information Security

DevOps

Advanced Threats

Malware

Mitigation

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Health IT

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Securing the Cloud Native Software Supply Chain

Presented by

About this talk

More from this channel