Hi [[ session.user.profile.firstName ]]

ExtraHop #2: Case Study: Proactive Security Hygiene in a Hybrid Enterprise

Ever wonder how network traffic analysis (NTA) can reduce and harden an organization’s attack surface? In this webcast, the Director of Information Security at Accolade present a case study on how they use NTA to audit their security hygiene in real time, assuring that current standards for handling regulated data are being followed, and that all apps, services, and devices follow established security protocols to proactively reduce the chances of a data breach.
Recorded Feb 14 2019 56 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Mike Sheward, Senior Director of Information Security, Accolade; Brandon Dunlap, Moderator
Presentation preview: ExtraHop #2: Case Study: Proactive Security Hygiene in a Hybrid Enterprise

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Practical Advice for the Proactive SOC: How to Escape The Vicious Cycle of React Recorded: Apr 17 2019 56 mins
    ISSA International
    In this session, ExtraHop Deputy CISO Jeff Costlow will discuss how security operations teams can escape the cycle of reactivity characterized by constantly responding to a flood of alerts, and move toward a more proactive stance by using the right data sources and workflows, driven by network traffic analysis, to focus on developing proactive capabilities like continuous encryption auditing, policy auditing, and more advanced use cases like threat hunting.

    Mikhael Felker, Director of Information Security & Risk Management for Farmers Insurance

    Jeff Costlow, CISO, ExtraHop
    Michael Wylie, Director of Cybersecurity Services, Richey May Technology Solutions.
  • Encryption is Eating The Enterprise: Learn How To Thrive In The Age Of TLS 1.3 Recorded: Mar 19 2019 61 mins
    Paula Musich, Enterprise Management Associates (EMA); Barbara Kay, ExtraHop Networks; and Bri Hatch, ExtraHop Networks
    Groundbreaking new research from Enterprise Management Associates (EMA) shows that encryption is rolling out quickly, with 76% of respondents encrypting within the enterprise network, 71% within the data center, and 58% encrypting email, followed by 55% encrypting web services.

    According to the survey of IT respondents responsible for security, companies are adopting wildly divergent strategies on what, where, and how much to encrypt, how to decrypt, and which standards to use.

    It’s not a simple topic, especially when you add in factors including cloud, TLS 1.3, and regulations. The choices made in implementation can restrict incident response, business risk management, and application security. Poor decisions can be expensive and difficult to fix.

    Join us for a practical discussion with EMA Research Director Paula Musich, ExtraHop Director of IT Operations Bri Hatch, and ExtraHop Head of Security Product Marketing Barbara Kay

    - Research findings will help you gain support for a proactive plan and avoid retrofitting security
    - Security pros will learn what to consider and prioritize and how to engage productively with IT
    - IT and application teams will understand the visibility, performance, and security implications of different approaches to encryption and decryption
  • ExtraHop #3: How to Succeed at Threat Hunting & IR: Think Differently about Data Recorded: Mar 12 2019 59 mins
    Matt Cauthorn, VP of Cyber Security Engineering, ExtraHop; Brandon Dunlap, Moderator
    Two pillars of a successful and proactive SOC are threat hunting and incident response. The use of network traffic analysis can help improve performance in these two areas. This webcast will examine threat hunting and incident response and how network traffic analysis can make Tier 1 and Tier 3 analysts faster and more effective at validating, investigating, and responding to threats and security incidents
  • 72-Hours-to-Disclose Survival Guide Recorded: Feb 26 2019 58 mins
    John Pescatore (SANS) and John Matthews (ExtraHop Networks)
    72-Hours-to-Disclose Survival Guide: Accurate Scoping and Impact Assessment of Breaches

    With data breach reporting requirements tightening, there even greater pressure on incident response teams to understand the scope and impact of an incident. This webinar will discuss the role that network traffic analysis can play in speeding up incident response. You will learn how network traffic analysis can provide the context needed to empower your analysts to quickly investigate incidents and get definitive answers.
  • Rise Above Complex Workflows: Practical Ways to Accelerate Incident Response Recorded: Feb 15 2019 61 mins
    Matt Cauthorn, ExtraHop Networks; Paul Asadoorian. Security Weekly; Matt Alderman, Security Weekly
    Does your security investigation and incident response workflow "spark joy," or does it just leave you with more questions that are tough to answer? How do you improve your current data collection, tools, and workflows? In this session, ExtraHop’s VP of Cyber Security Engineering, Matt Cauthorn, will provide practical advice for how to identify areas for improvement in your incident response practice. Learn how Network Traffic Analysis can provide the visibility and data access needed to take investigations from many hours to just a few clicks.
  • ExtraHop #2: Case Study: Proactive Security Hygiene in a Hybrid Enterprise Recorded: Feb 14 2019 56 mins
    Mike Sheward, Senior Director of Information Security, Accolade; Brandon Dunlap, Moderator
    Ever wonder how network traffic analysis (NTA) can reduce and harden an organization’s attack surface? In this webcast, the Director of Information Security at Accolade present a case study on how they use NTA to audit their security hygiene in real time, assuring that current standards for handling regulated data are being followed, and that all apps, services, and devices follow established security protocols to proactively reduce the chances of a data breach.
  • ExtraHop #1: Getting More Value from SecOps Frameworks Recorded: Feb 12 2019 53 mins
    John Matthews, CIO, ExtraHop, Brandon Dunlap (Moderator)
    Attack and Control frameworks provided by such organizations like NIST, CIS and MITRE can help enterprises to improve, understand their capabilities and build better security. Join ExtraHop and (ISC)2 for a webcast on how to leverage these frameworks to better understand how network traffic analysis can provide the visibility and actionable insights to accelerate an enterprise's success at increasing security maturity.
  • How IT Security Teams Can Use Machine Learning to Improve Data Defense Recorded: Jan 31 2019 63 mins
    Jeff Costlow, ExtraHop Networks; Lisa O'Connor, Accenture Labs; and Malek Ben Salem, Accenture.
    A new wave of machine learning technology promises to help IT security operations teams detect cyber threats sooner and respond to them more quickly. But machine learning is used in a wide variety of ways, and not all machine learning-based products work in the same fashion.

    In this webinar, experts will discuss the ways that machine learning can help in security operations, how it can speed threat analysis, and how to evaluate and choose technologies that will work in your organization.

    Attend this webinar to:
    - Finally learn the differences between machine learning and artificial intelligence
    - Get a tour of the ways machine learning can -- and can't -- enhance your security operations
    - Feel confident planning how and where to incorporate machine learning tools and techniques into your cyber defense strategy
  • NetOps and SecOps: Better Together Recorded: Jan 22 2019 38 mins
    Ryan Davis, Sr. Product Marketing Manager, ExtraHop Networks and Scott Register, VP of Product Management, Ixia
    Things used to be simple. The Networking team focused on network performance and availability while Security teams dealt with threats to performance. Today, the growth of cloud, virtualization, and everything-as-a-service has changed all this, blurring the lines between NetOps and SecOps and creating a need for better alignment and sharing of data.

    The experts from ExtraHop and Ixia will reveal new insights into best practices for alignment and delivering the right data—even if it’s the same data—to each team. They’ll cover:
    - Changing focus and emerging challenges for networking, security, and cloud teams
    - Actions to take to streamline operations
    - Tips for improving performance and security
  • Dark Reading Panel: The Next-Generation Security Operations Center Recorded: Dec 18 2018 48 mins
    Kelly Jackson Higgins, Dark Reading; Roselle Safran, President, Rosint Labs; Jeff Costlow, Deputy CISO, ExtraHop
    In the past, the IT security department focused most of its efforts on building and managing a secure "perimeter" and spent most of its time managing passwords and access control lists. Today, however, the security operations center (SOC) has become a place for not only building a strong defense against the latest attacks, but for analyzing and responding to new attacks that have evaded traditional defenses. Hear war stories and recommendations in SOC operations –including how to prepare.
  • 2019 and Beyond: Incident Detection and Response at Wire Speed Recorded: Dec 5 2018 54 mins
    Chris Kissel, IDC, and Barbara Kay, ExtraHop
    While some innovations deliver material benefit, many aren’t worth your POC time. In this webinar, featured speaker Chris Kissel, Research Director, Security Products and head of the IDC security analytics and orchestration practice, will present new research on what will disrupt, what will innovate, and what will merely evolve in the security analytics market over the next several years. Futurescape trends provide insights on the best ideas enhancing incident detection and response and provide a look at the ideal use cases for the most beneficial new technologies.
  • 3 Ways to Use Your Network as a Force Multiplier for Incident Response Recorded: Nov 28 2018 56 mins
    David Monahan, Senior Analyst, EMA and John Matthews, CIO, ExtraHop
    The shortage of skilled security professionals won’t end anytime soon, but you can improve your incident response (IR) capabilities now by taking advantage of your network traffic for early detection and more investigation. In this webinar, EMA Managing research Director David Monahan will join ExtraHop CIO John Matthews to explain how you can make your staff more productive by automatically prioritizing your most critical assets, providing context to alerts, and putting full transaction details at the fingertips of analysts during investigations.

    In this webinar, you’ll learn how to:
    - Use your network as a force multiplier for SecOps
    - Equip junior security staff to do more by providing them with greater context and analysis
    - Reduce your attack surface and prioritize response on your most critical assets
  • How to Get More Out of Your Splunk Deployment with ExtraHop Recorded: Nov 15 2018 44 mins
    Scott Olson, Sr. Sales Engineer; Stephen DeSanto, Solutions Engineer
    Splunk is an excellent platform for analyzing machine data and orchestrating responses. ExtraHop extracts wire data events and metrics from network communications, and can send this information to Splunk for added accuracy and context.

    This webinar explains why ExtraHop and Splunk make such a great fit, and how you can use the ExtraHop App for Splunk to stream wire data such as details for DNS, database, storage, and more.
  • You Can't Outsource Risk: Shared Responsibility in the Cloud Recorded: Oct 24 2018 32 mins
    Barbara Kay, Sr Director of Security Product Marketing
    IT and Security teams are figuring out how to ensure the same level of security for their applications and data in the cloud as they have in traditional on-premises environments. While public cloud vendors offer some capabilities, there are several gaps that organizations need to fill when it comes to cloud-hosted workloads. In this webinar, you will learn about what cloud providers can help you with, what gaps you need to fill, and the role that network traffic analysis can play in securing your cloud environments.
  • Investigate East-West Attack Activities to Defend Critical Assets: A SANS Review Recorded: Oct 4 2018 61 mins
    Dave Shackleford, SANS Instructor and Founder of Voodoo Security; Barbara Kay, Sr Director of Security Product Marketing
    This SANS Institute review evaluates the ExtraHop Reveal(x) product and its ability to support detection, investigation and response for these late-stage attack activities.

    Reviewer Dave Shackleford puts ExtraHop Reveal(x) through its paces using a use case of an outside attacker who has compromised an internal system. The attacker is scanning the network, trying to gain access to a file share through brute force, pulling down data and exfiltrating that data. How does Reveal(x) perform in this scenario?

    Attendees at this webcast will learn about the role of machine learning in detecting and responding to threats and see how ExtraHop Reveal(x) can:

    - Assist in investigating incidents
    - Provide proactive threat hunting
    - Help with security hygiene and compliance
    - Integrate with other tools
  • Beyond the Breach: Recommendations for Effective Response Recorded: Sep 19 2018 58 mins
    Heather Stratford-Geibel (Stronger.tech) | Sushila Nair (NTT DATA) | John Matthews (ExtraHop)
    Discover the latest trends in cyber crime, your organization's vulnerabilities, and how to go about preventing, detecting and responding to a breach.

    Join this interactive Q&A panel with top security experts across the ecosystem to learn more about:
    - Trends in breaches and cyber attacks
    - What to do (and not to do) after a breach
    - What's new on the threatscape
    - Best practices and recommendations for improving your security posture

    - Heather Stratford-Geibel, CEO of Stronger.tech
    - Sushila Nair, Sr. Director, NTT DATA Services
    - John Matthews, CIO, ExtraHop
  • How Network Traffic Analytics Eliminates Darkspace for the SOC Recorded: Aug 23 2018 63 mins
    Christopher Crowley (SANS) and Barbara Kay (ExtraHop)
    The network doesnt lie. Thats one reason companies are increasingly turning to their network to simplify and speed up common SOC workflows. Network Traffic Analytics (NTA) specifically addresses key SOC challenges identified in the recent SANS SOC survey: Asset discovery and inventory, event correlation, and SOC/NOC integration.

    The NTA category is relatively new and focuses on facilitating detection and response of post-compromise activity, including command and control, reconnaissance, lateral movement, and exfiltration. Organizations primarily use NTA to gain visibility into East-West traffic within the environment, though it can also heighten visibility of North-South traffic traversing the perimeter. NTA tools complement log data and endpoint instrumentation with an objective view of threat behavior on the network, and dramatically reduce the time to detect and respond to threats.

    In this webcast, we'll cover:

    ∙ How your peers are using NTA technology to focus on what matters
    ∙ The impact of forward secrecy and TLS 1.3 encryption on network analysis
    ∙ How NTA can simplify CIS Critical Security Controls 1 and 2
    ∙ Boosting the productivity and expertise of junior analysts
    ∙ A live demo showing how ExtraHop Reveal(x) speeds key workflows
  • SOC Capabilities & Usefulness: SANS 2018 SOC Survey Results Pt 2 Recorded: Aug 20 2018 62 mins
    Christopher Crowley, Gary Golomb, Lital Grossman, John Moran, and John Pescatore
    As the network perimeter melts away, SOCs have no choice but to evolve. The use of cloud, mobile, personal and Industrial IoT are but a few of the technology innovations forcing this evolution. In this webcast, learn the tools and technologies SOCs are deploying to integrate and manage all their security, operational and response data for better protection, detection and response.

    In this webcast, SANS Principal Instructor Chris Crowley will discuss the results of the SANS 2018 SOC Survey, including:

    Differences between SOCs that identify as MSSPs and SOCs that do not identify as MSSPs
    Tools and technologies used to prevent, detect and respond to attacks
    SOCs' likelihood to address IoT and non-traditional IT
    Integration between tools for needed data sharing before, during and after events
    Automated and manual actions taken and the value of both
    Challenges holding organizations back from fully realizing SOC usefulness
  • No Single Definition of a SOC: Sans 2018 SOC Survey Results Part 1 Recorded: Aug 14 2018 62 mins
    John Pescatore (SANS), Christopher Crowley (SANS), and Barbara Kay (ExtraHop)
    While SOCs are maturing, staffing and retention issues continue to plague critical SOC support functions. In this webcast, learn how respondents to our 2018 SOC survey are staffing their SOCs, the value of cloud-based services to augment staff and technology, and respondents' level of satisfaction with the architectures they've deployed.

    In this webcast, SANS Principal Instructor Chris Crowley will discuss the following:

    The level of staffing in SOCs
    Outsourcing part (or all) of the SOC architecture
    Tools and technologies SOCs use to operate efficiently
    The value of distributed vs. centralized SOC functions
    Relationship between SOCs and NOCs
    Improvements resulting from integrative SOC functions for detection, prevention and response
  • From Reactive to Proactive - Getting the Most Out of Network Traffic Analytics Recorded: Aug 2 2018 57 mins
    Jeff Costlow, Dir of Security, ExtraHop; Kristy Westphal, VP, MUFG Union Bank; Melissa Duncan, Sr Sys Sec Eng, Charles Schwab
    They say “Packets don’t lie”. Instead of waiting to respond to incidents and anomalies, SecOps teams are using the network to enable proactive measures such as threat hunting, auditing encryption and other suspicious and out-of-policy behaviors existing in the dark alleys of the traffic corridor. Real time network traffic analytics (NTA) tools can help an organization shift from defensive to offensive and cut investigation time, enabling analysts to quickly correlate activities and test hypotheses. Join ExtraHop and (ISC)2 on August 2, 2018 at 1:00PM Eastern as we discuss proactive measures that can work for an organization, what activities to look for and how machine learning can help speed up these efforts.
Automating and streamlining security investigations.
This channel provides educational webinars about security analytics and investigation automation, and product info about ExtraHop Reveal(x), the network security analytics platform powered by AI, providing unprecedented visibility, advanced behavioral analytics, and investigation automation capabilities. Using real-time analytics and ML-driven anomaly detection, ExtraHop Reveal(x) enables security teams to accelerate investigations, reduce false positives, and optimize the capabilities of expert security analysts. To learn more visit www.extrahop.com/revealx

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: ExtraHop #2: Case Study: Proactive Security Hygiene in a Hybrid Enterprise
  • Live at: Feb 14 2019 10:15 pm
  • Presented by: Mike Sheward, Senior Director of Information Security, Accolade; Brandon Dunlap, Moderator
  • From:
Your email has been sent.
or close