Hi [[ session.user.profile.firstName ]]

Cloud Security: Are You Doing It Wrong?

Your attack surface is expanding from the on-prem data center to the cloud to remote deployments and the device edge. But your tools only secure the perimeter or rely on logs and agents, you’re leaving visibility gaps that adversaries can use to attack critical workloads and data.

In this webinar, you’ll learn how network detection and response (NDR) eliminates visibility gaps across your attack surface by unlocking data from network traffic packets, the ultimate source of truth in cloud and hybrid security. There’s no need to deploy agents, so you can secure your cloud workloads without slowing down or impeding your dev teams. We’ll also walk through a live demo of how to stop advanced threats like supply chain attacks, zero-day exploits, and more.
Recorded Feb 18 2021 53 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dan Frey, Senior Cloud Product Marketing Manager, ExtraHop & Guy Raz, Sales Engineer at ExtraHop
Presentation preview: Cloud Security: Are You Doing It Wrong?

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Hybrid Security: Protecting Your Supply Chain Recorded: Apr 5 2021 60 mins
    Matt Bromiley, Incident Response Instructor at SANS; Guy Raz, Systems Engineer at ExtraHop
    Recent supply chain attacks have proven that third parties are an unexpected, yet trusted, entry vector into an organization. By utilizing legitimate methods to breach an organization, threat actors can hide under the radar with escalated privileges. Furthermore, attackers have shown that they are security-savvy, knowledgeable of enterprise defenses and their workarounds. Enterprise defense should be structured around BOTH system and network data; without, you will never see the full picture.

    With this webcast, we will outline NDR capabilities and how bringing endpoint and network together will prove to be a one-two punch to bring down even advanced attackers. We will specifically outline how to mitigate common third-party attack surfaces, what could have been done differently in the wake of the attack, and have the recent attacks provided enough reason to consider changes in implementation.
  • Secure Your Cloud Against Advanced Attacks with Network Detection and Response Recorded: Mar 29 2021 40 mins
    Michael Sanders, Cloud Security Engineer at ExtraHop Networks; Corey Quinn, Chief Cloud Economist at Duckbill Group
    How do you ensure that Advanced Threats like supply chain attacks, APTs, and zero-day exploits aren’t inside your cloud environment today?

    Most advanced threat actors are the ones likely to already be inside of your environment, but getting in is only the first step. Once they beat perimeter defenses, attackers start moving laterally and covering their tracks so they can accomplish their real objective—executing ransomware or exfiltrating valuable customer data and intellectual property. Advanced attackers should be fought where they are—on the inside—and that requires a strong post-compromise defense posture.

    Network detection and response (NDR) products provide the internal visibility, real-time detection, and intelligent response capabilities you need to stop attackers before they accomplish their goals. Best-of-breed NDR tools are completely covert and tamper-proof, meaning attackers will have no idea you're on to them until it's too late. As they move laterally within your network, NDR shows you not just where intruders are going, but where they've been.

    In this webinar, you’ll learn how NDR enables you to adopt a detect-and-respond posture for securing against advanced attacks in the cloud. An ExtraHop engineer will also show you how ExtraHop Reveal(x) 360 helps you find and stop attackers in product demos that highlight specific advanced threat use cases.
  • ExtraHop Reveal(x) Presents Hands-On Network Detection & Response Recorded: Mar 26 2021 59 mins
    Jesse Munos, Technical Marketing Manager at ExtraHop and Josh Snow, Sales Engineer at ExtraHop
    In a post compromise world, SecOps personnel cannot afford to be blind to any potential threat vector. The positioning of EDR and firewalls severely limit the breadth of visibility that SecOps can provide, while the inherent limitations of older technologies like IDS fail to provide the necessary details to adequately detect and investigate modern threats. These limitations have created the need for a network detection and response platform that can scale to meet the demands of modern enterprise, provide accurate, high-fidelity detections with actionable forensic-level details and robust deployment options for enterprise, multi-cloud, and hybrid environments.

    This session will provide a hands-on demonstration of the detection capabilities and the depth of forensic data provided by the ExtraHop Reveal(x) platform. It will also offer a high-level overview of the various deployment architectures available.
  • Incident Response Against Advanced Threats: What Changes After SUNBURST? Recorded: Mar 18 2021 46 mins
    Speakers: Chase Snyder, Sr. Product Marketing Manager & Greg Copeland, Director, Business Development
    When the SolarWinds SUNBURST attack, with its broad impact and dwell time of nearly a year, hit the news, many security teams realized they needed a faster, lower friction way to investigate past exposure. Collaboration between the NetOps and SecOps teams can provide a better approach to responding to advanced threats in the future. This webcast will outline the benefits of sharing data and tools between security, network, and other teams for accelerated incident response, reduced risk, and greater effectiveness.

    How NetOps and SecOps can work together to accelerate incident response and troubleshooting.

    Why network data forms a foundation for security and operational activities

    How to ensure complete collection of all network data, and efficient tool sharing

    How to investigate and respond to SolarWinds SUNBURST and potential future supply chain attacks that give attackers access inside your environment

    If you cannot attend the live event, please register to receive the recording when it becomes available.
  • CrowdStrike & ExtraHop Partner to Stop Breaches with Cloud-Native EDR and NDR Recorded: Mar 17 2021 61 mins
    John Titmus, EMEA Director, ExtraHop and John Lester, Security Engineering Manager, CrowdStrike
    The integration between ExtraHop Reveal(x) and CrowdStrike Falcon Platform merges complete network visibility, machine learning behavioural threat detection and real-time decryption with powerful endpoint security and instant remediation.

    Attendees of this webinar will learn directly from ExtraHop and CrowdStrike about how our Fortune 100 customers are already using this recently launched solution, and how the integration can provide enterprise security operations teams with capabilities and immediate value like:

    - Instant and automated detection, validation, and containment of network threats like ransomware, privilege escalation, and data exfiltration, as well as endpoint threats, for complete attack surface coverage.

    - Automatic discovery and device identification of everything communicating on the network, including IoT-connected devices, remote connections, devices incompatible with agent installation, and devices impacted by threats where no CrowdStrike agent was yet installed.

    - Broad MITRE ATT&CK Framework coverage of both network-focused and endpoint-focused tactics, techniques, and procedures.
  • How the Network Is Used to Unmask the Adversary Recorded: Mar 12 2021 55 mins
    Chris Kissel, Security Research Director at IDC; Sri Sundaralingam, VP of Product Mktg. at ExtraHop
    The network plays a key role in unmasking the adversary post-compromise. Featuring Chris Kissel from IDC, this webcast will highlight the first edition of the recent research released on Network Intelligence and Threat Analytics (NITA). Along with ExtraHop’s Sri Sundaralingam, we cover the current state of the threat landscape, the visibility challenges inside the network, and how supply chain attacks like SUNBURST have served as a wake-up call for many organizations.

    The key takeaways from the IDC report are addressed and include the current state of NGFW, IDS, endpoints and SIEM and the need to use network data as the source of truth to stop attacks post-compromise.
  • Time for an Upgrade? What Next Generation IDS Can Bring to the Enterprise Recorded: Mar 11 2021 60 mins
    Don Shin, Sr. PMM, ExtraHop; Matthew Waddell, Dir of DFIR, CBI; Brandon Dunlap, Moderator
    Traditional Intrusion Detection Systems rely on brittle signatures, and can be a major resource drain. As the internet continues to evolve, so do the methods and tactics of the adversary. Attackers are now more focused on your users rather than system vulnerability exploits. A new approach is needed….one that encompasses machine learning anomaly detection, cross platform visibility and cloud ready. Join ExtraHop and (ISC)2 on March 11, 2021 at 1:00pm for a discussion on Next Generation IDS and how it can provide more than just a compliance check off and provide context to the alerts you receive.
  • Ten Keys to Better Security Data Analysis Recorded: Mar 3 2021 60 mins
    Louis DiValentin, Cyber R&D Principal, Accenture Labs // Jesse Munos, Technical Marketing Manager, ExtraHop
    If you’re swimming in security incident data, alerts, and log files, you’re not alone. How can you aggregate that data and analyze it quickly, to identify sophisticated or obfuscated attacks? In this webinar, experts discuss ways to effectively collect and analyze large amounts of security data, enabling you to surface the threat and exploit information that you need to defend your enterprise. Speakers will also offer recommendations on how to automate some of that data analysis, so that you can identify threats more easily, and stop attackers more quickly.
  • Cloud Security: Are You Doing It Wrong? Recorded: Feb 18 2021 53 mins
    Dan Frey, Senior Cloud Product Marketing Manager, ExtraHop & Guy Raz, Sales Engineer at ExtraHop
    Your attack surface is expanding from the on-prem data center to the cloud to remote deployments and the device edge. But your tools only secure the perimeter or rely on logs and agents, you’re leaving visibility gaps that adversaries can use to attack critical workloads and data.

    In this webinar, you’ll learn how network detection and response (NDR) eliminates visibility gaps across your attack surface by unlocking data from network traffic packets, the ultimate source of truth in cloud and hybrid security. There’s no need to deploy agents, so you can secure your cloud workloads without slowing down or impeding your dev teams. We’ll also walk through a live demo of how to stop advanced threats like supply chain attacks, zero-day exploits, and more.
  • Black Hat Webcasts: Healthscare – An Insider's Biopsy of Healthcare Application Recorded: Feb 11 2021 61 mins
    Seth Fogie, Security Director, Penn Medicine // Guy Raz, Sr. Systems Engineer, ExtraHop
    Healthcare security teams are in a tough spot. While the provider industry is taking security seriously, they are at the mercy of the software vendors who provide the healthcare organizations with the data delivery, processing and storage solutions that are critical to delivering patient care and keeping patient data secure. Given the reliance on these systems, it begs the question – how secure are these solutions?

    Seth Fogie has spent the last 10+ years in the trenches of the healthcare industry and has seen the good, bad and ugly of what is being provided to your providers. As an insider, Seth has experienced the unique tension healthcare security teams face as they work to securely implement these solutions and will share some of what has been found.

    The core of this presentation will focus on vulnerabilities and design issues within healthcare solutions. As we will illustrate through the dissection of numerous clinical focused systems, including radiology reading, EMR downtime, patient entertainment, pharmacy distribution, nurse communication, M&A EMR, clinical documentation and temperature monitoring systems, the prognosis doesn’t look good. Unfortunately, it is our experience that there are few solutions within the hospital enterprise that do not have issues.

    The goal for this public 'biopsy'? The healthcare security community needs help increasing the pressure to ensure all of our data is safe from poorly designed and developed vendor solutions. While we can't play the name and shame game for a number of reasons, we want to increase awareness through numerous technical illustrations and ask for your help in increasing scrutiny on all healthcare solutions. This isn't just an application security problem – it is all our healthcare data at risk and this audience is positioned in a unique spot to help.
  • Post Mortem: The First 72 Hours of SUNBURST Threat Intelligence Research Recorded: Feb 9 2021 37 mins
    Tanner Payne, Sr. Sales Engineer at ExtraHop
    On December 13, 2020 when the SolarWinds Orion SUNBURST backdoor vulnerability was disclosed, the entire security community sprung into action. The attack had potential to do immense damage, and everyone worked tirelessly to respond fast. FireEye and ExtraHop were among the first to release SUNBURST associated domains and IP addresses to be used for threat intel, forensic investigation, and response.

    This session will cover:

    - Background on the SUNBURST attack and how it was so stealthy and hard to detect
    - How ExtraHop uncovered new threat intelligence for use in investigating and responding to SUNBURST
    - Why internal network traffic is such a strong data source for detecting and responding to supply chain attacks like SUNBURST.
  • Confiez La Sécurité de Vos Appareils Non Gérés et de Vos IoT Recorded: Feb 4 2021 33 mins
    Speakers Gustavo Amador-Nieto, EMEA Enterprise SE Lead at KeySight; Youssef Agharmine, Security Sales Engineer at ExtraHop
    Le manque de visibilité sur votre écosystème IoT et l'impossibilité de surveiller les appareils non gérés élargissent votre surface d’attaque, mettant ainsi en danger la sécurité de vos réseaux hybrides. Le problème des objets connectés, c'est qu'ils génèrent des masses de données et qu'il est impossible d'y installer des agents. D'où l'impuissance des approches de sécurité traditionnelles. Avec Keysight et ExtraHop, vous découvrez et surveillez tous les appareils connectés à votre réseau pour détecter et répondre aux attaques avant qu’elles ne compromettent votre environnement. Au programme de ce webinaire :

    • Méthodes des attaquants pour obtenir des accès non autorisés via des appareils non gérés ou des IoT

    • Rôle crucial du machine learning et des fonctionnalités de détection et de réponse sur le réseau (NDR) pour investiguer les incidents

    • Capacité d’ExtraHop et Keysight à fournir une visibilité complète sur tous les appareils et stopper les attaques avant qu’elles ne frappent
  • Driving a Stake in Advanced Threats (SUNBURST) with the Network Recorded: Feb 1 2021 61 mins
    John Smith, Principal Engineer at ExtraHop; Dave Shackleford, Analyst at SANS
    It has been a time-honored, folklore tradition from Bram Stoker all the way down to "Buffy the Vampire Slayer" that a vampire must FIRST be invited in to enter your home. At the end of 2020, the worst Supply Chain attack in memory meant that 18,000 companies unknowingly invited digital vampires to enter their networks and feast on their intellectual property.

    Given that sophisticated actors will continue, how can you use covert countermeasures to flag unusual and malicious behavior, investigate and respond to stop them before they breach your network?

    In this talk, we will use the SUNBURST backdoor exploit as a backdrop since the majority of the IOCs were Network visible (Domains, Subdomains and IP Addresses).

    - How to flag suspicious behavior regardless of its presence on a threat intelligence blacklist or the IOC
    - How Split-Tunnel VPNs have removed C2 visibility from us and the risk that raises
    - How to use the value of the covert, always-on, always watching network

    We will conclude with how to use Network Detection and Response (NDR) as a cross and Endpoint Detection and Response (EDR) as a wooden stake to stop advanced threats.
  • Doing XDR Right: What It Is and What it Can Do for Your Organization Recorded: Jan 28 2021 59 mins
    Chase Snyder Sr. Prod Mktg Mgr, ExtraHop; Raj Goel, Brainlink; Lloyd Diernisse; B. Dunlap, Moderator
    XDR (Extended Detection and Response) promises to unite and integrate such security tools as focused on threat protection, detection and response, creating a single megasolution. Such an approach could yield significant benefits for an organization, Join ExtraHop and (ISC)2 on January 28, 2021 at 1:00PM Eastern for an examination on the costs and benefits of this strategy, a discussion of use cases, as well as:

    • How to avoid vendor lock-in while still getting the best security tools available

    • What XDR is, and what it isn't, including which data sources and security tools are typically included in XDR offerings, and how they work together.

    • The advantages and disadvantages of Best of Breed vs. Single Vendor detection and response strategies.
  • Customer Cloud Security: A SANS Survey Recorded: Dec 21 2020 61 mins
    TJ Banasik, Analyst at SANS and Dan Frey, Cloud Marketing Manager at ExtraHop
    The public cloud is changing how you do business, and it’s also forcing you to evolve your security models. To help you create effective defensive strategies for cloud service provider (CSP) environments used by employees, remote workforces, contractors, and customers, SANS surveyed a wide range of professionals across industry verticals to learn their approaches to security.

    Watch the webcast to learn more about:

    - Common cloud architectures
    - Popular security products
    - Spending trends on tooling and architecture
    - CSP-native tools vs. industry leading security products
  • What Got Us Here (May) Get Us There: 2021 Potential Trends From DBIR Reporting Recorded: Dec 17 2020 61 mins
    Alex Pinto, DBIR Team Manager and Co-Author, Verizon // Sri Sundaralingam, VP of Security and Cloud Solution, ExtraHop
    The Verizon Data Breach Investigations Report (DBIR) has been a staple in security reporting for over a decade, always aiming to both document and inform on the current shape of the security threat landscape. It has also been a cathartic outlet of bad jokes and puns for the authoring team.

    While the main purpose of the report is to examine what has recently (and not so recently) occurred, it has become clear to the team that over time attackers will attempt to maximize their Attack Return on Investment (AROI). While we can't tell you what the Next Big Attack (tm) will be in 2021, we'll delve into what the data suggests will define it and help to prepare for it.

    Join us on a critical analysis of over a decade of alternating very stale and surprising trends, and learn how to better strategize in a landscape that changes very slowly at first and then suddenly all at once.
  • Architecting Security for the Internet of Things Recorded: Dec 16 2020 62 mins
    Sonal Shetkar, ExtraHop // Paul Brager Jr., Baker Hughes, a GE company
    As the Internet of Things (IoT) becomes a broader reality in business, IT and security professionals are being challenged to find ways to secure Internet-enabled technology in all types of non-computer devices. How can an enterprise IT department develop and manage an effective security strategy for IoT technology? In this webcast, experts discuss the most effective approaches to securing the embedded systems used in their enterprise and offer advice on monitoring and protecting next-generation IoT technology.

    When you attend this webinar, you will:
    - Get an overview of best practices for security IoT technology in your enterprise
    - Learn about potential threats to IoT systems and devices
    - Gain insight on how to integrate IoT security into your broader enterprise cybersecurity strategy
    - Learn more about currently-available IoT security tools and technology
    - Find out how to assess and monitor the security of IoT devices attached to your enterprise network
  • Cloud Shared Responsibility: A SANS Whitepaper Recorded: Dec 15 2020 62 mins
    Dave Shackleford, Instructor at SANS and Jeff Deininger, Principal Sales Engineer, Cloud at ExtraHop
    As the use of cloud computing has grown, so has the concept of the shared responsibility model for data protection and cybersecurity in general. While not a new concept, the nature of shared security responsibilities has changed with the advent of the cloud. While all cloud providers are wholly responsible for physical security of their data center environments, data center disaster recovery planning, business continuity, and legal and personnel requirements that pertain to security of their operating environments, cloud customers still need to plan for their own disaster recovery and continuity processes, particularly in IaaS clouds where theyre building infrastructure.

    If any of this sounds confusing, thats because it is! There are many challenges facing us as the pace of cloud implementation accelerates. Theres an enormous amount of complexity with new services and software-defined infrastructure.

    Today, theres no doubt at all that the attackers have discovered new attack paths and techniques that target cloud environments. The nature of todays security operations has to change as we move to the cloud. With this webcast, we will discuss the definitive lack of skills in cloud technologies (and security specifically, leading to deficiencies in cloud detection and response workflows), the much faster deployments and changes to keep pace with, and a need for new and better controls to help combat these systemic challenges. To begin figuring out what to do about them, we need a better grounding in exactly who is responsible for what in the cloud, and what kinds of security controls and services are best suited to helping cloud security operations mature and grow.
  • Analyzing Malicious Behavior Effectively Recorded: Dec 15 2020 56 mins
    Dave Shackleford, Instructor at SANS and Jesse Munos, Technical Manager at ExtraHop
    In the past decade, the information security industry has learned a lot about what attackers do during campaigns against targets. While we dont always understand motivation behind the attacks, most attacker goals are focused on data access and exfiltration of sensitive data. Sophisticated attackers often use advanced malware-based espionage that can aggressively pursue and compromise specific targets. Once a compromise has occurred, attackers attempt to maintain a persistent presence within the victims network, escalate privileges, and move laterally within the victims network to extract sensitive information to locations under the attackers control.

    Enterprise security teams have struggled to keep pace with attacker tactics and techniques, and many of the security tools weve relied on have not kept up with new methods of ingress, data access, and exfiltration, either. Security teams are facing pressure to detect attacks and respond to them more rapidly, which is difficult when trying to find evidence of lateral movement, reconnaissance, privilege escalation, and other stealthy behavior. Compounding this is a lack of critical skills in security operations, and were relying on busy, short-staffed teams to do more all the time. To enable more junior analysts to more readily and effectively contribute, the primary security detection and response platforms organizations use will need to be much more intuitive and capable.

    ExtraHops Reveal(x) security analytics product, provides security analysts with a platform that can rapidly analyze huge quantities of data without acquiring full network packets. Join us in this webcast to learn from Dave Shackleford and his review of the ExtraHop Reveal(x) product. Being the third time reviewing this product, Dave will share his insights on the many enhancements and new features help intrusion analysis and investigation teams analyze malicious behavior in their environments even more rapidly and effectively.
  • FEDTalks Ep. #1: A Killer Combination - Proactive Threat Hunting and Modern NDR Recorded: Dec 10 2020 57 mins
    See how the ExtraHop Network Detection & Response (NDR) platform can be used, not only to automatically detect the latest threats, but also for proactive Threat Hunting workflows. Hear from ExtraHop engineering on how to leverage both techniques in order to secure even the most sensitive Federal networks.
Helping you gain the perspective to secure the hybrid enterprise
The prevention and protection model of cybersecurity isn’t working: between the cloud, IoT, and the sheer pace of change, the enterprise is no longer built to be walled in. This channel provides educational webinars to help SecOps (SOC) and NetOps (NOC) teams, from CIOs and CISOs to analysts and practitioners, change their perspective in order to identify, investigate, and respond to threats across the modern attack surface. We explore how cloud-native network detection and response (NDR) provides the complete visibility, real-time threat detection, and intelligent response you need to secure your hybrid environment. You’ll also find product information about ExtraHop Reveal(x) which enables you to: Eliminate blind spots: Cover 100% of your hybrid environment, Detect what matters: Find threats 95% faster, and Act quickly: Respond to breaches 70% faster.

Learn more at www.extrahop.com

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cloud Security: Are You Doing It Wrong?
  • Live at: Feb 18 2021 6:00 pm
  • Presented by: Dan Frey, Senior Cloud Product Marketing Manager, ExtraHop & Guy Raz, Sales Engineer at ExtraHop
  • From:
Your email has been sent.
or close