Hi [[ session.user.profile.firstName ]]

Turbocharge your Cyber Investigations, Part 1

While their cyber tactics may be continuously changing, bad actors can’t avoid interacting with core components of the internet. These interactions leave a trail that when connected through rigorous threat infrastructure analysis, can reveal the full scale of an attack and provide the information needed to determine the best response. The key to this analysis is access to a variety of global datasets and the ability to correlate and pivot between them in your investigation.

In this two part series we will look at a range of global datasets and how each can be used to shed additional light on your adversary’s infrastructure. This session will focus on Passive DNS, Whois and Malware data. We will also demonstrate how security analysts can use the free community version of RiskIQ’s PassiveTotal to gain access to and pivot across these global datasets.
Recorded Oct 13 2016 32 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jeff Lenton, Solutions Architect, RiskIQ
Presentation preview: Turbocharge your Cyber Investigations, Part 1

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Can You Find the Threat? Join our Threat Hunting Workshop to find out. Aug 12 2020 9:00 am UTC 120 mins
    Jamil Mirza, Principal Solutions Architect, EMEA
    RiskIQ is hosting another EMEA Virtual Threat Hunting Workshop on the 12th of August. If you are new to PassiveTotal or haven’t attended one of our workshops recently,
    this at-home live training has been designed for you. The 2 hour session includes practical threat hunting advice as well as hands-on exercises using RiskIQ’s unique advanced data set that enable quicker and more thorough investigations.

    Attend and Learn:

    Methodologies for threat analysis
    How RiskIQ’s unique data sets build-out investigations more thorough investigations
    How to use RiskIQ PassiveTotal
    Use Cases – A series of hands-on Exercises and Investigations

    Date: Wednesday 12 August
    Time: 10 am BST, 11 am CEST,

    Additionally, you will receive 2 CPE credits for attending the workshop. Register Today
  • RiskIQ Threat Hunting Workshop - Additional Investigations Series Jul 29 2020 9:00 am UTC 45 mins
    Jamil Mirza, Principal Solutions Architect, EMEA
    Building on the success of our physical and virtual Threat Hunting Workshops, we are launching a new workshop series designed for previous workshop attendees to help hone their investigative skills. These shorter 30-45 minute sessions will focus on new investigations of current threats using both the PassiveTotal user interface and API.

    Attend and Learn:

    How to leverage PassiveTotal's unique data sets to carry out more thorough investigations
    How to automate and accelerate investigations using the PassiveTotal API

    Additionally, you will receive 1 CPE credit for attending the workshop.
  • Detect & Protect Against COVID-Themed Social Engineering Recorded: Jun 26 2020 57 mins
    Jaclyn Blumenfeld (RiskIQ), Abigail Showman andAndras Toth-Czifra (Flashpoint)
    In the age of COVID-19, the U.S. Justice department has repeatedly warned businesses of an uptick in fraud schemes capitalizing on the global pandemic. Threat actors are impersonating news sources, charity organizations, financial institutions, government entities, medical suppliers, etc. to profit from the hype and confusion surrounding the Coronavirus. Threat actors have also been observed exploiting loopholes in banking systems to commit CARES Act fraud and targeting recipients to steal their personal data.

    Flashpoint and RiskIQ leverage their combined visibility into online illicit communities used for planning and promoting attack vectors, alongside the open web criminal infrastructure used to carry out Coronavirus-related scams. This webinar showcases real-life examples of these scams and highlight the methods that can be used to detect them combining research by RiskIQ and Flashpoint.
  • Can You Find the Threat? RiskIQ EMEA Virtual Threat Hunting Workshop Recorded: Jun 24 2020 109 mins
    Jamil Mirza, EMEA Solutions Architect, RiskIQ
    Given the current pandemic, we’ve had to cancel our planned series of physical Threat Hunting Workshops across EMEA. However, this same pandemic has expanded attack surfaces quicker and more radically than ever before and an organization’s threat hunters are now its front-line defenders against the associated spike in cyber threats.

    While we can’t see you in person we'll be running a virtual 2 hour version of our workshop to fortify your skills. This at-home live training includes brand new hands-on exercises using RiskIQ’s unique advanced data sets. We’ve designed it to introduce security analysts, incident responders, and SOC personnel to brand new methods and threat data sets that enable quicker and more thorough investigations.

    Attend and Learn:

    Methodologies for threat analysis
    How RiskIQ’s unique data sets build-out investigations more thorough investigations
    How to use RiskIQ PassiveTotal
    Use Cases – A series of hands-on Exercises and Investigations

    Date: Wednesday 24 June
    Time: 10 am BST, 11 am CEST,

    Additionally, you will receive 3 CPE credits for attending the entire workshop.
  • Triple Trouble: All Access is Remote Access Recorded: Jun 15 2020 45 mins
    Steve Ginty, Josh Mayfield
    In the wake of the worldwide response to COVID-19, enterprise digital programs are outpacing their security team’s ability to protect them: customers and carts, employees and websites, partners and portals, users and apps.

    The radical shift to a remote workforce is just one part of the story. Everyone, including employees, supply chains, third parties, are all dependent on secure connections and safe data flow.

    Whether you’re exploring billions of web components or millions of exposed services and targeted ports or identifying risky VPNs—the sheer magnitude of the digital attack surface can be daunting.

    Steve Ginty, RiskIQ’s Director of Threat Intelligence, will share how rapid demand for remote access has reshaped the enterprise attack surface.

    In this webcast, you will learn how to:

    Identify remote services: RDP, VPNs, and attacker accessibility
    Spot risky trends in your digital inventory, including third parties
    Calibrate risk and response with minimal user disruption
    Pinpoint threats and risks via internet reconnaissance
    Join RiskIQ’s Steve Ginty and Josh Mayfield as they explore the latest detection trends and what you can do to safeguard your digital enterprise.
  • JavaScript Threats: A Clear and Present Danger for all Online Merchants Recorded: Jun 5 2020 42 mins
    Terry Bishop, VP Technical Services, EMEA
    JavaScript attacks are a top security concern for any organization that acts as an online merchant.

    In the overwhelming majority of JavaScript attacks, threat actors like Magecart hide credit card skimmers deep inside client-side JavaScript to capture and exfiltrate credit card and other payment data from customers. RiskIQ has detected millions of skimmers on websites across the globe, and we’re continuing to detect new ones every hour. The current pandemic has only served to fuel this growth, with newly discovered skimmers up by 30% since March.

    However, most organizations lack visibility into their web-facing assets and the way their users interact with them. As a result, JavaScript compromises can go undetected for weeks or months, damaging customer relationships, brand reputation, and potentially incurring eye-watering fines.

    The good news is that RiskIQ offers a detection solution for these types of attacks that is quick and easy to implement, requiring no agents or web site changes.

    In this webinar, we’ll cover:

    A review of JavaScript attacks and why they’re different from other types of attack
    A closer look at card skimmers and how they work
    Current tactics threat actors are using to hide their injections to avoid detection
    We’ll also show how RiskIQ can enable your organization to be proactive in protecting your customers while avoiding the consequences of large scale personal data theft.
  • 5 Questions, Answered - Vulnerability Control Beyond the Firewall Recorded: May 22 2020 50 mins
    Josh Mayfield, Vijay Punja
    Security pros are saddled with the responsibility to manage assets, count-up vulnerabilities, stack-rank priorities, and somehow figure out how to remediate exposures that are different in-kind from the typical network CVE.

    But there’s hope. Josh Mayfield and Vijay Punja will share how to extend vulnerability control outside the firewall, reduce scanning costs and delays, and keep pace with the speed of digital growth.

    In this webinar, you will learn:

    How to prioritize external, internet-based risks
    What methods other enterprise security teams use
    Why digital threats, like malicious JavaScripts, are so tenacious
    Core questions to guide world-class vulnerability control
    Join our fireside chat, where we explore the latest trends and tactics for internet exposure and risk control.
  • Attack Surface Evolution - Digital Transformation is in Hyperdrive Recorded: May 6 2020 43 mins
    Fabian Libeau, VP EMEA, RiskIQ
    The digital revolution continues to march on, but with the outbreak of COVID-19, it has suddenly gone into hyperdrive. Almost overnight, workforces and business operations completely decentralised as work from home policies came into force.

    In the past couple weeks, security protocols have completely changed—firewalls, DLP, and network monitoring are no longer as effective as they were. Attackers now have far more access points to probe or exploit, with little-to-no security oversight. Meanwhile, IT is feverishly standing up new systems, new access, and new channels and likely succumbing to human error, such as critical misconfigurations.

    This session will take a close look at this transformation and the steps security teams need to take in these unprecedented times. Attendees will:

    Gain an understanding of the changes in the threat landscape as a result of the current pandemic, both from an attacker and defender perspective.
    Learn how you can pinpoint configuration errors, find & secure cloud assets, and detect malicious rogue assets.
    Understand the offerings RiskIQ is making freely available to the audience: COVID-19 Daily Intelligence Report, Daily Infrastructure Observations, 30 access to RiskIQ PassiveTotal and Digital Footprint Snapshots.
  • What's the difference between PassiveTotal Community and Enterprise? Recorded: Jan 8 2020 6 mins
    Vijay Punja, RiskIQ Technical Account Manager
    A look at the differences between the free to use Community Edition and PassiveTotal Enterprise Edition.
  • RiskIQ JS Threats Overview Recorded: Sep 20 2019 17 mins
    Peter Weller, EMEA Technical Account Manager
    Overview of the JS Threats solution to detect malicious JavaScript injection
  • PassiveTotal Datasets - A Closer Look Recorded: Sep 6 2019 21 mins
    David Belnick, RiskIQ EMEA Technical Account Manager
    This video explains the different datasets within PassiveTotal and how they can be used in an investigation
  • PassiveTotal Example Investigation Recorded: Aug 27 2019 20 mins
    Hiten Sharma, EMEA Technical Account Manager
    A look at PassiveTotal datasets and how they are used in an investigation.
  • Introduction to PassiveTotal Recorded: Jul 18 2019 20 mins
    Peter Weller, RiskIQ Technical Account Manager, EMEA
    This is a short overview PassiveTotal.
  • Managing Risks in your Attack Surface Recorded: Nov 8 2018 45 mins
    Terry Bishop, EMEA Technical Director, RiskIQ
    According to latest Verizon research, 73% of all breaches originate outside the corporate firewall on the Internet and your organisation's presence on the Internet has become the new cyber battlefield.. Forgotten, unmanaged and un-patched web infrastructure have long been targets of choice for cyber criminals but recently we’ve seen new and effective tactics designed to compromise organisations, employees and customers while avoiding detection with traditional security methods and tooling. In this webinar we’ll look at how the cyber battlefield is changing in favour of the adversary and we’ll outline the steps organisations need to take to regain control and reduce their Internet exposure.
  • Inside and beyond BA and Ticketmaster - the many breaches of Magecart Recorded: Oct 12 2018 54 mins
    Yonathan Klijnsma, RiskIQ
    In 2015 a digital credit card skimming group that injected code into the online shopping software provided by Magento, dubbed ‘Magecart’ was first discovered by RiskIQ in 2015. In October of 2017 RiskIQ exposed the group’s offline operations, which monetizes its credit card theft and mitigates risk to its members by recruiting unwitting mules in the US via Russian-language job postings to ship stolen goods to Eastern Europe.

    RiskIQ then discovered the July breach of Ticketmaster was not an isolated incident as initially reported, but rather part of a worldwide campaign affecting potentially thousands of sites by hacking third-party components used by e-commerce brands. The latest chapter in the Magecart saga reveals the group’s role in the targeted breach of British Airways, which used malicious code meant to mimic the functionality of the site to intercept the payment information of 380,000 customers.

    Join RiskIQ Researcher, Yonathan Klijnsma, to learn:

    How Magecart has continued to evolve
    What happened during the Ticketmaster breach, and what it means for hundreds of other e-commerce sites
    How British Airways was successfully targeted
    The newest research that will better define the scope of Magecart’s influence
  • Understanding the ROI of Implementing Digital Threat Management Recorded: May 17 2018 59 mins
    Jarad Carleton Industry Principal, Cybersecurity Practice – Frost & Sullivan, Sam Curcuruto Head of Product Marketing – RiskI
    The digital threat landscape moves too quickly for security teams to rely on disparate tools that slow down investigations and complicate protecting the organization. The time has come to embrace the power of a digital defense platform strategy to simultaneously reduce cost and business risk.

    In this webinar featuring Frost & Sullivan Cyber Security Industry Principal, Jarad Carleton, we’ll cover:

    How organizations should be leveraging “force multiplier’ platform technologies that provide unified insight and protection against threats across the Web, social media and mobile apps.
    Why a platform approach is the best way for resource-constrained information security departments to reduce both mean time to detection (MTTD) and mean time to resolution (MTTR) of digital threats.
    Customer mini-case studies that demonstrate the platform capabilities and ROI achieved.
    How the RiskIQ platform maps to the Frost & Sullivan Cyber Resilience Framework.
  • Mitigating Risk Outside the Firewall Needs a Strategy: Start with Risk Reporting Recorded: Mar 16 2018 45 mins
    Edward Amoroso – TAG Cyber Founder & CEO, Vamsi Gullapalli – RiskIQ Product Manager, Sam Curcuruto – RiskIQ Product Marketing
    For most security professionals, fixing vulnerabilities and security gaps can feel like a game of Whack-a-Mole. New threats come online; new weaknesses are exploited, old gaps are exploited, new vulnerabilities are disclosed. The process is challenging to manage and prioritise. But a strategy that includes automated, up-to-date analysis of your security posture, especially as it relates to internet-exposed assets can help calm the storm.

    In this webinar, we cover how a CISO professional looks at risk as it relates to your digital footprint, and how RiskIQ’s Risk Reporting is different from other Risk Scoring and Risk Reporting solutions. We also cover essential perspectives, methods, and capabilities that are important for any digital threat management programme.

    Join us for our webinar to learn more from Edward Amoroso, former CISO of AT&T and current CEO of TAG Cyber as he offers his advice on a comprehensive Outside the Firewall strategy.
  • Understanding and Taking Action on Risk Associated with your Digital Footprint Recorded: Mar 9 2018 28 mins
    Dustin Wilcox, 360Velocity | Vamsi Gullapalli, RiskIQ
    Visualising your organisation’s complete attack surface—all the known, unknown, and rogue and phoney digital assets across digital channels—is central to a robust and effective digital threat management (DTM) program. Having this complete picture also provides an understanding of vulnerabilities associated with those assets, and which should be prioritized highest (e.g., old vulnerabilities, which are the most often exploited, and new vulnerabilities like zero-days).

    During its discovery process, RiskIQ’s Digital Footprint surveys the entire internet, looking for digital assets that belong to or are connected to you, across the web, social, and mobile channels. Register for our upcoming webinar with RiskIQ’s Digital Footprint Product Manager, Vamsi Gullapalli, where he discusses:

    - What is RiskIQ Digital Footprint?
    - Where it fits in your security stack
    - How it can improve your vulnerability and asset management processes by making them more complete and up-to-date
    - Real life uses cases from customers who have improved their security posture and digital threat management programs with RiskIQ

    Also, you’ll hear from a RiskIQ customer and security chief on how he used Digital Footprint to improve his organisation’s risk posture.
  • Understanding your Attack Surface - Research into FT30 organisations Recorded: Nov 21 2017 37 mins
    Terry Bishop, EMEA Technical Director, RiskIQ
    Businesses are accelerating their digital transformation, expanding their online presence to enrich products, deepen customer relationships, and boost their brand ecosystems. However, with this rapid growth comes security challenges as web assets get created outside of corporate controls and the overall Internet presence expands to unmanageable proportions. Cyber adversaries are taking advantage of this sprawling digital attack surface, looking forweaknesses to exploit. The attack surface has become the battle line between malicious actors and an organisation’s external threat defenders and its compromise is behind many of the breaches that get reported with alarming frequency.

    In an effort to highlight and quantify the risks which organisations have in their attack surface, we conducted research on the top 30 UK organisations (FT30) to highlight the issues we believe all companies face. We will present the various types of risk we uncovered and offer practical advice on ways to mitigate them and harden your attack surface.
  • Collecting Personal Information Securely? If not time is running out. Recorded: Oct 19 2017 32 mins
    Jay Huff, Hiten Sharma
    The care and handling of personal information is a top concern for consumers and governments alike. Unlike many issues which gain public attention and struggle to keep it, an endless stream of publicised data breaches serves to keep data privacy in the public eye. As a result we’re seeing increasingly onerous regulation coming into effect in an effort to improve the data management practices of organisations and protect the confidential information of citizens. Major Internet players are also weighing in in an effort to make the user experience more secure.

    For organisations with a large digital presence, identifying all the places that personal information, or in the case of GDPR, personally identifiable information, is collected can be a daunting task. Are those forms collecting data securely? Are they accompanied by compliant statements and controls? Research carried out by RiskIQ suggests that there is much more to do in this area.

    Join us for a closer look at the security and compliance issues surrounding the collection of personal information on the Internet and learn how you can automatically discover and assess all forms and persistent cookies across your web presence.
Attack Surface Management
Webinar topics cover securing your public facing web, mobile and social assets, combatting impersonation and rogue digital assets and discovering the digital assets owned by your cyber adversaries

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Turbocharge your Cyber Investigations, Part 1
  • Live at: Oct 13 2016 1:00 pm
  • Presented by: Jeff Lenton, Solutions Architect, RiskIQ
  • From:
Your email has been sent.
or close