Name: Mitigating Third-Party Risk 101
Start: 2022-02-17T20:47:00Z
End: 2022-02-17T20:47:31.000Z
Location: BrightTALK
Rating: 4

eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization’s cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world’s most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks.  
For more information, visit www.esentire.com and follow @eSentire

Watch this on-demand webinar featuring a user group discussion for IT/Security leaders in the legal space. Hosted by Andrew DeBratto, CIO at Hunton Andrews Kurth LLP and Ryan Westman, Director, Threat Intelligence at eSentire, this session sheds light on the latest threats we are seeing targeting our legal customers and digs into the cybersecurity strategy considerations security leaders at legal firms face.

How Much Is Too Much Security

eSentire’s Threat Response Unit (TRU) is a team of industry-renowned experts with real-world experience who are battle-tested to protect you against the most advanced cyber threats.

TRU is foundational to our Managed Detection and Response (MDR) service – no add-ons or additional cost required. Every month, TRU hosts a live webinar to share new research-driven observations of malware, notable vulnerabilities, threat actor groups, and cyber activity affecting the threat landscape.

During the June TRU Intelligence Briefing, our Threat Response Unit (TRU) reviewed:
- Decoding Russian APT Group, FIN7: A review of the most recent infection cases observed by eSentire, including those currently active in the wild, and recommendations on how to protect your organization against these threats.
- Tactical Threat Response – FIN7: Overview of eSentire detection coverage, internal observations, and best practices as they relate to FIN7.
- Updates on Vidar, SolarMarker, and SocGholish.
- Notable vulnerabilities impacting Fluent Bit, Check Point, and Fortinet. 
- A brief update on cyber activity in North Korea.

June 2024 TRU Intelligence Briefing

Watch this webinar to learn about the crucial role of exposure management in enhancing cyber resilience and gain actionable recommendations to manage the intricate dynamics of cyber resilience.

The discussion covers a range of topics, including defining exposure management in relation to vulnerability management, the importance of incorporating exposure management into broader cyber resilience strategies, and the collaborative efforts between eSentire and Tenable to strengthen customers' exposure management strategies.

Exposure Management: How Organizations Can Use It to Build Cyber Resilience

eSentire’s Threat Response Unit (TRU) is a team of industry-renowned experts with real-world experience who are battle-tested to protect you against the most advanced cyber threats.

TRU is foundational to our Managed Detection and Response (MDR) service – no add-ons or additional cost required. Every month, TRU hosts a live webinar to share new research-driven observations of malware, notable vulnerabilities, threat actor groups, and cyber activity affecting the threat landscape.

During the May TRU Intelligence Briefing, our Threat Response Unit (TRU) reviewed:
- Authentication Method Downgrade Attacks: eSentire TRU Researchers discuss how threat actors bypass passwordless authentication methods in real-world attacks.
- Palo Alto Vulnerability (CVE-2024-3400): eSentire observations and new detections from eSentire’s Tactical Threat Response (TTR) team.
- Updates on FIN7, D3F@ck Loader, and SocGholish
- Notable vulnerabilities impacting Palo Alto, Cisco, and CrushFTP
- A brief geopolitical update focused on Russian Information Operations.

May 2024 TRU Intelligence Briefing

In this Manufacturing Cybersecurity Threat Summit hosted by the Manufacturers Alliance, Spence Hutchinson, a Staff Threat Intelligence Researcher at eSentire, along with Tia Hopkins, the Chief Cyber Resilience Officer & Field CTO at eSentire, and Ray Texter, the Chief of Information Security at Texas United Management, explore findings from eSentire's Threat Response Unit (TRU) and delve into the key cyber threats and cybersecurity challenges impacting the manufacturing sector.

Manufacturing Threat Summit: Navigating Threats and Reducing Cyber Risk

In this webinar, Derek Thomas, Director, Tactical Threat Response at eSentire will discuss: 
- Why operationalizing threat hunting is important to create a systematic and proactive approach to threat detection and response.
- How the outcomes of each phase of the “Global Threat Framework” supports the Detect and Respond functions, and how our Threat Response Unit (TRU) puts them into practice for proactive threat hunting and 24/7 threat detection and response.
- Challenges in implementing a Threat Detection and Response program, including expertise, visibility, and response.
- Recommendations on how your organization can leverage proactive threat hunting and multi-signal Managed Detection and Response (MDR) to improve your ability to detect and respond to cyber threats.

Reactive to Proactive: Leveraging NIST for Improved Threat Detection & Response

During the April TRU Intelligence Briefing, our Threat Response Unit (TRU) reviewed:
- Search Ad Evolution: eSentire TRU researchers discuss threat actor developments related to the use of malicious search ads to distribute malware.
- ScreenConnect Exploitation: An overview of the recently exploited ScreenConnect vulnerabilities (CVE-2024-1709/CVE-2024-1708), including details on real-world attacks and eSentire’s response & recommendations.
- Updates on More_eggs, Koi Loader and Agent Tesla.
- Notable vulnerabilities impacting Fortinet, JetBrains Team City and XZ Utils.
- A brief update on notable cyberattacks related to ongoing geo-political tensions.

April 2024 TRU Intelligence Briefing

In this webinar, Spence Hutchinson, Staff Threat Intelligence Researcher at eSentire will discuss:
- The top trends eSentire’s Threat Response Unit (TRU) has observed about Ransomware-as-a-Service and the DW providers that enable attacks including initial access brokers, credential markets and information stealing malware.
- Why leveraging proactive threat intelligence and research is critical to stay ahead of the evolving threat landscape, inform your cybersecurity strategies, and reduce cyber risk.
- Why real-time DWM and correlation are important for threat context to inform decisions based on data residing in DW networks.
- How to correlate your business’s internal security context with deep and dark web threat intelligence to predict threat actor moves and extend visibility into early Indicators of Compromise (IOC) with the power of eSentire’s DWM service with MDR.

From Defense to Offense: Leveraging Threat Intelligence & Dark Web Monitoring

During the March TRU Intelligence Briefing, our Threat Response Unit (TRU) reviewed: 
- Threat Landscape: A review of malware recently observed by eSentire’s SOC such as Bloody Ransomware, Sorillus RAT, and Rusty Stealer, as well as notable vulnerabilities impacting ConnectWise (multiple), Outlook (CVE-2024-21413), and JetBrains (CVE-2024-27199).
- A brief update on notable cyberattacks related to ongoing geo-political tensions.
- Deepfake Video Phishing: eSentire TRU researchers detail a recent deepfake phishing incident that cost a Hong Kong company $25M and share advice on how to avoid becoming the next victim.
- Active Phishing Techniques & Security Recommendations: A review of several active phishing techniques and security recommendations from eSentire’s Tactical Threat Response (TTR) team.

March 2024 TRU Intelligence Briefing

During the February TRU Intelligence Briefing, our Threat Response Unit (TRU) reviewed:
- Threat Landscape: A review of malware recently observed by eSentire’s SOC such as Atomic Stealer, Ducktail, and SocGholish, as well as notable vulnerabilities impacting Ivanti (CVE-2023-46805, CVE-2024-21887, CVE-2024-21893), Atlassian (CVE-2023-22527), and Apache (CVE-2023-46604).
- A brief update on notable cyberattacks related to ongoing geo-political tensions.
- Ransomware Readiness: A discussion of highlights and key takeaways from eSentire's newly released ransomware report.
- Initial Access – Exploiting Public Facing Applications: Observations associated with ongoing exploitation of edge devices and eSentire responses and best practices to follow.

February 2024 TRU Intelligence Briefing

In this webinar, presented in partnership with SC Media, Keegan Keplinger, Sr. Threat Intelligence Researcher at eSentire, Paul Asadoorian, Principal Security Evangelist at Eclypsium, and Bill Brenner, VP, Content Strategy at CyberRisk Alliance, discuss lessons learned from recent ransomware attacks involving the MOVEit vulnerability and the cyberattacks on MGM/Caesars.

Ransomware Attack Lessons: From MOVEit to MGM/Caesars

During the January TRU Intelligence Briefing, our Threat Response Unit (TRU) reviewed: 
- Threat Landscape: A review of the most notable malware and vulnerabilities that eSentire observed throughout 2023.
- 2023 Year in Review and 2024 Outlook: Key takeaways on observed tactics and techniques that were prevalent in 2023 and insights into what the eSentire Threat Intelligence team expects to be observed in 2024.
- Tactical Threat Response – 2023 Recap & Looking Forward: A discussion of new research and platforms supported by the eSentire Tactical Threat Response team in 2023, and a look into the 2024 roadmap.

January 2024 TRU Intelligence Briefing

During the December Threat Intelligence Briefing, our Threat Response Unit (TRU) reviewed:
- Ransomware Roundup: An overview of Tactics, Techniques and Procedures (TTPs) of three ransomware cases, their access methods, key takeaways, and strategies to defend against these attacks.
- eSentire recommendations that your organization can take to reduce risk and assist in the proactive prevention of ransomware threats.
- Updates on DanaBot, FakeBat, and AsyncRAT.
- Notable vulnerabilities impacting ownCloud, Google, and Microsoft.
- A brief overview on cyberattacks related to the ongoing geo-political tensions.

December 2023 TRU Intelligence Briefing

During the November Threat Intelligence Briefing, our Threat Response Unit (TRU) reviewed:
- QR Code Phishing: Overview of the uptick in QR code phishing attacks (also known as quishing), what they look like, and how threats like DadSec Phishing-as-a-Service (PhaaS) are abusing them.
- eSentire observations and response actions related to Adversary-in-the-Middle (AiTM) attacks and best practices to defend against these attacks.
- Updates on PikaBot, Customer Loader, and Nitrogen Campaign.
- Notable vulnerabilities impacting Atlassian, Citrix, and F5 BIG-IP Vulnerabilities.
- A brief overview on cyberattacks related to the ongoing geo-political tensions.

November 2023 TRU Intelligence Briefing

Watch this webinar to learn how eSentire and Deep Instinct’s partnership is disrupting the MDR market with a new cost-effective endpoint protection platform for SMBs.

Proactive, Prevention-First Protection is Possible

Watch this webinar to learn about the top cloud security challenges that organizations face and how MDR can strengthen your cloud security posture.

Detecting and Responding to Threats in the Cloud

Join Michael Ludgate, Adam Leipold, and CJ Dietzman in this fireside chat as they discuss: 

- How cyber insurers and enterprise organizations evaluate cyber risk
- Security leader considerations for insurability requirements, which will enable organizations to take advantage of the protection that cyber insurance can provide
- How cyber insurance can help protect businesses against the evolving cyber threat landscape

Navigating Risk Reduction and Cyber Insurance

During the October Threat Intelligence Briefing, TRU discussed: 
- Lockbit Ransomware Attacks: Overview of recent attacks, based on eSentire observations and Dark Web Monitoring, including the threat actor’sir use of Remote Monitoring and Management (RMM) tools, and the Valid Credentials initial access vector
- Observations of Lockbit’s use of RMM tools, and recommendations/best practices for defending against this threat
- Updates on Solarmarker, PlugX, and Socgholish malware
- Notable vulnerabilities impacting Libwebp, curl & libcurl, and WS_FTP Server
- A brief overview on cyberattacks related to ongoing geo-political tensions

October 2023 TRU Intelligence Briefing

Join eSentire’s Spence Hutchinson, Senior Threat Researcher, as he covers the basics of assessing third-party cyber risk and what steps your organization can take to prevent security data breaches. 
 
Key learnings from this webinar include: 
- Notable vulnerabilities in 2021 
- Why third-party and supply chain vendors are targeted for cyberattacks 
- Lessons learned from the zero-day attack on Kaseya by REvil  
- How Vendor Risk Assessments can protect your organization from third-party and supply chain risks

Mitigating Third-Party Risk 101

Third-Party Risk

Cyber Risk

Cyber Attacks

Zero Day Threats

Security Awareness

Threat Intelligence

Threat Analysis

Cyber Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful emerging technology insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on technologies like 3D printing, pervasive robotics, natural interfaces, connected everything and cognitive systems.

Emerging Technologies

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Mitigating Third-Party Risk 101

Presented by

About this talk

More from this channel