The cybersecurity world was shaken last week when it heard about Equifax which will likely turn into the largest data breach in history. Equifax has now officially confirmed that the vulnerability used to exploit the company’s Web server enabling malicious threat actor to steal data from over 143 million customers was the critical Apache Struts 2 Jakarta Multipart Parser Vulnerability (CVE-2017-5638).
We will show you the actual attack that was used to breach Equifax in action. You will also learn how you can leverage user and big data security analytics to increase the chances of detecting such cyber attacks/data breaches at an early stage.
- A deep dive into the exact mechanisms that lead to the Equifax breach
- How security analytics can help increase chances of early detection of such attacks
- A simulation of the attack that was used attack Equifax
RecordedOct 5 201747 mins
Your place is confirmed, we'll send you email reminders
David Monahan, Research Director at Enterprise Management Associates, and Aditya Tirumalai Sundararam, Director at Securonix
Cyber threats today are advanced and complex. Even with the best analytics, threats may not be fully uncovered. Cyber threat hunting enables you to investigate the indicators of compromise to get full visibility and context around the threat so you can prioritize your remediation accordingly.
Legacy SIEMs fail to provide organizations the ability to rapidly connect, hunt, and pivot on historic events. Securonix Next-Gen SIEM leverages a big data platform to provide scalable and high performance search. In addition, Securonix leverages hundreds of machine learning operators to rapidly link and correlate events.
Join David Monahan, Managing Research Director of Security and Risk Management at Enterprise Management Associates, Inc. and Aditya Tirumalai Sundararam, Director of Cyber Threat Analytics at Securonix to learn about:
- Key requirements of effective threat hunting
- How to carry out threat hunting - techniques and use cases
- Leveraging threat hunting findings for incident response and tuning your SIEM content
- Short demo of threat hunting scenario with Securonix
Sachin Nayyar, CEO of Securonix, and Joseph Blankenship, Principal Analyst at Forrester
The security monitoring and SIEM space is finally going through a much needed evolution to address with the growing volume of cyberattacks and data breaches. The increase in data volume and complexity and extreme shortage of skilled resources necessities innovation in technology and the approach to security monitoring.
Join Sachin Nayyar, CEO of Securonix, and guest speaker Joseph Blankenship, Principal Analyst at Forrester, to learn about:
• Security challenges in 2019
• Market trends for security monitoring and SIEM
• Evolution of security monitoring platforms
• Joseph’s take on the vendor landscape as seen in The Forrester Wave™: Security Analytics Platforms, Q3 2018
• Sachin’s thoughts on Securonix’s approach to Next-Gen SIEM with:
o Scalable data collection (Security Data Lake)
o Advanced threat detection (UEBA)
o Intelligent response (SOAR)
• Taking SIEM to the cloud - SaaS SIEM, managed SIEM service
Phishing attacks continue to be a significant threat for companies. This is especially true for highly-regulated industries such as healthcare, where phishing attacks often target sensitive patient data or valuable intellectual property. It is vital to understand what healthcare companies can do quickly detect, investigate, and respond when faced with phishing attacks.
In this webinar we will cover:
- The evolution of phishing attacks in the healthcare industry
- How to weed through the noise to detect high-risk phishing attacks
- How to use automation to rapidly respond
- A practical demonstration using Securonix Next-Gen SIEM
Oleg Kolesnikov, VP Threat Research, Securonix Threat Research Labs
Recently the Securonix Threat Research team published its report focused on the LockerGoga targeted attack that impacted Norsk Hydro (one of the largest aluminum companies worldwide), Hexion/Momentive (a chemical manufacturer), and other companies’ IT and operational technology (OT) infrastructure, causing over US$40 million in damages.
In this webinar Oleg will discuss some of the key details about the attack including:
- Possible infiltration vectors
- Defense evasion used in the attack
- Propagation of the attack
- Observed artifacts and high level behavior patterns
- Mitigation and remediation recommendations
Oleg Kolesnikov, VP Threat Research, Securonix Threat Research Labs
As organizations have adopted cloud-first IT strategies, the cyberthreat landscape has shifted as well. In recent months, the Securonix Threat Research team has been observing an increase in the number of automated attacks targeting exposed cloud infrastructure, Hadoop and YARN instances.
In this live webinar, we will:
- describe the attacks we have been tracking, including Moanacroner which is a single vector attack
- dive into more sophisticated, multivector attacks that combine cryptomining, ransomware and botnets
- understand the predictive indicators and artifacts that can help protect your cloud IT resources
This session will be led by Oleg Kolesnikov, VP Threat Research at Securonix Threat Research (STR) Labs.
Link to Report: https://www.securonix.com/securonix-threat-research-detecting-persistent-cloud-infrastructure-hadoop-yarn-attacks-using-security-analytics-moanacroner-xbash-and-others/
Eric Ogren, 451 Group. Patrick Gorman, Former CISO Bank of America
2018 was a landmark year from a cybersecurity perspective. We saw another set of very large and high profile cybersecurity incidents. Financial organizations and systems were hit with attacks such as KRONOS/Osiris banking trojan, millions of dollars siphoned off through the SWIFT network, and form grabbing Magecart attacks. Ransomware continued to wreak havoc across industries, and hundreds of millions of sensitive records were compromised in the Marriott, Quora, Facebook/Cambridge Analytica and other breaches.
The job of cybersecurity teams seems harder than ever as they look ahead to another year of vulnerabilities and data theft. But how should you prioritize your effort in the face of limited resources and increasing alert volume?
Join an expert panel of cybersecurity professionals for our 2019 predictions. We will discuss
- What are the top cybersecurity threats you should watch for in 2019
- What broader IT infrastructure trends mean for your cybersecurity strategies
- Which industries are most at risk of suffering major security breaches and why
- What SOC, CSIRT and compliance teams can do to prevent becoming another cybersecurity statistic
Gaining unauthorized access to internal systems is one of the top mechanisms employed by hackers. Access control systems, however, are not yet equipped with the advanced analytics needed to detect the sophisticated techniques used by hackers. By integrating your SIEM with your SSO/IDM solution, SOC analysts can gain the visibility needed to prevent these access based attacks.
Attend this webinar to hear about:
- Why password access based attacks in cloud environments?
- Threat detection and threat hunting use cases for password-based attacks
- User account based orchestration and incident response actions
- Walkthrough of Securonix - Okta integration with a live demo
Oleg Kolesnikov, Director of Threat Research, Securonix
"Kerberoasting" is one of the advanced techniques currently in use by hackers to compromise weak service accounts in an Active Directory environment. This webinar by the Securonix Threat Research team will take a deep dive into this attack. We will also show blue teams in a Security Operations Center how to configure their SIEM to quickly find this activity in the monitored environment.
Join this session by Securonix Threat Research to gain insights into:
- Kerberoasting 101: How it works
- A complete attack demo showing Kerberoasting
- Kerberoasting Attack Activity Detection
Aditya Sundaram, Director Cyber Threat Analytics, Aarij Khan, VP Marketing
The Modern SOC cannot afford to rely just on cyber threat detection to stay ahead of sophisticated hackers and advanced attacks. Threat hunting - the proactive approach to root out attacks coming from within is an extremely valuable complement to even the most advanced cybersecurity detection technologies. Securonix includes the Securonix Spotter threat hunting platform for exactly this reason.
Attend this live webinar to hear about:
- The most prevalent cyber threats hidden in your environment (that you are unaware of)
- What threat hunting in the SOC is and how it reduces your cyber risk
- The different types of information available to you
- Free resources that can root out the most nefarious threats
- Example scenario - threat hunting using Securonix Spotter
Más del 60% de las alertas en su SOC demandan tiempo de investigación y no constituyen un riesgo alto para su organización. SIEM 2.0 puede automatizar sus procesos de investigación para que los analistas se enfoquen en lo que realmente es una amenaza. Lo invitamos a un webinar donde nuestros expertos en UEBA de Securonix presentarán las ventajas técnicas y económicas al tener una solución de Seguridad Analítica Avanzada en su SOC
Todo lo que necesita saber de Amenazas internas: hasta el evento más sutil puede convertirse en fraude y un SIEM tradicional no puede darle una vista completa incluso antes de que las consecuencias sean fatales para su compañía. Lo invitamos a nuestro webinar donde expertos en seguridad Analítica de Securonix le contarán como SIEM 2.0 se constituye en la herramienta esencial para atender los casos de Insider threat
Usted ya superó todas las inquietudes para mover sus aplicaciones hacia el Cloud, el siguiente paso es resguardarse frente a las Ciber-amenazas y amenazas internas, lo único que necesitamos son sus logs!! Acompáñenos en un webinar donde expertos en Seguridad Analítica y UEBA de Securonix le contarán como minimizar el riesgo en su entorno Cloud para seguir avanzando con tranquilidad.
Mais de 60% dos alertas do seu SOC demandam tempo de investigação e não representam um alto risco para a sua organização. O SIEM 2.0 pode automatizar seus processos de investigação, permitindo que os analistas foquem no que realmente representa uma ameaça. Convidamos você para um webinar onde nossos especialistas de segurança de UEBA da Securonix irão apresentar as vantagens técnicas e econômicas de possuir uma solução de segurança analítica avançada no seu SOC.
Tudo o que você precisa saber sobre ameaças internas: a atividade mais simples pode se torna uma fraude com o passar do tempo. Um SIEM tradicional não pode proporcionar uma visão completa, inclusive antes que as consequências se tornem fatais para a sua empresa. Convidamos vocês para o nosso webinar onde especialistas em segurança analítica da Securonix irão falar sobre como o SIEM 2.0 se constitui como a ferramenta essencial para atender os casos de Insider Threat.
Oleg Kolesnikov, Director of Threat Research, Securonix
Join this webinar to learn about the latest threats and attack techniques that the Securonix Threat Research team is seeing in the wild. You will also learn how you can leverage user and big data security analytics to increase the chances of detecting such threats and techniques at an early stage.
Topics we are planning to talk about include:
- A persistent crypto jacking attack recently seen in the wild
- One of the most virulent and prevalent mass-scale ransomware attacks seen so far this year
- Techniques used by attackers to steal hashes without using mimikatz and without touching lsass
- How security analytics can increase your chances of early detection of such attacks and techniques
Você já superou os desafios de levar as suas aplicações para a nuvem, o próximo passo é se proteger de ataques de cyber e ameaças internas. A única coisa que necessitamos são os seus logs. Nos acompanhem em um webinar no no dia 26 de Junho às 10h onde especialista em segurança analítica e UEBA da Securonix irão indicar como minimizar o risco no seu ambiente na nuvem.
Nitin Agale, SVP of Products & Derrick Harcey, Chief Architect
Organizations are adopting cloud first strategies motivated by strong business drivers that including cost efficiency, faster time to market, and increased agility to respond to market requirements.
As this trend continues, the security of infrastructure and data in the cloud is becoming a top priority for organizations concerned about data loss, compliance violations, and malware infections. In this webinar, you will understand why traditional security products are not equipped for cloud IT architectures, and why a cloud-to-cloud security strategy provides the best monitoring, threat detection, and incident response.
The webinar will cover:
- Challenges in securing your cloud infrastructure
- Securonix cloud-to-cloud monitoring capabilities
- Live demo of the Securonix cloud use cases
As advanced threats and data breaches continue to grow, many security vendors are claiming to have user and entity behavior (UEBA) capabilities to combat such threats. SOC analyst, IR teams, and security solution buyers are looking to cut through the noise and understand what to truly expect from an effective UEBA solution in 2018 and beyond.
In this webinar you will learn:
- Objectives and use cases
- Key capabilities to expect in a UEBA solution
- Cloud UEBA
- Live demo of the Securonix UEBA 6.1 platform
Holger Schulze, CEO Cybersecurity Insiders & Aarij Khan, VP Securonix
Insider Threats are the biggest cybersecurity threat vector in today's open environment. With organizational perimeters gone and sensitive digital data accessible across devices, personnel and geographies, ensuring a data breach does not occur is a formidable challenge.
Join our panel of cybersecurity experts as we discuss best practices for protecting your organization against insider attacks and review the key findings from the 2018 Insider Threat Report, including:
•Why 90% of organizations are vulnerable to insider attacks
•How the use of behavior and data monitoring is accelerating to combat insider attacks
•Proven technologies to detect, deter and prevent insider attacks
There is a fundamental shift well underway in the SIEM/Security Management market. Legacy SIEM products designed, built and introduced 15-20 years ago are quickly falling out of favor. Replacing your legacy SIEM does not have to be daunting - let us show you why.
Join Mel Shakir, VP of Product Development at Securonix on this webinar to understand:
- The most common challenges with legacy SIEM
- Ways in which Securonix SIEM is different
- Why features such as threat hunting and automated incident response are critical today
- How to seamlessly migrate from legacy SIEM to SNYPR Next Gen SIEM