Hi [[ session.user.profile.firstName ]]

Cloud Risk-Based Authentication To Prevent Password Based Attacks

Gaining unauthorized access to internal systems is one of the top mechanisms employed by hackers. Access control systems, however, are not yet equipped with the advanced analytics needed to detect the sophisticated techniques used by hackers. By integrating your SIEM with your SSO/IDM solution, SOC analysts can gain the visibility needed to prevent these access based attacks.

Attend this webinar to hear about:

- Why password access based attacks in cloud environments?
- Threat detection and threat hunting use cases for password-based attacks
- User account based orchestration and incident response actions
- Walkthrough of Securonix - Okta integration with a live demo
Recorded Nov 15 2018 51 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Sujay Doshi, Sr. SIEM Solution Engineer
Presentation preview: Cloud Risk-Based Authentication To Prevent Password Based Attacks

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Bring Your Own AWS: SaaS Security Analytics on Data Lakes Oct 28 2021 4:00 pm UTC 53 mins
    Vidit Arora, Securonix and Vinay Sukumar, AWS Marketplace
    As organizations continue on the cloud journey, they are generating more and more data. The security and privacy of this data is a crucial concern. Another critical factor in cloud deployment is the compute and retention cost associated with the processing and storage.

    As organizations evaluate security in the cloud, they are looking for solutions that can be architected to optimize data-related costs while still providing best-in-class security capabilities.

    Securonix is collaborating with Amazon Web Services to provide customers a deployment model that enables them to maintain complete ownership of data in their AWS account while still providing a fully managed SaaS SIEM solution.

    Join Vidit Arora, Director of Global Technology Enablement at Securonix, and Vinay Sukumar, Principal Category Leader, Security Intelligence at AWS Marketplace to learn more about the Securonix Bring Your Own AWS Model deployment, including:

    · Deployment architecture of the Bring Your Own AWS Model.
    · Key cost and security benefits to customers.
    · Considerations when adopting this deployment model.
  • Insider Threat - The Risk That Doesn't Go Away Recorded: Oct 14 2021 61 mins
    Shareth Ben, Securonix | Jim Ammons, Booz Allen Hamilton | Amy Boawn, Booz Allen Hamilton
    While ransomware grabs headlines, insider threats can do just as much damage and be difficult to detect without proper tools, data, and processes. Additionally, growth in cloud and hybrid work environments has outpaced insider threat investments. This leaves organizations vulnerable to malicious, accidental, and negligent insiders.

    According to Forrester, 25% of breaches resulted from internal incidents, and almost half of those were categorized as malicious. Due to current events, insider threats have evolved, and organizations have more to consider than data leaving the organizations and privileged users. Employee stressors, disengagement, and potential attrition pose a serious risk and are challenging for organizations to detect and mitigate.

    In this webinar, Jim Ammons and Amy Boawn, both Senior Associates with Booz Allen's Commercial Insider Risk Strategy team and Shareth Ben, Vice President of Customer Success at Securonix, will:


    • Discuss how insider threats have changed and the new challenges they present?
    • Talk through the difference in threat vectors and actors per Securonix and BAH' insider threat experiences.
    • Provide some "inside" insights on recent insider risk engagements and newsworthy events.
    • Discuss the benefits of a converged approach for protecting assets through a holistic people, process, and technology lens.

    Jim Ammons is currently an Insider Risk Senior Associate at Booz Allen Hamilton. Prior to joining Booz Allen, he was the director of Insider Threat at Nike after retiring from the FBI.

    Amy Boawn is a Senior Associate at Booz Allen Hamilton, responsible for Insider Risk and Digital Fraud Strategy. Prior to Booz Allen, she worked internal and external investigations for multiple Fortune 100 financial institutions.

    Shareth Ben is the VP of Customer Success at Securonix. Previously he was the Executive Director of Insider Threat & Cyber Threat Analytics.
  • Multi-Cloud, Not Multi-Silos: Consolidate Your Security Data Recorded: Sep 16 2021 56 mins
    Augusto Barros, Securonix and Teddy Lewis, Snowflake
    The nightmare scenario of monitoring multiple cloud environments and applications has been keeping CISOs awake at night. As much as they want to keep their data in just one cloud provider, the reality is that almost every organization will have to deal with a multi-cloud future. The traditional SIEM cannot handle the performance and capacity requirements. However, building and running security operations on top of general-purpose data management solutions on your own is becoming too complex and expensive.

    Securonix and Snowflake have partnered to deliver a multi-cloud security solution that brings the best of both worlds. The result? Security subject matter expertise, with out-of-the-box use cases and all the required data parsing and enrichment capabilities, on top of the best and most flexible data cloud. This webinar will introduce Securonix's "Bring Your Own Snowflake" solution and show how it fits perfectly in the architecture of multi-cloud organizations.

    Join Augusto Barros, VP of Solutions and Cybersecurity evangelist at Securonix, and Teddy Lewis, Principal of Data Cloud Strategy at Snowflake, to learn about:

    • Why is it hard to do security monitoring in a multi-cloud scenario?
    • Why traditional SIEMs and Do-it-Yourself solutions are not enough to support multi-cloud needs?
    • How Securonix’s “Bring Your Own Snowflake” can support multi-cloud and avoid the creation of data silos?

    Augusto Barros was most recently the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry as an analyst and a security architect and officer for large enterprises.

    Teddy Lewis joined Snowflake in 2015 as the sales lead for the Southeast and Mid-Atlantic regions of the U.S. More recently, Teddy was Director of the Mid-Atlantic Major Accounts team and currently serves as Principal of Data Cloud Strategy.
  • Defining and securing your cloud strategy Recorded: Aug 25 2021 58 mins
    Sushila Nair, NTT DATA | Brandon Swain, NTT Data | Jon Garside, Securonix
    As the economy and world cautiously move forward to a post-pandemic footing, much has changed. Hybrid is now about people's locations as well as infrastructure. Productivity, infrastructure, and security gains need to be cemented, but CISOs and CIOs would do well to take pause and stock of this moment and those to come.

    Join NTT Data VP of Security Services, Sushila Nair, Brandon Swain, NTT Data Security Services Strategic Advisor, Jon Garside, Director Partner Marketing at Securonix, and learn how to:

    • Deliver a secure cloud strategy
    • Better understand the role of automation and augmentation in security
    • Nurture a forward-looking, learning obsessed culture
    • Build services around technology that enables organizations to support this new adaptive workforce

    Sushila Nair has served as a Chief Information Security Officer for ten years and has over 25 years of experience in computing infrastructure, business and security.

    Brandon Swain develops NTT DATA's strategy around security service offerings, including Threat and Vulnerability Management and SOC Services, Network Security, Endpoint Security, and IoT/OT Security.
  • Three Threat Trends: How to Respond for the Pain to Go Away Recorded: Aug 16 2021 59 mins
    Augusto Barros, VP, Cybersecurity Evangelist and Oliver Rochford, Senior Director, Cybersecurity Evangelist
    Recent trends in the threat landscape challenge even mature security organizations to respond resiliently:

    • Ransomware and machine speed attacks,
    • Living-off-the-land techniques,
    • The adoption of threat actor automation tools.

    Attacks are now conducted at industrial scale and volumes, leveraging techniques that make detection even harder than ever.

    In response, defenders adopt an emerging suite of capabilities that include behavioral analytics, automated DFIR, and detection-as-code to adapt and even the odds.

    This talk will explore these innovative defense approaches and how they can help you fight against the evolving threats in this next phase of the cyber offensive/adaptive defensive cycle.

    Join Augusto Barros, VP of Solutions, and Oliver Rochford, Senior Director, both Cybersecurity evangelists at Securonix, to learn about:

    • The need for speed and automation in responding to machine speed threats.
    • Why file-less and malware-less attacks stress traditional detection and how behavioral analysis helps.
    • How orchestration and automation are being for bad and good.

    Augusto Barros was most recently the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry, both as an analyst and a security architect and officer for large enterprises.

    Oliver Rochford has worked in cybersecurity for over 20 years, including as a penetration tester, consultant, researcher, and writer for Securityweek, CSO Online, and Dark Reading. As a Gartner industry analyst, he co-named the SOAR market and worked on the SIEM Magic Quadrant. At Securonix, he works with our users on security operations and threat management topics.
  • Improving Threat Detection and Response with Securonix Open XDR Recorded: Jul 14 2021 57 mins
    Augusto Barros, VP of Solutions at Securonix
    Securonix Open XDR provides a unified security incident detection and response platform that automatically collects and correlates data from multiple proprietary security components. In addition, XDR highlights the value of pre-integrated solutions, promising a less complex way to detect and respond to threats.

    XDR value may not come from capabilities not available before. It can also come from better integration of components that already existed as standalone solutions.

    ESG research indicates that 70% of organizations planning to increase their threat detection and response expenses have an ongoing project or plan to start a project to implement XDR in the next six months. Does it make sense to everyone? Is it something your organization should also be considering?

    Join Augusto Barros, VP of Solutions and Cybersecurity evangelist at Securonix, to learn about:
    • What is Securonix Open XDR?
    • How does Securonix Open XDR provide XDR benefits while maintaining flexibility and allowing the use of best-of-breed solutions?
    • XDR and SIEM: Do you have to pick one? How to obtain the best value?

    Augusto Barros was most recently the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry, both as an analyst and a security architect and officer for large enterprises.
  • Automating Cyber Rapid Response and Threat Hunting with Autonomous Threat Sweep Recorded: Jun 23 2021 52 mins
    Oliver Rochford, Sr Director, Security Evangelist, Aditya Sundararam, Sr Director, Global Threat Detection & Threat Hunting
    Sophisticated supply chain attacks like Sunburst can unfold over weeks, months, or even years before they are discovered and disclosed. With attackers already ahead before the race has even started, enterprises must respond rapidly to catch up and must quickly be able to gain insight into:

    - Are we compromised?
    - What is the impact?
    - Do we need to notify partners, regulators?

    Rapidly responding means that defenders need tools and capabilities to perform detection retrospectively, at speed and scale – and they must be able to do this across data from various devices and applications, often residing in diverse data silos, including SIEM’s and Data lakes.

    Threat hunters also typically have limited bandwidth and must rely on often cumbersome and manual tools and processes, slowing down response and restricting how much time they can spend analyzing any given threat.

    Join Oliver Rochford, Senior Director, Security Evangelist, and Aditya Sundararam, Senior Director, Global Threat Detection Engineering and Threat Hunting, to hear about our recently launched Autonomous Threat Sweep. Learn how we have automated threat hunting and rapid cyber response, and how you can benefit from:

    · Automated cyber rapid response
    · Proactive and autonomous early detection of new and emerging threats.
    · Retroactive threat hunting across large volumes of logs and extended historical time frames.
    · Providing air-cover for security operations, for example, overnights and weekends, against the most critical newly disclosed threats.
  • Cloud SIEM and a Multi-Cloud Security Monitoring Strategy Recorded: Mar 15 2021 54 mins
    Augusto Barros, VP of Solutions at Securonix
    The scenario where services from multiple public cloud providers - such as AWS, Azure, and GCP - are used by an organization is a reality that increases the security challenges associated with cloud environments.

    Organizations using the cloud are not always finding Cloud service providers (CSPs) provided security mechanisms to be adequate, especially for multi-cloud deployments. They need to take proactive steps to manage their cloud usage and successfully applying new cloud-centric monitoring tools. What is the SIEM role, or even if it is an appropriate solution, are common questions raised when looking for ways to address these challenges.

    A Cloud SIEM provides essential capabilities to act as a foundational component of a cloud security monitoring strategy capable of covering multi-cloud scenarios.

    Join Augusto Barros, VP of Solutions at Securonix, to learn about:

    • How can organizations achieve a cost-effective solution under these circumstances?
    • What are the SIEM capabilities required to provide adequate security monitoring for cloud environments?
    • How can cloud SIEM multiply the value of CASB and CSPM implementations?

    Augusto Barros was the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry as an analyst and a security architect and officer for large enterprises.
  • Prioritizing Risk to Reduce Supply Chain Vulnerabilities Recorded: Mar 3 2021 40 mins
    Jason Cook, Cyber Defense Labs | Mike Spotts, Cyber Defense Labs | Jon Garside, Securonix
    The recent SolarWinds attack was an unpleasant reminder of our interconnected enterprises. Businesses across every economic sector can encounter vulnerabilities not only from within their own environment but also from critical supply chain partners and other third-party dependencies. Prioritizing risk based on the business impact can help ensure business strategies and operations remain on track and protected.

    Join Cyber Defense Labs President and COO, Jason Cook, Mike Spotts, Cyber Defense Labs Vice President and CTO, and Jon Garside, Director Partner Marketing at Securonix and learn how to:

    · Assess your environment to determine what matters most and where to start
    · Establish a roadmap with clear priorities to effectively manage vulnerability and create a more resilient business environment
    · Identify your most valuable business operations to ensure proper security controls and processes are in place to prevent future loss or harm
    · Invest to ensure you maintain high security and risk management standards despite limited resources

    Jason Cook is a seasoned cybersecurity executive with a track record of helping organizations not only protect their current business but create resilience to manage and deter any future threats. As a trusted partner in cybersecurity business practices, he serves on several companies' advisory boards and is a frequent expert speaker on technology and security issues.

    Michael Spotts has an extensive operational background in designing, implementing, and running global cyber operations and services for Fortune 100 companies. As the CTO of Cyber Defense Labs, he now oversees their Security Operations Center, monitoring client's network around the clock.
  • Beyond the Hype: Use Cases that Work with Applied Behavioral Analytics Recorded: Feb 9 2021 59 mins
    David Swift, Director of Partner Enablement at Securonix
    Phishing and other human-facing social engineering tactics remain the primary vectors of successful attacks. The transition to remote work greatly expanded the attack surface and opened new vectors for campaigns.

    Organized cybercrime groups commonly use zero-day attacks to avoid detection. They typically compromise user credentials, so they can move across your organization to get to your most precious data.

    How can you detect zero-day events without constant rules updates and rewrites and sifting through mountains of false positives?

    How do you achieve infinite scale without an endless number of events to triage?

    David Swift will discuss the top ten use cases and three keys to finding security threats in any environment using behavioral analytics. You will learn:

    -The critical threat detection techniques to identify zero-day and malicious activity from both outside attackers and internal users.
    -Five indicators that combine known threats and machine learning to identify compromises.
    -Key log sources needed to solve the compromised user dilemma and how to detect misuse and malware.
    -Primary use cases across industries such as Manufacturing, Healthcare, Energy, and Financial Services.

    David Swift is a 15-year veteran of SIEMs, UEBA, SOCs and a security evangelist.
  • Applying the MITRE ATT&CK Framework to Detect Insider Threats Recorded: Jan 20 2021 61 mins
    Augusto Barros, VP of Solutions at Securonix
    The MITRE ATT&CK framework has become an excellent way for security professionals to understand and describe threats. However, most of the time, it is used to describe the actions of external threats.

    But what about the insider threats? According to Forrester, 25% of breaches resulted from internal incidents, and almost half of them were malicious. In the past few years, insider threats have evolved in several aspects from how sensitive data leaves the organization to ways in which privilege access gets misused, creating risks for organizations to mitigate. The proliferation of cloud applications and the current remote work setup make tracking and protecting sensitive data extremely challenging.

    Can we use the MITRE ATT&CK framework to help us describe, understand, and finally detect and protect against insider threats? If the framework often describes and supports threat detection of external threats, does it also help deal with insider threats? What organizations should expect from this exercise, and what do they need to do differently to achieve the desired results?

    Join Augusto Barros, VP of Solutions at Securonix, to learn about:

    • How insider threats have evolved and the new challenges they present?
    • How the MITRE ATT&CK framework supports threat detection practices?
    • How the MITRE ATT&CK framework can also help to address the issues related to insider threats?

    Augusto Barros was the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry as an analyst and a security architect and officer for large enterprises.
  • The Big Catch Up of 2021: Securing a Digital Evolution Recorded: Dec 15 2020 65 mins
    Jeff Foresman, CISO for Digital Hands and Augusto Barros, VP of Solutions at Securonix
    The pandemic has broadened the threat landscape, but businesses and security teams have to do more with less. How are businesses keeping ahead of the changing threat landscape, retaining key personnel, and facing an uncertain economy?

    This year has delivered ten years of digital transformation in 6 months. But as businesses changed, adversaries have evolved to take advantage of it. Hybrid and Remote have become the new normal, but at a cost to operations teams - fatigue and mission loss for many cybersecurity professionals.

    In this webinar, Jeff Foresman, CISO for Digital Hands and Augusto Barros, VP of Solutions at Securonix, discuss the changing landscape, the human costs, technology, and people's investments necessary for a positive outcome over the 18 months.

    Join them to understand better:
    • Your skills gaps going into 2021
    • The value of shared goals with a security partner
    • Defining security strategy on outcomes, not technology

    Augusto Barros was the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry as an analyst and a security architect and officer for large enterprises.

    Jeff Foresman has over 25 years of experience in Technology and Cybersecurity focused on building successful security programs, streamlined security operations, and resilient security architectures. He is a thought leader in regulatory compliance topics such as PCI DSS, HIPAA, NIST and GDPR.
  • The Challenge of Detecting Threats in the Cloud Recorded: Dec 7 2020 56 mins
    Augusto Barros, VP of Solutions at Securonix
    By 2023, more than 50% of all workloads will leverage public cloud, hybrid, or edge, up from approximately 20% in 2020 (Gartner).

    Detecting threats in the cloud presents several challenges: dealing with new technologies, facing new threat scenarios, exacerbated by the COVID-19 accelerated cloud adoption.

    Gartner indicates that organizations have been expanding their adoption of cloud security-oriented tools, such as Cloud Security Posture Management (CSPM) and Cloud Access Security Broker (CASB), as they try to keep cloud-related threats under control. However, not all organizations have an interest in adopting all these added technologies, and even when they do, the challenge of integrating them into their security monitoring infrastructure remains.

    Join Augusto Barros, VP of Solutions at Securonix, to learn about:
    ● What are the differences between traditional threats and cloud threats?
    ● How to align your security monitoring architecture to the new cloud monitoring requirements?
    ● How to optimize cloud security monitoring with a cloud-first SIEM approach?

    Augusto Barros was the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 20 years of experience in the IT security industry as an analyst and a security architect and officer for large enterprises.
  • AWS Security Monitoring: Top 10 Use Cases Recorded: Dec 3 2020 54 mins
    Vidit Arora, Director of Global Technology Enablement, Securonix
    Enterprises are increasingly adopting a cloud-first approach to increase IT agility, nearly unlimited scalability, and lower costs. Amazon Web Services, with the richest suite of public cloud IaaS and PaaS-layer capabilities, continues to lead with more than 30% of the public cloud market share. As digital transformation progresses, so does the attack surface that exposes the ongoing proliferation of security risks.

    AWS operates on the Shared Responsibility Model, which means that the infrastructure's security is AWS's responsibility. It also implies that your organization needs to perform its part in the security equation and rethink security monitoring to protect critical assets and data in the cloud infrastructure. Although the fundamental principles of defense in depth still apply, the way you execute them in the cloud is different than traditional data center security.

    In this session, join Vidit Arora, Director of Global Technology Enablement at Securonix, as he discusses the critical tenets of monitoring your AWS infrastructure:

    - How and what data should organizations collect and monitor?
    - What are the top 10 threats and use cases to monitor?
    - How does Securonix implement monitoring for AWS?
  • Better Together: Fighting Modern Threats with XDR and SIEM Recorded: Nov 12 2020 56 mins
    Augusto Barros, VP of Solutions at Securonix
    A new wave of security solutions called XDR – Extended Detection and Response - have taken the security market by storm. Is this what your organization need to detect and respond to today's and tomorrow's threats?

    According to Gartner, XDR describes a unified security incident detection and response platform that automatically collects and correlates data from multiple proprietary security components. XDR highlights the value of pre-integrated solutions, promising a less complex way to detect and respond to threats. XDR value does not come from capabilities not available before but from better integration of components that already existed as standalone solutions.

    Organizations are eager to understand if XDR is the right solution for them and how does it fit into their current ecosystem of tools including SIEM and UEBA.

    Join Augusto Barros, VP of Solutions at Securonix to learn about:
    • What is an XDR?
    • How does it align with your detection and response needs?
    • XDR and SIEM in the CISO toolkit: how to obtain the best value?
    • Role of managed services.

    Augusto Barros was most recently the Research VP in the Gartner for Technical Professionals (GTP) Security and Risk Management group. He has over 15 years of experience in the IT security industry both as an analyst and as a security architect and officer for large enterprises.
  • Securing Identity - 1 Year Check-In Recorded: Oct 14 2020 59 mins
    Diana Kelley | Aidan Walden | Shareth Ben | Doug Simmons
    According to Verizon’s 2020 Data Breach Investigation Report (DBIR), over 80% of hacking-related breaches involved the use of lost or stolen credentials - and approximately 35% of all breaches were initiated due to weak or compromised credentials.

    Last year, we kicked off The (Security) Balancing Act series with a panel of identity experts to help us understand the landscape. Join us for this 1 year check-in to learn what has changed for organizations in the last 12 months and the security implications of shifting to a more remote workforce.

    - 2020 vs 2019: Key changes & challenges for cybersecurity
    - How work from home has opened the door to attackers
    - Regulatory updates that may impact identity management programs
    - Why attackers are focused on credentials and authentication systems
    - What businesses can do to keep track of all endpoints, manage identities and privileged access, protect their data and maintain compliance

    Panelists:
    - Aidan Walden, Director, Public Cloud Architecture & Engineering at Fortinet
    - Shareth Ben, Executive Director, Insider Threat & Cyber Threat Analytics at Securonix
    - Doug Simmons, Principal Consulting Analyst, Managing Director, Consulting at TechVision Research

    This episode is part of The (Security) Balancing Act original series with Diana Kelley. We welcome viewer participation and questions during this interactive panel session.
  • SWIFT Security: Monitoring Cyber Threats with Behavior Analytics Recorded: Sep 17 2020 60 mins
    Thomas Harrington, CISO Citi (ret.), Oleg Kolesnikov, VP, Securonix, Aditya Sundararam, Sr. Director Securonix
    Cyberattacks are on the rise, and financial institutions using SWIFT and other payment mechanisms are increasingly becoming targets of sophisticated attackers.

    Effectively detecting and identifying these advanced cyberattack activities in a complex SWIFT environment requires a big data analytics platform that can collect, enrich, analyze, and correlate/connect billions of disparate data points in real-time, as well as incorporate historical information to identify behavioral anomalies. This approach allows fraud and security analyst teams to concentrate on the most critical events.

    Thomas Harrington, Securonix Board of Advisors, CISO Citi (ret.), Associate Deputy Director FBI (ret.), will moderate an interactive session with Securonix Threat Experts, Oleg Kolesnikov, VP of Threat Research, and Aditya Sundararam, Senior Director of Cyber Threat Analytics.

    Join our panelists to learn about:
    - The latest attack techniques used in financial services/SWIFT organizations' cyberattacks, such as Lazarus/BeagleBoyz/FASTCash v1/2, TA505, Carbanak, and others.
    - Current trends observed in the wild to help better prepare for the "next generation" of financial services/SWIFT cyberattacks.
    - Examples of some of the most effective detection behaviors your blue teams can look for to increase the chances of detecting some of the latest variants of these cyberattacks.
    - How the Securonix behavior analytics approach can assist with detection and meeting compliance requirements.
  • Search, Hunt, and Collaborate with Cloud Native SIEM in AWS Recorded: Sep 3 2020 56 mins
    Nitin Agale, Securonix and Patrick McDowell, Amazon Web Services
    Cyber threats continue to get more advanced. To proactively combat these threats, Security teams cannot simply rely on pre-baked detections. They need the ability to discover threats early and detect those hidden already in their environment, without waiting for an incident to happen.

    The challenge, with legacy and on-premise solutions, is the architecture is not designed to support proactive and historical searches without major performance issues. Another challenge with legacy SIEM is the huge cost associated with searchable data retention.

    Securonix's new search capabilities leverage the power of Amazon Web Services' (AWS) cloud-native and big data architecture to enable dynamic and long-term searches at a fraction of the cost, without any performance impact.

    Join Nitin Agale, Senior Vice President, Products & Marketing, Securonix, and Patrick McDowell, Global Technical Lead, AWS to learn about how your organization can benefit from:

    • Live Search to proactively detect threats on streaming data with virtually zero-latency.
    • Long-Term Search to search across historical data at one-third of the cost.
    • The security industry’s first Community-Powered Threat Hunting capability with ready-to-deploy collaborative workbooks utilizing threat intelligence from Securonix, and global communities such as MITRE, Sigma, and others.
    • Out-of-the-box bi-directional integrations for Amazon Simple Storage Service (S3), Amazon CloudWatch, and Amazon GuardDuty.
  • Detecting the Unknown Threats: An Identity-Driven Approach Recorded: Jun 30 2020 61 mins
    Kayzad Vanskuiwalla, Securonix & Dharaninath Doppalapudi, Accolite
    With our perimeters expanding beyond the confines of the typical workspace, it has become increasingly evident and critical to monitor the threats posed using insider credentials. Regardless of whether the threats are accidental or intentional, they both ultimately lead to data theft or some form of service disruptions.

    Major gaps in controls, logging, and monitoring cause organizations to be unaware of the different threats that already exist within their environments. Insider credentials with access to critical infrastructure and data, need to be closely monitored.

    The best approach to detect these scenarios is to tie anomalies to an identity using a kill chain approach to model potential threat vectors and detect proactively.

    Join Kayzad Vanskuiwalla, Principal Threat Hunter - Cyber Threat Analytics, Securonix and
    Dharaninath Doppalapudi, Senior Vice President - Cyber Security, Accolite to learn how to:

    • Identify gaps in logging and monitoring in order to be equipped to detect key threat vectors
    • Identify and continuously monitor key assets, potential insider threat entities, and privileged accounts
    • Detect the unknown threats via focused micro-threat models/kill chains, and shift your focus to anomalies and threats, instead of signatures
    • Maintain GDPR compliance while monitoring as it pertains to the European Union and European Economic Area
  • Protecting Against Insider Threat in 2020 Recorded: Jun 10 2020 61 mins
    Shareth Ben, Securonix & Joseph Blankenship, Forrester
    In the past few years, Insider Threat has evolved in several aspects from how sensitive data leaves the organization to ways in which privilege access gets misused, creating risks for organizations to mitigate. The proliferation of cloud applications had made tracking and protecting sensitive data extremely challenging. Add to this the current remote work setup in the midst of COVID-19, and one can imagine how hard it is to track, monitor, and protect your crown jewels.

    Insider threats can originate from malicious insiders or insiders that are simply negligent and do not follow best practices. Insider threats can also originate from compromised accounts that are controlled by an outsider. Given all the scenarios, monitoring solutions are forced to curate use cases in conjunction with purpose-built detection techniques in order to derive specific outcomes to be effective in detecting infractions.

    This shift in behavior is becoming more evident as organizations ramp up visibility into how its employees and contractors use their assets and resources over time. Join Shareth Ben (Executive Director, Insider Threat &Cyber Threat Analytics, Securonix) and featured speaker Joseph Blankenship (Vice President, Research Director, Security & Risk, Forrester) to gain some insights into:

    • How Insider Threat has evolved over time and the new challenges it presents.
    • What are some of the most common Insider Threat behaviors observed in the field?
    • Which detection techniques are effective in detecting nefarious behaviors within the organization?
    • Walkthrough of the key trends and observations from the Securonix 2020 Insider Threat Report.
Redefining SIEM for today’s hybrid cloud, data-driven enterprise.
Securonix Next-Gen SIEM delivers unlimited scalability, ML-based analytics, threat modeling with MITRE ATT&CK, and automated incident response.

Follow this channel to learn how our SaaS-based, end-to-end security operations platform sets the standard for advanced threat detection and response.

Our security experts will discuss threat trends, detection techniques, and SecOps topics such as cloud security, insider threat, NTA, SIEM, UEBA, XDR, and SOAR.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Cloud Risk-Based Authentication To Prevent Password Based Attacks
  • Live at: Nov 15 2018 6:00 pm
  • Presented by: Sujay Doshi, Sr. SIEM Solution Engineer
  • From:
Your email has been sent.
or close