Hi [[ session.user.profile.firstName ]]

FireEye and Gigamon: How to Identify and Respond to Laterally Moving Threats

Detecting multi-stage attacks that move laterally through the internal network requires a pervasive, flexible and scalable security architecture. Adversaries will get into the network; the challenge is to detect, mitigate and stop their threat as soon as possible. Register for this webinar to learn how to identify and respond to laterally moving threats.

Join Fayyaz Rajpari, Senior Solutions Architect at FireEye and Druce MacFarlane, Director of Security Products at Gigamon as they discuss how to:

• Monitor the perimeter effectively and catch perimeter threats
• Identify threats, even when they are encrypted
• Monitor the network to identify and stop laterally moving threats
• Protect your organization during each stage of a lateral attack lifecycle

FireEye Network Security combined with the GigaSECURE® Security Delivery Platform offers customers flexible deployment options and scalability for optimal threat protection. With network-side visibility and options for both inline and out-of-band deployments, APTs can be spotted and contained quickly and efficiently. The combination of FireEye Network Security and the Gigamon GigaSECURE Security Delivery Platform architecture helps ensure traffic is analyzed and threats are detected in real time, allowing administrators to quarantine or delete harmful data before it damages their business operations.

Learn more by registering for this webinar today!
Recorded Sep 27 2018 58 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Fayyaz Rajpari, Senior Solutions Architect, FireEye and Druce MacFarlane, Director of Security Products, Gigamon
Presentation preview: FireEye and Gigamon: How to Identify and Respond to Laterally Moving Threats
  • Channel
  • Channel profile
  • Threat Detection in TLS: The Good, the Bad, and the Ugly Dec 11 2018 6:00 pm UTC 59 mins
    Ian Farquhar, Distinguished Sales Engineer, Gigamon
    While TLS (formerly known as SSL) has become the de facto way of encrypting data in motion on networks, it can also hide threats from your InfoSec team. As the volume of encrypted traffic continues to grow, organizations become even more vulnerable to encrypted attacks, hidden command and control threats and data exfiltration exploits that go undetected.

    To make this situation even more complex, the TLS 1.3 draft 28 proposal, ratified at the IETF 101 conference in London and now moving toward official RFC status, has actually removed the visibility which was widely deployed for threat identification in TLS 1.2.

    Once again, InfoSec teams find themselves at the fulcrum of a delicate balancing act. On one hand, encryption is moving toward ubiquity but on the other, we need to detect when threat actors use it too. And in detecting that misuse, we need to acknowledge and address critical management, troubleshooting, legal, regulatory, ethical and technical concerns. For example, we can’t decrypt just at the edge of our networks if we believe “perimeter security is dead.” Proxies on the network edge are a step backwards.

    What can you do? “Threat Detection in TLS: The Good, the Bad and the Ugly” will discuss the necessity of deploying TLS decryption in the core of networks and will explore innovative architectures that deliver that capability while maintaining availability and reliability.

    Learn how organizations can manage growing SSL/TLS traffic volumes by creating a centralized “decryption zone” to decrypt traffic once and give security tools newfound visibility into formerly encrypted traffic and threats.
  • Achieve Your Security Goals with Inline Prevention Tools Recorded: Dec 5 2018 60 mins
    Patrick Riley, Principal Product Manager, Gigamon
    While inline security tools actively prevent threats in your network, deploying and optimizing these tools presents several challenges to both network and security engineers. They present a potential point of failure, they can degrade network and application performance, and they are difficult to scale and upgrade. These challenges can be overcome with the inline bypass functionality of a next-generation network packet broker.

    Join Patrick Riley, Principle Product Manager for this technical session to learn how inline bypass can:

    • Overcome physical deployment obstacles
    • Maximize network availability
    • Reduce impact to network performance
    • Increase scale of inspection
    • Deploy inline prevention tools within dual-path networks

    Watch “Overcome the Challenges of Inline Tools to Achieve Your Security Goals” now to gain the benefits of inline security tools while eliminating their challenges.
  • Improving Security with Metadata Recorded: Dec 4 2018 62 mins
    Preetham Gopalaswamy, Senior Director, Product Management, Gigamon
    Imagine what a security analyst could deduce if they had visibility into all the common applications flowing through their network. They could optimize the data being sent to security tools, correlate information across the various protocols to know who is talking to whom and get visibility into malware and bad actors that may be hiding on the network.

    Many enterprises aggregate information from various sources, such as events and logs from DNS servers, web servers and security tools, to hunt for threat events and indicators of compromise. But these are not reliable sources; logging can be turned off inadvertently or for performance reasons. Raw network data is the ultimate source of truth – but sending it all to a SIEM can become very expensive.

    The bottom line is visibility into your application traffic is elemental to security – if you can’t see it, you can’t secure it. What’s needed is deep insight into your applications. Attend this ISC2 webinar to learn how NetOps and SecOps can:
    •Identify which applications are contributing to network traffic.
    •Use application metadata to gain more context of potential threat events and to more easily enforce corporate compliance.
    •Lower tool cost and improve tool efficiency by filtering out low-risk, high-bandwidth traffic.
    •Send suspicious traffic to a tool on-demand when an anomaly is detected.

    If you need to monitor, identify, and filter application traffic so you can more easily identify anomalies and lateral propagation of threats, you’ll want to attend this webinar!
  • Select and Deploy New Security Tools Faster Recorded: Nov 20 2018 62 mins
    Ian Farquhar, Distinguished Sales Engineer, WW Security Subject Matter Expert, Gigamon
    Sign up for this webinar and find out how to increase the efficiency of your security tools. Efficient prevention coupled with rapid detection and containment improves your overall security posture. Threats don't stand a chance.

    Discover how to select and deploy new security tools faster and more easily than you ever thought possible.

    You’ll learn how to:
    • Implement strategies for keeping up with ever-changing security tools.
    • Test multiple tools under consideration without impacting network performance.
    • Set up tests for inline tools.
    • Strengthen testing and streamline deployment of tools.

    See how to eliminate the challenges of testing and deploying security tools with a security delivery platform.

    Join Gigamon and (ISC)² to learn how to select and deploy new security tools faster.

    Presenter: Ian Farquhar, Distinguished Sales Engineer, WW Security Subject Matter Expert, Gigamon
    Moderator: Tony Vizza, CISSP, Director, Cybersecurity Advocacy for APAC, (ISC)²
  • Achieve Your Security Goals with Inline Prevention Tools Recorded: Nov 15 2018 61 mins
    Ian Farquhar, Distinguished Engineer, Security, Gigamon; Moderator: SC Leung, Member, Asia-Pacific Advisory Council
    Inline security tools operate by actively preventing threats in your network, but deploying and optimizing these tools presents several challenges to both network and security engineers. The downsides can include a potential point of failure, degradation of network and application performance, difficulty to scale and upgrade. The use of a next-generation packet broker and its inline bypass functionality can mitigate these challenges.

    Join Gigamon and (ISC)² to examine how inline bypass can overcome physical deployment obstacles, maximize network availability, increase the scale of inspection and reduce the impact to network performance.
  • Security Briefing: What’s So Hard About Securing Virtual Workloads? Recorded: Nov 13 2018 44 mins
    Baseer Balazadeh Sr. Technical Marketing Engineer, Public Cloud, Gigamon; Brandon Dunlap (Moderator)
    As organizations build out their infrastructure across public, private and hybrid platforms, security architects need to extend their enterprise security policies and protocols to all workloads, no matter where they reside. Still, security operations teams are challenged with proactively detecting threats, deviations from organizational policies and violations of industry and organizational compliance for mission-critical applications in the cloud. Why is that?

    Join Gigamon and (ISC)2 as we explore ways to assure compliance and decrease time to detect threats in mission-critical applications, reduce risk by leveraging a common platform across your entire IT environment and ensuring SLAs are met by tightly integrating the public cloud provider’s APIs and critical cloud provider services to automatically detect changes in virtual private clouds and virtual networks.
  • Security at Network Speeds Recorded: Nov 13 2018 62 mins
    Ian Farquhar, Principal Sales Engineer, Gigamon
    Exponentially increasing network traffic volumes and security tool sprawl are overwhelming security operations and network operations teams. A network packet broker is supposed to eliminate complexity and save costs, not add to them!

    Organizations need to:
    • Deliver just the right data to the right tools.
    • Drive consolidation across their security stack.
    • Manage a common platform across physical, virtual and public cloud environments.

    Hence, a next-generation network packet broker is required to deliver visibility to security tools focused on threat prevention, detection, analytics and forensics. The right tools get the right traffic at the right time, every time.

    Attend this webinar to learn how to:
    • Maximize tool performance and ROI by applying advanced traffic intelligence.
    • Rapidly detect and respond to new threats while eliminating security tool sprawl.
    • Have pervasive and consistent visibility across their physical, virtual and cloud infrastructure.

    Join Gigamon and (ISC)² to learn how to increase efficiency of your security stack.
  • Strengthen Security While Ensuring Network Uptime Recorded: Nov 8 2018 38 mins
    Sam Kumarsamy, Senior Product Marketing Manager, Gigamon
    Your financial services network is critical to operations and that makes it a juicy target for cyberthreats like ransomware and data breaches. What can you do? Inline security tools can be an effective solution, but represent multiple points of possible failure, particularly as network speeds increase because they simply can’t keep up. But if they go down, so can your network. And the difference of a nanosecond can severely impact currency, stock trading, and critical financial transactions.

    To provide pervasive visibility into data in motion and maintain compliance in high-speed networks, many financial services companies have turned to Next-Generation Network Packet Brokers (NGNPB), which offer flexible inline bypass protection. This feature automates access to traffic, scales and optimizes existing monitoring infrastructure, and simplifies rollout of new technology. NGNPB also:

    • Delivers complete network-wide visibility across physical, virtual and cloud environments.
    • Scales metadata extraction for improved forensics.
    • Isolates applications for targeted inspection.
    • Gives you visibility into encrypted traffic for threat detection.

    See how you can strengthen security while ensuring network uptime and reducing costs. Learn how a simplified, resilient, and scalable architecture can:

    • Maximize tool efficiency by providing the right data to the right tools and by offloading processor-intensive tasks such as SSL decryption.
    • Scale to speed of the network without “rip and replace” by load balancing across tool groups.
    • Remove single points of failure and increase availability of both the tools and the network.
    • Give you operational agility to seamlessly add, remove, and upgrade tools, and instantly change between detection and prevention modes.

    Find out how both network and security teams can operate faster and safer in a swiftly evolving cybersecurity landscape within regulated industries such as financial services–register today!
  • Network Architecture With Security in Mind Recorded: Nov 6 2018 61 mins
    Matt Bromiley, Instructor and Security Expert, SANS and Sam Kumarsamy, Senior Product Marketing Manager, Gigamon
    It’s time to face a hard truth: modern enterprise networks can be extremely – sometimes painfully – complex to manage and defend. Increased network speeds to 100Gb, unfettered access to cloud applications and end-to-end encryption are just some of the requirements of today’s employees. When you add in mobile and IoT devices, the complexity grows exponentially, especially when it comes to the security of the networks to which they connect.

    And when we couple expanding networks with security needs, many organizations struggle to protect their users. This leads to conflicts between NetOps and SecOps goals. The networking team is concerned about availability and performance to ensure the business is being conducted whereas the security team needs to ensure the data and the users are safe from bad actors.

    We need a new approach that provides pervasive visibility to data flowing across the physical, virtual and cloud infrastructure to ensure that the right traffic is sent to the right security tools. This approach should also enable SecOps and NetOps to collaborate and improve the security posture of an organization

    Watch this SANS webinar to learn:
    •The common security pain points as networks expand and grow with increasing speeds
    •How today’s users are forcing organizations to consider/include security in their network architecture
    •How a lack of security can impact network availability and performance
    •How to bridge the NetOps and SecOps divide

    We will discuss how pervasive network visibility improves security tool utilization and can shorten detection and response times. We hope this webcast will inspire you to reassess the current state of your network and security infrastructure to enable collaboration between the two teams and improve your security posture. Watch now!
  • Gigamon 3 - Threat Hunting: Objectively Measuring Value Recorded: Nov 1 2018 57 mins
    Justin Kohler, Sen Dir, Customer Success, Gigamon; Patrick Perry, Technical Acct Mgr, Gigamon Insight; Brandon Dunlap
    Someone in leadership always seems to ask the question “How can I tie my threat hunting activities to real impacts for the organization?” Threat hunting programs are encouraged as part of a mature and successful incident response capability and teams invest significant time and effort in the development and maintenance of that program. However, management is always looking for metrics to demonstrate the value of threat hunting in real terms due to the number of hours consumed by such highly skilled professionals. It’s a big investment. Join Gigamon on November 1, 2018 at 1:00PM Eastern for an examination of how to demonstrate value from threat hunting operations with practical methods and examples for tracking hunting operations, reporting and attributing outcomes to industry-leading frameworks and plot hunting goals and coverage across the MITRE ATT&CK framework.
  • Has Your Network Packet Broker Evolved with Your Infrastructure? Recorded: Oct 18 2018 60 mins
    Sam Kumarsamy, Senior Product Marketing Manager, Gigamon; Brandon Dunlap (Moderator)
    As your infrastructure has grown to include a mix of physical, virtual and cloud environments with increased network speeds and volume of data, so have the threats increased to your attack surface with more vectors to breach your organization. This challenges your network and security operation teams and tour traditional network packet broker needs to evolve from providing network visibility to also helping strengthen your security posture.

    Join Gigamon and (ISC)2 as we examine the acquisition and aggregation of data from your physical, virtual and cloud infrastructure, filtering of traffic to provide the right data to the right tools, transforming your data with masking, header stripping and SSL decryption (TLS1.3) to ensure compliance, threat prioritization by providing context and bridging the gap between NetOps and SecOps.
  • FireEye and Gigamon: How to Identify and Respond to Laterally Moving Threats Recorded: Sep 27 2018 58 mins
    Fayyaz Rajpari, Senior Solutions Architect, FireEye and Druce MacFarlane, Director of Security Products, Gigamon
    Detecting multi-stage attacks that move laterally through the internal network requires a pervasive, flexible and scalable security architecture. Adversaries will get into the network; the challenge is to detect, mitigate and stop their threat as soon as possible. Register for this webinar to learn how to identify and respond to laterally moving threats.

    Join Fayyaz Rajpari, Senior Solutions Architect at FireEye and Druce MacFarlane, Director of Security Products at Gigamon as they discuss how to:

    • Monitor the perimeter effectively and catch perimeter threats
    • Identify threats, even when they are encrypted
    • Monitor the network to identify and stop laterally moving threats
    • Protect your organization during each stage of a lateral attack lifecycle

    FireEye Network Security combined with the GigaSECURE® Security Delivery Platform offers customers flexible deployment options and scalability for optimal threat protection. With network-side visibility and options for both inline and out-of-band deployments, APTs can be spotted and contained quickly and efficiently. The combination of FireEye Network Security and the Gigamon GigaSECURE Security Delivery Platform architecture helps ensure traffic is analyzed and threats are detected in real time, allowing administrators to quarantine or delete harmful data before it damages their business operations.

    Learn more by registering for this webinar today!
  • Network Upgrades Giving You Security Headaches? Recorded: Sep 18 2018 58 mins
    Mike Rothman, President, Securosis and Sam Kumarsamy, Senior Product Marketing Manager, Gigamon
    Despite the insatiable demand for bandwidth, organizations still need to inspect and enforce network security policies at wire speed. And that is particularly challenging when you are upgrading networks from 10GB to 40GB or from 40GB to 100GB.

    Join Mike Rothman, President of Securosis, and Sam Kumarsamy, Senior Product Marketing Manager at Gigamon, as they discuss how to solve the security headaches that go with these network upgrades and architectures that strengthen your security posture, simplify IT and reduce costs. You’ll learn how to:

    - Increase Your Security ROI: Filter and deliver just the right data to the right tools from network traffic anywhere in the physical, virtual and cloud infrastructure
    - Reduce Your Security Risk: Rethink your network security architecture by decrypting once and enabling inspection by multiple security tools
    - Improve Threat Response: Separate signal from noise to identify patterns and threat vectors more quickly across heterogeneous networks

    Find out how both network and security teams can collaborate faster and safer during network upgrades to solve security headaches – register today!
  • Strengthen Security While Ensuring Network Uptime Recorded: Aug 14 2018 38 mins
    Sam Kumarsamy, Senior Product Marketing Manager, Gigamon
    Your financial services network is critical to operations and that makes it a juicy target for cyberthreats like ransomware and data breaches. What can you do? Inline security tools can be an effective solution, but represent multiple points of possible failure, particularly as network speeds increase because they simply can’t keep up. But if they go down, so can your network. And the difference of a nanosecond can severely impact currency, stock trading, and critical financial transactions.

    To provide pervasive visibility into data in motion and maintain compliance in high-speed networks, many financial services companies have turned to next-generation network packet brokers (NGNPB), which offer flexible inline bypass protection. This feature automates access to traffic, scales and optimizes existing monitoring infrastructure, and simplifies rollout of new technology. NGNPB also:

    • Delivers complete network-wide visibility across physical, virtual and cloud environments.
    • Scales metadata extraction for improved forensics.
    • Isolates applications for targeted inspection.
    • Gives you visibility into encrypted traffic for threat detection.

    See how you can strengthen security while ensuring network uptime and reducing costs. Learn how a simplified, resilient, and scalable architecture can:

    • Maximize tool efficiency by providing the right data to the right tools and by offloading processor-intensive tasks such as SSL decryption.
    • Scale to speed of the network without “rip and replace” by load balancing across tool groups.
    • Remove single points of failure and increase availability of both the tools and the network.
    • Give you operational agility to seamlessly add, remove, and upgrade tools, and instantly change between detection and prevention modes.

    Find out how both network and security teams can operate faster and safer in a swiftly evolving cybersecurity landscape within regulated industries such as financial services–register today!
  • Métadonnées: Droit à l’essentiel Recorded: Apr 25 2018 27 mins
    Pascal Beurel, Ingénieur principal, Opérations de sécurité de Gigamon
    Veuillez nous rejoindre afin que l'expert sécurité de Gigamon, Pascal Beurel, vous révèle la raison pour laquelle les métadonnées réseau constituent un outil ultime ! Alors que les entreprises s'efforcent de suivre le rythme de la croissance du trafic en augmentant la vitesse des réseaux, elles sont en voie de perdre le combat face au cybercrime. Pourquoi ? La raison en est que les outils sont limités quant au volume de trafic qu'ils peuvent traiter de façon intelligente, tout en étant en charge de fonctions de plus en plus sophistiquées pour combattre des cyber-attaques toujours plus avancées et persistantes.

    En conséquence, de nombreuses applications de sécurité s'avèreront inefficaces dans un avenir proche.

    Entrez dans le monde des métadonnées, le nouveau super-pouvoir en matière de sécurité. En fournissant aux outils de sécurité des aperçus synthétiques des données circulant à travers les réseaux, ils peuvent devenir un outil puissant pour les entreprises cherchant à séparer les signaux utiles du bruit, à réduire le délai de détection des menaces, tout en améliorant l'efficacité générale de la sécurité.

    Les participants apprendront :
    - Comment la sécurité réseau s'appuie de façon croissante sur le contexte et l'intention.
    - La raison pour laquelle les métadonnées réseau deviendront l'approche la plus simple et la plus compréhensible pour les analyses de sécurité.
    - Comment la visibilité réseau sert de source unique d'informations concernant les applications, les utilisateurs et les terminaux.

    Si la visibilité réseau et la sécurité sont importantes pour vous, vous ne voudrez pas manquer ce webcast !
  • 2018 Cyberthreat Defense Report Recorded: Apr 12 2018 60 mins
    Mark Bouchard, Co-Founder and COO, CyberEdge Group and Graham Melville, Sr. Director Security Solutions Marketing, Gigamon
    New research from CyberEdge’s 2018 Cyberthreat Defense Report shows that in spite of increasing their security budgets, companies are finding that there is too much data even for new tools to analyze, not enough skilled IT security professionals and little confidence in current investments. Sign up for this webinar to gain key insights into the cyberthreat landscape and how to protect your organization.

    Attendees will learn how to:

    - Deal with cyberthreat headaches such as increased breaches, vulnerabilities and encrypted traffic.
    - Reduce incident response and remediation time with automation.
    - Find products that use automation to minimize their dependency on skilled security personnel.

    Now in its fifth year, this report provides a comprehensive review of the perceptions of 1,200 IT security professionals representing 17 countries and 19 industries. Register now to learn how your colleagues plan to defend against cyberthreats!
  • SOC Squad: Select and Deploy New Security Tools Faster Recorded: Apr 5 2018 44 mins
    Simon Gibson, CISO and Security Architect, Gigamon and Graham Melville, Sr. Director, Security Solutions, Gigamon
    If you are struggling to keep up with selecting, testing and deploying new security tools, you won’t want to miss this webinar.

    You’ll learn how to:

    - Address the unique challenges of securing your unique network.
    - Implement smart network segmentation and intelligent tool routing.
    - Facilitate testing and deploying tools through a security delivery platform.
    - Handle the challenges of setting up realistic tests.

    Learn how the GigaSECURE security delivery platform strengthens new security tool testing and streamlines deployment.
  • Architecting Security for the Future: NetOps and SecOps Recorded: Mar 1 2018 54 mins
    Dan Conde of ESG and Graham Melville of Gigamon
    Please join us as Dan Conde from Enterprise Strategy Group, Inc. reveals survey data highlighting the issues facing security operations today and Graham Melville from Gigamon Inc. explains how enterprises have started to move to a new security architecture to overcome these issues and stay ahead of their competitors.

    In this session you will learn:
    - The issues and challenges facing your industry colleagues
    - How to simplify your security architecture without throwing out security tools or flattening the network
    - How to improve network performance and reduce outages while maintaining security
    - How to spend less yet get more from your network security tools

    If you or your organization wants to be, or are, a security leader in your industry, you won’t want to miss this webinar.
  • Briefings Part 2: Effectively Exposing Hidden Threats and Malware Recorded: Nov 28 2017 54 mins
    Tom Clavel, Senior Manager, Security Product Marketing, Gigamon; Brandon Dunlap, Moderator
    As the volume and variety of network data increases, security tools in high-speed networks are unable to keep pace with the explosion of encrypted threats, from malware incursion to data exfiltration. The standard approach of decryption of traffic by each security tool no longer works. Additionally, this approach can result in performance degradation, massive inefficiencies and unnecessary expenditures by security teams. In this webcast, we’ll examine how to eliminate tool overload and high latency as well as how a “decrypt once and inspect many” approach to managing SSL traffic effectively detects hidden threats and provides greater security infrastructure resiliency.
  • Briefings Part 1 Using Metadata Generation to Supercharge your Incident Response Recorded: Nov 27 2017 48 mins
    Greg Mayfield, Senior Director, Product Marketing, Gigamon; Brandon Dunlap, Moderator
    Managing the increasing volumes of network data across expanding physical, virtual and cloud networks is a growing challenge for Enterprise IT organizations. Likewise, the increase in malware, data breaches and ransomware challenges SecOps teams to build a stronger, scalable security posture while mitigating risk. This effort overloads network security, monitoring and analysis tools, as well as the Infosecurity staff. How can an organization access and utilize critical network information and use the metadata generated to turbo charge incident detection and response? In this webcast, we’ll examine how to reduce time-to-threat detection by analyzing metadata traffic, using proactive, real-time traffic monitoring vs. reactive forensics, to protect increasingly complex networks.
Visibility into physical, virtual, and cloud environments
Gigamon provides active visibility into physical and virtual network traffic, enabling stronger security and superior performance. Gigamon’s Visibility Fabric and GigaSECURE, the industry’s first Security Delivery Platform, deliver advanced intelligence so that security, network and application performance management solutions in enterprise, government and service provider networks operate more efficiently and effectively.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: FireEye and Gigamon: How to Identify and Respond to Laterally Moving Threats
  • Live at: Sep 27 2018 5:00 pm
  • Presented by: Fayyaz Rajpari, Senior Solutions Architect, FireEye and Druce MacFarlane, Director of Security Products, Gigamon
  • From:
Your email has been sent.
or close