Hi [[ session.user.profile.firstName ]]

New Models for Today's Security Threats with Virsec at RSA 2019 by Byron Acohido

Join an interview with Pulitzer-prize-winning journalist Byron Acohido at RSA 2019 on pressing security issues and new security models, with Willy Leichter, VP of Marketing and Shauntinez Jakab, Director of Product Marketing for Virsec.
Recorded May 7 2019 33 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Byron Acohido, Last Watchdog, Willy Leichter & Shauntinez Jakab, Virsec
Presentation preview: New Models for Today's Security Threats with Virsec at RSA 2019 by Byron Acohido

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Application-Aware Workload Protection: What It Is; Why It Matters Jan 28 2021 6:00 pm UTC 45 mins
    Virsec
    Virsec has developed the only application-aware workload protection technology that is able to detect and defeat any attack – known or unknown – in runtime. Application workloads have become the number one attack surface. Whether on servers or clouds or containers – workloads are being attacked every day, every minute and every second.

    If you’re wondering, “Hey, what’s a workload?” then this webinar is for you. And if you’re tasked with securing all or any part of your organization’s IT infrastructure, this webinar is definitely for you. See why industry giants like Raytheon, Cisco, Broadcom, General Dynamics, and Schneider Electric have turned to Virsec to protect their attack surfaces.

    Virsec stops malicious code the moment it attempts to execute and delivers complete visibility across the application stack. Join Virsec co-founder, CTO and visionary, Satya Gupta, to learn how to proactively protect your attack surfaces with no signatures, no patching, no noise and no tuning.
  • SolarWinds CSI: Re-creating the Solar Winds Attack (ASIA PAC) Jan 22 2021 6:00 am UTC 45 mins
    Virsec
    The SolarWinds attack took everyone by surprise. Even more ominous, it exposed a giant, gaping hole in cybersecurity as a whole. It begs the question: just how vulnerable are we? Organizations, institutions, governments, enterprises and critical infrastructure alike have been reeling from this remote code execution exploit, a type of attack that until now has only existed on the periphery.

    Current security solutions rely on knowledge of past malware to form signatures or behavioral profiles of what might happen next. End point protection and threat hunting won’t identify unique malware that already exists in your system.

    Satya Gupta, Virsec CTO and Co-Founder, digs into the dirty details about the SolarWinds attack; re-creating what happened, diagnosing what went wrong, and more importantly, how to prevent it from happening again. Watch a live demo, ask questions, and get best practices for how to protect against future or ongoing remote code attacks.
  • SolarWinds CSI: Re-creating the Solar Winds Attack (Americas) Jan 21 2021 6:00 pm UTC 45 mins
    Virsec
    The SolarWinds attack took everyone by surprise. Even more ominous, it exposed a giant, gaping hole in cybersecurity as a whole. It begs the question: just how vulnerable are we? Organizations, institutions, governments, enterprises and critical infrastructure alike have been reeling from this remote code execution exploit, a type of attack that until now has only existed on the periphery.

    Current security solutions rely on knowledge of past malware to form signatures or behavioral profiles of what might happen next. End point protection and threat hunting won’t identify unique malware that already exists in your system.

    Satya Gupta, Virsec CTO and Co-Founder, digs into the dirty details about the SolarWinds attack; re-creating what happened, diagnosing what went wrong, and more importantly, how to prevent it from happening again. Watch a live demo, ask questions, and get best practices for how to protect against future or ongoing remote code exploitation attacks.
  • The Real Culprit Behind SolarWinds: Remote Code Execution (Americas) Recorded: Jan 15 2021 36 mins
    Virsec
    The SolarWinds attack exposed a bare belly across government entities, infrastructure and enterprises alike. A brutal security failure that relied on perimeter tools, threat hunting and prior knowledge to stop an attack – only to find that these tools were powerless to identify and stop a Remote Code Execution (RCE) exploit. The attack surface has grown exponentially, and workloads are the main target. Conventional security tools will not provide adequate protection against remote code execution attacks.

    Satya Gupta, CTO and Co-Founder of Virsec, discusses how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, and then into the systems of tens of thousands of users in the SolarWinds supply chain. Learn how to identify and prevent Remote Code Execution attacks to protect your workloads wherever they reside.
  • The Real Culprit Behind SolarWinds: Remote Code Execution (ASIA PAC) Recorded: Jan 15 2021 36 mins
    Virsec
    The SolarWinds attack exposed a bare belly across government entities, infrastructure and enterprises alike. A brutal security failure that relied on perimeter tools, threat hunting and prior knowledge to stop an attack – only to find that these tools were powerless to identify and stop a Remote Code Execution (RCE) exploit. The attack surface has grown exponentially, and workloads are the main target. Conventional security tools will not provide adequate protection against remote code execution attacks.

    Satya Gupta, CTO and Co-Founder of Virsec, discusses how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, and then into the systems of tens of thousands of users in the SolarWinds supply chain. Learn how to identify and prevent Remote Code Execution attacks to protect your workloads wherever they reside.
  • Virsec 2021 Security Predictions Recorded: Jan 7 2021 27 mins
    Virsec
    We don’t think anyone could have predicted the sort of twisted funhouse ride 2020 has turned out to be! Up is down, down is up – it’s hard to find your feet! Ransomware and malware attacks have escalated exponentially around the globe, and even the best of the best cybersecurity companies have not escaped. The breadth and effects of the Solar Winds hack have yet to be fully understood.

    Collaboration tools, many of which were adopted out of sheer necessity to keep organizations running amidst a pandemic, have caused almost as many headaches as they have helped. After such a disorienting year, it’s hard to predict what will happen next! We have put our list together of the 10 most significant security trends that we believe will accelerate in 2021.
  • SolarWinds and Supernova: Technical Analysis Recorded: Dec 31 2020 29 mins
    Satya Gupta, CTO
    The initial SolarWinds breach has been followed by the discovery of another attack, possibly by another group of hackers, using the Supernova exploit to attack SolarWinds customers using Remote Code Execution. The Virsec Security Lab provides another in-depth analysis.
  • Analysis of the SolarWinds Attack Recorded: Dec 23 2020 41 mins
    Satya Gupta, CTO
    Learn in depth about how the SolarWinds attack was perpetrated and how Virsec could have pre-emptively stopped the attack kill chain at multiple points.
  • Better Ways to Deal with New Security Threats Recorded: Dec 10 2020 45 mins
    Virsec & Osterman Research
    As security threats change, security defenses need to as well, both reactively to stop current threats, and, more importantly, proactively to get ahead of future security threats. Virsec is pleased to welcome analyst firm Osterman Research to provide in-depth research into the dynamics of the new threat landscape and to highlight new security solutions and practices that go beyond the capabilities of conventional solutions. This webinar outlines the newer security solutions and practices available to blunt the growing threat arsenal.
  • Protecting Water & Wastewater Utilities from Ransomware and Targeted Attacks Recorded: Dec 8 2020 61 mins
    MR Systems, AVEVA, Scheider Electric & Virsec
    As crippling ransomware and cyberattacks continue to hit critical aspects of water and wastewater systems, operators must implement robust measures to fortify their security stance. Water utilities face multiple challenges – from limited IT resources to maintain cybersecurity, to persistent vulnerabilities across various applications, components and services. Sophisticated attacks can hijack critical operations, disrupt business processes, steal or compromise sensitive data, and more.

    To appreciate the importance of an effective cybersecurity defense, look no further than the recent attacks on Israeli water facilities. Bad actors attempted to poison the water supply in residential areas by hijacking the software that controls the treatment pumps. Another thwarted attack aimed to disable pump operations and leave tens of thousands without access to water in the middle of a heatwave.

    Disruption and damage from attacks can impact:
    • Operating systems, website and database integrity, data security and more
    • Treatment and conveyance operations and processes
    • Alarms and other fail-safe and mitigating measures
    • Legal, financial and reputational exposure

    Featuring special guests:
    Paul Forney, Chief Security Architect, Schneider Electric
    Robert Touchton, Chief Technology Officer, MR Systems
    Vishal Mahna, Global Practice Head/Sr.Director, Monitoring and Control BU, AVEVA
    Satya Gupta, Chief Technology Officer & Co-Founder, Virsec

    Learn how to implement self-defending technology that protects against ransomware and other advanced attacks – both known and unknown – and ensure continuous, secure operations.
  • Weekly Vulnerability Analysis: Episode 10 Recorded: Dec 7 2020 21 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-29599: ImageMagick (Command Injection), CVE-2020-2320: Jenkins Plugin Installation Manager Tool (RCE), CVE-2020-29529: Hashi Corp go-slug (Path Traversal), CVE-2018-21270: Node.JS (Buffer Overflow), CVE-2020-29285: POS in PHP/PDO 1.0 (SQL injection), CVE-2020-28950: Kaspersky Anti-Ransomware (DLL Hijack)
  • EPP/EDR Tools Don't Work Recorded: Dec 3 2020 43 mins
    Virsec
    Wait, what? You’re telling me my EPP/EDR tools don’t work? What are you talking about? They do work … but for your end points only. But too many people are sticking them on their servers and expecting the same results, and that’s a critical mistake! That’s like putting diesel fuel into a Ferrari and expecting it to win a race. Sure, it’s gas and technically it will power a vehicle, but everyone knows that diesel fuel is made for a diesel engine – and it will ruin a sportscar’s engine!

    It’s the same thing with security – you’ve got to use the right tools for the job. End point protection is designed to protect your end points – and that’s it. Using probabilistic methodologies that “guess” the efficacy of an attack increases latency time and only attempts to contain attacks and not prevent them. And they are not capable of stopping a runtime vulnerability exploitation.

    Effective server workload protection requires a different approach altogether. Your security solution needs to ensure memory and runtime vulnerability protection, application control and system integrity assurance engineered using deterministic techniques to detect evasive attacks at the process, file, OS and memory levels of your systems.


    Learn how deploying the right tools for the job will guarantee your server security performs like a Ferrari, not a dump truck.
  • Weekly Vulnerability Analysis: Episode 9 Recorded: Nov 30 2020 23 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-27660: Synology SafeAccess (SQL Injection), CVE-2020-29395: WordPress EventON Plugin (XSS), CVE-2020-7778: Systeminformation NPM (Command Injection),
    CVE-2020-27251: Rockwell FactoryTalk Linx (RCE), CVE-2020-26238: Cron-Utils (RCE), CVE-2020-29006: MISP (Lacks ACL – “Confused Deputy”)
  • Weekly Vulnerability Analysis: Episode 8 Recorded: Nov 23 2020 27 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-4003 (VMWare SD-WAN SQL Injection), CVE-2020-19667 (ImageMagick Stack Buffer Overflow), CVE-2020-7754 (Schneider Electric IGSS SCADA Buffer Overflow), CVE-2020-4701 (IBM DB2 Buffer Overflow), CVE-2020-13355 (GitLab CE/EE Path Traversal), CVE-2020-28366 (Golang Arbitrary Code Injection), CVE-2020-28578 (Trend Micro Web Security Virtual Appliance Buffer Overflow)
  • Do You Suffer … from Patch Shaming? Recorded: Nov 19 2020 26 mins
    Virsec
    Do you struggle with keeping your software patched and secure? You are not alone! Many industries harbor a dirty little secret … it usually takes the average company more than eight weeks to complete required patching. And that’s just what they admit to! Imagine what the truth might actually be.

    But don’t worry – you do not have to do this alone! You don’t have to be ashamed about your patching - or lack thereof. Learn how to overcome common patching pitfalls and employ best practices to ensure you keep your systems secure 24/7/365.
  • Weekly Vulnerability Analysis: Episode 7 Recorded: Nov 16 2020 26 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-8897 (AWS KMS & Encryption SDK SSRF), CVE-2020-25538 (CMS Uno Command Injection), CVE-2020-8270 (Citrix VDA/SMB Command Injection), CVE-2020-17084 (MS Exchange Server Buffer Overflow), CVE-2020-17051 (Windows NFS Server Wormable RCE), CVE-2020-17040 (Windows Hyper-V Authentication Bypass), CVE-2020-13769 (Invanti Endpoint Manager SQL Injection)
  • Ransomware Defense for Financial Services Recorded: Nov 12 2020 46 mins
    Virsec & Steve Hunt, Aite Group
    Ransomware is now a big business. It has evolved into an industry unto itself – generating over US$11 billion for attackers in 2019 alone. Ransomware attacks can hit any business, anywhere in the world, and ransoms can exceed US$1 million. Ransomware is here to stay, so extensive preparation is key. It involves implementing layered defenses in and around mobile devices, workstations, and servers.

    Analyst Steve Hunt with the Aite Group performed extensive research with information security executives at midsize financial services organizations, some of the largest banks in the world, as well as leading vendors of defensive technologies, and a sampling of their customers. He offers extensive information about how organizations can put their most critical defenses in place.
  • Weekly Vulnerability Analysis: Episode 6 Recorded: Nov 10 2020 19 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.
    This episode discusses: CVE-2020-22275 (WordPress ER Forms Plugin), CVE-2020-22277 (WordPress User Import Plugin), CVE-2020-27955 (Git LFS RCE), CVE-2020-28168 (Axios NPM SSRF), CVE-2020-24407 (Magento RCE)
  • Keeping Healthcare Secure During a Global Crisis Recorded: Nov 5 2020 30 mins
    Special Guest Melina Scotto, GDIT’s Federal Health Chief Information Security Officer
    Cyber criminals have responded to the COVID-19 pandemic with a wave of attacks against the healthcare sector. Their goal is to steal private data, shutdown systems with ransomware and exploit the crisis for financial gain. Even before the pandemic, many healthcare organizations struggled to maintain adequate cybersecurity. Recent research reveals that 83% of healthcare providers are running outdated software. More than 56% of medical devices are still running Window 7, which Microsoft stopped supporting in January 2020, and the FBI recently warned that "continuing to use Windows 7 within an enterprise may provide cybercriminals access into computer systems.”

    Melina Scotto, GDIT’s Federal Health Chief Information Security Officer, joins Virsec to outline best practices for maintaining security in today’s extraordinary times. She will detail how healthcare organizations can deploy cybersecurity solutions that automate protection and make critical applications and devices self-defending, without requiring painful software and platform upgrades. She will also discuss how to overcome the challenge of enabling remote patient and provider access without compromising security.
  • Application-Aware Server Workload Protection Recorded: Nov 5 2020 56 mins
    Virsec & Vinca Cyber
    Today’s advanced cyberattacks can easily bypass perimeter security tools such as EDR/EPP and WAFs. An astonishing 70 percent of attacks are targeted at the server level, and most enterprises have not implemented adequate security to defend against these sophisticated exploits.

    The battleground has effectively moved to the application itself. Businesses must assume that the precursors to your next attack are already inside your network. To truly secure the enterprise against ransomware, malware and other malicious threats, you must implement application-aware server workloads.

    Join cybersecurity experts from Virsec and Vinca Cyber to learn how to fundamentally change your security posture to protect your enterprise across the attack surface.
Security from the Inside
Virsec is the industry leader of application-aware server workload protection. Learn how to improve and optimize your security posture, ensure real-time protection from today's most dangerous cyber threats and attacks, including memory corruption, fileless and zero-day attacks. Hear valuable insights from cybersecurity leaders, experts and influencers, vulnerability analysis and more.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: New Models for Today's Security Threats with Virsec at RSA 2019 by Byron Acohido
  • Live at: May 7 2019 6:05 pm
  • Presented by: Byron Acohido, Last Watchdog, Willy Leichter & Shauntinez Jakab, Virsec
  • From:
Your email has been sent.
or close