Hi [[ session.user.profile.firstName ]]

The Real Culprit Behind SolarWinds: Remote Code Execution (Americas)

The SolarWinds attack exposed a bare belly across government entities, infrastructure and enterprises alike. A brutal security failure that relied on perimeter tools, threat hunting and prior knowledge to stop an attack – only to find that these tools were powerless to identify and stop a Remote Code Execution (RCE) exploit. The attack surface has grown exponentially, and workloads are the main target. Conventional security tools will not provide adequate protection against remote code execution attacks.

Satya Gupta, CTO and Co-Founder of Virsec, discusses how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, and then into the systems of tens of thousands of users in the SolarWinds supply chain. Learn how to identify and prevent Remote Code Execution attacks to protect your workloads wherever they reside.
Recorded Jan 15 2021 36 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Virsec
Presentation preview: The Real Culprit Behind SolarWinds: Remote Code Execution (Americas)

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Achieving Cyber Resiliency Across Mission-Critical Assets Feb 18 2021 6:00 pm UTC 60 mins
    Raytheon, Virsec
    Improving resilience has become a critical goal as organizations must adapt to rapidly changing cyber threats, while ensuring that critical systems can withstand attack without disruption. Most traditional cybersecurity solutions have relied on perimeter protection, frequent patching, and auditing security logs. While these remain important, we must assume that the sophisticated attacker is already inside the network and has established access and privilege.

    For true cyber resiliency, we need deeper protection at the network, hardware, and OS layers, as well as visibility and control over how critical applications execute during runtime.

    Join experts from Raytheon Intelligence & Space and Virsec for an interactive discussion on the latest approaches to cyber resiliency, and the need for stronger protection at each layer of the system.

    Featuring:
    - Teresa Shea – Vice President, Cyber Offense and Defense Experts, Raytheon Intelligence & Space
    - Jacob Noffke, Principal Cyber Engineer, Raytheon Intelligence & Space
    - Frank Walsh, Chief Security Architect, Virsec
    - Moderated by Willy Leichter, VP of Marketing, Virsec
  • Application-Aware Workload Protection: What It Is; Why It Matters (Intl) Jan 29 2021 6:00 am UTC 45 mins
    Virsec
    Virsec has developed the only application-aware workload protection technology that is able to detect and defeat any attack – known or unknown – in runtime. Application workloads have become the number one attack surface. Whether on servers or clouds or containers – workloads are being attacked every day, every minute and every second.

    If you’re wondering, “Hey, what’s a workload?” then this webinar is for you. And if you’re tasked with securing all or any part of your organization’s IT infrastructure, this webinar is definitely for you. See why industry giants like Raytheon, Cisco, Broadcom, General Dynamics, and Schneider Electric have turned to Virsec to protect their attack surfaces.

    Virsec stops malicious code the moment it attempts to execute and delivers complete visibility across the application stack. Join Virsec co-founder, CTO and visionary, Satya Gupta, to learn how to proactively protect your attack surfaces with no signatures, no patching, no noise and no tuning.
  • Application-Aware Workload Protection: What It Is; Why It Matters Jan 28 2021 6:00 pm UTC 45 mins
    Virsec
    Virsec has developed the only application-aware workload protection technology that is able to detect and defeat any attack – known or unknown – in runtime. Application workloads have become the number one attack surface. Whether on servers or clouds or containers – workloads are being attacked every day, every minute and every second.

    If you’re wondering, “Hey, what’s a workload?” then this webinar is for you. And if you’re tasked with securing all or any part of your organization’s IT infrastructure, this webinar is definitely for you. See why industry giants like Raytheon, Cisco, Broadcom, General Dynamics, and Schneider Electric have turned to Virsec to protect their attack surfaces.

    Virsec stops malicious code the moment it attempts to execute and delivers complete visibility across the application stack. Join Virsec co-founder, CTO and visionary, Satya Gupta, to learn how to proactively protect your attack surfaces with no signatures, no patching, no noise and no tuning.
  • SolarWinds Attack End-to-End Demo Recorded: Jan 26 2021 10 mins
    Virsec
    This demonstration shows how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, which then made its way into the systems of tens of thousands of users in the SolarWinds supply chain. This type of attack, Remote Code Execution (RCE), is devastating because it executes in runtime, a notorious blind spot for most organizations.

    Current security solutions rely on knowledge of past malware to form signatures or behavioral profiles of what might happen next. End point protection, perimeter and threat hunting tools won’t identify unique malware that already exists in your system.

    Effective supply chain protection requires new tactics. Watch as the Virsec security solution immediately identifies and stops an evasive Remote Code Execution attack in an end-to-end recreation of the SolarWinds attack.
  • SolarWinds CSI: Re-creating the Solar Winds Attack (International) Recorded: Jan 22 2021 27 mins
    Virsec
    The SolarWinds attack took everyone by surprise. Even more ominous, it exposed a giant, gaping hole in cybersecurity as a whole. It begs the question: just how vulnerable are we? Organizations, institutions, governments, enterprises and critical infrastructure alike have been reeling from this remote code execution exploit, a type of attack that until now has only existed on the periphery.

    Current security solutions rely on knowledge of past malware to form signatures or behavioral profiles of what might happen next. End point protection and threat hunting won’t identify unique malware that already exists in your system.

    Satya Gupta, Virsec CTO and Co-Founder, digs into the dirty details about the SolarWinds attack; re-creating what happened, diagnosing what went wrong, and more importantly, how to prevent it from happening again. Watch a live demo, ask questions, and get best practices for how to protect against future or ongoing remote code attacks.
  • SolarWinds CSI: Re-creating the Solar Winds Attack Recorded: Jan 21 2021 27 mins
    Virsec
    The SolarWinds attack took everyone by surprise. Even more ominous, it exposed a giant, gaping hole in cybersecurity as a whole. It begs the question: just how vulnerable are we? Organizations, institutions, governments, enterprises and critical infrastructure alike have been reeling from this remote code execution exploit, a type of attack that until now has only existed on the periphery.

    Current security solutions rely on knowledge of past malware to form signatures or behavioral profiles of what might happen next. End point protection and threat hunting won’t identify unique malware that already exists in your system.

    Satya Gupta, Virsec CTO and Co-Founder, digs into the dirty details about the SolarWinds attack; re-creating what happened, diagnosing what went wrong, and more importantly, how to prevent it from happening again. Watch a live demo, ask questions, and get best practices for how to protect against future or ongoing remote code exploitation attacks.
  • Weekly Vulnerability Analysis: Episode 13 Recorded: Jan 21 2021 19 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-24639: AirWave Glass (Command Injection), CVE-2020-35578: Nagios (RCE), CVE-2020-35687: PHP Fusion (CSRF Attack), CVE-2021-1711: Microsoft Office (RCE), CVE-2020-4838: IBM API Connect (Cross Path Scripting), CVE-2020-29017: Forti Deceptor (RCE) (Confused Deputy)
  • The Real Culprit Behind SolarWinds: Remote Code Execution (Americas) Recorded: Jan 15 2021 36 mins
    Virsec
    The SolarWinds attack exposed a bare belly across government entities, infrastructure and enterprises alike. A brutal security failure that relied on perimeter tools, threat hunting and prior knowledge to stop an attack – only to find that these tools were powerless to identify and stop a Remote Code Execution (RCE) exploit. The attack surface has grown exponentially, and workloads are the main target. Conventional security tools will not provide adequate protection against remote code execution attacks.

    Satya Gupta, CTO and Co-Founder of Virsec, discusses how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, and then into the systems of tens of thousands of users in the SolarWinds supply chain. Learn how to identify and prevent Remote Code Execution attacks to protect your workloads wherever they reside.
  • Weekly Vulnerability Analysis: Episode 12 Recorded: Jan 15 2021 18 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-25476: Liferay CMS Portal (Blind persistent XSS), CVE-2020-8287: Node.js (HTTP Request Smuggling), CVE-2020-10658: Proofpoint Insider Threat Management Server (RCE), CVE-2021-21234: Spring Boot Actuator Log view (Directory Traversal), CVE-2020-4917: IBM Cloud Pak (CSRF/ RCE), CVE-2020-5146: Confused Deputy: Sonic Wall SMA100 (OS Command Injection)
  • The Real Culprit Behind SolarWinds: Remote Code Execution (International) Recorded: Jan 15 2021 36 mins
    Virsec
    The SolarWinds attack exposed a bare belly across government entities, infrastructure and enterprises alike. A brutal security failure that relied on perimeter tools, threat hunting and prior knowledge to stop an attack – only to find that these tools were powerless to identify and stop a Remote Code Execution (RCE) exploit. The attack surface has grown exponentially, and workloads are the main target. Conventional security tools will not provide adequate protection against remote code execution attacks.

    Satya Gupta, CTO and Co-Founder of Virsec, discusses how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, and then into the systems of tens of thousands of users in the SolarWinds supply chain. Learn how to identify and prevent Remote Code Execution attacks to protect your workloads wherever they reside.
  • Virsec 2021 Security Predictions Recorded: Jan 7 2021 27 mins
    Virsec
    We don’t think anyone could have predicted the sort of twisted funhouse ride 2020 has turned out to be! Up is down, down is up – it’s hard to find your feet! Ransomware and malware attacks have escalated exponentially around the globe, and even the best of the best cybersecurity companies have not escaped. The breadth and effects of the Solar Winds hack have yet to be fully understood.

    Collaboration tools, many of which were adopted out of sheer necessity to keep organizations running amidst a pandemic, have caused almost as many headaches as they have helped. After such a disorienting year, it’s hard to predict what will happen next! We have put our list together of the 10 most significant security trends that we believe will accelerate in 2021.
  • SolarWinds and Supernova: Technical Analysis Recorded: Dec 31 2020 29 mins
    Satya Gupta, CTO
    The initial SolarWinds breach has been followed by the discovery of another attack, possibly by another group of hackers, using the Supernova exploit to attack SolarWinds customers using Remote Code Execution. The Virsec Security Lab provides another in-depth analysis.
  • Analysis of the SolarWinds Attack Recorded: Dec 23 2020 41 mins
    Satya Gupta, CTO
    Learn in depth about how the SolarWinds attack was perpetrated and how Virsec could have pre-emptively stopped the attack kill chain at multiple points.
  • Better Ways to Deal with New Security Threats Recorded: Dec 10 2020 45 mins
    Virsec & Osterman Research
    As security threats change, security defenses need to as well, both reactively to stop current threats, and, more importantly, proactively to get ahead of future security threats. Virsec is pleased to welcome analyst firm Osterman Research to provide in-depth research into the dynamics of the new threat landscape and to highlight new security solutions and practices that go beyond the capabilities of conventional solutions. This webinar outlines the newer security solutions and practices available to blunt the growing threat arsenal.
  • Protecting Water & Wastewater Utilities from Ransomware and Targeted Attacks Recorded: Dec 8 2020 61 mins
    MR Systems, AVEVA, Scheider Electric & Virsec
    As crippling ransomware and cyberattacks continue to hit critical aspects of water and wastewater systems, operators must implement robust measures to fortify their security stance. Water utilities face multiple challenges – from limited IT resources to maintain cybersecurity, to persistent vulnerabilities across various applications, components and services. Sophisticated attacks can hijack critical operations, disrupt business processes, steal or compromise sensitive data, and more.

    To appreciate the importance of an effective cybersecurity defense, look no further than the recent attacks on Israeli water facilities. Bad actors attempted to poison the water supply in residential areas by hijacking the software that controls the treatment pumps. Another thwarted attack aimed to disable pump operations and leave tens of thousands without access to water in the middle of a heatwave.

    Disruption and damage from attacks can impact:
    • Operating systems, website and database integrity, data security and more
    • Treatment and conveyance operations and processes
    • Alarms and other fail-safe and mitigating measures
    • Legal, financial and reputational exposure

    Featuring special guests:
    Paul Forney, Chief Security Architect, Schneider Electric
    Robert Touchton, Chief Technology Officer, MR Systems
    Vishal Mahna, Global Practice Head/Sr.Director, Monitoring and Control BU, AVEVA
    Satya Gupta, Chief Technology Officer & Co-Founder, Virsec

    Learn how to implement self-defending technology that protects against ransomware and other advanced attacks – both known and unknown – and ensure continuous, secure operations.
  • Weekly Vulnerability Analysis: Episode 10 Recorded: Dec 7 2020 21 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-29599: ImageMagick (Command Injection), CVE-2020-2320: Jenkins Plugin Installation Manager Tool (RCE), CVE-2020-29529: Hashi Corp go-slug (Path Traversal), CVE-2018-21270: Node.JS (Buffer Overflow), CVE-2020-29285: POS in PHP/PDO 1.0 (SQL injection), CVE-2020-28950: Kaspersky Anti-Ransomware (DLL Hijack)
  • EPP/EDR Tools Don't Work Recorded: Dec 3 2020 43 mins
    Virsec
    Wait, what? You’re telling me my EPP/EDR tools don’t work? What are you talking about? They do work … but for your end points only. But too many people are sticking them on their servers and expecting the same results, and that’s a critical mistake! That’s like putting diesel fuel into a Ferrari and expecting it to win a race. Sure, it’s gas and technically it will power a vehicle, but everyone knows that diesel fuel is made for a diesel engine – and it will ruin a sportscar’s engine!

    It’s the same thing with security – you’ve got to use the right tools for the job. End point protection is designed to protect your end points – and that’s it. Using probabilistic methodologies that “guess” the efficacy of an attack increases latency time and only attempts to contain attacks and not prevent them. And they are not capable of stopping a runtime vulnerability exploitation.

    Effective server workload protection requires a different approach altogether. Your security solution needs to ensure memory and runtime vulnerability protection, application control and system integrity assurance engineered using deterministic techniques to detect evasive attacks at the process, file, OS and memory levels of your systems.


    Learn how deploying the right tools for the job will guarantee your server security performs like a Ferrari, not a dump truck.
  • Weekly Vulnerability Analysis: Episode 9 Recorded: Nov 30 2020 23 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-27660: Synology SafeAccess (SQL Injection), CVE-2020-29395: WordPress EventON Plugin (XSS), CVE-2020-7778: Systeminformation NPM (Command Injection),
    CVE-2020-27251: Rockwell FactoryTalk Linx (RCE), CVE-2020-26238: Cron-Utils (RCE), CVE-2020-29006: MISP (Lacks ACL – “Confused Deputy”)
  • Weekly Vulnerability Analysis: Episode 8 Recorded: Nov 23 2020 27 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-4003 (VMWare SD-WAN SQL Injection), CVE-2020-19667 (ImageMagick Stack Buffer Overflow), CVE-2020-7754 (Schneider Electric IGSS SCADA Buffer Overflow), CVE-2020-4701 (IBM DB2 Buffer Overflow), CVE-2020-13355 (GitLab CE/EE Path Traversal), CVE-2020-28366 (Golang Arbitrary Code Injection), CVE-2020-28578 (Trend Micro Web Security Virtual Appliance Buffer Overflow)
  • Do You Suffer … from Patch Shaming? Recorded: Nov 19 2020 26 mins
    Virsec
    Do you struggle with keeping your software patched and secure? You are not alone! Many industries harbor a dirty little secret … it usually takes the average company more than eight weeks to complete required patching. And that’s just what they admit to! Imagine what the truth might actually be.

    But don’t worry – you do not have to do this alone! You don’t have to be ashamed about your patching - or lack thereof. Learn how to overcome common patching pitfalls and employ best practices to ensure you keep your systems secure 24/7/365.
Security from the Inside
Virsec is the industry leader of application-aware server workload protection. Learn how to improve and optimize your security posture, ensure real-time protection from today's most dangerous cyber threats and attacks, including memory corruption, fileless and zero-day attacks. Hear valuable insights from cybersecurity leaders, experts and influencers, vulnerability analysis and more.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Real Culprit Behind SolarWinds: Remote Code Execution (Americas)
  • Live at: Jan 15 2021 6:00 pm
  • Presented by: Virsec
  • From:
Your email has been sent.
or close