Hi [[ session.user.profile.firstName ]]

SolarWinds CSI: Re-creating the Solar Winds Attack (International)

The SolarWinds attack took everyone by surprise. Even more ominous, it exposed a giant, gaping hole in cybersecurity as a whole. It begs the question: just how vulnerable are we? Organizations, institutions, governments, enterprises and critical infrastructure alike have been reeling from this remote code execution exploit, a type of attack that until now has only existed on the periphery.

Current security solutions rely on knowledge of past malware to form signatures or behavioral profiles of what might happen next. End point protection and threat hunting won’t identify unique malware that already exists in your system.

Satya Gupta, Virsec CTO and Co-Founder, digs into the dirty details about the SolarWinds attack; re-creating what happened, diagnosing what went wrong, and more importantly, how to prevent it from happening again. Watch a live demo, ask questions, and get best practices for how to protect against future or ongoing remote code attacks.
Recorded Jan 22 2021 27 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Virsec
Presentation preview: SolarWinds CSI: Re-creating the Solar Winds Attack (International)

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Zero-Trust Cloud Workload Protection Cloud Security Summit Mar 16 2021 7:00 pm UTC 45 mins
    Virsec
    As attacks on software supply chains, and critical applications continue, we need to extend the zero-trust model into cloud workloads during runtime, ensuring that only the right code and processes can execute, regardless of the threat environment.

    Join security experts from Virsec as they discuss the challenges of protecting an expanding attack surface area with cloud, hybrid, and container environments, and the need for application-awareness, and effective runtime protection. Get best practices for security implementations for workloads that ensure vulnerability protection with granular application control, system integrity assurance, and advanced memory protection at runtime.

    Willy Leichter, VP of Marketing and Product Strategy
    Willy Leichter leads Virsec marketing and product strategy. With extensive experience in a range of IT domains including network security, global data privacy laws, data loss prevention, access control, email security and cloud applications, he is a frequent speaker at industry events and author on IT security and compliance issues. A graduate of Stanford University, he has held marketing leadership positions in the US and Europe, at CipherCloud, Axway, Websense, Tumbleweed Communications, and Secure Computing (now McAfee).


    Shauntinez Jakab, Senior Director of Product Marketing
    Shauntinéz has spent over 20 years working with executives to create unique high-growth product and business strategies in cybersecurity, network management, parallel systems, enterprise software and cloud-based services. She has held senior positions at F5 Networks, Intuit, Aryaka Networks and Citrix Systems. Shauntinez holds a BS in Electrical Engineering from Grambling State University, with graduate studies in microelectronics.
  • Analysis of the SolarWinds Attack Mar 9 2021 6:00 pm UTC 40 mins
    Satya Gupta, CTO
    Learn in depth about how the SolarWinds attack was perpetrated and how Virsec could have pre-emptively stopped the attack kill chain at multiple points.
  • Analysis of the Florida Water Utility Cyberattack Mar 2 2021 6:00 pm UTC 31 mins
    Robert Touchton - MR Systems, Satya Gupta - Virsec, Saurabh Sharma - Virsec
    Water and wastewater treatment plants are some of the most vulnerable critical infrastructure targets in the United States. Many of these facilities are underfunded, under-resourced and are not monitored 24/7. Throw into the mix vulnerable legacy applications and operating systems, and you might as well send out engraved invitations for hackers to come on in!

    Residents of Oldsmar, Florida were lucky that a plant manager happened to notice the hack in real-time and was able to stop the attempted poisoning of the entire city’s population. But water utilities shouldn’t have to rely on luck to prevent such dangerous attacks.

    Experts from Virsec and MR Systems discuss what's known about the recent attack on the Florida Water Utility that compromised security and exposed direct access to a critical SCADA system. Get action items you can implement right now to harden your system's defenses immediately.

    Distinguished guests include
    Robert Touchton, Chief Technology Officer, MS Systems
    Satya Gupta, Chief Technology Officer and Co-Founder, Virsec
    Saurabh Sharma, VP Sales ICS & Strategic Partnerships, Virsec
  • Achieving Cyber Resiliency Across Mission-Critical Assets Recorded: Feb 18 2021 52 mins
    Raytheon, Virsec
    Improving resilience has become a critical goal as organizations must adapt to rapidly changing cyber threats, while ensuring that critical systems can withstand attack without disruption. Most traditional cybersecurity solutions have relied on perimeter protection, frequent patching, and auditing security logs. While these remain important, we must assume that the sophisticated attacker is already inside the network and has established access and privilege.

    For true cyber resiliency, we need deeper protection at the network, hardware, and OS layers, as well as visibility and control over how critical applications execute during runtime.

    Join experts from Raytheon Intelligence & Space and Virsec for an interactive discussion on the latest approaches to cyber resiliency, and the need for stronger protection at each layer of the system.

    Featuring:
    - Teresa Shea – Vice President, Cyber Offense and Defense Experts, Raytheon Intelligence & Space
    - Jacob Noffke, Principal Cyber Engineer, Raytheon Intelligence & Space
    - Frank Walsh, Chief Security Architect, Virsec
    - Moderated by Willy Leichter, VP of Marketing, Virsec
  • Zero Trust Cloud Workload Protection Recorded: Feb 11 2021 25 mins
    Virsec
    Cloud computing adoption provides agility, scalability and performance. But cloud deployments require ongoing security controls, and organizations often mistakenly believe that their provider-based security is sufficient enough to protect them. However, nothing could be further from the truth. Application workloads are the new battleground and as infrastructure is outsourced to the cloud, organizations need to implement application-aware workload protection.

    Gartner recognizes Virsec in a select group of Cloud Workload Protection vendors that provide advanced memory and process integrity protection. Virsec is platform-agnostic and works seamlessly with clouds, containers, distributed and hybrid systems. Virsec is the only vendor to integrate application control, system integrity assurance and memory protection and exploit prevention.

    Join us for an in-depth dive into how you can close your security gaps and enable business in the cloud. Get best practices for security implementations for workloads that ensure vulnerability protection with granular application control, system integrity assurance, and advanced memory protection at runtime.
  • SolarWinds Post-Mortem Report: Analysis & Action Plan Recorded: Feb 4 2021 34 mins
    Virsec
    The SolarWinds attack showed everyone that despite billions of dollars spent on cybersecurity, many organizations were exposed and unprotected for months on end. All the end point protection, perimeter and threat hunting tools didn’t identify the nefarious Remote Code Execution (RCE) attack that ran undetected in runtime, a notorious blind spot for enterprises and critical infrastructure alike.

    See how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, and then into the systems of tens of thousands of users in the SolarWinds supply chain. Watch an end-to-end recreation of the SolarWinds attack and see how the Virsec security solution immediately detects and stops the evasive exploit.

    Satya Gupta, Virsec CTO and Co-Founder, explains why effective supply chain protection requires new tactics. He analyzes the technical details of the SolarWinds attack and provides actionable intelligence to prevent it from happening again.
  • Weekly Vulnerability Analysis: Episode 15 Recorded: Feb 2 2021 20 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-4949: IBM WebSphere App Server (XXE), CVE-2021-25646: Apache Druid (RCE), CVE-2020-29535: RSA Archer (Stored XSS), CVE-2021-3156: SUDO (Heap Overflow), CVE-2021-3115: Golang (CMDi and RCE), CVE-2020-4888: IBM QRadar SIEM- (Java Deserialization RCE)
  • Application-Aware Workload Protection: What It Is; Why It Matters (Intl) Recorded: Jan 29 2021 45 mins
    Virsec
    Virsec has developed the only application-aware workload protection technology that is able to detect and defeat any attack – known or unknown – in runtime. Application workloads have become the number one attack surface. Whether on servers or clouds or containers – workloads are being attacked every day, every minute and every second.

    If you’re wondering, “Hey, what’s a workload?” then this webinar is for you. And if you’re tasked with securing all or any part of your organization’s IT infrastructure, this webinar is definitely for you. See why industry giants like Raytheon, Cisco, Broadcom, General Dynamics, and Schneider Electric have turned to Virsec to protect their attack surfaces.

    Virsec stops malicious code the moment it attempts to execute and delivers complete visibility across the application stack. Join Virsec's senior director of product marketing, Shauntinez Jakab, to learn how to proactively protect your attack surfaces with no signatures, no patching, no noise and no tuning.
  • Application-Aware Workload Protection: What It Is; Why It Matters Recorded: Jan 28 2021 44 mins
    Virsec
    Virsec has developed the only application-aware workload protection technology that is able to detect and defeat any attack – known or unknown – in runtime. Application workloads have become the number one attack surface. Whether on servers or clouds or containers – workloads are being attacked every day, every minute and every second.

    If you’re wondering, “Hey, what’s a workload?” then this webinar is for you. And if you’re tasked with securing all or any part of your organization’s IT infrastructure, this webinar is definitely for you. See why industry giants like Raytheon, Cisco, Broadcom, General Dynamics, and Schneider Electric have turned to Virsec to protect their attack surfaces.

    Virsec stops malicious code the moment it attempts to execute and delivers complete visibility across the application stack. Join Virsec's senior director of product marketing, Shauntinez Jakab, to learn how to proactively protect your attack surfaces with no signatures, no patching, no noise and no tuning.
  • SolarWinds Attack End-to-End Demo Recorded: Jan 26 2021 9 mins
    Virsec
    This demonstration shows how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, which then made its way into the systems of tens of thousands of users in the SolarWinds supply chain. This type of attack, Remote Code Execution (RCE), is devastating because it executes in runtime, a notorious blind spot for most organizations.

    Current security solutions rely on knowledge of past malware to form signatures or behavioral profiles of what might happen next. End point protection, perimeter and threat hunting tools won’t identify unique malware that already exists in your system.

    Effective supply chain protection requires new tactics. Watch as the Virsec security solution immediately identifies and stops an evasive Remote Code Execution attack in an end-to-end recreation of the SolarWinds attack.
  • Weekly Vulnerability Analysis: Episode 14 Recorded: Jan 25 2021 22 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-8570: Kubernetes Java Client (Path Traversal), CVE-2020-26278: Weave Net/ Docker (Command Injection), CVE-2020-4688: IBM Guardium (Command Injection), CVE-2021-1280: Cisco AMP (DLL Hijack), CVE-2020-27733: Zoho Manage Engine (SQL Injection), CVE-2021-3110: Prestashop (SQL Injection), CVE-2021-1994: Oracle WebLogic (RCE)
  • SolarWinds CSI: Re-creating the Solar Winds Attack (International) Recorded: Jan 22 2021 27 mins
    Virsec
    The SolarWinds attack took everyone by surprise. Even more ominous, it exposed a giant, gaping hole in cybersecurity as a whole. It begs the question: just how vulnerable are we? Organizations, institutions, governments, enterprises and critical infrastructure alike have been reeling from this remote code execution exploit, a type of attack that until now has only existed on the periphery.

    Current security solutions rely on knowledge of past malware to form signatures or behavioral profiles of what might happen next. End point protection and threat hunting won’t identify unique malware that already exists in your system.

    Satya Gupta, Virsec CTO and Co-Founder, digs into the dirty details about the SolarWinds attack; re-creating what happened, diagnosing what went wrong, and more importantly, how to prevent it from happening again. Watch a live demo, ask questions, and get best practices for how to protect against future or ongoing remote code attacks.
  • SolarWinds CSI: Re-creating the Solar Winds Attack Recorded: Jan 21 2021 27 mins
    Virsec
    The SolarWinds attack took everyone by surprise. Even more ominous, it exposed a giant, gaping hole in cybersecurity as a whole. It begs the question: just how vulnerable are we? Organizations, institutions, governments, enterprises and critical infrastructure alike have been reeling from this remote code execution exploit, a type of attack that until now has only existed on the periphery.

    Current security solutions rely on knowledge of past malware to form signatures or behavioral profiles of what might happen next. End point protection and threat hunting won’t identify unique malware that already exists in your system.

    Satya Gupta, Virsec CTO and Co-Founder, digs into the dirty details about the SolarWinds attack; re-creating what happened, diagnosing what went wrong, and more importantly, how to prevent it from happening again. Watch a live demo, ask questions, and get best practices for how to protect against future or ongoing remote code exploitation attacks.
  • Weekly Vulnerability Analysis: Episode 13 Recorded: Jan 21 2021 19 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-24639: AirWave Glass (Command Injection), CVE-2020-35578: Nagios (RCE), CVE-2020-35687: PHP Fusion (CSRF Attack), CVE-2021-1711: Microsoft Office (RCE), CVE-2020-4838: IBM API Connect (Cross Path Scripting), CVE-2020-29017: Forti Deceptor (RCE) (Confused Deputy)
  • The Real Culprit Behind SolarWinds: Remote Code Execution (Americas) Recorded: Jan 15 2021 36 mins
    Virsec
    The SolarWinds attack exposed a bare belly across government entities, infrastructure and enterprises alike. A brutal security failure that relied on perimeter tools, threat hunting and prior knowledge to stop an attack – only to find that these tools were powerless to identify and stop a Remote Code Execution (RCE) exploit. The attack surface has grown exponentially, and workloads are the main target. Conventional security tools will not provide adequate protection against remote code execution attacks.

    Satya Gupta, CTO and Co-Founder of Virsec, discusses how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, and then into the systems of tens of thousands of users in the SolarWinds supply chain. Learn how to identify and prevent Remote Code Execution attacks to protect your workloads wherever they reside.
  • Weekly Vulnerability Analysis: Episode 12 Recorded: Jan 15 2021 18 mins
    Satya Gupta, CTO
    Virsec Security Research Lab publishes a weekly analysis of the Top 5 vulnerabilities that have a large potential impact, high severity level, and should be acted upon by enterprise security teams. This video series accompanies daily blogs detailing each vulnerability.

    This episode discusses: CVE-2020-25476: Liferay CMS Portal (Blind persistent XSS), CVE-2020-8287: Node.js (HTTP Request Smuggling), CVE-2020-10658: Proofpoint Insider Threat Management Server (RCE), CVE-2021-21234: Spring Boot Actuator Log view (Directory Traversal), CVE-2020-4917: IBM Cloud Pak (CSRF/ RCE), CVE-2020-5146: Confused Deputy: Sonic Wall SMA100 (OS Command Injection)
  • The Real Culprit Behind SolarWinds: Remote Code Execution (International) Recorded: Jan 15 2021 36 mins
    Virsec
    The SolarWinds attack exposed a bare belly across government entities, infrastructure and enterprises alike. A brutal security failure that relied on perimeter tools, threat hunting and prior knowledge to stop an attack – only to find that these tools were powerless to identify and stop a Remote Code Execution (RCE) exploit. The attack surface has grown exponentially, and workloads are the main target. Conventional security tools will not provide adequate protection against remote code execution attacks.

    Satya Gupta, CTO and Co-Founder of Virsec, discusses how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, and then into the systems of tens of thousands of users in the SolarWinds supply chain. Learn how to identify and prevent Remote Code Execution attacks to protect your workloads wherever they reside.
  • Virsec 2021 Security Predictions Recorded: Jan 7 2021 27 mins
    Virsec
    We don’t think anyone could have predicted the sort of twisted funhouse ride 2020 has turned out to be! Up is down, down is up – it’s hard to find your feet! Ransomware and malware attacks have escalated exponentially around the globe, and even the best of the best cybersecurity companies have not escaped. The breadth and effects of the Solar Winds hack have yet to be fully understood.

    Collaboration tools, many of which were adopted out of sheer necessity to keep organizations running amidst a pandemic, have caused almost as many headaches as they have helped. After such a disorienting year, it’s hard to predict what will happen next! We have put our list together of the 10 most significant security trends that we believe will accelerate in 2021.
  • SolarWinds and Supernova: Technical Analysis Recorded: Dec 31 2020 29 mins
    Satya Gupta, CTO
    The initial SolarWinds breach has been followed by the discovery of another attack, possibly by another group of hackers, using the Supernova exploit to attack SolarWinds customers using Remote Code Execution. The Virsec Security Lab provides another in-depth analysis.
  • Better Ways to Deal with New Security Threats Recorded: Dec 10 2020 45 mins
    Virsec & Osterman Research
    As security threats change, security defenses need to as well, both reactively to stop current threats, and, more importantly, proactively to get ahead of future security threats. Virsec is pleased to welcome analyst firm Osterman Research to provide in-depth research into the dynamics of the new threat landscape and to highlight new security solutions and practices that go beyond the capabilities of conventional solutions. This webinar outlines the newer security solutions and practices available to blunt the growing threat arsenal.
Security from the Inside
Virsec is the industry leader of application-aware server workload protection. Learn how to improve and optimize your security posture, ensure real-time protection from today's most dangerous cyber threats and attacks, including memory corruption, fileless and zero-day attacks. Hear valuable insights from cybersecurity leaders, experts and influencers, vulnerability analysis and more.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: SolarWinds CSI: Re-creating the Solar Winds Attack (International)
  • Live at: Jan 22 2021 6:00 am
  • Presented by: Virsec
  • From:
Your email has been sent.
or close