Hi [[ session.user.profile.firstName ]]

Are You Too Negative When It Comes to Your Endpoint Security Strategy?

Like most organizations, you’ve probably deployed endpoint security. Still, you can’t seem to stop all existing and new threats, particularly fileless malware. You’re being infected, getting ransomware and/or having unwanted downtime.

This presentation will include a dynamic discussion between Lenny Liebmann, founding partner at Morgan Armstrong and Nir Gaist, founder and CTO at Nyotron on why the Negative Security model that tries to track down everything “bad” will eventually miss some elusive new threat.

Although a multi-layered security strategy that includes a Positive Security model provides better and more continuous protection for endpoints, this model has historically been difficult since it involves complex and time consuming whitelist maintenance. Lenny and Nir will describe a new OS-Centric Positive Security model that is a game changing innovation for simpler and more effective endpoint security.
Recorded Jan 16 2018 46 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Lenny Liebmann, Founding partner at Morgan Armstrong, Nir Gaist, Founder and CTO at Nyotron
Presentation preview: Are You Too Negative When It Comes to Your Endpoint Security Strategy?

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Security is Easy - How I've Mapped All Legitimate OS Behavior Oct 15 2018 6:00 pm UTC 60 mins
    Nir Gaist, Founder and CTO, Nyotron
    The "enumeration of badness" approach to security has failed for two major reasons. First, the amount of "badness" is practically infinite. Second, it's unrealistic to detect all future "badness" based on the past. Yet, the majority of products are still based on this method. The Spectre and Meltdown vulnerabilities reveal the unpredictability of future "badness".

    However, "goodness" is actually finite. So, is it possible to create a map of all legitimate OS behavior? The answer is yes, and I have designed a new language called Behavior Pattern Mapping (BPM) that accomplishes this.

    As I demonstrated during my Black Hat 2018 presentation, BPM can be implemented as deterministic finite automata (DFA). If you missed my presentation, join me for this webinar and see BPM's threat-agnostic defense in action. Maybe security is easy after all?

    About the speaker: Nir Gaist, Founder and CTO of Nyotron, is a recognized information security expert and ethical hacker. He started programming at age 6 and began his studies at the Israeli Technion University at age 10. Nir has worked with some of the largest Israeli organizations, such as the Israeli Police, the Israeli parliament and Microsoft’s Israeli headquarters. He also wrote cybersecurity curriculum for the Israel Ministry of Education. Nir holds patents for the creation of a programming language called Behavior Pattern Mapping (BPM) that enables monitoring of the integrity of the operating system behavior to deliver threat-agnostic protection.
  • Live Hacking Using Russia’s Favorite TTPs Recorded: Sep 26 2018 47 mins
    Guy Meoded, Senior Security Researcher at Nyotron and Rene Kolga, Sr. Director of Product
    Earlier this year Department of Homeland Security’s US-CERT issued Technical Alert TA18-074A called ‘Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors’. This alert provided information on Russian government actions targeting U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. It also contained indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) Russian government cyber actors use to compromise their victims’ networks.

    In this webinar we will go over those TTPs and put them to use. Specifically, we will demonstrate how easy it is to leverage Server Message Block (SMB) protocol authentication session to obtain user’s credential hash and then crack it in real-time revealing the actual password. We will show multiple ways of using this approach and attempt to reproduce Russia’s success in our environment. No product pitches, just good old live hacking!

    About speakers:
    Guy Meoded is a Senior Security Researcher at Nyotron. Prior to Nyotron, Guy was a Trojan Analyst at RSA.

    Rene Kolga, CISSP, is a Sr. Director of Product and Marketing at Nyotron. Rene has over 20 years of industry experience, including expertise in endpoint protection, insider threat, encryption and vulnerability management. Rene run Product teams at multiple Silicon Valley startups as well as Fortune 500 companies, including Symantec, Citrix, Altiris and ThinAir. Earlier in his career, Rene managed Customer Success and QA teams. Rene earned his Computer Science degree from Tallinn University of Technology. He also received an MBA from University of Utah.
  • Should More Protection Really Equal More False Positives? Recorded: Aug 15 2018 30 mins
    Nir Gaist, Founder & CTO, Nyotron
    Security professionals accept the paradigm of “more protection equals more false positives (FPs)” as a fact of life. The tighter they make the “screws” of the security policies in their DLP, Web or Email Gateways, UEBA, application control/whitelisting and AV tools, the higher the likelihood something benign is misclassified as malicious. That’s why it is not uncommon to see false positive rates exceed 5% using the most aggressive settings.

    What if we were thinking about this wrong? Can we break this correlation between more security and more FPs?

    During this webinar we will briefly review the definition of false positives, false negatives, true positives and true negatives, as well as the history of “more protection = more FPs” paradigm. Then we will turn the paradigm on its head and discuss how more protection can actually mean fewer FPs.


    About the Speaker
    Nir Gaist, Founder and CTO of Nyotron, is a recognized information security expert and ethical hacker. He started programming at age 6 and began his studies at the Israeli Technion University at age 10. Nir has worked with some of the largest Israeli organizations, such as the Israeli Police, the Israeli parliament and Microsoft’s Israeli headquarters. He also wrote cybersecurity curriculum for the Israel Ministry of Education. Nir holds patents for the creation of a programming language called Behavior Pattern Mapping (BPM) that enables monitoring of the integrity of the operating system behavior to deliver threat-agnostic protection.
  • What Can You Do When You Can’t Stop Malware? Recorded: Jun 28 2018 31 mins
    Teresa Wingfield, Director of Product Marketing and Robert Zamani, Director, Solution Architects
    Malware detection and prevention solutions are necessary in any organization. But, antivirus and even next-generation antivirus solutions can miss unknown threats, giving malicious software free reign to your systems and data. During this presentation, Nyotron’s Director of Product Marketing, Teresa Wingfield and Director, Solution Architects, Robert Zamani, will discuss why endpoint protection solutions relying on signatures, machine learning models and threat hunting can’t always cope with a never ending number of new attack methods and malware variants.

    While you won’t be able to stop all malware using endpoint security, you can stop the damage it intends to cause. Join us to learn how.
  • Will Windows 10’s Controlled Folder Access Protect Your Data from Ransomware? Recorded: May 22 2018 29 mins
    Nyotron’s Vera Drobov, Security Researcher, & Rene Kolga, Sr. Director, Product Management
    With the release of Windows 10 Fall Creators Update, Microsoft added a new feature called Controlled Folder Access (CFA) to Windows Defender Exploit Guard. This features allows users and organizations to control which processes can access certain folders in an attempt to help protect data from malicious programs, such as ransomware or wipers.

    But, will CFA really keep your data safe? Vera Drobov of Nyotron’s Security Research Team and Rene Kolga, Senior Director of Product Management at Nyotron will discuss why this isn’t likely due to vulnerabilities in the CFA feature. Our team has discovered at least five different ways of exploiting and bypassing CFA, including:

    - APC Injection
    - Windows Management Instrumentation (WMI)
    - Office Macros

    During this interactive webinar, you will see multiple exploits in action.
  • Endpoint Security: The Right Balance Between Positive and Negative Approaches Recorded: Apr 26 2018 58 mins
    Forrester Senior Analyst Chris Sherman and Nyotron's Senior Director of Product Management Rene Kolga
    Endpoint security represents the frontline in your fight against cybercriminals. Despite the relative maturity of the endpoint security market, new threats and evolving attacker capabilities have proven traditional approaches inadequate - and left organizations exposed.

    Guest speaker Forrester Senior Analyst Chris Sherman and Nyotron's Senior Director of Product Management Rene Kolga will discuss the current state of endpoint security while highlighting a path forward for organizations looking to re-focus their strategies to combat current threats.

    Attendees will learn:

    • Which threats are causing the most difficulties for traditional
    endpoint security approaches
    • Why organizations need to balance positive and negative security
    approaches
    •How to layer multiple tools for maximum protection
  • Iranian-Backed OilRig Group Returns with Next-Generation Malware Recorded: Mar 29 2018 43 mins
    Rene Kolga, Senior Director of Product Management at Nyotron and Robert Zamani, Director of Solutions Architect at Nyotron
    Nyotron’s research team began tracking new active OilRig attacks on a number of organizations across the Middle East in November 2017. Our security team has discovered that the Iran-linked OilRig group has significantly evolved its tactics, techniques and procedures (TTPs), introduced next-generation malware tools and new data exfiltration methods since previous attacks.

    Among key advancements, the new variant of OilRig introduces a variety of new command and control (C&C) and data exfiltration capabilities using Google Drive, SmartFile, a file sharing and transfer solution, and an ISAPI filter to extend the functionality of Microsoft Internet Information Services (IIS) servers.

    During this webinar, Nyotron will provide technical details of the attacks along with the TTPs used and the timelines to help security professionals deal with this threat actor in the future.
  • Why Machine Learning is More Likely to Cure Cancer Than to Stop Malware Recorded: Feb 27 2018 54 mins
    Shahid N. Shah, Cybersecurity and risk management expert, and Rene Kolga, Senior Director of Product Management at Nyotron
    Machine Learning (ML) has become the shiny new object for security and is the foundational pillar of products such as Next-Generation Antivirus (NGAV) and User and Entity Behavior Analytics (UEBA). While most of these products have promised to be a “silver bullet” against malware, complete protection remains elusive. In fact, ML is more likely to detect and cure cancer than to stop all of today’s advanced threats for a number of reasons:

    • The past doesn’t predict the future
    • Nothing will keep the bad guys out
    • The harder you try the more you fail
    • You can’t always be connected
    • It’s a black box

    Shahid N. Shah, an internationally recognized cybersecurity and risk management expert, and Rene Kolga, Senior Director of Product Management at Nyotron, will explain these shortcomings and how to avoid them. Instead of chasing after an infinite number of malware variants and attack vectors, a different approach to malware detection is to focus on the finite intentions behind attacks, such as data exfiltration, corruption and deletion.
  • Are You Too Negative When It Comes to Your Endpoint Security Strategy? Recorded: Jan 16 2018 46 mins
    Lenny Liebmann, Founding partner at Morgan Armstrong, Nir Gaist, Founder and CTO at Nyotron
    Like most organizations, you’ve probably deployed endpoint security. Still, you can’t seem to stop all existing and new threats, particularly fileless malware. You’re being infected, getting ransomware and/or having unwanted downtime.

    This presentation will include a dynamic discussion between Lenny Liebmann, founding partner at Morgan Armstrong and Nir Gaist, founder and CTO at Nyotron on why the Negative Security model that tries to track down everything “bad” will eventually miss some elusive new threat.

    Although a multi-layered security strategy that includes a Positive Security model provides better and more continuous protection for endpoints, this model has historically been difficult since it involves complex and time consuming whitelist maintenance. Lenny and Nir will describe a new OS-Centric Positive Security model that is a game changing innovation for simpler and more effective endpoint security.
The Industry's First OS-Centric Positive Security Solution
Nyotron offers the last line of defense to help win the war on malware. Based on the industry’s first OS-Centric Positive Security model that only allows legitimate operating system behavior, Nyotron prevents data exfiltration, corruption and other damage. Nyotron seamlessly complements existing endpoint security products with a future-proof solution, providing protection from any attack vector without foreknowledge of an exploit. The company’s headquarters is in Santa Clara, California, and R&D is in Israel. To learn more, visit www.nyotron.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Are You Too Negative When It Comes to Your Endpoint Security Strategy?
  • Live at: Jan 16 2018 8:00 pm
  • Presented by: Lenny Liebmann, Founding partner at Morgan Armstrong, Nir Gaist, Founder and CTO at Nyotron
  • From:
Your email has been sent.
or close