Name: How to Set Up a Threat Hunting and Threat Intelligence Program
Start: 2022-03-17T09:07:00Z
End: 2022-03-17T09:08:01.000Z
Location: BrightTALK
Rating: 0

Cato Networks provides organizations with a cloud-based and secure global SD-WAN that replaces rigid and expensive MPLS and network security point products -- to power the digital business. Cato connects all data centers, branches, mobile users, and cloud resources into a global, optimized cloud network that is tightly secured by a cloud-based network security stack and backed by expert managed security services. Cato cuts MPLS costs, improves performance between global locations and to cloud applications, eliminates branch appliances, provides secure Internet access everywhere, and seamlessly integrates mobile users and cloud datacenters into the WAN.

“This is out of scope,” said no hacker ever. Cybercriminals relentlessly aim to breach systems and stay undetected during an attack. In our latest Cybersecurity Masterclass, Cato experts dive into the evolving tactics of threat actors running malware and phishing campaigns, exploring how they evade security tools and researchers.  

We’ll examine the old-school tricks that laid the foundation for today’s sophisticated tactics and examine the modern techniques bad actors use to outsmart defenses, including detailed demonstrations of how they now exploit cloud services and AI. 

Join Etay Maor, Chief Security Strategist, and Tal Darsan, Manager of Cybersecurity Services at Cato Networks, and both members of the Cato CTRL team, to learn: 

Early phishing and malware evasion techniques like verification of credit cards, anti-research methods, proxy checks, and randomized folders 
Modern phishing and evasion strategies, including obfuscated kits, reverse proxy attacks, and randomized URL attributes 
How threat actors leverage cloud services and AI for evasion, with real-world examples 
Steps to detect and mitigate attacks and strategies to reduce your attack surface and strengthen your security posture

Flying Under the Radar – Security Evasion Techniques (Master Class)

ChatGPT has been all over the news in the last couple of months. While AI has been around for a while, ChatGPT (and OpenAI’s Playground) simply allows anyone to interact with the software. This did not go unnoticed by cybercriminals, who are already discussing ways of using the tool to their advantage in underground Russian forums.

In this session, we will show how threat actors can use ChatGPT to help them in different stages of a breach, from creating phishing emails, identifying vulnerabilities, writing malware, and exfiltrating data. We will then show how defenders can use ChatGPT for debugging, understanding security tools, creating reports, predicting an adversary’s next step, and more.

How can threat actors and security teams use ChatGPT to their advantage?

Join Sam Curry, Chief Security Officer at Cybereason, Ofer Maor, Chief Technology Officer at Mitiga, and Etay Maor, Sr. Director of Security Strategy at Cato Networks, to learn about:

How threat actors can use ChatGPT for cyber attacks
How security teams can use ChatGPT to protect from attacks
AI limitations and biases
The legal, privacy, and copyrights challenges that AI presents

Offensive And Defensive AI: Let’s Chat(GPT) About It

We often hear about the two ends of an attack lifecycle – how threat actors gain entry and the resulting impact. But what happens in between? Much of an attack occurs between these two events – on the network. 

With average dwell times exceeding six months until detection, what actions do threat actors take during this period to evade discovery, ensure persistence, and maintain awareness of their location on the network? 

Join Cato’s Security Experts: Dolev Attiya, Staff Security Engineer; Matan Mittelman, Security Research Team Leader; and Etay Maor, Senior Director Security Strategy, as they explore the actions of threat actors on networks. They'll demonstrate the tools, tactics, and techniques used during a breach. Using MITRE ATT&CK as a guideline, the Cato team illustrates each step in detail. 

From Living on the Land (LOL) attacks and network discovery. to lateral movement, persistence, credential dumping, and more – witness an attack unfold! 

Register now to discover: 

The various methods threat actors employ to breach a network 
Insights into the motivations behind these actions and their reliance on previous and future steps of the breach 
Effective strategies for defenders to detect, mitigate, and prevent these threats, emphasizing the importance of a holistic view of the attack lifecycle

Network Threats: A Step-by-step Attack Demonstration (Master Class: Episode 17)

Webinar Overview  

Together with Howard Holton, CTO of GigaOm analyst firm, and a 30-year veteran, understand major networking and security challenges faced in enterprise Manufacturing and how the right SASE cloud platform can solve those larger organizational and industry challenges.

Understand how a global, converged cloud-native SASE platform allows manufacturing companies to respond quickly to unplanned events, see improvements in network performance, save 20x the cost on bandwidth and reduce their attack surface to improve their security posture– all while allowing IT ease of setting up configuration and management.

SASE’s Value in Manufacturing

MITRE ATT&CK has become the language defenders use when analyzing adversaries. MITRE’s database of tactics and techniques enables multiple teams, including red-teams, pen testers, threat hunters, and developers, to improve their security defenses. They can share information and then analyze and emulate different adversarial actions.

In this webinar, we will explore the MITRE ATT&CK framework. We will analyze multiple use cases and also unveil its biases and limitations. In addition, we will dive into how MITRE ATT&CK can be used within your SASE solution and see how this will enhance your organization’s security posture.

Join Bill Carter, System Engineer at Cato Networks, Ross Weisman, Innovation Lead at MITRE Center for Threat Informed Defense, and Etay Maor, Sr. Director of Security Strategy at Cato Networks, to learn:

How to operationalize the MITRE ATT&CK framework
What are the MITRE ATT&CK framework’s biases and limitations
Where and when you should use MITRE ATT&CK in your SASE solution
What is MITRE’s Center for Threat Informed Defense, and what are some of its cutting-edge projects
Save your spot for this special webinar.

The Best Defense is ATT&CK: Applying MITRE ATT&CK to Your Organization

While organizations realize they must deploy zero trust, knowing where to begin and how to deploy has become an impediment for many. The CISA (Cybersecurity and Infrastructure Security Agency) Zero Trust Maturity Model provides organizations with a measurable path to zero trust. 

The Cato SSE 360 architecture is a secure platform that helps facilitate Zero Trust maturity while delivering complete 360-degree protection for users, applications, and data. Join this new webinar to discover how.

Key points this webinar will highlight:  

Key drivers for Zero Trust  
Pillars of the CISA Zero Trust Maturity Model 
A mapping of Cato SSE 360 to the CISA Zero Trust Maturity Model
Benefits of Cato SSE 360 for accelerating threat responses across the Maturity Model
Save your seat to see for yourself.

Achieving Zero Trust Maturity with Cato SSE 360

SD-WAN was originally designed as an MPLS alternative for the branch. But, in a post-pandemic world, it’s just not a good fit for the digital enterprise, coping with cloud DCs and hybrid workers, working far from their regional hub (amongst other reasons).  

Together with AvidThink analyst, Roy Chua, we filmed Don’t Renew Your SD-WAN Contract Before Watching This Webinar. Chua is an SD-WAN expert and independent analyst, with over 20 years of experience in the telco, enterprise, cloud computing, networking, and security space. 

Chua outlines a winning framework to evaluate your existing SD-WAN, assess your current WAN and security challenges, and understand 4 architectural options that address those challenges. 

Register for this impactful SD-WAN strategy session, to walk away with an understanding of: 

When does it make sense to stay with your SD-WAN architecture? Answered
4 market changes that will cause you to immediately reconsider your SD-WAN renewal
A useful framework to evaluate your existing SD-WAN architecture, assess current WAN and security challenges, and clearly understand your next steps. 
The 4 architectural infrastructures that prioritize your enterprises’ current and future WAN challenges.

Don’t Renew Your SD-WAN Contract Before Watching This Webinar

Cybercriminals are not only looking into ways they can utilize AI but also how they can abuse AI systems and circumvent AI-based security controls.

Cato CTRL’s (Cyber Threats Research Lab) latest Cybersecurity Masterclass takes you into the tactics threat actors use to misuse and abuse AI. Join Cato Networks’ Etay Maor, Chief Security Strategist, and Vitaly Simonovich, Threat Intelligence Researcher, as they explore the tactics and techniques threat actors use and which AI weak points they target.

What’s covered: 

Beyond the headlines - how cybercriminals are really using AI
How Generative AI is being exploited by threat actors
Real-world examples of Generative AI in attacks and under attack
The dangers of private GPTs and how they can be targeted

From Misuse to Abuse - AI Risks and Attacks (Cyber Security Master Class: Episode 19)

Are you ready to break records and transform network security with unmatched speed, agility, and simplicity? Join us for an exclusive live webinar to set a world speed record in SASE (Secure Access Service Edge) implementation – a revolutionary framework that converges network security and WAN capabilities into a single, cloud-native service. 

What you’ll learn: 

Understanding SASE:  Get to grips with the fundamentals of SASE and why it's a game-changer for modern enterprises. 
Accelerated Benefits:  Discover how rapid SASE implementation enhances security, improves performance, and reduces complexity in your network infrastructure. 
Platform Speed: Experience a true SASE platform and Cato’s strategies for deploying SASE at record speed – without compromise and with minimal impact on your operations 
Pro Tips: Get expert advice on best practices, trends, and staying ahead in network security

0 to SASE in 60 Minutes

Webinar Overview  

When Gartner first defined SASE (Secure Access Service Edge) in 2019, it emphasized a requirement to deliver SASE capabilities from the cloud. While many SASE vendors claim to meet this requirement, how these capabilities are delivered from the cloud matters. 

Join our webinar with Andrea Napoli, Product Marketing Manager at Cato, as he explores the technical and business benefits of the Cato SASE Cloud Platform – a true cloud-native architecture built to power a global cloud service – and how it compares to the shortcomings of legacy, device-based architectures hosted in the cloud. 

Gain a fresh perspective on how a cloud-first architecture can bring an AWS-like, agile experience to IT teams and enterprises, and why digitally transforming with SASE must start with the right foundation. 

What you’ll learn: 

Why convergence and cloud-native software are critical to a true SASE architecture  
The key pillars of a cloud-native SASE architecture  
How Cato's Single Pass Cloud Engine (SPACE) enables orchestrated, scalable, and globally resilient traffic processing for all users and locations 
The technical and commercial advantages created by Cato SPACE compared to legacy devices hosted in the Cloud

SASE Architectures Aren't All the Same

Webinar Overview 

Successful SASE projects hinge on network and security teams' efficient and effective collaboration. With over 8 years of expertise in the SASE market and with over 2000 enterprise customers, Cato Networks is uniquely positioned to guide your path to SASE project success.  

Register for our latest webinar, “Making Sure SASE Projects Are A Success”, to learn from our vast experience on what works, what doesn’t, how to avoid common pitfalls, and how to maximize the success potential for your SASE project. 

Join Eyal Webber-Zvik, Cato’s VP of Product Marketing and Strategic Alliances to explore:

The changes happening within IT teams all over the world 
The value of internal collaboration to drive SASE success 
Tips for outcome-focused SASE platform evaluation  
How to perform an effective SASE vendor selection process

Making Sure SASE Projects Are a Success

Unlock the True Value of SASE with Cato SPACE

Webinar Overview  

Platforms promise to change security operations, making enterprise security better and easier to maintain. What should you consider when you evaluate security platforms for your organization? 

In this webinar, GigaOm’s CTO Howard Holton joins Cato Product Marketing Manager Evin Safdia and Cato Director of Technology Evangelism Dave Greenfield for a fun and interactive live demo of the Cato SASE Cloud platform.  During the webinar, Holton gives insights into the need for security platforms and raises the tough questions everyone should ask when evaluating platform options.  

Join the webinar and… 

Learn what a security platform is and why it matters. 
Dive into the Cato SASE Cloud platform for this first-person tour 
See Cato XDR in action and how it can improve security operations 
Hear Howard’s analysis of the Cato SASE Cloud

The Year of Security Platforms: Are You Ready?

Threat hunters and red teams are two of the most important building blocks of an organization’s security program. In this session we will be joined by Ilya, former director of threat hunting at RBC and Nick, red team member at Gap share their approaches to setting up a threat intelligence and threat hunting program.
The webinar covers multiple aspects of the security program including the utilization of the MITRE ATT&CK framework, how teams approach the Pyramid of Pain, maturity models and more.

How to Set Up a Threat Hunting and Threat Intelligence Program

Threat Hunting

Threat Intelligence

Cyber Security

MITRE ATT&CK

Cyber Defence

Cyber Attacks

Information Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

How to Set Up a Threat Hunting and Threat Intelligence Program

Presented by

About this talk

More from this channel