Name: Stopping Python-based Backdoor Attacks: Edgewise
Start: 2019-12-19T18:00:00Z
End: 2019-12-19T18:00:28.000Z
Location: BrightTALK
Rating: 5

Edgewise Networks stops attack progression in the cloud and data center by allowing only trusted applications to communicate over approved network pathways.

The right microsegmentation solution is both effective in stopping lateral threat movement and is easy to use. With several types of solutions available, picking the right one for your needs can be challenging. After listening to a number of end users discuss their needs, we have collected a set of evaluation criteria that you can use in your testing of microsegmentation solutions.

Watch our webinar that took place on 1-29-2020 and learn:

- Microsegmentation requirements across operational, threat prevention, platform support, performance impact, and scalability dimensions

- If zero trust is being considered, the platform essentials that are required

- Test scenarios that are relevant to your environment

Evaluating Microsegmentation Solutions: A Practical Guide To Test Strategies

The recent breach at Capital One involved AWS metadata service exploitation and showed how easily attackers can take advantage of this security gap in AWS infrastructure.

Are you running your application in Amazon Web Services (AWS) and are concerned about the lack of security for your AWS instance metadata and user data? Join our Webinar on November 13 at 1pm ET and learn the following:

- How AWS metadata service is exploited to cause a breach

- Limitations of existing controls in protecting the metadata service

- How Edgewise’s zero trust workload protection allows only approved software to access AWS instance metadata and alerts you to unauthorized attempts.

Protecting AWS Metadata and User Data:  Edgewise

During this webinar, Mark Butler, SVP and CISO from MegaplanIT and Peter Smith, Founder and CEO, Edgewise will explore how to plan for penetration tests and/or audits. How can you determine if you need a full penetration test or if you simply need to prove network segmentation is implemented and working as intended?

Topics that will be discussed include: 

- What types of network and data controls do I need to protect critical data?
- Are those controls adequate to protect data from overexposure?
- Do my controls allow me to achieve provable security?

Segmentation and Security: How to plan for right-sized security testing

The NIST Cybersecurity Framework (CSF) is an authoritative source for companies wanting to model their cybersecurity program on a set of proven best practices. Yet implementing the Framework can overwhelm overworked and understaffed security teams. Add in recent updates, and companies often don’t know how to begin.  

During this webinar, Tom Conkle, Cybersecurity Engineer of G2, Inc. will explain enhancements and dive into the Framework Core Categories.  Following the introduction, Edgewise CTO & Founder Harry Sverdlove will explain how Edgewise aligns with the CSF to help companies implement the most hardened protection for applications and services in the cloud or on-premises data center.

Understanding and Applying the NIST Cybersecurity Framework

Edgewise Founder/CTO and longtime cybersecurity industry veteran Harry Sverdlove describes the race between security defenders and attackers. Zero trust networking offers defenders a fighting chance to stop data breaches.

Zero Trust Security: A Head-Start In the Race Against Attackers

Legacy security strategies and technologies simply haven't lived up to the hype. If they did, 2017 wouldn't have been the year of a billion records stolen. The security industry needs strategy now more than ever; throwing technology at the problem simply isn't going to stop the threats. Microsegmentation has come to light recently as a "new" area of innovation for cybersecurity, and it can be incredibly effective if it is done right. However, despite industry-accepted nomenclature, "microsegmentation" doesn't just mean perimeterizing your network with a bunch of firewalls and letting traffic inside that new perimeter communicate freely. This premise that "inside is 'good' and outside is 'bad'" is significantly outdated; any new strategy or technology must incorporate zero trust networking principles. Zero trust requires organizations to change the way they think about what's allowed to communicate on the network, regardless of where the perimeter (ephemeral as it may be) is placed. 

In this webinar we will explore different aspects of zero trust-based microsegmentation, explain how it should play into your overall cybersecurity strategy,  and discuss how using these innovations can help your team "put the monster in a box" and gain ground against the adversary.

Putting the monster in a box: zero trust microsegmentation for victory

Join Edgewise Chief Data Scientist John O’Neil, Agent Developer Pete Nahas, and Director of Marketing Operations Adam Sell for a conversation on how to enable a zero trust project by establishing secure identities for applications in your cloud or data center.

The Four Keys to Unlocking Application Identity for Security

Edgewise and the SANS Institute co-presented a webinar on the ways in which zero trust networking can better protect the cloud and data center:

Attackers rarely land on their intended target; more often, they piggyback on approved network address-based controls to move laterally toward their final target. The growth of private and public cloud further reduces the trust and control defenders have over network. To stop attackers from compromising applications and data, defenders must enforce least-privilege access. But how?

Why Zero Trust Security is Essential for Your Cloud and Data Center

Goulston & Storrs, an AmLaw 200 law firm based in Boston, has enhanced the security of their critical applications and of client data by adopting the zero trust model.

Senior Infrastructure Manager Matt Finnigan will speak about how Goulston & Storrs has used Edgewise Networks to gain visibility into their application topology, bring protection closer to the workload, and simplify policy building with machine learning.

AmLaw 200 Firm Uses Zero Trust To Enhance Security and Visibility

While the next-generation firewall (NGFW) represented a quantum leap forward in network security, industry analysts have begun to question if the NGFW is a legacy technology now.

Edgewise Founder and CTO Harry Sverdlove will try to answer this question and to explore a new vision for a cloud-centric workload security strategy.

Are NGFWs Becoming Obsolete?

Even as the world continues to change, our network security models have struggled to keep pace. Cloud mobility is a paramount security project, but the perimeter security model is showing its age and having difficulty in the new cloud world order.

We spend millions on complex perimeter and address-focused technologies, but ever-worsening breaches continue to make the headlines year after year. The zero trust model aims to resolve that conflict.

Zero trust networks are built with security at the forefront, creating policies using software and user identities, rather than spoofable IP addresses. By shifting the identifiers from addresses to software and user signatures, zero trust networks can protect public cloud workloads and on-premises applications with the same ease and flexibility.

Doug and Evan will discuss the origins of and philosophy behind the zero trust networking model, why it's needed in today's network security landscape and how it can simplify workload protection.

Building a Zero Trust Network

“Make the trust zones smaller” is the rallying cry behind microsegmentation projects. Break up the network into smaller pieces and put firewalls in between those pieces to ensure attackers can’t get from one part of the network to the next. But making microsegmentation projects work relies on a great deal of knowledge of the network and attack pathways. And it’s an incredibly heavy lift–configuring and deploying a microsegmentation solution takes an immense amount of time and resources. Machine learning can significantly reduce the hurdles by learning the network’s intended state and defining the attack pathways that need to be secured, automating the microsegmentation process.

Edgewise’s Chief Data Scientist John O’Neil will deep-dive into the role of machine learning in microsegmentation and demonstrate how a machine learning driven solution could reduce the time and energy needed to deploy microsegmentation from months to hours.

Machine Learning and Microsegmentation

The perimeter model of network security is broken – attackers have little difficulty in spoofing IP addresses or piggybacking malicious software on top of policy-permitted network traffic to gain access to the network. And once inside the network, it's a simple task for attackers to move laterally until they find the pot of gold and exfiltrate.

Harry Sverdlove, Founder and CTO of Edgewise, took a look at the four steps to implementing a zero trust methodology in your network:

- Identify your assets
- Map your workloads
- Implement intent-based security policies
- Continuously monitor and adapt to workload changes

Never Trust, Always Verify

Join Evan Gilman and Doug Barth, authors of the new O'Reilly book Zero Trust Networks, and learn about zero-trust networking and how it's going to improve the way workloads are protected in the cloud and data center. 

Evan and Doug explained why network security has to change, how zero trust networking rethinks the entire approach to workload protection, and what an effective zero trust network looks like in practice.

Zero Trust Networking 101

Peter Smith, Founder and CEO of Edgewise Networks, explained five ways to more effectively protect cloud and data center workloads and stop attack progression in a recent webinar.

During the webinar, Peter explained how to:

- Effectively translate application speak to network speak
- Dramatically simplify policy management and remove complexity
- Easily prioritize applications that are in urgent need of protection
- Clearly demonstrate risks and benefits with measurable metrics
- Ensure developers and application owners can quickly release new features

Five Ways to Better Protect Application Workloads in the Cloud

The recent MechaFlounder was a backdoor attack linked to Iranian threat actors who targeted Turkish entities. Similar Python-based backdoor attacks have managed to evade traditional network security defenses and propagate inside their target environments.

Join our Webinar on December 19th at 1pm ET and learn:

- Why network address-based defenses alone cannot prevent attack propagation and lateral movement

- Why protection based on software-identity verification (zero trust security) can stop such attacks

- How Purple teams can collaborate more effectively with a shared visualization and understanding of application topology and attack pathways to targets

Stopping Python-based Backdoor Attacks:  Edgewise

Python

Network Security

Cloud Security

Cyber Security

Security Breach

Micro Segmentation

lateral movement

MechaFlounder

Backdoor

zero trust

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Stopping Python-based Backdoor Attacks: Edgewise

Presented by

About this talk

More from this channel