Name: Stop the Apache Log4J Vulnerability and Prevent Future Attacks With Zero Trust
Start: 2022-05-17T17:00:00Z
End: 2022-05-17T17:00:57.000Z
Location: BrightTALK
Rating: 4

Back in the day when your users were all on the network and your applications resided in your physical data center, it made sense to establish a secure perimeter around your network. But those days are over, the perimeter is gone, and network security is all but irrelevant.

Instead, you need to put your defenses and controls where the connections occur— the internet — so that every connection is fast and secure, no matter how or where users connect or where their applications reside.

By moving applications and infrastructure to the cloud and untethering employees from their desks, you can realize tremendous advantages in productivity, agility, and cost containment. With our 100% cloud built secure platform, Zscaler can help you make the move to the cloud, securely.

Join us as we present the findings from the Zscaler ThreatLabz 2023 Ransomware Report. Discover the latest trends in ransomware attacks, backed up by data from the world’s largest security cloud.

Zscaler experts Nirmal Singh, Director of Security Research, and Brett Stone-Gross, Sr. Director of Threat Intelligence, will review the latest ransomware research from the past year and share:

• Key ransomware trends, including encryption-less ransom attacks
• The fallout from the disbanding of the Conti ransomware group
• The evolution of cross-platform ransomware development
• Attack statistics by industry, geography, and ransomware family

• How to protect your organization from ransomware with a zero trust strategy

Insights into the Latest Ransomware Trends

The way we work has changed. Your apps are no longer in your data centers and your users are no longer in the office. Traditional WAN architectures, with their castle-and-moat approach, introduce unnecessary latency, create performance bottlenecks, and impair digital experience for your users. At the same time, as users have moved off the corporate network, IoT and OT devices are proliferating. These devices have different requirements, and introduce new security challenges. Branch networking needs to evolve to meet these changing needs.

Join this webinar to learn how infrastructure teams can transform their branch network, reduce cost and complexity, and improve security all at the same time using Zero Trust Branch Connectivity and the SASE framework. This live session will help you:
• Understand the requirements for a cafe-like branch experience
• Dive into how legacy WAN architectures leave security gaps and create performance bottlenecks
• Learn how zero trust principles and the SASE framework can help modernize your branch connectivity and security

Modernizing Branch Connectivity with Zero Trust

Interested in extending the Zscaler platform to secure your workloads in the public cloud? Looking for best practices? Where do you start and what do you implement to enable zero trust? VMs, Serverless, VDI, Containers—struggling to secure their ingress and egress traffic? How can you transition your cloud security to a modern architecture that is based on least-privileged access? 

Zero trust presents an opportunity for IT organizations to resist the temptations to extend their WAN architecture that is used on-premises to the cloud. Existing firewall- and VPN-based approaches put enormous responsibility on IT teams to configure policies and enforce remediations locally at each trust zone. This approach creates routable networks a panacea for firewall bloat and untenable policy management. 

Join this webinar with product and technical experts from Zscaler, the industry leader in zero trust, as they discuss how you can implement zero trust in five simple steps. Topics will include product demonstrations and best practices to: 
• Implement advanced threat prevention using Zscaler zero trust 
• Enable proxy-based SSL decryption for all workloads
• Activate data protection for cloud 
• Configure workload segmentation between different public clouds based on policy profiles 
• Enable log streaming from the public cloud to your SIEM for compliance & regulatory and SecOps requirements

How to Extend the Zscaler Platform to Secure Workloads in a Public Cloud

Industry analysts have determined that the next-generation zero trust network access (ZTNA) framework is the most effective and efficient method for keeping hybrid employees safe from attackers, preventing data loss, and delivering an unhampered user experience.

This is great news for security practitioners, but the question remains—how can you help your organization turn this proven concept into a reality?

Join Mike Ruiz, Consulting Engineer at Zscaler, as he explains how next-gen ZTNA creates a more secure hybrid work ecosystem. He will also detail the robust capabilities of Zscaler Private Access (ZPA), a next-gen ZTNA platform that is part of the Zscaler Zero Trust Exchange.

7 Secrets of Success to Achieve Universal Zero Trust Network Access

As organizations shift their workloads to the public cloud, ensuring their protection becomes paramount. Alarmingly, a IDG survey reports that 35% of customers struggle with increased costs in cloud management and cloud security. Safeguarding public cloud workloads has emerged as a significant challenge for organizations embarking on their digital  transformation.

Join us for an exclusive event where Zscaler, the leader in cloud security, unveils groundbreaking innovations in cloud workload protection. Don't miss the opportunity to hear from Jay Chaudhry, CEO of Zscaler, Dhawal Sharma, SVP and GM of Product Management, and Brian Lazear, VP of Product Management, as they share information on how our Zero Trust Exchange™, the world's largest in-line cloud security platform radically simplifies cloud workload security. 

You will learn how to:
• Elevate your cloud workload security  with zero trust principles, prevent zero day attacks, and protect data with cloud-scale TLS inspection, segmentation, advanced threat protection, and data protection
• Simplify multi cloud workload communications across AWS, Azure, and GCP and learn how Zscaler can provide zero trust for special use cases such as AWS GovCloud and the public clouds in China region
• Automate security deployments through programmable interfaces such as Terraform, AWS user-defined tags, and auto-scaling groups.

New Zero Trust Innovations to Radically Simplify Public Cloud Workload Security

With the advent of artificial intelligence (AI), we are on the brink of hybrid work productivity upgrading to the next level. AI can help unlock the full potential of remote and hybrid workforces in the new world. As organizations explore new ways to use AI within their tech stack, cybersecurity has made significant strides to protect workers and ensure great user experiences while users work from anywhere.

IT and security leaders now have the opportunity to leverage AI to improve the security posture of hybrid workers and boost productivity for all users. Modern workers rely heavily on crucial business applications and reliable online networks to be productive. Flexible work arrangements have become increasingly popular as they allow workers to control their work environment and optimize their performance.

Join this webinar to learn how to:
• Leverage AI-powered segmentation and intelligent policies to improve the operational efficiencies of your IT teams
• Boost employee productivity while ensuring better security across your organization
• Secure your users with Zscaler's AI and ML solutions

3 Ways to Upgrade Workforce Productivity with AI for Cybersecurity

*This is a replay session*

Despite numerous advances in security, phishing remains a top attack vector-because it works. We'll dive into the metrics and offer expert analysis from nearly a billion blocked phishing attempts to help you discover strategies for mitigating the latest phishing techniques.

Attendees will learn about:

*2022's top phishing targets by country, industry and more
*Phishing predictions for 2023-2024
*Common methods attackers use to deceive users
*How to stop attackers with a zero-trust strategy

Session Key Takeaways:

*Why phishing remains a major threat
*Why humans are the weakest link in the security chain
*Why email remains vulnerable to attacks
*Common methods attackers leverage
*How to stop attackers with a zero-trust strategy

Top Phishing Trends and How to Stop Phishing

Your legacy firewall and VPN can’t handle long trips. They’re always dropping things—and worst, they make you feel so insecure. If that sounds familiar… it might be time to break up.
Legacy appliances and tools are set in their ways. They try to control access to critical apps like SAP, AWS, ADP, and others with static network-layer policies and rules based on IPs addresses and TCP port values. But the way you work has changed. You’ve changed. You want the freedom to securely access apps from anywhere, on any device, without being tied down to the network.

Ending it with your legacy firewalls and VPNs can give you a fresh start. Join Linda Park and Emily Laufer for a practical, candid webinar all about you, your legacy appliances, and the technology network administrators can adopt to get back the remote access spark you deserve.

Breaking up isn’t always easy, but we’re here to help. Secure your spot and learn:
• How VPNs expose your apps and data to the internet
• How implicit trust from legacy firewalls grants attackers unrestricted access
• Why network-centric solutions are slow and expensive to maintain

Why It's Time to Break Up with Your VPN and Firewall

Covid shifted enterprise network spending. There is more of a focus on supporting the remote and distributed workforce. As a result, many enterprises are looking at new approaches that deliver strong, secure broadband access for remote users and offices alike.

Join this new webinar as we discuss:
• Covid-inspired network architecture changes that are here to stay.
• The shifting network architecture investments that will continue due to these changes.
• The need to expand traditional approaches to include new services (e.g., SASE) and new approaches to connectivity (e.g., private 5G, satellite broadband, and more).

Changing Network Architecture Investments

Bad actors love to deliver threats in files. Persistent and persuasive messages convince unsuspecting victims to accept and open files from unknown sources, executing the first step in a cyber attack. 

This continues to happen whether the file is an EXE or a Microsoft Excel document. Far too often, end users have an illusion of security, masked by good faith efforts of other users and (ineffective) security controls. This creates a virality effect for ransomware, malware, spyware, and annoying grayware and adware to be spread easily from user to user and machine to machine. To stop users from saying “I reject your reality and substitute my own!” – it’s time to bust some myths about file-based attacks.

Testing in three! Two! One! Join Zscaler’s Vinay Polurouthu, Principal Product Manager, and Amy Heng, Product Marketing Manager, to:

*Bust the 9 most common assumptions and myths about file-based threats
*Uncover the latest evasion trends and detect stealthy delivery methods
*Prevent patient zero infections and zero-day security events from unknown files

A MythBusting Special — 9 Myths about File-based Threats

*This is a replay session*

Over the past two years, there has been a significant increase in human-operated threat actors using stealthy tactics, social engineering, and compromised identities to bypass security controls and breach well-defended organizations.

Despite organizations transitioning to a Zero Trust architecture, they remain vulnerable to identity-based threats, malicious insiders, and lateral movement.

Security teams need a proactive approach to stop these advanced threats.

Join us for an hour of learning as we discuss how you can extend Zero Trust with Deception. We will cover the following:

*Why have attackers shifted their focus to compromising users and applications
*What Deception is and Why it is effective
*How Deception fits into a Zero Trust Architecture
*How Deception detects compromised users, lateral movement, and defense evasion techniques such as EDR bypasses
*A live attack simulation and how Deception detects and disrupts the attack at different stages

Extend Zero Trust with Deception-based Active Defense

Organizations continue to invest in firewalls yet they fail to stop the biggest corporate breaches and ransomware attacks. Legacy-gen firewall vendors address security using an outdated perimeter and network-centric model for threat defense.

The shift to zero trust means firewalls need to evolve. Watch this on-demand webinar to discuss the pitfalls of traditional firewalls and the five core ways that a zero trust model delivers security for users, workloads, and applications.

You’ll learn:
• How traditional perimeter and network-based security models contribute to breaches and ransomware attacks
• How legacy-gen firewall-based security architectures drive up the cost of securing your enterprise
• Five ways firewalls need to evolve to deliver zero trust security for users, workloads, and applications

Five Ways Zero Trust Changes Legacy-gen Firewalls

Too often are security strategies static, and perimeter-based tools such as firewall and VPN do not offer the scalability or policy granularity to secure workloads in cloud-centric environments. 

As admins aim to improve their security posture, recent ESG research cites that 46% of organizations have implemented or begun to implement zero trust across their organization—and 38% are more adaptive after adoption. However, zero trust is often overly focused on the user and neglects workloads.

Watch this custom webinar to understand why extending zero trust to your workloads should be on your agenda and:
• Why zero trust is important & where current strategies fall short.
• 4 zero trust business benefits 
• Deployment scenarios to support zero trust for workloads.


Speakers: John Grady, Principal Analyst with Enterprise Strategy Group
Brian Lazear, VP Product Management with Zscaler 
Sakthi Chandra, Senior Director, Head of Marketing- Workload Communications, Zscaler

Why Extending Zero Trust to Workloads Should Be on Every CISO’s Agenda

While zero trust has been touted as a north star for enterprise security, some experts argue that it may not be effective in all scenarios. With this reservation in mind, how can organizations, like yours, ensure that their Zero Trust strategies are effective, aligned with their security goals, and thwart today’s persistent phishing threats? 

Find out by tuning into this Fireside Chat between ESG Principal Analyst Jon Oltsik and Deepen Desai—Global CISO and Head of Security Research & Operations at Zscaler—as they survey how Zero Trust fares against the current threat landscape. 

Agenda items include:
• Zero Trust challenges & strategies for effective adoption
• A review of the 2023 ThreatLabz Phishing Report with the latest trends & techniques
• Tactics to pivot for supply chain, IoT, and MFA attacks 
• The rise of AI chatbots and their impact on cybersecurity defenders
• And much more

How Zero Trust Fares Against Current Cyber Threats

When it comes to securing workloads in the public cloud, existing legacy architectures fall short. Firewall- and VPN-based solutions add immense complexity, cloud native firewall tools are point solutions, and backhauling cloud traffic to the data center is fraught with latency issues.

Interested in extending the Zscaler platform to secure your workloads in the public cloud? Looking for best practices? Where do you start and what do you implement to enable zero trust? How can you transition your cloud security to a modern architecture that is based on least privileged access?

Watch this on-demand webinar with product and technical experts from Zscaler, the industry leader in zero trust, that explores how you can implement zero trust in seven simple steps. Topics discussed will include product demonstrations and best practices to:

1. Implement advanced threat prevention using Zscaler zero trust
2. Enable proxy-based SSL decryption for all workloads
3. Activate data protection for cloud
4. Configure workload segmentation between different public clouds based on policy profiles
5. Real-world case studies demonstrating successful data protection implementation
6. Define security policies using user-defined tags for resources in public cloud
7. Integrate security into DevOps tools like AWS Cloudformation

7 Steps to Enable Zero Trust for Securing Workloads in the Public Cloud

Organizations are embracing cloud-first technologies to stay competitive in the current market. In addition, the growing demand to sustain a hybrid workforce for improved productivity has compelled IT teams to ensure users everywhere get secure and seamless access to all apps.

VPNs and firewalls worked when the corporate network was simple, but times have changed and organizations deserve a better solution. Zero trust can provide fast, secure, seamless access to apps from anywhere while replacing legacy solutions.

Join Grady Negronida, Network Security Architect at Zebra Technologies, to learn how Zebra Tech was able to migrate to a zero trust architecture, fully replacing VPNs for an always-on secure remote access solution with Zscaler Private Access.

We’ll also discuss:
• ZTNA for secure remote and in-office access
• How ZTNA can be deployed quickly for faster time to value for your organization
• The optimization of user and admin digital experience

Zero Trust Security for Private Apps

Today’s workplaces have a global footprint. Employees, no matter where they're located – regional offices, customer sites, their homes, and on the move – rely heavily on applications, data, and virtual meeting services to collaborate and stay productive.

In this webinar, attendees will hear how to efficiently detect, triage, and resolve IT incidents that have global, regional, or user-specific impact, at scale.

You will learn how organizations like yours can:
• Get visibility across apps, networks, and devices within zero trust environments and beyond
• Accelerate IT ticket resolution time, while reducing escalations and support costs
• Proactively support globally distributed organizations to improve performance and productivity

Deliver Fast and Secure Digital Experiences for the Modern Hybrid Workforce

The pandemic and the work-from-anywhere movement have caused cybersecurity to take center stage in recent years. As organizations are issuing return-to-office policies, there is even more pressure on the infrastructure and security teams to provide seamless, consistent access to applications. What are your organization’s strategies to enable hybrid work while maintaining robust security?

Join this webinar to learn how:
• In-office and remote users can get consistent, fast, and secure access to private applications with Universal ZTNA
• Locally enabled connections can circumvent the risks of VPN for all users and latency and performance issues
• Providing application connectivity services locally to users ensures industry or country regulation compliance

Three Reasons to Embrace Universal ZTNA

A devastating vulnerability was recently discovered in the popular Apache Log4j Java logging library that allows attackers to execute code remotely. If your enterprise security team is scrambling to assess the impact of this vulnerability to your own organization, Zscaler and the ThreatLabz research team would like to help.

In this webinar, join Deepen Desai, Zscaler CISO and VP of Threat Research, and Rick Miles, Senior Director of Product Management, as they cover everything we know about this vulnerability, including up-to-date information on:

- What the CVE-2021-44228 vulnerability is, and how it’s been exploited in the wild
- How to assess and remediate any potential impact to your organization
- Steps Zscaler has taken to ensure protections for our customers and our cloud
- How to use a zero trust architecture to strengthen your risk posture and minimize the impact of future vulnerabilities

Stop the Apache Log4J Vulnerability and Prevent Future Attacks With Zero Trust

Threat Detection

Threat Defense

Cyber Attacks

Cyber Security

Cyber Crime

Cyber Defense

Cyber Incident Response

Zero Trust

Cyber Defence

Risk Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Stop the Apache Log4J Vulnerability and Prevent Future Attacks With Zero Trust

Presented by

About this talk

More from this channel