Name: SQL Server Attack Ride-Along: Detecting and Investigating a Database Attack
Start: 2023-01-25T18:00:00Z
End: 2023-01-25T19:05:12.000Z
Location: BrightTALK
Rating: 0

Netwrix empowers information security and governance professionals to identify and protect sensitive data to reduce the risk of a breach. Our solutions also limit the impact of attacks by helping IT teams detect, respond and recover from them faster and with less effort. Over 13,000 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.

In today's hybrid work environment, your employees access their desktops and laptops at the office, at home, while traveling and through kiosks. Keeping everything up-to-date and secure can be a challenge because most tools are not designed for modern management scenarios.

Netwrix is thrilled to offer advanced endpoint security

With PolicyPak, now part of Netwrix, you can simplify management and enhance security across your hybrid or remote workforce.

Secure Your “Anywhere”  Workforce with a Modern Desktop Management

Want to reduce the risk of data breaches and pass compliance audits with far less effort — while enhancing IT productivity?

Join us for a 45-minute session as one of our solution engineers shows how Netwrix StealthAUDIT will help you:

- Identify the sensitive and regulated data you store.
- Pinpoint and remediate security gaps around that data.
- Simplify entitlement reviews and enforce the least-privilege principle.
- Automate threat detection and response.
- Easily satisfy data subject access requests (DSARs).

Netwrix StealthAUDIT Demonstration

As if keeping up with all the current ransomware families wasn’t enough, the new kid on the ransomware block, Black Basta, is seeing significant gains in the number of documented victim organizations since it first appeared in April of this year. Using a combination of malicious Office documents, QakBot, CobaltStrike Beacon, and their own ransomware payload as part of their attacks, Black Basta is considered to be a formidable foe.

Thought to possibly be one of two new brandings of the Conti ransomware gang (with the other being BlackByte), Black Basta improves its performance over it’s supposed predecessor, using intermittent encryption to speed up the process, theoretically impacting more systems within a victim environment before being detected by security systems.
And while the current iteration of attacks seems to indicate a selective targeting of victim organizations, the availability of Black Basta to affiliates opens up the possibility for far more attacks with far less victim selectivity.

In this Real Training for Free webinar, 4-time Microsoft MVP, Nick Cavalancia, takes my seat as he first discusses:
- The history of Conti, BlackByte, and Black Basta
- Who’s at risk of attack: the specifics so far
- Why threat groups (including Black Basta) are turning to intermittent encryption

Next up, you’ll hear from 18-time Microsoft MVP, Jeremy Moskowitz, as he dives deeper into Black Basta, providing insight into exactly which actions the ransomware attack takes, including:
- Initial attack vector
- Reconnaissance
- Persistence
- Lateral Movement
- Privilege Escalation

Jeremy will also discuss practical advice on how to stop Black Basta (and other ransomware families) using both native and third-party toolsets as the means of mitigation.

This Real Training for Free session will be chock full of practical, real-world content!

Unpacking Black Basta with Ultimate IT Security

A single misuse of a privileged account, whether negligent or malicious, can lead to costly business disruptions and data breaches. Want to dramatically reduce those risks?
Join us for a 30-minute demo and learn how Netwrix SbPAM empowers you to:
• Minimise the risk of privilege compromise and misuse by eliminating standing privileged accounts altogether.
• Maintain strong IT productivity by granting admins exactly the permissions they need to complete a task, for exactly as long as required.
• Enforce individual accountability by certifying, logging and recording each privileged session.
• Avoid audit findings by giving auditors hard proof that all privileged activity in your organisation is under scrutiny.
• Reclaim the time you currently spend switching from system to system, trying to make sure there is no unnecessary privilege and that privileged credentials are properly updated.
• Let your team work the way they like while improving security by integrating Netwrix SbPAM with your existing environment.

How to Minimise the Risk from Privileged Activity [Netwrix SbPAM Demo]

With threats growing in both number and sophistication every day and regulations imposing increasingly strict requirements, you are always fighting an uphill battle. Arm yourself with Netwrix Auditor to kick-start your IT risk assessment program, secure your critical assets and slash preparation time for compliance audits by up to 85%.
Take part in this 30-minute session as one of our solutions engineers explains how you can:
• Identify and mitigate both data and infrastructure security gaps
• Protect your critical assets to minimise the risk of a data breach
• Reduce the mean time to detect security threats and contain incidents
• Prove your adherence to compliance regulations with less effort

How to Ease the Burden of IT Auditing [Netwrix Auditor Demo]

There is so much that can go wrong with your AD, either unintentionally or maliciously. Admins can make crucial mistakes when creating, removing or modifying user accounts, security groups and Group Policy, and of course Active Directory is a top target for attackers because it provides the keys to your IT kingdom.
Indeed, a single improper change to an AD object can seriously damage both performance and security — so you need a solution that empowers you to quickly pinpoint and roll back those modifications. More broadly, you need to be able to spot suspicious behavior in time to prevent costly breaches and downtime.

Join this webinar and discover how to secure your AD from end to end. We’ll show you how you can:
- Proactively identify and mitigate AD security gaps before attackers exploit them. 
- Promptly detect and contain even advanced threats.
- Quickly recover from undesired changes and security incidents.

If the Breach Comes: Defend and Recover Your Active Directory

Every day, your organisation collects and produces tons of data. How can you possibly keep it all secure and organised? Netwrix Data Classification enables you to discover and tag your business-critical data and reduce its exposure. Plus, it also helps you achieve and prove your compliance with PCI DSS, HIPAA, CCPA and other regulations.

Join us for this demo and learn how to:

• Accurately identify sensitive and regulated data outside of secure locations and protect it
• Prove regulatory compliance on your first attempt 
• Satisfy data subject access requests (DSARs) with far less effort and expense
• Reduce your attack surface by cleaning up obsolete or trivial information
• Respond to legal requests without putting your business on hold

How to Discover and Secure Sensitive Data [Netwrix Data Classification Demo]

This is a shell webinarIf your organization is like most, shifting from a traditional in-office model to a modern remote or hybrid workforce — while ensuring security, compliance and a seamless user experience —is proving to be easier said than done.

In particular, it’s essential to accurately migrate your legacy Group Policy settings to a mobile device management (MDM) solution like Microsoft Intune. However, today’s MDM solutions simply do not have anywhere close to the nearly 10,000 settings available in Group Policy, and there are additional difficulties in ensuring proper access control and data security on remote endpoints. Solving these challenges is vital to protecting your organization against cyberattacks and insider threats that can lead to costly data breaches and business disruptions.

Join this session hosted by Rory Monaghan, Microsoft MVP, and Jeremy Moskowitz, Microsoft MVP and founder of PolicyPak (now part of Netwrix), to learn about the challenges of MDM and how to overcome them.

Deep Dive: How to Migrate Native GPOs to Microsoft Intune

Is your legacy tool for endpoint privilege management EOL'ing soon? Are you looking for a cost-effective replacement that provides feature parity and maintains the security and compliance you've already implemented? Perhaps you're new to endpoint privilege management and seeking out a solution to your "local admin problem" once and for all. If you answered "yes" to any of these questions, you won't want to miss this webinar and product demonstration!
 
Privileged accounts with local or domain admin rights pose substantial security and compliance risk to your organization's underlying information systems. These accounts in the hands of malicious actors can cause significant operational damage, including data theft, espionage, sabotage, ransom, or bypassing critical safety controls. Implementing the principle of least privilege across endpoints can mitigate these risks while optimizing operational efficiency.
 
Attend this webinar to see how Netwrix SbPAM and Netwrix PolicyPak Least Privilege Manager enable admins and standard users to complete privileged tasks securely. You'll also see how easy, fast, and cost-effective it is to transition away from legacy tools for endpoint privilege management that may soon reach its end of life!
 
During the webinar, you will learn how Netwrix SbPAM and Netwrix PolicyPak can help you:
·   Enforce least privilege functionality across Windows and Mac endpoints.
·   Prevent malware, ransomware, lateral movement, and unauthorized system changes.
·   Simplify how domain admins complete privileged tasks, which improves response times and mean time to resolution (MTTR).
·   Optimize performance and productivity without sacrificing security or compliance.
·   Replace legacy PAM tools without the headache

PAM Parity: Replacing Your Legacy Endpoint Privilege Management Solution Quickly

Having a layered defense is of paramount importance because if one level of mitigation fails, another one takes over. The more layers of security present, the more resilience you have against multiple failures in strategy. Mitigations you can try and cut down on lateral movement include aggressive auditing, network segmentation, firewall rules, GPOs/Intune, PAM, user access control, and more.

LockDown 2022: Restricting Lateral Movement in Windows Desktop Environments

Learn strategies and tactics for preventing ransomware attacks and managing attacks "if" they occur.

LockDown 2022: Ransomware: Before, During, and After an Attack

Get an MEM/Intune overview and see the community critiques. Learn what MEM/Intune is good for and see some demos live in action!

LockDown 2022: No Intune No problem Alternatives to modernize & manage endpoints

Learn how to get out of the local admin rights business, stop ransomware and unknown software in its tracks, and handle USB/CD-ROM threats with ease. You'll also see how easy it is to manage and secure remote and hybrid workers, automate everything (and anything) and unlock Windows Management capabilities you never thought possible.

LockDown 2022: Endpoint Management Lockdown w/ PolicyPak: GPO, Intune, & Cloud

It’s no secret that cyberattacks need a foothold within your organization. And given Microsoft holds that an attacker sits undetected on your network for a median of 146 days, there has to be a reason beyond “they just such an amazing hacker.” In reality, there are plenty of ways your Windows desktops actually **help** the bad guy continue their malicious activities that result in stolen data, encrypted systems, and compromised environments. 

So, how are threat actors taking advantage of your Windows desktops, and what should you do to stop them?

In this lively webcast, join Microsoft MVP, Nick Cavalancia, as he discusses:

• Why threat actors love Windows endpoints
• 3 examples of how endpoints are used within a cyberattack to the benefit of the threat actor
• Ways you can lockdown your desktops to reduce the attack surface and thwart malicious actions

LockDown 2022: 3 Ways Desktops are a Threat Actors Best Friend & What You Can Do

Learn about critical windows endpoint actions for 2022!

LockDown 2022: Critical Windows Endpoint Actions for 2022

Microsoft Endpoint Manager and Autopilot are critical tools for managing and securing IT resources, but utilizing these tools in a hybrid environment creates new risks and challenges. Join Microsoft MVP, Shabaz Darr, for best practices on managing and securing Hybrid resources with Microsoft Endpoint Manager and Autopilot.

During this webinar, you will learn:
- Why Autopilot is key
- How Microsoft Endpoint Manager can help 
- Policies, profiles, Windows Update for Business, ConfigMgr
- Importance of AzureAD
- Use cases
- And more!

Implementing Microsoft Endpoint Manager and Autopilot in a Hybrid World

Penetration testing looks for several types of vulnerabilities, including social engineering, misconfigurations, open ports, encryption flaws, and more. The purpose of these tests is to help you identify and remediate issues that put your organization at risk.

Join Paula Januszkiewicz for a PolicyPak LockDown session that focuses on Penetration testing best practices. During her presentation and demo, she’ll explain what type of vulnerabilities penetration tests look for and demonstrate live penetration tests, tips, and tricks.

How to Survive Your Penetration Test and Help Your Whole Company

Ransomware is one of the most common yet dangerous types of malware. In today’s remote-work environment, blocking and preventing malware like ransomware becomes even more difficult. Fortunately, 16X Microsoft MVP and Least Privilege management expert Jeremy Moskowitz is here to demonstrate how you can protect your environment in any windows environment.

Join Jeremy Moskowitz, 16X Microsoft MVP, and Enterprise Mobility Extradranoire for a PolicyPak LockDown session that reviews a real ransomware case study and recommendations on preventing in the future. Throughout his talk, Jeremy will review topics like:
- How ransomware attackers get in
- Least privilege management best practices
- Remediation tactics
- Prevention tips

How Not to Get Hacked: Recommendations from an Actual Ransomware Attacker

Did you know that a botnet called Vollgar is hijacking thousands of SQL servers every single day? Even worse, Vollgar is just one of some 30 cryptocurrency mining botnets operating today, and these campaigns often go undetected for days or even weeks.

These attacks highlight how vulnerable database servers are — and how easily they serve as a launching point for additional malicious activity in the network. Fortunately, there are effective defense strategies.

Join this real-training-for-free session to learn what you need to know to protect your organization. First, Microsoft MVP and cybersecurity expert Nick Cavalancia will explain exactly why SQL Servers make such great initial attack vectors and describe the tactics and techniques that adversaries use once they have established access.

Then Jordan Jasnoch, SQL Server expert and solutions engineer at Netwrix, will dive into how you can protect your critical SQL Server data. He’ll walk you through an attack and how you can spot the tracks it leaves in the logs, including OS changes, modifications of database configuration and elevation of database privileges. Moreover, he’ll provide key best practices for hardening the security of your SQL servers so you can proactively block attacks.

SQL Server Attack Ride-Along: Detecting and Investigating a Database Attack

SQL server

Data Security

Cyber Security

IT Security

Data Protection

Information Security

Cyber Defence

Cyber Attacks

Cyber Crime

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

SQL Server Attack Ride-Along: Detecting and Investigating a Database Attack

Presented by

About this talk

More from this channel