Hi [[ session.user.profile.firstName ]]

A Hacker's Perspective: Where Do We Go From Here?

For 25 years or more we have fought the battle of passwords and patches while all around us, the world has developed, data has exponentially increased, attack surfaces are everywhere and technology had quite simply forced the human race to consider the evolution cycle in single lifespans as opposed to millennia. During the last 25 years we have done little to protect the charges we are responsible for, we have failed to secure systems, allowed financial attacks, infrastructure attacks, and now attacks directly against humans. At what point will we be able to stem the bleeding and actually take charge of our realm? Have we left it too late, or are we still able to claw back out of the abyss and face our adversary in a more asymmetrical defensive manner? Can we actually provide safety and security to our charges or will we continue to fail? And, critically, how do we communicate this, and educate a population that is content to watch from the sidelines, while they are being digitally eviscerated.
Recorded Jul 22 2019 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chris Roberts, Chief Security Strategist and Hacker, and Tony Cole, CTO
Presentation preview: A Hacker's Perspective: Where Do We Go From Here?
  • Channel
  • Channel profile
  • Protecting Legal Organizations from Identity-based Attacks Recorded: Nov 18 2021 59 mins
    Carolyn Crandall, Chief Security Advocate | Attivo Networks & Joseph Salazar, Technical Marketing Engineer | Attivo Networks
    Whether motivated by risk avoidance or pushed by compliance, identity security has become a top concern for CISOs regardless of their industry or size. Gartner now presents identity-first security as a top 3 CISO priority for 2021.

    Savvy CISOs are taking action to protect their business’s continuity and company welfare by increasing their investments in Identity Detection and Response (IDR) solutions. According to a recent study conducted by EMA Research, 86% of survey participants plan to increase investments to protect against identity compromise, privilege escalation, and attacker lateral movement.

    Join this session to learn:
    1. What identity protection looks like beyond traditional provisioning, connecting, and controlling identities.
    2. What conditions allow attackers to leverage credentials, Active Directory, and the vast over-provisioning and policy drift of entitlements in the cloud.
    3. How to close gaps between Endpoint Detection and Response (EDR) and Identity Protection solutions.
    4. What new visibility and detection tools have emerged to protect credentials, entitlements, and the systems that manage them.
    5. How to justify budget and validate the need for identity security. (Hint: Ransomware readiness assessments all point to Active Directory misconfigurations that can grant access and control.)

    Special Offer for Registered attendees: Eligible businesses will receive a free Active Directory Assessment and Summary Report from Attivo Networks.
  • Protecting Healthcare from Ransomware and Identity-based Attacks Recorded: Nov 10 2021 47 mins
    Joseph Salazar, Technical Marketing Engineer | Attivo Networks & Chuck Slate, Lead Architect | Attivo Networks
    Whether motivated by risk avoidance or pushed by compliance, identity security has become a top concern for CISOs regardless of their industry or size. Gartner now presents identity-first security as a top 3 CISO priority for 2021.

    With healthcare, hospitals in particular, being in the crosshairs and under relentless attack Identity Detection and Response (IDR) is critical for protecting against identity compromise, privilege escalation, and detecting attacker lateral movement. It is not about controlling authentication or MFA. IDR is about protecting credentials, entitlements, and the systems that manage them, from endpoints to Active Directory to the cloud. Understanding its fit in the security stack is critical as it closes gaps between Endpoint Detection and Response (EDR) and Identity Protection solutions.

    During this session healthcare organizations learn how attackers are leveraging credentials, Active Directory, and the vast over provisioning of entitlements to successfully conduct some of the most damaging attacks that we have ever seen.

    You will also be introduced to new technology that is now available for:
    · Credential exposure and vulnerabilities visibility
    · Attack path visibility and attack surface reduction
    · Active Directory exposure visibility and live attack detection
    · Cloud Infrastructure Entitlement Management for identifying overprovisioning and policy drift

    Regardless of your healthcare organization’s security maturity or size, this session will equip you with key insights to be ready for ransomware and identity-based attacks.
  • Truth or Dare of Identity Security Recorded: Nov 9 2021 66 mins
    John O'Neill, CISO, Molded Fiber Glass, Carolyn Crandall, Security Advocate, Attivo Networks, Scott Bekker, AcutalTechMedia
    Whether motivated by risk avoidance or pushed by compliance, identity security has become a top concern for CISOs regardless of their industry or size. Gartner now presents identity-first security as a top 3 CISO priority for 2021.

    Join John O’Neill the Chief Information Security Officer at Molded Fiber Glass (MFG) Companies and Carolyn Crandall the Chief Security Advocate at Attivo Networks for a lively discussion on Identity Security as the Next Big Thing.

    The duo will discuss why and how savvy CISOs are taking action to protect their business’s continuity and company welfare with Identity Detection and Response (IDR) and visibility solutions.

    What You'll Learn
    * Identity security and how has it evolved
    * The biggest weaknesses in identity protection
    * Factors to consider and their influence on identity security budgets & adoption
    * John saw new identity security solutions in action and will share his views on the experience.
  • Chris Krebs: What’s Buried in Every Breach Report that No One is Talking About Recorded: Nov 3 2021 60 mins
    Christopher Krebs, Former Director U.S. Cybersecurity Infrastructure Security Agency (CISA) | Tony Cole, CTO Attivo Networks
    Former Director of the U.S. Cybersecurity Infrastructure Security Agency (CISA) and Co-Founder of Krebs Stamos Group, Christopher Krebs, will be joining Tony Cole, Chief Technology Officer of Attivo Networks for a lively “lay it on the line” fireside chat and Q&A on November 3 at 9:00 a.m. PDT.

    Join Chris Krebs live to learn what has been at the center of virtually every major attack and what cybersecurity teams need to do differently to stop attackers. Krebs will discuss what organizations are experiencing today and the changes needed to combat the highly effective attacker tactics that have resulted in mass disruption of services and unprecedented ransomware payouts.

    Attend to hear
    • Attacks are occurring at a blistering pace with almost always one thing in common.
    • Enterprise ransomware readiness audits share this common weak link.
    • Why requests for avoiding attacks on critical infrastructure will be ineffective
    • Identity-first security has been presented as a top 2021 priority, but is it?
    • Identity protection based on MFA and SSO alone isn’t enough, what’s next?
    • What upping the game in identity security looks like.
    • What organizations and government agencies can do to be more resilient to cyberattacks.

    Regardless of your organization’s security maturity, this session will provide you with key insights to be ready for and equipped to derail the surging wave of ransomware and identity-based attacks.

    LIVE Q&A
    Christopher Krebs will be taking questions from the audience during a live Q&A session. Get your questions ready!
  • Visibility and Invisibility of Credential Protection Recorded: Oct 20 2021 63 mins
    Frank Ohlhorst, Emerging and Disruptive Technologies, Media Ops | Carolyn Crandall, Chief Security Advocate, Attivo Networks
    Cybercriminals want and need credentials and privileges to conduct their attacks. Provisioning, connecting, and controlling user IDs and passwords will only take you so far. It is now a top priority for security teams to protect their business’s credentials, entitlements, privileges, and the systems that manage them to prevent falling prey to a disruptive attack.

    Frank Ohlhorst, Principal Analyst for Emerging and Disruptive Technologies at Media Ops, and Carolyn Crandall, Chief Security Advocate at Attivo Networks, will dive into credential-based attacks and the new and emerging technology hitting the market to mitigate these risks.

    Join this session to learn
    1. What identity protection looks like beyond traditional provisioning, connecting, and controlling identities.
    2. What conditions allow attackers to leverage credentials, Active Directory, and the vast over-provisioning and policy drift of entitlements in the cloud.
    3. How to close gaps between Endpoint Detection and Response (EDR) and Identity Protection solutions.
    4. What Frank uncovered while reviewing some of the latest in Identity Detection and Response tools.
    5. How to justify budget and validate the need for identity security. (Hint: Ransomware readiness assessments all point to Active Directory misconfigurations that can grant access and control.)

    Special Offer for Attendees:
    • Free access to research report: The Rise of Active Directory Exploits: Is it Time to Sound the Alarm; EMA Research Report September 2021
    • Eligible businesses can receive a free Active Directory Assessment and Summary Report from Attivo Networks
  • Truth or Dare of Identity Security Recorded: Oct 19 2021 66 mins
    John O'Neill, CISO, Molded Fiber Glass, Carolyn Crandall, Security Advocate, Attivo Networks, Scott Bekker, AcutalTechMedia
    Whether motivated by risk avoidance or pushed by compliance, identity security has become a top concern for CISOs regardless of their industry or size. Gartner now presents identity-first security as a top 3 CISO priority for 2021.

    Join John O’Neill the Chief Information Security Officer at Molded Fiber Glass (MFG) Companies and Carolyn Crandall the Chief Security Advocate at Attivo Networks for a lively discussion on Identity Security as the Next Big Thing.

    The duo will discuss why and how savvy CISOs are taking action to protect their business’s continuity and company welfare with Identity Detection and Response (IDR) and visibility solutions.

    What You'll Learn
    * Identity security and how has it evolved
    * The biggest weaknesses in identity protection
    * Factors to consider and their influence on identity security budgets & adoption
    * John saw new identity security solutions in action and will share his views on the experience.
  • Seeing Clearly Now – The Importance of Cloud Entitlement Visibility Recorded: Oct 14 2021 35 mins
    Chuck Slate, Lead Architect at Attivo Networks
    By 2023, 75% of security failures will be related to inadequate management of identities, access, and privileges, as predicted by Gartner. This is in part due to the unexpected security challenges and risks as enterprises make the transition from on-premises implementation to cloud deployment. Businesses are facing risks caused by limited visibility of entitlements and access, multiple platforms, excessive privilege, entitlement volume, and others.

    Join Chuck Slate, Lead Architect, Attivo Networks, October 14, 2021, 10am PT/1pm ET as he explores:
    • Why risk visibility is a vital factor to achieve optimum cloud security
    • Baseline and attacked network scenarios
    • A real-world identity attack – what happened under the covers
    • New industry categories CIEM and CPM – addressing the need for cloud entitlement and permissions management
    • And more!

    Chuck Slate is Lead Architect at Attivo Networks. Chuck brings over 25 years of experience building security solutions, with expertise in computer networking and UI/UX design and development. Chuck earned his Master of Science degree in Computer Science from Boston University.
  • Identity Detection and Response (IDR) - Are you ready? Recorded: Sep 15 2021 61 mins
    John Riggi, Sr. Advisor for Cybersecurity & Risk at AHA | Carolyn Crandall, Chief Security Advocate at Attivo Networks
    Identity security is now a top concern for CISO’s regardless of their industry or size. Edge-based security has been obliterated with remote working and the rapid move to cloud operations. Gartner now presents identity-first security as a top 3 CISO priority for 2021.

    Identity Detection and Response (IDR) is critical for protecting against identity compromise, privilege escalation, and detecting attacker lateral movement. It is not about controlling authentication or MFA. IDR is about protecting credentials, entitlements, and the systems that manage them, from endpoints to Active Directory to the cloud. Understanding its fit in the security stack is critical as it closes gaps between Endpoint Detection and Response (EDR) and Identity Protection solutions.

    Join this session to learn how attackers are leveraging credentials, Active Directory, and the vast over provisioning of entitlements to successfully conduct some of the most damaging attacks that we have ever seen.

    You will also be introduced to new technology that is now available for:
    · Credential exposure and vulnerabilities visibility
    · Attack path visibility and attack surface reduction
    · Active Directory exposure visibility and live attack detection
    · Cloud Infrastructure Entitlement Management for identifying overprovisioning and policy drift

    Regardless of your organization’s security maturity or size, this session will equip you with key insights to be ready for ransomware and identity-based attacks.
  • Cyber Strategies Talk with SolarWinds, Attivo Networks, and TAG Cyber CEOs Recorded: Jul 9 2021 56 mins
    Sudhakar Ramakrishna, President and CEO | SolarWinds, Tushar Kothari, CEO | Attivo Networks & Ed Amoroso CEO | TAG Cyber
    Join our three industry experts – Tushar Kothari, CEO of Attivo, Sudhakar Ramakrishna, President and CEO of SolarWinds, and Ed Amoroso, CEO of TAG Cyber – as they share their personal insights and experiences on how modern organizations are using security technology and innovating to address cyber threats being levied in the context of their digital transformation initiatives.

    During the session, you will obtain:

    • Candid insights and views on past and present cyber attacks and vulnerabilities
    • Practical advice on the best current methods for reducing the exploitation of identity and privileged escalation
    • Predictions about future trends in cyber offensive and defensive actions

    Our three experts will provide attendees with unique perspectives and insights across a range of different cyber security topics, issues and trends. Expect to learn about the state of the art in cyber deception, supply chain attacks, nation-state threats and identity protection.

    Come ready to ask questions!
  • Protecting Active Directory Without Privileged Access Recorded: May 18 2021 52 mins
    Steve Hunt, Sr. Cybersecurity Analyst | Aite Group & Carolyn Crandall, Chief Security Advocate and CMO | Attivo Networks
    Organizations value Active Directory for its ability to provide uninterrupted service and to manage employee authentication, identity, and access control for its members. However, given the privileged credentials and access stored inside, Active Directory has become an enticing target for attackers seeking to obtain administrator access. Attackers are winning, with three-quarters of all attacks attributed to privileged access credential abuse.

    Join this webinar to hear Steve Hunt, a senior cybersecurity analyst at Aite Group, outline why attackers have been successful, decisions that have created weaknesses, and why common security efforts have been insufficient in preventing attacks using advanced techniques. Additionally, Carolyn, chief security advocate and CMO of Attivo Networks, will share alternative and practical approaches that organizations can take to modernize privileged access credentials and access protection.

    In this session, you will learn how to use Active Directory Assessments for:
    • Evaluating AD cybersecurity hygiene and understanding potential risks
    • Identifying specific domain, computer, and user-level risks
    • Detecting live attacks as attackers discover, move, and attempt to compromise AD
    • Gaining continuous assessment and visibility to rogue domain controllers, DCSync and DCShadow, and Golden Ticket attacks

    *This session is for: Security professionals that want to improve AD security without the need for privileged access
  • Active Directory Exploitation and Defenses for 2021 and Beyond Recorded: Apr 29 2021 61 mins
    Carolyn Crandall, Chief Security Advocate | Attivo Networks & Dr. Peter Stephenson, Director of Products Analysis | CDM
    The issues regarding privilege escalation and lateral movement detection were a highlight of the SolarWinds Congressional hearings and in the news of many recent cyber heists. Compromising Active Directory has been a common element in all of these incidents and should be commanding every CISO’s attention.

    Watch this webinar for a lively discussion and to learn:
    -Why Active Directory is the attack vector of choice for 2021 What challenges are associated with protecting AD and how to address them
    -Ways to achieve better insight into AD cybersecurity hygiene and see potential risks
    -What tools can simplify detection of live attacks on AD, without reviewing logs
    -How to find rogue domain controllers, DCSync, DCShadow, and Golden Ticket attacks

    The review team here at Cyber Defense Magazine recently put the new Attivo Networks Active Directory solution to the test. We found this new technology particularly interesting, given the laser focus that attackers have had on AD. Special guest, Dr. Peter Stephenson joins the webinar to share the findings from his research report.
  • The SolarWinds Attack: How to Address Lateral Movement Recorded: Apr 20 2021 22 mins
    Joseph Salazar, Technical Marketing Manager | Attivo Networks
    The SolarWinds supply chain breach garnered much attention and concern, especially for potentially vulnerable organizations. While the compromise method was novel, analysis indicates that the attackers used typical in-network attack activities, such as credential theft, privilege escalation, discovery, and lateral movement. To defend against such attacks, organizations must adopt in-network security solutions that can detect and derail these tactics.

    Watch this webinar to learn how Attivo Networks, the leader in lateral movement defenses, leverages its ThreatDefend platform to provide organizations with the means to derail these activities, denying the attackers from successfully completing their mission.
  • Defense in Depth – Filling the Gaps to Detect and Stop Lateral Movement Recorded: Apr 6 2021 57 mins
    Kevin Hiltpold, Sr Solutions Engineer | Attivo Networks
    When attackers evade the first line of network defense, having secondary controls to fill in the gaps is crucial in detecting adversaries who can break free to infiltrate the network. All they need is a single unwary user to click on a link in an email, and they can establish a beachhead in the network from which they can spread. With the SolarWinds breach, attackers have a back door into potentially thousands of networks. Typical security controls focus on detecting the initial compromise but seldom the lateral movement and privilege escalation activities that attackers spend most of their time executing. The Attivo Networks Endpoint Detection Net suite of products closes this gap by efficiently detecting such activities early in the attack cycle.

    Join this discussion to learn how security teams can:
    - Detect an adversary who looks and acts like a member of the organization and is moving in operational blind spots
    - Slow down the adversary with every piece of information they gather for lateral movement
    - Deceive the adversary, turn the tables, and lower the Mean-Time-To-Detection (MTTD) from months to hours, or even less.
  • The Adversary Playbook - How Deception Thwarts the Attacker Recorded: Mar 30 2021 61 mins
    Tony Cole, Chief Technology Officer | Attivo Networks & Paul Asadoorian, Chief Innovation Officer | CyberRisk Alliance
    With the release of MITRE Shield tactics, Deception has been identified as an essential capability to help thwart attackers. But what deception techniques are the best to protect your organization? In this live technical training, Tony Cole, Chief Technology Officer at Attivo Networks, and Paul Asadoorian, Chief Innovation Officer at CyberRisk Alliance, will go into the details of the adversary playbook. How do attacks start and propagate? What deception techniques actually work to thwart these attacks?

    Tony and Paul focus on the following uses cases:
    1. Phishing attacks to harvest credentials
    2. Lateral attacks on active directory harvest additional credentials and devices
    3. Propagate ransomware across multiple systems and data repositories
  • Defense in Depth – Filling the Gaps to Detect and Stop Lateral Movement Recorded: Feb 26 2021 58 mins
    Kevin Hiltpold, Sr Solutions Engineer | Attivo Networks
    When attackers evade the first line of network defense, having secondary controls to fill in the gaps is crucial in detecting adversaries who can break free to infiltrate the network. All they need is a single unwary user to click on a link in an email, and they can establish a beachhead in the network from which they can spread. With the SolarWinds breach, attackers have a back door into potentially thousands of networks. Typical security controls focus on detecting the initial compromise but seldom the lateral movement and privilege escalation activities that attackers spend most of their time executing. The Attivo Networks Endpoint Detection Net suite of products closes this gap by efficiently detecting such activities early in the attack cycle. Join this discussion to learn how security teams can:

    - Detect an adversary who looks and acts like a member of the organization and is moving in operational blind spots
    - Slow down the adversary with every piece of information they gather for lateral movement
    - Deceive the adversary, turn the tables, and lower the Mean-Time-To-Detection (MTTD) from months to hours, or even less.
  • Protecting Production AD in Response to the FireEye Breach Recorded: Dec 22 2020 44 mins
    Venu Vissamsetty, VP Security Research | Robert Crisp, VP Field Technical Operations | Joe Carson, Sr. Director Prof Services
    The recent release of FireEye tools included several for exploiting Active Directory. Once an attacker is inside the network, AD is often the primary target as it readily enables enumerating privileged accounts and critical objects. The Attivo ADSecure solution prevents unauthorized queries from tools like SharpHound, Rubeus, and SharpZeroLogon, thereby intercepting attacker tools and techniques.

    Join this webinar with Venu Vissamsetty, Founding Engineer, Robert Crisp, Vice President, Field Technical Operations, and Joe Carson, Sr. Director, Professional Services of Attivo Networks. Joe and Venu will share details on the Active Directory tools exposed by the FireEye breach and how the Attivo ADSecure solution can be configured against these tools gaining visibility into production Active Directory.
  • Cost Savings of Deception Quantified Recorded: Oct 7 2020 61 mins
    Kevin Fiscus, Founder | Deceptive Defense Inc. & Carolyn Crandall, Chief Deception Officer & CMO | Attivo Networks
    Join this webinar with Kevin Fiscus of Deceptive Defense, Inc. and Carolyn Crandall the Chief Deception Officer and CMO of Attivo Networks where Kevin will share his research findings on the cost savings associated with deception technology.

    Kevin will show how he used industry information on data breach costs and how he overlayed the benefits of cyber deception to come up with a forecast for financial savings. The results were quite significant with breach costs reductions averaging 51% or $75 per compromised record. Additionally, Kevin will talk about his research on how deception can reduce SOC inefficiencies and reduce analyst costs by an average of 32%.

    If you need help cost justifying a deception technology project, this is a webinar that you will want to tune in to.
  • Mapping your Active Defense Capabilities to MITRE Shield Recorded: Sep 30 2020 42 mins
    Edward Amoroso, CEO of Tag Cyber & Tushar Kothari, CEO of Attivo Networks
    MITRE Shield is a knowledge base of capabilities surrounding Active Defense and adversary engagements, and it complements MITRE ATT&CK. Where ATT&CK provides a data model for protecting the enterprise against cybersecurity threats, MITRE Shield focuses on capabilities that help change an attack engagement from defensive to offensive.

    Join Edward Amoroso, CEO of TAG Cyber and Tushar Kothari, CEO of Attivo Networks for a technical discussion on what MITRE Shield is and how to use it along with ATT&CK to optimize your defense strategy. Also learn how Attivo Networks solutions address the MITRE Shield tactics and techniques to maximize detection coverage, deliver insights into what tools attackers are using, identify their activities, and gather intelligence into what adversaries are seeking.
  • Be Resilient with IBM and Attivo Networks Recorded: Aug 19 2020 48 mins
    Joseph Salazar, Technical Deception Engineer, Attivo Networks and Chris Coburn, Technical Development, IBM Security
    Attivo Networks® has integrated with IBM® to provide advanced security orchestration and incident management through the Resilient SOAR platform, giving customers on-demand deployment for the Attivo Networks ThreatDefend® platform decoys. The integration reduces an organization’s time and resources required to detect, identify, and respond to threats while collecting forensics and developing threat intelligence to reduce the risk of a successful attack.

    Join this session to learn how:
    • The ThreatDefend platform detects advanced attackers with speed and accuracy
    • IBM Resilient adaptively deploys decoys on demand
    • The joint solution accelerates incident response with automated playbooks
    • The solution collects forensics and develops company-centric threat intelligence
  • Hunting Threats with FireEye and Attivo Networks Recorded: Aug 5 2020 55 mins
    Rob Ayoub Sr. PMM Network Detection and Forensics | FireEye & Joseph Salazar, Technical Deception Engineer | Attivo Networks
    Attivo Networks® has partnered with FireEye to provide advanced, real-time, in-network threat detection and improve automated incident response to stop active attacks. With the joint solution, customers can review high fidelity alerts based on suspicious activity and gain the intelligence needed to hunt for and isolate other compromised systems based on suspicious activities. Organizations can reduce the time and resources required to detect threats, analyze attacks, and remediate infected endpoints, ultimately decreasing the organization’s risk of breaches and data loss.

    Join this session to learn how:
    • The ThreatDefend platform detects advanced attackers with speed and accuracy
    • The joint solution captures and analyzes advanced malware threats
    • The joint solution accelerates incident response with automated blocking of infected systems
    • The solution collects forensics and develops company-centric threat intelligence
Prevent Lateral Movement and Privilege Escalation
Attivo Networks closes the cyber security detection deficit with dynamic deception that accurately and efficiently reveals in-network threats and their lateral movement.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: A Hacker's Perspective: Where Do We Go From Here?
  • Live at: Jul 22 2019 5:00 pm
  • Presented by: Chris Roberts, Chief Security Strategist and Hacker, and Tony Cole, CTO
  • From:
Your email has been sent.
or close