Hi [[ session.user.profile.firstName ]]

A Hacker's Perspective: Where Do We Go From Here?

For 25 years or more we have fought the battle of passwords and patches while all around us, the world has developed, data has exponentially increased, attack surfaces are everywhere and technology had quite simply forced the human race to consider the evolution cycle in single lifespans as opposed to millennia. During the last 25 years we have done little to protect the charges we are responsible for, we have failed to secure systems, allowed financial attacks, infrastructure attacks, and now attacks directly against humans. At what point will we be able to stem the bleeding and actually take charge of our realm? Have we left it too late, or are we still able to claw back out of the abyss and face our adversary in a more asymmetrical defensive manner? Can we actually provide safety and security to our charges or will we continue to fail? And, critically, how do we communicate this, and educate a population that is content to watch from the sidelines, while they are being digitally eviscerated.
Recorded Jul 22 2019 62 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Chris Roberts, Chief Security Strategist and Hacker, and Tony Cole, CTO
Presentation preview: A Hacker's Perspective: Where Do We Go From Here?
  • Channel
  • Channel profile
  • The SolarWinds Attack: How to Address Lateral Movement Recorded: Dec 29 2020 23 mins
    Joseph Salazar, Technical Marketing Manager | Attivo Networks
    The SolarWinds supply chain breach garnered much attention and concern, especially for potentially vulnerable organizations. While the compromise method was novel, analysis indicates that the attackers used typical in-network attack activities, such as credential theft, privilege escalation, discovery, and lateral movement. To defend against such attacks, organizations must adopt in-network security solutions that can detect and derail these tactics.

    Watch this webinar to learn how Attivo Networks, the leader in lateral movement defenses, leverages its ThreatDefend platform to provide organizations with the means to derail these activities, denying the attackers from successfully completing their mission.
  • Protecting Production AD in Response to the FireEye Breach Recorded: Dec 22 2020 44 mins
    Venu Vissamsetty, VP Security Research | Robert Crisp, VP Field Technical Operations | Joe Carson, Sr. Director Prof Services
    The recent release of FireEye tools included several for exploiting Active Directory. Once an attacker is inside the network, AD is often the primary target as it readily enables enumerating privileged accounts and critical objects. The Attivo ADSecure solution prevents unauthorized queries from tools like SharpHound, Rubeus, and SharpZeroLogon, thereby intercepting attacker tools and techniques.

    Join this webinar with Venu Vissamsetty, Founding Engineer, Robert Crisp, Vice President, Field Technical Operations, and Joe Carson, Sr. Director, Professional Services of Attivo Networks. Joe and Venu will share details on the Active Directory tools exposed by the FireEye breach and how the Attivo ADSecure solution can be configured against these tools gaining visibility into production Active Directory.
  • The Adversary Playbook - How Deception Thwarts the Attacker HD Recorded: Nov 19 2020 62 mins
    Tony Cole, Chief Technology Officer | Attivo Networks & Paul Asadoorian, Chief Innovation Officer | CyberRisk Alliance
    With the release of MITRE Shield tactics, Deception has been identified as an essential capability to help thwart attackers. But what deception techniques are the best to protect your organization? In this live technical training, Tony Cole, Chief Technology Officer at Attivo Networks, and Paul Asadoorian, Chief Innovation Officer at CyberRisk Alliance, will go into the details of the adversary playbook. How do attacks start and propagate? What deception techniques actually work to thwart these attacks?

    Tony and Paul focus on the following uses cases:

    1. Phishing attacks to harvest credentials
    2. Lateral attacks on active directory harvest additional credentials and devices
    3. Propagate ransomware across multiple systems and data repositories
  • Cost Savings of Deception Quantified Recorded: Oct 7 2020 61 mins
    Kevin Fiscus, Founder | Deceptive Defense Inc. & Carolyn Crandall, Chief Deception Officer & CMO | Attivo Networks
    Join this webinar with Kevin Fiscus of Deceptive Defense, Inc. and Carolyn Crandall the Chief Deception Officer and CMO of Attivo Networks where Kevin will share his research findings on the cost savings associated with deception technology.

    Kevin will show how he used industry information on data breach costs and how he overlayed the benefits of cyber deception to come up with a forecast for financial savings. The results were quite significant with breach costs reductions averaging 51% or $75 per compromised record. Additionally, Kevin will talk about his research on how deception can reduce SOC inefficiencies and reduce analyst costs by an average of 32%.

    If you need help cost justifying a deception technology project, this is a webinar that you will want to tune in to.
  • Mapping your Active Defense Capabilities to MITRE Shield Recorded: Sep 30 2020 42 mins
    Edward Amoroso, CEO of Tag Cyber & Tushar Kothari, CEO of Attivo Networks
    MITRE Shield is a knowledge base of capabilities surrounding Active Defense and adversary engagements, and it complements MITRE ATT&CK. Where ATT&CK provides a data model for protecting the enterprise against cybersecurity threats, MITRE Shield focuses on capabilities that help change an attack engagement from defensive to offensive.

    Join Edward Amoroso, CEO of TAG Cyber and Tushar Kothari, CEO of Attivo Networks for a technical discussion on what MITRE Shield is and how to use it along with ATT&CK to optimize your defense strategy. Also learn how Attivo Networks solutions address the MITRE Shield tactics and techniques to maximize detection coverage, deliver insights into what tools attackers are using, identify their activities, and gather intelligence into what adversaries are seeking.
  • Be Resilient with IBM and Attivo Networks Recorded: Aug 19 2020 48 mins
    Joseph Salazar, Technical Deception Engineer, Attivo Networks and Chris Coburn, Technical Development, IBM Security
    Attivo Networks® has integrated with IBM® to provide advanced security orchestration and incident management through the Resilient SOAR platform, giving customers on-demand deployment for the Attivo Networks ThreatDefend® platform decoys. The integration reduces an organization’s time and resources required to detect, identify, and respond to threats while collecting forensics and developing threat intelligence to reduce the risk of a successful attack.

    Join this session to learn how:
    • The ThreatDefend platform detects advanced attackers with speed and accuracy
    • IBM Resilient adaptively deploys decoys on demand
    • The joint solution accelerates incident response with automated playbooks
    • The solution collects forensics and develops company-centric threat intelligence
  • Hunting Threats with FireEye and Attivo Networks Recorded: Aug 5 2020 55 mins
    Rob Ayoub Sr. PMM Network Detection and Forensics | FireEye & Joseph Salazar, Technical Deception Engineer | Attivo Networks
    Attivo Networks® has partnered with FireEye to provide advanced, real-time, in-network threat detection and improve automated incident response to stop active attacks. With the joint solution, customers can review high fidelity alerts based on suspicious activity and gain the intelligence needed to hunt for and isolate other compromised systems based on suspicious activities. Organizations can reduce the time and resources required to detect threats, analyze attacks, and remediate infected endpoints, ultimately decreasing the organization’s risk of breaches and data loss.

    Join this session to learn how:
    • The ThreatDefend platform detects advanced attackers with speed and accuracy
    • The joint solution captures and analyzes advanced malware threats
    • The joint solution accelerates incident response with automated blocking of infected systems
    • The solution collects forensics and develops company-centric threat intelligence
  • Hide and Deny Access to Ransomware Attackers Recorded: Jul 23 2020 62 mins
    Carolyn Crandall, CMO, Attivo Networks & Srikant Vissamsetti, SVP Engineering, Attivo Networks
    The dynamics of ransomware attacks have changed, and to keep ahead, your security tool kit must too.

    Join this webinar with Srikant Vissamsetti, SVP of Engineering and Carolyn Crandall, Chief Deception Officer and CMO of Attivo Networks to explore how to fake out even the most advanced human-operated ransomware and stop it in its tracks.

    In this webinar, you will get unique insights into the most modern ransomware attack tactics and how the Attivo ThreatDefend solution is used to achieve early detection of cyber-attackers. New Endpoint Detection Net (EDN) capabilities will be shared along with how they prevent attackers from moving laterally, escalating privileges, and finding and accessing the files, folders, mapped network and cloud shares they seek to tamper with. The session will also be open for audience Q&A.
  • Boosting MITRE ATT&CK Detection Rates for Endpoint Security Recorded: Jul 1 2020 54 mins
    Tushar Kothari, CEO, Attivo Networks & Edward Amoroso, CEO, TAG Cyber
    To assist organizations in addressing cyber risk, MITRE introduced a means for testing the ability of specific solutions to detect inbound attacks based on the MITRE ATT&CK framework. Evaluation results released include data for leading commercial endpoint security providers. Join Edward Amoroso, CEO of TAG Cyber and Tushar Kothari, CEO of Attivo Networks to learn how Attivo Networks solutions augment these endpoint security tools by an average 42% increase in detection rate. Test methodology and results will be shared on APT29 and APT3 attack emulations run and the enhanced performance gained when Attivo is added for detecting lateral movement.
  • Deceptively Secure, a Red Team’s Perspective Recorded: Jun 24 2020 59 mins
    Tony Cole, Attivo; Geoff Hancock, WWT; Guest Panelist: Erik Hunstad, CTO, SixGen
    In part 2 of this 3 part series WWT and Attivo will be joined by SixGen CTO Erik Hunstad. An expert in Red Teaming and Ethical Hacking, Mr. Hunstad will explain what happens when organizations employ deception, the severe challenges it creates for attackers, and hear why modern deception ensnares both sophisticated Red Teams and peer/near-peer adversaries, alike.
  • Ghost Army, Why Let Attackers Have the Advantage? Recorded: Jun 23 2020 61 mins
    Jim Cook, Regional Director, Attivo Networks & Andrew Scully, Head of Cyber, Shelde
    Cyber Attackers have always been able to trust that their tools and technology. If they manage to break into an organisation’s network through technical means or simply by getting a job there - they can use those tools to understand how to traverse the network and what Tactics and Techniques will allow them to reach their goal without being detected.

    The same can’t be said in the physical world, where Attackers have never been able to rely 100% on their observations. There are many examples throughout history of Attackers and Defenders deceiving each other – so what lessons can be derived from the physical world and how are organisations applying those lessons in Cyber?

    Hear from Jim Cook – Regional Director for Attivo Networks on some of the most effective misdirection in history and special guest Andrew Scully – Head of Cyber from Shelde who shares some personal stories of using deception technology to catch attackers.
  • You Can’t Mitigate Breach Impact If You Don’t Detect It Recorded: Jun 17 2020 65 mins
    Tony Cole, CTO, Attivo Networks & Gary S. Miliefsky, Chairman of the Board, Cyber Defense Media Group
    It’s 2020 and the breaches just keep coming. Hear from Attivo Networks CTO, Tony Cole, in this discussion on how to better protect your endpoints and prevent attackers from moving laterally across your enterprise. Attivo Networks has pioneered a new approach to protecting endpoints with their Endpoint Detection Net (EDN) solution. Designed to serve as a force-multiplier to EPP and EDR solutions, EDN dramatically reduces risk to modern endpoints by efficiently closing detection gaps while providing ongoing visibility.

    Watch the webinar to hear about:
    -Perspectives on the Cybersecurity Industry’s State of Affairs
    -Gartner’s, MITRE’s, and NIST’s take on Deception Technology
    -Deception-Based Threat Detection Solutions for Common Security Challenges
    -Partner Technology Integrations that are Serving as a Force Multiplier for Existing Technologies, -Processes, and Resource Productivity
  • Better Endpoint Defense with CrowdStrike and Attivo Networks Recorded: Jun 4 2020 47 mins
    Joseph Salazar, Technical Deception Engineer | Attivo Networks
    Join Attivo Networks as we reveal how the integration between the ThreatDefend® platform and the CrowdStrike Falcon Insight EDR solution combines accurate in-network detection with automated response actions to isolate attackers and empower organizations to respond quickly to attackers already inside the network.
    The integrated solution provides organizations an advanced level of visibility and improves overall incident response to block and quarantine attackers before they spread. The solution works by accurately detecting attackers as they attempt to move laterally and quarantining the compromised systems either manually or automatically.

    Hear how our joint solution can provide your organization with:
    •Advanced detection of threats that evade existing security controls
    •Enhanced visibility into attack activity early in the attack cycle
    •Accurate, event-based alerts with detailed attack forensics
    •Automated incident response to mitigate attacks
    •Increased operational efficiency
    •Collection of company-centric threat intelligence to improve defenses
  • Reducing EDR Cyber Risk with Deception Recorded: May 19 2020 59 mins
    Tushar Kothari, CEO of Attivo Networks & Edward Amoroso, CEO of TAG Cyber
    Join Tushar Kothari, CEO of Attivo Networks and Edward Amoroso, CEO of TAG Cyber for a technical discussion of how deception can be used to dramatically reduce cyber risks to modern endpoints. Hear about how popular endpoint detection and response (EDR) solutions can be enhanced via deceptive means to prevent malicious actors from leveraging endpoint access to laterally traverse an enterprise or to exfiltrate data from a targeted network.

    Join this webinar to learn how deceptive traps and bait can be used to contain malicious actors, and prevent such intruders from breaking out into the enterprise from the compromised endpoint. The concepts and discussion will be illustrated with general industry examples as well as practical case studies from users of the Attivo Networks platform.
  • Customer Experiences in Real-World Deception Deployments Recorded: May 7 2020 65 mins
    Sarah Ashburn, SVP of Sales & Customer Success | Robert Crisp, VP of Technical Operations | Chris Roberts, Hacker | Customers
    In this webinar, you will have the unique opportunity to hear from three behind-the-mask security practitioners who are actively using Attivo Networks deception technology in very different environments. One customer comes from a large organization with a very mature and robustly resourced security team and infrastructure. We also have a customer from an organization with a highly diverse, dynamic, and open environment by necessity. Our last participating customer has a developing infrastructure that was built entirely from the ground up.

    We will take you through a number of detection alerts identified through Attivo Networks deception technology, such as network, credential, insider, Active Directory, Man-in-the-Middle, ransomware, 3rd party, and even remote worker-based attacks.

    Attackers have successfully used deception tactics to breach networks for years. They masquerade as employees, using deceptive measures and stolen credentials to infiltrate a network, remaining undetected for lengthy periods of time. Deception technology shifts power back to the defenders with the ability to deceive and misdirect an attacker into revealing themselves. This is achieved without false positive alert fatigue and the burden of operational overhead associated with traditional detection methods. Join the webinar to hear from customers about why these companies have adopted deception and provide insights into sample customer alerts.
  • How to Reduce Remote Worker VPN Risk Recorded: Apr 15 2020 52 mins
    Srikant Vissamsetti, Sr VP of Engineering, Attivo Networks & Carlo Beronio, Director of Sales Engineering, Attivo Networks
    With the recent dramatic increase in remote workers, traditional network protections such as web filtering, firewalls, or IDS/IPS are not always reliably available. It has also become harder to pinpoint the source of an attack, such as a rogue Active Directory query from a compromised host or network reconnaissance of systems on VPN. Plus, users are accessing corporate networks and SaaS applications with unmanaged systems that are creating additional opportunities for attackers to exploit.

    Join this session to hear how deception-based threat detection solutions are adding a safety net of early and accurate threat detection for VPN environments. Not reliant on pattern matching or prior baselines, you will hear how deception equips defenders with the ability to quickly identify attacker network discovery, MitM activity, VPN and SaaS credential theft, as well as AD reconnaissance.
  • Detecting Deceivers through Deception Recorded: Apr 10 2020 65 mins
    Tony Cole, CTO | Attivo Networks & Kevin Fiscus, Principal Instructor, SANS Institute
    Almost every cyber-attack uses some form of deception to deceive your users. Whether it's spearphishing, a waterhole attack, or most others, attackers typically use a ruse to convince someone to click a link or open an attachment. It's high time we use those same tactics on the adversary when they visit our enterprise. Enterprise deception provides a fabric of fast high-fidelity detection across an enterprise. Now through cutting-edge new capabilities far beyond traditional honeypots deception can sow false information back to our attacking foe. Suddenly their advantage is gone when they can't trust the data they're trying to collect in your environment.

    In this session we discuss deception tactics that defenders can use on adversaries to gain fast and high-fidelity detection across an enterprise. Hear why this defensive fight is relevant to companies large and small, regardless of security capability maturity.
  • Would I Lie to You? How Deception is Shaping Our Future Recorded: Mar 24 2020 60 mins
    Chris Roberts, Chief Security Strategist | Attivo Networks & Tony Cole, Chief Technology Officer | Attivo Networks
    Learn how organizations are applying deception and detection techniques to the global fight for information dominance, where they so desperately need an advantage against the adversary. We will look at how a well architected deceptive environment can be used in a tactical manner, to aid awareness, identification, and provide the necessary fidelity around alerts and adversarial movements. In addition learn how we can use deception to monitor the awareness of our attacker, and measure or assess the effectiveness and integrity of our response options.

    We will take some time to break down the now, the future, the how’s and the where’s OF deception and detection within an enterprise, including the collaboration with Dev, Sec AND Ops.

    Join this webinar to hear why we need to change, what the current landscape looks like, and where we’re heading if we don’t course correct within the overall Information Security industry.

    OH, and we’ll do it with some humor, a distinct lack of death by PowerPoint AND likely whisky.
  • Deception Technology in APAC – Looking Forward to 2020 Recorded: Mar 12 2020 64 mins
    Jeremy Ho, Head of APAC at Attivo Networks & Jim Cook, Head of ANZ at Attivo Networks
    Deception Technology was one of the most researched hot topics in 2019, second only to Zero Trust. Analysts have also increased their coverage and endorsement of cyber deception as a foundational threat detection solution for organizations of all sizes. Deception has materially changed in its capabilities as well as operational efficiency over the last decade. It is now a far cry from the original honeypot. Join this webinar for insight into what deception will look like in 2020 and what criteria to consider when selecting the right solution for you.

    Topics include:
    • Evolution from honeypots
    • Coverage capabilities, both environmental and attack vector
    • Modifying attacker behaviour during recon, lateral movement, and Active Directory queries
    • Value in threat intelligence programs
    • Automation and role in SOAR

    Deception users are typically tight-lipped about their use of the technology, often driven by its application for catching insider threats and to avoid tipping off attackers. Attivo Networks is 2-years running as a top 100 fastest growing tech company on the Deloitte Fast 500, demonstrating its impact in derailing threats early.

    Learn what this technology can do for you to reduce MTTD, MTTR and attacker dwell time significantly.
  • Using Deception Technology To Close Your Detection Gaps Recorded: Jan 21 2020 38 mins
    Joseph Salazar, Technical Deception Engineer at Attivo Networks
    Independent law firms and legal departments all need to protect their intellectual property from theft and to know if critical files are accessed without authorization. In this session, we will share insights into why deception technology has become a legal sector preferred security control for the early detection and identification of in-network threats that have bypassed prevention security controls and for its reliable alerting on insider security policy violations. Discussion topics include deception use cases for IP and case file protection, insight into adversary intelligence gathering and examples of how automation is used to accelerate incident response. This session is for legal organizations of all sizes and maturity, which are seeking to enhance their detection capabilities, gain attack path visibility and enrich insider threat programs.
Attivo Networks
Attivo Networks

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: A Hacker's Perspective: Where Do We Go From Here?
  • Live at: Jul 22 2019 5:00 pm
  • Presented by: Chris Roberts, Chief Security Strategist and Hacker, and Tony Cole, CTO
  • From:
Your email has been sent.
or close