Hi [[ session.user.profile.firstName ]]

Be Resilient with IBM and Attivo Networks

Attivo Networks® has integrated with IBM® to provide advanced security orchestration and incident management through the Resilient SOAR platform, giving customers on-demand deployment for the Attivo Networks ThreatDefend® platform decoys. The integration reduces an organization’s time and resources required to detect, identify, and respond to threats while collecting forensics and developing threat intelligence to reduce the risk of a successful attack.

Join this session to learn how:
• The ThreatDefend platform detects advanced attackers with speed and accuracy
• IBM Resilient adaptively deploys decoys on demand
• The joint solution accelerates incident response with automated playbooks
• The solution collects forensics and develops company-centric threat intelligence
Recorded Aug 19 2020 48 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Joseph Salazar, Technical Deception Engineer, Attivo Networks and Chris Coburn, Technical Development, IBM Security
Presentation preview: Be Resilient with IBM and Attivo Networks
  • Channel
  • Channel profile
  • Identity Detection and Response (IDR) - Are you ready? Recorded: Sep 15 2021 61 mins
    John Riggi, Sr. Advisor for Cybersecurity & Risk at AHA | Carolyn Crandall, Chief Security Advocate at Attivo Networks
    Identity security is now a top concern for CISO’s regardless of their industry or size. Edge-based security has been obliterated with remote working and the rapid move to cloud operations. Gartner now presents identity-first security as a top 3 CISO priority for 2021.

    Identity Detection and Response (IDR) is critical for protecting against identity compromise, privilege escalation, and detecting attacker lateral movement. It is not about controlling authentication or MFA. IDR is about protecting credentials, entitlements, and the systems that manage them, from endpoints to Active Directory to the cloud. Understanding its fit in the security stack is critical as it closes gaps between Endpoint Detection and Response (EDR) and Identity Protection solutions.

    Join this session to learn how attackers are leveraging credentials, Active Directory, and the vast over provisioning of entitlements to successfully conduct some of the most damaging attacks that we have ever seen.

    You will also be introduced to new technology that is now available for:
    · Credential exposure and vulnerabilities visibility
    · Attack path visibility and attack surface reduction
    · Active Directory exposure visibility and live attack detection
    · Cloud Infrastructure Entitlement Management for identifying overprovisioning and policy drift

    Regardless of your organization’s security maturity or size, this session will equip you with key insights to be ready for ransomware and identity-based attacks.
  • Cyber Strategies Talk with SolarWinds, Attivo Networks, and TAG Cyber CEOs Recorded: Jul 9 2021 56 mins
    Sudhakar Ramakrishna, President and CEO | SolarWinds, Tushar Kothari, CEO | Attivo Networks & Ed Amoroso CEO | TAG Cyber
    Join our three industry experts – Tushar Kothari, CEO of Attivo, Sudhakar Ramakrishna, President and CEO of SolarWinds, and Ed Amoroso, CEO of TAG Cyber – as they share their personal insights and experiences on how modern organizations are using security technology and innovating to address cyber threats being levied in the context of their digital transformation initiatives.

    During the session, you will obtain:

    • Candid insights and views on past and present cyber attacks and vulnerabilities
    • Practical advice on the best current methods for reducing the exploitation of identity and privileged escalation
    • Predictions about future trends in cyber offensive and defensive actions

    Our three experts will provide attendees with unique perspectives and insights across a range of different cyber security topics, issues and trends. Expect to learn about the state of the art in cyber deception, supply chain attacks, nation-state threats and identity protection.

    Come ready to ask questions!
  • Protecting Active Directory Without Privileged Access Recorded: May 18 2021 52 mins
    Steve Hunt, Sr. Cybersecurity Analyst | Aite Group & Carolyn Crandall, Chief Security Advocate and CMO | Attivo Networks
    Organizations value Active Directory for its ability to provide uninterrupted service and to manage employee authentication, identity, and access control for its members. However, given the privileged credentials and access stored inside, Active Directory has become an enticing target for attackers seeking to obtain administrator access. Attackers are winning, with three-quarters of all attacks attributed to privileged access credential abuse.

    Join this webinar to hear Steve Hunt, a senior cybersecurity analyst at Aite Group, outline why attackers have been successful, decisions that have created weaknesses, and why common security efforts have been insufficient in preventing attacks using advanced techniques. Additionally, Carolyn, chief security advocate and CMO of Attivo Networks, will share alternative and practical approaches that organizations can take to modernize privileged access credentials and access protection.

    In this session, you will learn how to use Active Directory Assessments for:
    • Evaluating AD cybersecurity hygiene and understanding potential risks
    • Identifying specific domain, computer, and user-level risks
    • Detecting live attacks as attackers discover, move, and attempt to compromise AD
    • Gaining continuous assessment and visibility to rogue domain controllers, DCSync and DCShadow, and Golden Ticket attacks

    *This session is for: Security professionals that want to improve AD security without the need for privileged access
  • Active Directory Exploitation and Defenses for 2021 and Beyond Recorded: Apr 29 2021 61 mins
    Carolyn Crandall, Chief Security Advocate | Attivo Networks & Dr. Peter Stephenson, Director of Products Analysis | CDM
    The issues regarding privilege escalation and lateral movement detection were a highlight of the SolarWinds Congressional hearings and in the news of many recent cyber heists. Compromising Active Directory has been a common element in all of these incidents and should be commanding every CISO’s attention.

    Watch this webinar for a lively discussion and to learn:
    -Why Active Directory is the attack vector of choice for 2021 What challenges are associated with protecting AD and how to address them
    -Ways to achieve better insight into AD cybersecurity hygiene and see potential risks
    -What tools can simplify detection of live attacks on AD, without reviewing logs
    -How to find rogue domain controllers, DCSync, DCShadow, and Golden Ticket attacks

    The review team here at Cyber Defense Magazine recently put the new Attivo Networks Active Directory solution to the test. We found this new technology particularly interesting, given the laser focus that attackers have had on AD. Special guest, Dr. Peter Stephenson joins the webinar to share the findings from his research report.
  • The SolarWinds Attack: How to Address Lateral Movement Recorded: Apr 20 2021 22 mins
    Joseph Salazar, Technical Marketing Manager | Attivo Networks
    The SolarWinds supply chain breach garnered much attention and concern, especially for potentially vulnerable organizations. While the compromise method was novel, analysis indicates that the attackers used typical in-network attack activities, such as credential theft, privilege escalation, discovery, and lateral movement. To defend against such attacks, organizations must adopt in-network security solutions that can detect and derail these tactics.

    Watch this webinar to learn how Attivo Networks, the leader in lateral movement defenses, leverages its ThreatDefend platform to provide organizations with the means to derail these activities, denying the attackers from successfully completing their mission.
  • Defense in Depth – Filling the Gaps to Detect and Stop Lateral Movement Recorded: Apr 6 2021 57 mins
    Kevin Hiltpold, Sr Solutions Engineer | Attivo Networks
    When attackers evade the first line of network defense, having secondary controls to fill in the gaps is crucial in detecting adversaries who can break free to infiltrate the network. All they need is a single unwary user to click on a link in an email, and they can establish a beachhead in the network from which they can spread. With the SolarWinds breach, attackers have a back door into potentially thousands of networks. Typical security controls focus on detecting the initial compromise but seldom the lateral movement and privilege escalation activities that attackers spend most of their time executing. The Attivo Networks Endpoint Detection Net suite of products closes this gap by efficiently detecting such activities early in the attack cycle.

    Join this discussion to learn how security teams can:
    - Detect an adversary who looks and acts like a member of the organization and is moving in operational blind spots
    - Slow down the adversary with every piece of information they gather for lateral movement
    - Deceive the adversary, turn the tables, and lower the Mean-Time-To-Detection (MTTD) from months to hours, or even less.
  • The Adversary Playbook - How Deception Thwarts the Attacker Recorded: Mar 30 2021 61 mins
    Tony Cole, Chief Technology Officer | Attivo Networks & Paul Asadoorian, Chief Innovation Officer | CyberRisk Alliance
    With the release of MITRE Shield tactics, Deception has been identified as an essential capability to help thwart attackers. But what deception techniques are the best to protect your organization? In this live technical training, Tony Cole, Chief Technology Officer at Attivo Networks, and Paul Asadoorian, Chief Innovation Officer at CyberRisk Alliance, will go into the details of the adversary playbook. How do attacks start and propagate? What deception techniques actually work to thwart these attacks?

    Tony and Paul focus on the following uses cases:
    1. Phishing attacks to harvest credentials
    2. Lateral attacks on active directory harvest additional credentials and devices
    3. Propagate ransomware across multiple systems and data repositories
  • Defense in Depth – Filling the Gaps to Detect and Stop Lateral Movement Recorded: Feb 26 2021 58 mins
    Kevin Hiltpold, Sr Solutions Engineer | Attivo Networks
    When attackers evade the first line of network defense, having secondary controls to fill in the gaps is crucial in detecting adversaries who can break free to infiltrate the network. All they need is a single unwary user to click on a link in an email, and they can establish a beachhead in the network from which they can spread. With the SolarWinds breach, attackers have a back door into potentially thousands of networks. Typical security controls focus on detecting the initial compromise but seldom the lateral movement and privilege escalation activities that attackers spend most of their time executing. The Attivo Networks Endpoint Detection Net suite of products closes this gap by efficiently detecting such activities early in the attack cycle. Join this discussion to learn how security teams can:

    - Detect an adversary who looks and acts like a member of the organization and is moving in operational blind spots
    - Slow down the adversary with every piece of information they gather for lateral movement
    - Deceive the adversary, turn the tables, and lower the Mean-Time-To-Detection (MTTD) from months to hours, or even less.
  • Protecting Production AD in Response to the FireEye Breach Recorded: Dec 22 2020 44 mins
    Venu Vissamsetty, VP Security Research | Robert Crisp, VP Field Technical Operations | Joe Carson, Sr. Director Prof Services
    The recent release of FireEye tools included several for exploiting Active Directory. Once an attacker is inside the network, AD is often the primary target as it readily enables enumerating privileged accounts and critical objects. The Attivo ADSecure solution prevents unauthorized queries from tools like SharpHound, Rubeus, and SharpZeroLogon, thereby intercepting attacker tools and techniques.

    Join this webinar with Venu Vissamsetty, Founding Engineer, Robert Crisp, Vice President, Field Technical Operations, and Joe Carson, Sr. Director, Professional Services of Attivo Networks. Joe and Venu will share details on the Active Directory tools exposed by the FireEye breach and how the Attivo ADSecure solution can be configured against these tools gaining visibility into production Active Directory.
  • Cost Savings of Deception Quantified Recorded: Oct 7 2020 61 mins
    Kevin Fiscus, Founder | Deceptive Defense Inc. & Carolyn Crandall, Chief Deception Officer & CMO | Attivo Networks
    Join this webinar with Kevin Fiscus of Deceptive Defense, Inc. and Carolyn Crandall the Chief Deception Officer and CMO of Attivo Networks where Kevin will share his research findings on the cost savings associated with deception technology.

    Kevin will show how he used industry information on data breach costs and how he overlayed the benefits of cyber deception to come up with a forecast for financial savings. The results were quite significant with breach costs reductions averaging 51% or $75 per compromised record. Additionally, Kevin will talk about his research on how deception can reduce SOC inefficiencies and reduce analyst costs by an average of 32%.

    If you need help cost justifying a deception technology project, this is a webinar that you will want to tune in to.
  • Mapping your Active Defense Capabilities to MITRE Shield Recorded: Sep 30 2020 42 mins
    Edward Amoroso, CEO of Tag Cyber & Tushar Kothari, CEO of Attivo Networks
    MITRE Shield is a knowledge base of capabilities surrounding Active Defense and adversary engagements, and it complements MITRE ATT&CK. Where ATT&CK provides a data model for protecting the enterprise against cybersecurity threats, MITRE Shield focuses on capabilities that help change an attack engagement from defensive to offensive.

    Join Edward Amoroso, CEO of TAG Cyber and Tushar Kothari, CEO of Attivo Networks for a technical discussion on what MITRE Shield is and how to use it along with ATT&CK to optimize your defense strategy. Also learn how Attivo Networks solutions address the MITRE Shield tactics and techniques to maximize detection coverage, deliver insights into what tools attackers are using, identify their activities, and gather intelligence into what adversaries are seeking.
  • Be Resilient with IBM and Attivo Networks Recorded: Aug 19 2020 48 mins
    Joseph Salazar, Technical Deception Engineer, Attivo Networks and Chris Coburn, Technical Development, IBM Security
    Attivo Networks® has integrated with IBM® to provide advanced security orchestration and incident management through the Resilient SOAR platform, giving customers on-demand deployment for the Attivo Networks ThreatDefend® platform decoys. The integration reduces an organization’s time and resources required to detect, identify, and respond to threats while collecting forensics and developing threat intelligence to reduce the risk of a successful attack.

    Join this session to learn how:
    • The ThreatDefend platform detects advanced attackers with speed and accuracy
    • IBM Resilient adaptively deploys decoys on demand
    • The joint solution accelerates incident response with automated playbooks
    • The solution collects forensics and develops company-centric threat intelligence
  • Hunting Threats with FireEye and Attivo Networks Recorded: Aug 5 2020 55 mins
    Rob Ayoub Sr. PMM Network Detection and Forensics | FireEye & Joseph Salazar, Technical Deception Engineer | Attivo Networks
    Attivo Networks® has partnered with FireEye to provide advanced, real-time, in-network threat detection and improve automated incident response to stop active attacks. With the joint solution, customers can review high fidelity alerts based on suspicious activity and gain the intelligence needed to hunt for and isolate other compromised systems based on suspicious activities. Organizations can reduce the time and resources required to detect threats, analyze attacks, and remediate infected endpoints, ultimately decreasing the organization’s risk of breaches and data loss.

    Join this session to learn how:
    • The ThreatDefend platform detects advanced attackers with speed and accuracy
    • The joint solution captures and analyzes advanced malware threats
    • The joint solution accelerates incident response with automated blocking of infected systems
    • The solution collects forensics and develops company-centric threat intelligence
  • Hide and Deny Access to Ransomware Attackers Recorded: Jul 23 2020 62 mins
    Carolyn Crandall, CMO, Attivo Networks & Srikant Vissamsetti, SVP Engineering, Attivo Networks
    The dynamics of ransomware attacks have changed, and to keep ahead, your security tool kit must too.

    Join this webinar with Srikant Vissamsetti, SVP of Engineering and Carolyn Crandall, Chief Deception Officer and CMO of Attivo Networks to explore how to fake out even the most advanced human-operated ransomware and stop it in its tracks.

    In this webinar, you will get unique insights into the most modern ransomware attack tactics and how the Attivo ThreatDefend solution is used to achieve early detection of cyber-attackers. New Endpoint Detection Net (EDN) capabilities will be shared along with how they prevent attackers from moving laterally, escalating privileges, and finding and accessing the files, folders, mapped network and cloud shares they seek to tamper with. The session will also be open for audience Q&A.
  • Boosting MITRE ATT&CK Detection Rates for Endpoint Security Recorded: Jul 1 2020 54 mins
    Tushar Kothari, CEO, Attivo Networks & Edward Amoroso, CEO, TAG Cyber
    To assist organizations in addressing cyber risk, MITRE introduced a means for testing the ability of specific solutions to detect inbound attacks based on the MITRE ATT&CK framework. Evaluation results released include data for leading commercial endpoint security providers. Join Edward Amoroso, CEO of TAG Cyber and Tushar Kothari, CEO of Attivo Networks to learn how Attivo Networks solutions augment these endpoint security tools by an average 42% increase in detection rate. Test methodology and results will be shared on APT29 and APT3 attack emulations run and the enhanced performance gained when Attivo is added for detecting lateral movement.
  • Deceptively Secure, a Red Team’s Perspective Recorded: Jun 24 2020 59 mins
    Tony Cole, Attivo; Geoff Hancock, WWT; Guest Panelist: Erik Hunstad, CTO, SixGen
    In part 2 of this 3 part series WWT and Attivo will be joined by SixGen CTO Erik Hunstad. An expert in Red Teaming and Ethical Hacking, Mr. Hunstad will explain what happens when organizations employ deception, the severe challenges it creates for attackers, and hear why modern deception ensnares both sophisticated Red Teams and peer/near-peer adversaries, alike.
  • Ghost Army, Why Let Attackers Have the Advantage? Recorded: Jun 23 2020 61 mins
    Jim Cook, Regional Director, Attivo Networks & Andrew Scully, Head of Cyber, Shelde
    Cyber Attackers have always been able to trust that their tools and technology. If they manage to break into an organisation’s network through technical means or simply by getting a job there - they can use those tools to understand how to traverse the network and what Tactics and Techniques will allow them to reach their goal without being detected.

    The same can’t be said in the physical world, where Attackers have never been able to rely 100% on their observations. There are many examples throughout history of Attackers and Defenders deceiving each other – so what lessons can be derived from the physical world and how are organisations applying those lessons in Cyber?

    Hear from Jim Cook – Regional Director for Attivo Networks on some of the most effective misdirection in history and special guest Andrew Scully – Head of Cyber from Shelde who shares some personal stories of using deception technology to catch attackers.
  • You Can’t Mitigate Breach Impact If You Don’t Detect It Recorded: Jun 17 2020 65 mins
    Tony Cole, CTO, Attivo Networks & Gary S. Miliefsky, Chairman of the Board, Cyber Defense Media Group
    It’s 2020 and the breaches just keep coming. Hear from Attivo Networks CTO, Tony Cole, in this discussion on how to better protect your endpoints and prevent attackers from moving laterally across your enterprise. Attivo Networks has pioneered a new approach to protecting endpoints with their Endpoint Detection Net (EDN) solution. Designed to serve as a force-multiplier to EPP and EDR solutions, EDN dramatically reduces risk to modern endpoints by efficiently closing detection gaps while providing ongoing visibility.

    Watch the webinar to hear about:
    -Perspectives on the Cybersecurity Industry’s State of Affairs
    -Gartner’s, MITRE’s, and NIST’s take on Deception Technology
    -Deception-Based Threat Detection Solutions for Common Security Challenges
    -Partner Technology Integrations that are Serving as a Force Multiplier for Existing Technologies, -Processes, and Resource Productivity
  • Better Endpoint Defense with CrowdStrike and Attivo Networks Recorded: Jun 4 2020 47 mins
    Joseph Salazar, Technical Deception Engineer | Attivo Networks
    Join Attivo Networks as we reveal how the integration between the ThreatDefend® platform and the CrowdStrike Falcon Insight EDR solution combines accurate in-network detection with automated response actions to isolate attackers and empower organizations to respond quickly to attackers already inside the network.
    The integrated solution provides organizations an advanced level of visibility and improves overall incident response to block and quarantine attackers before they spread. The solution works by accurately detecting attackers as they attempt to move laterally and quarantining the compromised systems either manually or automatically.

    Hear how our joint solution can provide your organization with:
    •Advanced detection of threats that evade existing security controls
    •Enhanced visibility into attack activity early in the attack cycle
    •Accurate, event-based alerts with detailed attack forensics
    •Automated incident response to mitigate attacks
    •Increased operational efficiency
    •Collection of company-centric threat intelligence to improve defenses
  • Reducing EDR Cyber Risk with Deception Recorded: May 19 2020 59 mins
    Tushar Kothari, CEO of Attivo Networks & Edward Amoroso, CEO of TAG Cyber
    Join Tushar Kothari, CEO of Attivo Networks and Edward Amoroso, CEO of TAG Cyber for a technical discussion of how deception can be used to dramatically reduce cyber risks to modern endpoints. Hear about how popular endpoint detection and response (EDR) solutions can be enhanced via deceptive means to prevent malicious actors from leveraging endpoint access to laterally traverse an enterprise or to exfiltrate data from a targeted network.

    Join this webinar to learn how deceptive traps and bait can be used to contain malicious actors, and prevent such intruders from breaking out into the enterprise from the compromised endpoint. The concepts and discussion will be illustrated with general industry examples as well as practical case studies from users of the Attivo Networks platform.
Prevent Lateral Movement and Privilege Escalation
Attivo Networks closes the cyber security detection deficit with dynamic deception that accurately and efficiently reveals in-network threats and their lateral movement.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Be Resilient with IBM and Attivo Networks
  • Live at: Aug 19 2020 6:00 pm
  • Presented by: Joseph Salazar, Technical Deception Engineer, Attivo Networks and Chris Coburn, Technical Development, IBM Security
  • From:
Your email has been sent.
or close