Hi [[ session.user.profile.firstName ]]

Is Linux Secure By Default?

The Linux operating system is secure by default because Windows is the most used operating system globally. Thus attackers create viruses and malware to target Windows systems. While cringe-worthy to read, these are all real statements being touted in the technology sector. This is a false narrative that is still frequently touted in the technological world.
This webinar will highlight the common myths proliferated around the Linux operating system. As well as how they are endangering companies' production environments, and steps companies can take to mitigate the new techniques attackers are using to benefit from these myths.

Topics covered:
How recent attacks have shifted to focusing on the Linux ecosystem.
How Linux malware is being crafted and detected.
What you can do to protect yourself from the change in attacker's techniques.
Recorded Nov 23 2020 29 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Ell Marquez
Presentation preview: Is Linux Secure By Default?

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How To Stay Ahead of Breaches In the Cloud Recorded: Jul 13 2021 32 mins
    Ell Marquez, Avigayil Mechtinger
    Let’s face it, cloud security is complex. Dozens of solutions to choose from, each with different offerings branded as “cloud security.”

    As companies migrate to the cloud and attackers become more sophisticated, hardening their perimeters is not enough. The importance of reducing our server’s attack surface has never been more vital. However, pre-runtime solutions can only do so much. Companies must face reality, breaches happen.

    In this session, Avigayil Mechtinger and Ell Marquez delve into the challenges companies face when moving beyond traditional endpoint solutions, the most common vulnerabilities that attackers are exploring, and most importantly, how to defend environments no matter where the attacker is hidden.


    In this talk, we will focus on:
    - Threat vectors in compute assets
    - Lessons to be learned from historical breaches
    - Common compute resources vulnerabilities
    - The importance of visibility into the code running on the system when mounting our defenses
  • Does Container Security Have to be That Hard? Recorded: Jun 16 2021 24 mins
    Ell Marquez, NicoleFishbein
    New technologies like containers present new ways for cloud environments to be hacked.

    Each container is responsible for a specific service that is part of the entire application, resulting in increased data traffic and complex access control rules. This can also lead to misconfigurations, providing a door for attackers to penetrate our environments.

    In this webinar, Nicole Fishbein and Ell Marquez will explain the most common vectors attackers are using to target containers, with easy-to-implement strategies to defend against these emerging threats.

    Join the webinar and learn:
    - What are the common attack vectors for containers
    - Examples of container attacks
    - What you can do to prevent and secure your environment
  • Without a Trace: The Dangers of Fileless Malware in the Cloud Recorded: May 25 2021 58 mins
    Ell Marquez, Linux and Security Advocate, Intezer Labs; Brandon Dunlap, Moderator
    Every day, wars are being waged on invisible battlefields. The enemy is hiding and stealthily leveling its attacks from within. This formidable foe isn’t an opposing army. It may very well be a single malicious actor, or a state-sponsored group of hackers. Without a trace of their tools left on the disk, attackers are storing the code in memory–resulting in infamous Fileless Malware. If successful, the best case scenario outcome is a tarnished reputation; the worst, significant (and potentially irreparable) damage to a brand and its business. Join Intezer Labs and (ISC)2 on May 25, 2021 at 1:00 pm BST for a discussion on how attacks like these can cripple an organization without its security team ever knowing it.
  • Container Security: Attack Trends and Defense Recorded: Apr 19 2021 31 mins
    Ell Marquez, Linux and Security Advocate & Adir Shemesh, Software Developer
    84% of companies surveyed by the Cloud Native Computing Foundation are running containers in production. Safe to say, securing containers has become an important part of cloud security planning.

    Concerns around container security are not unfounded. In 2019, Docker reported their repositories had been breached affecting 190,000 users. Though this might not seem like a lot, consider that many of these users had access to their employers' production environments, allowing the compromise to expand and result in more data being infiltrated.

    Researchers at Intezer recently discovered a previously undetected malware which they named Doki. Doki is a non-malicious container image which includes the commonly used Linux command curl. This command allows attackers to bypass traditional scanning and run malicious code after the container has been created. With companies creating new containers every few hours, minutes, and even seconds, it is nearly impossible to monitor what is running on these containers without the proper tools.

    Join Ell Marquez and Adir Shemesh to learn about the latest container attack trends and how Intezer Protect can secure your entire cloud-native stack.
  • Watch Your Containers: Doki Infecting Docker Servers in the Cloud Recorded: Mar 18 2021 54 mins
    Shaul Holtzman, Nicole Fishbein
    Doki is the latest high profile attack actively infecting misconfigured Docker servers in AWS, Azure, and other cloud platforms. Anyone with publicly open Docker API access is at high risk to be hacked due to the attackers’ continuous internet-wide scanning for vulnerable victims.

    The malware used in this attack is a fully undetected backdoor. It has managed to stay undetected for over six months despite being uploaded to VirusTotal several months ago.
    In this webinar, understand how this attack is being conducted and ways to prevent Doki from infecting your containerized environments in the cloud.


    You will learn:

    1. How this attack is using a previously undocumented technique
    2. Immediate action items required of container server owners
    3. Understand why the industry is adopting Zero Trust Execution to secure cloud workloads
  • Defense Against The Dark Arts Recorded: Feb 17 2021 46 mins
    Ell Marquez, Christophe Limpalair
    We all know the dangers death eaters (adversaries) pose to the wizarding world (cloud environments.) The methods in which an attack is planned and executed remains cloaked in darkness making it difficult for us to protect ourselves.

    Striping away the cloak of invisibility and shining light into their malicious spells (code) can ensure that even when attackers breach our perimeter we can still defend our castles (cloud environments).

    Join Christophe Limpalair, founder of Cybr, and Ell Marquez, security and Linux advocate at Intezer, as they explore the final chapter of our Harry Potter-themed security in the cloud series. Demystify the spells of death eaters as we prepare for the battle of Hogwarts and mount our last line of defense.
  • A Wizards Guide to Security in the Cloud Recorded: Jan 12 2021 43 mins
    Ell Marquez, Linux and Security Advocate, Intezer
    A Horcrux is a powerful object in which a Dark wizard or witch [attacker] has hidden a fragment of his or her soul [code] for the purpose of attaining immortality [persistence].

    Creating a Horcrux gives one the ability to anchor their own soul [code] to earth[environment], if the body [process] is destroyed.

    In this session, we will come to understand how attackers are able to not only compromise our cloud environments but also maintain persistence—while our security teams are distracted by a mountain of false alerts. If we focus on the root cause of all cyber attacks: unauthorized spells, wait, I mean unauthorized code.
  • A Muggles Guide to Security In The Cloud Recorded: Dec 7 2020 33 mins
    Ell Marquez, Linux and Security Advocate, Intezer
    In the security and technology world, we rely so heavily on buzz words to explain our work that others feel like we are magicians working spells that they will never be able to do.

    Saying, "Due to issues with our security posture, the APT manipulated a well-known CVE to breach our cloud-native-applications." Might as well be: "The Death Eaters were able to use a port key to enter our environment and effectively cast the Avada Kedavra spell."

    Instead, we could say, "An attacker used a known flaw to gain access to our environment and brought down our servers."

    In this session, we will come to understand that security for our cloud environments can be simple to understand, yes even for muggles. That is, if we focus on the root cause of all cyber attacks: unauthorized spells, wait, I mean unauthorized code.
  • Is Linux Secure By Default? Recorded: Nov 23 2020 29 mins
    Ell Marquez
    The Linux operating system is secure by default because Windows is the most used operating system globally. Thus attackers create viruses and malware to target Windows systems. While cringe-worthy to read, these are all real statements being touted in the technology sector. This is a false narrative that is still frequently touted in the technological world.
    This webinar will highlight the common myths proliferated around the Linux operating system. As well as how they are endangering companies' production environments, and steps companies can take to mitigate the new techniques attackers are using to benefit from these myths.

    Topics covered:
    How recent attacks have shifted to focusing on the Linux ecosystem.
    How Linux malware is being crafted and detected.
    What you can do to protect yourself from the change in attacker's techniques.
  • Quick Wins for Securing your Cloud Workloads Recorded: Nov 3 2020 57 mins
    Justin Bradly
    Protecting cloud compute resources is one of the most complex projects a security team can take on today. Runtime protection should be an important first step to ensure their workloads are secure. In this webinar, we will cover examples of recent attacks against cloud workloads, what they have in common, and discuss quick wins to gain maximum coverage quickly.
  • A Guide to Intezer's TTPs Matrix for Linux Cloud Servers Recorded: Oct 21 2020 39 mins
    Shaul Holtzman
    There are nearly 100 ways an attacker can launch a cyber attack on your Linux cloud servers. This makes securing the infrastructure a formidable task even for the most adept security team. The question becomes: What risks can be prioritized?

    Intezer’s new TTPs matrix for Linux cloud servers is helping security personnel identify current gaps in their defenses’ coverage against the different threats that target this infrastructure. Among the TTPs listed, unauthorized code and commands at runtime are universal. Protecting the runtime environment is both an important last line of defense and one of the first steps you can take to reduce risk.

    This webinar will highlight key takeaways from the matrix and explain what steps you can take immediately to reduce risk and protect your organization from being the next victim of a high-profile breach.

    Topics covered:
    • Covering the basics of the TTPs matrix for Linux cloud servers.
    • How recent cloud attacks have emphasized the need for adopting a Zero Trust Execution approach to secure workloads against unauthorized code and commands.
    • What you can do tomorrow, with a focus on single controls, to mitigate many of the TTPs on the matrix.
  • Zero Trust Execution as Part of Your Cloud Workload Protection Strategy Recorded: Oct 14 2020 20 mins
    Shaul Holtzman
    The use of Application Control – commonly referred to as whitelisting or Zero Trust Execution – is considered to be a robust and essential Cloud Workload Protection strategy, But it does not prevent all cyber attacks. Attackers can exploit vulnerabilities in trusted applications or utilize whitelisted apps for malicious intent. App Control also presents some operational headaches for cloud security teams. We will discuss how to build a robust Application Control strategy for your workloads that is informed by these challenges.
  • Watch Your Containers: Doki Infecting Docker Servers in the Cloud Recorded: Aug 11 2020 55 mins
    Shaul Holtzman, Nicole Fishbein
    Doki is the latest high profile attack actively infecting misconfigured Docker servers in AWS, Azure, and other cloud platforms. Anyone with publicly open Docker API access is at high risk to be hacked due to the attackers’ continuous internet-wide scanning for vulnerable victims.

    The malware used in this attack is a fully undetected backdoor. It has managed to stay undetected for over six months despite being uploaded to VirusTotal several months ago.
    In this webinar, understand how this attack is being conducted and ways to prevent Doki from infecting your containerized environments in the cloud.


    You will learn:

    1. How this attack is using a previously undocumented technique
    2. Immediate action items required of container server owners
    3. Understand why the industry is adopting Zero Trust Execution to secure cloud workloads
  • Zero Trust Execution Strategy Recorded: Aug 5 2020 12 mins
    Justin Bradley
    The industry is quickly shifting to a Zero Trust Execution strategy. What does this term mean and how can you apply it to your Cloud Workload Protection strategy? Attend this session to learn more
  • Protecting Containerized Workloads against Kaiji and Emerging Threats Recorded: Jul 20 2020 45 mins
    Paul Litvak, Shaul Holtzman
    Kaiji is our researchers’ latest discovery, written from scratch using Go programming language to target IoT devices and Linux-based servers. Instead of relying on exploiting unpatched flaws, this botnet spreads exclusively through brute-force attacks against publicly accessible SSH servers.

    Kaiji has been in the news recently infecting unsecured Docker servers to then carry out DDoS attacks. Docker servers, which are a type of containerized workload, are relatively convenient to deploy in the cloud, making them an increasingly popular choice for enterprises but also an attractive target for attackers.

    In this webinar, we will present an analysis of the Kaiji malware and explain how to protect your containerized workloads against this botnet and other emerging Linux threats.

    You will learn:
    1. Why monitoring the runtime environment is the key to preventing most cyber attacks on your cloud infrastructure
    2. How to protect your cloud workloads against Kaiji and other emerging threats
  • DevOps and Security -Have We Shifted Too Far Left ? Recorded: Jun 30 2020 53 mins
    Itai Tevet, CEO of Intezer , Matt Hollcraft, CISO of Hellman & Friedman, Hussein Syed CISO of RWJBarnabas Health
    The “Shift Left” movement has redefined the roles and responsibilities of security teams, software development teams and infrastructure teams.

    Has this enormous change positively or negatively impacted security teams? Is it possible that we have shifted too far left?

    Join experts Matt Hollcraft, CISO of Hellman & Friedman, Hussein Syed CISO of RWJBarnabas Health, and Itai Tevet, CEO of Intezer in this webinar which will explore the DevOps/security relationship, discuss the need for creating independence and review potential solutions for security teams.
  • Genetic Analysis vs. Fully Undetected Linux Threat Recorded: Jun 25 2020 54 mins
    Paul Litvak, Shaul Holtzman
    The Linux operating system accounts for nearly 90 percent of all cloud servers. With companies increasingly storing their most sensitive information on the cloud, we expect that Linux threats will pose a significant risk to enterprise security in the near future. Attend this webinar to see how we apply code reuse analysis to the world of runtime Cloud Workload Protection and incident response
  • Build a Robust App Control Strategy for your Cloud Workloads Recorded: Jun 2 2020 58 mins
    Itai Tevet, CEO at Intezer
    The use of application control (also known as whitelisting) is considered to be a robust and essential Cloud Workload Protection strategy largely due to the high predictability of cloud environments.

    But it does not prevent all cyber attacks. Attackers can exploit vulnerabilities in trusted applications or utilize whitelisted apps for malicious intent—referred to as “Living off the Land.” App control also presents some operational headaches, requiring strict and often unrealistic policies.

    This webinar explains how to build a robust application control strategy that is informed by these challenges. Learn what capabilities you should consider when evaluating a Cloud Workload Protection Platform (CWPP).
  • Cyber Threat Spotlight Linux APTs Recorded: May 29 2020 9 mins
    Paul Litvak
    Malware analyst Paul Litvak discusses APTs targeting the Linux ecosystem and offers mitigation recommendations
  • Linux Threat Landscape Recorded: May 29 2020 60 mins
    Shaul Holtzman, Nacho Sanmillan
    The Linux threat ecosystem is crowded with IoT DDoS botnets and crypto-mining malware. With low detection rates in nearly all leading antivirus solutions, Linux threats pose new challenges to the information security community that have not been observed in other operating systems.
Defend your cloud servers in runtime
Revealing the "genetic" origins of software, Intezer introduces a new way to detect and respond to cyber threats. Intezer offers enterprises an advanced solution to detect modern cyber attacks, with deep context for effective incident response. For more information, visit www.intezer.com or follow the company on Twitter at @IntezerLabs.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Is Linux Secure By Default?
  • Live at: Nov 23 2020 4:00 pm
  • Presented by: Ell Marquez
  • From:
Your email has been sent.
or close