Hi [[ session.user.profile.firstName ]]

The Case for Continuous Security Validation and Why it Matters to You

Organizations make significant investments to ensure protection of critical assets, yet without data-driven evidence demonstrating security performance, companies operate on assumptions. This could put them at high risk of an attack.

Until now, there was no way to prove and confidently report on which security controls were working and which were not. Yet the market has shifted to one in which Boards of Directors, CEOs, and leaders are demanding verifiable proof that their organizations are protected against the evolving threat landscape.

Security validation enables organizations to achieve optimal cybersecurity performance by validating the effectiveness of people, processes and technology through ongoing assessment, optimization and rationalization. As a result, companies minimize cyber risk across the entire business while protecting their reputation and economic value.

Join this exclusive video interview with Earl Matthews, Chief Strategy Officer at Verodin to learn more about:
- What security validation is and how it is different from breach and attack simulation
- Why is security validation so important now, in 2020
- The security risk with cloud migration
- How does cyber risk translate to real dollars
Recorded Feb 25 2020 29 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Earl Matthews, Chief Strategy Officer, Verodin & Nathan Wenzler, Chief Security Strategist, Tenable
Presentation preview: The Case for Continuous Security Validation and Why it Matters to You

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Validate Security Performance to Rationalize Investments Jun 11 2020 8:00 pm UTC 60 mins
    General Earl Matthews, VP of Strategy for Mandiant Security Validation
    Security assumptions do not equal security effectiveness. With increasing pressure on boards of directors and CEOs to provide evidence that business assets are protected from the fallout of a potential breach, the need to justify security investments is now a key performance metric. Only through security validation and continual measurement of security effectiveness across technology, people and processes can you rationalize cyber security investments and prove value to the C-suite.

    In this session, led by General Earl Matthews, VP of Strategy for Mandiant Security Validation, you can learn:

    - Best practices for investment prioritization when it comes to hiring, training and security solution procurement
    - How security validation testing can identify areas of overlap in capabilities, inefficiencies in product expectations, and gaps in overall security posture, and help you optimize performance and value
    - Steps to take to strengthen your security posture and minimize cyber risk in order to protect your brand reputation and economic value
  • Leveraging Security Validation to Operationalize Threat Intelligence Jun 10 2020 8:00 pm UTC 60 mins
    Henry Peltokangas, Director of Product, Mandiant Security Validation & Jeffrey Berg, Sr. Director​, Mandiant Threat Intel
    When optimizing security defenses, organizations need to know as much as possible about today’s attacks and threat actors to protect critical systems, data and users against likely attack scenarios.   Cyber threat intelligence can give organizations rich context on the threat landscape to bolster security effectiveness testing that can identify gaps in security controls before incidents occur.

    In this session, Mandiant security experts discuss the use of threat intelligence and security validation to understand who might attack, where organizations are most vulnerable, and how to respond. You’ll hear about:

    - The value of cyber threat intelligence to proactively identify the latest and most sophisticated threats and support strategic decisions
    - The importance of automatic and routine controls testing against the latest attack behaviors
    - How security effectiveness validation and cyber threat intelligence can help rationalize security investments, align business and security programs and best equip security teams to defend against adversaries.
  • How MITRE ATT&CK and Intelligence-Led Validation Prove Effectiveness Jun 9 2020 4:00 pm UTC 60 mins
    Chris Key, Sr. VP Mandiant Security Validation featuring Josh Zelonis, Principal Analyst, Forrester
    Proactive Security Operations: How MITRE ATT&CK and Intelligence-Led Validation Prove Effectiveness

    With economic uncertainty and an evolving threat landscape, organizations must prove their effectiveness across various operational functions, especially cyber security. While they usually focus on detection and response capabilities, they need to do more to develop proactive security operations.

    Join this webinar on Tuesday, June 9 at 9 a.m. PT/ 12 p.m. ET as FireEye Sr. VP of Mandiant Security Validation, Chris Key and featured speaker, Forrester Principal Analyst, John Zelonis highlight the:

    -MITRE ATT&CK knowledge base and how it can be used to help test your security posture and prove effectiveness
    -Importance of relevant threat intelligence for your organization and how its application can help pinpoint failure points
    -Impact of environmental drift on your security posture and how to plan for it
    -Evidence continuous validation delivers to prove effectiveness, reduce costs and optimize your security infrastructure

    Register Now>>
  • Intelligence-Driven Security Validation Jun 9 2020 2:00 am UTC 60 mins
    Shashwath Hegde, Solutions Architect, APAC
    A recent SANS study showed that while organizations used threat intelligence to hypothesize where attackers may be found, they lacked the investigative skills to conduct searches. This continues to be a growing problem in the cyber security industry as organizations struggle to justify the high cost of their defenses.
    Security validation helps organizations validate and consolidate their existing security investments before throwing more tools at the problem. And by integrating and operationalizing threat intelligence, organizations can develop an effective, highly scalable security posture. During this session, you can learn how to achieve a more efficient, effective and future-proof security program through security validation.
  • 2020 Mandiant Security Effectiveness Report Findings Recorded: May 19 2020 60 mins
    Matt Hartley SVP Mandiant Strategy for FireEye Mandiant & Devon Goforth Sr Dir Security Instrumentation for FireEye Mandiant
    2020 Mandiant Security Effectiveness Report Findings: A deep dive into cyber reality

    Join our webinar to understand why a majority of tested attacks successfully infiltrate enterprise environments without detection – and why security validation is so critical.

    The Mandiant Security Effectiveness Report 2020 takes a deep dive look into cybersecurity performance across network, email, endpoint, and cloud-based security controls – and confirms the prevailing concern: security controls are not performing as expected. Alarmingly, thousands of tests performed by experts from the Mandiant Security Validation (previously known as Verodin) team show that for 53% of the environments tested, attacks were successful in bypassing controls without knowledge. This points to the need for continuous validation of security effectiveness based on four fundamental components.

    Register for our upcoming webinar to learn about the fundamentals of security validation and gain the knowledge to answer questions such as:

    - Do I have confidence in the effectiveness of my security controls?
    - Can I quickly assess the relevance of threat intelligence or exposure to the latest attack?
    - Am I stopping data leakage and protecting data integrity?
    - How can I simplify and standardize my security stack?
    - Do I have evidence to support communicating key metrics to executives?

    Register Now to Reserve Your Seat!
  • Validating Security Effectiveness with an Evidence-based Approach Recorded: May 14 2020 52 mins
    Brian Contos, VP Technology Innovation| FireEye Mandiant & Jeff Vinson, CISO & VP |Harris Health System
    Cybersecurity spending must be tied to business relevance - protecting business continuity, protecting critical assets, rationalizing investments, and demonstrating compliance with regulatory mandates. This is accomplished through an effective security validation program that utilizes automation and an intelligence-driven approach to mitigate risk, optimize controls, and communicate value.

    Join Brian Contos, VP Technology Innovation| FireEye Mandiant and Jeff Vinson, CISO & VP |Harris Health System as they discuss how Mandiant Security Validation (formerly Verodin) helps organizations automate real-time monitoring by leverage an intelligence-driven methodology to maximize the value and mitigate risk.

    In the session they will discuss:
    >> Delivering value for security teams and executives
    >> Leveraging automation, real-time monitoring and input from threat intelligence and incident response for an effective security program
    >> Managing the impacts of COVID-19 on your security team

    Register Now to Reserve Your Seat!
  • Security Effectiveness Strategies Recorded: May 13 2020 59 mins
    General Earl Matthews, VP of Strategy, Mandiant Security Validation& Jeff Compton, Global Head, Mandiant Intel Consulting
    Security Effectiveness Strategies: How to Validate and Improve Your Security Posture

    To stay ahead of an evolving threat landscape, security teams must continuously improve their processes and technology. But even with their investments, security professionals still need answers to pressing questions:
    -Who are the attackers that target my industry and what techniques do they use?
    -Which alerts matter most and how do I respond?
    -Are my tools, controls, processes working as expected?
    -Where should I focus improvement efforts?

    Join Major General Earl Matthews USAF (Ret), VP of Strategy, Mandiant Solutions and Jeff Compton, Senior Manager, Global Head of Intelligence Consulting, FireEye Mandiant Threat Intelligence for our upcoming webinar to:

    -Learn how cyber threat intelligence can inform which attackers target your industry and understand the techniques they employ
    -Find out how continuous validation can pinpoint where you have gaps so you can target improvements where they are needed
    -Understand how validation technology powered by relevant intelligence can generate proof of effectiveness and reduce risk

    Register Now
  • 5 Steps to Security Validation Recorded: Apr 27 2020 61 mins
    Major General Earl Matthews (USAF)
    Organizations have been managing security based on assumptions, hopes and best guesses for decades. We assume our technology will detect, block and send alerts, we hope our incident response techniques will be efficient and effective when under assault, and we believe that our security teams are well trained and practiced when everything goes wrong. These assumptions result in financial and operational inefficiencies, defensive regression and an inability to determine if we are investing in the right areas to communicate the state of our security effectiveness to stakeholders.

    Join this webinar to hear from Retired Major General Earl Matthews (USAF), as he discusses:

    • How to move beyond assumptions with automated and continuous security controls validation
    • Identify and measure vulnerability gaps
    • Manage and suggest remediation steps by arming security practitioners with meaningful evidence
    • Validate an organization's ability to defend itself by using real adversary behaviors

    Save your seat today!
  • Instrumenting Cloud Security to Validate Critical Controls Recorded: Apr 1 2020 60 mins
    Kimberly Underwood, Senior Editor | SIGNAL Media; Major General Earl Matthews, USAF (Ret), CSO | Verodin, now part of FireEye
    More and more organizations and government agencies are increasing the implementation of on-premises and public cloud infrastructure. Now that networks and workloads are more dynamic, moving across on-prem, edge, and multi-cloud environments, they are also more vulnerable. Most security issues – cloud and otherwise – happen because security professionals often do not have the means to confirm controls and strategies such as segmentation, are operating as intended.

    Security Instrumentation offers a way for security practitioners to continuously measure, manage and optimize cybersecurity effectiveness. One key to improving security in the cloud is continuous environmental drift validation – being able to validate that changes in cloud network layers and security controls do not have an unforeseen or negative impact on security.

    Join this webinar to learn how a proactive, repeatable and measurable approach with Security Instrumentation, can enable your organization to identify risks in your security controls before a breach occurs and orchestrate the processes needed to optimize defenses.
  • Building and Managing an Effective Security Operations Program Recorded: Mar 25 2020 60 mins
    Sara Peters, Senior Editor | Dark Reading & Colby DeRodeff, CTO | Verodin
    Whether you have a full-blown security operations center (SOC) or just a single security person, there are some functions that every organization must execute in order to keep their most sensitive data safe. In this instructive keynote address, top SOC experts discuss some of the key capabilities required for security operations, as well as essential tools, people, and practices for building out the security operations function in your organization.
  • The Changing Face of Compromise Recorded: Feb 25 2020 52 mins
    Terence Jackson (Thycotic), Ziv Mador (Trustwave), Mark Bagley (Verodin) & Chris Morales (Vectra)
    Adversaries are growing in numbers and sophistication is regularly employing automation while AI and machine learning continue to be successful in various different attacks. 

    Join this panel of industry leaders and security experts to learn more about cyber attacks and how to protect your organization in 2020. Viewers will learn about:
    - What the experts are seeing when it comes to successful and profitable breaches
    - How businesses can be successful in stopping attackers in their tracks
    - Expert recommendations for improving security in 2020 and beyond

    This panel will be broadcast LIVE during RSA Conference in San Francisco.

    Speakers:
    Terence Jackson, Chief Information Security Officer, Thycotic
    Ziv Mador, VP, Security Research at Trustwave SpiderLabs
    Mark Bagley, VP Products, Verodin
    Chris Morales, Head of Security Analytics, Vectra
  • The Case for Continuous Security Validation and Why it Matters to You Recorded: Feb 25 2020 29 mins
    Earl Matthews, Chief Strategy Officer, Verodin & Nathan Wenzler, Chief Security Strategist, Tenable
    Organizations make significant investments to ensure protection of critical assets, yet without data-driven evidence demonstrating security performance, companies operate on assumptions. This could put them at high risk of an attack.

    Until now, there was no way to prove and confidently report on which security controls were working and which were not. Yet the market has shifted to one in which Boards of Directors, CEOs, and leaders are demanding verifiable proof that their organizations are protected against the evolving threat landscape.

    Security validation enables organizations to achieve optimal cybersecurity performance by validating the effectiveness of people, processes and technology through ongoing assessment, optimization and rationalization. As a result, companies minimize cyber risk across the entire business while protecting their reputation and economic value.

    Join this exclusive video interview with Earl Matthews, Chief Strategy Officer at Verodin to learn more about:
    - What security validation is and how it is different from breach and attack simulation
    - Why is security validation so important now, in 2020
    - The security risk with cloud migration
    - How does cyber risk translate to real dollars
  • Addressing Cyber Risk and Security Effectiveness in the Digital Age Recorded: Dec 19 2019 87 mins
    Brian Contos, CISO - Verodin and Ryan Dodd, Founder and CEO - Cyberhedge
    Digital transformation is sweeping the modern world of business as organizations become increasingly cloud-based, automated, and global. Even companies not historically associated with technology, such as industry and manufacturing, are implementing digital transformation strategies. As they do so, they must choose between top-line growth, cost-savings, and cybersecurity. Too often, organizations choose to prioritize growth and cost efficiencies over security, ultimately leaving their valuable digital assets unprotected

    Join experts from Verodin, now a part of FireEye, and Cyberhedge, a financial services firm specializing in managing technology risk, for the webinar: Addressing Cyber Risk and Security Effectiveness in the Digital Age scheduled for Thursday, December 19th at 1:00pm ET.

    The online event featuring Brian Contos, CISO - Verodin and Ryan Dodd, Founder and CEO – Cyberhedge will discuss:

    - The changing threat landscape
    - The evolution of assumption based versus evidence based cybersecurity tools
    - The concept of validating and measuring security effectiveness
    - The need for companies and investors to understand and manage the associated risks of digital transformation
  • Cybersecurity Effectiveness Podcast: Cloud Policy and Evolving Tools Recorded: Nov 5 2019 23 mins
    Adam Fletcher, CISO | Blackstone
    A thorough understanding of the core fundamental principles is critical for those building a career in cybersecurity. Adam Fletcher, CISO at Blackstone, argues that cloud security now falls into that list -- developing a policy or translating a tool to cloud requires extensive knowledge, experience, and leadership skills. He and Brian discuss case-by-case scenarios and how to expand and develop your team given the industry-wide talent shortage.
  • Cybersecurity Effectiveness Podcast: Cloud Migration: The Golden Rules Recorded: Nov 5 2019 24 mins
    Steve Lodin, Sr Dir. Cyber Security Operations | Sallie Mae
    Cloud security continues to attract more organizations seeking for better storage, but the prospect of data leakage hold some back from joining the bandwagon. Steve Lodin, Sr. Director of Cyber Operations at Sallie Mae, shares his “golden rules” for introducing it to your organization, advice for a bullet-proof migration, and lessons learned from decades of working in corporate security.
  • Cybersecurity Effectiveness Podcast: Teen’s Guide to Building Smart Cyber Habits Recorded: Oct 7 2019 10 mins
    Athena Contos, 7th grader
    Today’s teens interact daily with technology more than ever before. Ease of access to the online world for things such as streaming, social media, and shopping comes with the big responsibility to develop smart computer habits early in life. This episode features the series’ youngest guest to date: seventh grader Athena Contos, who shares personal examples of cyber carelessness, foundational tips for building good habits, and more.

    For more commentary and insight from the best and brightest in our industry, visit the Cybersecurity Effectiveness Podcast at https://www.verodin.com/podcast.
  • Cybersecurity Effectiveness Podcast: If Not You, Then Who? Recorded: Oct 3 2019 18 mins
    Parry Aftab, digital privacy lawyer & policy advisor
    In many ways, cybersecurity is the same way it once was over 20 years ago in terms of risk, only with different devices, activities, and added ways of access. Parry Aftab, who was one of the world’s first cyber lawyers back in the early 90s, shares her work with multiple cyber safety organizations, tips on supporting kids who fall victim to cyberbullying, and being featured in a custom cyber safety Marvel comic.
  • Cybersecurity Effectiveness Podcast: Customer Trust in the Clouds Recorded: Oct 1 2019 18 mins
    Deneen DeFiore, Global Chief Info & Security Officer | GE Aviation
    Modern planes have come a very long way since the first commercial flight in 1914. Approximately 87,000 flights travel across the US every day, carrying passengers who expect the same level of device connectivity and as they get on the ground. Deneen DeFiore, SVP & CSO at GE Aviation, stresses the importance of maintaining customer trust and business reputation through diligence in cyber assurance and safety operations.

    For more commentary and insight from the best and brightest in our industry, visit the Cybersecurity Effectiveness Podcast at https://www.verodin.com/podcast.
  • Cybersecurity Effectiveness Podcast: The Wide World of Healthcare Recorded: Sep 24 2019 24 mins
    Colby DeRodeff, CTO | Verodin
    With all the categories defining the healthcare industry today (e.g. pharmaceuticals, providers, hospitals, etc) and sensitive data flowing between them, it can be hard to know where to start. How do we keep information secure, yet accessible to our doctors and providers? Colby DeRodeff, CTO at Verodin, shares a bit about security in the healthcare community, how far we’ve come, and where we should go from here.

    For more commentary and insight from the best and brightest in our industry, visit the Cybersecurity Effectiveness Podcast at https://www.verodin.com/podcast.
  • Cybersecurity Effectiveness Podcast: Fight Like You Train Recorded: Sep 12 2019 21 mins
    Michael Allgeier, Director of Critical Infrastructure Security | The Electric Reliability Council of Texas (ERCOT)
    Since 2011, GridEx has been a hub for security lovers to evaluate and hone their red, blue, and purple teaming skills with challenging scenarios. In this episode, Brian Contos and Michael Allgeier, Director of Critical Infrastructure Security at The Electric Reliability Council of Texas (ERCOT), comment on the appeal and value these interactive training sessions can offer major power corporations.

    For more commentary and insight from the best and brightest in our industry, visit the Cybersecurity Effectiveness Podcast at https://www.verodin.com/podcast.
Insight on validating the effectiveness of cybersecurity controls
Verodin, now part of FireEye, has made it possible for organizations to validate the effectiveness of cyber security controls, thereby protecting their reputation and economic value. By measuring and testing security environments against both known and newly discovered threats, organizations can identify risks in security controls before a breach occurs and permits companies to rapidly adapt their defenses to the evolving threat landscape.
Cybersecurity experts from around the globe share experiences about their journey to increase security effectiveness.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Case for Continuous Security Validation and Why it Matters to You
  • Live at: Feb 25 2020 5:30 pm
  • Presented by: Earl Matthews, Chief Strategy Officer, Verodin & Nathan Wenzler, Chief Security Strategist, Tenable
  • From:
Your email has been sent.
or close