Hi [[ session.user.profile.firstName ]]

5 Steps to Security Validation

Organizations have been managing security based on assumptions, hopes and best guesses for decades. We assume our technology will detect, block and send alerts, we hope our incident response techniques will be efficient and effective when under assault, and we believe that our security teams are well trained and practiced when everything goes wrong. These assumptions result in financial and operational inefficiencies, defensive regression and an inability to determine if we are investing in the right areas to communicate the state of our security effectiveness to stakeholders.

Join this webinar to hear from Retired Major General Earl Matthews (USAF), as he discusses:

• How to move beyond assumptions with automated and continuous security controls validation
• Identify and measure vulnerability gaps
• Manage and suggest remediation steps by arming security practitioners with meaningful evidence
• Validate an organization's ability to defend itself by using real adversary behaviors

Save your seat today!
Recorded Apr 27 2020 61 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Major General Earl Matthews (USAF)
Presentation preview: 5 Steps to Security Validation

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Intel-Led Security Validation: A Strategy to Prove & Communicate Competency Recorded: Apr 14 2021 57 mins
    Colby M. DeRodeff, Chief Technology Officer, Mandiant Advantage; Rob Potter, VP of Validation Customer Success, Mandiant
    Intelligence-Led Security Validation: A Strategy to Prove & Communicate Competency

    Today we are seeing some of the most aggressive and sophisticated adversary attacks ever recorded. To ensure the health of your organization’s security infrastructure, it’s vital to validate the efficacy of security defenses with the use of authentic and relevant content based on active threat intelligence. Intelligence-led security validation enables you to quantify your risk, prioritize resources and prove competency. The result is the ability to strengthen and maintain your cyber stance against today’s evolving and aggressive adversary landscape.

    In this session, you will:

    ● Learn that testing or validation technology is not enough—The steps required for an effective security validation strategy include the use of authentic and active threat intelligence, and why the emulation of real attacks, rather than attack simulation, is critical
    ● Gain insights into how threat intelligence informs security validation efforts by identifying the threat actors that are most likely targeting your organization
    ● Understand how continuous validation can prove security effectiveness and operational competency—Ultimately, assuring security infrastructure health, identifying areas for optimization, and reducing risk exposure.

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
  • Eliminate Uncertainty with Security Validation Recorded: Apr 14 2021 31 mins
    Hatem Ali, Global Services and Intelligence Lead MEA, FireEye Mandiant
    If you can measure it, you can improve it. One major challenge for cyber security teams is establishing a measurable process of validating their security operations to be able to identify gaps in detection coverage and areas of redundancy to provide specific areas of improvement including potential saving across your security controls.

    This webinar will discuss how to:
    • Operationalize Threat Intelligence: Ensure your security controls stand up to the latest tactics, techniques and procedures used by threat actors in your region and industry.
    • Plan security improvements: From both a technology and process perspective.
    • Establish evidence-based KPIs to improve security controls.
    • Report the organization’s ability to mitigate pertinent cyber risks to senior stakeholders

    Join this session to uncover how security validation proves the value of your efforts and ultimately reinforces your organization’s security posture.

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
  • Using Cyber Intelligence to Advance Your Security Validation Program Recorded: Apr 13 2021 61 mins
    Major General Earl Matthews, VP, Strategy, Mandiant; Karlo Arozqueta Sr. Sales Engineer; Tim Gallo Systems Architect
    Intelligence-led security has never been more important in the battle to protect organizations against cyber attacks. This session will cover how organizations and federal agencies are operationalizing threat intelligence within the Mandiant Security Validation Platform to continuously measure, manage and improve cybersecurity effectiveness.  

    Attendees will gain greater understanding of:

    ● The use of cyber intelligence data sets to prioritize resources
    ● How real-world adversary tactics, techniques, and procedures (TTPs) can be used to measure and improve the effectiveness of individual security controls
    ● How an organization can improve its ability to detect, block, and alert based on a comprehensive set of attack behaviors
    ● Outcome measurement dashboards aligning to MITRE ATT&CK and NIST architectures

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
  • Assessing and Managing Cyber Risk: An Approach for Chief Risk Officers (CROs) Recorded: Apr 13 2021 60 mins
    Steve Ledzian | Vice President, Chief Technology Officer, Asia Pacific
    Simply investing in cyber security controls isn’t enough, as countless victims of cyber-attacks have learned the hard way. This session will offer valuable insights and recommendations for Chief Risk Officers (CROs) and C-suite decision makers about how to move beyond simply ticking a box to ensuring their cyber security investments are effective and working as intended to provide risk assurance.

    In this lesson you will learn about:
    ● The importance of moving from auditing security control existence to security control effectiveness
    ● Determining the right level of risk for your organization
    ● How to assess if security controls are working as they should

    Be sure to check out all of the sessions in our FireEye Mandiant Virtual Summit 2021, Innovation Forward. A New Era of Resilience. - Live on April 13-15. https://virtualsummit.fireeye.com/
  • Measuring Cybersecurity Controls Effectiveness with Security Validation Recorded: Jan 4 2021 62 mins
    John Hubbard, SANS Institute | Colby DeRodeff, FireEye Mandiant
    A SANS Institute Webinar

    Security vendors may promise the world when it comes to the capabilities of their products, but how do you know they will work as expected when the attackers come knocking? Without a strategy to validate the continuous health and operation of your data collection and security appliances you could be operating under false security assumptions with very serious consequences.

    Building an effective security validation strategy can help guarantee, regardless of the constant flux of your business and IT infrastructure, that your Security Operations Center (SOC) will be immediately alerted to any sign of compromise. If you're searching for answers in this area, join this webinar where we will discuss the need for testing your security controls and key features in order to find a security validation solution.
  • A Global Reset: Cyber Security Predictions 2021 | Expert Roundtable Recorded: Nov 9 2020 45 mins
    FireEye Mandiant Expert Panel
    A Global Reset: Predictions for the Future of Cyber Security | Roundtable Discussion

    The year 2020 has been an unprecedented time of change and has shaped up in a way that nobody could have expected. This year’s activities continue to alter the future course of cyber security, making it even more important to ensure that we better prepare ourselves for what’s to come.

    On Monday, November 9th at 12 p.m./3 p.m. ET, join our expert panel as they share cyber trends and challenges in 2021. During the webinar, our experts will touch on various topics discussed in our upcoming report, A Global Reset: Predictions for the Future Cyber Security, including:
    • How remote work will evolve and affect organizations operationally
    • Insights into how threat actors will leverage the pandemic in their attacks
    • The growing need for intelligence-led security validation
    • The future state of cloud security
    • Nation-state activity and changing TTPs
    • How ransomware has pivoted from business risk to a national security risk

    Expert Panel:
    • Dave Baumgartner, CIO, FireEye (Moderator)
    • Maj. Gen. Earl Matthews, VP of Strategy, Mandiant Security Validation
    • Martin Holste, Cloud CTO, FireEye
    • John Hultquist, Sr. Director, Mandiant Threat Intelligence

    Please also check out our FireEye Cyber Summit 2020 for more interesting sessions: https://www.fireeye.com/company/events/cyber-summit-2020.html

    Register Now!
  • Cyber Summit 2020 | Spotlight on Financial Services Recorded: Nov 9 2020 91 mins
    Mandiant Solution Experts
    Session Agenda:

    - 10:30 a.m. PT - Intro to Financial Services Spotlight

    - 10:31 a.m. - 11:02 a.m. PT - Navigating Today's Cyber Challenges- David Wong, VP, Mandiant Consulting joined by expert panelist, Holly Ridgeway - EVP, Chief Security Officer, Citizens Bank and Tim Hillyard - AVP, Cyber Security Threat and Response, Voya Financial

    - 11:02 a.m. - 11:27 a.m. PT -Key Threats to Financial Services Today - John Miller, Director, Mandiant Threat Intelligence

    - 11:27 a.m. - 11:46 a.m. PT - Improve Your Cybersecurity to Protect Against FIN11 - Ursula Cowen, Threat Research Analyst, Mandiant Security Validation and Andy Moore, Sr. Technical Analyst, Mandiant Threat Intelligence

    - 11:46 a.m. - 12:01 p.m. PT - Spotlight on Financial Services: Live Q&A

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Cyber Summit 2020 | Cloud and Enterprise Security Recorded: Nov 9 2020 72 mins
    Martin Holste, Cloud CTO; Lisun Kung, Sr. Director; Phil Montgomery, SVP, FireEye; Steve Ledzian, CTO, APAC, FireEye
    Session Agenda:

    -9:15 a.m. - 9:40 a.m. - Take Control of Your Cloud Environments - Martin Holste, Cloud CTO, FireEye and Lisun Kung, Sr. Director, Cloudvisory, FireEye

    -9:40 a.m. - 10:01 a.m. - FireEye Products: A Complete Solution Working Together - Phil Montgomery, Sr. VP, Product Marketing, FireEye

    -10:01 a.m. - 10:24 a.m. - Detection and Response: Pioneered by FireEye - Steve Ledzian, CTO, APAC, FireEye

    To check out the full event program, please visit https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Cyber Summit 2020 | From the Front Lines Recorded: Nov 9 2020 70 mins
    Sandra Joyce, EVP, Mandiant Threat Intel; Charles Carmakal SVP and CTO, Mandiant; Chris Key, EVP, Mandiant Solutions
    Session agenda:

    - 8:00 a.m. PT. - Welcome and intro

    - 8:02 a.m. -8:22 a.m. PT - New Ransomware Trends: A Threat Evolves - Sandra Joyce, EVP and Head of Mandiant Threat Intelligence

    - 8:22 a.m. - 8:49 a.m. PT - Preparing for Disruptive Intrusions: Mitigating the Risk of Data Theft, Ransomware, Public Shaming and Extortion - Charles Carmakal, Sr. VP and Mandiant Strategic Services CTO

    - 8:49 a.m. - 9:07 a.m. PT - Mandiant Advantage: Achieving Focused Business Outcomes through Threat Intelligence and Validation - Chris Key, EVP of Products, Mandiant Solutions

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Augment and Automate Threat Intelligence Into Your Environment Recorded: Nov 9 2020 18 mins
    Joshua Bass, Senior Manager Product Management, Mandiant Security Validation
    The need to improve how companies prove security effectiveness in today’s business climate is clear: attacks are on the rise, targets are expanding, adversaries are more motivated, and their tactics are increasingly insidious.

    Now, more than ever, organizations need access to emerging threat data as it happens. Security leaders need to be able to provide proof to their organization that these threats cannot and will not breach their defenses by being able to prioritize the threats that matter to them now and take action.

    This session will show how relevant and emerging threat data combined with controls validation technology provides insight into what is most important to test against and what to prioritize based on the knowledge of who and what might be targeting an organization or industry. Through this approach to security validation, security leaders can provide evidence to C-level leadership and give them confidence that controls are working as they should against threats and adversaries delivering expected value and maintaining the organization’s accepted level of risk.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Validate Security Performance to Rationalize Investments Recorded: Nov 9 2020 19 mins
    Major General Earl Matthews, VP of Strategy for Mandiant Security Validation
    In the first half of the last decade, the rule of thumb for cyber security spending was roughly 3-4% of a total IT budget. By the end of that decade, average security spending had risen by 300%. Today, the typical organization uses 30-70 security tools, and spending in this area has gone through the roof. With so many controls deployed, there is often duplication. But without reliable evidence of security controls performance, it’s impossible to know where overlap exists or where technology is not delivering intended value so leaders can reliably remove unneeded controls without increasing risk.

    With increasing pressure on boards of directors and CEOs to provide evidence that business assets are protected from the fallout of a potential breach, the need to justify security investments is now a key performance metric.

    General Earl Matthews will discuss how to align a cyber security program with desired business outcomes, including cost-cutting demands, and teach attendees how to rationalize cyber security investments and prove their value to the C-suite. Attendees will learn a proven methodology to financially rationalize cyber security investments through security validation.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • How Continuous Validation Helps Protect the Supply Chain Recorded: Sep 22 2020 59 mins
    Matt Shelton, Director, Technology Risk and Threat Intelligence, FireEye
    The Expanding Attack Surface: How Continuous Validation Helps Protect the Supply Chain

    Organizations are increasingly using third party providers to manage critical components of their infrastructure. The introduction of cloud services, managed service providers, and Software-as-a-Service (SaaS) has increased the size of an organization’s attack surface. A breach of proprietary and confidential information is just as impactful coming from the supply chain as it is from an organization’s infrastructure. Join Matt Shelton, Director, Technology Risk and Threat Intelligence, as he explains how intelligence-led validation can help tighten controls and reduce risk. In this webinar:

    -Hear about the realities of today’s threat landscape, sophisticated attackers and the implications on managing your security stack and processes
    -Learn how threat intelligence helps you take decisive action
    -Find out how continuous validation helps you understand the true measure of your security
    -Get insights into an actual use case where a company’s supply chain was breached to see how intelligence-led validation could have helped prevent it

    Register Now
  • Validating Helix Recorded: Jul 14 2020 52 mins
    Steve Lodin, Sr Director of Cybersecurity Operations for Sallie Mae & Brian Contos, VP, Technology Innovation for Mandiant
    Sallie Mae Sr. Director of Cybersecurity Operations Steve Lodin returns to the podcast to share his experiences introducing and maintaining cloud-based SIEM to existing infrastructure. He and Brian discuss the technicalities of transferring a mid-size financial organization to the cloud.
  • Validate Security Performance to Rationalize Investments Recorded: Jun 11 2020 52 mins
    General Earl Matthews, VP of Strategy for Mandiant Security Validation
    Security assumptions do not equal security effectiveness. With increasing pressure on boards of directors and CEOs to provide evidence that business assets are protected from the fallout of a potential breach, the need to justify security investments is now a key performance metric. Only through security validation and continual measurement of security effectiveness across technology, people and processes can you rationalize cyber security investments and prove value to the C-suite.

    In this session, led by General Earl Matthews, VP of Strategy for Mandiant Security Validation, you can learn:

    - Best practices for investment prioritization when it comes to hiring, training and security solution procurement
    - How security validation testing can identify areas of overlap in capabilities, inefficiencies in product expectations, and gaps in overall security posture, and help you optimize performance and value
    - Steps to take to strengthen your security posture and minimize cyber risk in order to protect your brand reputation and economic value
  • Measure, improve & optimize your cybersecurity with Mandiant Security Validation Recorded: Jun 9 2020 54 mins
    Lluis Coma, EMEA Consulting Sales Engineer, FireEye
    Mandiant Security Validation allows you to accurately assess a company's security posture. We help our clients take a proactive approach to identifying and mitigating risks due to incorrect configurations, inefficiencies in products, and / or established security processes.

    Register for the webinar and find out how Mandiant Security Validation enables you to:

    • Evaluate your security posture in order to prioritize investments;
    • Optimize the configuration of your technologies to maximize the return on investment;
    • Compare your security with market standards such as MITRE ATT&CK Framework and others;
    • Test the correct operation of your DLP-type tools;
    • Measure the security of your security processes in the CLOUD;
    • Validate the correct operation of your Endpoint tools;
    • Confirm network segmentation in IT / OT / SCADA environments.

    The results can be extremely interesting for managers of SOCs, CISOs and for the Board of Directors.
  • Security Validation - what is it and how can it improve security effectiveness? Recorded: Jun 9 2020 61 mins
    Mike Batten - VP Sales Engineering EMEA, FireEye
    In order to stay ahead of an evolving threat landscape, security teams must continuously improve their processes and technology. But even with their investments, security professionals still need answers to pressing questions:

    -Who are the attackers that target my industry and what techniques do they use?
    -Which alerts matter most and how do I respond?
    -Are my tools, controls, processes working as expected?
    -Where should I focus improvement efforts?

    Join Mike Batten, VP Sales Engineering EMEA, for our upcoming webinar to:

    -Learn how cyber threat intelligence can inform which attackers target your industry and understand the techniques they employ
    -Find out how continuous validation can pinpoint where you have gaps so you can target improvements where they are needed
    -Understand how validation technology powered by relevant intelligence can generate proof of effectiveness and reduce risk
    -View the results of a recent security effectiveness report, spanning the production environments of multiple industries and enterprises

    Register Now!
  • An Intelligence Driven Approach to Security Validation Recorded: Jun 9 2020 56 mins
    Shashwath Hegde, Solutions Architect, APAC
    A recent SANS study showed that while organizations used threat intelligence to hypothesize where attackers may be found, they lack the investigative skills to conduct searches. This continues to be a growing problem in the cyber security industry as organizations struggle to justify the high-cost of their defences.
    We make significant investments to justify our methods of stopping evil. However, we rarely spend time in measuring our methods or investments. Instead, we rely on assumptions to guide our decisions and justify our judgements. In this session, we will explore real world data and dive deep into the performance of cybersecurity controls across enterprise networks; from email, endpoint, network to cloud-based controls and examine some alarming results. As organizations continue to struggle to justify the high-cost of their defences, Security Validation provides a solution to validate, consolidate, recoup and maximize the value from existing investments.
  • FireEye Chat | Front and Center: How to Empower. Evolve. Defend. Recorded: Jun 5 2020 28 mins
    Vasu Jakkal CMO; Major General Earl Matthews VP, Strategy, Mandiant Security Validation; Martin Holste Cloud CTO
    Cyber attackers never rest, but neither does FireEye. In our upcoming Virtual Summit on June 9-11, industry professionals will showcase best practices, research and strategies to empower organizations to evolve their cyber security solutions and better defend against attackers.

    In this latest episode of the quarterly talk show FireEye Chat, we dive deeper into two topics from the virtual summit: security effectiveness and cloud security. Watch now to hear from our experts who are front and center from their homes as they tackle these common questions:

    • How secure are you? And can we be sure we’re protected against the evolving threat landscape?
    • Are your cyber security products effective and working the way they should?
    • Do you know how to be secure in the cloud?
    • What should you consider when moving to the cloud?
  • 2020 Mandiant Security Effectiveness Report Findings Recorded: May 19 2020 60 mins
    Matt Hartley SVP Mandiant Strategy for FireEye Mandiant & Devon Goforth Sr Dir Security Instrumentation for FireEye Mandiant
    2020 Mandiant Security Effectiveness Report Findings: A deep dive into cyber reality

    Join our webinar to understand why a majority of tested attacks successfully infiltrate enterprise environments without detection – and why security validation is so critical.

    The Mandiant Security Effectiveness Report 2020 takes a deep dive look into cybersecurity performance across network, email, endpoint, and cloud-based security controls – and confirms the prevailing concern: security controls are not performing as expected. Alarmingly, thousands of tests performed by experts from the Mandiant Security Validation (previously known as Verodin) team show that for 53% of the environments tested, attacks were successful in bypassing controls without knowledge. This points to the need for continuous validation of security effectiveness based on four fundamental components.

    Register for our upcoming webinar to learn about the fundamentals of security validation and gain the knowledge to answer questions such as:

    - Do I have confidence in the effectiveness of my security controls?
    - Can I quickly assess the relevance of threat intelligence or exposure to the latest attack?
    - Am I stopping data leakage and protecting data integrity?
    - How can I simplify and standardize my security stack?
    - Do I have evidence to support communicating key metrics to executives?

    Register Now to Reserve Your Seat!
  • Validating Security Effectiveness with an Evidence-based Approach Recorded: May 14 2020 52 mins
    Brian Contos, VP Technology Innovation| FireEye Mandiant & Jeff Vinson, CISO & VP |Harris Health System
    Cybersecurity spending must be tied to business relevance - protecting business continuity, protecting critical assets, rationalizing investments, and demonstrating compliance with regulatory mandates. This is accomplished through an effective security validation program that utilizes automation and an intelligence-driven approach to mitigate risk, optimize controls, and communicate value.

    Join Brian Contos, VP Technology Innovation| FireEye Mandiant and Jeff Vinson, CISO & VP |Harris Health System as they discuss how Mandiant Security Validation (formerly Verodin) helps organizations automate real-time monitoring by leverage an intelligence-driven methodology to maximize the value and mitigate risk.

    In the session they will discuss:
    >> Delivering value for security teams and executives
    >> Leveraging automation, real-time monitoring and input from threat intelligence and incident response for an effective security program
    >> Managing the impacts of COVID-19 on your security team

    Register Now to Reserve Your Seat!
Insight on validating the effectiveness of cybersecurity controls
Mandiant Security Validation (formerly Verodin), has made it possible for organizations to validate the effectiveness of cyber security controls, thereby protecting their reputation and economic value. By measuring and testing security environments against both known and newly discovered threats, organizations can identify risks in security controls before a breach occurs and permits companies to rapidly adapt their defenses to the evolving threat landscape.
Cybersecurity experts from around the globe share experiences about their journey to increase security effectiveness.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 5 Steps to Security Validation
  • Live at: Apr 27 2020 6:00 pm
  • Presented by: Major General Earl Matthews (USAF)
  • From:
Your email has been sent.
or close