Name: Smooth SIEM Surgery: Practical Tips for SIEM Migration Success in 2024
Start: 2024-04-02T08:36:00Z
End: 2024-04-02T08:36:30.000Z
Location: BrightTALK
Rating: 2

Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.

Analisi approfondite degli esperti sulle principali tendenze e sugli attacchi informatici più significativi di oggi, dalle prime linee da 15 anni a questa parte.

In questa 15a edizione annuale, M-Trends fornirà uno sguardo dall’interno al panorama delle minacce informatiche in evoluzione, attingendo direttamente dalle indagini di risposta agli incidenti e dall’analisi delle informazioni sulle minacce degli attacchi ad alto impatto e relative azioni di risoluzione in tutto il mondo. 

Preparati ad essere informato sui seguenti argomenti:

+ Le più recenti metriche di risposta agli incidenti, compresi i tempi di interazione, le fonti di rilevamento, i principali vettori di infezione iniziale e molto altro ancora
+ Gli aggressori China-nexus prendono sempre più di mira dispositivi e piattaforme periferici privi della tecnologia EDR
+ Operazioni di tendenza degli aggressori e motivazioni alla dietro gli  attacchi zero-day
+ L’evoluzione delle tecniche di phishing tra i moderni controlli di sicurezza
+ Come gli aggressori stanno sfruttando AiTM per compromettere le misure di protezione con autenticazione a più fattori
+ I motivi e le soluzioni alla base delle crescenti intrusioni in ambienti cloud e cloud ibridi
+ Come l'IA viene utilizzata in modo efficace nelle operazioni dei red team e purple team per contribuire a potenziare le difese informatiche

M-Trends 2024: dati dietro le principali tendenze e minacce informatiche odierne

While many organizations have threat intelligence as part of their security operations program, most struggle to apply it effectively, and lack the required resources and expertise to keep up with the latest threat actors and TTPs. In this webinar, we’ll take a look at the new intelligence-driven approach in Google Chronicle Security Operations, and how it can deliver turnkey security outcomes with threat intelligence that’s personalized, relevant, and seamlessly embedded.

Stay ahead of the latest threats with intelligence-driven security operations

Perspectivas expertas sobre las principales tendencias y ataques de ciberseguridad actuales y durante 15 años consecutivos.

En esta 15ª edición anual, M-Trends proporcionará una mirada al interior del panorama evolutivo de las amenazas cibernéticas, partiendo de investigaciones de respuesta a incidentes y análisis de inteligencia de amenazas de ataques de alto impacto y soluciones en todo el mundo.

Prepárate para estar informado sobre los siguientes temas:

+ Las últimas métricas de respuesta a incidentes, incluidos tiempos de permanencia, fuentes de detección, principales vectores de infección inicial y mucho más.
+ El incremento de atacantes vinculados a China que apuntan a dispositivos de borde de red y plataformas que carecen de EDR.
+ Operaciones de adversarios en tendencia y las motivaciones detrás de los ataques de día cero.
+ La evolución de las técnicas de phishing en medio de los controles de seguridad modernos.
+ Cómo los atacantes están aprovechando la Inteligencia Artificial (AiTM) para comprometer las protecciones de autenticación multifactor.
+ Las razones y soluciones detrás de las crecientes intrusiones en entornos de nube y nube híbrida.
+ Cómo la IA se utiliza eficazmente en las operaciones de equipos de ataque/defensa (red/purple team) para ayudar a impulsar las defensas cibernéticas.

M-Trends 2024:  Las principales tendencias y ataques de ciberseguridad

Perspectives d'experts sur les principales tendances et attaques actuelles en matière de cybersécurité, issues du terrain depuis 15 ans.

Dans cette 15ème édition annuelle, M-Trends fournira un aperçu de l'évolution du paysage des cybermenaces, directement issu des enquêtes sur les incidents et de l'analyse des menaces liées aux attaques à fort impact et aux remediations dans le monde entier.

Explorez les grandes thématiques du rapport:

+ Les dernières mesures de réponse aux incidents, y compris les durées d'intrusion, les sources de détection, les principaux vecteurs d'infection initiale, et bien plus encore.
+ Les attaquants, liés à la Chine, qui ciblent de plus en plus les appareils périphériques et les plateformes dépourvues d'EDR.
+ Les tendances et motivations derrière les attaques "zero-day".
+ L'évolution des techniques d’hameçonnage dans le contexte des contrôles de sécurité modernes.
+ Comment les attaquants exploitent l’IA (“AiTM”) pour compromettre les mesures de protection de l’authentification multifacteur.
+ Les raisons et les solutions derrière l'augmentation des intrusions dans les environnements cloud et cloud hybrides.
+ Comment l'IA est utilisée efficacement dans les opérations Red Team pour renforcer les cyberdéfenses.

M-Trends 2024: Les principales tendances et attaques en matière de cybersécurité

Expert insights into today’s top cybersecurity trends and attacks from the frontlines for 15 years running.

Join Mandiant expert Dr Jamie Collier, for a deeper dive into the 15th annual edition of M-Trends. Get an inside look at the evolving cyber threat landscape directly from incident response investigations and threat intelligence analysis of high-impact attacks and remediations around the globe.

Get ready to be informed on the following topics:

- The latest incident response metrics including dwell times, detection sources, top initial infection vectors and so much more
- China-nexus attackers increasingly targeting edge devices and platforms that lack EDR
- Trending adversary operations and motivations behind zero-day attacks
- The evolution of phishing techniques amidst modern security controls
- How attackers are leveraging AiTM to compromise multi-factor authentication safeguards
- The reasons and solutions behind growing cloud and hybrid cloud environment intrusions
- How AI is effectively used in red and purple team operations to help boost cyber defenses

M-Trends 2024 EMEA: By the Numbers of Today’s Top Cyber Trends and Attacks

15 Jahre lang Expertenmeinungen zu den wichtigsten aktuellen Cybersicherheitstrends und -angriffen aus Incident-Response-Einsätzen.

In dieser 15. jährlichen Ausgabe bietet M-Trends einen Einblick in die sich entwickelnde Cyber-Bedrohungslandschaft, direkt aus Untersuchungen zur Reaktion auf Vorfälle und der Analyse von Bedrohungen durch wirkungsvolle Angriffe und Gegenmaßnahmen auf der ganzen Welt.

Machen Sie sich bereit, über die folgenden Themen informiert zu werden:

+ Die neuesten Metriken für die Reaktion auf Vorfälle, einschließlich Verweilzeiten, Erkennungsquellen, anfängliche Infektionsvektoren und vieles mehr.
+ Angreifer mit Verbindungen zu China, die zunehmend auf Edge-Geräte und Plattformen ohne EDR abzielen.
+ Trendige gegnerische Operationen und Motivationen hinter Zero-Day-Angriffen.
+ Die Entwicklung von Phishing-Techniken inmitten moderner Sicherheitskontrollen.
+ Wie Angreifer “AiTM” nutzen, um Multi-Faktor-Authentifizierungsmaßnahmen zu kompromittieren.
+ Die Gründe und Lösungen für die Zunahme von Eindringlingen in Cloud- und hybriden Cloud-Umgebungen.
+ Wie KI effektiv in Red- und Purple-Team-Operationen eingesetzt wird, um die Cyberabwehr zu stärken.

Aktuelle Einblicke in die wichtigsten Cybersicherheits-Trends und Angriffe

The key to maintaining a strong cloud security posture is to build from the start on a robust foundation of baseline security controls. Google Cloud’s Security Foundation solution provides recommended controls for common cloud adoption use cases. In this session, you’ll learn how to use layered security defenses in the cloud to protect your cloud-based workloads. You’ll also learn how to build an architecture with security controls optimized for your modern infrastructure.

Security Foundation: Protecting your workloads with layered defenses

Proactive threat hunting is a critical function of cyber defense, even for resource constrained organizations. Join our experts for an in depth discussion on how we help our customers find threats in their networks, reduce attacker dwell time, and take decisive action.

Augmenting Cyber Defense with Mandiant Hunt

Many organizations are eager to take advantage of generative AI, but don’t have the resources to build, train, and maintain costly LLM models of their own. This session will provide an overview of the work Google Cloud is doing to allow customers and partners to call upon pre-trained security models and bring critical security intelligence to power their workflows.

Generative AI for your security use cases

See what is coming in the new year and hear how Mandiant consultants are helping organizations become threat ready by providing expertise before, during and after breaches.

Stay ahead in 2024 with the latest from Google and Mandiant

Proactive threat hunting enables cyber defenders to reduce attack dwell time through the identification of compromise activity previously missed by other detection mechanisms. Yet, many security teams do not have a dedicated threat hunting function and we’re on a mission to change that. 

In this webinar, Mandiant experts will cover:
 - How to establish a threat hunting function 
 - Threat hunting best practices and methodologies
 - Aligning hunt findings to the MITRE ATT&CK framework

Learn how to proactively hunt for evidence from a previous or existing compromise to enhance future response capabilities and realize new methods of threat detection.

Beyond Detection: The Art and Science of Proactive Threat Hunting

Whether you're a security engineer, IT professional, or simply someone concerned about protecting your organization's information, this webinar will showcase how AI can transform the way you approach security.

Join us to learn how to:

Strengthen your defenses
Enhance threat detection
Improve response

Our expert speakers will demystify the complexity of AI and guide you through its practical applications in the realm of cybersecurity - even if you aren't an expert.

Unleashing AI for cybersecurity: Empowering non-experts to take action

As defences against mass-phishing emails have evolved, so have attacker tactics in targeting executives and employees. Spear-phishing, vishing, social media platforms, and even AI are now part of the standard aresenal for criminal and nation-state threat actors. Marie Moe from Mandiant's Strategic team and Stephen Begley from our Red Team discuss the sophisticated attacks used by modern attackers, including what Mandiant Threat Intelligence is seeing in the wild, how these attacks work, how organisations can defend themselves from the latest generation of attacks, and how we see these attacks changing and evolving in the future.

The Phuture of Phishing

No technology has ever emerged as quickly as generative AI has – or come with such a confusing set of myths about how threat actors are already leveraging AI-driven tools to overwhelm enterprise defenses.

Join us as we separate fact from fiction and put myths to rest about the use and capabilities of generative AI.

Watch this webinar to learn:
• How threat actors specifically use generative AI to bypass or compromise enterprise security systems;
• Real-world applications of generative AI that are proven successful in enhancing cybersecurity posture;
• Generative AI's projected growth rate and how it will affect your enterprise's ability to keep pace with security protocols.

Generative AI: Myths, Realities, and Practical Use Cases

To fully realise the benefits of cyber threat intelligence, we need to effectively communicate the threat landscape.

This webinar will explore the benefits of using operational profiling to build a more precise understanding of adversaries’ attributes. Adopting a richer vocabulary of descriptors offers far more than just nuanced understanding and can be used strategically to improve security outcomes. Crucially, a clearer understanding of threats allows intelligence to be applied more effectively across a wider range of use cases beyond the security operation centre.

Leveraging Operational Profiling to Improve Security Outcomes

Security operations are struggling. According to Enterprise Strategy Group (ESG), the primary challenges security teams are facing include spending too much time addressing high priority/emergency issues and not enough time on strategy and process improvement, along with monitoring security across a growing and changing attack surface.

In this webinar, Anton Chuvakin, Security Advisor at Office of the CISO, Google Cloud, and Jon Oltsik, Distinguished Analyst and Fellow, will explore how generative AI can help support your security operations. You will learn:
• Where & why security operations are struggling
• How GenAI can help
• Use cases for GenAI security
• Tips on how to get the most out of GenAI for your security operations

Watch the webinar now!

The Role of Generative AI for Security Operations

From compliance to security operations, every organization must test and measure security effectiveness to help identify and mitigate cyber risks.  Although the ‘how’ and ‘when’ to test that effectiveness varies from org to org. 

Join Mandiant experts for a live discussion on the best practice methodologies and technologies your security team can use to accomplish this. During the session, our experts will cover:

- The difference between breach and attack simulation, red teaming and penetration testing
- When to choose between automation or partnering with a trusted third-party
- How to prioritize specific gaps in your security posture identified by proactive testing
- Mobilizing your security team to improve the overall security program

How to Effectively Test and Measure Your Cyber Defense Program

Outdated SIEM systems continue to form the backbone of many security operations despite increasing vulnerabilities and the rise of more powerful alternatives. This presentation offers a practical approach to SIEM migration, addressing the top challenges and providing actionable takeaways for a successful transition.

- Veteran security expert Anton Chuvakin will cover essential tips, including:
- Identifying the need for a new SIEM, understanding market options, and defining clear migration goals.
- Streamlining the process by focusing on essential log sources and detection content.
- Leveraging the migration as a catalyst to modernize security processes.
- Emphasizing thorough testing, training, phased approaches, and the benefits of expert help.

Whether you're a seasoned practitioner or just beginning to consider a SIEM migration, this presentation will provide valuable insights and actionable strategies to ensure success in 2024.

Smooth SIEM Surgery: Practical Tips for SIEM Migration Success in 2024

SecOps

Security Operations

Security Operations Center

Cyber Attacks

Cyber Crime

Cyber Defence

Cyber Defense

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Smooth SIEM Surgery: Practical Tips for SIEM Migration Success in 2024

Presented by

About this talk

More from this channel