Name: Continuous Testing for Top Hacking Techniques in 2020
Start: 2019-11-11T11:00:00Z
End: 2019-11-11T11:49:33.000Z
Location: BrightTALK
Rating: 5

Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. For more info visit: pentera.io.

Our technology, work processes, and activities all are depend based on Operation Systems to be safe and secure. Join us virtually for  "The Hacking Games - Operation System Vulnerabilities" Meetup to learn how hacker can compromise Operation System, bypass Antivirus protection layer and exploiting Linux eBPF.

Agenda:
17:00 - 17:10 - 'Opening words' - by Gidi Farkash (Pipl)
17:10 - 17:40 - 'The Code OS; IDE Risks' - Omer Yaron (Enso Security)
17:40 - 18:10 - 'Malware Analysis, Red Team & AV bypass techniques' - by Uriel Kosayev (MalwareAnalysis.co)
18:10 - 18:40 - 'The Good, Bad and Compromisable Aspects of Linux eBPF' - by Matan Liber (Pentera)

The Hacking Games - Operation System Vulnerabilities Virtual Meetup

Modern, complex SIEM solutions now come with out-of-the-box rules and models aimed at reducing some of the noise stemming from unnecessary or irrelevant data and alerts. While helpful, organizations lack the time, people, and skills needed to fine tune these solutions for their most efficient use.

Learn how Pentera can help you reduce resources dedicated to SIEM optimization by validating what is an actual risk to prioritize patching so that you can gain true value from your SIEM solution.

Cure Your SIEM of Alert Fatigue

Automated Security Validation ensures you can proactively assess, manage, and report the risks posed by security weaknesses at the time it matters most – when exploiting that vulnerability can be damaging. Gone are the days of a risk being prioritised just based on a CVSS score.

Hear from senior security engineer, Shak Ahmed, as he showcases real-life technical use-cases that reduce the perpetual lag and backlog of manual security validation tasks, help to remove your teams' resource constraints, and are designed to improve the accuracy of testing, detection, and remediation.

Why Automate Security Validation? Technical Use Cases

Leaked and stolen credentials continue to pose a critical risk to organizations globally. Each year, over 80% of web application breaches involve compromised credentials that appear on the dark web, paste sites and in data dumps shared by cybercriminals. While threat intelligence tools show which  credentials have been leaked, security teams still lack visibility into the potential damage they can cause. 

Join our webinar to learn how Pentera’s newest module, Credential Exposure. By combining real-world leaked credential feeds with its autonomous validation engine, Pentera challenges both internal and external attack surfaces to reveal the most exploitable security gaps & suggest a risk-based remediation plan.

Five Steps to Mitigate the Risk of Credential Exposure

Pentera ist weltweit die einzige Plattform, die Penetration Tests komplett automatisiert durchführen kann. In der Produktivumgebung, sicher, kontrolliert und ohne Schaden anzurichten. 

Dadurch  ermöglicht Pentera die Infrastruktur konstant, wiederkehrend und vergleichbar mit internen Ressourcen zu testen und Fortschritte kontinuierlich zu validieren. 

Wir sind stolz, das nächste Level anzukündigen: RansomwareReady™

Die Spatzen pfeifen es bereits von den Dächern - die Anzahl der Ransomware Angriffe hat in Deutschland signifikant zugenommen. 

In this webinar:
 
-Neun von zehn Unternehmen wurden laut einer aktuellen Studie in den Jahren 2020 und 2021 Opfer von Cyberkriminellen. 

-„Die Wucht, mit der Ransomware-Angriffe unsere Wirtschaft erschüttern, ist besorgniserregend und trifft Unternehmen aller Branchen und Größen“, sagte Achim Berg (Präsident Bitkom).

-Die Angreifer habe es auf Kommunikationsdaten, Patente, Forschungsergebnisse abgesehen, auf Geld, manche Angriffe sind ausschließlich Sabotageakte.

-Neun Prozent der Unternehmen sehen ihre geschäftliche Existenz durch Cyberattacken bedroht

-24 Prozent der Firmen haben ihre Investitionen in IT-Sicherheit als Reaktion auf die verschärfte Bedrohungslage deutlich erhöht

Webinar Automatisiertes Pentesting

In 2022, the stand-out cybersecurity threat remains ransomware, with hackers using ever-more sophisticated methods to try to gain access and encrypt data.

There is no end of useful material available to raise our awareness and understanding of the issues. But businesses need to shift from being “ransomware aware” to being “ransomware ready”.

In this webinar: 
-Learn how to test your ability to detect ransomware 
-Understand the value of continuous security validation
-Ransomware strains: Maze, REvil, Conti
-See Pentera’s technology in action with a live ransomware attack from an attacker’s perspective

Watch a Live Ransomware Attack

The dynamic growth of the attack surface for enterprises demands that security teams actively monitor their risk exposure. By understanding the adversarial perspective security teams can best prepare for a potential attack. How do attackers view your organization? How confident are you that your controls are effective?

In this 20-minute live session with security expert, Jay Mar-Tang, Sales Engineering Director, Americas, learn how Pentera can help you continuously validate your attack surface by leveraging real attacker tools, techniques, and procedures.

How attractive is your attack surface to the adversary?

Enforcing password policy is a critical part of the scope of any security team - but most don’t necessarily have the bandwidth. Another way to go is to leverage security validation technology to automatically crack credentials to pinpoint the ones that could impact the business most. This way security teams can stay ahead of an attacker’s potential breach point.

This webinar will discuss:

-How attackers are exploiting cracked credentials based 
-The most common password practices used by employees
-How Pentera can help validate organizations’ security posture against these use cases

How to Leverage Cracked Credentials for Better Exposure Management

Enterprises are turning to cloud-based services to optimize scalability and reduce deployment efforts. As part of the Pentera Labs research into cloud-based services, the team uncovered a new web XSS vulnerability via improperly implemented access control and poor enforcement of SOP on Microsoft Azure Functions.

IN THIS WEBINAR
This 20-minute live interview with a Pentera Labs researcher will cover:

-A step-by-step walkthrough of how this finding was revealed
-Key concepts to understand the vulnerability
-The potential business impact of this vulnerability


Microsoft has issued a patch for this vulnerability and it is no longer exploitable.

Cyber Attacks Explained: Microsoft Azure Functions, XSS Vulnerability

The relentless expansion of the digital footprint in the enterprise means the security landscape is evershifting, and security teams need easy access to real-time data to appropriately appraise the state of their security posture.

Join experts from PlexTrac and Pentera to learn how to accelerate your organization’s vulnerability detection and remediation cycles with transparent reporting and tracking by:
- Continuously testing all cybersecurity layers to reveal the most risk-bearing gaps for remediation
- Aggregating data and improving cross-team collaboration and remediation efficiency with advanced reporting
- Enhancing security posture through constant short, iterative cycles

The Future of Pentesting: Continuous Validation with Pentera and PlexTrac

VMware has recently issued a patch for an Information Disclosure vulnerability CVE-2022-22948 discovered by the Pentera Labs team, impacting over 500,000 appliances.

In the full attack vector, threat actors can completely take over an organization’s ESXis deployed in a hybrid infrastructure and virtual machines hosted and managed by the hypervisor from just endpoint access to a host with a vCenter client.

This 20-minute overview with Pentera experts will discuss:

-What is the presence of the vulnerability and will my existing scanner detect it?
-What is the business impact of the vulnerability?
-What can organizations do about it?

Cyber Attacks Explained x Pentera Labs: VMware vCenter CVE-2022-22948

The scale of digital transformation in the enterprise also brings along a massive expansion of the attack surface. Whether known or unknown, this new attack surface introduces key security gaps that teams are unable to bridge using traditional vulnerability-centric approaches.

Join our webinar to gain insight into a different, exploit-centric, approach to security validation:

-How to pinpoint the risk-bearing security gaps out of the lot
-Gain adversary assurance that your defense capabilities can withhold the threat 
-Prioritize security gaps for remediation based on business impact
-A single, software-based, testing platform

4 steps to knowing your exploitable attack surface

Never trust, always validate - security readiness for 2022

SANS Institute Product Review: Why Security Validation Matters

Why are security board members worried today?!
Many are stuck with security solutions from 10 years ago. Being part of an innovative defense plan means having actual tactics and techniques in place of the most destructive ransomware strains and threats in the wild - from REvil to Maze, and continuously validating attack preparedness.

Don't Be Stuck With Security Solutions From 10 Years Ago!

Cyber Security is Not a Department: Building an Information Security Culture

Benefits of Soft Skills in Security

CISO Panel Discussion: The Current and Future of IT Security Strategy

Identity is 20/20: This Year’s Trends vs. Next Year’s Predictions

Magecart Attacks Require A New Approach to Web App Security

CISO Mind Map: Today's Key Cybersecurity Focus Areas

Cyber Resilience in the age of Targeted Attacks

CISO as Commander: The Path from Strategy to Action.

Advanced PII/PI Data Discovery

Weathering the Storm without Breaking the Budget

Security Fundamentals: Threat Detection & Response 101

[PANEL] CISO Challenges & Opportunities

The New Edge Services Security

The cyber threat landscape in the digital age

Security Analytics: The Nemesis of Mutating Cyber Threats

MITRE ATT&CK: Take Your SIEM and Insider Threat Detection to the Next Level

Key Attributes of a Modern Phishing Awareness Program

[PANEL] Threatscape 2020: Strategies for Better Security

Decoding Web Security: Industry retrospective and 2020 predictions

Show Me the Money!  What Are Cybercriminals Really Seeking?

Wargaming for Cyber Defenders

Tactics & Techniques to Protect Your Company Against Past and Future Threats

The Rise of Surveillance Mobile Malware

The 2020 Threatscape: What to Look for and How to Prepare

[PANEL] The 2020 Cyber Threat Landscape

The 2020 Threatscape

We’ve all heard of the increasing sophistication of the threatscape, that attackers have the top malicious tools at their disposal to run havoc in any network they deem worthy. But what does that really mean? And how does it affect your network and cyber defense strategy? 

Join Pcysys Head of Research, Alex Spivakovski, for a live demonstration of some of the top hacking techniques threatening enterprises today and how to test for them. See how the smallest misconfigurations in the network can lead to catastrophic outcomes or be remediated with ease. This is an opportunity to get acquainted with the evolving world of continuous cyber testing. 

Some of the topics we’ll cover: 

1. Live demonstration of top hacking techniques threatening enterprises today
2. Top breachable vulnerabilities in 2019 and how to reveal them in your network
3. A sustainable way to incorporate automation in your security validation practice to stay one step ahead of the attackers

Continuous Testing for Top Hacking Techniques in 2020

Network Security

IT Security

Cyber Security

Security Testing

Automation

Cyber Attacks

Risk Management

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful insights to run your business. CEOs, CFOs, CMOs, COOs, CTOs and CIOs are among the leaders in this community who connect with peers and experts to grow their businesses.

CxO Strategy

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Continuous Testing for Top Hacking Techniques in 2020

Presented by

About this talk

More from this channel