Name: COVID-19, Incident Response & Standing Privilege: Where's the Easy Button?
Start: 2020-08-12T17:00:00Z
End: 2020-08-12T17:00:52.000Z
Location: BrightTALK
Rating: 3.67

Silicon Valley-based Remediant has redefined the decades-old Privileged Access Management (PAM) market with a precision approach to protecting companies with privileged access accounts and assets. Only Remediant provides just enough access just in time, eliminating standing privileges with continuous scanning and agentless, vaultless simplicity. Remediant protects more than one million endpoints and is trusted by large enterprises across a variety of industries. For more information, please visit: https://www.remediant.com/

74% of breached organizations admitted the breach involved access to a privileged account. Remediant and VMware Carbon Black have partnered to provide shared customers and partners proactive protection against identity-based attacks, such as ransomware and malware, to prevent endpoint compromise. This industry-leading integration between an agentless PAM solution and an Endpoint Protection Platform adds contextual real-time identity-based session information to endpoint recordings. 
Attackers gain access into organizations by compromising one of the excessive standing privileged accounts that invariably exist.  They can then move laterally from one system to another until they reach the crown jewels the organization’s mission critical servers. 

Industry-leading Remediant SecureONE provides an innovative approach to detect, monitor and revoke admin access and then administer Just-in-Time (JIT) access as needed. This technical partnership enables Remediant SecureONE to share privileged session intelligence with VMware Carbon Black Cloud Enterprise EDR, empowering customers to proactively respond to nefarious incidents.

Join us to learn more on Remediant and VMware Carbon Black's partnership and how you can reduce your attack surface and prevent lateral movement attacks. We'll discuss 

•	Market trends and the need for integrated EDR and PAM solutions
•	VMware Carbon Black and Remediant: the better together story
•	Demos: Intelligent Session Capture and management of  remote systems 
•	Use cases and benefits

Industry's Leading EDR and PAM Integration: Remediant and VMware Carbon Black

Stories from the field on rolling out a Privileged Access Management program to a blended remote workforce

COVID-19 came on pretty suddenly for many of us. The effect it had on the operations and IT infrastructure of health systems ratcheted up rapidly, as they tried to manage (1) an influx of patients, planned and unplanned, (2) new standard operating procedures, (3) migrating and supporting a blended on-premises / remote workforce and (4) a surge in targeted pandemic-related cyberattacks.

Please join us to hear from George Irungu, an experienced hospital system CISO. George is joined by Paul Lanzi (COO and Co-Founder of Remediant) and will walk through how he used an identity centric approach to adapt and evolve his security program to meet hospital operational needs, manage risk and defend the patient and employee experience.

An Identity-Centric Approach to Harden a COVID-19 Critical Business

What’s broken in asset management and privileged access?

IT and security teams spend significant amounts of time identifying privileged users, and even more, time figuring out everything a privileged user has access to.

In this webinar, JD Sherry of Remediant and Noah Simon of Axonius discuss commonalities between cybersecurity asset management and privileged access. This webinar covers:

- Why it’s become so challenging to discover and correlate information for IT assets and privileged users
- Why the shift to remote work makes asset and user monitoring more critical
- How the Remediant adapter on the Axonius Cybersecurity Asset Management platform can simplify asset and privileged access discovery

Managing and Securing Corporate Assets in a Perimeterless, Remote-first World

Join experienced incident response investigators Shane Shook, PhD - Advisor & Venture Consultant, Forgepoint Capital, and Tim Keeler, Co-founder & CEO at Remediant, as they exchange war stories stopping ransomware and lateral movement from past investigations. 

They will also showcase a live demo of how state sponsored attackers steal administrator credentials to move across a network. Finally, they will also touch on why it is easy for attackers to steal admin credentials (versus exploiting vulnerabilities) to move laterally within a target’s network.

Join us to learn practical tips on:

- How to assess your own environment for admin credential risk
- How to prevent your admin credentials from getting pwned

Pwning admin rights to spread ransomware: More stories from the battlefield

For security practitioners and CISOs, 2020 has created a significant re-prioritizing of and new dynamics for cyber security.  The rapid increase in the number of remote workers has led to a rethinking of core security principles.  Please join ForgePoint partner Will Lin as he hosts a panel of security executives in this 45 minute webcast.  Key topics will be:

• What are you hearing from the market and current customers?
• What key 2-3 threats have emerged when shifting to a remote model? 
• How should CISOs shift spend accordingly? What are the most effective investments you can make to detect, protect and respond to these threats?
• How have security teams been affected (in terms of hiring, FTE, budget)?
• How can CISOs get more out of their vendors and service providers?

Tackling the changed landscape of enterprise security – An industry roundtable

About Tim Keeler:
Tim Keeler, Founder and CEO of Remediant, worked at Genentech/Roche from 2000 to 2012 and was a leader on the Security Incident Response Team. After this experience, Tim moved deeper into the Enterprise Security realm, leaving Roche in 2012 to focus on security consulting. His clients included UCSF, Genentech/Roche, Gilead Sciences and CardioDX.

About Patrick Peterson:
Patrick Peterson founded cybersecurity company, Agari (2009 to present), while also serving as one of 13 global Cisco fellows (2007 to 2012). Prior to this, he was Vice President of Technology at IronPort (2001 to 2007), a role in which he helped build and lead the company to an $830 million acquisition by Cisco. He is known as the author of DMARC, the universal technology standard that companies around the world use to authenticate emails. 

About Caleb Kwong:
Caleb Kwong is the CEO of Savant Solutions, one of the top cybersecurity firms in CA.  Caleb’s experience comes from with working with DOD, USAF, and NASA for over a decade with providing them a secure network and infrastructure.  Since Caleb started Savant Solutions, he has helped the State of California secure over 90 sites and dozens of local cities and utility firms.  He adopted the zero-trust security model to protect his customers networks.

[Podcast] Cybersecurity Roundtable: Trends We’ve Noticed Since COVID

For security practitioners and CISOs, 2020 has created a significant re-prioritizing of and a new dynamic for cyber security.  The rapid increase in the number of remote workers has led to a rethinking of core security principles.  Please join Frank Wang of Dell Technologies Capital as he hosts a panel of security executives in this 45 minute webcast.  Key topics will be:

• What are you hearing from the market and current customers?
• What key 2-3 threats have emerged with the shift to a remote workforce model?
• How should CISOs shift spend accordingly? What are the most effective investments they can make NOW to detect, protect and respond to these threats? For the rest of the year?
• How have security teams been affected (in terms of hiring, FTE, budget)?
• How can CISOs get more out of their vendors and service providers?

An Industry Roundtable: Tackling the changed landscape of enterprise security

In IDSA's latest research, 79% of companies surveyed experienced an identity-related breach in the last 2 years and interestingly only 38% of those companies have implemented multi-factor authentication (MFA) to protect privileged accounts. Because these accounts, whether human or non-human (machines, service, application), are considered the most risky, organizations should consider an extra layer of security through MFA.

Join Paul Lanzi, IDSA Technical Working Group Member and Remediant co-founder and COO as he discusses the details of identity-defined security outcome, all privileged access requires MFA, and how organizations can implement additional protections for their most sensitive accounts, reducing the risk of an identity-related breach.

[IDSA] Security Outcome Deep Dives: All privileged access requires MFA

According to EMA primary research, 79% of organizations consider privileged access management (PAM) to be very important or critical to their business operations. However, 76% of organizations experience significant privileged access policy violations each year, exposing the most sensitive business information and IT resources to extreme risks of exposure. Clearly, traditional processes reliant on simply enforcing complex, rotating, privileged account passwords are not effective and are not adaptable to complex IT ecosystems supporting remote work forces accessing IT resources hosted across a variety of on-premises and cloud environments.

To assist organizations with identifying and deploying strategic improvements to PAM practices and solutions, EMA has developed an evaluation guide for achieving optimal PAM implementations. Attend this webinar to get actionable guidance on how to advance your PAM implementations regardless of where you are in your security management journey.

Join us to learn:

- Primary barriers to success with implementing a PAM solution
- Key features organizations should look for in a PAM platform
- How PAM processes may be adapted to work with existing security and endpoint management implementations
- The features and qualities of PAM solutions that should be adopted to address challenges in different types of business environments
- The order in which specific PAM functionality be introduced
- How PAM products should be evaluated to ensure adoption of the solutions that will most effectively meet business requirements

[EMA] Actionable Guidance for Succeeding in Enterprise-Class PAM

On this week’s show Patrick and Adam discuss the week’s security news, including:

- Salt framework 1Day wreaks havoc
- Toll Group hit with ransomware attack. Again.
- Germans indict APT28 operator
- Ransomware a key word in SEC filings
- Much, much more!

This week’s show is brought to you by Remediant. They offer software that lets you get privileged accounts under control very quickly. In this week’s sponsor interview we’re chatting with Remediant’s COO Paul Lanzi and Julie Smith, the executive director of the Identity Defined Security Alliance (IDSA). We’ll be talking about what the IDSA actually is and what its goals are.

[Podcast] Risky Business #582 – Germans indict APT28 operator

Zero Standing Privilege (PAM) was a new term introduced in 2019 and might just be the best approach to shift your PAM strategy into high gear. In this short presentation, Remediant co-founder and COO, Paul Lanzi, discusses how PAM projects were managed historically and highlights a new PAM approach to reduce the impact of compromised admin credentials. 

Do you know what admin credentials exist today or even how they change over time in your organization?  This is just one of several challenges we’ll discuss, offer a solution and discuss the need and value of frequent scanning of admin rights, reporting on current standing privileges and the adoption of a ZSP and Just-In-Time administration.

So, if you’re looking for quick wins in PAM, including removing local admin rights and support for DevOps+PAM use cases, join the discussion and learn how other organizations like yours have succeeded.

Shifting PAM into High Gear with Zero Standing Privilege (ZSP)

Engineering teams are adopting DevOps as a way to improve time to market and ensure high availability. In addition, these teams are becoming more and more distributed as a way to access a broader talent pool, drive down fixed costs and improve employee retention.

What this implies, especially in firms with a technology heavy workforce, is that you now have more privileged users (e.g., engineers, DevOps, SRE) than ever before deploying on cloud infrastructure and operating with elevated privileges over a remote connection.

Join us as former security practitioners (Genentech, Roche) and Remediant co-founders Tim Keeler and Paul Lanzi discuss a re-imagined privileged access management model for this new paradigm. In addition, they will also demo a practical implementation of this new model.

After this talk, you will walk away with a blueprint on how you can easily incorporate the following into your cloud workloads:

- Establish strong, VPN-less authentication and secrets management
- Enable just-in-time, just enough access to the workload with multi-factor authentication (MFA)
- Zero-trust authorization through removing standing privilege

[CSA] A recipe for automating privileged access into your DevOps pipeline

Cyber security investigators, data breach analysis reports, and security professionals continue to confirm that lateral movement (enabled by user profile propagation), and the abuse of standing privileges remain at the center of most major incidents.

Unfortunately, it's also one of the most complex cyber security challenges to solve. As a result, privileged access security controls are evolving from an authentication-centric model built upon legacy vault-based credential processes to a journey towards “zero standing privilege.”

Join our upcoming webinar with VMware Carbon Black Head of Cybersecurity Strategy, Tom Kellermann, and Remediant CRO, JD Sherry, as they talk about current trends and threats facing today's modern enterprise. Discussion and questions will include:

- Dramatic increase in counter-incident response
- Remote Access Security
- Impact to security operations due to COVID

Finally, they will explore how to simplify the implementation of a “zero standing privilege” model that focuses on just-in-time administration and the eradication of standing privilege to better prevent minor incidents from becoming major ones.

COVID-19, Incident Response & Standing Privilege: Where's the Easy Button?

VMware

Cyber Security

Zero Standing Privilege

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

COVID-19, Incident Response & Standing Privilege: Where's the Easy Button?

Presented by

About this talk

More from this channel