Name: Finding Beacons In The Dark - A Guide To Stopping Cobalt Strike Attacks
Start: 2022-07-19T03:00:00Z
End: 2022-07-19T03:00:43.000Z
Location: BrightTALK
Rating: 5

BlackBerry is a leader in the areas of endpoint security, endpoint management, encryption, and embedded systems, protecting enterprises and governments around the world. Our end-to-end approach is deeply rooted in Cylance® AI and machine learning, providing continuous preventative protection, detection, and instant response. We extend protection for your organization against current and future cyberthreats by combining network and endpoint telemetry and by delivering innovative solutions in the areas of cybersecurity, safety, and data privacy.

With all the hype surrounding artificial intelligence today, it should come as no surprise that modern threat actors are now leveraging AI for nefarious purposes. While the risk is very real, hope is not lost. That's because security teams can stay a step ahead through the rapidly-evolving art of AI-assisted cyber defense.

This session provides a deep dive into the AI vs. AI warzone, exploring how cyber criminals are using artificial intelligence to target your enterprise, as well as how you can use AI to proactively mitigate these threats. Topics covered inside include:

• Threat research and intelligence from AI-driven products
• What you should be doing to address large language models like ChatGPT
• Actionable intelligence on targeted attacks and cybercrime motivated threat actors

AI vs. AI: How bad actors (and security teams) are using this tool

BlackBerry Technical Marketing Director, Adam Sloan highlights the importance of visibility for your organization by providing the ability to detect and present a list of known devices which are unprotected in this brand new update to CylancePROTECT® from BlackBerry.

How to discover your organisation's unprotected devices

BlackBerry Technical Marketing Director, Adam Sloan discusses an important update to CylanceOPTICS® from BlackBerry which allows Administrators to have explicit control of the Remote Response feature whilst providing the ability to implement specific whitelist IP address and port pairs to define permitted communication to systems whilst under lockdown.

How Custom Lockdown Profiles help protect your endpoints

With the undersupply of cybersecurity professionals across the industry and with no sign of cyber threats slowing down, this makes a security leaders working environments become more complex. Some organisations are facing up to 25K+ alerts per day and continually rising, as a result their security team has difficulty maintaining their cybersecurity environment, building cyber resiliency and ultimately prone to be the next ransomware victim.  

Join Jonathan Jackson – Director Sales Engineering, from the BlackBerry Cybersecurity team in APAC to learn: 

• Proactive management best practices by leveraging new unified alert management capabilities, automating your security
• How you can take advantage of solutions with new rich features for simplified and enhanced predictive security.

It’s time to outsmart and outlast modern cyber threats.

Optimising Human Hours  - Best Practice for Proactive Cyber Incident Management

As enterprise infrastructures have expanded in scope and complexity, so too have the cyberthreats that target them. In today’s digital-first environment, legacy security controls are unlikely to be able to stand up to the volume and sophistication of these attacks. Even newer security software may be overwhelming and require nuanced human intervention, which is not always accessible due to the continuing security skills shortage. To address this, some organizations are turning to managed extended detection and response (XDR) services, to strengthen their cybersecurity capabilities.

Managed XDR can be useful not just for greater technological heft, but also for advanced strategies and expert assistance. Security programs must simultaneously handle prevention, detection, response, and recovery, in order to reduce the impact of any potential cyberattack. ESG has found that, by outsourcing to an experienced managed XDR vendor, organizations have reported both improved security efficacy and operational efficiency. From noise and cost reduction to security program development, identifying the right partner could make all the difference in your security outcomes.

In this webinar from BlackBerry and ESG, industry experts will assess the full impact that managed XDR can have on security programs.

Tune in to learn more about:
— The challenges security operations teams are facing today
— What makes a managed XDR service different from a traditional MDR service
— How managed XDR can be leveraged in high-risk situations, in real time
— What the security program long game could look like, with XDR support
— And much more

Strengthening Security Program Outcomes with Managed XDR

Recent cyberattacks serve as stark reminders that no one is safe. There is zero immunity from dedicated threat actors, and anyone operating in the digital space may be targeted next. 

With the rise of malicious hacking attempts occurring every 39 seconds, organizations will exhaust themselves relying on reactive security measures. Fortunately for CISOs and security practitioners, it’s not all doom and gloom, and constructing a proactive cybersecurity approach to fend off these threat actors is possible. 

Join experts from BlackBerry to fast track your knowledge on proactive cybersecurity approaches that utilize Contextual Threat Intelligence (CTI) and the MITRE ATT&CK® framework to secure yourself against adversaries.

Additionally, in this session you'll learn how to develop countermeasures with CTI and mitigate targeted attacks like APT.

Threat Responder: A Day in the Life Using Contextual Threat Intelligence

In today’s cybersecurity landscape, you can never let your guard down. Imagine you come into work to find your servers have been infected with ransomware.  Where do you go from here?   

By leveraging machine learning and true artificial intelligence, you can gain peace of mind knowing you have around-the-clock coverage to prevent cyberthreats and stop bad actors in their tracks. 

Join Jonathan Jackson – Director Sales Engineering, from the BlackBerry Cybersecurity team in APAC to learn: 

- The basic steps you can adopt now to prevent being exposed by threat actors. 
- How you can protect your organisation from threats lurking in the shadows 24x7x365. 
- It’s time to outsmart and outlast modern cyber threats.

Threat Actors Never Sleep ....Neither Can Your Security

Cobalt Strike (CS) is the most widely used advancend adversary simulation and threat emulation software. It's very powerful, for both good and bad actors.
CS delivers a post-exploitation framework that was developed to emulate the greatest features of late-stage malware ecosystems and allow its users to simulate adversary actions. The adoption of Cobalt Strike by global threat actors, and the framework’s use in hundreds of genuine intrusions, ransoms, and data breaches, shows that Beacon has fought its way to the top. It currently sits on the throne as the reigning champ of all malware toolkits. If it works, it wins
The session will demonstrate how the security and threat intelligence community can proactively prevent their organisations from falling victim to the growing threat of Cobalt Strike Beacons and Team Servers.
Learn how to turn the tables on APT groups and malicious threat actors - become the hunter instead of the hunted.

Finding Beacons in the Dark - a guide to stopping Cobalt Strike attacks

Organisations have never been more connected or vulnerable. Threats evolve at rapid pace and cybersecurity has failed to keep up. 
Proactive and preventive cybersecurity measures have previously been little more than an aspiration. No more! Machine learning and artificial intelligence allows us to stop cyberthreats in their tracks.

Join Jonathan Jackson – Director Sales Engineering, from the BlackBerry Cybersecurity team in APAC to learn:
- The current cybersecurity trends 
- What’s changed?
- How you can apply prevention-first security to your own organisation to combat cyber threats.

It’s time to outsmart and outlast modern cyber threats.

The Evolution of Prevention-First Cybersecurity

The drastic increase in the number of devices has spawned a rise in mobile malware and cyberattacks as more and more organisations are adapting to a hybrid workforce. 63% if greyware apps leak the devices phone numbers and nearly 1 of 5 business and industry apps leaks personally identifiable information (PII). As businesses continue to allow for more mobile devices to be connected to their IT network, adversaries have been quick to exploit this expanding attack surface, as old school security approaches or systems to manage these endpoints can no longer keep up.

Traditional enterprise mobility management (EMM) solutions in place often lack prevention, visualisation, and management capabilities needed to efficiently incorporate mobile devices into the overall security architecture. Standalone products, for example, often furnish only a mobile-centric view of threat activity.
 
Security executives need to go beyond traditional EMM solutions and embrace a rapidly emerging class of mobile security capabilities known as mobile threat defense (MTD), to protect vulnerable endpoints and ultimately preventing security incidents within their organisation.

Join Adam Sloan – Principal Sales Engineer, APAC live to learn:
- How you can leverage Artificial Intelligence and Machine Learning to optimise your mobile threat defense strategy.
- How to monitor mobile threats across layers to prevent malware infections and minimise SecOps overheads.
- How to implement endpoint management and protections across endpoints, people and data to prevent mobile security breaches and data loss.

Advanced AI & ML To Secure Your Mobile Workforce

Cyber threats have become more and more sophisticated:
- 300% increase in cybercrime YoY
- 97% of cyberattacks are at the endpoint
- 100 million pieces of malware get released each year
- 1 million daily security alerts seen in 25% of SOC’s
How is your organisation keeping up with these growing risks?

BlackBerry AI uses an automated, prevention-first approach to stop malware from executing on an organisation’s endpoints. It prevents breaches without user or admin intervention, a cloud connection, signatures, heuristics, or sandboxes.

Join us live to learn:
- Why Prevention Is Always Better Than Cure
- Defining concepts of Artificial Intelligence (AI) and Machine Learning (ML)
- Utilising ML in Cybersecurity and the AI approach
- Current Research Intelligence in the Cyberworld

Security That Works Smarter. Not Harder!

How AI and ML is Applied to Cybersecurity and Why it Matters

We've entered the ‘Age of Ransomware’. Today’s attackers are hitting harder, faster and the costs are only getting higher. Between Jan – Apr 2021, more than 290 enterprises were hit by 6 ransomware groups. The collective ransoms for these businesses totaled over US$45 million.

Join Tony Lee to learn how the predictive advantage of an AI-enable protective endpoint security solutions has allowed security veterans to weather the storm unimpeded, preventing the threat before it ever has a chance to execute and proactive steps you can take to avoid becoming the next victim.

Ransomware Defense Playbook – Lessons From The Front Lines

The security professional’s job has become an endless game of cat-and-mouse, continually pursuing invisible attackers that can out-think, out-run, and outsmart most security systems. To combat these and other threats, 
enterprises are increasingly turning to endpoint detection and response (EDR) solutions that provide advanced 
endpoint protection.

To be sure your endpoints aren’t the weak link against cyber threats, it’s time to embrace the new approach to EDR, with a prevent-first approach built on a strong artificial intelligence (AI) foundation for threat prevention.

Please join our product marketing expert, Baldeep Dogra, who will take us through the following: 
• EDR’s role in a Prevent-first approach
•	Endpoint Security – responding to the market challenges
•	Adopting an EDR-first approach – a ‘Prevention Paradox’
•	Adapting EDR to respond to evolving Cyber-threats
•	EDR in a modern ‘Zero-Trust’ implementation

The Perils of an EDR-first Strategy: Why Prevention Is Always Better Than Cure

Imagine a world where users have fast, frictionless access to corporate data from anywhere. Find out why end-users and security professionals alike love BlackBerry Gateway, a ZTNA solution that leverages behavioral intelligence to improve security and privacy

​​​​​AI-Secured Zero Trust Network Access

See how BlackBerry® Guard’s advanced AI and Intel-based threat hunting allows your security team to focus on the threats that matter most. It detects and prevents threats on all endpoints to protect your team without intervention

Meet Security That Never Sleeps – BlackBerry Guard

A Discussion on Mitigating Risk from Insider Threats

Help! My Insider Threat Program Is Drowning In Alerts!

Strategic Approach to Managing the Insider Threat

The Cyber Threat Landscape: Get Ready for 2023

Building Trusted Digital Experiences with Customer Identity

Re-calibrate Your CISO Strategy

Coming Soon -- CISO Observability in the Boardroom

Implementing a Multi-Layered Security Program to Protect & Defend Your Business

A Partnership Initiative of Industry and Academia

The Future CISO: Securing the digital organisation of the future

Threat Detection and Mitigation Strategies for Small Businesses

Threat Intelligence Today: Securing Endpoints Against Malware

The Endpoint Security Alphabet Stew Must Include VM and PM

Unpacking Endpoint Detection and Response

EDR, XDR, MDR: Filtering Out the Alphabet Soup of Cybersecurity

Cutting through the Fog of More: Use MDR or XDR to Find Real Threats

Preparing for a Cyber Crisis: The ISF approach

Adapt Your Endpoint Security Strategy

Successfully Securing Endpoints & Mitigating Threats

Cobalt Strike (CS) is the most widely used advanced adversary simulation and threat emulation software. It's very powerful, for both good and bad actors.

CS delivers a post-exploitation framework that was developed to emulate the greatest features of late-stage malware ecosystems and allow its users to simulate adversary actions. The adoption of Cobalt Strike by global threat actors, and the framework’s use in hundreds of genuine intrusions, ransoms, and data breaches, shows that Beacon has fought its way to the top. It currently sits on the throne as the reigning champ of all malware toolkits. If it works, it wins.

In this session, you will learn: 
• How security and threat intelligence community can proactively prevent their organisations from falling victim to the growing threat of Cobalt Strike Beacons and Team Servers.
• How to turn the tables on APT groups and malicious threat actors - become the hunter instead of the hunted.

Finding Beacons In The Dark - A Guide To Stopping Cobalt Strike Attacks

Cyber Security

Cyber Resilience

Threat Prevention

Threat Intelligence

Threat Hunting

Threat Detection

Endpoint Security

Cyber Attacks

Enterprise Security

IT Security

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

The storage community on BrightTALK is made up of thousands of storage and IT professionals. Find relevant webinars and videos on storage architecture, cloud storage, storage virtualization and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Storage

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

Get powerful marketing data and analytics insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the analytics that quantify your investments.

Data and Analytics

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

Get powerful finance insights for your business. Connect with experts and colleagues to get the most up-to-date knowledge that will help you to determine which financial factors build or erode value in your organization.

Finance

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Finding Beacons In The Dark - A Guide To Stopping Cobalt Strike Attacks

Presented by

About this talk

More from this channel