Name: Bad at Keeping Secrets? Understanding the Risk of Exposed Access Keys
Start: 2020-12-10T12:00:00Z
End: 2020-12-10T12:00:25.000Z
Location: BrightTALK
Rating: 0

Digital Shadows SearchLight protects organizations against external risk exposure. Organizations register their company names, brand names, domains, and document marketings for monitoring. Through the SearchLight portal, we provide the most relevant and critical digital risks with complete visibility, context, recommended actions, and ways to remediate the risk.

How best-practice organizations are taking their security operations to the next level
Security teams need threat intelligence. Done correctly, it provides quick investigation of events and effective response to incidents. Unfortunately, teams are faced with too many systems, too much threat data, and investigations that take too much time. Teams quickly become overwhelmed, which inhibits their success.

There is a better way. Together, Digital Shadows and Cortex XSOAR enable teams to realize the benefits of threat intelligence, while saving up to 90 hours a week.

Join Rishi Bhargava and Alastair Paterson to discuss:
- The role of automation and threat intelligence in the modern SOC
- The most popular use cases you should focus on in 2022
- How you can show return on investment with reduced effort and man-hours

Streamline Response with Threat Intelligence and SOAR

ShadowTalk host Chris alongside Kim, Ivan, and Rick bring you the latest in threat intelligence. This week they cover:

- Lapsus$ threat group targets several large companies
- Russia/Ukraine war shows no sign of slowing down
- TransUnion unveils enhanced data breach

Lapsus$ Targets Large Companies, Russia/Ukraine Ongoing War, TransUnion Breach

ShadowTalk host Stefano alongside Kim and Dani bring you the latest in threat intelligence. This week they cover:

- New Malware against Ukrainian targets: CaddyWiper
- Crypto ATM and cybercriminals' reactions
- Russia to start using homegrown TLS certificates

[Podcast] New Malware "CaddyWiper", Crypto ATM, Russia to Use TLS Certificates

ShadowTalk host Chris alongside Stefano, Rory, and Rick bring you the latest on the escalating tension between Russia and Ukraine.

This episode they cover:
- Continuing attacks between Russia and Ukraine
- New sanctions against Russian banks
- Cybercriminal developments
- Nuclear forces on high alert/peace talks

Russia and Ukraine - What We Know So Far - 28 February 2022

ShadowTalk host Chris alongside Stefano, Rory, and Rick bring you the latest on the escalating tension between Russia and Ukraine.

This episode they cover:
Recent cyber developments
Malware targeting Ukrainian organizations
New sanctions against Russia

[Podcast] Russia-Ukraine War Update 02 March 2022

Psst...your vulnerabilities are showing

Security teams are increasingly overwhelmed by an ever-rising tide of security vulnerabilities that leave their networks susceptible to intrusion. Join Digital Shadows to discover how vulnerability intelligence can have a real business impact and protect you from a major breach by patching critical weaknesses that may otherwise be missed. You will learn:

- What is leading to network exploitation by a complex and thriving cybercriminal community
- How your security team can use vulnerability intelligence to make remediation decisions 
- Best practices for prioritizing and patching the most critical vulnerabilities

The Not-So-Obvious Reasons Your Networks Are Being Exploited

ShadowTalk host Chris alongside Ivan and Austin bring you the latest in threat intelligence. This week they cover:

- A Critical H2 Database Vulnerability
- DDoS Extortion
- Alternate ransomware techniques

H2 Database Vulnerability, DDoS Extortion, and Alternate Ransomware Techniques

It seems like everyone has predictions on the 2022 threat landscape, but in this presentation, Digital Shadows CISO Rick Holland will take a different approach. Rick will introduce a Structured Analytic Technique called "The Cone of Plausibility" and use this analytic technique to forecast next year's ransomware threat. Join this webinar and learn:
 
- How Structured Analytic Techniques add rigor to intelligence analysis
- The forecasted ransomware trends
- The implications of continued government and law enforcement actions

Forecasting the 2022 Ransomware Threat

With increased data dumps related to ransomware, security teams are increasingly concerned about sensitive data exposed on the dark web. Unfortunately, data is exposed in even more locations, even more often. Code repositories, websites, and misconfigured file stores are exposing billions of files.

Luckily, there are approaches you can take to detect and remediate these issues. Join Digital Shadows to learn about best practices for detecting exposed data online. Attendees will learn about: 
- Top sources of exposed data 
- Types of exposed data 
- Free tools to get started

Get Your Data Before Attackers Do

For this special edition of ShadowTalk, host Chris alongside Kim and Xue are covering the key takeaways from this year’s NCSAM and share several best-practice pieces released by the security experts at Digital Shadows throughout the month including:

- Managing Your Digital Shadow
- Phight the Phish 
- Putting Cybersecurity First

Special: NCSAM Takeaways and Key Resources

Keeping track of every vulnerability being exploited in the wild is a daunting task for security teams. Staying one step ahead is often a huge challenge and it sometimes ends up being a losing game. Join Photon CTI analysts to discuss the most severe vulnerabilities observed in 2021 and how to improve your security posture.

Attendees will learn about:
- Enabling a risk-based approach to vulnerability management
- The different stages of a vulnerability journey going from detection to exploitation
- The top 5 vulnerabilities exploited in the wild in 2021
- How cybercriminals freely discuss and share exploits and tools in dark web forums

Vulnerability Intelligence: Do You Know Where Your Flaws Are?

ShadowTalk host Chris is joined by both the US and UK teams for the last podcast episode of 2021. This episode they cover:

- The Log4j vulnerability and what has happened since its discovery
- The Karakurt extortion group is making headlines
- An individual considered the most prolific cybercriminal to date has been arrested

Closing out 2021 with Log4j Updates, Karakurt News, and a Cybercriminal Arrest

ShadowTalk host Stefano alongside Chris and Dani bring you the latest in threat intelligence. This episode they cover:

- NICKEL’s campaign targets Latin America and Europe
- What on earth is Quantum computing and why should we pay attention to it
- A cyberattack has paralyzed a UK supermarket infrastructure; would you consider that critical infrastructure?

NICKEL Targets LATAM and Europe, Quantum Computing, and UK Cyberattack

ShadowTalk hosts Sean, Alec and Ivan, bring you the latest in threat intelligence. This week they cover:

- The rise of Sabbath ransomware
- IKEA email hack
- Proofpoint finds the Rich Text Format still delivers

IKEA Hack, Sabbath Ransomware, Proofpoint Rich Text Format and More!

With disrupted business scenarios, the rise of hyperconnected organizations, and an increase in online activity and frauds, a digital risk protection solution with robust data gathering capability is the need of the hour in this time of the COVID-19 pandemic. Critical investments in DRP solutions are postulated to grow, with organizations focusing more on security and automated remediation being the new long-term strategy to lock in customers for the long haul.

This Webinar highlights the key research findings of the SPARK MATRIX Digital Risk Protection (DRP), 2021. Join the live webinar by Digital Shadows and Quadrant Knowledge Solutions to gain market insights on the DRIP market, both from technology vendor and end use perspective.

Attendees will learn about:
- Global Digital Risk Protection (DRP) solution market dynamics
- Key Technology Trends (Factors Influencing Technology Development)
- Competition Dynamics and Vendors Positioning: SPARK Matrix
- Recommendations on Vendor Evaluation

Digital Risk Protection in a Modern Threat Landscape

ShadowTalk host Stefano alongside Saul, Kim and Xue, bring you the latest in threat intelligence. This episode they cover:

- Vulnerability Intelligence: Exploit-as-a-Service
- Emotet’s return
- FBI fake emails campaign

[Podcast] Exploit-as-a-Service, Emotet’s Return, and FBI Fake Email Campaign

Ryan Floyd, venture capitalist and co-founder Storm Ventures, talks about the latest cybersecurity threats you should be aware of as a founder of a small business (what your startup essentially is) with Alastair Paterson, Co-founder and CEO of a cybersecurity company Digital Shadows.

- Should one be worried about the dark web?
- How has the global pandemic affected the cybersecurity landscape? 
- How security threats can impact your success as a startup? 
- What are the latest phishing techniques you should be aware of as a founder?

Watch the video to get the answers to all these questions - and make sure you are better equipped to tackle the latest cybersecurity threats your business is facing.

Cybersecurity for a Small Business: Latest Threats

ShadowTalk host Chris alongside Rory, Dylan and Xue, bring you the latest in threat intelligence. This episode they cover:

- Emotet botnet comeback orchestrated by Conti ransomware gang
- GoDaddy Breach
- MosesStaff conducting politically motivated attacks

GoDaddy Breach, MosesStaff Attacks, and Conti Orchestrates Emotet Comeback

There’s a dilemma facing organizations with software development functions. Companies that build software products, must ship them to their users, and quickly. However, all too often, security teams lack visibility as to whether technical assets, such as access keys, are exposed to online software development platforms.

In this webinar, attendees will learn about Digital Shadows' most recent research into exposed access keys, as well as the solutions available for security teams to gain this visibility.

Attendees will learn about:
- Digital Shadows research findings that analyzed 800,000 leaked access keys.
- The different types of exposed keys, including database stores, online services, and SSH keys.
- How SearchLight detects leaked access keys in real-time.

Bad at Keeping Secrets? Understanding the Risk of Exposed Access Keys

Threat Intelligence

Access Management

Risk Management

IT Security

Cyber Attacks

Cyber Security

Data Breach

DevOps

Cyber Crime

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Bad at Keeping Secrets? Understanding the Risk of Exposed Access Keys

Presented by

About this talk

More from this channel