Hi [[ session.user.profile.firstName ]]

Similarity brings your threat hunting to the next level

Join TrendMicro, Trinity Cyber and VirusTotal in this workshop where you will learn how similarity is one of the most powerful tools when it comes to threat analysis, greatly speeding up your research, helping to avoid some of the tricks used by attackers to avoid being detected, giving you a more complete overview of malicious campaigns and allowing to further pivoting and discovering artefacts from your adversaries. We will present you the most recent similarity algorithms, why they are relevant, and how to use them in real case scenarios you can leverage in your daily security investigations.
Recorded Nov 25 2020 53 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jeremy Brown & James Hays - Trinity Cyber, Fernando Merces & Jon Oliver - TrendMicro, Vicente Diaz - VirusTotal
Presentation preview: Similarity brings your threat hunting to the next level

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Minimizing your exposure to fraud and cybercrime attacks May 20 2021 3:00 pm UTC 60 mins
    Jesús Toledano, Senior Solutions Consultant, VirusTotal
    Join us for a LIVE webinar to learn with real examples how you can use VirusTotal to minimize your exposure to fraud and cybercrime attacks.
  • Jumpstart your security journey with a modern approach to zero trust Recorded: May 6 2021 20 mins
    Jennifer Jeremiah, Professional Services, Google Cloud
    Learn about new trends for modernizing zero trust security and how you can take small steps to enable big changes. Understand how to increase your security and protect your data, all while providing a simple and secure experience for your users.
  • Outsmarting Today’s Adversaries with VirusTotal Recorded: Apr 21 2021 31 mins
    Amrita Kaur, Regional Lead, VirusTotal
    We all know VirusTotal is a tried and true method to investigate files, URLs or IP addresses, making it the largest threat observatory in the world. But did you know you can integrate its API into your existing SIEM, SOAR, and EDR investment? Did you know that you can create YARA rules to hunt for malware across your endpoints? Let's explore an executive overview of the most common VirusTotal Enterprise use-cases and learn more about the tool your team are already familiar with.
  • Why the Cloud Needs Network Detection and Response Recorded: Apr 20 2021 61 mins
    Anton Chuvakin of Google Cloud & Edward Smith and Vijit Nair of Corelight
    If cloud environments are locked down by default and everything is already being logged, is cloud network traffic analysis really helpful? It turns out that even in the cloud, network telemetry data can ensure investigations are fast and hunts are conclusive. As we’ve learned from breaches like Sunburst, network telemetry provides essential evidence for catching threats other tools miss.


    Join experts from Google Cloud Security and Corelight to learn how collection and analysis of cloud network traffic leads to better threat detection and response. We will discuss:
    - Common misconceptions about network telemetry
    - Cloud traffic monitoring use cases
    - Solutions to implementation challenges
  • Strategies for Modernizing your Security (on demand) Recorded: Apr 20 2021 52 mins
    Google Cloud's Dave Hannigan, Office of the CISO, and Product Leads, Trevor Welsh and Ameet Jani
    This informal, virtual briefing will help you understand Google Cloud’s security vision with a deep dive into our security analytics and zero trust capabilities. You’ll hear from the Office of the CISO and our security experts and emerge with new strategies and solutions you can immediately put to use.
  • Leveraging adversarial data for security control validation and compliance Recorded: Mar 31 2021 40 mins
    Franco Ardiani, Software Engineer, Attack IQ and Vicente Diaz, ThreatIntel Strategist, VirusTotal
    Nowadays, using real attacker’s TTPs (Tactics, Techniques, and Procedures) and artifacts they use is a must in any security strategy. Selecting the right adversaries and understanding the toolset they are deploying in recent campaigns is not an easy task unless you are provided with the right tools. In this webinar, AttackIQ and VirusTotal’s experts will show the main ideas behind Adversary-driven red-teaming. They will show how to implement this procedure from scratch using practical real examples combining VirusTotal queries with the AttackIQ product.
  • Supercharge your security telemetry with Chronicle Recorded: Mar 25 2021 23 mins
    Mike Hom, Product Architect, Chronicle
    Chronicle helps make enterprise security data - like EDR, firewall, VPN, DNS, and web proxy telemetry - useful right away for threat detection, response, and hunting. Join this session to learn about the unique components of the Chronicle security analytics platform that enable security teams to supercharge their security telemetry.
  • Office of the CISO: Moving to cloud- A chance to finally transform your security Recorded: Mar 24 2021 40 mins
    Dave Hannigan - Director, Jeanette Manfra - Director, & Anton Chuvakin, Head of Solution Strategy, Google Cloud
    Join this session to hear from Google Cloud’s Office of the CISO on how cloud migration is a unique opportunity to dismantle the legacy security debt of the past two decades. Modern cloud computing implies very different operational processes, new tools and practices — and concepts alien to traditional IT. CISO leaders must re-imagine your future state to avoid bringing pre-cloud tools and pre-cloud thinking into your cloud migration. Only then, will you avoid bringing along your pre-cloud problems.
  • Improve your security posture with the Security Command Center Recorded: Mar 16 2021 13 mins
    Kathryn Shih, Senior Product Manager/Engineering & Timothy Peacock, Product Manager/Engineering, Google Cloud
    As you move more workloads to the cloud, you need visibility into what resources are running and their security state, vulnerabilities and threats present, and how to address them before they can result in damage or loss. In this session, you will learn how the new and enhanced Security Command Center premium version provides centralized security management and compliance monitoring of your assets, vulnerabilities and threats. You will also learn how built-in features can help you identify misconfigurations in your virtual machines, containers, network, storage, and identity and access management policies as well vulnerabilities in your web applications. See a live demonstration of the new Security Command Center in this session.
  • The Cloud Trust Paradox: Keeping Control of Data & Encryption Keys in the Cloud Recorded: Mar 9 2021 54 mins
    Paul Hampton, Senior Product Manager, Thales; Anton Chuvakin, Security Solution Strategy, Google
    When it comes to encryption keys, security best practice is all about control and separation between encrypted data at rest and the keys. Google Cloud encrypts customer data at rest by default and offers organisations multiple options to control and manage their encryption keys. For many organisations hosting sensitive data or looking to migrate workloads to the cloud, they require additional control and ownership over their encryption keys in order to meet compliance or internal security requirements.
    In this webinar Anton Chuvakin (Google) and Paul Hampton, Senior Product Manager (Thales), will discuss how Google and Thales are helping organisations address this challenge by exploring use cases where keeping the encryption keys off the cloud may in fact be truly necessary or outweigh the benefits of cloud provider based key management.
  • Improve your security posture with the Security Command Center Recorded: Mar 5 2021 14 mins
    Kathryn Shih, Senior Product Manager/Engineering & Timothy Peacock, Product Manager/Engineering, Google Cloud
    As you move more workloads to the cloud, you need visibility into what resources are running and their security state, vulnerabilities and threats present, and how to address them before they can result in damage or loss. In this session, you will learn how the new and enhanced Security Command Center premium version provides centralized security management and compliance monitoring of your assets, vulnerabilities and threats. You will also learn how built-in features can help you identify misconfigurations in your virtual machines, containers, network, storage, and identity and access management policies as well vulnerabilities in your web applications. See a live demonstration of the new Security Command Center in this session.
  • Office of the CISO: Moving to cloud- A chance to finally transform your security Recorded: Mar 5 2021 41 mins
    Dave Hannigan - Director, Jeanette Manfra - Director, & Anton Chuvakin, Head of Solution Strategy, Google Cloud
    Join this session to hear from Google Cloud’s Office of the CISO on how cloud migration is a unique opportunity to dismantle the legacy security debt of the past two decades. Modern cloud computing implies very different operational processes, new tools and practices — and concepts alien to traditional IT. CISO leaders must re-imagine your future state to avoid bringing pre-cloud tools and pre-cloud thinking into your cloud migration. Only then, will you avoid bringing along your pre-cloud problems.
  • A Look at Google's BeyondCorp Enterprise: Enabling zero trust security Recorded: Feb 23 2021 26 mins
    Ameet Jani, Google Cloud Product Manager & Jessica Davlin, Google Cloud Product Marketing Manager
    Security issues continue to disrupt the status quo for global enterprises. Recent cyber attacks highlight the need to re-think our security plans and operations; attackers are getting smarter and attacks are more sophisticated. The challenge here, however, is to enable disruptive innovation in security without disrupting security operations.

    In this webinar, we'll provide an overview of Google’s newest zero trust product offering, BeyondCorp Enterprise. Google is no stranger to zero trust - we’ve been on this journey for over a decade with our own implementation: BeyondCorp. Living and breathing zero trust for this long, we know that organizations want a zero trust solution that will not only improve their security posture, but also deliver a simple experience for users and administrators.
  • Google's State of the Market on Bot Fraud, featuring Forrester Recorded: Jan 26 2021 44 mins
    Sandy Carielli, Principal Analyst, Forrester and Kelly Anderson, Product Marketing Lead, Google Cloud
    Organizations recognize the very real risk of bot fraud--91% agree that
    the number of bot attacks they see will increase over the next 12 months. However, today’s firm is not protecting itself against the most common forms of attacks and expect to lose considerable percentages of their revenues to bot attacks.

    In this webinar, you’ll hear from our guest speaker Sandy Carielli at Forrester and Kelly Anderson at Google about the latest status of the online fraud market and proper bot fraud management. You’ll learn about the most common web-based attacks and how to correctly protect against them. You’ll also see the many teams involved in bot fraud management and the importance of creating a cohesive approach to reduce the many hours that are spent managing post-attack situations. On average, teams spend 424 hours (17 days and 16 hours) resolving bot attacks. We’ll also explore the benefits--including reducing customer friction--that result in improved bot management.
  • Protecting from Ransomware attacks Recorded: Jan 21 2021 25 mins
    Vicente Diaz and Gerardo Fernandez - Virus Total
    Ransomware attacks are one of the biggest worries for any company. During the last years, cybercriminal groups were attracted to ransomware given the huge benefit and difficulties to trace attacks back.
    Not everything is lost. Prevention is the most effective measure, and from VirusTotal we want to show what to do in order to avoid being a victim.
    During this workshop we will show with practical examples what Threat Intelligence can do to significantly reduce your risk vector against ransomware.
  • Modern Detection for Modern Security Threats with Chronicle Recorded: Jan 14 2021 61 mins
    Ansh Patnaik, Product Marketing & Svetla Yankova, Customer Experience Engineering, Google Cloud Security
    Google Cloud Security has launched modern detection at Google scale with the debut of our new solution, Chronicle Detect. It includes a rules engine that operates at the speed of search, a widely-used detection language for describing threat behaviors, and a regular stream of new rules and indicators, built by our elite research team.

    Join this webinar to:

    - Hear from Paul Farley, Deputy CISO, NCR about their journey with Chronicle
    - Get a demo of the new detection engine that includes reference rules for the ATT&CK framework
    - Learn how Chronicle's elite research team, UpperCase, creates rules and indicators so you don't have to
  • Advancing Threat Intelligence & Hunting with VirusTotal Recorded: Jan 6 2021 30 mins
    Alvin Lung, Customer Experience Engineer, VirusTotal and Ben Caisley, Security Specialist, VirusTotal
    During this webinar, we will run through an overview of VirusTotal Intelligence and Hunting capabilities. Showcasing the search capabilities within VirusTotal to help sift through the vast amount of malware and how it may be pertinent to your organization as well as ways to track various threats. An investigation can start from IoC’s with little context, and how an analyst can leverage the data in VirusTotal to help uncover additional variants and the techniques attack groups may be utilising. Learn how VirusTotal can supercharge your team in regards to:
    - Security threat enrichment
    - Incident response
    - Threat hunting
  • A Practical Solution to Manage, Externalize, and Implement Cloud Trust Recorded: Dec 22 2020 46 mins
    Andrew Lance, Sidechain Security; Anton Chuvakin, Google; Robert Ball, Ionic Security; Christy Smith, Ionic Security
    Watch a group of innovators from Ionic Security, Google, and Sidechain Security as they explore the cloud trust paradox and the compelling events that are exacerbating cloud adoption. Hear about the practical concerns and use cases that led to the powerful integration between Ionic MachinaTM and Google Cloud EKM. Watch a demonstration of the solution in action.
  • Transform your security strategy with data driven detection Recorded: Dec 15 2020 18 mins
    Christopher Martin, Security Specialist, Google Cloud
    Ever feel like your security team is overly reliant on vendor-created threat detection? There are nuances to your environment that often require a more customized approach to identifying potential TTPs. Furthermore, advanced threat actors may use methods, techniques and malware that are custom-made for your organization. The art of detection is evolving as more investments are made into SOC analysts, threat responders, and hunters - and as part of this movement, data driven detection is emerging as the most accurate way to craft enterprise-specific detections.

    Attend this session to learn how you can intelligently transform your security strategy by authoring detections, treating them as code, and putting best practices in place to use, store, share and maintain your custom detections.

    Learn how to get started with a custom detection security strategy.
    Experience how the custom detection lifecycle provides insight into attacker behavior.
    Understand the core components of authoring detections.
    See how you can incorporate security frameworks into your detections.
    Learn how a data driven approach to detection writing detections captures lessons learned and sustains institutional knowledge.
  • The Cloud Trust Paradox: Trusting Cloud Computing More Requires Trusting it Less Recorded: Dec 9 2020 59 mins
    Speakers: Dr. Anton Chuvakin, Head of Security Solution Strategy, Google Cloud Dr. Anand Kashyap, CTO and Founder, Fortanix
    Today the very concept of “using public cloud” is inseparably connected to “trusting your cloud provider.” While many have taken that leap of faith, there are important workloads that organizations and regulatory bodies are reluctant to move to the cloud because they can’t verifiably prevent the cloud provider from getting access to their data.

    What if you could move data to the cloud without your cloud provider having access to the data or the encryption keys?

    Google Cloud Platform (GCP) is the first public cloud to announce the availability of External Key Manager (EKM) with early adopter PayPal, using Fortanix to store and manage encryption keys off-cloud for data encrypted in GCP. One year later, this webinar will examine how customers are using GCP EKM and Fortanix to move sensitive data in financial services, healthcare, and government onto the public cloud, while ensuring that the organization maintains control of the encryption keys and data at all times.

    In this webinar, you will learn about:
    - Real-world use cases where customers are using external key management to solve data security challenges
    - A cloud data security control model for understanding the differences and trade-offs between public cloud data security options.
    - Using virtual data sovereignty to solve regional data residency requirements
    - Compliance interpretations that require or encourage External Key Management
    - How to implement centralized key management for multicloud data security
Security First. Everything Follows.
Helping to modernize security whether you are transforming your systems in our cloud or in place.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Similarity brings your threat hunting to the next level
  • Live at: Nov 25 2020 3:00 pm
  • Presented by: Jeremy Brown & James Hays - Trinity Cyber, Fernando Merces & Jon Oliver - TrendMicro, Vicente Diaz - VirusTotal
  • From:
Your email has been sent.
or close