Name: Team Ares Red and Blue Series: Exploiting Enterprise Passwords
Start: 2020-09-23T16:00:00Z
End: 2020-09-23T16:00:55.000Z
Location: BrightTALK
Rating: 5

Critical Start is the only MDR provider committed to eliminating acceptable risk and leaving nothing to chance. We believe that companies should never have to settle for “good enough.” Our award-winning portfolio includes end-to-end Professional Services and Managed Detection and Response (MDR). Our MDR puts a stop to alert fatigue by leveraging our ZTAP platform plus industry-leading Trusted Behavior Registry, which eliminates false positives at scale by resolving known-good behaviors. Driven by 24x7x365 human-led, end-to-end monitoring, investigation and remediation of alerts, our on-the-go threat detection and response capabilities are enabled via a fully interactive MOBILESOC.

As publicity around the concept of killware continues to build, security teams and leaders in particularly vulnerable industries such as healthcare grapple with understanding the scope of this threat. In the face of such uncertainty, it’s helpful to take a step back and determine the true nature of killware, separating out the hype to determine what exactly it is that we’re facing.

In this webinar, you will learn about killware and how to prevent it, other current cybersecurity threats in the healthcare industry, how to handle ongoing threats and the challenges they present, and how managed detection and response (MDR) services can help.

A Cure for Killware: Healthcare's Newest Cybersecurity Challenge

Learn how to provide complete protection across your business with Microsoft 365 Defender and MDR services.
Hear from Microsoft and Critical Start in this webinar as we discuss how Microsoft 365 Defender prevents threats from accessing your entire enterprise and how Managed Detection and Response (MDR) services work with your Microsoft security tools to enhance protection and improve your team’s productivity. Finally, we’ll show how combining Microsoft 365 Defender with MDR leads to faster response and reduced attacker dwell time.

Protecting Against Multi-Vector Cyber Attacks with MDR & Microsoft 365 Defender

The only thing that’s constant is change. As a defender, you’re consistently inundated with new threats. What do I need to be concerned about? Am I protected?

Let Critical Start do the heavy lifting for you so you can focus on more important things – growing your business.

Enter the Critical Start Cyber Research Unit. We leverage our expertise in researching emerging threats to make sure we stay ahead of the bad guys. In this webinar, you’ll hear from our Cyber Research Unit to understand how Critical Start adds value to your existing security investment.

Introducing the Cyber Research Unit

The modern manufacturing workplace continues to evolve; from increases in interconnectivity on the manufacturing floor, to AI, to the increased use of cloud computing. With these advancements, the industry has also seen an increase in cyberattacks and the increased need for advanced cybersecurity solutions and services to protect businesses.

Hear from our technical experts on how to manage these new cybersecurity challenges and how managed detection and response (MDR) services can help.

Agenda:
- Walk through the anatomy of an attack and how an MDR service enables response
- What Manufacturers can do to protect themselves
- Rapid-fire Q&A session with one of our SOC analysts

Learn more about cybersecurity for the manufacturing industry at: www.criticalstart.com/cybersecurity-manufacturing/

Malware, Manufacturing and MDR​: Cybersecurity for the Evolving Workplace​

Agenda:
- MDR Overview: Why use Managed Detection and Response services for school districts & universities and how it works
- Hear from Centennial School District on how they leverage MDR services
- Quick Demo of the tools that enhance MDR services:
Zero Trust Analytics Platform (ZTAP) and MOBILESOC app

Making The Grade: Using MDR To Protect Schools From Cybersecurity Threats

Conference badges have evolved from paper and plastic to collectable mini-computers of all shapes and sizes, coveted and collected by security professionals and enthusiasts. The rise of #Badgelife signifies one of the most creative offshoots of security conferences, with its underground culture of hardware art and ingenuity. 

In this episode of SON OF A BREACH!, Critical Start CTO Randy Watkins welcomes badge creator Florida Man, a/k/a Jonathan Singer, to celebrate the allure of #Badgelife, reveal how deep the culture runs, and share tips on how to get started in the community. 

Tune in to learn:
•	The colorful, flashy history of #Badgelife
•	How unofficial conference badges have come to symbolize the security culture’s uniqueness and sense of community 
•	Steps to start collecting or creating digital badges that people want to take home and talk about
•	What tools and techniques you need to design and produce your own #Badgelife creation

Both fun and functional, digital badges celebrate computers and the security around them at the hardware level. Many are intentionally hackable so you can take control of the lights, noises, and other built-in features. 

Singer shares some favorites from his extensive badge collection, which you can see by watching the recorded video of this podcast episode. 

Jonathan Singer is SIEM and SOAR Practice Lead at GuidePoint Security, with certifications including GPEN, GWAPT, GCIA, GCFE, and CEH. He is a self-taught badge creator, who launched his first digital badge at Bsides Orlando 2013. Singer also shares his passion for cybersecurity and hardware on his YouTube channel.

SON OF A BREACH! - #BadgeLife Special

Learn how Critical Start Managed Detection and Response (MDR) services integrate with Microsoft Security tools to protect your organization 24/7/365.

Critical Start Managed Detection and Response (MDR) services with Microsoft

Join Critical Start’s CISO, Travis Farral, and Microsoft Solutions Principal, Charlie Smith, as they walk through the zero-day targeting Microsoft Exchange Servers. 

What will be covered:
- What happened?
- What did the attackers do?
- Who are the attackers?
- Who is impacted?
- What should your organization do?

Need more information?  Contact us at, https://www.criticalstart.com/contact/.

Zero-day Targeting Exchange Servers: Steps to Evaluate Your Risk

The SolarWinds cybersecurity breach known as Sunburst has organizations ranging from government agencies to private enterprises wondering if and how they were impacted – and what they should do to protect themselves from this and future attacks. 

Get the facts you need in our on-demand Threat Briefing, presented by Travis Farral, Chief Information Security Officer - Managed Detection and Response at Critical Start.  

This session will provide: 
• Details on the SolarWinds attack, timeline, and impact 
• Recommended actions for SolarWinds customers  
• General guidance for any organization to use to detect and prevent such attacks by reducing their attack surface 
• Other resources from Critical Start including a Compromise Assessment Service that targets specific indicators of compromise involved in the SolarWinds breach 
• Additional external resources available to you

Threat Briefing: What to Know and Do About the SolarWinds Attack

Managing your organization’s security operations comes down to one question: What if…?  

Consider all the “what if” situations you might face from attackers. Will your security operations teams be prepared for each level of threat that comes at them? 

You can take steps to ensure your information security operations are well positioned for those scenarios amid a shifting threat landscape. Security operations teams that will be successful now and in the future are those that focus on the whole package: having the technology, culture, people, training, integration, automation, and partnerships to call upon when needed. 

Join Jordan Mauriello, Critical Start SVP of Managed Security, and Richard Diver, Microsoft Senior Technical Manager, Security Partner Development, for “Position Your Security Operations for Current and Future Success.” 

Key takeaways from this virtual session include: 
-Whether you’re making the most of the security tools you already have 

-How a maturity assessment of your security operations can determine if you have the detection and response capabilities needed 

-How Microsoft and Critical Start are partnering to help solve security operations challenges

Position Your Security Operations for Current and Future Success

How vulnerable is your operational technology? In sectors ranging from manufacturing and utilities to transportation and healthcare, automation makes work easier and more efficient. However, increased automation brings greater security risks and more opportunities for hackers who are looking to disrupt and exploit OT environments.

Join CRITICALSTART TEAMARES security experts, Allyn Lynd (Blue team) and Chase Dardaman (Red team.)

In this one-hour session, you will learn best practices to:

•Deploy and maintain security for your OT / SCADA devices (spoiler alert: number one is OT/IT segmentation). 
•Design new OT / SCADA systems integrating security from the beginning as opposed to after it has been deployed.
•Ensure your incident response plan has what it takes to limit damages from breaches.
•Build your business case to secure approval and funding for new security measures. 

Not enough? How about actual use cases of OT / SCADA attacks; Allyn will share from his experience working as an FBI agent.

Reduce Your Risk: Best Practices for Securing OT and SCADA Networks

Next-Gen SIEM is critical for security operations thanks to the comprehensive visibility it gives us into our security environments. However, the data can only take a security operations team so far, without a managed SIEM approach. 

Join security experts Jordan Mauriello, SVP of Managed Services from Critical Start and Jason Mical, Cybersecurity Evangelist from Devo as they discuss why the market needs to care about next-Gen SIEM, and why combining SIEM with MDR is a game changer for security operations. 

In this webinar, you will learn:
·  Why Next Gen SIEM 
·  How to increase the value of your MDR with SIEM technology 
·  Why Devo (isn't just a Splunk alternative) 
·  Why Critical Start and Devo are partnering together

Why Next Gen SIEM Paired with MDR is a Game-changer

Organizations are losing the endpoint security battle against new or unknown zero-day attacks.

While there is no way to prevent zero-days, there are steps you can take to reduce the impact and/or severity of security incidents whether or not zero-days are involved.  

To explore these issues and how you can shore up vulnerabilities, join CRITICALSTART’s TEAMARES as they share: 

 - What a zero-day is – and what it is not 
- Using a zero-day to breach the perimeter and pivoting into sensitive areas within organizations 
- Challenges and methods in defending against zero-day including patching, defense in depth, and mature network and endpoint monitoring solution
- TEAMARES’ vulnerability research team’s success stories of discovering zero-days and developing full Proof-of-Concept exploits 
- Examples of infamous zero-day and +1-day events such as WannaCry using NSA tools released by the Shadow Brokers

Impact of Zero Day Exploits on Breaches

Globally, breaches cost organizations billions of dollars every year. In the U.S., losses for each breach average just under $10 million.

However, beyond the cost of remediation, breaches also impact an organization’s brand and reputation. After a breach, a company loses an average of 4% of its customer base, while a government entity loses the trust of the citizens using their services. 

In examining these breaches, we find ourselves asking, “What did these organizations do right? What could the organizations have done better?”

Join CRITICALSTART's security expert, Allyn Lynd, as he revisits some of the most expensive data breaches in history. 
 
Key takeaways from this webinar include:
•How to prepare for a breach
•What to do once a breach occurs
•How to recover from a breach in the long term
•What mistakes to avoid if/when a breach does occur

Lessons Learned from Billion Dollar Breaches

How big is your security risk and how do you identify and contain those risks? 
You may be surprised to learn that there are looming threats you can’t see, and attackers may be enjoying a long dwell time within your system – before you even detect an issue. 

Join CRITICALSTART to explore how big your security risk is throughout your organization, and how to uncover those potential blind spots. 

In this live session you’ll learn: 

- How to identify potential risk – asset management, risk register development 

- How to build an operation around risk mitigation – how to set up cadence for vulnerability scanning, pentesting, incident response tabletops to gauge your response to a breach 

- How to automate and leverage tools for efficiency across your operation

Uncovering Your Security Blind Spots

As threats and attacks evolve, many organizations find that traditional methods and products are limited in their scope and effectiveness. Compounding the problem, the growing cybersecurity skills shortage means many companies don’t have a dedicated team that can view and respond to threats 24/7 or support their growing remote workforce. Join us on May 7th to stay engaged and connected on the 3 fundamental flaws of threat hunting in this new day and age.

Threat Hunting and Modern Security: 3 Fundamental Flaws

No matter how much you think you’ve done to safeguard your data and systems against breaches, common vulnerabilities continue to wreak havoc on enterprises. 80% of hacking-related breaches involved compromised and weak credentials.  

Attackers are finding quick access to enterprise domain admins by simply guessing a password and logging in as that domain admin.

Given these challenges, what can you do to shore up your passwords and protect your organization? Join CRITICALSTART’s TEAMARES security experts, Cory Mathews and Joffrin Alexander, as they present, “Exploiting Enterprise Passwords."

From phishing pages to password spraying, you’ll learn how attackers gain access to passwords and what they do with those passwords once they’ve cracked them, as well as: 

- Methods to defend against these attacks specifically focusing on using strong passwords, password manager solutions, and probably most importantly multi-factor authentication. 

- External attacks such as logging in to enterprise solutions such as OWA, VPN, and file shares to maliciously changing passwords to lockout user’s access – and what you can do to prevent these attacks. 

- Proactive defense strategies including how to ensure you’re using strong passwords and how multi-factor can prevent breaches. 

- Internal actions you can take such as limiting excessive admin rights and other preventative measures.

Team Ares Red and Blue Series:  Exploiting Enterprise Passwords

Cyber Security

Enterprise Security

Breach Prevention

Cyber Attacks

Hackers

Managed Security

Cyber Crime

Cyber Incident Response

Exploit

Password Management

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

The storage community on BrightTALK is made up of thousands of storage and IT professionals. Find relevant webinars and videos on storage architecture, cloud storage, storage virtualization and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Storage

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Team Ares Red and Blue Series:  Exploiting Enterprise Passwords

Presented by

About this talk

More from this channel