Hi [[ session.user.profile.firstName ]]

How to maximize Microsoft Defender ATP configuration using Attack Simulations

For security teams, it’s critical to validate the efficacy of endpoint security against leading threats in real-world scenarios. In the Microsoft Defender Advanced Threat Protection (ATP) evaluation lab, security practitioners can take advantage of a select set of breach and attack methods from the extensive SafeBreach Hackers Playbook (™). As a result, they can immediately and accurately test endpoint security capabilities against multiple real-life attack playbooks favored by very active Advanced Persistent Threat groups.

In this webinar, security experts from both companies explain how the integration of SafeBreach and Microsoft Defender ATP evaluation lab works and how security teams can verify that their Microsoft Defender ATP configuration will be successful in blocking relevant attacks.

You will learn:
- How breach and attack simulations identify security weaknesses that might allow malware infection,
credential theft, data collection, ransomware, modification of registry keys, and malicious OS
configurations
- How to use the Evaluation Lab / SafeBreach integration to build and run proofs of concept in a
virtual environment using real attack scenarios
- How to evaluate attack simulation results and make appropriate remediations
- How to explore the many other breach and attack methods in the SafeBreach Hacker's Playbook
(™), MITRE heat mapping and more.
Recorded Aug 18 2020 33 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Hadar Feldman, Sr. Program Manager/Security Researcher, Microsoft and Valeriy Leykin, Director Product Management, SafeBreach
Presentation preview: How to maximize Microsoft Defender ATP configuration using Attack Simulations

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Reduce the Attack Surface by Validating Cloud IaaS and Container Security Oct 28 2020 5:00 pm UTC 45 mins
    Yotam Ben Ezra, VP of Product at SafeBreach and Eran Segal, Security Researcher
    DevOps and Security teams experience an ongoing struggle of balancing innovation and moving the business forward, with implementing security best practices to keep these new environments secure.

    In the cloud native environment, some security concerns are less relevant and other security surfaces appear. A New range of security controls and best practices emerged to handle the new paradigm.

    Even though cloud security is a top concern for IT organizations, it is still difficult to safely and continuously validate that cloud infrastructure and container security controls are actually effective in protecting the environment without impacting production. Without insight into your cloud and container environments, you are at risk of attackers using these gaps in cloud security.

    In this webinar, you will learn:
    • How to validate the security of your cloud stack by continuously testing your Cloud Native environment with Docker and AWS simulations
    • How to align both DevOps and Security teams in validating controls
    • How you can prevent a CapitalOne type of breach
  • Emotet schlägt zurück – Wie Sie akute Bedrohungen stoppen Recorded: Oct 7 2020 46 mins
    Alexander Benoit, Lead Security Analyst, sepago GmbH and Tomer Bar, Research Team Leader, SafeBreach Labs
    Nachdem die Aktivitäten des Trojaners Emotet Anfang 2020 immer weiter zurückgegangen sind und
    schließlich völlig eingestellt wurden, nahmen viele an, dass dieser nun für immer verschwunden sei.
    Doch am 17. Juli diesen Jahres tauchte die Malware-Bedrohung wieder auf, dieses Mal durch neue E- Mail-Kampagnen mit schadhaften URLs oder Anhängen.

    Die Akteure im Hintergrund nutzten die globale Pandemie und den damit verbundenen Wandel hin
    zu mobilen Arbeitsplätzen aus, um Malware über Phishing-Kampagnen an ahnungslose Benutzer zu
    versenden.

    Alle IT-Sicherheitsabteilungen stehen nun vor der Herausforderung, auf das erhöhte Angriffsrisiko zu
    reagieren und die Sicherheitskontrollen weiter auszubauen, um das Unternehmen und die
    Mitarbeiter standortunabhängig zu schützen.

    Erfahren Sie in diesem Webinar:
    ▪ Die neuesten Methoden und Angriffsszenarien von Emotet, wie es infiltriert und was es als
    nächstes tut.
    ▪ Welche Prioritäten Sie zum Schutz vor einem Angriff in Ihrer IT-Umgebung setzen sollten.
    ▪ Warum Simulationen von Angriffen eine nachhaltige Alternative zu Penetrationstests sind und wie Sie damit kontinuierlich einen effektiven Sicherheitsstatus
    realisieren können.
    ▪ Wie die Zusammenarbeit von sepago und SafeBreach Ihnen helfen kann
    Sicherheitskontrollen zu validieren und die Frage zu beantworten – Wie gut sind Sie heute
    aufgestellt, um auf Emotet und andere Bedrohungen zu reagieren, oder besser, sie zu
    stoppen?
  • Prioritize Patching with Risk Based Vulnerability Management Recorded: Sep 17 2020 64 mins
    Steven Roesing, CEO at ASMGi and Dave Armstrong, CISO, The Judge Group
    Vulnerability and threat intelligence frameworks don’t account for the security controls deployed in your organization. Without insight into what attacks would be blocked by your security controls to prevent vulnerabilities from being exploited, there is no way to effectively measure the risk to your organization.

    Join us to learn:
    - How to reduce the attack surface by prioritizing vulnerabilities based on their actual business risk.
    - How to make a real difference in your security posture by prioritizing vulnerabilities and correlating
    with your security controls.
    -How to gauge the importance of a vulnerability based on the attack surface it can target, its
    reachability for external attackers, the chances it will give access to a critical asset, and the blast
    radius or potential reach of the vulnerability.
  • How Healthcare Companies Stay ahead of Maze and WastedLocker Ransomware Recorded: Sep 16 2020 45 mins
    Shaun Swenson, Director of Security Analytics Services at Johnson & Johnson and Yaron Levi, CISO at BCBS of Kansas City
    Are you proactively preparing your organization for a ransomware attack? Ransomware attacks like Maze and WastedLocker have been targeting companies in the H-ISAC community. These particular ransomwares aim to disrupt the healthcare industry, as companies with large numbers of assets to protect are high value targets to these attackers.
    For security teams, it’s critical to validate the efficacy of controls to stay ahead of the attackers. Ensure that your controls can stop these ransomwares from ever infiltrating your environment.

    Join the panel of healthcare CISOs on September 16th as they discuss:

    • How they anticipate ransomware attacks will affect the healthcare industry in the coming year
    • How they stay ahead of the latest threats
    • How do they prepare to deal with a Ransomware attack
    • How to gain insight into how your security solutions will respond to an attack
  • Cost Optimization for Security & Risk Recorded: Aug 18 2020 47 mins
    Malcolm Harkins, CISO at Cymatic and Kimberly Becan, Director of Product Marketing at SafeBreach
    According to Gartner research by 2023 1/3 of Security Teams will be directly measured on their ability to create business value. This discussion will focus on total costs and how to build an adaptable business case for validating the efficacy of your existing controls to identify vulnerabilities that are actually exploitable in your environment. Learn how you can:

    • Gain insight into how your security solutions will respond to an attack
    • Hold security vendors accountable for attack scenarios they miss
    • Assess your security risk with tangible metrics of your security controls
    • Quickly and effectively respond to ‘How safe are we against the latest threats?’
    • Patch less and protect more with insights on what vulnerabilities are exploitable

    Security and risk assessment are not about adding another tool to the stack but rather on a total cost budget portfolio perspective that drives efficiency, productivity, and optimization with improvements to the overall customer experience.

    With the demand to do more with less make sure you are getting ROI out of your current security investments. We will dive into a working example of annual security costs and the value realized by assessing fraud losses, tools, and headcounts and the impact on the customer experience.
  • How to maximize Microsoft Defender ATP configuration using Attack Simulations Recorded: Aug 18 2020 33 mins
    Hadar Feldman, Sr. Program Manager/Security Researcher, Microsoft and Valeriy Leykin, Director Product Management, SafeBreach
    For security teams, it’s critical to validate the efficacy of endpoint security against leading threats in real-world scenarios. In the Microsoft Defender Advanced Threat Protection (ATP) evaluation lab, security practitioners can take advantage of a select set of breach and attack methods from the extensive SafeBreach Hackers Playbook (™). As a result, they can immediately and accurately test endpoint security capabilities against multiple real-life attack playbooks favored by very active Advanced Persistent Threat groups.

    In this webinar, security experts from both companies explain how the integration of SafeBreach and Microsoft Defender ATP evaluation lab works and how security teams can verify that their Microsoft Defender ATP configuration will be successful in blocking relevant attacks.

    You will learn:
    - How breach and attack simulations identify security weaknesses that might allow malware infection,
    credential theft, data collection, ransomware, modification of registry keys, and malicious OS
    configurations
    - How to use the Evaluation Lab / SafeBreach integration to build and run proofs of concept in a
    virtual environment using real attack scenarios
    - How to evaluate attack simulation results and make appropriate remediations
    - How to explore the many other breach and attack methods in the SafeBreach Hacker's Playbook
    (™), MITRE heat mapping and more.
  • Operationalize The MITRE ATT&CK Framework | Webinar Recorded: Jul 29 2020 25 mins
    Michael De Groat, Sales Engineering Team Leader, SafeBreach
    MITRE ATT&CK is a great framework to start to understand your security posture and connect your teams to speak the same language. The challenge is how to operationalize the MITRE ATT&CK framework to understand and prioritize the remediation of security gaps.

    Register for this webinar to learn how to:
    • Continuously measure your security defenses against the MITRE
    ATT&CK framework
    • Simulate hacking techniques to validate security across the kill chain
    • Heat map the results of the simulations to the ATT&CK framework
  • Top 4 Security Validations for a Remote Workforce | On-Demand Webinar Recorded: Mar 26 2020 22 mins
    Yaron Levi, CISO at Blue Cross Blue Shield of Kansas City & Yotam Ben Ezra, VP of Products at SafeBreach
    Most of your workers are now working from home and with that comes an increase in security risk for exfiltration, and other breach methods.
    For example:

    1. Endpoint: Your employees might not use a corporate machine and may not have properly configured controls
    2. Segmentation: Network policies may require adjustments to account for
    many employees connecting from home
    3. Exfiltration: Due to home networks being less protected, it may be easier
    for attackers to exfiltrate data
    4. VPN: The VPN will be noisy and hard to monitor and protect. Any
    vulnerabilities associated with VPN could be an infiltration point

    In this webinar we will discuss:

    • The risks your employees are exposed to when working from home
    • How to validate security controls associated with remote and VPN access
    • How you can test exfiltration methods to protect sensitive data leaking
    from employees home environment
SafeBreach
SafeBreach is a leader in breach and attack simulation. The company’s groundbreaking patented platform provides a “hacker’s view” of an enterprise’s security posture to proactively predict attacks, validate security controls and improve security operations center (SOC) analyst response. SafeBreach automatically executes thousands of breach methods from its extensive and growing Hacker’s Playbook™ of research and real-world investigative data.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How to maximize Microsoft Defender ATP configuration using Attack Simulations
  • Live at: Aug 18 2020 5:00 pm
  • Presented by: Hadar Feldman, Sr. Program Manager/Security Researcher, Microsoft and Valeriy Leykin, Director Product Management, SafeBreach
  • From:
Your email has been sent.
or close