How to maximize Microsoft Defender ATP configuration using Attack Simulations
For security teams, it’s critical to validate the efficacy of endpoint security against leading threats in real-world scenarios. In the Microsoft Defender Advanced Threat Protection (ATP) evaluation lab, security practitioners can take advantage of a select set of breach and attack methods from the extensive SafeBreach Hackers Playbook (™). As a result, they can immediately and accurately test endpoint security capabilities against multiple real-life attack playbooks favored by very active Advanced Persistent Threat groups.
In this webinar, security experts from both companies explain how the integration of SafeBreach and Microsoft Defender ATP evaluation lab works and how security teams can verify that their Microsoft Defender ATP configuration will be successful in blocking relevant attacks.
You will learn:
- How breach and attack simulations identify security weaknesses that might allow malware infection,
credential theft, data collection, ransomware, modification of registry keys, and malicious OS
- How to use the Evaluation Lab / SafeBreach integration to build and run proofs of concept in a
virtual environment using real attack scenarios
- How to evaluate attack simulation results and make appropriate remediations
- How to explore the many other breach and attack methods in the SafeBreach Hacker's Playbook
(™), MITRE heat mapping and more.
RecordedAug 18 202033 mins
Your place is confirmed, we'll send you email reminders
See for yourself how mapping attack simulations against MITRE ATT&CK and NIST 800-53 and modeling for cyber adversary behavior can help your team organize and prioritize your investigation and remediation efforts on an ongoing basis. We'll also share the latest content updates in the platform related to the new MITRE V9 release.
Yotam Ben Ezra, Vice President of Product, SafeBreach and Valeriy Leykin Director of Product, SafeBreach
Understand What Matters - The New Approach to Assessing, Quantifying, Prioritizing, and Reducing Cybersecurity Risks to the Business
Today’s security teams navigate significant layers of complexity, contending with too many different standards and too many disparate technologies. The proliferation of technologies and terminology, in turn, generates a broader challenge: getting teams across the organization to speak plainly and generate consensus about risks to the business, all using a common language.
The reality is that too often there’s a fundamental gap between the cybersecurity strategy and business goals and priorities that conspires against the success of each of these roles.
Join us to learn how your organization can begin to achieve a common language and align priorities for reducing risk by employing risk-based vulnerability management, and by establishing a model for cyber risk quantification (CRQ) within the enterprise.
During the webinar we’ll discuss:
● Why a risk-based vulnerability management approach enables you to drive down and prioritize the risks that pose the gravest threats to the business
● A new, proposed model for quantifying cyber risks
● How a simple calculation and defining three key terms can provide a blueprint for aligning the organization
● How the model can be applied in less mature and in more mature organizations
● Which technologies will best support your cyber risk quantification efforts
Colin Connor- Global Threat Intelligence Strategic Analyst, IBM X-Force Threat Intelligence and Itzik Kotler- CTO, SafeBreach
When nation-state actors and organized cybercriminals began sophisticated attacks in mid-2020 against the supply chain for COVID vaccines, IBM X-Force warned governments and healthcare entities of the danger. These were not merely isolated attacks against HVAC suppliers. The attacks began even before Pfizer or Moderna had authorization, involved spoofing of legitimate healthcare executives, and aimed at stealing vaccines and sabotaging their delivery while undermining governmental credibility. What happened behind the scenes is an intriguing use of quantitative frameworks in combination with breach and attack simulation (BAS) to confront a multi-faceted global attack.
In this session Colin and Itzik will discuss:
-The highly sophisticated COVID Cold Chain attacks
-The quantitative framework we used to assess the gravity of the threats
-What made this an outlier threat, and why we informed customers that it’s quantifiably more dangerous than other COVID-focused attacks.
-How we leveraged automated breach and attack simulation to identify the attacks and determine what remediations were necessary and validate them once they were carried out, ensuring they would be effective in blocking attacks.
-How to run a comprehensive threat analysis program to block attacks targeting healthcare and COVID-facing organizations.
-Ways to automate remediation steps based on risk metrics and then continuously tune threat intelligence and vulnerability engines to progressively improve security posture and drive risk down.
Yotam Ben Ezra, Vice President of Product, SafeBreach and Brian Kime, Senior Analyst, Forrester
An effective security architecture requires insights into your organization's threat landscape, but many security professionals are disappointed in the results of their threat intelligence efforts. Learn how you can integrate threat intelligence with breach and attack simulation to quickly and effectively validate if your controls are configured properly to prevent or detect the latest attack that threatens your business to gain the most of your threat intelligence investment. Turn knowledge of the threat landscape into safe attacks that execute, at scale, across your infrastructure to identify the potential business impact and gain actionable remediation insights to close up security gaps to reduce your cyber risk.
Join SafeBreach and guest Forrester for a webinar discussion to learn:
-The critical components of an effective threat intelligence program
-The benefits of an intelligence-driven security strategy
-How to operationalize Threat Intelligence with Breach and Attack Simulation
-The value of visualizing the performance of your security controls against the latest threats
-How data-driven visibility into your security posture can translate into a reduction of risk
Valeriy Leykin, Director Product Management and Eliazer Sikuriansky, Product Manager, SafeBreach
Learn how to make more sense of your security data by visualizing it with SafeBreach Dashboards.
In this webinar, we'll show you how our out-of-the-box and custom Dashboard features can help improve your security visibility, reporting, and your ability to share insights and data with other stakeholders and executives within your organization.
You'll hear from members of the SafeBreach Product team as they demonstrate common Dashboard use cases, show you the latest functionality, and answer your questions about how to get the most benefit from this critical capability.
Vulnerability scans generate a large list of high-priority patches and teams cannot keep up. To solve this, SafeBreach helps you correlate the scans with validating security controls to gain insight into which vulnerabilities are actually exploitable in your environment. Then prioritize remediation to focus on what matters first. The outcome: fewer resources spent, but stronger protection and reduced risk.
Validate your cloud and container security by executing attacks that test your cloud control (CSPM) and data (CWPP) planes to ensure the security of your critical cloud operations. Identify the choke points of your cloud security and gain a holistic understanding of where your cloud policies and controls are failing across your IaaS, PaaS and Container environments.
In this video you'll learn how the largest playbook of attack simulations in the industry will help keep your organization safe against the latest threats. Our dedicated research team monitors the threat landscape, adds and updates attacks to ensure you have a comprehensive view of your organization's security posture against the current threat landscape.
Filter our Hacker's Playbook by threat types, threat groups, MITRE TTPs, attack phases, security control category, and many others to test your security defenses, and ensure that red and blue teams get visibility into the performance of the security controls so you can take proactive action to close any gaps before an attacker can exploit them.
How many security controls are in your security stack? Get visibility into the performance of your security controls using the largest Hacker's Playbook in the industry.
In this video, see how SafeBreach helps you justify your security investments, strengthen your defenses, and drive risk down with the industry's most robust security control validation. Test your security posture against the latest threats and threat groups to ensure you can identify and close any gaps before attackers do.
Learn about the unique value Breach and Attack Simulation can provide for Risk-Based Vulnerability Management. Members of the SafeBreach SE, Product, and SafeBreach Labs teams demonstrate how we help optimize your configurations, investments, and reporting within a matter of days.
Learn how CISOs and security executives can use SafeBreach Dashboards to transform data into actionable visualizations in order to align security investments to business goals, drive business impact, validate your security controls, and reduce risk.
New acquisitions may come with unrevealed security liabilities. With SafeBreach you can get an accurate, quantitative view of a target company's security posture by running a security baseline against their defenses with accuracy and speed. Then enable the right business decisions. Watch the video to learn more.
The threat landscape constantly evolves and changes, forcing your team to shift focus in its search for security gaps. You need a platform in place that will help you proactively report to executives on your risk posture and get a mitigation plan in place before attackers can exploit the gaps. Learn more in this explainer video.
Vulnerability scans generate a long list of high-priority patches and security teams often cannot keep up. To resolve this, correlate the scans with validating security controls to gain insight into which vulnerabilities are actually exploitable within your environment. Then prioritize remediation to focus on what matters first. The outcome: fewer resources spent, but stronger protection and reduced overall risk. Watch our video to learn more about how SafeBreach can help.
Organizations have, on average, 70-100 different security controls in their stack, but no visibility into their effectiveness. The biggest reason that security controls fail is that they are not configured correctly, or that they "drift" over time. With SafeBreach you can maximize the efficiency and efficacy of the security controls you have by seeing how they perform during an attack. Then you can fix the gaps before attackers can exploit them. Watch our video to learn more about how we help.
Michael De Groat, Sales Engineering Director at SafeBreach
See a demo of the SafeBreach platform and to learn about best practices for validating your security controls, and proactively guarding your organization against the latest threats.
During this demo webinar we show you how running tens of thousands of attacks from the Hacker's Playbook against your organization's security stack could help you optimize your configurations, investments, and reporting within a matter of days. In addition, we offer an overview of the new SafeBreach Dashboards feature release which allows you to build rich visualizations in order to align stakeholders and drive business impact.
Itzik Kotler, CTO and Tomer Bar, Research Team Lead
The Cybersecurity and Infrastructure Security Agency (CISA) issued an Active Exploitation notice against highly sophisticated, manual supply chain attacks on a specific version of SolarWinds Orion Platform software.
Within 24 hours of the notification, SafeBreach Labs added coverage for the US-CERT Active Exploitation notice of SolarWinds Software by adding new attack methods to our Hacker’s Playbook(™).
Hear from SafeBreach CTO, Itzik Kotler, and Research Team Lead, Tomer Bar, who will cover:
-what is currently known about these latest attack techniques and how they could impact your business
-how you can proactively safeguard your business against the SUNBURST and SUPERNOVA threats and related exploits
-how to validate your security controls on a continuous basis to identify security gaps and rapidly remediate them
Michael De Groat, SE Team Leader at SafeBreach, and Tomer Bar, Research Team Leader at SafeBreach
ow can you be sure that your business is secure against advanced threat groups such as APT29? Facing todays threat landscape, cybersecurity teams need to stay ahead of attackers and the latest threat groups. MITRE ATT&CK provides a framework to understand your security posture. But how do you operationalize the MITRE ATT&CK framework and leverage it to validate your controls against these threat groups.
Join Michael De Groat, SE Team Leader at SafeBreach, and Tomer Bar, Research Team Leader at SafeBreach, as they discuss:
- The tactics, techniques, and procedures (TTPs) used by the Russian
- Latest APT29 activity targeting COVID
- How to quickly visualize security posture and harden defenses against
APT29 using the MITRE framework
- How to evaluate security solutions with simulated attacks from APT29 and
other notorious threat groups
Yotam Ben Ezra, VP of Product at SafeBreach and Eran Segal, Security Researcher
DevOps and Security teams experience an ongoing struggle of balancing innovation and moving the business forward, with implementing security best practices to keep these new environments secure.
In the cloud native environment, some security concerns are less relevant and other security surfaces appear. A New range of security controls and best practices emerged to handle the new paradigm.
Even though cloud security is a top concern for IT organizations, it is still difficult to safely and continuously validate that cloud infrastructure and container security controls are actually effective in protecting the environment without impacting production. Without insight into your cloud and container environments, you are at risk of attackers using these gaps in cloud security.
In this webinar, you will learn:
• How to validate the security of your cloud stack by continuously testing your Cloud Native environment with Docker and AWS simulations
• How to align both DevOps and Security teams in validating controls
• How you can prevent a CapitalOne type of breach
SafeBreach is a leader in breach and attack simulation. The company’s groundbreaking patented platform provides a “hacker’s view” of an enterprise’s security posture to proactively predict attacks, validate security controls and improve security operations center (SOC) analyst response. SafeBreach automatically executes thousands of breach methods from its extensive and growing Hacker’s Playbook™ of research and real-world investigative data.
How to maximize Microsoft Defender ATP configuration using Attack SimulationsHadar Feldman, Sr. Program Manager/Security Researcher, Microsoft and Valeriy Leykin, Director Product Management, SafeBreach[[ webcastStartDate * 1000 | amDateFormat: 'MMM D YYYY h:mm a' ]]32 mins