Hi [[ session.user.profile.firstName ]]

Prioritize Patching with Risk Based Vulnerability Management

Vulnerability and threat intelligence frameworks don’t account for the security controls deployed in your organization. Without insight into what attacks would be blocked by your security controls to prevent vulnerabilities from being exploited, there is no way to effectively measure the risk to your organization.

Join us to learn:
- How to reduce the attack surface by prioritizing vulnerabilities based on their actual business risk.
- How to make a real difference in your security posture by prioritizing vulnerabilities and correlating
with your security controls.
-How to gauge the importance of a vulnerability based on the attack surface it can target, its
reachability for external attackers, the chances it will give access to a critical asset, and the blast
radius or potential reach of the vulnerability.
Recorded Sep 17 2020 64 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Steven Roesing, CEO at ASMGi and Dave Armstrong, CISO, The Judge Group
Presentation preview: Prioritize Patching with Risk Based Vulnerability Management

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Emotet Threatens Again - How to Validate Security Controls and Stop New Threats. Oct 7 2020 1:00 pm UTC 60 mins
    Alexander Benoit, Lead Security Analyst, sepago GmbH and Tomer Bar, Research Team Leader, SafeBreach Labs
    When Emotet went into hibernation in early 2020, many of us assumed it was gone for good. But on July 17, the most active malware threat of 2018 and 2019 reemerged, heralded by new email campaigns offering toxic URLs or attachments.
    With the worldwide, unplanned swing to remote workforces, threat actors are using Emotet to exploit the urgency of the global pandemic to distribute malware to unsuspecting users via phishing campaigns. It is critical for IT security departments to validate all security controls’ ability to stop increasingly sophisticated attacks, protect the business, and defend the new remote workforce.
    In this webinar you will learn:
    • Emotet’s latest methods, how it infiltrates and what it does next.
    • How running real-world attacks in your environment gives you a clear understanding of which priorities are the most urgent.
    • Why attack simulation is more sustainable than penetration tests, and how it can continuously ensure that your defenses are working effectively .
    • How sepago can implement SafeBreach, validate your security controls, and enable you to answer the question “How safe are we against Emotet and other new threats?”
  • Prioritize Patching with Risk Based Vulnerability Management Recorded: Sep 17 2020 64 mins
    Steven Roesing, CEO at ASMGi and Dave Armstrong, CISO, The Judge Group
    Vulnerability and threat intelligence frameworks don’t account for the security controls deployed in your organization. Without insight into what attacks would be blocked by your security controls to prevent vulnerabilities from being exploited, there is no way to effectively measure the risk to your organization.

    Join us to learn:
    - How to reduce the attack surface by prioritizing vulnerabilities based on their actual business risk.
    - How to make a real difference in your security posture by prioritizing vulnerabilities and correlating
    with your security controls.
    -How to gauge the importance of a vulnerability based on the attack surface it can target, its
    reachability for external attackers, the chances it will give access to a critical asset, and the blast
    radius or potential reach of the vulnerability.
  • How Healthcare Companies Stay ahead of Maze and WastedLocker Ransomware Recorded: Sep 16 2020 45 mins
    Shaun Swenson, Director of Security Analytics Services at Johnson & Johnson and Yaron Levi, CISO at BCBS of Kansas City
    Are you proactively preparing your organization for a ransomware attack? Ransomware attacks like Maze and WastedLocker have been targeting companies in the H-ISAC community. These particular ransomwares aim to disrupt the healthcare industry, as companies with large numbers of assets to protect are high value targets to these attackers.
    For security teams, it’s critical to validate the efficacy of controls to stay ahead of the attackers. Ensure that your controls can stop these ransomwares from ever infiltrating your environment.

    Join the panel of healthcare CISOs on September 16th as they discuss:

    • How they anticipate ransomware attacks will affect the healthcare industry in the coming year
    • How they stay ahead of the latest threats
    • How do they prepare to deal with a Ransomware attack
    • How to gain insight into how your security solutions will respond to an attack
  • Cost Optimization for Security & Risk Recorded: Aug 18 2020 47 mins
    Malcolm Harkins, CISO at Cymatic and Kimberly Becan, Director of Product Marketing at SafeBreach
    According to Gartner research by 2023 1/3 of Security Teams will be directly measured on their ability to create business value. This discussion will focus on total costs and how to build an adaptable business case for validating the efficacy of your existing controls to identify vulnerabilities that are actually exploitable in your environment. Learn how you can:

    • Gain insight into how your security solutions will respond to an attack
    • Hold security vendors accountable for attack scenarios they miss
    • Assess your security risk with tangible metrics of your security controls
    • Quickly and effectively respond to ‘How safe are we against the latest threats?’
    • Patch less and protect more with insights on what vulnerabilities are exploitable

    Security and risk assessment are not about adding another tool to the stack but rather on a total cost budget portfolio perspective that drives efficiency, productivity, and optimization with improvements to the overall customer experience.

    With the demand to do more with less make sure you are getting ROI out of your current security investments. We will dive into a working example of annual security costs and the value realized by assessing fraud losses, tools, and headcounts and the impact on the customer experience.
  • How to maximize Microsoft Defender ATP configuration using Attack Simulations Recorded: Aug 18 2020 33 mins
    Hadar Feldman, Sr. Program Manager/Security Researcher, Microsoft and Valeriy Leykin, Director Product Management, SafeBreach
    For security teams, it’s critical to validate the efficacy of endpoint security against leading threats in real-world scenarios. In the Microsoft Defender Advanced Threat Protection (ATP) evaluation lab, security practitioners can take advantage of a select set of breach and attack methods from the extensive SafeBreach Hackers Playbook (™). As a result, they can immediately and accurately test endpoint security capabilities against multiple real-life attack playbooks favored by very active Advanced Persistent Threat groups.

    In this webinar, security experts from both companies explain how the integration of SafeBreach and Microsoft Defender ATP evaluation lab works and how security teams can verify that their Microsoft Defender ATP configuration will be successful in blocking relevant attacks.

    You will learn:
    - How breach and attack simulations identify security weaknesses that might allow malware infection,
    credential theft, data collection, ransomware, modification of registry keys, and malicious OS
    configurations
    - How to use the Evaluation Lab / SafeBreach integration to build and run proofs of concept in a
    virtual environment using real attack scenarios
    - How to evaluate attack simulation results and make appropriate remediations
    - How to explore the many other breach and attack methods in the SafeBreach Hacker's Playbook
    (™), MITRE heat mapping and more.
  • Operationalize The MITRE ATT&CK Framework | Webinar Recorded: Jul 29 2020 25 mins
    Michael De Groat, Sales Engineering Team Leader, SafeBreach
    MITRE ATT&CK is a great framework to start to understand your security posture and connect your teams to speak the same language. The challenge is how to operationalize the MITRE ATT&CK framework to understand and prioritize the remediation of security gaps.

    Register for this webinar to learn how to:
    • Continuously measure your security defenses against the MITRE
    ATT&CK framework
    • Simulate hacking techniques to validate security across the kill chain
    • Heat map the results of the simulations to the ATT&CK framework
  • Top 4 Security Validations for a Remote Workforce | On-Demand Webinar Recorded: Mar 26 2020 22 mins
    Yaron Levi, CISO at Blue Cross Blue Shield of Kansas City & Yotam Ben Ezra, VP of Products at SafeBreach
    Most of your workers are now working from home and with that comes an increase in security risk for exfiltration, and other breach methods.
    For example:

    1. Endpoint: Your employees might not use a corporate machine and may not have properly configured controls
    2. Segmentation: Network policies may require adjustments to account for
    many employees connecting from home
    3. Exfiltration: Due to home networks being less protected, it may be easier
    for attackers to exfiltrate data
    4. VPN: The VPN will be noisy and hard to monitor and protect. Any
    vulnerabilities associated with VPN could be an infiltration point

    In this webinar we will discuss:

    • The risks your employees are exposed to when working from home
    • How to validate security controls associated with remote and VPN access
    • How you can test exfiltration methods to protect sensitive data leaking
    from employees home environment
SafeBreach
SafeBreach is a leader in breach and attack simulation. The company’s groundbreaking patented platform provides a “hacker’s view” of an enterprise’s security posture to proactively predict attacks, validate security controls and improve security operations center (SOC) analyst response. SafeBreach automatically executes thousands of breach methods from its extensive and growing Hacker’s Playbook™ of research and real-world investigative data.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Prioritize Patching with Risk Based Vulnerability Management
  • Live at: Sep 17 2020 5:00 pm
  • Presented by: Steven Roesing, CEO at ASMGi and Dave Armstrong, CISO, The Judge Group
  • From:
Your email has been sent.
or close