Hi [[ session.user.profile.firstName ]]

Closing Doors: Finding Misconfigurations with Configuration Compliance

What if you were focused on the external threat landscape (DoS, malware, phishing) while there was an internal threat you didn’t know about? What if, despite your efforts to protect against outsiders, you were still leaving doors open for them?

Misconfiguration has become an increasingly popular avenue for hackers to access your organization’s infrastructure. In the 2020 Data Breach Investigation Report by Verizon, misconfiguration surpassed ransomware as a leading cause of data breaches.

Join us for an overview of the threat posed by misconfiguration and how Configuration Compliance can:

• link security standards (i.e. HIPAA, CIS Benchmarks, Microsoft Security Compliance) with scanner results and identify failed tests
• auto-assign remediation tasks to relevant support teams
• integrate with existing change management processes

Andrea Castillo, CISSP, Practice Director, Risk & Security, Crossfuze
Kevin Urbanek, Technical Architect, Risk & Security, Crossfuze
Anderson Ferneyhough, Masters in Cyber Security, Technical Consultant, Crossfuze
Recorded Mar 3 2021 25 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Andrea Castillo, Crossfuze | Kevin Urbanek, Crossfuze |Anderson Ferneyhough, Crossfuze
Presentation preview: Closing Doors: Finding Misconfigurations with Configuration Compliance

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • 8 weeks to a better vulnerability response program Recorded: Mar 3 2021 21 mins
    Kirk Hogan, CIO, Practice Lead, Security Operations, Iceberg Networks
    Organizations across all industries are seeing threats come in with higher volume, velocity, and coverage. Since there’s no way to address the vast number of vulnerabilities at once, security teams need to identify the threats that could have the largest impact on the business and prioritize their response accordingly. The questions all businesses should be asking themselves are “Have we taken the appropriate measures to ensure that our products/services are delivered securely?” and “How do we know?”

    In this session, we will show you how Iceberg Networks can guide your organization through the vulnerability response journey in just 8 weeks with the ServiceNow Security Operations platform. Through this scalable process, we will show you how to identify the information that you can trust to prioritize your vulnerability response. And, with the help of the ServiceNow Security Operations platform, we will enhance the information available to you, automate workflows and populate dashboards with the answers to the most prominent questions that affect the security of your organization.
  • Closing Doors: Finding Misconfigurations with Configuration Compliance Recorded: Mar 3 2021 25 mins
    Andrea Castillo, Crossfuze | Kevin Urbanek, Crossfuze |Anderson Ferneyhough, Crossfuze
    What if you were focused on the external threat landscape (DoS, malware, phishing) while there was an internal threat you didn’t know about? What if, despite your efforts to protect against outsiders, you were still leaving doors open for them?

    Misconfiguration has become an increasingly popular avenue for hackers to access your organization’s infrastructure. In the 2020 Data Breach Investigation Report by Verizon, misconfiguration surpassed ransomware as a leading cause of data breaches.

    Join us for an overview of the threat posed by misconfiguration and how Configuration Compliance can:

    • link security standards (i.e. HIPAA, CIS Benchmarks, Microsoft Security Compliance) with scanner results and identify failed tests
    • auto-assign remediation tasks to relevant support teams
    • integrate with existing change management processes

    Andrea Castillo, CISSP, Practice Director, Risk & Security, Crossfuze
    Kevin Urbanek, Technical Architect, Risk & Security, Crossfuze
    Anderson Ferneyhough, Masters in Cyber Security, Technical Consultant, Crossfuze
  • Managing Supply Chain Risk in the Age of SolarWinds Recorded: Mar 3 2021 45 mins
    David Soo Hoo, Recorded Future | Alex Cox, ServiceNow
    The SolarWinds breach has quickly attained status as the biggest hack of 2020. By compromising widely-used IT management software suite, SolarWinds Orion, threat actors were able to move across a broader supply chain network. This wide-reaching attack emphasizes the importance of strong vulnerability and vendor management programs with baked-in intelligence.

    By this point your incident response teams have been hard at work managing the immediate tasks to identify, detect, and protect affected systems to mitigate the risk of a security incident. But what’s next?

    David Soo Hoo, Product Manager atRecorded Future
    Alex Cox, Director of Product Management at ServiceNow
  • Federal Incident & Breach Response: Automated Security Event Response Solution Recorded: Mar 3 2021 28 mins
    Geet Grewal, Jeff Derose, Jarrod Alday, Aastha Swaroop and Christian Straubs, Deloitte
    Federal Incident & Breach Response: An Automated Security Event Response Solution for Government Agencies

    Security experts in the Federal space know all too well the importance of adhering to Federal mandates and compliance. In regards to Federal Incident Response, DHS / OMB guidance requires that Government Agencies follow strict protocol around Incident tracking, response, and reporting.

    Deloitte’s Federal Incident & Breach Response Solution incorporates DHS/OMB compliance into ServiceNow’s Security Operations across two primary applications:

    1. Security Incident Response
    Customized to align with DHS’ US-CERT Incident Reporting Requirements

    2. Data Breach Response
    Customized to align with OMB M-17-12 Breach Response Requirements

    Deloitte created a ready-to-deploy solution for Government Agencies that provides Federal Compliance Out-of-the-Box for both the Security Incident Response and Data Breach Response applications.

    Presenters:
    Geet Grewal, ServiceNow Enabling PM at Deloitte
    Jeff Derose, Managing Director, ServiceNow Practice at Deloitte
    Jarrod Alday, ServiceNow SecOps SME at Deloitte
    Aastha Swaroop, ServiceNow Developer at Deloitte
    Christian Straubs, SecOps/Infrastructure SME at Deloitte
  • Automate Security Incident Response: Minimize Risk and Downtime from Threats Recorded: Mar 2 2021 17 mins
    Chris Derton, SE Manager, TOLA, Rubrik | Karl Klaessig, Director of Product Marketing, ServiceNow
    Analyzing network data gives defenders a unique perspective on what the malware is doing versus what the malware could do. It shifts the focus from the software to the attacker. Network data provides unique insights on malicious actions and also on the attackers' decisions and operations. In this session, we will explore real malware traffic, dissecting attackers' behavior, and discussing how we can apply this knowledge to defend our networks better.
  • Accelerate Incident and Vulnerability Response Recorded: Mar 2 2021 31 mins
    Dixon Styres - Solutions Architect, CrowdStrike
    In this session, you will learn how the CrowdStrike and ServiceNow partnership provides joint customers streamlined security operations and accelerated identification, prioritization and remediation of threats.

    Attend this webinar to learn about:
    • Vulnerability assessment and remediation
    • How joint customers can benefit from this integration to help with visibility, efficiency and remediation
    • How a customer has leveraged both technologies to streamline their remediation of threats
  • 4 Factors for More Effective Vulnerability Response with ServiceNow + Tenable Recorded: Mar 2 2021 27 mins
    Nick Keuning, Senior Director, Solutions Architecture, Tenable | Ben Prime, Senior Advisory Solution Architect, ServiceNow
    Your Guide to Streamlining Vulnerability Response using Tenable and ServiceNow

    Prioritization, context, collaboration and automation. These four factors underpin fast and effective vulnerability response.
    By attending this on-demand webinar jointed presented by ServiceNow and Tenable, you will gain insight into practical solutions to the most common vulnerability response challenges.

    Topics covered will include:
    • Despite great tools, effective vulnerability response remains challenging. Why?
    • The importance of having the right data for meaningful prioritization and asset classification
    • How the combined Tenable/ServiceNow solution enables fast, collaborative and effective vulnerability response
  • Security Operations Transformation Recorded: Feb 16 2021 37 mins
    Jon Oltsik, Senior Principal Analyst and Fellow at the Enterprise Strategy Group
    To get a pulse on what challenges cybersecurity professionals face today, ESG reached out to enterprise organizations for their insights and opinions. Of those, 63% surveyed believe that the area of security operations is more difficult today than two years ago.

    Why is this and what actions are organizations taking as countermeasures?

    Join our webinar in which Jon Oltsik, senior principal analyst and fellow at the Enterprise Strategy Group, will present research examining:

    -The internal and external challenges increasing security operations complexity
    -How CISOs are addressing security operations with process automation
    -Future strategies for continuous improvement of security operations
  • Automating Security Incident Response Helps Bridge the Gap with IT and Security Recorded: Feb 11 2021 42 mins
    Karl Klaessig, Director of Product Marketing, Security Operations at ServiceNow
    Today’s top cybercriminals are intelligent, well-funded, and tenacious—demanding faster responses with comprehensive visibility across your environment. Security operations teams forced to deal with complex, inefficient processes only impedes response times.

    For more effective security, organizations must shift away from this reactive paradigm—automating and accelerating workflows between their security and IT teams.

    Join our webinar for insights on how your organization can dramatically reduce incident response time and better scale your security teams—delivering accurate incident reporting and tracking.
  • Attacking and Defending a Distributed Workforce Recorded: Feb 3 2021 49 mins
    Tom Steele, Atredis Partners | Zach Lanier, Atredis Partners | Michael Robbins, Atredis Partners | Tim Boswell, ServiceNow
    Moving to a more distributed workforce changes the risk profile for a company, opens up new attack vectors, and places new burdens on those trying to defend the enterprise. A distributed workforce also changes day to day business interactions at both technical and operational levels.

    In this webcast, Tom Steele, Zach Lanier, and Michael Robbins discuss these risks from both attacker and defender perspectives, and how their tools, techniques, and controls have evolved with the changing workforce landscape.
  • Using automation to secure your remote workforce Recorded: Jan 27 2021 33 mins
    Karl Klaessig, Director of Product Marketing, Security Operations Solutions, ServiceNow
    COVID-19 has already profoundly changed the way many of us work in security operations—including the necessary acceptance of BYOD (Bring Your Own Device). These devices make a tempting target for cybercriminals, and organizations are scrambling to beef up their perimeters.

    Join us to learn the various solutions CIOs and CISOs are adopting to help address securing their remote workforces during these unprecedented times. You’ll get insights on:

    -Mitigating enterprise security risks from BYOD
    -Securing your remote workforce via automation
    -Ensuring resilience for your critical business operations
  • How NCR drove a faster, more efficient security response program Recorded: Dec 8 2020 42 mins
    Dusan Vignjevic and Rajanikanta Dash of NCR Corporation
    Advancing your security maturity level requires building a proactive security program that relies on automation and integrates threat intelligence across your IT environment. ServiceNow® Security Operations makes this all possible.

    In this webinar, NCR Corporation will join us to discuss how it deployed effective security integration by using Recorded Future data, threat intelligence, research, and analysis to support real-time data enrichment against vulnerabilities. Join us and get insights on how NCR:

    -Increased its security response time and boosted efficiency
    -Deployed remediation prioritization based on business impact
    -Reduced daily firefighting for greater focus on future improvements
  • Empower your first responders with vulnerability response Recorded: Dec 1 2020 39 mins
    Mike Plavin, senior technical product marketing manager for ServiceNow Security Operations
    Vulnerabilities don’t often get the same amount of notice as phishing attacks or advanced persistent threats, but when a critical vulnerability is exploited, your organization could suffer major damage to your business and reputation.

    Join our webinar on improving your vulnerability response. Mike Plavin, senior technical product marketing manager, will share real-world examples of how our customers have used the capabilities of the Now Platform® to address their biggest vulnerability concerns. You’ll walk away with greater insights on:

    -The power and value of risk-based vulnerability response
    -How our customers use automated vulnerability response to reduce triage times
    -The powerful reporting our customers use to drive efficiency
    -How the ServiceNow® Vulnerability Response flow works
  • Using automation to secure your remote workforce Recorded: Nov 17 2020 33 mins
    Karl Klaessig, director of product marketing, security operations solutions, ServiceNow
    COVID-19 has already profoundly changed the way many of us work in security operations—including the necessary acceptance of BYOD (Bring Your Own Device). These devices make a tempting target for cybercriminals, and organizations are scrambling to beef up their perimeters.

    Join us to learn the various solutions CIOs and CISOs are adopting to help address securing their remote workforces during these unprecedented times. You’ll get insights on:

    -Mitigating enterprise security risks from BYOD
    -Securing your remote workforce via automation
    -Ensuring resilience for your critical business operations
  • How healthcare leaders can avoid data breaches Recorded: Nov 4 2020 58 mins
    Christopher Killion, Sr. Solution Consulting Manager, ServiceNow
    Major data breaches are headline news. When patient data is exposed to hackers, the public outcry can be immense. And it’s happening more and more frequently. According to newly released survey results commissioned by ServiceNow with the Ponemon Institute, more than half of the healthcare organizations had suffered a data breach in the last 2 years. Of these, the majority said that they had been breached because of a vulnerability—for which a patch was already available. This highlights an overwhelming need for more effective vulnerability response, closing down these attack vectors before hackers strike.

    Join this session to learn about:
    -Healthcare cybersecurity challenges
    -The state of vulnerability response and the impact on healthcare organizations
    -A pragmatic roadmap to reduce the risk of a breach
  • Attacking and Defending a Distributed Workforce Recorded: Oct 29 2020 49 mins
    Tom Steele, Zach Lanier, Michael Robbins, and Tim Boswell
    Moving to a more distributed workforce changes the risk profile for a company, opens up new attack vectors, and places new burdens on those trying to defend the enterprise. A distributed workforce also changes day to day business interactions at both technical and operational levels.

    In this webcast, Tom Steele, Zach Lanier, and Michael Robbins discuss these risks from both attacker and defender perspectives, and how their tools, techniques, and controls have evolved with the changing workforce landscape.
  • Automating security incident response helps bridge the gap with IT and security Recorded: Oct 21 2020 42 mins
    Karl Klaessig, director of product marketing, Security Operations at ServiceNow
    Today’s top cybercriminals are intelligent, well-funded, and tenacious—demanding faster responses with comprehensive visibility across your environment. Security operations teams forced to deal with complex, inefficient processes only impedes response times.

    For more effective security, organizations must shift away from this reactive paradigm—automating and accelerating workflows between their security and IT teams.

    Join our webinar for insights on how your organization can dramatically reduce incident response time and better scale your security teams—delivering accurate incident reporting and tracking.
  • Security Operations Transformation Recorded: Oct 16 2020 38 mins
    Jon Oltsik, Senior Principal Analyst and Fellow at the Enterprise Strategy Group
    To get a pulse on what challenges cybersecurity professionals face today, ESG reached out to enterprise organizations for their insights and opinions. Of those, 63% surveyed believe that the area of security operations is more difficult today than two years ago.

    Why is this and what actions are organizations taking as countermeasures?

    Join our webinar in which Jon Oltsik, senior principal analyst and fellow at the Enterprise Strategy Group, will present research examining:

    -The internal and external challenges increasing security operations complexity
    -How CISOs are addressing security operations with process automation
    -Future strategies for continuous improvement of security operations
Tackle cyber risk with streamlined security and vulnerability response
ServiceNow enables security incident and vulnerability prioritization and a response engine built on the Now Platform. Purpose-built to enable security and IT teams to respond faster and more efficiently to incidents and vulnerabilities, ServiceNow leverages intelligent workflows, automation, and a deep connection with IT to streamline security and vulnerability response. You can dramatically scale your teams’ capacity and accelerate incident and vulnerability response with Security Operation’s automated workflows and collaborative data platform, enabling you to stay ahead of today’s persistent threats and vulnerabilities.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Closing Doors: Finding Misconfigurations with Configuration Compliance
  • Live at: Mar 3 2021 6:00 pm
  • Presented by: Andrea Castillo, Crossfuze | Kevin Urbanek, Crossfuze |Anderson Ferneyhough, Crossfuze
  • From:
Your email has been sent.
or close