Name: MITRE Engenuity ATT&CK: Using Attack Simulations to Boost Visibility and Control
Start: 2021-09-01T18:00:00Z
End: 2021-09-01T18:00:28.000Z
Location: BrightTALK

Designed by SOC experts for SOC experts, Cisco XDR simplifies security operations to help security analysts remain proactive and resilient against the most sophisticated threats. By aggregating and correlating data from multiple disparate detection technologies into a unified view, Cisco XDR enables faster, more simplified investigations, reduces false positives, and streamlines incident response through clear prioritization of alerts.

Regional banks and credit unions face a perfect storm: advanced cyber threats, talent shortages, and third-party ecosystems where 73% of incidents originate. Constrained budgets and aging infrastructure add to the challenge, leaving small security teams to protect customer trust.
 
This webinar shows how Cisco XDR acts as a security force multiplier, offering enterprise-grade threat detection and response without extra headcount. Learn strategies to consolidate tools, leverage existing investments, and achieve operational ROI. Key insights include:
 
· How Cisco's network-led XDR turns infrastructure into security intelligence
· Gaining visibility and control over third-party vendor risks
· Achieving near-zero recovery objectives against ransomware
· Maximize security budget by boosting efficiency  
Discover how to secure digital transformation, streamline compliance, and reduce detection and response times—doing more with less.

How Cisco XDR helps regional banks and credit unions strengthen security with limited resources

Ever wondered what to do when a security incident strikes? Discover the secrets to effective incident response with SANS PICERL and Cisco XDR! Join us for a webinar to dive into actionable insights as we unravel a real-world attack through an exciting demo, guided by an expert guest speaker. We’ll explore the technical workings of Cisco XDR’s out-of-the-box Response Playbook, including how to use, customize, and automate these processes. This session is perfect for incident responders, security analysts, SOC managers, and anyone eager to enhance their security and automation skills. Don’t miss this opportunity to transform your incident response strategy.

Incident Response with Cisco XDR: How To Level Up Your SOC

Join us for an in-depth exploration of the latest enhancements in Cisco’s XDR technology. This session will highlight the open nature of the platform, focusing on third-party integration adoption trends. Discover the latest sources of security events contributing to incident creation and learn about significant improvements to the MITRE ATT&CK coverage map. 
You will learn about:    
 • How Cisco integrates with third-party solutions to enhance its Open XDR ecosystem.   
 • The onboarding trajectory for Meraki integration with Cisco XDR.   
 • New sources for correlation: SentinelOne, Exploit Prevention, Identity Intelligence.   
 • MITRE ATT&CK coverage based on your actual policy configuration of Secure Endpoint.  
 • Splunk integration with Cisco XDR: bidirectional sharing of data.

Cisco’s Open XDR: Integration and Correlation Enhancements

Are you ready to explore the future of technology and its transformative impact on security? Join us for an insightful webinar where industry experts explore the potential of generative AI and its implications across various sectors. Discover how AI stands to change the landscape of cybersecurity, providing new opportunities and challenges for security professionals. During this session, our speakers, Briana Farro from Cisco and Dave Gruber from ESG, will discuss the adoption of AI in industries such as retail, manufacturing, healthcare, government, and education. They will explore how these sectors can harness AI to deliver meaningful outcomes, overcome regulatory challenges, and secure their environments during this technological shift. You will learn: -The transformative power of generative AI and its impact on technology and security -Strategic approaches to adopting and leveraging AI across various regulated industries -Why tailored security solutions might be more effective than a one-size-fits-all approach

How AI Fuels Infrastructure Change

Since Cisco XDR’s launch, our teams have been embracing rapid development and achieving new, industry leading milestones. Join the Cisco XDR Product Management Team to learn how Cisco XDR continues to advance the way security threats are detected and remediated. We’ll also have a live Q&A session with XDR Product Managers on a wide range of topics.

XDR: Enhanced Cisco XDR Incident Process

Today’s threats are evolving quickly and security tools and the professionals who manage them cannot keep pace to effectively defend their organizations, let alone take proactive steps to stay ahead of the next threat.  
In this webinar, hear directly from B&M, one the UK’s fastest growing retail companies, about how they have simplified their security operations with Cisco XDR. By addressing challenges like vendor sprawl, skills gaps, and structural complexity, B&M has deployed Cisco XDR to not only detect and respond to threats sooner but also improve protection against advanced threats.  
You’ll also learn more about how B&M uses Cisco XDR to: 
 • Upskill its security team to make the most of limited resources 
 • Take a proactive approach to security 
 • Automate repetitive tasks to focus on more strategically important initiatives

XDR: B&M Security Transformation with Cisco XDR

Feeling overwhelmed from defending against cyberattacks and keeping up with ever-changing threats? As adversaries adopt new tactics such as generative AI to bypass traditional security tools, this becomes more challenging than ever. Join our upcoming webinar to learn how to effectively detect and respond to complex attacks with support from Cisco security experts.  
Learn how to:  
 • Transform your security operations with always-on defense from Cisco’s managed XDR service. 
 • Stay ahead of threats while significantly reducing security risks.  
 • Operate with confidence and focus on your top priorities while shrinking the total cost of ownership of cybersecurity.

XDR: Transforming Your SecOps with Cisco Managed XDR

Join us for a webinar to get an introduction to Cisco XDR and learn more about how it works with Meraki MX appliances to promote a unified approach to secure network operations. We’ll start by covering Cisco XDR, which empowers your network and security team to:
 • Act on what truly matters, faster, by prioritizing threats and streamlining investigations
 • Elevate productivity by filtering out the noise and automating tasks, and boosting the output of your limited resources
 • Build resilience with actionable intelligence that closes security gaps and helps you get stronger every day
Organizations are moving towards making their network operations more secure for one clear reason: security incidents are amongst the leading causes of network outages. However, bringing Network Operations and Security Operations closer remains aspirational for many.
While encryption of data in motion has enhanced network security, it has also introduced another larger problem; encryption serves to hide malicious content. An Extended Detection and Response (XDR) security overlay is becoming increasingly necessary to catch advanced threats.
The integration of the Meraki platform with Cisco XDR does just that. Cisco’s network-led open XDR provides built-in network detection and response (NDR) capabilities which give Meraki platform users early warning of advanced threats developing in the network. It allows the Network Administrator to assign critical incidents to security analysts and collaborate with the security team to mitigate the risk in real-time.

XDR: A Unified Approach to Securing the Network

When ransomware strikes, a slow response can make an already dire situation even worse, causing further data encryption and loss, disruption to your business operations, and financial and reputational damage from which your organization may never fully recover.  
An intelligent automated response to ransomware changes the game.
In this webinar, you’ll learn:
 • How to address common early ransomware detection and response challenges 
 • How to limit loss and recover more quickly from a ransomware attack
 • New ways to reduce the time from detection to action
 • How to use forensic snapshots to fully investigate your incident
 • A demo of Cisco XDR automated ransomware recovery with Cohesity

XDR: Ransomware Recovery: Automating Response to Safeguard Your Data

Universities are becoming increasingly appealing targets for cyber threats like malware, ransomware, and phishing. According to Security Intelligence, in 2022, 89 education sector organizations fell victim to ransomware attacks impacting 44 colleges and universities. Educause lists cybersecurity as the number one IT issue for 2024. 
With such complex technology and security stacks, SecOps teams at these institutions struggle to efficiently process the intelligence they receive from their tools. Traditional security tools are no longer sufficient to combat advanced threats that infiltrate multiple environments. Given these challenges, how can security teams keep student, faculty, and staff activity secure from increasingly creative and persistent adversaries? 
In this webinar with Cisco Cybersecurity Executive Advisor Helen Patton, Tim Burns and Jesse Beauman from UNC Charlotte, we will explore:  
 • How higher education institutions can use the latest security tech to defend against advanced threats across their networks.  
 • How a streamlined cybersecurity approach enables SecOps teams to do more with less. 
 • The ways in which an XDR solution improves visibility, equipping security teams to respond to threats quickly and effectively.

XDR: Building a secure future: Cybersecurity strategies for higher education

Cybersecurity today can be complicated. Yet, the goal is straight-forward. Protect users as they access applications and resources and stop threats before they reach your users or network. Security Service Edge (SSE) is the architectural approach needed to lower risk in today’s hyper-distributed environments, securing users and things as they access private apps, SaaS apps, and the internet.  
In this educational webinar, we will highlight the aspects of SSE that protect internet and public SaaS application traffic. As cyberthreats have proliferated and grown in sophistication, techniques to counter them have had to evolve as well.   
View the third session in the Security Service edge (SSE) Institute to learn about a variety of capabilities, grounded in the Zero Trust principles, that can thwart SaaS/internet cyberthreats and lower risk in your organization.

Step Up Your Game: Modernize How You Secure Access to SaaS Apps and the Internet

Your security goals might be clear (like securing access from users working anywhere to applications located everywhere, for instance), but maybe the path forward isn’t quite as simple. You might need a roadmap and a guide to figure out how to get exactly where you want to go. Most security leaders know the importance of zero trust in strengthening their security, but there are still plenty of questions: what do you do first? What should you not do at all? 
View the second part of our 2-part webinar series led by Avinash Naduvath, acclaimed author of “In Zero Trust We Trust.” Dive into the actionable steps of the zero trust framework and learn how to: 
 • Navigate the six phases of zero trust adoption with confidence 
 • Apply the zero trust model to real-world scenarios 
 • Anticipate common challenges to keep progressing in your zero trust journey 
Plus, get a sneak peek into our new zero trust solutions and information on consulting services.

Zero Trust: Six Phases of Adoption in Action

Imagine the insight you could get from billions of data points that tell the story of evolving threats? Now imagine it only takes 15 minutes to digest that much data and get the intel you need to reduce risk.
At Cisco, we see billions of web requests a day and we block one million domains every hour. This telemetry gives us the ability to track threat tactics and trends over time. Our “Latest Threat Trends in 15 Minutes” will take you through a brief intelligence briefing with the must-know details of what’s happening across the threat landscape.
View on-demand anytime to join our experts, threat intelligence analyst Ben Nahorney and product marketing manager Andrew Akers, as they present a snapshot of the most pressing cyber threats and concepts, including:
 • Key developments in ransomware tactics
 • Insights into the latest APT maneuvers
 • Understanding trojan evolutions
 • Strategies for fighting back with a zero trust-based SSE solution

Latest Threat Trends in 15 Minutes

Organizations are reevaluating how they do remote access in today’s hyper distributed environment. With users coming from a wider variety of locations and devices, and going to a larger set of destinations, major changes are needed. Traditional VPNs weren’t built to handle this dynamic landscape. New standards and capabilities can enable faster and more secure connections. This includes a richer set of posture and contextual elements, modern, standards-based transport and proxy protocols, as well as seamless mobile support.
View the second session in the Security Service Edge (SSE) Institute on-demand to learn about:
 • A modern approach to zero trust access (ZTA)
 • The value of new HTTP3 protocols MASQUE and QUIC
 • Benefits to a holistic ZTA approach including certificates and user experience insights
 • Streamlined ZTA options from a variety of mobile devices

Deep Dive into a Modern Zero Trust Access (ZTA) Architecture

The security controls you choose for your organization need to both meet your unique requirements and keep up with both old and new threats. Threats are dynamic; attackers can pivot like a DJ that follows a bass drop with a waltz, and you need to be ready to adapt. In this webinar, we’ll discuss what we’ve learned from our research about current (and recurring) threats, the wide variety of options for designing your secure access amidst these threats, and how to avoid stepping on the toes of users and IT admin as you tackle identity, the perimeter, and dynamic policies. 
View on-demand anytime to learn more about:
 • Threats, both new and the old, that just keep coming 
 • Strong, dynamic perimeter defenses 
 • Key identity and device insights 
 • Adaptive, in-session measures 
 • Dynamic policies to limit exposure without hampering productivity

Dancing with Threats: Staying Nimble with Secure Access

Zero Trust and ZTNA. Few doubt its enormous potential to tighten cybersecurity. Yet, zero trust deployments are stalling. You can shift that trajectory for your organization with Zero Trust Access by Cisco.
This webinar will highlight how Cisco gave the familiar zero trust blueprint a makeover—into a modern architecture that sets a new standard for secure access. You will hear about unique technological innovations that have rewritten the zero trust story. Say goodbye to limited visibility, user frustration, management headaches, and costly surprises. Cisco Zero Trust Access delivers easy-to-manage, strong identity security with top-tier Security Service Edge (SSE) capabilities. The result? Enhanced security, boosted user productivity, and streamlined IT administration.
You will learn about:
                •              Secure Access: Protect users and things—from anywhere to resources everywhere—with modern protocols, unified client, single console, and a consistent, frictionless, low-latency user experience.
                •              Identity intelligence: Gain smart access and authentication for users and things with visibility across identity sources for data correlation and attack pattern detection.
                •              Robust security and resilience: Unique infrastructure that withstands or recovers quickly from difficulties through resilient connectivity, multilayer security, and deep visibility into user experience
View now to learn more about zero trust that is made for the real world.

How Identity-First SSE Drives Zero Trust Success

From cost to complexity to scalability, securing data centers has been an uphill climb.Learn how Cisco is driving innovations to more effectively protect applications across your data center and clouds in the era of AI with end-to-end visibility, best-in-class segmentation, and the ability to proactively mitigate threats and exploits. Join us for a live webinar on secure data center networking with Cisco. In this 30-minute live panel conversation, we’ll tackle some of the biggest challenges in protecting today’s data centers. From achieving visibility to implementing segmentation to simplifying operations and making security scalable, explore it all in this short, focused webinar.

Reimagine security for your Data Centers in the Era of AI

In today’s cybersecurity landscape, understanding threats and effectively neutralizing them is paramount. Join us to explore a holistic framework designed by defenders, for defenders, and learn how to build a comprehensive strategy for understanding, evaluating, and defending against cyber threats.
 
 During this session, we will explore:
 
- Contextual Understanding: Recognize the circumstances that give rise to specific cybersecurity scenarios.
- Threat Evaluation: Unpack the journey of a potential threat through the attack lifecycle using a real-life example that will provide insight into how seemingly benign actions can pave the way for significant security compromise.
- Defense in Action: Dive into the various lines of defense at your disposal. From restricting and blocking actions to observing and interrupting breaches, we’ll discuss how each strategy works to create a comprehensive defense mechanism.
- This webinar, led by Cisco Breach Protection experts, will teach you how to master the art of defending and ensure your organization stays a step ahead of potential threats.

The Art of Defending – How to Build a Comprehensive Threat Response Strategy

The volume and sophistication of attacks combined with the shortage of IT security resources is the perfect recipe for disaster. Security operations can be made radically simple and more efficient.

With the recent release of MITRE Engenuity ATT&CK Evaluations #3, more security practitioners are recognizing the importance of mapping alerts and attacker activities to the MITRE ATT&CK framework.

In this discussion, Cisco Security's Adam Tomeo walks us through Carbanak and FIN7 attacks showcasing what the attackers did and what you should be investing your time in to prevent these types of attacks.

- Gain a better understanding of the threat landscape and the value of attack simulations to their security practice.
- Learn how the MITRE ATT&CK framework can help optimize/mature security approaches.
- Learn how to use the combination of MITRE ATT&CK and endpoint security to respond to threats better, faster.

MITRE Engenuity ATT&CK: Using Attack Simulations to Boost Visibility and Control

Threat Detection

Malware

Threat Landscape

Attack Vectors

Ransomware

Cyber Defence

Cloud Security

Cisco

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

MITRE Engenuity ATT&CK: Using Attack Simulations to Boost Visibility and Control

Presented by

About this talk

Cisco Secure XDR