Name: Security challenges in the cloud: A Log4Shell Case Study
Start: 2022-02-15T16:00:00Z
End: 2022-02-15T16:00:27.000Z
Location: BrightTALK
Rating: 4

Learn how organizations of all sizes and industries use Wiz to rapidly identify and remove the most critical risks in AWS, Azure, GCP, and Kubernetes so they can build faster and more securely.

The Wiz Playbook treats security as a team sport, empowering your security, development, and operations teams to work together and control risks across the pipeline. In this webinar, we'll share practical strategies for improving your cloud security posture and overcoming common challenges faced by organizations today. 

During this webinar, you'll learn:
• The common cloud security challenges faced by organizations today, and how Wiz's unique approach can help you overcome them
• Practical strategies for improving your cloud security posture, including tips for leveraging security teams, processes, and tools to support cloud development
• Insights from a real-world case study, where you’ll hear from a Wiz customer on how they implemented Wiz's approach
• Live Q&A with our experts, where you can ask your most pressing cloud security questions and get answers in real-time

Join this fireside chat featuring Joe Silva, CISO, and Kyle Bubp, Chief Security Architect of JLL, where they'll discuss their own experience addressing the challenges of securing the cloud at scale, and how they used Wiz to bring devs and security teams together in a cloud-first operating model.

The Wiz Playbook: A Practical Guide to Maximizing Cloud Security

CISOs of hypergrowth companies are challenged to scale their operations at an increasingly rapid rate to keep up with the growth of their organizations.  Hear from experienced pros on the most important areas to focus on at each stage of your company growth and how they have built highly effective cloud security teams. 

Join Quincy Castro, CISO at Redis, David Cook, Former CISO at Databricks, Omer Singer, Head of Cyber Security at Snowflake and Ryan Kazanciyan, CISO at Wiz, to hear how security leaders are building a foundation and planning for the future. Moderated by Raaz Herzberg, Head of Product Strategy of Wiz, this promises to be an insightful and interactive session.

How CISOs of Hypergrowth Companies Scale Their Security Operations

For organizations born in the cloud and seeking to adopt cloud technologies—like containers, Kubernetes, and serverless—and enhance their cloud security program, shifting security left is foundational. It empowers engineering teams to lead security conversations, effectively managing risks associated with the cloud. 

But how can this be achieved when security and development often have transactional relationships?

Join this discussion for real-world stories and practical guidance from the frontlines, a spotlight on 4 proven best practices to shift cloud security left, and explanation of 6 shift left pre-requisites.

4 Best Practices for Shifting Cloud Security Left

From ransomware to crypto mining, keeping up with the rapid evolution of threat vectors in the cloud security landscape is no easy task. To help make sense of these latest shifts watch a discussion with Eric Bauer, Director of Cloud Security at Procter & Gamble, and, Alon Schindel, Director of Data and Threat Research at Wiz, for insights and perspectives on the major threats in the cloud risk landscape in 2023.

View from the trenches: perspectives on the major threats of 2023

The Wiz Research team has uncovered serious security issues (ChaosDB, OMIGOD, AWS confused deputy vulnerabilities, ExtraReplica and more) across many attack vectors and CSPs during their research efforts. Join them to learn about the methodologies they used to successfully uncover those critical vulnerabilities. They will dive into the bits and bytes of some of their major findings, explain their mindset and approach and discuss common pitfalls to avoid.

Cloudy with a chance of vulnerabilities: Exploiting vulnerabilities in the cloud

With cloud technology constantly evolving and growing increasingly critical to business operations, the responsibility of security professionals to stay abreast of the state of the cloud has never been greater in order to proactively address potential threats and ensure the safe and secure deployment of cloud solutions.

Over the past year, we have observed how cloud adoption has continued to grow with more organizations increasing their footprint in the cloud. Wiz Cloud Security Threat Researcher, Scott Piper, looks back on the past year to highlight trends and the state of cloud usage based on visibility across our customer base. These findings include:
• A review of the year’s cloud security latest industry trends and developments
• The current state and progression of cloud technology
• Organizational usage of multi-cloud and both managed and non-managed services
• Speed of compromise statistics

2023 State of the Cloud Report

Agility and security do not have to be in conflict, and businesses of all sizes have the capacity to innovate swiftly and operate securely.

Join SentinelOne and Wiz, as we discuss cloud security at scale, and what our new partnership means to both customers and the security community. We’ll cover how we plan to translate our “better-together” vision into reality through the integration of our platforms with:
• Enhanced discovery, visibility, prioritization, and response 
• Risk assessments and enrichment of threat details
• Real-time cloud threat detection

By combining the leading CWPP and CNAPP technology on the market today, we’re excited to bring to life the best-of-breed cloud security solution that companies require to tackle today’s cloud threat landscape.

Intersecting Cloud Security and Agility with SentinelOne and Wiz

Organizations are rapidly adopting digital and the cloud to deliver secure products and experiences faster. However, securing an increasingly complex cloud environment while still moving fast becomes more difficult by the day. Join OCI and Wiz in this interactive webinar to learn more about how OCI customers and customers of traditional Oracle services are using Wiz to:

• Gain visibility into their entire cloud environments 
• Prioritize risk through cloud-native security 
• Enable security, development, and DevOps teams with tools to scale security across the development lifecycle

Protect your Oracle Cloud Infrastructure environment with Wiz

Everything in life is about priorities, including security! Security leaders have to carefully decide where to put their efforts as they build their strategy for next year. What security fundamentals should teams focus on? What new projects should they invest in? And the hard part: what should be de-prioritized?

Join the conversation with Emily Heath, former CSO at DocuSign and United Airlines, Mike Towers, Chief Digital Trust Officer at Takeda, and Chris Burrows, Chief Information Security Officer at Rocket Companies to hear how security leaders are planning for the year ahead. Moderated by Raaz Herzberg Head of Product Strategy of Wiz, this promises to be an insightful and interactive session.

New Year’s Resolutions: where CISOs plan to invest and scale back in 2023

SANS research has shown that more organizations are using multiple cloud providers. Multicloud adoption can be driven by a variety of factors, such as competitive differentiation, mergers and acquisitions, and more. This event explores various results from the SANS 2022 Multicloud Survey, including multicloud adoption trends, how adoption decisions are made, and—most importantly—what cybersecurity teams are doing to cope with the onslaught of challenges brought about by so much change, complexity, and variation in the cloud services marketplace.

Topics will include:
• Quantifying the adoption rate of specific cloud services such as virtual machines, containers, serverless, and cloud storage while assessing if this growth is managed from a security perspective
• Exploring the adoption rate and effectiveness of various cloud-native and third-party security tools, technologies, and services
• Examining newer cloud technologies and determining the security team’s readiness and ability to secure these technologies

SANS 2022 Multicloud Survey: Exploring the World of Multicloud

To secure the cloud, you have to keep up with the ever-changing cloud landscape. When Agoda, a leading global online travel services booking platform, grew its cloud footprint across its core business and subsidiaries, it knew it needed a security and incident response program to match.

Join experts from Agoda, Torq, and Wiz to hear a unique story of how a small security team secures their entire cloud estate and accelerates new cloud deployments using the Torq and Wiz integration. You'll learn how Agoda: 
- Gains full visibility into their entire cloud environments built on multiple cloud service providers such as AWS, GCP, and Azure
- Deploys custom orchestration playbooks by Torq based on Wiz findings without writing code
- Leverages Wiz findings to understand context and risk severity

How Agoda secures its multi-cloud environment with Torq and Wiz

The speed of application development has accelerated, thanks to the use of container technology. However, organizations are encountering challenges – and security risks – as they build apps in containers and Kubernetes clusters that are spread across clouds and architectures. These obstacles not only threaten enterprise security, but also make it difficult for teams to identify and remediate vulnerabilities. Join this webinar to learn:
• How we arrived in the current state of container security
• The challenges and risks related to containerized apps across the development lifecycle
• Best practices and capabilities that mitigate container security risks across IT environments

Wiz & CIO: Container Security Strategies for Builders and Defenders

Cloud adoption has driven innovation and agility for organizations. For security teams, however, it has brought new levels of complexity. An exploding number of technologies, architectures, and cloud users and the speed of growth and change in the cloud create an ever-changing threat landscape.  
 
Wiz Research is at the forefront of the threat landscape in the cloud, as the team behind the discovery of vulnerabilities like ChaosDB and OMIGOD. In their research, they have identified some of the most prevalent critical risks in the cloud, such as supply chain risks, secret exposure, and data exposure, that traditional approaches cannot readily address. In this session, you will learn: 
• The top 5 cloud threats Wiz Research sees most in the wild
• Security best practices to protect your environment against them
• A new approach to addressing cloud threats

The top 5 cloud threats and how to identify them

While the current market environment presents its challenges, there are opportunities for security teams and leaders during uncertain times to redefine priorities and prepare for the future. As a CISO, what challenges are you currently facing during this economic climate? What are some of the steps you are taking with your team to prepare for what’s ahead? 

Watch an open discussion with David Damato, CISO of Aon, Fazal Merchant, former co-CEO of Tanium and CFO at DreamWorks, and Ryan Crum, CISO of Apollo Global Management Inc., to get their take and learnings from the current market environment. Hosted by Raaz Herzberg, VP of Product Strategy of Wiz, this promises to be an interactive and insightful discussion.

How can security teams adapt to endure in the current market environment

Former Uber security chief, Joe Sullivan, was recently convicted of covering up a 2016 Uber data breach. This surprising verdict has shaken the security industry and left many wondering how will the verdict affect the information security industry and the CISO role. What should we expect to change, now that jail time is on the table for CISOs?

Watch an open discussion with Tomas Maldonado, CISO of the NFL, Olivia Rose, former CISO/CIO of Amplitude, Robert Chesnut, former Chief Ethics Officer of Airbnb, and Stephen Ward, former CISO of The Home Depot, to get their take and learnings from the complicated verdict. Hosted by Raaz Herzberg, VP of Product Strategy of Wiz, this promises to be an interactive and insightful discussion.

One more thing to worry about: A CISO Conversation on the Uber Verdict

Cloud technologies require a radical rethink in how enterprise security is approached. Organizations must move beyond traditional siloed security approaches to surface organizations' real risk. They need instant visibility and accurate and complete context around cloud security risks. Finally, organizations need a security platform that enables the democratization of security - fostering a true partnership between Security and Developer teams.

In this webinar, join us to understand why some of the largest organizations have adopted a CNAPP to secure their cloud environment. We will explore:
• The challenges of managing risk in the cloud
• Why legacy approaches to cloud security doesn't cut it
• CNAPP: A holistic approach to cloud security

Context is Everything: Join the CNAPP revolution to securely adopt technologies

Organizations are rapidly using cloud service providers like AWS to deliver products and experiences faster. However, to innovate quickly, security and DevOps teams must come to a shared understanding of the cloud to focus on reducing overall risk.

Join AWS and Wiz in this interactive session to learn how AWS customers use Wiz to build scalable and predictable security workflows that securely accelerate development and innovation. You'll learn:
• Why finding critical risks in the cloud is challenging
• How AWS and Wiz work together to accelerate development securely
• Specific customer use case examples

Presented by Matthew Girdharry, WW Leader, Marketplace at AWS, and Ken Sigel, Channel Solutions Engineer, at Wiz this promises to be an insightful and informative session.

Secure modern applications on AWS with Wiz

Security teams worldwide are racing to contain the fallout from a critical vulnerability in the widely-used, open-source logging library Log4j. The critical vulnerability, called Log4Shell, has taken the world by storm, as it is easy to exploit, highly prevalent, and can impact internal assets. 

In this session, Raaz Herzberg, Head of Product, and Alon Schindel, Director of Data & Threat Research, will provide a deep dive into Log4j as a case study on the security challenges for the cloud, where you will learn:
• What Log4Shell is and why it was so impactful
• The challenges around mitigating Log4Shell exposure
• How does Wiz help security teams achieve full coverage for vulnerabilities like Log4Shell

Security challenges in the cloud: A Log4Shell Case Study

Cloud Security

Cyber Security

Cloud

IT Security

Information Security

Cyber Attacks

Cyber Defence

Threat Detection

Application Security

Network Infrastructure

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Security challenges in the cloud: A Log4Shell Case Study

Presented by

About this talk

More from this channel