Hi [[ session.user.profile.firstName ]]

Automated Application Defenses To Thwart Advanced Attackers

Michael has extensive experience in application security, security code review and penetration assessments. He has conducted numerous security assessments for financial, enterprise and cellular customers world-wide. At Mozilla, Michael focuses on securing critical web applications used by millions of users each day. You can find his blog at: http://michael-coates.blogspot.com
Recorded Jun 3 2010 45 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Michael Coates; Mozilla, Web Security Engineer
Presentation preview: Automated Application Defenses To Thwart Advanced Attackers

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • [*CPE] How to Mitigate the Unique Risks of Work From Home-Remote Office Networks Jul 15 2020 5:00 pm UTC 75 mins
    Dan Dahlberg, Director of Data Research at BitSight
    In response to the COVID-19 pandemic, more employees are working from home than ever before, introducing corporate devices to a variety of new and evolving vulnerabilities. We recently examined the data we routinely collect from Internet traffic to learn more about how this unprecedented shift to remote work changed the security landscape — and the results were alarming.

    During this webinar, Dan Dahlberg, Director of Data Research at BitSight, will dive into our research and provide proven recommendations for mitigating cybersecurity risk across a remote workforce. Join us on Wednesday, July 15, for:

    - Insights into the hidden dangers lurking in residential networks
    - Tips on navigating the new security challenges
    - Best practices for monitoring your expanding attack surface and ensuring all digital assets are secure
  • The Rise of Surveillance Mobile Malware Jul 15 2020 5:00 pm UTC 41 mins
    John Bambenek, VP Security Research and Intelligence at ThreatSTOP, Inc.
    With the increase in mobile and smart devices, we've expanded the threat landscape not only against threats to steal information, but for threats that have real physical risks. For instance, recent research by Google Project Zero and Volexity showed sophisticated attacks against both Android and iPhone devices that were targeted at Uighur Muslims and Tibet. Victims of this malware are targeted for persecution by the government of the People's Republics of China.

    This talk will cover not only these attacks in specific, but in how threats are emerging that use new technologies which are being used to create physical threats to its victims and what that means for enterprises, SMBs, and society at large.


    - Technical discussion on mobile surveillance techniques and malware.
    - Cover real-world instances where such cyber attacks have led to physical harms.
    - Discuss practical techniques to begin to mitigate such threats.
  • 2020 Malware Trends Jul 15 2020 3:00 pm UTC 62 mins
    Joseph Carson (Thycotic), Pedro Uria (Panda Security), Jack Mannino (nVisium), Stan Lowe (Zscaler) & John Aarsen (SonicWall)
    As the number and frequency of malware attacks continue to increase, we look at the threats, vulnerabilities and risks factors associated with malware attacks and how to keep your organizations secure.

    Join this keynote panel with security experts as they discuss malware trends, strategies and tools for better security in 2020:

    • The most prevalent threats in 2020
    • Identifying the latest malware delivery tools and techniques
    • Developing a modern defence strategy and empowering your users
    • Malware strategy best practices

    Joseph Carson, Chief Security Scientist, Thycotic (Moderator)
    Pedro Uria, Director of PandaLabs, Panda Security
    Jack Mannino, CEO, nVisium
    Stan Lowe, Global Chief Information Security Officer, Zscaler
    John Aarsen, SE - Benelux and Nordics, SonicWall
  • Get Compete Threat Visibility with All-in-One Security Essentials Jul 14 2020 11:00 pm UTC 45 mins
    Senthil Palaniappan, Founder and CEO, Sennovate Inc.
    Any organization’s security depends on its ability to rapidly detect and respond to emerging threats across your cloud and on-premises environments. Yet, attack methods and strategies evolve constantly, making threat detection an always-moving target. If you are a CISO or key stakeholder and would like to learn ways to monitor, detect, and secure your environment, you should attend this webinar.
    You will learn
    • Collecting Security Events
    • Reviewing Log data
    • Performing Analysis
    • threat intelligence from the Open Threat Exchange® (OTX™)
    • Managed SOC - An effective and efficient way to compliment your Cyber Security team
    • AlienVault Case Study
  • Ransomware: A thought-provoking discussion with Nate and Greg Jul 14 2020 11:00 pm UTC 45 mins
    Nathan K. Zimmerman, CISSP Sr. Information Security Officer, Office of the General Counsel, YMCA of the USA
    The presenters for this session (Gregory Van Den Ham & Nate Zimmerman), will be discussing the following points:

    The History of Ransomware
    Delivery Vectors
    Ransomware Behavior Examples
    Detection / Prevention tactics
    Mitigation and Cyber Incident Response

    Nate and Greory have over 30 years combined experience in IT Security, click 'attend' to join this thought-provoking and interactive live session.
  • How to stop criminals from using the latest major crises to hack your employees Jul 14 2020 9:00 pm UTC 45 mins
    Tony Lauro, Director of Technology & Security Strategy | Steve Winterfeld, Advisory CISO, Akamai Technologies
    Every time there is a major crisis I feel like the cybercriminals should cut us a break and yet every time it seems like they double down. You may recall over the years when a major natural disaster, health crisis or social issue dominate the news there are a flood of crisis related phishing campaigns using the topic as a pre-text for launching an attack.

    Using popular topics and references is a key way that attackers can increase the probability of getting someone to click on their phishing lure to launch something like a ransomware attack. In this talk will cover some of the ways we can prepare for the next calamity.

    • Phishing detection and defense practices
    • Techniques for ransomware prevention
    • Training your employees to be resistant to Social Engineering techniques

    Join us for a discussion on how to prepare both your people and security infrastructure for the next wave of attacks. The cybercriminals are phishing – let’s talk about how to stop your employees from clicking on the bait.

    · Tony Lauro is Director of Technology & Security Strategy for Akamai Technologies. Over the past seven years Tony has worked with Akamai’s top global clients to provide application security guidance, architectural analysis, web application and adversarial resiliency expertise.
    · Steve Winterfeld is our Advisory CISO. Before joining Akamai, he served as CISO for Nordstrom bank and Director of Incident Response and Threat Intelligence at Charles Schwab. Steve focuses on ensuring our partners are successful in defending their customers and determining where we should be focusing our capabilities.
  • Detecting & Responding To Ransomware Jul 14 2020 9:00 pm UTC 45 mins
    Eric A. Nielsen, Chief Executive Officer, Defense In Depth Cyber Security
    As an information security professional your knowledge of ransomware as well as the tactics & techniques to detect & respond effectively are critical to your organization. Data breaches threaten organizational financials and reputations. Strengthen your security through the use of actionable intelligence. Attendees will hear about:

    - What is Ransomware?
    - Leveraging Architecture Components to Detect & Respond to Ransomware
    - Ransomware Scenarios & Solutions
    - Tips to Protect Your Organization
  • Privacy-Preserving Computing and Secure Multi Party Computation Jul 14 2020 5:00 pm UTC 45 mins
    Ulf Mattsson, Chief Security Strategist | Protegrity
    An increased awareness about privacy issues among individuals. In many countries, databases containing personal, medical or financial information about individuals are classified as sensitive and the corresponding laws specify who can collect and process sensitive information about a person. The financial services industry has rich sources of confidential financial datasets which are vital for gaining significant insights.

    However, the use of this data requires navigating a minefield of private client information as well as sharing data between independent financial institutions, to create a statistically significant dataset. A major challenge that many organizations faces, is how to address data privacy regulations such as CCPA, GDPR and other emerging regulations around the world, including data residency controls as well as enable data sharing in a secure and private fashion.

    We will present solutions that can reduce and remove the legal, risk and compliance processes normally associated with data sharing projects by allowing organizations to collaborate across divisions, with other organizations and across jurisdictions where data cannot be relocated or shared. We will review solutions that are driving faster time to insight by the use of different techniques for privacy-preserving computing including k-anonymity and differential privacy. We will discuss multi-party computation where the data donors want to securely aggregate data without revealing their private inputs. We will also review industry standards, implementations, key management and case studies for hybrid cloud (Amazon AWS, MS Azure and Google Cloud) and on-premises.
  • Dissecting Cybercrime – Journey of a Stolen Credit Card Jul 14 2020 4:00 pm UTC 60 mins
    Alex Holden
    We often don’t realize the full impact of cyber crime, which then relapses us into repeating the same mistakes. Even large companies do not completely understand how their data and services are being abused. I want to take you on a journey of observing credit card fraud and abuse from stealing a credit card to trafficking of stolen goods. Learning about these vectors of abuse will help you and your organization to mitigate a number of common attacks and abuses.
  • Email Security Strategies & Solutions Jul 14 2020 3:00 pm UTC 60 mins
    Michael Thoma | Arif Hameed, Equifax | Chris Wallace, CISO | Panelist TBA
    With email security breaches constantly making headlines, it is crucial for organisations to be ahead of the curve. Join this interactive panel of industry experts as they discuss the latest trends in email security and how to prevent becoming the next international headline.

    Join this Q&A panel to learn more about:

    - Emerging trends in email attacks
    - How to stay on top of the latest threats
    - Best solutions to protect your organization

    Moderator: Michael Thoma, Principal Consultant at the Crypsis Group
    Panelist: Chris Wallace, Chief Information Security Officer
    Arif Hameed, Senior Director, Client Security at Equifax
    Panelist to be confirmed
  • 3 Actionable Steps to Minimize Successful Phishing Attacks Jul 14 2020 1:00 pm UTC 45 mins
    Pat McDonald, Senior Solutions Engineer, GreatHorn
    Outsmarting Cybercriminals: 3 Actionable Steps to Minimize Successful Phishing Attacks

    With 94% of breaches starting with attacks targeting people, and phishing as the top threat action in confirmed breaches (32%)1, every organization is trying to stay on top of email security to mitigate risks. Unfortunately there is no “magic” solution to prevent 100% of all phishing attacks. But what if there were a few actions you could take to minimize the success of phishing attacks?

    Join us for this webinar as we discuss what you can do to minimize the success of phishing attacks against your organization. Walk away from this presentation with insight into:

    - Tools to prevent BEC and Account Takeover attacks
    - Actionable insights that allow users to make better decisions
    - Tips to improve your mean time to detect (MTTD) and mean time to respond (MTTR)
  • Know the Threat to Stop the Threat: The Perils of Phishing in 2020 Jul 14 2020 12:00 pm UTC 45 mins
    Mollie MacDougall, Product Manager, Intelligence | Aaron Riley, Cyber Threat Intelligence Analyst, Cofense
    To defend against phishing, your organization needs to understand the key trends and top threats. Cofense’s Intelligence Team spends every day analyzing phishing threats including credential theft, ransomware campaigns, and more. Learn about the top threats that define today’s phishing landscape and how to defend your organization against them.

    - See what tactics are successfully evading secure email gateways and reaching enterprise end users.
    - Learn what is trending when it comes to malware delivered via phishing, including ransomware.
    - Receive tips for ensuring your phishing defense strategy is proactive and well-coordinated.
  • Ransomware: It Is Not Just Delivered By Email Anymore! Jul 13 2020 5:00 pm UTC 45 mins
    Presenter to be announced
    Join us for an interactive discussion on different methods used to deliver ransomware and new tactics attackers are using to gain a foothold and deliver their payloads. We will cover:

    New strategies and tactics cybercriminals are using
    Steps of a ransomware attack - what you may be missing
    Ransomware in 2020 and into the future - what you need to know now
  • [PANEL] Security as a Service Jul 13 2020 3:00 pm UTC 60 mins
    Stephanie Olsen | Sailaja Kotra-Turner
    As in-house security becomes increasingly complex and costly, organizations are in need of a reliable and safe security provider. Join industry experts as they discuss the latest trends in SEaaS, including:

    -Why your organisation needs to move towards SEaaS
    -The different models of security as a service
    - SEaaS solutions and strategies

    Stephanie Olsen, Customer Trust Manager, Product & Application Security, Netflix & WiCyS Silicon Valley Affiliate President
    Sailaja Kotra-Turner, CISO
  • AWS Security JAM x WiCyS | Interactive Learning Series Jul 9 2020 6:00 pm UTC 60 mins
    AWS experts
    Are you interested in learning how YOU can build securely on AWS? Join us for the AWS Security Jam learning series - a hands-on, team-oriented, gamified learning experience which will enable you to leverage a wide range of AWS security services. If you get excited about securing workloads in the cloud, come and challenge your skills while learning new techniques. AWS will host three Security Jam sessions (beginners, intermediate, and advanced), so join us for all three or pick the session most relevant to you. We will have a number of AWS experts virtually available to discuss ideas, provide guidance, and help your team get through any challenges.
  • How Companies Are Using Data Analytics to Prioritize Cyber Spend Jul 8 2020 6:30 pm UTC 45 mins
    Jerry Caponera, VP of Products and Cyber Risk Management, Nehemiah Security
    Choosing which cybersecurity projects to implement is more challenging than ever. Cyber risk changes daily and budgets are changing too as the COVID-19 pandemic continues to unfold. Register to see why leading companies are using a data-driven approach to make better decisions about which projects to prioritize, and learn how modeling risk helps optimize cyber spend.

    Join us to learn:
    + What’s changed in how companies look at risk remediation and ROI pre- and post-COVID
    + Why the prioritization of cyber spend is more important than ever
    + How to take a data-driven approach and what data you need to get started
    + Why modeling is important and how you can do this easily (demo)
  • IT Manager's Series: Top 3 Ways to Protect from Ransomware Jul 8 2020 5:00 pm UTC 45 mins
    Troy Vennon, Director, Cybersecurity & Trustworthiness at Covail
    Join us for an informative webinar on how IT managers and small security teams can prevent ransomware from infecting their company’s networks. Ransomware on the rise and no longer focused only on large enterprise (average-sized company impacted in 2019 around 650 employees). Organizations with small security teams or that leverage their IT teams to manage security need help to protect from the growing wave of cybercrime. Here’s what to expect from our webinar on ransomware:
    - How to identify where you are exposed so you can fix your vulnerabilities
    - Why and how to segment your network and identity management programs
    - What kind of a response and recovery process you need in place
  • THREAT INTEL IN THE REAL WORLD: An Expert Roundtable Recorded: Jul 1 2020 54 mins
    Chase Cunningham, Kurtis Minder, Rick Holland, Chris Camacho, Allan Liska, John Grim
    Find out what happens…when intel analysts stop being polite…and start getting real.

    Today’s typical enterprise security team subscribes to at least four, often more, intelligence feeds, which analysts must comb through to find relevant information for operationalization. As a result, most threat intel has become “yet another tool to manage.” It’s simply not practical to expect every security organization to be able to hire threat intelligence analysts to make sense out of the feeds. Vendors need to deliver “threat-analyst-in-a-box” capabilities, so intelligence can be operationalized with minimal intervention.

    In this session, a blue-chip panel of cyber threat experts will discuss the state of current threat intel offerings, and dive into the future of this space to help you understand how it will evolve to meet the needs of enterprise security teams. They will discuss how the next generation of threat intelligence will conform to the conventions of government intelligence operations, where the right information goes to the right people and systems in the right form factor.

    Attendees will learn:

    ​Why general-purpose threat intelligence won’t cut it and how it needs to be customized to each organization’s risk profile.

    What enterprises need to do to make the market mature in this evolving industry.

    ​How to take the right approach to threat intelligence and big data.
  • CISO Pandemic Response: Next Steps Recorded: Jul 1 2020 60 mins
    Dan Lohrmann | Earl Duby | Vinod Brahmapuram | Scott Larsen
    By popular demand, this CISO Insights webinar is a follow-up to the immensely successful sessions held in March and May. The webcasts (links in Attachments): "Coronavirus Actions and Risks for Tech and Security Leaders" & "Back to the Office – Or Not? Next Steps in Pandemic Technology Response" were viewed thousands of times, and numerous attendees asked for this update.

    Join this roundtable discussion to learn more about:
    - Back to the office timing, decisions, strategies and tactics on the ground
    - Quick Sector updates for government, manufacturing and healthcare
    - Unemployment fraud
    - Noticeable spike in phishing in June (related to civil unrest/Anonymous?)
    - Team chemistry through the lockdown (how has onboarding been)
    - Revenue loss impact on teams (downsizing? How has off-boarding been accomplished?)
    - Overall CISO mental health through the quarantine and civil unrest

    - Dan Lohrmann, CSO & Chief Strategist, Security Mentor, Inc.
    - Earl Duby, CISO, Lear Corporation
    - Vinod Brahmapuram, CISO, State of Washington
    - Scott Larsen, CISO, Large healthcare provider
  • Securing the Remote Workforce Recorded: Jun 30 2020 59 mins
    Diana Kelley | David Sherry | Lee Imrey | Nathan Howe
    Remote working has been a growing trend for the last few years, especially in the tech sector. However, the COVID19 outbreak has really pushed businesses to adopt or accelerate their remote integration plans. How has this affected security? What are the steps companies need to take to better protect their remote workforce?

    Join this episode as we explore the security challenges in the time of COVID, why a strong security culture is important, and what steps to take today.
    - What are the security challenges associated with remote working
    - Examples of changes in cyber-attacks during COVID
    - Managing patching, VPNs, and backups for large and small remote workforces
    - How to maintain auditability and visibility
    - How to enable and keep your remote team secure
    - ​Tips for training end users to help themselves
    - Why a strong security culture matters now more than ever

    - David Sherry, CISO, Princeton University
    - Lee Imrey, Cybersecurity Advisor, Splunk
    - Nathan Howe, Head of Transformation Strategy, EMEA, Zscaler

    This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Automated Application Defenses To Thwart Advanced Attackers
  • Live at: Jun 3 2010 4:00 pm
  • Presented by: Michael Coates; Mozilla, Web Security Engineer
  • From:
Your email has been sent.
or close