Hi [[ session.user.profile.firstName ]]

Network security, seriously? 2016 Network Penetration Tests

The results of all the network penetration tests conducted by the First Base team over the past year have been analysed by Peter Wood. The annual review covers clients in a variety of sectors including banking, insurance and retail. This presentation identifies the most common vulnerabilities, how they can be exploited and the consequences for each business. Learn in detail how criminals can take advantage of these weaknesses and how you can secure your networks using straightforward techniques.
Recorded Sep 7 2016 46 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Peter Wood
Presentation preview: Network security, seriously? 2016 Network Penetration Tests

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Simple Network Misconfigurations Equals Big Vulnerabilities - How to Avoid It Aug 20 2019 9:00 am UTC 60 mins
    Avivi Siman-Tov, Director of Product, AlgoSec
    Misconfigurations aren’t simply inconvenient errors but serious security threats. According to Gartner, 99% of all firewall breaches will be caused by misconfigurations by 2020 and misconfigurations made OWASP’s latest list of Top 10 most critical web application security risks.

    A single change to a network device can have far-reaching effects on your business and create security holes for cybercriminals, impact your regulatory audit, and even cause costly outages that bring your business to a standstill! This is true whether on-premise or in the cloud.

    In this webinar, Avivi will present several examples of common misconfigurations, including device changes, business application connectivity changes, and data center migrations. He will also reveal specific techniques to help you avoid misconfigurations.

    Watch the webinar to learn how to:

    •Monitor cloud services to take a proactive stance against misconfigurations
    •Understand and map your entire network before you make a change
    •Understand the impact of changes to your entire hybrid network
    •Proactively assess the impact of a change to ensure it does not break connectivity, affect compliance or create a security hole
    •Use network management automation to avoid common misconfigurations
    •Avoid common mistakes when making changes to your network security devices
  • Hybrid Cloud Security Policy Considerations Aug 19 2019 5:00 pm UTC 60 mins
    Predrag "Pez" Zivic, Sr. Security Solutions Architect, Pensando Systems
    This talk will explore the challenges of defining security policies for hybrid and multi-cloud implementations. The attendees will see the new components needed for hybrid cloud security policies. The considerations of what content is needed for multi-cloud security policies will be listed. The clear advantage of workload context will be used to show how security policy can be created for cloud-based workloads. Security policy for dynamic movement of workloads to different cloud environments such as AWS, Azure, Google Cloud, and private clouds will be explored. Ideas on how to properly create a security policy for dynamic workload movement will be presented.

    Attendees will see that the role of IP in a multi-cloud security policy is diminishing or even presenting an obstacle. Hybrid and multi-cloud security policies introduce a new paradigm in security, and presentation attendees will learn how to embrace it.
  • [PANEL] Beyond Perimeter-Based Security Aug 19 2019 3:00 pm UTC 60 mins
    Jo Peterson (Clarify360) | Tina Gravel (Cyxtera) | Adrian Taylor (ITC) | Josh Frantz (Rapid7)
    For years organisations have relied on perimeter-based security strategies to protect and secure their networks. As the workplace becomes increasingly fluid, it is clear that relying solely on perimeter-based security is no longer suitable.

    Join this exclusive panel of industry experts as they discuss:
    • Where traditional perimeter-based security models fall short
    • Notable cyber attack methods and how to protect against them
    • Strategies for improved network security and how to implement them

    - Jo Peterson, VP Cloud Services, Clarify360 (moderator)
    - Tina Gravel, SVP Global Channels, Cyxtera
    - Adrian Taylor, CTO, ITC Secure
    - Josh Frantz, Lead Security Consultant, Rapid7
  • Women Leaders in Equifax Security: Diverse Perspectives Recorded: Aug 15 2019 60 mins
    Meghan Caputo, Ahmad Douglas, Diana Dudas, Courtney Healey, Jamila Ramsay, and Katalina Reynolds
    The terms security and cyber (short for cybersecurity) are often used interchangeably, referring to the profession narrowly defined as a team of professionals who leverage technologies and processes to defend an organization’s systems and networks from attack. However, this narrow use of security sells the field short – there are in fact a number of key functions under the security umbrella, one of which is cybersecurity, all of which are essential to the success of the organization. Some such functions are: physical security, fraud prevention, privacy, business continuity, disaster recovery, and risk management, although there are still more. And though the security field is defined by the technical “hacker” persona, people with backgrounds, skills, and interests of a wide variety have all found success under the umbrella of work in the security field.

    Join our webinar to hear from several of Equifax’s women leaders who have come to security from different educational backgrounds, former careers, and interests, but who share a passion for challenging work, career growth, and personal excellence. Learn about their career journeys that led them to security, how they apply their interests and training to their current work and future professional goals, and hear the advice they have for the next generation of women in security. Bring your questions, too, and participate in this lively interactive discussion!
  • PCI Dream Team: Ask Us Your Toughest Questions [Part 7] Recorded: Aug 15 2019 61 mins
    Ben Rothke | David Mundhenk | Jeff Hall | Arthur Cooper "Coop"
    The PCI Dream Team is back for another interactive Q&A session.

    With hundreds of different requirements, the various Payment Card Industry (PCI) standards can be overwhelming. While the PCI Security Standards Council has provided lots of answers, the devil is often in the details.

    Our panelists are some of the top PCI QSA’s in the country, with decades of combined PCI and card processing experiences. They’ve seen it all: the good, bad and ugly; and lived to tell the tale.

    Join Ben Rothke, David Mundhenk, Arthur Cooper, and Jeff Hall for an interactive Q&A session, and get answers to your most vexing PCI questions. No PCI question is out of bounds.

    - Ben Rothke, Senior Information Security Specialist at Tapad
    - David Mundhenk, Senior Security Consultant at Herjavec Group
    - Jeff Hall, Senior Consultant with Online Business Systems
    - Arthur Cooper "Coop", Senior Security Consultant at NuArx
  • Delivering DevSecOps and Achieving Resilience Recorded: Aug 8 2019 47 mins
    Dr. David Brumley (ForAllSecure) | Connor Gilbert (StackRox) | Rick Moy (Acalvio) | Jay Beale (InGuardians)
    Organizations are realizing the necessity to treat security as a first-class citizen instead of an after-thought. When it comes to DevOps, organizations are now including security at every step of the development and deployment lifecycle.

    Join experts from the industry to learn more about:
    - Security challenges and vulnerabilities
    - DevOps vs DevSecOps: What's the difference?
    - How to make disjointed security and DevOps teams work effectively
    - DevOps security scans
    - Steps to better application security

    - Rick Moy, CMO, Acalvio Technologies
    - Dr. David Brumley, CEO & Co-Founder, ForAllSecure
    - Connor Gilbert, Product Manager, StackRox
    - Jay Beale, CTO & COO, InGuardians
  • Securing the Multi-Cloud in the Age of Threats Recorded: Aug 8 2019 55 mins
    Raj Mallempati (CloudKnox Security) | Chris Schueler (Trustwave) | Tim Choi (Proofpoint) | Nathan Wenzler (Moss Adams)
    How are organizations handling security for their multiple clouds and applications? Join cloud and security leaders in an interactive discussion to learn about:
    - Multi-cloud reality
    - Addressing your cyber risk
    - Managing vulnerabilities, detecting breaches and responding to incidents
    - Automating security tasks across multiple clouds and applications
    - Recommendations for improving enterprise cloud security

    - Raj Mallempati, COO, CloudKnox Security
    - Chris Schueler, Senior Vice President of Managed Security Services, Trustwave
    - Tim Choi, VP, Product Marketing, Proofpoint
    - Nathan Wenzler, Senior Director of Cybersecurity, Moss Adams
  • The Future of Application Security: Assisted-Intelligence Recorded: Aug 8 2019 22 mins
    Dr. David Brumley (ForAllSecure) & Frank Downs (ISACA)
    Through their win in the 2016 DARPA Cyber Grand Challenge, ForAllSecure challenged the way application security testing is thought and approached.

    Join Dr. David Brumley, CEO and Co-Founder of ForAllSecure, as he shares his observations on shifts in software security trends before and after the DARPA CGC. He'll dissect how these trends came to be and share his predictions how they will impact the software security industry.

    Frank Downs, Director/SME Cybersecurity Practices, ISACA
    Dr. David Brumley, CEO & Co-Founder, ForAllSecure
  • How To Build a People-Centric Cybersecurity Strategy Recorded: Aug 8 2019 23 mins
    Tim Choi, VP, Product Marketing, Proofpoint & Roselle Safran, President, Rosint Labs
    Abstract: More than 99% of all targeted cyberattacks rely on users to activate them. It is evident that people need to be at the center when building a robust cybersecurity approach in the era of highly sophisticated attacks.

    Join BrightTalk for a live interview with Tim Choi, the VP of Product Marketing at Proofpoint, as we discuss the key findings of the threat landscape for 2019 and share practical tips on how CISOs can build a truly people-centric cybersecurity strategy.
  • The Least Talked About Cybersecurity Threat Recorded: Aug 7 2019 24 mins
    Chris Schueler (Trustwave) & Frank Downs (ISACA)
    Most IT roles tend to involve long hours and high stress levels, but with breaks between projects. The reality of a cybersecurity professional, however, is that their job is never fully complete. Much like an air traffic controller or a law officer, just one oversight can result in detrimental consequences. The constant pressure of identifying new threats, contending with persistent adversaries around the clock, and assessing how third parties and introduction of new technologies may impact risk is psychologically taxing. Furthermore, it may weaken the enterprise cyber resiliency.

    Join this Q&A interview live from Black Hat to learn more about:

    - Burnout in cybersecurity
    - The effect of AI and behavioral analytics on burnout
    - Industry shortage of security expertise and how to address it
    - How to alleviate day-to-day cybersecurity stress

    Frank Downs, Director/SME Cybersecurity Practices, ISACA
    Chris Schueler, Senior Vice President of Managed Security Services, Trustwave
  • The Future of Privacy and Security Recorded: Aug 7 2019 60 mins
    Joseph Carson, (Thycotic), Debra Farber, Nathan Wenzler (Moss Adams), James Chappell, (Digital Shadows)
    Organizations are evolving beyond the traditional, reactive approach to privacy and data security to thinking proactively. Are we closer to a Privacy-and-Security-by-Design reality?

    Join this panel of experts to get the answer to all of your privacy, security and compliance questions. Viewers can learn more about:
    - Effects of GDPR: One year later
    - How businesses are preparing for CCPA
    - Best practices for achieving and maintaining compliance
    - How to bake privacy and security into your processes
    - What to expect in the next 12 months

    Joseph Carson, Chief Security Scientist, Thycotic (Moderator)
    Debra Farber, Independent Privacy & Security Advisor
    Nathan Wenzler, Senior Director, Cybersecurity, Moss Adams
    James Chappell, Co-Founder & Chief Innovation Officer, Digital Shadows
  • IoT Security in 2019: Risks and Cyber Resilience Recorded: Aug 7 2019 48 mins
    Chris Morales (Vectra) | Jason Soroko (Sectigo) | Todd Weber (Optiv) | Rudolph Araujo (Awake Security)
    As the Internet of Things continues to grow, so do the security and privacy risks and vulnerabilities associated with IoT devices on enterprise networks. Organizations worldwide are looking to assess and manage their risk, implement basic cyber hygiene, and improve their security posture. Discover the best strategies for achieving security at every level, including IoT.
    Join this interactive panel with industry experts to learn more about:
    - Impact of IoT on enterprise security
    - How to assess the IoT risk
    - Most common IoT vulnerabilities and how to address them
    - Recommendations for improving IoT security

    - Chris Morales, Head of Security Analytics, Vectra (Moderator)
    - Jason Soroko, CTO of IoT, Sectigo
    - Todd Weber, Chief Technology Officer, Optiv
    - Rudolph Araujo, VP Marketing, Awake Security
  • Ask the IoT Security Expert: Securing a World of Inter-Connected Devices Recorded: Aug 7 2019 25 mins
    Jason Soroko, CTO of IoT, Sectigo & Diana Kelley, Cybersecurity CTO, Microsoft
    Today's digitally connected businesses require multi-layer defense against rising and more sophisticated web-based threats across websites, devices, infrastructure, and cloud.

    Join this interactive 1-2-1 discussion where IoT security expert, Jason Soroko, will share how to deal with IoT security challenges.

    Join us, live from Las Vegas as we learn about:
    - How identity plays a role in IoT security
    - The role of trust models to enable third party device interoperability
    - If three is a way to secure a digital identity for devices that do not have a hardware
    secure element such as a TPM
    - The latest IoT device security legislations
    - Determining if IoT connected devices in your operations infrastructure are secure
  • Ask the IoT Security Expert: Identifying Risks and Addressing Challenges Recorded: Aug 7 2019 30 mins
    Marty Sells, Principal Security Consultant, Optiv & Mark Aiello, President, CyberSN
    IoT security has become a critical priority for enterprise information technology security teams. Devices with sensors and the automated processes that connect them are prime targets for attackers seeking to take advantage of insecure code and low-level vulnerabilities.

    Join us for an exclusive interview LIVE from Las Vegas during Black Hat to learn more about the current state and challenges for IoT security, the areas for automation, and how regulations are affecting the future of IoT and IoT security.

    Viewers will also learn about:
    - How is security different for industrial control systems and IoT
    - How traditional IT security principles differ in the IoT space
    - IoT security certifications consumers/enterprises should be aware of
    - How important is continuous penetration testing
    - Is encrypting IoT data important and how

    Broadcast LIVE from Las Vegas during Black Hat 2019
  • Cybercrime’s Innovation Machine Recorded: Aug 6 2019 25 mins
    Hardik Modi, Senior Director, Threat Intelligence, NETSCOUT & Jessica Gulick, CEO, Katzcy & VP, Women's Society of Cyberjutsu
    It’s hard to express the scale of today’s cyber threat landscape, let alone its global impact. We can tell you that there were nearly four million DDoS attacks around the world in the last six months, and that attack frequency grew by 39 percent. Or that the NETSCOUT ASERT team saw 20,000 unique samples per month from just one family of IoT malware. Or even that it can take only five days from the discovery of a new attack vector to the availability of tools for the script-kiddie designed to exploit that vulnerability.

    These numbers, while startling, don’t fully convey the impact of that steady drumbeat of new threats. Cybercrime has entered the mainstream of our culture to an unprecedented extent, and it is here to stay.

    Join this video interview live from Las Vegas during Black Hat to learn more about:
    - The big trends in DDoS
    - New attack vectors found in the past six months and what this means for device and software security
    - What enterprises can do to protect themselves
  • Ground Truth about the Cyber Skills Shortage Recorded: Aug 6 2019 25 mins
    Daniel Slack, Senior Manager, FireEye Managed Defense, FireEye & James Robinson, Deputy CISO, Netskope
    Cybersecurity executives and leaders are not the only cybersecurity experts feeling the pressure to do more with less in the age of the widening cyber skills gap. Cyber security practitioners, already at a disadvantage in the asymmetric battle for the fate of their company’s and customers’ networks, have much to teach the rest of us about how organizations can overcome the shortfall.

    Join Danny Slack, Senior Manager for FireEye Managed Defense, as he talks about stories and strategies from the cyber defender’s perspective.
  • Security Without Borders In the Multi-Cloud Recorded: Aug 6 2019 59 mins
    Rick McElroy (Carbon Black) | Neil Thacker, (Netskope) | Hardik Modi (NETSCOUT) | Shahrokh Shahidzadeh (Acceptto)
    Digital Transformation, 5G and the Internet of Things are creating wider and deeper opportunities and risks for technology and business organizations to pioneer and navigate. These new boundaries are difficult for organizations to get visibility into and contain threats across them. In a the new world of micro services, serverless computing, software defined infrastructure and Multi-Cloud, old enterprise threat and vulnerability models must transform.

    Learn how to achieve consistent and continuous monitoring across your entire infrastructure, as well as within the services and providers you rely on. Getting early, accurate warning into the risks that threaten applications and infrastructure is critical.

    Learn why Security and DevOps / Infrastructure teams need to lean into and how to do it at scale.

    - Rick McElroy, Principal Security Strategist, Carbon Black (Moderator)
    - Neil Thacker, CISO, Netskope
    - Hardik Modi, Senior Director, Threat Intelligence, NETSCOUT
    - Shahrokh Shahidzadeh, CEO, Acceptto
  • CISO's Toolbox: Strategies for Success Recorded: Aug 6 2019 51 mins
    Deidre Diamond (CyberSN), Alyssa Miller (CDW) | Martin Holste (FireEye) | Mike Weber (CoalFire)
    What do CISOs need to be successful at their job? Discover the challenges CISOs are facing and the ways they are solving them.

    Join security experts as they discuss the strategies, processes and technologies CISOs use to protect their organizations in the age of breaches:
    - What keeps CISOs up at night
    - Strategies for breach prevention
    - Strategies for making the most of AI technology and human talent
    - Coping with analyst fatigue
    - Threats on the horizon
    - Recommendations for strengthening security

    - Deidre Diamond, CEO & Founder, CyberSN
    - Alyssa Miller, Manager, Information Security Solutions Practice, CDW
    - Martin Holste, Cloud CTO, FireEye
    - Mike Weber, Vice President, Coalfire
  • Earning a Place at the Table, Bringing Security to the Board Room Recorded: Aug 6 2019 25 mins
    Alyssa Miller, Manager, Information Security Solutions Practice, CDW & Diana Kelley, Cybersecurity CTO, Microsoft
    As cyber security continues to evolve into a business priority, having conversations at the highest levels about how to address security threats becomes crucial. Hear from CDW’s Alyssa Miller as we discuss why it is so important for the CISO to have a place in the board room and ways the CISO can encourage this interaction and improve their effectiveness in working with the Board of Directors.

    We’ll discuss common challenges and new ways to address those challenges ensuring the CISO is positioned to become that trusted advisor for the organization.

    Join us as we discuss:
    - The importance of discussing cyber security strategies at a board level
    - What challenges prevent cyber security from being a regular topic for the board
    - Approaches that CISOs may employ to help gain visibility with the board and more!
  • [Earn CPE] Automating Your Third-Party Risk Management Program Recorded: Jul 25 2019 77 mins
    Colin Whittaker, IRD; Chris Poulin, BitSight; Jason Sabourin, OneTrust; Szuyin Leow, LogicGate; Todd Boehler, ProcessUnity.
    The current state of vendor risk management (VRM) is bleak. More than half of all information security breaches are caused by third-party vendors, and according to Deloitte 83% of today’s business leaders lack confidence in third party VRM processes. Given the growing complexities in accurately collecting and screening third-party data and the need for deeper due diligence, automation is key to a successful risk program. However, many corporations haven’t adopted automation in their third-party risk management programs.

    The lack of automation adoption can be traced to a few core reasons. Disparate systems, out-of-date data, and inconsistent policies can all stifle a company’s ability to modernize their third-party risk management program, and companies often suffer from more than one of these. When applied effectively, automation can not only help prevent these roadblocks; it can also drive the efficiencies procurement and compliance leaders are looking for. Join this CPE accredited panel webinar as our expert panel address some key steps to automating third-party risk management, including how to:

    -Manage an up-to-date vendor master to create one source of truth across the entire corporation,
    -Leverage automation and machine learning to standardize data governance,
    -Drive efficiencies and reduces costs, while ensuring the highest accuracy in your third-party risk management program.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Network security, seriously? 2016 Network Penetration Tests
  • Live at: Sep 7 2016 10:00 am
  • Presented by: Peter Wood
  • From:
Your email has been sent.
or close