Global Panel: Dissecting Cloud Security Standards

Enterprises, businesses, government agencies, transportation systems, hospitals, and in some cases, even power plants worldwide have been affected by the high-profile cyber attacks of 2017. What is the current state of digital identity, cyber security and privacy in an age of increased cyber attacks. With the EU General Data Protection Regulation (GDPR), going into effect in May 2018, how are global enterprises and businesses preparing for it?

Join this panel of expert identity and cybersecurity leaders as they discuss the pressing issues concerning identity and security, especially in the context of ransomware attacks, rise in cybercrime and instances of cyber warfare.

Moderator:
- Mark Weatherford, Chief Cybersecurity Strategist at vArmour

Panelists:
- Jeremy Grant, Managing Director at The Chertoff Group
- Paul Rosenzweig, Principal at Red Branch Consulting

Attackers’ love for PowerShell is now no longer a secret, with 2016 producing an explosion in offensive PowerShell toolsets. PowerShell is gaining respect in offensive circles as “Microsoft’s Post-Exploitation Language” and being integrated into many offensive toolkits. Unfortunately, the offensive community often fails to research or share relevant mitigations with their defensive counterparts. This leaves many defenders without the information they need to protect themselves and their networks from these attacks. In a quest to combat the perceived threat, many defenders attempt to disable PowerShell rather than realizing its defensive potential.

In this webinar, Will Schroeder (@harmj0y) and Jared Atkinson (@jaredcatkinson) will cover offensive and defensive PowerShell tools and techniques, including PowerPick, subversive PowerShell profiles, PowerForensics, and Get-InjectedThread. They will also cover mitigations and detections for popular offensive tools and techniques, demonstrating how to best handle the new offensive reality of widespread offensive PowerShell usage.

The same-origin policy (SOP) remains one of the most important security mechanisms of the web, protecting servers from malicious pages interacting with their APIs through cross-site requests. However, the subtle details of the policy can be overlooked, so our talk aims to show how limitations in the application of the same-origin policy can undermine security.

Join this talk in the "Threat Hunting" series as David Petty, Network Security Analyst at Independent Security Evaluators, explains in depth how the same-origin policy works and how it can be bypassed to exploit cross-site vulnerabilities, including examples of Java, Flash, Silverlight, and Cross-Origin Resource Sharing (CORS) misconfigurations.

As the same-origin policy and cross-site request forgery (CSRF) are inherently connected, we will also show both simple and complex cross-site request forgery attacks and how CSRF functions within the context of the same-origin policy. This will include classic CSRF attacks that work within the confines of the same-origin policy and more complicated attacks that utilize server misconfigurations to bypass the same-origin restrictions altogether.

About the Threat Hunter:
David Petty is an Associate Security Analyst at Independent Security Evaluators (ISE), a security consulting company in Baltimore, MD. He has recently graduated from Northwestern University with a B.S. in Computer Science, and discovered his interest in security while working for ISE during college. He specializes in breaking web and native applications and uses these skills to conduct custom security assessments of software products. His interests also include reverse engineering and digital forensics.

Today’s IT risk environment is more threatened than ever thanks to the growth in sophisticated cyber attacks and security vulnerabilities. Now, complex, hard-to-detect attacks could bring down not just a single institution but also large parts of the internet and the financial markets. Organizations need an intelligent approach when it comes to assessing IT risk and managing compliance.

Staying safe is no longer just about deflecting attackers. It’s about staying ahead of attackers who are already inside the organization, and banks are doing this through structured lines of defense that enhance security capabilities, involve IT risk managers in operations, and expand internal audits mandate so they can cover business disruption. On this webinar presentation we will address some ways how organizations can as a part of an Integrated Risk Management initiative orchestrate effective IT risk management across the lines of defense.

In this episode of the Threat Hunting series we will feature a network security tool developed and used by real-life threat hunters. Sweet Security is a network security monitoring and defensive tool which can be deployed on hardware as small as a Raspberry Pi.

Using the power of Bro IDS and threat intelligence feeds, malicious network traffic can be exposed. This data is gathered and visualized with the ELK stack (Elasticsearch, Logstash, and Kiban). Going beyond detection, the device can implement blocking for specific devices on a granular level. Sweet Security can monitor all network traffic with no infrastructure change and block unwanted traffic. It ships with Kibana dashboards, as well as a new web administration UI. Even better, the installation can be separated between web administration and sensor.

Want to deploy the web administration to AWS and install a dozen sensors? No problem! With the ability to intercept all network traffic combined with the power of Bro and ELK, you can unlock the ability to hunt for threats across any environment.

Travis Smith will go through how the tool works, as well as some interesting findings he has discovered on his own home network.

Just how dangerous, inefficient, and ineffective are the endpoint security solutions used in most organizations today? Ponemon Institute independently surveyed hundreds of IT security professionals to find out — and are ready to share the surprising results in this important webinar.

On July 27th, join founder and chairman, Dr. Larry Ponemon, and Richard Henderson, global security strategist at Absolute, for an interactive webinar on the results, including:

• Exposing the largest dangers and greatest inefficiencies with endpoint security management today
• Average financial and productivity costs associated with insecure systems – and how to mitigate in your organization
• Steps you can take now to prevent attacks and stay compliant