Hi [[ session.user.profile.firstName ]]

Don't Bloat The Hypervisor! What to Know About Introspection

"Don't bloat the hypervisor" is the rallying cry for some security professionals worried about system virtualization security. Worried that access to APIs for security needs could end up making the same mistake with hypervisors that was made earlier with operating systems - bloat. And the larger a system is, whether it is the code base for a hypervisor or an operating system, the more difficult it is to secure. Other security professionals say that the lack of security capabilities inherent in hypervisors limits necessary tasks, such as forensics. This group argues that introspection capabilities are critical for actually securing virtualization.

This presentation will examine both sides of the introspection debate, and what the possible implications of it are for information security practitioners trying to secure virtualized environments.
Recorded Feb 23 2011 33 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Tim Mather, Consultant & Board Member of Cloud Security Alliance (CSA)
Presentation preview: Don't Bloat The Hypervisor!  What to Know About Introspection

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Board’s Role: Balancing Risk and Reward Apr 24 2018 12:00 pm UTC 45 mins
    Steve Durbin, Managing Director, ISF LTD
    The board's involvement is absolutely crucial for communicating cybersecurity strategies and overall cybersecurity success.
    When boards and CISOs successfully engage, organisations can take advantage of the opportunities presented by cyberspace, as well as address associated risks.

    In this webinar, Steve Durbin, Managing Director at the ISF will discuss how the board of directors should lead collaboration and security awareness across the organisation, to help IT and security teams focus on what matters the most to the business, and ensure cybersecurity is embedded into the organisations business strategy.


    About the presenter

    Steve Durbin is Managing Director at the Information Security Forum (ISF). His main areas of specialism include strategy, information technology, cybersecurity and the emerging security threat landscape across both the corporate and personal environments.
  • Using Behavioural Economics to Raise Digital Resilience Amongst Employees Mar 22 2018 9:00 am UTC 60 mins
    Robin Smith, Head of IT Security, South Yorks NHS
    This case study examines how a major NHS organiation used Richard Thaler’s Nudge strategies to redirect employee behaviour and create a culture of cyber vigilance.

    Join this webinar presentation to learn:
    - Key lessons on the value of micro-marketing
    - Lessons from cybernetics
    - The value of cyber resilience in healthcare

    About the Presenter:
    Robin Smith is a former cybersecurity lead analyst in UK Police Service. He has authored four books on cyber security and is currently working on a documentary feature examining the impact of cyber-crime on society for release in 2018. He has previously worked in UK health sector, telecommunications and was formerly a lecturer at Loughborough University in Information Risk Strategy.
  • [Webcam Panel] Threats and Cyber Resilience Mar 21 2018 5:00 pm UTC 60 mins
    Dan Paltiel (US Bank) | Matt Wolfe (Obsidian) | Roselle Safran (Rosint Labs)
    Cybersecurity is a key priority for CISOs in 2018. What are the cyber threats CISOs should be aware of? How can we build more resilient enterprises in an age of relentless cyber attacks?

    Join this interactive panel to learn more about:
    - The latest cyber threats
    - New attack trends
    - Fighting cyber crime in an age of breaches and stolen personal information
    - Understanding your cyber risk
    - CISO priorities for 2018
  • The Rise and Rise of Ransomware: Prepare and Protect Mar 20 2018 1:00 pm UTC 45 mins
    Maxine Holt, Principal Analyst, ISF
    The expectation from the start of 2017 – that we hadn’t seen the back of ransomware – was justified. 2017 was plagued with global attacks such as Petya, WannaCry, Bad Rabbit and many others. Unfortunately, 2018 could be even worse.

    With ransomware continuously developing new delivery techniques, organisations must learn how to prepare and protect themselves from the threat of ransomware, but how can they do this?

    In this webinar, Maxine Holt, Principal Analyst at the ISF, will explore the latest threats in ransomware and what organisations can do to remove vulnerabilities to reduce risks of an attack.
  • GDPR and Security: De-Identifying Personal Data Feb 22 2018 4:00 pm UTC 60 mins
    Ashwin Chaudhary, President of Accedere
    Anonymization and Pseudonymization are ways GDPR recommends to De-Identify personal data. By making it impossible or impractical to connect personal data to an identifiable person, data controllers and processors may be able to do the processing and storage of personal data outside the scope of the GDPR.

    Join this webinar to learn the GDPR requirements for managing personal information and digital identity.
  • GDPR's influence on security Feb 22 2018 11:00 am UTC 45 mins
    Rob Shapland
    Will GDPR have the desired effect? Will it increase security, or see companies regularly hit with catastrophic fines for poor compliance.
  • GDPR Is Coming - Is Your Organization Ready? Key Steps to Help You Prepare Feb 21 2018 1:00 pm UTC 60 mins
    Amar Singh, Cyber Management Alliance
    On May 25 the long-awaited General Data Protection Regulation (GDPR) will go into effect across Europe. GDPR is the biggest overhaul of data protection laws in more than two decades. How prepared is your organization for GDPR?

    Join this interactive panel of experts as they discuss:
    - What is GDPR?
    - Why should you be GDPR-compliant?
    - How to achieve compliance?
    - Steps your organization should take today to prepare for GDPR
    - Other GDPR considerations
  • GDPR - Security at the Service of Privacy Feb 20 2018 10:00 pm UTC 60 mins
    Michelle Dennedy (Chief Privacy Officer, Cisco); Others TBA
    The General Data Protection Regulation (GDPR), a key legislation covering privacy rights, data security, data control, and governance, is going into effect in May 2018. As organizations are scrambling to achieve GDPR compliance before the May 25th deadline, some are still not clear on the exact GDPR requirements.

    Join this panel of experts as they discuss:
    - The regulatory landscape in 2018
    - What GDPR means for you and your organization
    - GDPR requirements around data collection and governance, exposure and breach disclosure, identity and privacy
    - Evaluating your cyber risk
    - Last minute changes your organization needs to make
    - Failure to comply & fines
    - Recommendations for achieving compliance and other regulation on the horizon.
  • Threat Hunting Series: Rethinking Persistency Feb 20 2018 10:00 pm UTC 45 mins
    Adi Ashkenazy, VP Product for XM Cyber
    In this episode of the Threat Hunting series, Adi Ashkenazy will follow some of the approaches hackers use to counter the methods of defenders trying to remove them from their target networks. Adi Ashkenazy will also discuss the evolution of persistency in cyber-attacks, and focus on modern and predicted trends.

    About the Speaker:
    Adi Ashkenazy is the VP Product for XM Cyber, an innovative cyber security start-up developing a revolutionary breach and attack simulation solution, capable of identifying critical attack paths towards key organizational assets, while providing actionable prioritized remediation.Prior to XM Cyber, Adi served as deputy director of an elite cyber technology department in the prime minister's office in Israel, leading Israel's finest engineers and security professionals through some of the most complex cyber security challenges in the world today.
  • CPE Webinar: Critical Actions to Finalize Your GDPR Compliance Program: Part 2 Jan 30 2018 6:00 pm UTC 75 mins
    Dr. Branden Williams, with Timothy Yim, Imperva; Barbara Cosgrove, Workday; Sue Habas, ASG; and Naheed Bleecker, TrustArc.
    The new EU General Data Protection Regulation (GDPR) rule looms and will take affect in May 2018, but only a third of companies are on track to be compliant by the due date. GDPR is the most significant change in data privacy regulation in more than 20 years. It represents an extraordinary shift in the way businesses will be expected to operate when they gather, process, maintain, and protect customer data. Any organization that retains information of EU citizens must be in compliance or face huge fines of up to 4% of worldwide turnover.

    In this webinar series you will hear from industry experts facing the same challenges you face and find out how they're meeting and surpassing critical implementation check points, and you will learn what actions other organisations are taking preparation for data protection – not only for GDPR, but for long-term data protection.
  • Key Insights from NTT Security's Threat Intelligence Report Recorded: Jan 18 2018 61 mins
    Christopher Camejo, Director of Product Management – Threat Intelligence, NTT Security
    Cyber attacks are as unique as the attackers behind them and the organizations they target: both attackers and the organizations they target have different objectives. Analysis of attack trends can help determine where security efforts should be focused to prepare for the most common attack types and protect from the highest risk.

    In this talk we will walk through the latest data from NTT Security’s Threat Intelligence Reports to show the most common threats facing organizations in various sectors and geographies today.
  • Key Considerations for Building Stronger Security Recorded: Jan 18 2018 60 mins
    John Bambenek (Fidelis) | Mike Bruemmer (Experian) | Kevin Lee (Sift Science) | Dennis Leber (Commonwealth of Kentucky)
    In the age of breaches and increased cyber attacks, security professionals are looking for the best ways to secure their organizations and prepare against upcoming cyber threats. Join this panel of experts are they look back the biggest events of 2017 and provide their recommendations for CISO's on what to look out for in the next months and how to improve their organization's cyber security in 2018.

    - Breaches and (Compromised) Identity
    - Lessons learned from 2017's major breaches (Equifax, Uber, etc.)
    - Fighting cyber fraud, identity theft, account takeovers
    - The likelihood of GDPR leading to companies not disclosing breaches
    - Cyber attack trends on the horizon
    - How to protect against these attacks and build a more resilient enterprise

    Speakers:
    - John Bambenek, Threat Systems Manager, Fidelis Cybersecurity
    - Dennis Leber, CISO at Cabinet for Health and Family Services, Commonwealth of Kentucky
    - Kevin Lee, Trust and Safety Architect, Sift Science
    - Michael Bruemmer, VP Consumer Protection, Experian Consumer Services
  • API Security: The Past, Present, and Future Recorded: Jan 17 2018 55 mins
    Bernard Harguindeguy, Founder and CEO Elastic Beam
    API Security has moved from being an afterthought to a critical component of API deployments. Organizations are now evaluating many security services to meet business needs. Foundational security services, such as data encryption, rate limiting, and access control are now available across a range of on premise, CDN, and SAAS offerings to provide organizations the flexibility of aligning API security with overall security needs.

    Advanced attacks, including bot detection, API data and control system attacks, and API DDoS attacks are a big data problem which requires applying Artificial Intelligence and Machine Learning techniques to reliably identify and remediate attacks. Once again, multiple security platform choices are becoming available. Moving forward, one can envision the availability of a security services menu that supports automated deployment and delivers the desired API security to protect an organization’s critical assets.

    About the Presenter:
    Bernard is the founder and CEO of Elastic Beam. He is a serial entrepreneur with a proven record of building high growth organizations and award-winning products. He brings strong expertise delivering security and data center software to large enterprises, government agencies, Telcos, and consumers. Most recently he was Chairman, President and CEO at Atlantis Computing. Previously, he was the CEO of Green Border (first security company acquired by Google), and the CEO of WorldTalk (acquired by Tumbleweed). Bernard was also the Chairman of Booshaka (acquired by Sprinkler), Chairman of Norskale (acquired by Citrix), and Chairman of BorderWare (acquired by WatchGuard). Bernard earned a MS in Engineering Management from Stanford University. Bernard was inducted into the University of California Irvine Engineering Hall of Fame in 2015.
  • Top Cybersecurity Priorities for CISOs Recorded: Jan 16 2018 61 mins
    Dr. Christopher Pierson, John Cloonan, Roselle Safran
    Aligning security with business goals remains a challenge for CISOs across industries. In an age of relentless attacks, CISOs need to be proactive, informed and have the resources to launch a resilient cyber defense.

    Tune in to this interactive panel discussion to learn the key cyber priorities for CISOs this year:
    - Cyber attacks and new threats on the horizon
    - Understanding your company's cyber risk
    - Cost of breaches
    - Best practices for improving security in 2018
    - Communicating security strategy to the board

    Speakers:
    - Dr. Christopher Pierson, Founder & CEO, Binary Sun Cyber Risk Advisors
    - Roselle Safran, President, Rosint Labs
    - John Cloonan, Director of Products, Lastline
  • Securing Your Digital Way of Life Recorded: Jan 16 2018 59 mins
    Ron Temske, VP Security Solutions, Logicalis
    In this presentation, Ron Temske, Vice President of Security for Logicalis US, will discuss the prevalence of cyberattacks through a variety of attack vectors.

    Attendees will also learn about market trends, malware evolution and smarter security strategies to reduce enterprise vulnerability and mitigate risks.

    About the Presenter
    Ron Temske is Vice President of Security Solutions for Logicalis US, an international IT solutions and managed services provider (www.us.logicalis.com). At Logicalis, he is responsible for defining the strategic vision for security solutions and ensuring that consistent methodologies and procedures are applied nationwide. Ron has more than 20 years of experience in the information technology-consulting arena and blends sales and management skills with his training as an engineer. Ron holds Bachelor’s and Master’s degrees in Nuclear Engineering from the University of Michigan at Ann Arbor.
  • Are You Ready for PCI D-Day? January 31, 2018 Is But 2 Weeks Away Recorded: Jan 16 2018 64 mins
    Ben Rothke (Nettitude) | David Mundhenk (Herjavec Group) | Jeff Hall (Optiv)
    One of the big priorities for companies in 2018 is to achieve compliance. GDPR is going into effect in May, but even before that new new PCI DSS 3.2 requirements are set to become operational in February. According to the PCI SSC, these requirements were previously considered to be 'best practices' until January 31, 2018, after which compliance with them becomes mandatory. Although this is not connected to GDPR, companies that implement this standard will be some way to becoming GDPR compliant, at least as far as payments are concerned. E.g. In PCI DSS 3.2., multi-factor authentication (MFA) becomes mandatory, offering retailers and other companies a way of protecting customer personal details.

    Join the PCI Dream Team as they discuss:
    - What are the new PCI DSS 3.2 requirements?
    - Who needs to be PCI DSS 3.2 compliant?
    - What is the impact on data protection and cyber security?

    Speakers:
    - David Mundhenk, Senior Security Consultant at Herjavec Group
    - Jeff Hall, Principal Security Consultant at Optiv Security
    - Ben Rothke, Principal Security Consultant at Nettitude Group
  • Crafting Smarter Security Strategy in 2018 Recorded: Jan 16 2018 61 mins
    Raef Meeuwisse, Paul Swarbrick, Cristiano Cafferata, Graeme Park
    Last year's massive cyber attacks and data breaches that disrupted organizations and governments worldwide are a major wake up call for CISO's everywhere. Now, more than ever, it's paramount to make invest in smarter security to protect your organizations critical data assets and workloads.

    Join this panel of top industry experts as they discuss:
    - Why businesses should put cybersecurity a key priority in 2018
    - Key factors to consider when crafting your security strategy
    - How to prevent breaches, detect them faster and launch an appropriate response
    - Recommendations for CISO's and CIO's
  • Making Security Strategy Reality: Winning Strategy through Tactics Recorded: Jan 16 2018 32 mins
    Griff James, Director, Damrod Analysis
    In cyber security the strategic goals are often clear, while the methods to achieve those goals is anything but. This webinar introduces Damrod’s Cyber Strategic Framework that applies military analysis to cyber security challenges. Aimed at security teams trying to implement high level goals in the real world, this talk focuses on effects based planning that integrates disparate elements of IT and security into a cohesive package. Defending the network is about more than technology. Analysis and leadership are critical elements of an effective cyber defense. You will leave this webinar better equipped to develop the tactics that make strategy a reality.

    About the Presenter:
    Griff is trained as a Canadian Infantry Officer and is a holds a Master’s Degree from the LSE. Unable to find “real” work, he got into software development as a Scrum Master, leading the development of a web based application. This experience fostered an interest in cybersecurity, and Griff went on to a boutique start-up providing application security to Fortune 500 companies. Frustrated by the disconnect between technologies and poor analysis within cyber security, Griff founded cyber defense firm Damrod Analysis in 2017.
  • 5 Digital Asset Security Risks Someone Should Have Warned Me About Recorded: Dec 26 2017 40 mins
    Todd DeCapua
    Todd will walk you through the 5 digital asset security risks someone should have warned him about. You will enjoy the stories, see the key learnings, and know what you need to do as you are likely headed down this path.

    With examples in the media, at least on a weekly basis, where realities of risks to Revenue, Brand, Customer and Competitive are all too real. Join the leading expert in Digital Asset Security and Performance Engineering, ensuring you will know where to focus first; enabling you to mitigate some of the higher profile risks, which you and your team may not be aware of yet.

    You will hear about:

    •Domain Management and Strategy
    •Online Brand Protection
    •DNS Services and Analytics
    •SSL Certificates
    •Social Media Username Registration and Management
  • Career Conversations w/ Kristi Horton - Threat Intel and Forensics Expert Recorded: Dec 22 2017 60 mins
    Kristi Horton and Jessica Gulick
    Join us at our next Career Conversations session. We'll discuss topics such as: what made them decide on IT or Cyber Security, what were some of their work/life challenges, and what skills and education do they see as essential to success?

    Whether you are an experienced professional or just contemplating a future in Cyber Security, WSC's Career Conversations allows you to have a conversation with women making a difference. Join us and share in Career Conversations with successful women in cyber security!

    Guests: Kristi Horton, Threat Intelligence and Forensics Expert, Founder of Horton Technologies, LLC

    Hosted by Jessica Gulick, VP of the Women's Society of Cyberjutsu

    About the Speaker:
    Kristi Horton is a pioneer with an entrepreneurial spirit. She challenges conventional thinking and encourages peers, team members, and students to seek solutions from other disciplines and leverage any resources at their disposal to overcome barriers to success. Kristi has built and led cyber threat intelligence programs for a top 10 US financial institution, founding and running a commercial digital forensic practice for a Fortune 500 firm, developing new courses and training modules in cyber security, intelligence, and digital forensics along with developing assessment exercises, and serving as an evaluator and coach for forensic professionals. Kristi has mobilized collaborative groups in the financial services industry to develop a common lexicon to enhance threat information sharing among cyber security peers, and initiated a forum for the discussion cyber intelligence strategies. Kristi is active in the community through presentations, panel discussions, and organizing training for intelligence analysts on topics ranging from "what is intelligence", to "Applying Analytic Tradecraft to Overcome Bias". Her work has been recognized by government agencies and commercial firms alike.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Don't Bloat The Hypervisor! What to Know About Introspection
  • Live at: Feb 23 2011 5:00 pm
  • Presented by: Tim Mather, Consultant & Board Member of Cloud Security Alliance (CSA)
  • From:
Your email has been sent.
or close