Browse communities
Browse communities
Presenting a webinar?

Application Whitelisting: the Good, the Bad, the Unknown

Fran Howarth, Senior Analyst, Security, Bloor Research; Jon Parkes, Vice President, Pre-Sales EMEA, McAfee
Join Bloor’s Senior Analyst for Security, Fran Howarth, and Jon Parkes, Vice President, Pre-Sales, McAfee EMEA to learn:

- the role that application whitelisting plays in defending networks against attack through a focus on two key areas—controlling what applications are allowed to run and preventing any unauthorised applications (including malware) from executing
- how to protect systems on the network from configuration changes and mistakes that can allow serious vulnerabilities to be exploited.

Fran Howarth specialises in the field of security, primarily information security, but with a keen interest in physical security and how the two are converging. Fran’s other main areas of interest are new delivery models, such as cloud computing, information governance, web, network and application security, identity and access management, and encryption.
For more than 20 years, Fran has worked in an advisory capacity as an analyst, consultant and writer. She writes regularly for a number of publications, including Silicon, Computer Weekly, Computer Reseller News, IT-Analysis and Computing Magazine. Fran is also a regular contributor to Security Management Practices of the Faulkner Information Services division of InfoToday.

Jon Parkes is responsible for all technical sales operations and solution architects for McAfee in EMEA – helping customers to realise solutions to meet their security and business needs, in an optimal way that balances cost of ownership with security posture. Like other IT functions, the security market is maturing, going through consolidation reflecting customers’ desire for trusted partnership with fewer suppliers. Jon’s twenty-year career has been built around global Enterprise consulting and software, working with some of the world’s largest businesses in many industry sectors, including telecommunications, utilities, financial services and Government, holding regional management positions in both EMEA and Asia Pacific.
Aug 10 2011
47 mins
Application Whitelisting: the Good, the Bad, the Unknown
Join us for this summit:
More from this community:

IT Security

  • Live and recorded (5422)
  • Upcoming (143)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
  • Managing Cyber Risk In Your Vendor Ecosystem Apr 28 2015 5:00 pm UTC 45 mins
    Stephen Boyer, Co-Founder and CTO , BitSight; Mike Rothman, President, Securosis
    Sharing network access and sensitive information with your business
    partners could be putting you at risk of third-party breach. These
    breaches can be very damaging and may account for major losses in
    data, time, and resources. If you’re looking for a better risk
    management method, you’re not alone.

    Watch this webinar to will learn more about:

    - Security risks that could be facing your corporation today.
    - How you can utilize selection criteria to build the best solution.
    - Methods you can use to assess partner security risk.
    - How to make better risk-based decisions by factoring in the security
    posture of your organization.
  • Beware the Botnets: Botnets as an Indicator of Breach Likelihood Apr 28 2015 4:00 pm UTC 45 mins
    Stephen Boyer, Co-Founder and CTO , BitSight
    A 2015 PwC survey found that 96% of CEO’s in the US have indicated rising concern about data breaches - and rightly so. With the record-breaking breaches of 2014 barely behind us, organizations want to take steps to avoid becoming the next victim and are looking for signs that can indicate troubling performance. BitSight Technologies may have found one such indicator. Using their Security Ratings data, recent research shows a solid correlation between a company’s botnet grade and their likelihood of experiencing a publicly disclosed breach, demonstrating that Security Ratings are a powerful metric for communicating cyber risk across the enterprise.

    Join BitSight CTO and Cofounder Stephen Boyer to discuss this research and to learn why continuous security performance monitoring should be an essential part of your enterprise risk management strategy.

    Attendees will learn:
    -What is the correlation between botnet grades and publicly disclosed breaches
    -Why botnet grades vary across key industries and what the top infections are by sector
    -How Security Ratings are generated and the impact botnets and other risk vectors have on these security performance metrics
  • CyberTECH Securing the Internet of Things Forum San Francisco Apr 23 2015 6:00 pm UTC 75 mins
    Expert panel
    This panel of security experts will discuss the internet of things and what's keeping them up at night when they think about security in 2015. After an in-depth discussion, there will be live Q&A from the audience.

    Panelists include:
    Jennifer Bisceglie, CEO, Interos Solutions
    Robert Brese, Executive Partner, Gartner
    Tom Byrnes, Founder and CEO, ThreatSTOP
    Mike Coomes, SVP, Strategy and Development, CyberUnited
    Michael Daniel, Special Assistant to the President and Cybersecurity Coordinator, The White House
    Ryan Gillis, Vice President, Cybersecurity Strategy and Global Policy, Palo Alto Networks
    Tim Gooch, CEO and Managing Director, iWebGate
    Ron Gula, CEO and Founder, Tenable Network Security
    Gary Hayslip, CISO, City of San Diego
    Co-Chair, CyberTECH
    Dr. Sung Hong, Technical Executive and Advisor, Polygon Lab, Stardust Motors and ENT
    Grant Jordan, President, Somerset Recon
    Jon Neiditz, Partner, Kilpatrick Townsend & Stockton
    Daniel Obodovski, Author, The Silent Intelligence
    Mark Rasch, CyberLaw Editor, SecurityCurrent.com
    Paul Rosenzweig, Principal, Red Branch Consulting
    Tom Sadowski, President and CEO, Economic Alliance of Greater Baltimore
    Kevin Sullivan, Technology and Policy Strategist, Microsoft
    Darin Andersen, Chairman and Founder, CyberTECH
  • Using Machine-Readable Threat Intelligence to Block Unknown Threats Apr 23 2015 5:00 pm UTC 60 mins
    Gartner Research Director Craig Lawson and Webroot Chief Technology Officer Hal Lonas
    Enterprises continue to struggle with network breaches, data theft, and other incidents, despite deploying layers of security technologies across their IT environments. One reason for these successful attacks is that many of the threats have never been seen before, and go undetected by traditional security technology. So how can an organization recognize these threats more quickly as they emerge? How does the organization ensure that information about the latest threats is available to drive fast response at the points of vulnerability? In this program, Gartner Research Director Craig Lawson and Webroot Chief Technology Officer Hal Lonas discuss how integrating machine-readable threat intelligence into your security infrastructure can help your organization block active attacks, and even predict where future attacks are likely to come from.
  • Overcoming the Barrier to Threat Intelligence Sharing Apr 23 2015 3:00 pm UTC 60 mins
    Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group, Rich Reybok: CTO
    Your organization is constantly under cyber attack that could - if unchecked - damage your business, customers, employees and reputation. To date, the ad-hoc sharing of cyber-threat information across industries is not well defined nor well structured and in many instances, sharing threat information relevant to your organization is not allowed due to privacy, workload constraints, outdated policies or legal concerns.

    Join Jon Oltsik, Sr. Principal Analyst with Enterprise Strategy Group, and Rich Reybok, CTO Vorstack Corporation, to understand the challenges that organizations face today with sharing threat intelligence and how to navigate them both internally and externally. Come to understand what’s changed in the last few years and the historical negative stigma of information sharing. This webinar can help answer the question “What does sharing threat intelligence really mean?” Following the overview and strategy, a brief discussion on the different approaches to sharing threat information and how secure sharing within your “trusted circle” can create a simple Cyber neighborhood-watch environment. This event is designed to help you overcome the hurdles that organizations have today – that of being able to receive the available collective knowledge, validate impending cyber-threats and access remediation solutions – all within the framework of stringent data access and privacy controls.

    What you will learn:

    -Issues organizations face when sharing threat information.
    -What’s changed that has created this “need” to share threat intelligence.
    -Definition of what sharing Threat Intelligence means in today’s world of cyber crime and attacks.
    -The new approaches available for successful and secure collaboration.
    -How to participate in a Cyber Neighborhood watch with trusted industry peers.
    -The benefits organizations can recognize from collaboration.
  • Deploying a "Magic Quadrant" Private Cloud-based Backup and Recovery Platform Apr 22 2015 7:00 pm UTC 45 mins
    Jack Pressman, Chief Technology Officer, Cyber Innovation Labs
    Information is the lifeblood of any business. If the data required to operate and maintain market presence becomes inaccessible, compromised, or worse – unrecoverable, the business impact could be devastating. Learn about the existing and emerging risks to your critical data infrastructure and business operations. What mitigation strategies are available and what considerations do you need to assess? How does the changing landscape for consumption of IT such as cloud, on-premise, and hybrid solutions effect survivability and securitization of your prized assets?
  • Hand to Cloud Data Security Apr 22 2015 6:00 pm UTC 60 mins
    Gary Watson
    Tech blogs are overflowing with examples of password hacks, data destruction, and data leakage. It’s time for a new approach. Imation’s recently-announced Secure Data Movement Architecture (SDMA) will safeguard your organization’s most valuable data against tampering, leakage, or loss - throughout its entire lifecycle including when it’s in the cloud or mobile devices, or anywhere in between. Join us as we give you a sneak peek into our new concept for painless data protection, and the rapidly evolving types of threats its meant to address.
  • Planning for anything: business continuity and disaster recovery Apr 22 2015 5:00 pm UTC 60 mins
    Mike Kunz, VP of Sales, StorageCraft
    Is your business prepared for a disaster? Join ESET and industry expert, StorageCraft, for a research overview presentation of modern business disasters. We'll look at the difference between back up and recovery and discuss best practice for building a recovery plan. Mike Kunz, VP of Sales with StorageCraft, will also look at specific solutions to quickly get your business up and running when disaster strikes.
  • Using Sequence Package Analysis to Detect Terrorism and Sedition Apr 22 2015 4:00 pm UTC 60 mins
    Amy Neustein, Ph.D. CEO and Founder Linguistic Technology Systems
    This webinar will demonstrate how Sequence Package Analysis (SPA), a new natural language method that utilizes a corpus of annotated training data comprised of a unique set of feature extractions, may detect early signs of terrorism and sedition. Using an SPA-designed BNF table consisting of sequentially-implicative (as opposed to syntactic) parsing structures, this natural language tool searches social media content and recordings of conversations of suspected terrorists to identify (and measure) collusion, collaboration, affinity with other terror or sedition suspects. Whereas conventional text mining methods are hindered by the speech system’s failure to identify keywords (most suspects intentionally refrain from the use of keywords that pinpoint location, names, dates and time), SPA is designed to work around these obstacles in which users refrain from referring to named entities that are likely to flag their communications as suspicious.
  • Securing Wi-Fi Networks - A System Approach Apr 22 2015 4:00 pm UTC 45 mins
    Kowshik Bhat, Director of Product Marketing, Xirrus
    Wi-Fi security attacks, hacking, stolen mobile devices – are these keeping you awake at nights? Are you surprised that Wi-Fi networks can be more secure than your wired networks? Wireless LAN has come a long way from the days of its inception with inadequate security.

    Contrary to common belief, security is not a single protocol or an appliance or an encryption. It is a system of different components working together to ensure your Wi-Fi network is secure and your confidential information is protected.

    Join this webinar to learn about

    - Advances in Wi-Fi security
    - Multi-layers approach to holistic protection
    - Controlling user and device access
    - Controlling applications
    -Xirrus security solutions
  • Leveraging the Hybrid Cloud for Complete Data Protection Apr 21 2015 5:00 pm UTC 45 mins
    Jayme Williams, Senior Systems Engineer, TenCate
    Jayme Williams, Senior Systems Engineer at TenCate is protecting eight environments across the US and Canada – and each site has different storage. All sites require disaster recovery and backup across the application set. Having one solution would be ideal, but not possible – until they came across Zerto.
    Zerto Virtual Replication is storage agnostic and made it easy to integrate a new site into their disaster recovery plan. Their original business continuity and disaster recovery (BC/DR) plan, affectionately named the “Hit by the bus” book due to its volume, has been greatly simplified and the service levels they are seeing are outstanding – single digit seconds for their recovery point objectives (RPO).

    Finally, they are incorporating public cloud into their IT plans by backing up their applications from their DR site to AWS. With one solution, they can achieve their BC/DR and backup SLA, while reducing costs and introducing public cloud into their IT strategy at a pace that supports changing business requirements.

    With Zerto Virtual Replication:
    •Manage all sites in one pane of glass with one tool for replication and automation of failover, failback and testing processes as well as backup
    •Increase efficiencies with the ability to track and manage consumption across the hybrid cloud
    •Hardware agnostic solution does not require a change in the infrastructure reducing costs
    •Consistency in the BC/DR solution dramatically reduces operational costs
    •Replicates between different types of storage and versions of VMware vSphere making it easy to add new sites to the process
    •Point-in-time recovery enables failover to a previous point to recover from any issue – logical corruption, datacenter outage, etc.
    •Leveraging a public cloud strategy with backups stored in Amazon
  • DDoS Attacks: More Dangerous to You; Never Easier to Launch Apr 21 2015 5:00 pm UTC 45 mins
    Christina Richmond, Program Director, IDC and Joe Loveless, Product Marketing, Neustar
    If your organization cannot afford downtime from DDoS attacks, join this timely discussion from Neustar, with special guest perspective from IDC’s Christina Richmond. Explore the complexity and purpose behind today’s attacks and what you can do to defend your Internet presence. You will learn:

    · What the DDoS threat environment looks like today
    · Why “smokescreening” is a particular danger
    · Where attacks can have impact across your organization
    · How you can take steps to thwart DDoS threats
  • Leveraging Risk, Physical and Cyber Security and Continuity Planning Apr 21 2015 4:00 pm UTC 45 mins
    Eric Kretz, Director, Continuity of Operations (COOP) Division, National Continuity Programs (NCP)
    Generally, risks associated with continuity planning, from physical to cyber-security, are part of an ever-evolving threat to our systems and technologies. Continuity planning is simply the good business practice of ensuring the execution of essential functions through all circumstances, and it is a fundamental responsibility of public institutions and private entities responsible to their stakeholders. What are some of the risks associated with continuity planning? Why is managing risk important for continuity? What are some of the methods used to mitigate risks in continuity planning?

    The COOP presentation will provide an understanding of Continuity and Continuity of Operations, explain the importance of a viable Continuity capability, and emphasize the need for a viable Continuity capability in all organizations, to demonstrate some of the linkages between continuity programs and:

    • Risk Management
    • Physical Security
    • Emergency Management
    • Cyber Security/ Information Technology

    Join us on April 21 as NCP’s senior continuity practitioner shares resilient continuity programs and outreach efforts. Hear from Eric Kretz, NCP, as he talks about Information Integration: Leveraging Risk, Physical and Cyber Security and Continuity Planning.
  • SIEM Detection & Response Cases Apr 21 2015 3:00 pm UTC 30 mins
    Tom Clare, Director, Arctic Wolf
    Before tackling a SIEM project to improve detection and response, learn from these case studies as their scenario likely matches yours. To firebreak your network brings together technologies, processes and people in the right balance across four phases. More than a security point solution or another box, you need to turn craft into a discipline to improve detection and response.

    Learn from your peers about the following:
    - Before environment and issues
    - Transition effort, cost and impact
    - After environment and benefits
    - Best practices for managed SIEM
    - Your network and next steps
  • Webroot’s 2014 Threat Brief Preview Recorded: Apr 16 2015 38 mins
    Grayson Milbourne, Security Intelligence Director
    This presentation provides an overview of the threats against a wide range of organizations and individuals during 2014. This overview is based on research and analysis conducted by the Webroot Threat Research team. The report includes analysis of IP addresses associated with malicious activity, details on the reputation of URLs by category and location, phishing detection statistics, insights into file reputation and encounter rates with malware and PUAs and information on mobile app security for Android devices. All data presented comes from Webroot’s Intelligence Network and was observed during 2014.
  • Next-Generation Security for Amazon Web Services Recorded: Apr 16 2015 37 mins
    Matt Keil, Product Marketing, Palo Alto Networks
    Public cloud computing resources such as Amazon Web Services (AWS) are helping organizations like yours develop and deploy new applications rapidly; expand into geographic regions seamlessly and extend competitive advantages. Cyber criminals are well aware of the rapid expansion into the public cloud and are looking for weaknesses in your security posture. Don’t let them find one. The VM-Series for AWS, allows you to securely extend your corporate datacenter into AWS, using our next-generation firewall and advanced features to protect your data while native management features ensures policies keep pace with the changing to your applications.

    In this webinar, attendees will learn:
    - Common customer use cases for AWS
    - Key security challenges and considerations
    - How the VM-Series can protect your AWS environments
  • Improve Threat Detection with OSSEC and AlienVault USM Recorded: Apr 15 2015 60 mins
    Garrett Gross, Sr. Technical Product Marketing Manager, Bjorn Hovd, Systems Engineer
    Host-based IDS systems, or HIDS, work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM features a complete integration of OSSEC, one of the most popular and effective open source HIDS tools.

    In this live webinar, we'll show you how USM helps you get more out of OSSEC with:
    Remote agent deployment, configuration and management
    Behavioral monitoring of OSSEC clients
    Logging and reporting for PCI compliance
    Data correlation with IP reputation data, vulnerability scans and more
    We'll finish up by showing a demo of how OSSEC alert correlation can be used to detect brute force attacks with USM
  • Surfacing Critical Cyber Threats Through Security Intelligence Recorded: Apr 15 2015 62 mins
    Dr. Sameer Bhalotra, Former White House Director; Chris Petersen, CTO; Robert F. Lentz, Former CISO for the Dept of Defense
    The rapidly expanding supply chain supporting the cybercrime economy is empowering cyber criminals, cyber terrorists and even nation states in ways that put companies, critical infrastructure and governments at increased risk. The fate of an organization whose defenses have been compromised will be determined by the speed with which they can detect and respond to intruders. A mature security intelligence posture boosts an organization’s resiliency amidst these advanced threats. If intruders are detected early in their lifecycle, organizations can respond quickly and potentially avoid loss altogether.

    In this webinar, three cyber security veterans will discuss today’s rapidly evolving cyber threat landscape and LogRhythm’s new Security Intelligence Maturity Model™ (SIMM). They will explore how the SIMM provides organizations with a framework to plan for continuous reduction in their mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to high-impact threats.

    Learn about:
    • Emerging cyber threat vectors in 2015.
    • Security Intelligence and the critical role it plays in addressing high-impact threats
    • Using the SIMM to assess your current Security Intelligence Maturity
    • How to move from “greatly exposed” to “highly resilient” via End-to-End Threat Lifecycle Management
  • What You Don't Know about Cryptography and How It Can Hurt You Recorded: Apr 14 2015 50 mins
    Chuck Easttom, Computer Scientist, Author, and Inventor
    This presentation describes the gaps in most security professionals knowledge of crypto, why that is a problem, and how you can correct it.
  • The Dark Side of Anonymizers: Protect Your Network from the Unknown Recorded: Apr 14 2015 44 mins
    Joanna Burkey, DVLabs Manager, HP TippingPoint
    While anonymizers can serve a positive purpose by protecting a user’s personal information by hiding their computer’s identifying information, their use in your network environment can be dangerous. Anonymizers can evade enterprise security devices, and their misuse can make your organization susceptible to malware and unwanted intrusions. Attend this session to learn how you can detect and block elusive anonymizers from wreaking havoc on your network.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Application Whitelisting: the Good, the Bad, the Unknown
  • Live at: Aug 10 2011 9:00 am
  • Presented by: Fran Howarth, Senior Analyst, Security, Bloor Research; Jon Parkes, Vice President, Pre-Sales EMEA, McAfee
  • From:
Your email has been sent.
or close
You must be logged in to email this