From Guessing To Knowing—How Cloud Endpoint Security Keeps You Ahead of Threats

Grayson Milbourne, Director of Global Threat Research, Webroot
You’ve heard about how today’s online threats have become too sophisticated for “traditional” threat detection.  These new malware attacks are far too frequent, benign-looking until activated, and designed to bypass traditional signatures and the guesswork of heuristics.
So, by the time the threat is identified and your security technology is updated, it’s too late—the damage has been done.  You are also up against transient Web-based threats that appear for only hours or days.  Blacklisting becomes obsolete the moment it is deployed. And relying on whitelisting can be too restrictive.  So what are your options?
Cloud-based prevention collectively leverages the intelligence seen from each individual endpoint; examines the actions of individual files, IP or URLs; assesses the risks; and then takes action.  And cloud-based intelligence means you’re not relying on the current threat protection on other endpoints. Prevention is now always up-to-date and all users are instantly protected as soon as new threats appear.  This collective prevention minimizes IT workload by eliminating the need to worry about definition updates, or whether your remote workers’ protection is up-to-date.
Cloud-based Webroot threat prevention technologies—that power our award-winning endpoint security products—are changing the game back in favor of the ‘good guys.’ Attend this session and find out more about what’s behind the first true innovation for endpoint protection in 20 years.
Sep 5 2012
39 mins
From Guessing To Knowing—How Cloud Endpoint Security Keeps You Ahead of Threats
Join us for this summit:
  • Channel
  • Channel profile
  • ISCN Panel: The Evolution of Advanced Threats Mar 18 2015 3:00 pm UTC 60 mins
    We're delighted to announce that the Information Security Careers Network (ISCN) Linkedin group is putting together a high-calibre discussion focused on the daily trials and tribulations of protecting an organisation from advanced threats.

    Panelists include:

    ** Dan Raywood (moderator), Editor, IT Security Guru
    ** Neira Jones, Independent Advisor and International Speaker
    ** Mike Loginov, President and Founder, Ascot Barclay Cyber Security Group
    ** Emeric Miszti, Lead - Security Strategy & Risk Mgt, HP Enterprise Security Services
    ** Matthew Tyler, CEO, Blackfoot UK

    The 4 industry-leading speakers, moderated by the IT Security Guru's Dan Raywood will be discussing the following crucial ATP questions:

    - What specifically defines an advanced threat?

    - How have advanced threats evolved over the last year?

    - Are we seeing any significant trends within ATP?

    - What would be the one piece of ATP advice to give?

    All panel participants will also be around at the end for 15 minutes of interactive and in-depth Q&A.
  • Security Beyond the SIEM Mar 18 2015 3:00 pm UTC 45 mins
    Security Information and Event Management (SIEM) tools are widely used in enterprise security organizations as a means to comply with industry regulations for data correlation. These tools are instrumental in aggregating alerts from multiple security devices and giving security operations teams easy access to all the threats targeting the organization. Or do they? With so many alerts, security teams are overwhelmed researching all the possible threats to the business that critical attacks are being missed. Limited context into each alert makes it even more challenging and time consuming to thoroughly research attack events, giving attackers weeks or even months to exploit their targets and steal data. In this presentation, we'll discuss the challenges of relying on SIEM for attack detection and investigation, as well as how to improve your organization's security beyond the SIEM.
  • When Documents Bite - [Reloaded] Mar 18 2015 11:00 am UTC 45 mins
    In 1999, the Melissa virus changed the industries attitude on how malware could be spread. Seemingly safe formats, such as Microsoft Word and Adobe PDF were now being used to deliver the payload. A recent report on the subject found that malicious documents, as a method for delivering malware, are now the preferred method of delivery amongst attackers. In the Red October Diplomatic Cyber Attacks, Microsoft Office and PDF document files were used as the primary
    malware delivery vector.

    The primary reason why this attack vector has had such a high rate of success in social engineering attack campaigns, is directly linked to its ability to effectively circumvent email filtering solutions by distributing a ubiquitous file type (such as *.doc, which is considered to be safe and an industry standard in document formats) that in most cases, able to reach the intended target.

    As a result, analysis of the real world attack techniques, used in malicious office documents, is a key in defending against such targeted attacks that are one of the major IT security concern for enterprise networks.

    This talk will look into the details of those attack techniques, as well as cover a few detection methods that can be implemented by enterprises to counter such threats.
  • Let's Make the Threat of Data Theft Irrelevant Mar 18 2015 10:00 am UTC 45 mins
    Every day, billions of files and emails are created, used and shared between employees at enterprises all over the world. The mobile and cloud revolutions enable people to use data anywhere, from any device - causing organizations to completely lose the ability to control, let alone protect, their sensitive data.

    So they try to contain data, enclose it and block it – even at the risk of disrupting business workflows and collaboration with partners and customers. All only find out that it’s next to impossible to seal off every entry and exit point to the organization; that a breach can still happen at any given moment; and that insiders and privileged users can always by-pass security measures.

    But what if the problem of controlling sensitive organizational data, preventing it from leaking out becomes irrelevant?

    Data Immunization makes it so - by focusing on the data itself rather than the perimeter. Data Immunization means embedding classification, encryption and usage rights to files and emails from the moment of creation. The immunization is persistent throughout the entire lifecycle of the data. Even if the organization is breached, or if files find their way to the wrong hands - either by malice or mistake – the data is fully protected and rendered unusable to unauthorized users. This is how Data Immunization makes the problem of security breaches and data leakage completely irrelevant.

    The presentation will include:

    -> The risks facing the borderless enterprise

    -> Why and where perimeter-based defenses fail

    -> The Data Immunization concept

    -> Case studies from successful implementations by leading Fortune 500 companies

    -> Q&A
  • Securing the “Internet of Things” When Everything has an IP Address Mar 17 2015 5:00 pm UTC 45 mins
    Endpoints are primary targets for cyber criminals. Traditional endpoints such as laptops, tablets, and smartphones support agents and can be centrally managed, configured, and protected. The Internet of Things will drive 4 times the volume of unmanaged devices on a network increasing the attack surface and creating welcome mats for unwanted threats. These unmanaged IP-based devices will be difficult to identify, unable to support an agent, and look like black boxes to security professionals. Without knowing the device type and its business criticality, containing a compromised endpoint will be challenging and time consuming.

    Attend this webinar to learn how to:
    • Identify and classify every IP device on your network without an agent
    • Correlate high fidelity security alerts with device context
    • Minimize the time from threat detection to containment
    • Secure the Internet of Things
  • Anatomy of a Cyber Attack Mar 17 2015 4:00 pm UTC 45 mins
    Victims of targeted attacks, or advanced persistent threats (APTs), make the headlines. Attend this webinar to learn how APTs work and how to defend your business from them. Pat Hill, HP TippingPoint Product Manager, and Bob Corson, Director, Solutions Marketing, discuss the anatomy of an attack and why it's critical to detect and isolate the attack at "patient zero," the initial point of infection.

    Attend this webinar to learn:
    · How the bad guys evade your security
    · The counter measures you need to detect and block them
    · How HP TippingPoint and Trend Micro have partnered to neutralize patient zero
  • Desktop Support and Data Breaches: The Unknown Dangers Mar 17 2015 4:00 pm UTC 45 mins
    According to the 2014 HDI Desktop Support Practices & Salary Report, remote control tops the “must have” list of technologies to successfully provide desktop support to end users. Unfortunately, many service desks are using legacy remote access tools that often leave security gaps putting companies at higher risk of data breaches. This is not a new or unknown issue. Often, IT departments don’t realize the tools they’re using to provide tech support are also being compromised by hackers to plant malware and steal data.  According to the 2013 Trustwave Global Security Report, legacy remote access tools such as RDP and VNC are cited year after year as the most common attack pathways used by hackers. So if remote control tools top the must-have list, what can service desks do to securely support their users without putting their organizations at risk?

    This session will educate desktop support professionals on how hackers are targeting legacy systems and what they need to do to secure their environment.
  • Stop SSL-Encrypted Attacks in their Tracks! Mar 17 2015 3:00 pm UTC 45 mins
    Join us on March 17th to learn how SafeNet Luna HSMs integrate with F5 Networks Firewall Platforms to protect the integrity of the SSL communications.
  • Reducing the Risk of Targeted Attacks with Intelligence Mar 17 2015 3:00 pm UTC 45 mins
    If your intuitive response to the risk of targeted attacks is to run and get some Advanced Threat

    Protection, do yourself a favour and take a step back. The reality is that, while the number of advanced

    attacks has been increasing, the vast majority of cases still use fairly simple techniques and exploit

    publically known vulnerabilities that can be solved by regular patching or other mitigation actions.

    In this webinar we will talk about how you should use vulnerability intelligence to reduce the attack

    surface for hackers and strengthen resilience before you think of implementing ATP solutions.

    Key takeaways:

    - An overview of a multi-layered security approach

    - How to leverage vulnerability intelligence to reduce risk
  • Five Steps to a Zero Trust Network - From Theory to Practice Mar 17 2015 3:00 pm UTC 60 mins
    A Zero Trust network abolishes the quaint idea of a “trusted” internal network demarcated by a corporate perimeter. Instead it advocates microperimeters of control and visibility around the enterprise’s most sensitive data assets and the ways in which the enterprise uses its data to achieve its business objectives.
    In this webinar, guest speaker John Kindervag, Vice President and Principal Analyst at Forrester Research, and Nimmy Reichenberg, VP of Strategy at AlgoSec will explain why a Zero Trust network should be the foundation of your security strategy, and present best practices to help companies achieve a Zero Trust state.

    The webinar will cover:
    • What is a Zero Trust network, and why it should be a core component of your threat detection and response strategy
    • Turning theory into practice: Five steps to achieve Zero Trust information security
    • How security policy management can help you define and enforce a Zero Trust network
  • Catch me if you can: The Hunt for Hidden Botnets Mar 17 2015 2:00 pm UTC 45 mins
    Botnet sophistication is increasing at an astonishing speed. Malicious actors continually use new resources and develop new methods for attacking organisations for a myriad of reasons but with a simple purpose; to look for vulnerabilities in the whole operating environment and compromise an organisation’s security.

    It is estimated that about 16% to 25% of Internet traffic in the world comes from communication between various types of malware. Without an adaptive security approach it becomes challenging for any organisation to process and analyse the sheer volume of data being generated, which is why a different approach is critical. It should involve identifying botnet activity using new methods, leveraged on automation and machine learning techniques, which are best suited to help tackle this challenge.

    Join João Gouveia, CTO of AnubisNetworks for a discussion focused on the most common botnet evasion techniques and how to fight them. This webinar will highlight Cyberfeed’s (AnubisNetworks threat intelligence solution) capabilities, to present a cutting edge approach on botnet activity identification, related traffic and risk level.

    In this webinar you will learn:

    •The main challenges and the current Malware landscape

    •Botnet invasion techniques

    •A holistic approach to detecting botnet activity, correlating different attack vectors and techniques
  • Addressing the Combined Human and Cyber Threat Mar 17 2015 11:00 am UTC 45 mins
    One of the most pressing concerns in today’s ever-changing threatscape is how to address the human factor; with an estimated 14% of all breaches are linked to an insider.

    New forms of attack combined with a lack of experience has left many organisations vulnerable and as more and more companies consume more and more sensitive data, there is an increasingly important requirement for today's Information Security Professional to understand the threats and the mitigation techniques available to them.

    Andrew Rice, Director of Cyber, Security and Influence will be drawing upon QinetiQ’s extensive experience within cyber security to highlight vulnerabilities in your cyber defence and your workforce. Key takeaways will include:

    ** How to train your staff to deal with insider threats

    ** Case study into APT 1 using real-world examples

    ** Methods to combat ATPs including the AIW approach

    ** How best to measure your ATP protection

    ** How to integrate physical and cyber security

    Andrew will also be on hand at the end of the session for 15 minutes of Q&A for you to ask your pressing ATP questions.
  • 'Reeling in the Year' – Looking Ahead to 2015 Mar 17 2015 10:00 am UTC 45 mins
    2014 is in the bag and what a year it was - for the hacker and cybercriminal community that is.

    2014 was full of high profile data breaches and significant new vulnerabilities, some of which affected the very core of the online world. This session will combine looking back at 2014’s key events and a good dose of Fortinet’s cyber crystal ball to come up with some predictions for what we can expect during the upcoming 12 months.
  • Data-centric Security Key to Digital Business Success Mar 11 2015 5:00 pm UTC 45 mins
    With the exponential growth of data generation and collection stemming from new business models fueled by Big Data, cloud computing and the Internet of Things, we are potentially creating a cybercriminal's paradise where there are more opportunities than ever for that data to end up in the wrong hands. The biggest challenge in this interconnected world is merging data security with data value and productivity. If we are to realize the benefits promised by these new ways of doing business, we urgently need a data-centric strategy to protect the sensitive data flowing through these digital business systems. In this webinar, Ulf Mattsson explores these issues and provides solutions to bring together data insight and security to safely unlock the power of digital business.
  • Securing Office 365 Mar 11 2015 5:00 pm UTC 45 mins
    As much as Silicon Valley startup execs love to portray Microsoft as a dinosaur, the fact is that Office 365 adoption is accelerating in the enterprise. Office 365 offers a promising compromise for enterprises deciding, “to cloud or not to cloud": Bring cloud-based productivity tools under the company’s security umbrella so that people can work the way they want to, without sending sensitive company data astray. The idea that you can simply shift responsibility for your company’s data security to Microsoft, however, couldn’t be further from the truth. You can achieve Office 365 data security... but only through a partnership that involves, at its core, a comprehensive in-house security plan, together with Office 365’s built-in security functionality.

    In this webinar, Rich Campagna, VP Products at Bitglass, and Chris Hines, Product Marketing Manager, will help you understand where Microsoft’s security responsibility ends, and where yours begins, highlighting key gaps to keep in mind as you make the move to Office 365, and how to solve them.
  • Get Complete IT Compliance: Reduce Risk and Cost Mar 10 2015 3:00 pm UTC 60 mins
    Reacting to threats and remediating breaches can’t wait. Your compliance plan may be in place – but can you execute fast?

    Join BMC Software and Qualys to see how to get complete IT compliance and reduce the risk and cost in your organization. Hear how to reduce the window of exposure to vulnerabilities and be more proactive in preventing aggressive threats. In this webinar, you will learn to:

    ·Break down the SecOps gap and internal silo’s
    ·Easily detect security issues with new automated, online technology
    ·Quickly analyze operational dependencies and the potential impact of proposed fixes
    ·Enforce governance policies and change approval requirements
    ·Execute validated remediation actions rapidly
    ·Document actions and results in real time

    Plus, learn how to improve communications between security and operations to ensure a speedy resolution to compliance issues.
  • Avoiding the Headlines: 5 Critical Security Practices to Implement Now Recorded: Mar 5 2015 47 mins
    2014 could have easily been called, “The year of the biggest security breaches since the beginning of forever.” But given current security practices and technologies, many of the breaches could have been prevented. So why weren’t they?

    Many of the affected companies fell into a very common trap, thinking that if a company goes to the trouble to be legally compliant then it will be effectively “secure.” Unfortunately, as with many kinds of regulations, legal compliance really represents the absolute least amount of effort required. If companies want to give themselves the best chance to avoid the very severe consequences that come with a major breach, there are five practices they need to put in place now.

    Join Adrian Sanabria, Senior Security Analyst at 451 Research, and Amrit Williams, CTO of CloudPassage, on this webinar to learn
    · Possible gaps left by the compliance-first approach to security
    · How to limit vulnerabilities across traditional, virtual and cloud infrastructures
    · Five best practices to avoid a major security breach in 2015
  • Top 7 File Sync & Share Features For Businesses Recorded: Mar 5 2015 38 mins
    The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • The coming Cyber-Storm and The Internet of Things Recorded: Mar 5 2015 30 mins
    The Internet of Things (the new buzzword for the tech industry) is increasing the connectedness of people and things on a scale that was once beyond imagination. Connected devices outnumber the world's population by 1.5 to 1.It is expected to eventually touch some 200 billion cars, appliances, machinery and devices globally, handling things like remote operation, monitoring and interaction among Internet-connected products.

    In combination with the fact that there are almost as many cell-phone subscriptions (6.8 billion) as there are people on this earth (seven billion), we have all the ingredients for a Perfect Cyber Storm.

    Join me for an informal discussion of the challenges for our profession, and some possible solutions.
  • The One-Man SOC: Habits of Highly Effective Security Practitioners Recorded: Mar 5 2015 43 mins
    Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: From Guessing To Knowing—How Cloud Endpoint Security Keeps You Ahead of Threats
  • Live at: Sep 5 2012 3:00 pm
  • Presented by: Grayson Milbourne, Director of Global Threat Research, Webroot
  • From:
Your email has been sent.
or close
You must be logged in to email this