Hi [[ session.user.profile.firstName ]]

Avoid Death by 1000 Security Alerts

Modern threat detection technologies can create large volumes of security alerts as they discover threats or detect signs of potential infection. Reimaging every system suspected of infection can lead to productivity-killing downtime, but may be unnecessary when the security alert is triggered by non-malicious files, low priority system anomalies, or false alarms. In this session, Neil Stratz discusses examples of evasive malware that can lead to wasted incident response efforts, highlight example pitfalls of conventional IR processes, and recommend a series of steps and methods to leverage contextual data and existing security devices to ensure an effective and rapid response.
Recorded Dec 10 2013 43 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Neil Stratz, VP Customer Solutions, NetCitadel
Presentation preview: Avoid Death by 1000 Security Alerts

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Don’t allow security & data regulations to slow business transformation Nov 9 2016 11:00 am UTC 45 mins
    Sunil Choudrie, Global Solutions Marketing Mngr - Symantec & Ravi Pather, VP EMEA, Cloud Data Protection Solutions - Bluecoat
    The adoption of SaaS is accelerating faster than expected. However, as this SaaS adoption accelerates, enterprises are discovering various legal and regulatory data compliance responsibilities that maybe challenging to address in a seamless manner or potentially slow down the adoption of SaaS applications and potentially innovation.


    • How enterprises can leverage the full value of SaaS applications such but fully meet complex data compliance needs without impacting the usability of the SaaS application. Learn how sensitive data can be protected yet leverage the full benefits of the SaaS application without breaking SaaS application functionality such as searching, sorting and reporting of sensitive data.

    • The different methods of data obfuscation such as 'data tokenization' and 'data encryption' and understand the specifics when meeting and demonstrating data compliance in a SaaS environment.

    • If SaaS vendor application encryption can be relied upon to address your enterprises data compliance requirements when the sensitive data is encrypted just at rest. What are the data compliance implications of key management and who controls the encryption keys?
  • Addressing Security Analyst Fatigue in the SOC Nov 8 2016 7:00 pm UTC 45 mins
    JP Bourget, Founder and CEO, Syncurity
    This talk provides a look into the fatigue that we’ve observed in operating and managing security operations teams. We look at some of the causes, indicators, costs and prevention techniques to help internal Incident Response (IR) and security teams be more effective. We will explore solutions like tooling, cross-training, continuous rotations and explain the benefits of these approaches and why you should rethink how you run your SOC/CIRT/MSSP.
  • How Can I Automatically Find and Fix My Data Security Blind Spots? Nov 8 2016 5:00 pm UTC 60 mins
    Ulf Mattsson, CTO at Compliance Engineering
    The need to detect data security blind spots is becoming more important every day. This includes sensitive data that was not found in the data discovery process, as well as failures of our deployed critical security control systems. Without formal and automated processes to detect and alert to new data discovery findings and critical security control failures as soon as possible, the window of time grows, allowing attackers to identify a way to compromise the systems and steal sensitive data. This can also impact our real compliance posture and compliance to PCI DSS 3.2.

    Revisions to PCI DSS point toward the realization that security must be built into the development process. This is frequently referred to as Rugged DevOps or SecDevOps, and is embracing the speed of DevOps and continuous delivery in a secure environment. DevOps does affect security, and you can use it to your advantage. As cloud, big data and DevOps disrupt traditional approaches to security, new capabilities emerge to automate and enhance security operations.

    Join this session and learn how to automatically report on these data security blind spots and how security can be built into the development process and platforms. Ulf Mattsson, CTO of Compliance Engineering will discuss how security can be built into the development process, including Rugged DevOps,SecDevOps vs DevSecOps, Scrum, SAFe, DAD and use in Large-scale Development.
  • Nivdort: A long lasting threat with a big bag of tricks Nov 8 2016 4:00 pm UTC 45 mins
    Tiago Pereira – Threat Intel Researcher, at AnubisNetworks
    Nivdort is a malware family that has been around for several years. Over these years it has been subject to several improvements and, as a result, today it is a very interesting piece of malware with an uncommonly large number of features that has steadily kept a few botnets running with a high number of infections.

    Join us on this webinar to learn more about the Nivdort family and some of its extensive list of tricks (e.g. DGA, P2P, information stealing, email spam, instant messaging spam, bitcoin mining), and about its worldwide infection distribution.
  • How to Improve Employee Performance Using Big Data Nov 8 2016 3:00 pm UTC 15 mins
    Scott Dallon, Lead Trainer, BrainStorm
    Discover how to improve employee performance with access to information anytime, anywhere.

    In this video you will learn how to share big data and collaborate with team members. We will also go over how to share documents or files without having to email colleagues back and forth.
  • Withstanding a Ransomware Attack: A Step-by-Step Guide Nov 8 2016 2:00 pm UTC 45 mins
    Russel McDermott, Netwrix
    Ransomware has spread epidemically in 2016. Analysts, IT pros and corporate staff list it among the top IT security threats. According to a report prepared by the Cyber Threat Alliance (CTA), CryptoWall, version 3.0, alone has already cost its victims $325 million. Malicious software R&D is funded profusely through sources ranging from the proceeds of criminal activity to money raised through crowdfunding services. Under crowdfunding, those who pay the developer receive a copy and can try using it.

    Join our new webinar “Withstanding a ransomware attack: A step-by-step guide” and learn:

    -What you should do to ensure your data’s availability,
    -How to train your colleagues to avoid being caught on the hook of ransomware,
    -How to moderate the aftermath of a ransomware attack,
    -And more!
  • Shark Attacks and Car Crashes: Interrogating Fear and Risk in Data Protection Nov 8 2016 1:00 pm UTC 45 mins
    Tim Sadler, Co-founder & CEO, CheckRecipient
    Contrary to the fear around malicious insiders and external hackers, the Information Commissioner's Office recently reported that the most common data security incidents reported to them are all due to inadvertent human error (incidents like misaddressed emails and laptops being left on trains). In the face of game-changing regulatory changes like GDPR, it's crucial that information security and data protection professionals prioritise addressing the most prevalent risks first, not the ones that appear the scariest.
  • The Correlation Between Cybersecurity and Financial Security Nov 8 2016 11:00 am UTC 45 mins
    Milica Đekić, Contributor, Cyber Defence Magazine
    The purpose of this webinar is to provide a deep insight into the concerns of cyber defence for small and midsize enterprises, taking into account all the financial aspects of those organisations.

    As the case study to this research, we would use the example of Republic of Serbia being the part of Southeastern Europe. Through such an overview the audience would get familiar with all the pluses and minuses of doing a business in that part of the world. Also, we would mention that investing into a cybersecurity amongst a small business – primarily relying on well-developed cyber procedures as the ways of the incident prevention as well as some smart steps of incident response and managing the risk may affect your businesses lose less funds being the consequence of cyber diversions – so make them stay financially secured.

    The audience who would learn the most from this presentation could be IT Security Professionals, Financial Professionals and potential Investors who would intend to take advantage over skilful workforce not being that expensive.
  • One Firewall to Rule them All! Nov 8 2016 10:00 am UTC 45 mins
    Patrick Grillo, Senior Director, Security Solutions, Fortinet
    The firewall wars have caused nothing but confusion in the market. Lines have been drawn between UTM and NGFW; are they different or are they the same thing? Unfortunately that confusion has led to introducing complexity and vulnerability in enterprise networks. There is a better way. Rather than fighting through a sea of acronyms, focus on what’s really important - How can I simplify my security infrastructure and improve my ability to fight off advanced attacks, no matter where they occur in the network?

    This session will present a new way of thinking about firewalls, one without the confusion, acronyms and complexity.
  • Panel: The Cybersecurity Agenda for the Next President Nov 7 2016 7:00 pm UTC 60 mins
    Ely Kahn, Adam Isles, Rob Knake, Paul Kurtz, and Jacob Olcott
    On November 8th, the citizens of the United States will elect their next President, who will be facing a variety of cybersecurity issues that he or she will need to address.

    On November 7th at 11 AM PT, a panel of former senior government officials will come together to discuss these cybersecurity issues that the next President will be facing.

    Moderator: Ely Kahn, Co-Founder of Sqrrl and former Director of Cybersecurity at the National Security Council, White House

    - Adam Isles - Principal at The Chertoff Group and former Director of International Economic Affairs at the National Security Council, White House
    - Rob Knake - Senior Advisor at Context Relevant and former Director of Cybersecurity at the National Security Council, White House
    - Paul Kurtz - Co-Founder and CEO of TruStar and former Special Assistant to the President for Critical Infrastructure Protection at the National Security Council, White House
    - Jacob Olcott - Vice President Business Development at BitSight and former Counsel at the US Senate
  • Turbocharge your cyber investigations, Part 2 Nov 3 2016 2:00 pm UTC 45 mins
    Jeff Lenton, Solutions Architect, RiskIQ
    While their cyber tactics may be continuously changing, bad actors can’t avoid interacting with core components of the internet. These interactions leave a trail that when connected through rigorous threat infrastructure analysis, can reveal the full scale of an attack and provide the information needed to determine the best response. The key to this analysis is access to a variety of global datasets and the ability to correlate and pivot between them in your investigation.

    In this two part series we will look at a range of global datasets and how each can be used to shed additional light on your adversary’s infrastructure. This session will focus on SSL Certs, Host Pairs and Trackers. We will also demonstrate how security analysts can use the free community version of RiskIQ’s PassiveTotal to gain access to and pivot across these global datasets.
  • Can Privacy and Government Encryption Backdoors Co-Exist or Is It an Oxymoron? Oct 31 2016 5:00 pm UTC 45 mins
    Chenxi Wang, Chief Strategy Officer at Twistlock
    Are government encryption backdoors and privacy in such a fundamental conflict that one necessarily obliterates the other. We will also be examining this issue in the context of the big data era - is law enforcement really going dark or is right now the golden age of surveillance?
  • 5 reasons why your web gateway is falling behind (attackers) Oct 27 2016 5:00 pm UTC 45 mins
    Guy Guzner
    Web gateways and proxies are losing to malware and other advanced threats and are generating troubling operational overhead. Join us to learn the top 5 reasons why gateways are falling behind and experience a live demo of web isolation which prevents malware from ever reaching the corporate network.
  • Top Sales Enablement Tools that Accelerate the Sales Cycle Oct 27 2016 2:00 pm UTC 15 mins
    Scott Dallon, BrainStorm, Inc.
    Sales enablement tools help increase sales and drive business growth. These tools help sales teams deliver the right message to their prospects at the right time.

    Join Microsoft as they discuss sales enablement tools that increase your sales team collaboration and productivity.
  • Activated Charcoal: Making sense of endpoint data Oct 26 2016 1:00 pm UTC 60 mins
    Greg Foss, Head of Global Security Operations, LogRhythm and Sarah Miller Threat Intelligence Analyst, Carbon Black
    Security operations is all about understanding and acting upon of large amounts of data. When you can pull data from multiple sources, condense it down and correlate across systems, you are able to highlight trends, find flaws and resolve issues.

    This webcast will cover the importance of monitoring endpoints and how to leverage endpoint data to detect, respond and neutralize advanced threats.

    You’ll discover:

    - Why endpoints are the new perimeter
    - How employees can strengthen your security operations strategy
    - Techniques to test and validate security awareness program
    - How to take the data that Carbon Black collects, correlate it against thousands of endpoints, and dynamically neutralize threats using the LogRhythm security intelligence and analytics platform

    Register now to learn how LogRhythm and Carbon Black can help you strengthen your overall security operations strategy—all within a single interface.
  • Racing Against Nation States on the Automation Continuum Oct 25 2016 5:00 pm UTC 60 mins
    CP Morey, VP Products & Marketing at Phantom Cyber
    Both Presidential candidates agree on the need for increased spending on our nation’s infrastructure. While we tend to think first of bridges, roads, and other physical features, cyber is also an area impossible to ignore given the pervasiveness of technology in our lives.

    Without question, the speed, sophistication, and volume of cyber security attacks is constantly changing. In the case of nation states, the motives are also shifting from spying and surveillance to using offensive capabilities to attack critical infrastructure, national security assets, and even the political system itself. It’s no longer just about the money; safety and even lives may be at stake.

    Adversaries are attacking us at an unmanageable scale. For instance, research sponsored by Department of Homeland Security and NSA showed environments with security event traffic of more than 1 billion alerts per day. Even after reducing the load to 1 million alerts per day with correlation and other tools, more than 20,000 human analysts would be needed to respond.

    State-backed adversaries are using automation against us. It’s time we do the same, and projects like Integrated Adaptive Cyber Defense at Johns Hopkins Applied Physics Lab are leading us there.

    Join our webcast to learn how public and private organizations are progressing on the security automation continuum from simple security lifecycle management to predictive response strategies.
  • Best Practices: Architecting Security for Microsoft Azure VMs Oct 25 2016 2:00 pm UTC 60 mins
    Oliver Pinson-Roxburgh, EMEA Director of Solutions Architecture
    Do you know if your workloads are secure? Do you have the same security and compliance coverage across all of the cloud platforms and datacenters running your critical applications? Are you having to design your security framework each time you deploy to a new region or datacentre?

    Whether you’re working with multiple cloud environments or exclusively on Azure, there are certain things you should consider when moving assets to Azure. As with any cloud deployment, security is a top priority, and moving your workloads to the cloud doesn’t mean you’re not responsible for the security of your operating system, applications and data. Building on the security of the Azure infrastructure, this shared security responsibility starts with making sure your Azure environment is secure.

    Register for this impactful webinar as we discuss step-by-step what you need to do to secure access at the administrative, application and network layers.

    In this webinar, we will take a look at:
    • The Shared Security Model: What security you are responsible for to protect your content, application, systems and networks
    • Best practices for how to protect your environment from the latest threats
    • Learn how traditional security approaches may have limitations in the cloud
    • How to build a scalable secure cloud infrastructure on Azure
  • Tips on Anyalyzing and Modeling Complex Data Sets Oct 25 2016 2:00 pm UTC 30 mins
    Scott Dallon, BrainStorm, Inc.
    Discover how businesses turn big data into meaningful insights to help make organizations work smarter, and make better decisions faster.

    Join Scott Dallon to learn tips on analyzing and modeling complex data sets!
  • Breached Elections - How Hackers Are Influencing Politics Oct 21 2016 5:00 pm UTC 60 mins
    Alex Holden, Founder and CISO of Hold Security, LLC
    Political elections shape our society for the years to come. While the foreign hackers are no longer watching our politics out of interest, they are electronically directly interfering with our politics. The Sony Pictures breach was more of a political statement, than a data loss event. With US elections around the corner, we are more of a cyber breach target than ever. Wikileaks is releasing documents, Russian hackers allegedly breaching DNC, and there is more to come. We will examine the current trends, look at the history of the worst manifestations of hackers influencing politics. Then we will draw conclusions on how the politics are changing under a threat of a constant privacy breach.
  • Vote Cyber! Modern Day Threats to Democracy Recorded: Oct 20 2016 37 mins
    Simon Crosby, CTO of Bromium
    The US election and its voting infrastructure are under attack. The result is ugly and shows the extent to which we need to plan for and protect against the influence of cyber-related attacks on US elections in future. In this brief discussion, Simon Crosby, CTO of Bromium will review the underpinnings of Democracy, and how we might defend it when it is in everyone’s interest to subvert it.
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Avoid Death by 1000 Security Alerts
  • Live at: Dec 10 2013 4:00 pm
  • Presented by: Neil Stratz, VP Customer Solutions, NetCitadel
  • From:
Your email has been sent.
or close