Utilizing the Registry for Forensics, IR, and Malware Analysis
Analysis of the registry greatly aids in a number of investigative processes due to the amount and type of information stored. For example, when examining user activity, the registry can reveal installed applications, recently viewed documents, login, browser history, and removable device activity, and much more. The registry can also provide a wealth of information during malware analysis including signs of the initial infection, changes made to the system by the malware, and evidence of persistence mechanisms used.
In this webinar we will discuss how to acquire the registry and its files from both disk and memory followed by how to analyze the acquired files. This will involve using several tools and understanding the evidence presented to us by them. By the end of the webinar, attendees will understand the importance of registry forensics, and have been shown several processes as well free/open source tools used to perform deep registry analysis. The knowledge gained will be immediately usable within real-world forensics investigation and give insight into the power of registry forensics to systems administrators, managers, and IT executives.
RecordedOct 15 201348 mins
Your place is confirmed, we'll send you email reminders
There is only one threat that you need to fight and conquer in 2017. We can write a few lines about how threats are changing or about the dynamic threat landscape. However, let’s spare you the pain of reading the same old blurb and instead let’s do the right thing and share with you the one single, biggest threat facing every single business. It’s been around forever however in 2017 exploiting this threat is most certainly going to cause increased financial pain and reputation damage.
Join Amar Singh, CEO of Cyber Management Alliance and founder of the Insights with Cyber Leaders series and other distinguished cyber leaders as they lay bare the severity of this threat.
Note: 30 Minutes webinar only with 15 minutes of interactive questions from the audience at the end.
Moshe Elias, Director of Product Marketing and Scott Poretsky, AVP Solutions Architect
The Distributed Denial of Service (DDoS) attack launched Friday, October 21, against Dyn - one of the largest managed DNS infrastructure providers - was the most destructive attack to date launched from an IoT botnet. The threat of mega attacks launched from infected connected devices is now a reality that dramatically changes the paradigm for mobile and fixed operators whose core infrastructure is susceptible to global attacks that are large enough to significantly disrupt subscriber quality of experience (QoE).
Join us in this webinar to learn:
•The impact of IoT driven DDoS mega attacks
•Architectural approaches to volumetric DDOS mitigation
•How to measure and maintain subscriber quality of experience during an attack
Alvaro Vitta, Principal Software Architect, Quest Security
Enterprises are rapidly adopting cloud-based Office 365 to empower their workforce, reduce cost and boost productivity. Because Office 365 relies on Microsoft Azure Active Directory (AD) to provide directory services for Office 365 applications, it can introduce critical security weaknesses in hybrid scenarios where on-premise AD user profiles are projected into the cloud (which is the case for over 75 percent of enterprises with more than 500 employees).
The 2016 Cloud Security Report confirms that 53 percent of organizations see unauthorized access through misuse of employee credentials and improper access controls as the single biggest threat to cloud security.
Join the Office 365 security webinar and learn from cloud security expert Alvaro Vitta how to:
- understand the dangers and pitfalls of not properly securing Active Directory for Office 365,
- continually assess who has access to what – permissions, privileged groups, sensitive business groups, GPOs and data,
- detect and alert through real-time monitoring when suspicious activities occur,
- remediate and mitigate unauthorized actions across AD and O365 environments,
- respond to alerts quickly to minimize damage from unsanctioned changes,
- investigate and recover faster across your O365 environment.
The rise of attacks resulting in huge business losses have brought cyber security into the board room. Prior to the Target breach, the board of directors was not very interested in cyber security. However, things have changed, and we see more and more CISOs reporting into the CRO, CFO, or CEO and not the CIO. Put simply, if you report into the board more than once or twice a year you have to be speaking their language.
Cyber breaches have impactful results. In 2015, Target’s CEO Gregg Steinhafel, a 35-year employee of the company with the last six at the helm, was forced to resign in light of the recent holiday-season credit-card security breach that affected 40 million customers.
As a result, we are seeing a major shift in corporate cybersecurity policy. The board of directors is no longer interested in check box compliance. They are understanding their role much better. They are responsible to ensure that cyber controls are in place that protect business assets of the firm in alignment with their risk tolerance.
Lydia Kostopoulos, PhD, Principal Consultant - Cybersecurity (Human Risk), @LKCyber
As the sophistication of encryption and technical defences rises each year, so do the attacks against the people in organizations. Hence the rise in PICNIC = Problem In Chair, Not In Computer.
This session gives an overview of the latest insider threats facing critical infrastructures and how they can compromise air-gapped networks. It provides proactive, preventative and defensive measures to manage the risk, and concludes with a discussion of the responsibilities organizations who manage critical infrastructures have to support national security, the well-being of society and economic prosperity.
Josh Goldfarb, VP, CTO - Emerging Technologies, FireEye, Inc.
Tis the season of predictions looking ahead to 2017 and paying lip service to the threat landscape. Not a fan of either of those? You’re not alone. Join FireEye in this BrightTalk webinar where we’ll discuss more than just the threats that may or may not be awaiting us in 2017. We’ll discuss real attacker tactics and techniques, along with how you can actually counter the risk they present.
As 2016 draws to a close, security professionals worldwide will be left pondering another year of publicised breaches, vulnerabilities and threats. So what are the key takeaways and how can global security events from the past 12 months inform your plans for 2017?
We’ve asked a panel of experts from the SecureWorks Counter Threat Unit (CTU), our highly-trained team of experienced security researchers, to paint a picture of threat actors and their tradecraft across the globe by sharing their views on 2016’s most significant security events. The panel will end the session by providing actionable insights and recommendations for organisations to factor into their security strategy in 2017.
Join this exclusive webcast to gain CTU insight on the following topics and more:
- eCrime trends including the rise of ransomware, business email compromise and the Mirai IoT botnet activity
- Nation state sponsored threats and whether organisations are set up to defend against them
- How organisations can use threat intelligence gathered in 2016 to improve security
Troels Oerting, CISO, Barclays & Josh Downs, Community Manager - Information Security, BrightTALK
Join this engaging session as BrightTALK conducts an in-depth interview with Troels Oerting, CISO, Barclays.
It's been a crucial year for cyber security with big breaches and newsworthy hacks. BrightTALK's Information Security Community Manager Josh Downs will be quizzing Troels for his thoughts on the cyber security industry and in particular:
- The big breaches of 2016 and lessons to be learnt
- The current threatscape
- The big vulnerabilities on the horizon
- Troels's insights into how to keep your company secure in 2017
We look forward to you joining us for the session.
We’re starting to see the refining of techniques that have been built over a number of years. The past 5 years have been dominated by ransomware and economic espionage. While they haven’t gone away, cybercrime has gotten bigger and bolder and the financial rewards have gotten much bigger. Cyber attacks have also started to become a part of the political landscape which has been particularly evident during US election where we have seen them being used for subversive purposes.
This webcast will review the threat landscape of 2016 with a focus on what we need to remember as we move into 2017.
We all know that technology plays a role in our everyday life but do you know the extent of that role? Advertising tells us to spend more and more of our life online and embrace technology in our homes, cars and everywhere else a microchip can be placed.
But nowhere is there a message about the consequences of the misuse of that technology. 2016 has seen a rise in the number of incidents involving ransomware, IoT, and simply well intentioned connectivity gone wrong. That momentum is set to continue into 2017 and beyond.
Although past performance does not guarantee future results, this session will focus on what we have seen this year and what we expect to see in the near future.
Ian Glover, President, CREST & Josh Downs, Information Security Community Manager, BrightTALK
Join this engaging session as BrightTALK conducts an in-depth interview with Ian Glover, President of CREST.
It's been a crucial year for cyber security with big breaches and newsworthy hacks. BrightTALK's Information Security Community Manager Josh Downs will be quizzing Ian for his thoughts on the cyber security industry and in particular:
- The big breaches of 2016 and lessons to be learnt
- The current threatscape
- The big vulnerabilities on the horizon
- Ian's insights into how to keep your company secure in 2017
We look forward to you joining us for the session.
The pace and scale of information security threats continues to accelerate, endangering the integrity of trusted organisations. Although cyberspace offers opportunities for leading organisations, this environment is uncertain and potentially dangerous. It is a place where hacktivists and cybercriminals are honing their skills and governments are introducing new regulation and legislation in response to major incidents and public concerns. Organisations are forced to continually adapt and rapidly respond.
In this webinar, Steve Durbin Managing Director at the ISF, will discuss the rapidly changing threat landscape, identify the key cyber challenges for 2017 and suggest ways of managing the associated risks.
Despite the rise of the cloud and increased reliance on web applications, native desktop applications are still highly relevant and often the delivery method of choice in enterprise IT. As penetration testers, we still see a number of very poorly architected native applications being used to protect extremely sensitive information.
This webcast will discuss some of the core issues relating to native desktop applications, why they are so frequent, and the severe impact that their insecurity can cause.
In the 2017 threat landscape, we propose that these flaws are not going away, and the industry isn't currently in a position to help developers resolve them effectively.
Jay Coley, Senior Director, Enterprise Security Architecture, Akamai Technologies
Akamai sees more than 2 trillion Internet interactions every day and mitigates 40 – 50 DDoS attacks every month. Our security experts analyse this information and share trends, observations, and findings in the quarterly State of the Internet Security report.
Join Jay Coley, Senior Director, Enterprise Security Architecture at Akamai Technologies for an overview of what we found after analysing data from Q3 of 2016.
Key topics covered will include:
· Why DDoS of over 100 Mbps increased over the past quarter
· Which country is the new leader for most sourced Web application attacks
· Tactics Akamai used to mitigate two of the largest DDoS attacks we’ve seen
Christiaan Groenhof, Inside Systems Engineer at Palo Alto Networks
Attackers are getting more targeted and advanced, deploying unknown exploits and unique malware that current day endpoint security is not equipped to prevent or even detect. Existing approaches simply can’t protect against these attacks because they don’t have known signatures, known strings –and in many cases, no previously known behavior-so they go straight through, resulting in compromised endpoints waiting for detection and remediation to step in, which is too little too late.
Palo Alto Networks Advanced Endpoint Protection is a complete paradigm shift from detection remediation to pure prevention, designed to close the door on these threats, which manage to evade detection by network-based security or take advantage of blind spots, well before any damage can be done.
Join Palo Alto Networks® for a Live Webinar to learn about the breakthrough advanced endpoint technology that redefines endpoint security as we know it
Ronald den Braven, Consulting Engineer at Palo Alto Networks
Join us for a live demo and learn how AutoFocus threat intelligence service helps security teams identify and prevent targeted attacks. We will explain the key concepts of AutoFocus and benefits the service provides.
Tom Welling, Systems Engineer at Palo Alto Networks
Securing public cloud environments has never been more challenging. Cyberattacks are on the rise, targeting your business-critical data using applications commonly found on every network. Compounding your data security challenge is the lack of application visibility and control features available in existing cloud security offerings.
The VM-Series for AWS addresses these challenges with a complete set of next-generation firewall and advanced threat prevention features that allow you to identify and control your AWS-based applications and protect your data from known and unknown threats.
Omar Amarin, Inside Sales Engineer at Palo Alto Networks
The adoption of SaaS applications continues to grow at an exponential pace. You do not want to clamp down on these applications because they are valuable tools for many of your employees. However, because the data and usage of these SaaS applications is invisible to IT administrators, they do expose your organization to potentially disastrous security and data theft risks.
Join us for a live webinar where you will learn how your organization can enable safe usage of SaaS applications and:
•Gain visibility and granular, context-based control of SaaS applications.
•Protect corporate data from malicious and inadvertent exposure after it has left the traditional corporate perimeter.
•Protect against new insertion and distribution points for malware.
•Satisfy compliance requirements while still maintaining the benefits of SaaS based application services.
The challenges of SaaS applications are already here whether they are enabled by IT or end users themselves. Find out how to take back control and safely enable their use.
Alex Hanway, Marketing Manager for Encryption at Gemalto
Between 2005 and 2020, data volumes will grow by a factor of 300 – enough data to stack CDs from the earth to the moon 162 times. This has come to be known as the ‘big data’ phenomenon. Unfortunately, traditional approaches to handling, storing and analyzing data aren’t adequate at this scale: they’re too costly, slow and physically cumbersome to keep up. Fortunately, in response a new breed of technology has emerged that is cheaper, faster and more scalable. Yet, in meeting these new needs they break many of the traditional security approaches and spark questions like:
With massive volumes of data, how are organizations going to ensure that their customer information is safe from people looking to exploit it?
Is it possible to adopt big data technologies while demonstrating compliance with industry regulations?
Will security get in the way of the analytics tools?
How can security apply to different data consumption technologies like Hadoop and NOSQL?
Join Gemalto on Thursday, December 1, 2016 as we discuss what’s in store for the ‘big data’ technologies of the future and how security models like encryption can solve the security conundrum.
Ina Yulo (BrightTALK), Andrew Davies (Fiserv), Martin Koderisch (Edgar Dunn)
Predictive Analytics and the study of Big Data has helped many institutions to detect fraudulent practices before they become a hazard to the business. This is especially evident in the Financial Services sector where deploying an efficient prevention and detection strategy is of utmost importance.
Join this panel where experts will discuss:
-Which analytics to look at to stop fraudulent payments in real-time
-Using trends and behavioural analytics to detect anomalies
-How to implement a holistic strategy that's right for your organisation
-The challenges in maintaining compliance standards
-Use cases and applications of analytics to prevent financial crime
Your Resource for Information Security Trends & Education
With over 280,000 members, the Information Security Community is the largest community of cybersecurity professionals in the industry. Let's build a network that connects people, opportunities, and ideas. If you are involved in purchasing, selling, designing, marketing ... or using information security solutions - this group is for you. Covered topics include compliance, encryption, anti-virus, malware, cloud security, data protection, hacking, network security, virtualization, and more.