Name: Intrusion Analysis Foundation for SoC Analysts
Start: 2020-01-14T15:00:00Z
End: 2020-01-14T15:01:03.000Z
Location: BrightTALK
Rating: 4.7

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.

As the AI industry pivots from massive, generalist behemoths to efficient, specialized Small Language Models (SLMs) powering agentic workflows, we are inadvertently expanding our attack surface. This talk dissects the hidden security crisis within the modern AI supply chain, specifically how essential scaling techniques like LoRA adapters and fine-tuning serve as vectors for poisoned training data, "Trojan" model weights, and arbitrary code execution hidden within tensor file headers. By examining the lifecycle of a compromised agent—from the ingestion of malicious datasets to the deployment of infected LoRAs—we will uncover why the future of agentic AI requires a zero-trust approach to the very artifacts that make it intelligent.

Tiny, Smart, and Infected: The Security Risks of the Agentic Future

Offensive security is rapidly shifting from manual red-teaming and point-in-time testing to always-on, AI-driven attack automation. Autonomous agents can now map assets, find hidden vulnerabilities, and simulate real attacker behavior at a scale no human team can match. This session will break down how AI is transforming offensive security workflows, what “continuous red teaming” looks like in practice, and how organizations can use autonomous testing to uncover unknown risks before attackers do. We’ll also discuss the limits of AI, the role of human expertise, and what security leaders need to prepare for as offensive capabilities evolve from human-led to fully autonomous.

The AI Shift in Offensive Security: From Manual to Autonomous Agents

The adoption of AI is accelerating, but security and governance are lagging, creating significant, unmanaged risk. AI agents are your next insider threat. Okta gives you the power to see, manage, and govern them.

How to Secure and Govern Your AI Agents

Adversaries don’t need passwords when they have your tokens. 
In this webinar, Nick Ascoli, Director of Product Strategy, uncovers the evolving tradecraft behind session hijacking and cookie theft—two increasingly common techniques leveraged by cybercriminals to bypass MFA, impersonate users, and maintain long-term persistence.
He’ll explore how threat actors harvest and weaponize session tokens, how these credentials are trafficked in the cybercrime underground, and how defenders can identify the telltale signs of a takeover. Using real-world intelligence and Flare data, this webinar will walk through:
Common collection methods (info-stealers, XSS, token sync abuse)
How session cookies are used in post-compromise scenarios
Trends in cookie-based access sales on dark web markets
Detection strategies and incident response best practices
By the end of this webinar, you’ll understand how session tokens function as high-value credentials—and how attackers exploit this blind spot to bypass even your strongest authentication controls.

Cookies for Criminals: The Underground Market Fueling MFA Bypass

Explore the evolving risks of agentic AI in this webinar covering threat models like the MAESTRO Framework, current networking tools, and emerging strategies for securing autonomous systems. Learn how to anticipate vulnerabilities, apply effective defenses, and develop new approaches to manage the growing power of agentic AI technologies. Featuring Red Cup IT Founder and CEO, Dan Le, along with Aembit Director of Technical Marketing, Ashur Kanoon.

Agentic AI: Emerging Threats and the Tools to Counter Them

A lot can change in six months, that’s why it’s time for Searchlight’s bi-annual state of ransomware. Join Searchlight Cyber’s Head of Threat Intelligence for a look at how the shifting threat landscape in the first half of 2025.

Join us to discover:
- Who the most active groups in the first half of 2025 were and how the ranking has changed since 2024.
- Explanation of some of the biggest events in the ransomware landscape, including the LockBit data leaks.
- Information on the vulnerabilities used by ransomware groups to execute their attacks in H1 2025.
- New analysis of ransomware leak data, based on research undertaken by our threat intelligence team.
- And much more.

Register now to reserve your place, learn what's changed, and gain insights into how to minimize your attack surface against ransomware. We'll also address the most commonly asked ransomware questions from you - our audience, ensuring your specific challenges are covered. Register for the webinar to receive a link for submitting questions to our experts.

Presented by Searchlight Cyber, Luke Donovan, Head of Threat Intelligence, Searchlight Cyber

The Ransomware Report H1 2025: New Trends, Groups & Insights

Move over ASM, ‘CTEM is the way’. If you’re responsible for managing your organization's external attack surface, chances are you’re already doing parts of Continuous Threat Exposure Management (CTEM), you just haven’t been calling it that. In this webinar, we’ll go beyond the buzzwords and explain what CTEM really is and how it aligns with our definition of ‘true ASM” required to keep pace with a constantly evolving threat landscape.
To coincide with the release of our Searchlight Cyber’s new ebook, ASM in the age of CTEM, we’ve invited Searchlight’s SVP of ASM, Michael Gianarakis, and Customer Success Manager Joe Honey, to cover:
- Why ASM has become too narrow to address modern threats
- Real-world examples of CTEM in action and how it improves security outcomes
- Practical steps to help your team move from asset discovery to exposure reduction
For years, Attack Surface Management (ASM) has been positioned as the answer to managing external risk. But in recent times, the term has become misapplied, often reduced to asset discovery tools with limited impact on actual risk reduction. CTEM restores the full picture and more effectively represents how mature cybersecurity teams manage external risks as part of a continuous cycle of discovery, enrichment, validation, and mitigation.

Beyond ASM: What CTEM means for your external risk strategy

What if I told you that for around $1,000 you can compromise and intercept satellite communications? Still not intrigued yet? What if I told you that all communication signals transmit under the bandwidth of satellite and microwave communications? These signals are always around us, remember that.
Thank you to our BrightTalk Security Channel subscribers! As a token of our appreciation, we’re excited to share this exclusive post-event video from Hacker Halted 2024, EC-Council’s flagship cybersecurity conference.

In this special feature, you'll get a glimpse into the energy and insights from last year’s event, themed Cyber Dystopia where global InfoSec leaders, ethical hackers, and cybersecurity professionals gathered to explore the future of cyber defense.
Claim your VIP invitation to Hacker Halted 2025, EC-Council’s flagship cybersecurity conference, taking place October 1st & 2nd in Atlanta, GA. Register here: https://www.eventbrite.com/e/1060396758249/?discount=BTHHVIP

You and your teams are also eligible for 25% off any of the following pre-conference training courses which run September 27–30, 2025:
Certified Ethical Hacker MasterClass (CEH)
Certified Penetration Testing Professional (CPENT)
Certified Network Defender (CND)
Computer Hacking Forensic Investigator (CHFI)
Certified Chief Information Security Officer (CCISO)
Certified Cloud Security Engineer (CCSE)

Register here for 25% off pre-conference training: https://www.eventbrite.com/e/1060396758249/?discount=BTHHVIP
http://www.hackerhalted.com/

The Forgotten Critical Infrastructure Sector, Communications: How Less than $1,000 USD Can Compromise Security

Cybersecurity podcast host and book author Carey Parker of Firewalls Don’t Stop Dragons and vehicle privacy expert Andrea Amico of Privacy4Cars get together by that dumpster fire that is vehicle privacy. They’ll share their stories and knowledge. You’ll never look at a car the same way again.

Hacker Halted Talks: Dumpster-fireside chat on vehicle privacy

Thank you to our BrightTalk Security Channel subscribers! As a token of our appreciation, we’re excited to share this exclusive post-event video from Hacker Halted 2024, EC-Council’s flagship cybersecurity conference.

In this special feature, you'll get a glimpse into the energy and insights from last year’s event, themed Cyber Dystopia where global InfoSec leaders, ethical hackers, and cybersecurity professionals gathered to explore the future of cyber defense.
Claim your VIP invitation to Hacker Halted 2025, EC-Council’s flagship cybersecurity conference, taking place October 1st & 2nd in Atlanta, GA. Register here: https://www.eventbrite.com/e/1060396758249/?discount=BTHHVIP

You and your teams are also eligible for 25% off any of the following pre-conference training courses which run September 27–30, 2025:
Certified Ethical Hacker MasterClass (CEH)
Certified Penetration Testing Professional  (CPENT)
Certified Network Defender  (CND)
Computer Hacking Forensic Investigator (CHFI)
Certified Chief Information Security Officer (CCISO)
Certified Cloud Security Engineer (CCSE)

Register here for 25% off pre-conference training: https://www.eventbrite.com/e/1060396758249/?discount=BTHHVIP 
http://www.hackerhalted.com/

Hacker Halted 2025 is Coming! Cyber Dystopia: Highlights from Hacker Halted 2024 and Your FREE VIP Pass!

The number of non-human identities (NHIs) is growing 2.5x every year, and the ratio of NHIs to human identities is now 45:1. This explosion – now accelerating as organizations adopt agentic AI workloads – has created a massive, unprotected attack surface. While we rigorously secure human access with multifactor authentication (MFA), the workloads, services, APIs, and AI agents they build are often left vulnerable, secured only by static, easily stolen credentials. Breaches at companies like Snowflake and Microsoft have shown that attackers are actively targeting this weakness.

Join us for a timely session on why applying MFA principles to your non-human workloads – including agentic AI – is the essential next step in your security strategy. We'll move beyond theory and break down how to implement strong, automated authentication for machines and AI-driven agents, without slowing your developers down.

Expect tactical takeaways on:
- Why "Something You Know" is the weakest link for both human and machine identities and how to fix it.
- How to apply the principles of MFA to workloads in diverse environments, including Cloud, On-Prem, Serverless, SaaS – and AI agents.
 - Real-world examples of how stolen non-human credentials led to significant breaches.
 - Actionable methods for implementing MFA for machines using factors like cryptographically verifiable identity documents, hardware fingerprints, and posture assessments.
 - How to move past risky, long-lived secrets to a modern approach using short-lived, just-in-time tokens without manual intervention.

Whether you're in DevOps, DevSecOps, or Identity and Access Management, this session will give you a practical framework for securing the massive landscape of non-human and AI workloads – without sacrificing velocity.

MFA For Machines: The next evolution in non-human & agentic AI identity security

In today’s relentless threat landscape, staying sharp isn’t optional; it’s mission-critical. Whether you're leading security strategy or working on the front lines, real-world expertise is what sets exceptional cybersecurity professionals apart.

But traditional training platforms often miss the mark, focusing on theory over application, and certifications over capability.

Join us for an exclusive walkthrough of a hands-on training ecosystem built by cybersecurity experts, for cybersecurity experts. From red team to blue team, from forensics to threat hunting, this platform delivers the immersive, job-ready experience your team actually needs.
 
In this session, you’ll learn:

Why most cybersecurity training fails to reflect the complexity of real-world attacks, and how to fix it.
A unified platform for offensive, defensive, and investigative skill-building- no patchwork of tools or courses required.
How thousands of SOC analysts, engineers, and CISOs are using this environment to sharpen their edge and accelerate team readiness
Whether you're preparing for the next cert, building a stronger team, or just refusing to plateau — this is the training platform you haven’t seen… but should.

The Cybersecurity Training Platform Serious Professionals Are Switching To

Abstract: As non-human identities (NHIs) surge past human identities in modern enterprises, the stakes for securing these connections have never been higher. From API to agentic AI, software workloads power critical systems – but they also create new exposure surfaces for malicious hackers and accidental insiders. In this webinar, we’ll unpack the forces behind this boom and share practical strategies for overcoming legacy practices and securing NHIs, while removing friction across your dev and DevOps teams. Join Apurva Davé, CMO at Aembit, to learn how modern enterprises are reducing secrets sprawl, eliminating the weak links that attackers love, and making builders happier.


Expect to cover:

How non-human identities are reshaping identity management.

Real-world examples of credential loss and lessons learned

Practical steps to secure workloads while enabling builders.

How to modernize your IAM strategy for long-term resilience and innovation.

A Human’s Guide to Non-Human Identities: What You Need to Know Now

Organizations are facing mounting pressure to modernize security programs - from escalating threats and compliance mandates to operational costs and analyst burnout.

This session explores how a unified security platforms approach transforms operations by addressing these complex challenges through integrated workflows, shared context, and intelligent automation. Learn how a platform strategy brings value beyond simple tool consolidation by informing business decision-making with risk-aware intelligence, streamlining reporting, driving down total cost of ownership, and improving analyst experience through intuitive interfaces and an integrated AI mesh. Say goodbye to blind spots, and hello to end-to-end visibility.

Securing the Future: Navigating Cyber Risk and Technology Consolidation

In today’s cybersecurity arena, the stakes are higher than ever - and while the old adage says “offense wins games, but defense wins championships,” the truth is, successful cybersecurity teams need both. For CISOs, mastering the balance between a strong defense and an agile offense is key to staying ahead of evolving threats. Your offensive playbook must actively enable secure data sharing, foster collaboration, and drive business growth. 

Join us for a conversation with Virtru SVPs Dana Morris and Matt Howard as they break down how CISOs can strike a better balance between defensive data protection and proactive data sharing that puts points on the board. This engaging discussion will reveal how modern organizations are supplementing defensive tactics with proactive, offensive plays to secure sensitive data while unleashing its full potential.

Key takeaways include:

Why offense is often overlooked: How governing shared data can fuel innovation and business value, all while keeping it protected.

Defense that goes beyond the perimeter: Protecting data no matter where it travels, inside or outside your organization.

Building a winning strategy: Leveraging the latest advancements in zero trust and cloud security to stay ahead of evolving threats.

Real-world victories:  See how Virtru helps organizations balance both sides of the security equation.

Whether you're looking to reinforce your defense or take your offense to the next level, this webinar will equip CISOs and cybersecurity practitioners with the insights needed to build a security strategy that not only protects but also powers your organization’s success in today’s high-stakes digital game.

Offense vs. Defense: Mastering the Playbook for Data-Centric Security

AI (or what marketers call AI) is here to stay (unless it re-writes itself – sorry, AI humor). So, what do we do about it? We will look at AI from various perspectives including a Presidential Executive Order, a report from the UK government regarding cybersecurity of AI to the perspective of individual organizations (and much in between). We will delve into risks to AI and risks from AI and what that might lead to (including the end of humanity?). And finally, we will drift over to frameworks that we can leverage to assist us in managing the risk as we see it. And, yes, there might be some humor thrown in regarding Apple delaying the roll-out of their AI solution in Europe because according to Apple, “the European Digital Markets Act (DMA) could force us to compromise the integrity of our products in ways that risk user privacy and data security." (this comes from The Register – must be true).

AI Risk – Real or FUD and what you can do about it?

Every day, thousands of organizations are unknowingly exposing themselves to more insider threats due to inadequate security awareness models. This is often because the training is not engaging, and tests are designed to trick rather than educate users. On top of that, there are often harsh consequences for those who engage with cyber threats. This type of environment only serves to breed threats instead of mitigate them.

 

In this speech, Joshua Crumbaugh, founder and CEO of PhishFirewall, will discuss why traditional punitive security awareness approaches are counter-productive and how organizations can leverage AI tools to emphasize positive reinforcement techniques. He will explain how data analysis and behavior analytics can be leveraged to detect anomalies and create an engaging and supportive environment that encourages users to understand the importance of security. Crumbaugh will also explore how organizations can use this approach to reduce the risk of insider threats and create a more secure environment.

 

By the end of this speech, attendees will understand the danger of ineffective cyber security that relies on punitive measures and unengaging training models, and how it leads to an uncaring attitude towards the organization's cyber defenses. They will also have the knowledge on how to build effective training programs that engage users and provide holistic behavior analytics built around actually reducing organizational breach risks.

Creating Your Own Insider Threat: You are Your Own Worst Enemy

Come join Joshua Crumbaugh, CEO of PhishFirewall and renowned 15+ year ethical hacker, as he leads a discussion on the future of social engineering in 2023. Along with esteemed guests from the cybersecurity industry, Joshua will discuss the latest trends, tools, and techniques that hackers are using to exploit digital vulnerabilities. You won't want to miss this chance to get an inside look into the world of social engineering and what you can do to protect yourself

Exploring the Future of Social Engineering: A Panel Discussion

The first step in developing an effective incident response capability is learning the methods of attack that can be used to compromise systems and networks. In this webinar you will learn the fundamentals of incidents, and how information can be extracted to determine the extent of the attack. The webinar will show the latest types of attacks, and what to look for when these types of attacks are carried out against the enterprise.

Within the webinar, you will learn the characteristics of a number of attacks, and a process to evaluate these attacks for the possibility of an intrusion. The section on intrusion analysis will show the data that can be scavenged after a variety of different types of attacks. These attacks can be from the most basic type all the way through advanced emerging threat attacks. The systematic process you will not only learn, but also see demonstrated will allow you to analyze virtually all types of intrusions.

Intrusion Analysis Foundation for SoC Analysts

soc analyst

Intrusion Prevention

EC Council

Welcome to the mobile computing community on BrightTALK! With the consumerization of IT and the widespread adoption of mobile devices across the globe, mobile computing has become an important part of many people's lives in a culture of bring your own device (BYOD). With mobile devices doubling as work phones and more employees working from home, businesses need to provide secure access to data and work applications from anywhere at any time. Join this growing community and hear from industry thought leaders in webinars and videos as they share their insight on mobile computing research and trends.

Mobile Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Intrusion Analysis Foundation for SoC Analysts

Presented by

About this talk

EC-Council | Security Channel