Browse communities
Browse communities
Presenting a webinar?

Evolving Security Monitoring: Bringing Context Into SIEM

Karl Klaessig, Product Marketing Manager, McAfee SIEM
The ever increasing sophistication of attacks requires smarter security monitoring. Low and slow attacks, APTs and the ability to get infected by an employee simply clicking on a link demand a more accurate means to identify security issues. This webinar will address how to evolve security monitoring to gain the insight that is required. The key to accurate insight is the ability to associate threat, asset, user, data and other risk factors to pinpoint attacks. Topics to be covered include:
The "old" SIEM model of event monitoring and why it needs to evolve
Methods for easily gathering contextual data for SIEM
How contextual data improves the security monitoring process
Aug 8 2012
48 mins
Evolving Security Monitoring:  Bringing Context Into SIEM
Join us for this summit:
  • Channel
  • Channel profile
  • Overcoming the Barrier to Threat Intelligence Sharing Apr 23 2015 3:00 pm UTC 60 mins
    Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group, Rich Reybok: CTO
    Your organization is constantly under cyber attack that could - if unchecked - damage your business, customers, employees and reputation. To date, the ad-hoc sharing of cyber-threat information across industries is not well defined nor well structured and in many instances, sharing threat information relevant to your organization is not allowed due to privacy, workload constraints, outdated policies or legal concerns.

    Join Jon Oltsik, Sr. Principal Analyst with Enterprise Strategy Group, and Rich Reybok, CTO Vorstack Corporation, to understand the challenges that organizations face today with sharing threat intelligence and how to navigate them both internally and externally. Come to understand what’s changed in the last few years and the historical negative stigma of information sharing. This webinar can help answer the question “What does sharing threat intelligence really mean?” Following the overview and strategy, a brief discussion on the different approaches to sharing threat information and how secure sharing within your “trusted circle” can create a simple Cyber neighborhood-watch environment. This event is designed to help you overcome the hurdles that organizations have today – that of being able to receive the available collective knowledge, validate impending cyber-threats and access remediation solutions – all within the framework of stringent data access and privacy controls.

    What you will learn:

    -Issues organizations face when sharing threat information.
    -What’s changed that has created this “need” to share threat intelligence.
    -Definition of what sharing Threat Intelligence means in today’s world of cyber crime and attacks.
    -The new approaches available for successful and secure collaboration.
    -How to participate in a Cyber Neighborhood watch with trusted industry peers.
    -The benefits organizations can recognize from collaboration.
  • Hand to Cloud Data Security Apr 22 2015 6:00 pm UTC 60 mins
    Gary Watson
    Tech blogs are overflowing with examples of password hacks, data destruction, and data leakage. It’s time for a new approach. Imation’s recently-announced Secure Data Movement Architecture (SDMA) will safeguard your organization’s most valuable data against tampering, leakage, or loss - throughout its entire lifecycle including when it’s in the cloud or mobile devices, or anywhere in between. Join us as we give you a sneak peek into our new concept for painless data protection, and the rapidly evolving types of threats its meant to address.
  • Planning for anything: business continuity and disaster recovery Apr 22 2015 5:00 pm UTC 60 mins
    Mike Kunz, VP of Sales, StorageCraft
    Is your business prepared for a disaster? Join ESET and industry expert, StorageCraft, for a research overview presentation of modern business disasters. We'll look at the difference between back up and recovery and discuss best practice for building a recovery plan. Mike Kunz, VP of Sales with StorageCraft, will also look at specific solutions to quickly get your business up and running when disaster strikes.
  • Using Sequence Package Analysis to Detect Terrorism and Sedition Apr 22 2015 4:00 pm UTC 60 mins
    Amy Neustein, Ph.D. CEO and Founder Linguistic Technology Systems
    This webinar will demonstrate how Sequence Package Analysis (SPA), a new natural language method that utilizes a corpus of annotated training data comprised of a unique set of feature extractions, may detect early signs of terrorism and sedition. Using an SPA-designed BNF table consisting of sequentially-implicative (as opposed to syntactic) parsing structures, this natural language tool searches social media content and recordings of conversations of suspected terrorists to identify (and measure) collusion, collaboration, affinity with other terror or sedition suspects. Whereas conventional text mining methods are hindered by the speech system’s failure to identify keywords (most suspects intentionally refrain from the use of keywords that pinpoint location, names, dates and time), SPA is designed to work around these obstacles in which users refrain from referring to named entities that are likely to flag their communications as suspicious.
  • Securing Wi-Fi Networks - A System Approach Apr 22 2015 4:00 pm UTC 45 mins
    Kowshik Bhat, Director of Product Marketing, Xirrus
    Wi-Fi security attacks, hacking, stolen mobile devices – are these keeping you awake at nights? Are you surprised that Wi-Fi networks can be more secure than your wired networks? Wireless LAN has come a long way from the days of its inception with inadequate security.

    Contrary to common belief, security is not a single protocol or an appliance or an encryption. It is a system of different components working together to ensure your Wi-Fi network is secure and your confidential information is protected.

    Join this webinar to learn about

    - Advances in Wi-Fi security
    - Multi-layers approach to holistic protection
    - Controlling user and device access
    - Controlling applications
    -Xirrus security solutions
  • Hadoop and Self-Service Analytics: Embracing Big Data Apr 22 2015 4:00 pm UTC 45 mins
    Dustin Smith, Tableau
    The maturity of Hadoop as a technology framework suitable for organizations, large and small, to economically store and process vast amounts of data is no longer a prediction, but rather a reality every IT leader understands. But that doesn’t mean Hadoop is done disrupting the data and analytics landscape.

    Self-service analytics solutions capable of leveraging the massive processing and data discovery potential of distributed Hadoop clusters are ushering in a new era of data freedom for business users who are hungry to put data at the heart of their decision making process. With programming and query languages no longer a prerequisite skill for exploring Hadoop environments, organizations everywhere are waking up to the reality that even non-technical users can quickly and easily find insights in even the biggest of Hadoop data sets.

    Attend this webinar to hear how IT groups are adjusting to this new breed of bold and curious data user and learn:
    - How IT is shifting from data protector to data mentor
    - Why business users are so data hungry and so un-afraid of Big Data
    - What true self-service analytics can look like when paired with Hadoop
  • DDoS Attacks: More Dangerous to You; Never Easier to Launch Apr 21 2015 5:00 pm UTC 45 mins
    Christina Richmond, Program Director, IDC and Joe Loveless, Product Marketing, Neustar
    If your organization cannot afford downtime from DDoS attacks, join this timely discussion from Neustar, with special guest perspective from IDC’s Christina Richmond. Explore the complexity and purpose behind today’s attacks and what you can do to defend your Internet presence. You will learn:

    · What the DDoS threat environment looks like today
    · Why “smokescreening” is a particular danger
    · Where attacks can have impact across your organization
    · How you can take steps to thwart DDoS threats
  • Leveraging Risk, Physical and Cyber Security and Continuity Planning Apr 21 2015 4:00 pm UTC 45 mins
    Eric Kretz, Director, Continuity of Operations (COOP) Division, National Continuity Programs (NCP)
    Generally, risks associated with continuity planning, from physical to cyber-security, are part of an ever-evolving threat to our systems and technologies. Continuity planning is simply the good business practice of ensuring the execution of essential functions through all circumstances, and it is a fundamental responsibility of public institutions and private entities responsible to their stakeholders. What are some of the risks associated with continuity planning? Why is managing risk important for continuity? What are some of the methods used to mitigate risks in continuity planning?

    The COOP presentation will provide an understanding of Continuity and Continuity of Operations, explain the importance of a viable Continuity capability, and emphasize the need for a viable Continuity capability in all organizations, to demonstrate some of the linkages between continuity programs and:

    • Risk Management
    • Physical Security
    • Emergency Management
    • Cyber Security/ Information Technology

    Join us on April 21 as NCP’s senior continuity practitioner shares resilient continuity programs and outreach efforts. Hear from Eric Kretz, NCP, as he talks about Information Integration: Leveraging Risk, Physical and Cyber Security and Continuity Planning.
  • SIEM Detection & Response Cases Apr 21 2015 3:00 pm UTC 30 mins
    Tom Clare, Director, Arctic Wolf
    Before tackling a SIEM project to improve detection and response, learn from these case studies as their scenario likely matches yours. To firebreak your network brings together technologies, processes and people in the right balance across four phases. More than a security point solution or another box, you need to turn craft into a discipline to improve detection and response.

    Learn from your peers about the following:
    - Before environment and issues
    - Transition effort, cost and impact
    - After environment and benefits
    - Best practices for managed SIEM
    - Your network and next steps
  • Webroot’s 2014 Threat Brief Preview Recorded: Apr 16 2015 38 mins
    Grayson Milbourne, Security Intelligence Director
    This presentation provides an overview of the threats against a wide range of organizations and individuals during 2014. This overview is based on research and analysis conducted by the Webroot Threat Research team. The report includes analysis of IP addresses associated with malicious activity, details on the reputation of URLs by category and location, phishing detection statistics, insights into file reputation and encounter rates with malware and PUAs and information on mobile app security for Android devices. All data presented comes from Webroot’s Intelligence Network and was observed during 2014.
  • Next-Generation Security for Amazon Web Services Recorded: Apr 16 2015 37 mins
    Matt Keil, Product Marketing, Palo Alto Networks
    Public cloud computing resources such as Amazon Web Services (AWS) are helping organizations like yours develop and deploy new applications rapidly; expand into geographic regions seamlessly and extend competitive advantages. Cyber criminals are well aware of the rapid expansion into the public cloud and are looking for weaknesses in your security posture. Don’t let them find one. The VM-Series for AWS, allows you to securely extend your corporate datacenter into AWS, using our next-generation firewall and advanced features to protect your data while native management features ensures policies keep pace with the changing to your applications.

    In this webinar, attendees will learn:
    - Common customer use cases for AWS
    - Key security challenges and considerations
    - How the VM-Series can protect your AWS environments
  • Improve Threat Detection with OSSEC and AlienVault USM Recorded: Apr 15 2015 60 mins
    Garrett Gross, Sr. Technical Product Marketing Manager, Bjorn Hovd, Systems Engineer
    Host-based IDS systems, or HIDS, work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM features a complete integration of OSSEC, one of the most popular and effective open source HIDS tools.

    In this live webinar, we'll show you how USM helps you get more out of OSSEC with:
    Remote agent deployment, configuration and management
    Behavioral monitoring of OSSEC clients
    Logging and reporting for PCI compliance
    Data correlation with IP reputation data, vulnerability scans and more
    We'll finish up by showing a demo of how OSSEC alert correlation can be used to detect brute force attacks with USM
  • Global CISO Forum Episode 3: Swimming with Sharks: Don’t be the Bait Recorded: Apr 15 2015 57 mins
    Tom Bain, CounterTack
    Host Amber Williams chats with Tom Bain of CounterTack about endpoint security, the Black Hat movie, and the future of security and Todd Bell of Intersec World Wide about the need for an MBA in the CISO role, swimming with the sharks, and turning the IS department into a profit center.
  • Surfacing Critical Cyber Threats Through Security Intelligence Recorded: Apr 15 2015 62 mins
    Dr. Sameer Bhalotra, Former White House Director; Chris Petersen, CTO; Robert F. Lentz, Former CISO for the Dept of Defense
    The rapidly expanding supply chain supporting the cybercrime economy is empowering cyber criminals, cyber terrorists and even nation states in ways that put companies, critical infrastructure and governments at increased risk. The fate of an organization whose defenses have been compromised will be determined by the speed with which they can detect and respond to intruders. A mature security intelligence posture boosts an organization’s resiliency amidst these advanced threats. If intruders are detected early in their lifecycle, organizations can respond quickly and potentially avoid loss altogether.

    In this webinar, three cyber security veterans will discuss today’s rapidly evolving cyber threat landscape and LogRhythm’s new Security Intelligence Maturity Model™ (SIMM). They will explore how the SIMM provides organizations with a framework to plan for continuous reduction in their mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to high-impact threats.

    Learn about:
    • Emerging cyber threat vectors in 2015.
    • Security Intelligence and the critical role it plays in addressing high-impact threats
    • Using the SIMM to assess your current Security Intelligence Maturity
    • How to move from “greatly exposed” to “highly resilient” via End-to-End Threat Lifecycle Management
  • What You Don't Know about Cryptography and How It Can Hurt You Recorded: Apr 14 2015 50 mins
    Chuck Easttom, Computer Scientist, Author, and Inventor
    This presentation describes the gaps in most security professionals knowledge of crypto, why that is a problem, and how you can correct it.
  • The Dark Side of Anonymizers: Protect Your Network from the Unknown Recorded: Apr 14 2015 44 mins
    Joanna Burkey, DVLabs Manager, HP TippingPoint
    While anonymizers can serve a positive purpose by protecting a user’s personal information by hiding their computer’s identifying information, their use in your network environment can be dangerous. Anonymizers can evade enterprise security devices, and their misuse can make your organization susceptible to malware and unwanted intrusions. Attend this session to learn how you can detect and block elusive anonymizers from wreaking havoc on your network.
  • Industrial Control Systems Cyber Security: It’s Not All About Stuxnet Recorded: Apr 14 2015 46 mins
    Dr Daniel Trivellato, Product Manager, SecurityMatters
    Recently cyber attacks against Industrial Control Systems (ICS) used by
    utilities and other Critical Infrastructure organizations have hit the
    newlines worldwide. Stuxnet is the best known cyber attack against an
    industrial installation, but it's not the only one.

    But what if cyber attacks were not the biggest threat to industrial
    networks and systems? Although malware is still a major point of
    interest, the sword of Damocles for critical industrial networks is
    represented by system misuse performed by disgruntled employees,
    contractors and vendors, as well as unintentional mistakes,
    network and system misconfiguration; all this could lead to the
    divergence or failure of critical processes.

    In this talk we will reshape the concept of ICS cyber security and will present our vision for a comprehensive approach to cyber security for ICS.
  • All About the Thousands of 2014 Vulnerabilities - From Secunia Research Recorded: Apr 14 2015 43 mins
    Kasper Lindgaard, Director of Research and Security, Secunia
    Every year, Secunia Research releases a review of the global vulnerability landscape, based on their large vulnerability database and data from the Secunia Personal Software Inspector (PSI) user base.

    The data in this research provides security professionals around the world with perspective on the impact and evolution of the threat landscape and what has trended throughout the year.

    In this webinar, Secunia’s Director of Research and Security Kasper Lindgaard will discuss the data presented in the Secunia Vulnerability Review 2015 and answer questions.

    The review itself was released on March 25.

    You can download a copy of the review on our website:

    www.secunia.com/VR2015

    Key takeaways:

    - The number of vulnerabilities and zero-days detected in 2014

    - How quick vendors are to respond to vulnerabilities

    - Which programs are more vulnerable

    - How products bundled with open source applications and libraries affect security
  • It Wasn't Me, It Was Bennett Arron Recorded: Apr 14 2015 29 mins
    Bennett Arron, Comedian, Author & Identity Theft Speaker
    Several years ago, award-winning writer and stand-up comedian Bennett Arron was in serious debt. He owed thousands of pounds to mobile phone companies, catalogues and department stores. Only it wasn’t him. Bennett was a victim of Identity Theft, the fastest growing crime in the UK. This theft resulted in Bennett and his pregnant wife becoming penniless and homeless.

    Years later, Bennett wrote a comedy show about his experience. The show was critically acclaimed at the Edinburgh Festival and led to Bennett being asked to direct and present a Documentary for Channel 4. The Documentary, How To Steal An Identity, was Pick of The Week in The Guardian and The Telegraph and was called ‘Fascinating and Disturbing’ by the TV Times. It went on to be shortlisted for a BAFTA.

    In the Documentary, Bennett proved the ease of ID theft, by first stealing the identities of the general public and then stealing the identity of the then Home Secretary, Charles Clarke.This action resulted in Bennett being arrested in a dawn raid by Scotland Yard and given the code-name Operation Hydrogen.

    Bennett has recently written a memoir on the subject. This book, which has received several 5 star reviews, is not only a disturbingly true yet funny account of what it's like to have your identity stolen and but also reveals the devastating consequences of making a documentary ‘in the public interest’.

    He has performed as a speaker at many corporate events around the world and he was the Guest Speaker at the International Fraud Convention in Italy, the International Congress On Anti-Fraud & Anti-Corruption in Poland (twice) and the opening keynote speaker at Auscert in Australia.

    Bennett has been called... 'A Welsh Seinfeld' by The Guardian, 'Genuinely Original and Funny' by The Times and ‘Case Number 2477419’ by The Metropolitan Police.
  • Visualize Data for Actionable Insight into Your B2B Processes Recorded: Apr 12 2015 2 mins
    OpenText DEMO
    An overview of how businesses can gain visibility into B2B transactions to speed decision-making, respond to changing customer and market demands, and optimize business processes.
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Evolving Security Monitoring: Bringing Context Into SIEM
  • Live at: Aug 8 2012 7:00 pm
  • Presented by: Karl Klaessig, Product Marketing Manager, McAfee SIEM
  • From:
Your email has been sent.
or close
You must be logged in to email this