Name: Did threat actors get in when you went remote? Time to hunt.
Start: 2020-08-20T18:00:00Z
End: 2020-08-20T18:01:00.000Z
Location: BrightTALK
Rating: 4

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than 2.7 million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective data protection, risk management and threat intelligence. Trustwave is a privately held company, headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit www.trustwave.com.

Listen in as Trustwave SpiderLabs’ Senior Research Managers Karl Sigler and Pawel Knapczyk discuss the highly targeted techniques and methods used in the first major conflict between nation states with advanced cyber capabilities, and the implications for global organizations. Karl and Pawel detail the technical approaches seen to date and lay out the key defensive actions that global enterprises need to consider now.

Briefing: Cyber Weapons Used in the Ukraine-Russia War

The war in Ukraine has seen the nexus of cyber vulnerabilities and warfare tactics, designed to compromise and disrupt opponents. Politically motivated actors have taken advantage of existing malware, CVEs, and developed novel techniques to target both state and corporate entities. The TTPs used are being adapted for successful deployment in the business domain.

Listen to Ziv Mador, Trustwave SpiderLabs VP of Research, as he analyzes the current attack trends, bringing you unique insight into the current threat landscape.

SpiderLabs Threat Briefing: Cybercrime for Commercialization and Combat

An introduction to 24/7 monitoring, proactive alert management, threat hunting, and incident response that spans network, endpoint, and cloud.

How to eradicate threats 24/7 with Cortex powered by Trustwave MDR

Trustwave subject matter experts discuss the increasing ransomware threat, how you can improve your security governance and or compliance? What strategies you can employ operationally? Which are the best technologies for you to implement to protect yourself? What do you need to test and assure yourself of effective controls and how do you proactively or re-actively mitigate the impact of an incident?

Attend this webinar if you would like to explore solutions to the risks posed and want to be informed on some of the latest responses. We will provide you with advice and guidance on how you can improve your Security Governance and or Compliance, alongside operational changes, or technology you can implement to protect yourself. We will answer questions such as what you need to do to test and assure yourself of effective controls and share ideas on how you can proactively or re-actively mitigate the impact of a ransomware incident.

Hosts:
Ed Williams, Director, SpiderLabs - EMEA 
Matt Hmoud,  Principal Security Consultant, Trustwave
Shawn Kanady, Director Spiderlabs Threat Hunt, Trustwave
David Bacon - Director Digital Forensics and Incident Response - EMEA, Spiderlabs

Mitigating increasingly serious and sophisticated Ransomware threats

Overview of the current threat landscape and having a proactive approach to addressing these threats.

Trustwave webinar - Cyber Resilience in the Age of Mass Vulnerabilities

Delivering business value through our partnership

Trustwave & Palo Alto Networks - Playing the XDR field

As the geopolitical stage becomes increasingly tumultuous, organizations across the globe need to be in a heightened state of alert regarding their cybersecurity. Watch this session as our security experts share their commentary and advice in response to potential state-sponsored attacks from Russia.

Trustwave Threat Response to Russia's Invasion of Ukraine

The threat against your digital supply chain is real.

The cybercriminal gang Lapsus$ burst onto the scene with unique compromise and data exfiltration tactics as well as atypical motivators.

Lapsus$ has attacked several top enterprises including Okta, Microsoft, NVIDIA, Samsung. The group’s approach to malicious operations takes a shortcut to access by recruiting insiders, while also pursuing more traditional routes like social engineering.

Join Karl Sigler, Senior Security Research Manager, Trustwave SpiderLabs, for a briefing about Lapsus$ and actionable recommendations to help ensure your organization can prevent, detect and/or respond to this emerging threat.

Lapsus$: The Latest Threat To Your Digital Supply Chain

Today, “slow” is the new broken. Slow, outdated systems and tools can significantly inhibit business continuity and security, impeding your organization’s productivity and it’s cloud migration. With modern paradigms, solutions, and integrations, “slow” is not only inefficient, but also, no longer an acceptable standard. 

In this session, we’ll discuss the necessity of re-evaluating productivity, integration, and visibility to ensure your security is not hindered by sluggish or outdated solutions. Bad actors are increasingly sophisticated and bold and now is a crucial time to tighten your perimeters and strengthen protocols to mitigate your cloud and cyber risks. 

Together with Microsoft, join Trustwave on June 17th at 1pm PDT for more information on:
• Achieving visibility 
• Evaluating integration standards
• Identifying inefficient or slow security processes

Slow is the New Broken: Accelerating your Cloud Security

With a 67% increase in security breaches over the last five years, and an average cost of a data breach clocking in at $3.86 million, you can never be too careful in your approach to security. - Per Accenture 

A strong security posture is a careful blend of the right people, processes, and technology aligning to ensure you remain one step ahead of the ever-evolving threat landscape, increasing attack surfaces and potential vulnerabilities resulting from digitization initiatives.  

From remote employees connecting to an unsecured Wi-Fi network or unintentional violations of security policies to unpatched software or a previously undetected malware file, seemingly innocuous risks can maneuver their way around your existing tools--no matter how robust.  

Amplifying your current security tech stack with human-led testing and simulated attacks provides heightened visibility into your environment, identifying these gaps before a bad actor can exploit them.  

In this session, we'll be discussing: 

Using red teaming engagements to confirm security efficacy  

Employing blue and purple team exercises to amplify existing security protocols 

How human-led testing differs from penetration testing and automated tools 

 

Join the Trustwave SpiderLabs team to better understand the vital role human-led testing and adversarial-simulation (red, blue and purple teaming) plays in maintaining a mature, layered security posture.

Red Team Rules: The Importance of Human-Led Testing

It seems every 3-5 years, the industry has new terms to discuss the state of security and guide security investments. The "Assume Breach" strategy caused us to think “Well, if I can’t stop attackers coming in, I have to assume they are already inside my network.” This led the market to change security focus on more detection and response, but the hackers already know what to do to hide. The "Assume Breach" strategy alone is a losing one. It must be combined with a Proactive Data Breach Prevention strategy.
 
In this webinar, we will discuss the balance needed between the two strategies and focus on the strengths of a proactive one.  

We will look at:
  -Security Hygiene
  -Thinking like the Attacker
  -Securing Data Where It Lives

The Attackers Already Know Your "Assume Breach" Strategy

Join Palo Alto Networks and Trustwave SOAR SME’s in a roundtable discussion as they explore the current market for SOAR, the challenge facing businesses and how together, their collaboration to enable a unique XSOAR offering.
• Why SOAR?
• How can Trustwave help?
•	Solving the perpetual effort
•	Cyber vs. Operational Use Cases
•	XSOAR ROI

To SOAR or not to SOAR – Trustwave XSOAR is the Answer

It’s no longer enough to secure your own company’s infrastructure; you now must also evaluate the risk of third-party vendors, and plan as well as monitor for breaches there too.   Recent supply chain breaches like the Colonial Pipeline breach, have shown security risks must be taken seriously. You should assume cybercriminals can navigate across the systems of your vendors and into your own environment. it is critical that you have a clear understanding of the inherent risks within your supply chain and the know-how to prioritize actions to reduce the risks of a breach.  In this webinar we will explore: • The move to automation and outsourcing trends ‘It is estimated that there will be four times more supply chain attacks in 2021 than in 2020’ - European Union Agency for Cybersecurity (ENISA)– Jul 2021 • Trends and analysis from BitSight (James Warriner)  • Compliance and Regulation – President Bidens Executive Order and NIS-D – Its importance and impact on supply chain risk.

Looking beyond your perimeter - Supply Chain Risks

It’s no longer enough to secure your own company’s infrastructure; you now must also evaluate the risk of third-party vendors, and plan as well as monitor for breaches there too. Recent supply chain breaches like the Colonial Pipeline breach, have shown security risks must be taken seriously. You should assume cybercriminals can navigate across the systems of your vendors and into your own environment. it is critical that you have a clear understanding of the inherent risks within your supply chain and the know-how to prioritise actions to reduce the risks of a breach.

Cyber Security Supply Chain Risk Preparedness

Just as enterprise organizations are embracing cloud computing, so too are cyber attackers and everyone is justifiably concerned. For all the advantages of the cloud, the framework is not impervious to cyber threats and so security protocols must always be a priority. Yet the myth that cloud is less secure than owned, on-premise security is just that: a myth. A 2020 Gartner forecast stated IaaS workloads would experience 60% fewer security incidents than traditional data centers — at least.

In order to comprehensively deploy a cloud security network, companies must understand the realities of their infrastructures. Identifying the responsibility of the cloud and that of the customer is critical, as is learning what services can be reasonably expected from a leading cloud provider. Only with the right facts can you build a truly secure network.

Join this panel of experts as they discuss the most common myths of cloud security and what you should actually be building your strategy around:

- Cloud vs. On-Premise Security: Which is easier to target?
- Is a public cloud more vulnerable than a private one?
- How automated can — and should — the cloud’s security protocol be?
- Accessibility: How much is too much?

Moderated by: 
Michelle Drolet, CEO, Towerwall

Panelists to include: 
Jessica Charter, EMEA Security Principal, Trustwave
Taylor Smith, Senior Product Marketing Manager, Prisma Cloud, Palo Alto Networks
Rajesh Agnihotri, Senior Solutions Engineer, Middle East, SonicWall
Scott Fanning, Senior Director, Cloud Security, CrowdStrike

Dispelling the Myths and Misconceptions of Cloud Security

It is becoming ever more difficult to navigate the ever-changing cloud landscape. What are the key challenges? How can you understand what compliance is suitable for your organisation? How do you integrate security strategy across on-prem and cloud environments? Join us in a roundtable discussion with our top security SMEs from Trustwave.

Integrating security strategies across on-prem and cloud environments

Reduce Security Risk with EDR and IR Automation

Auth, Audit and Action

Breach Detection: Becoming as Agile as The Attackers

Network Traffic Analysis and the ATT&CK Framework

First steps to regain control on a compromised infrastructure

Securing DevOps - Should We Start Shifting-Center?

The Importance of App Security in the Securitization of DevOps

AST for Securing DevOps

Shining a Light on Shadow Code

Shift Left with Security into the Development WorkFlows

DevOps & Security in 2020

DevSecOps - Protecting CI/CD and the last line of defence of your organisation

Cost Optimization for Security & Risk

Rapid Moves to the Cloud: Securing the New Normal

Threat Analysis and Breach Protection

Leaky Buckets: Effective Encryption Techniques to Secure AWS S3 Buckets

Police insight – How to protect your business from cyber threats

Securing the Cloud in 2020: Threats, Visibility & Privileged Access

Power Your Security Ecosystem to Prevent Against Data Breaches

Securing remote workers: The critical role of strong authentication

Humans are the Weakest Link – Corona Edition

Business is still good for cyber criminals. How about yours?

DDoS Attacks in 2020 & Best Practices in Defense

Effective Anti-Phishing Requires 100% User Adoption. Here's How to Do It.

Cybersecurity Threat Detection and Prevention

Caught in the Wild: Threats in Focus

THREAT INTEL IN THE REAL WORLD: An Expert Roundtable

Addressing Today’s Cyber Threats

Cybersecurity in the New World

Cyber Threats and Enterprise Security 2020

As the Covid19 pandemic ripped across the globe impacting our health, politics and our ability to continue to work, companies have been forced to shut down or otherwise present an opportunity for remote work. For some companies, that impact may have seemed minimal, due to already having a remote workforce. For others, the task of enabling remote work came with a lot of technical problems, support issues, and quite a few mistakes along the way. This type of chaotic situation, is exactly what the predatory threat actors of today are looking for. The mass confusion can lend itself to unauthorized bypass, internal reconnaissance and eventually, exfiltration of critical data. 

During these critical moments it is absolutely vital to assess your critical assets, understand how your threat landscape has changed and perform routine threat hunts to identify anomalous behavior or unauthorized changes introduced to the environment.

Did threat actors get in when you went remote? Time to hunt.

Cyber Attacks

Cyber Security

Remote Access

Cyber Threats

Security Analysis

Enterprise Security

Breach Detection

Hackers

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Did threat actors get in when you went remote? Time to hunt.

Presented by

About this talk

More from this channel