Name: Demystifying the Modern Application Security Program
Start: 2021-05-25T17:00:00Z
End: 2021-05-25T17:00:57.000Z
Location: BrightTALK
Rating: 0

By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With RedSeal’s cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks and how it’s all connected. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk.

The more state and local agencies practice data sharing to increase transparency, accelerate and improve accuracy, the higher probability of unintended exposures, opening them to data breaches, malware and worse, ransomware attacks. 

How do agencies proactively recognize exposures, secure infrastructures mitigate risks and stay compliant? More and more agencies realize they are not immune and can’t see around corners. They need a solid solution that allows them to know exactly what’s on their network, how it’s connected and what specifically is at risk.

Join RedSeal and Shannon Lawson, CISO, City of Phoenix, as we explore how a state and local agency earned toward hardening their environment from attacks:

- What resources they had across all their infrastructure environments?
- If any of the resources were unintentionally exposed to the internet?
- What access is possible within and between environments?
- Did their deployments meet security best practices?
- How to validate their network segmentation policies?
- Are they remediating the riskiest vulnerabilities first?

Speakers:
Shannon Lawson, CISO, City of Phoenix
Dr. Mike Lloyd, CTO, RedSeal
Brad Schwab, Senior Security Solutions Consultant, RedSeal

State and Local Cybersecurity Threats: Weathering the Storm

Cloud security is complex and distributed. In organizations with on-premise environments, the controls sit with the network security team and in firewalls. In the cloud, controls sit with multiple DevOps teams, Kubernetes, 3rd parties, inside AWS, and more. Cloud security controls may not be implemented by security teams but by numerous application developers. The impact is an exponential growth in misconfigurations that are leaving resources with unintended or accidental exposure to the Internet. 
 
Security challenges in the cloud have become so prevalent that Gartner has defined Cloud Security Posture Management (CSPM) as a new category of security products designed to identify misconfiguration issues and risks in the cloud. 
 
Join us on Wednesday, December 8th at 11:00am PT for an exclusive overview of RedSeal’s new SaaS-based CSPM solution, RedSeal Stratus, with Kurt Van Etten, Chief Product Officer and Sukesh Garg, Vice President, Products. 

We'll show you how RedSeal Stratus can help security teams better manage this increased risk with: 
- Complete and up-to-date visualization of cloud infrastructure  
- Detailed knowledge of Amazon Kubernetes accounts and policies  
- Out-of-the-box dashboard that identifies resources that exposed to the Internet

Stop Unintended Exposure with RedSeal Stratus

Network security teams have been tasked to ensure that their hybrid environments are secure and meet organizational security standards. However, their domain covers not only traditional on-premises and private clouds, but also any number of public clouds (Amazon Web Services, Microsoft Azure, Google Cloud Platform and Oracle Cloud). 

The Center for Internet Security have developed the CIS Benchmarks, a consensus-based set of standards across several vendor product families that serve as best-practice security configuration guides, including the major public Cloud Service Providers.

Join RedSeal’s Hom Bahmanyar, VP of Ecosystem Engineering and Landon Brock, Sr. Product Manager, for a discussion on:

• How to utilize CIS Benchmarks for AWS and Azure to identify device misconfigurations to remedy and ensure secure configuration in accordance with industry best practices
•	Utilizing RedSeal to perform CIS Benchmark checks to secure 3rd party firewalls such as PAN, Cisco, and Check Point that are deployed in the cloud
•	Going beyond standard best practices checks and include industry best practices checks developed by RedSeal

Meet Cloud Security Best Practices w/ CIS Benchmarks for AWS and Azure

Two heads are often better than one – that’s why we started recording these "Lloyd vs. Lloyd" CTO Perspectives. 
 
But are two clouds better than one?  There’s a lot of talk about multi-cloud, but it’s no simple thing to think through all the security implications of choosing one or the other.  Add in multi-cloud and hybrid environments, and you increase the complexity of the situation.
 
Join Mike & Wayne, RedSeal’s CTO and Federal CTO, for a discussion of the good, the bad, and the ugly of single and multi-cloud strategies.

Lloyd vs. Lloyd: Are Two Clouds Better Than One?

The industry continues to struggle with cloud security strategy, and we must ask if 'Defense in Depth' is still relevant in cloud security?”

Join us on Tuesday, April 6th for a live panel discussion with Kurt Van Etten, Chief Product Officer at RedSeal, Arti Raman, Founder and CEO of Titaniam, Inc. and Caroline Wong, author of “Security Metrics: A Beginner's Guide” and Chief Strategy Officer at Cobalt.io.

Together they will address:

- How cloud breaches are occurring in the industry today
- How to identify risks to your public cloud environments
- How combining visibility and data protection can be used to give one confidence in securing public clouds

Is 'Defense in Depth' Still Relevant in Cloud Security?

The security landscape continues to shift to the cloud, but are public clouds actually more secure than on-premise environments?

Join us on Thursday, February 24th for a live panel discussion with Kurt Van Etten, Chief Product Officer at RedSeal, Kelly Robertson, President and CEO at SEC Consult, and Jones Uzan, Solutions Architect at Amazon Web Services.

They will address:

- The biggest challenges security teams face when adopting cloud technologies.
- The best practices for cloud migration.
- How AWS helps companies migrating to the cloud with security and compliance.
- Which third-party security solutions you should consider.

Are Public Clouds More Secure Than On-Premises?

RedSeal can help ServiceNow customers be confident that their network inventories are complete, and access is what they intended – even across multiple cloud and on-premises environments.

What’s more, RedSeal allows ServiceNow IT Service Management users to prioritize vulnerabilities by the risk they pose in a specific network.

Join us on Thursday, February 4th to see how RedSeal enriches ServiceNow ITSM to:

Ensure you have a complete inventory of your network devices and cloud resources
Identify any unintended access
Accurately prioritize your vulnerabilities by the risk they pose to your network
Expedite change management

RedSeal and ServiceNow: Is Your Network Inventory Complete?

Cybersecurity audits are no one’s idea of a good time. They can be time-consuming and frustrating – for both auditor and client. 

Based on hours of research with auditors, RedSeal has developed insights and practical solutions to get you through your audits quickly and successfully.

Join RedSeal Chief Product Officer, Kurt Van Etten and Vice President of Professional Services Ramesh Kaza on December 8, 2020 as they discuss:
 
- Common challenges and delays auditors face in getting the information they need
- How RedSeal can help you quickly provide needed information and evidence
- Examples of howe RedSeal has helped organizations verify inventory and access and provide required proof – across multiple cloud environments.

Help Your Auditors Help You

What do you do when you find yourself responsible for the security of a network you don’t know? Without an understanding of what’s on a network and how it’s set up, you can’t protect it.

This is something that happens to all of us:

•	You join a new organization
•	Knowledgeable people leave
•	Your organization merges with or acquires another
•	A new network management company comes in

Join RedSeal’s two CTOs – Dr. Mike Lloyd and Wayne Lloyd – to get their thoughts on the best and quickest way to understand and protect a network you take over.

Taking Over A Network

As we move into the cloud, most of us realize that cloud security is complex. We have clouds from multiple vendors that connect to on premise systems. It is difficult to answer what should be simple questions about what is there and how it’s set up.
 
This webinar will show how RedSeal can help answer five fundamental questions:
 
- What do you have in your cloud(s)? 
- Does your cloud deployment meet best practices?
- Have you validated that network segmentation policies are properly implemented across clouds?
- What access is possible? What is internet facing?
- Are your cloud vulnerabilities prioritized by risk to your network?

A 5 Step Plan for Multi-Cloud Security

Are your corporate assets and remote workforce protected as you deploy Meraki devices?

A misconfiguration in any one of your Meraki devices can unintentionally expose corporate assets to unauthorized users – or provide an unmonitored path for data exfiltration. 

Join us to see how you can have visibility into Meraki devices and their connections -- across hybrid cloud and on-premise environments — from each device to your data centers. 

We’ll provide practitioner examples of misconfigurations, the risk they created, and how to remediate them quickly.  

You’ll learn how you can:

- Discover new and existing Meraki devices
- Investigate to determine if they’re securely configured and comply with organizational policies
- Act to remediate and mitigate risks

Deploying Meraki? Be Sure Your Devices Are Securely Connected

Our national Cyber Protection Teams (CPTs) are taking U.S. cyber defense beyond our borders. As part of a Defend Forward program, they’re being invited into the networks of other nations to find and shine a light on malware – so we can all be protected from it.

But while they’re defending forward, there is a role for all of us on the home front. There are things we can do to protect our networks and keep our cyber teams in the fight.

Join RedSeal’s CTOs Wayne Lloyd and Dr. Mike Lloyd as they discuss Defend Forward and how we can be our own cyber protection team back at home.

Defend Forward, But Protect Your Base

Identifying the right vulnerabilities is a real challenge.

Scanner data generates tens of thousands (maybe even hundreds of thousands) of vulnerability results, sometimes scattered between different vendors (Rapid7, Qualys, Tenable, and more) and makes it a ‘whack-a-mole’ activity.

A proper vulnerability management plan should be able to identify the top vulnerabilities to patch or find the exact path an attacker can take. But to divert, contain or block intruder access requires information like: 

- Where are the assets located and if/how could they be accessed?
- If the asset is compromised, what else does the attacker get access to?
- Does the compromised asset have internet access?

In this August 24th webinar, learn how customers use RedSeal to help them:

- Prioritize asset vulnerabilities based on network context
- Identify areas that scanners miss and their causes
- Consolidate vulnerability scan data from multiple sources

No Two Networks Devices Are Alike: Prioritize Based on Your Network

This SNG Live Virtual session "Securing the Supply Chain" brings together federal cybersecurity leaders for a conversation on how they continue to mature their cybersecurity defenses, protect a remote workforce and what the best strategies are for staying ahead of adversaries.

Speakers:
- Allan Friedman, Director of Cybersecurity Initiatives, NTIA, Department of Commerce
- Wayne Lloyd, Federal CTO, RedSeal
- Greg Otto, Editor-in-Chief, CyberScoop

SNG Live - Securing the Supply Chain

The cloud presents an approach to DevOps affectionately called “pets vs. cattle,” which forces a different cybersecurity strategy. As with all change, the pets vs. cattle approach creates opportunities and risks of doing it wrong. 

Join us on July 20th to hear CTOs Dr. Mike Lloyd and Wayne Lloyd discuss this approach. They’ll share their different perspectives as they cover:

1.	What “pets vs. cattle” means.
2.	If it’s a net benefit or a curse for cybersecurity
3.	Mistakes can you make when implementing it

When Fido Moos and Bessy Barks: Security in a Cloud-First World

Even though most breaches are caused by oversights in basic cybersecurity hygiene, complex, hybrid multi-cloud environments make cybersecurity fundamentals really challenging. Even taking inventory of a network, ensuring your devices are securely configured, and knowing that you’re scanning everything you intended aren’t easy. RedSeal can help.

Join us for a webinar on Tuesday, February 11th as we share real-world customer stories of how we help with:

- Inventory control and secure device configurations
- Visibility into network inventory
- Identifying password and device configuration issues
- Enhancing value from vulnerability scanners
- Identifying unscanned areas you think are being scanned.
- Prioritizing vulnerabilities based not only on severity and asset value, but on accessibility.

Securing Your Hybrid Multi-Cloud Network: The Practitioner View

Watch and listen as RedSeal’s Chief Product Officer, Kurt Van Etten gives an overview of RedSeal’s platform and the advantages it provides.

He illustrates how RedSeal supports the cybersecurity fundamentals — so you can see what’s on your network, how it’s connected, and the associated risk.

Who Is RedSeal?

As modern application security programs move through three stages – development, deployment and operations – the security posture should be calculated so that risk is 1) isolated at each stage and 2) decreasing along each step in the process.

Join us on Tuesday, May 25th for a live panel discussion with:

- Georges Bellefontaine, Manager, InfoSec
- Praveen Kosuri, Oracle Director of Cloud Engineering
- Sukesh Garg, RedSeal VP of Product Management
- Ramesh Kaza, RedSeal VP of Professional Services

Together they will address the following questions:

- As you move through the three stages of the development lifecycle, what steps should you take to ensure that risk is decreasing at each stage?
- What can you can do to verify that each stage is set up to mitigate risk?
- How should InfoSec/DevSecOps, DevOps and Developers collaborate?

Demystifying the Modern Application Security Program

Cloud

Application Security

Information Security

DevOps

Developers

Risk Based Security

Risk Mitigation

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Get powerful end user computing insights from influential EUC experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on effective approaches to get non-programmers to create working applications.

End User Computing

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Demystifying the Modern Application Security Program

Presented by

About this talk

More from this channel