Name: Finding Incidents Using Web Filtering Data
Start: 2020-03-05T16:00:00Z
End: 2020-03-05T16:14:00.000Z
Location: BrightTALK
Rating: 0

Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response services. By scaling decades of frontline experience, Mandiant helps organizations to be confident in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.

Most organizations have cyber-threat intelligence programs in one form or another, but the tough-to-face fact is that many only achieve tactical success at best. Today’s threat landscape, by contrast, demands threat intelligence best practices and a more formal program, which leaves a significant cyber intelligence gap in organizations. 

Tune into this custom BrightTALK session with experts from Mandiant and Enterprise Strategy Group to subvert this trend for your organization and discover how to develop and maintain a proactive and impactful cyber-threat intelligence program.

Additional agenda items include:
• Trends associated with open-source intelligence (OSINT), commercial threat feeds, threat intelligence platforms (TIPs), and SIEM 
• The state of cyber-threat intelligence programs today
• What’s needed to advance existing programs

Making cyber-threat intelligence programs effective and impactful

Detecting and responding to bots and fraud has become vital to organizations and ensuring security for their users. Attackers are carrying out more sophisticated bot attacks, and using novel ways to exploit compromised credentials to gain unprecedented access to the online presence of organizations. 

Join our upcoming webinar to see how reCAPTCHA Enterprise with its GA of Account Defender is driving security by preventing account takeovers, preventing fraudulent attempts and reducing friction for legitimate users.

We’ll explore how you can leverage the depth of Google’s intelligence and ML models by securing 6 million websites, how to secure your login and registration workflow, and moving beyond the visual challenge.

Prevent Account Takeover and Fraud with reCAPTCHA Enterprise

Recent studies show there is still a skills gap in cyber security. To help close this gap, John Doyle, Applied Intelligence Mentorship Program Lead at Mandiant, created a Cyber Threat Intelligence course to train security teams to think like a Mandiant threat intelligence analyst.  

In this webinar, John  shares a preview of this exclusive Mandiant Cyber Threat Intelligence course that delves into the mind of an APT. 

This new strategic course is designed for new security professionals or those transitioning into new security roles. It aims to teach how countries use cyber operations as a tool of statecraft to advance national-level priorities, and in response to geopolitical drivers. With this knowledge, students will gain an understanding of how, why, and against whom nation-states attack so you will know what to look for and how to proactively identify potential threats that could impact your organization.  

Register now for this webinar for insights into: 
 - Using APT attribution to inform defensive posture, allocate resources, and provide insight into likely threat vectors
 - Best practices in using and evaluating CTI reports 
 - Improving risk assessments and developing threat profiles by understanding threat actor mission, mandates, and motivations

Inside the Mind of an APT

Join a panel of Mandiant experts to explore findings from the new Global Perspectives on Threat Intelligence report and understand key actions to solidify your cyber readiness.

Learn the key challenges facing cyber security decision-makers at the world’s largest organizations and how you can operationalize threat intelligence to be better prepared in the rapidly evolving threat landscape.

In this live session, you will learn how to:
 - Improve visibility and understanding of unique threats targeting your organization
 - Help security teams prioritize and prepare
 - Apply threat intelligence effectively throughout your organization

Global Perspectives on Threat Intelligence: Best Practices for Cyber Defense

This session is the fourth in our multipart virtual series that will provide helpful insights and best practices surrounding the six critical functions of cyber defense that make up The Defender’s Advantage.  

In this webinar, join Mandiant experts for a discussion on how to properly Respond to resume normal business operations and effectively remove threats from the environment. Also learn how to proactively Hunt for evidence from a previous or existing compromise to enhance future response capabilities and realize new methods of threat detection.

Respond to Resume Operations & Hunt to Prevent Compromise- Webinar Series Part 4

A cada ano, vemos que o panorama de ameaças evolui de modos diferentes. Apesar de os defensores terem o desafio crítico de navegar pela incerteza, o caminho adiante não precisa ser tão confuso. Ao estudar as tendências atuais, podemos visualizar de maneira mais clara as batalhas que venceremos no ano de 2023.
Para ajudar as organizações a estarem preparadas para 2023, melhorando sua defesa cibernética, o especialista em ameaças da Mandiant, Guilherme Volpini Cosentino, apresenta uma sessão na qual trata em detalhes muitos dos temas discutidos no último relatório Previsões de Cibersegurança da Mandiant para 2023.
Participe de nosso webinar, na quarta-feira, 01 de março de 2023, para entender em profundidade algumas destas tendências, tais como:

• Como os riscos cibernéticos russos podem impactar a cibersegurança
• Como será a escalada de espionagem chinesa
• Porque os atores maliciosos iranianos podem aumentar o volume de ataques
• É provável que as operações de informações continuem aumentando em ritmo, com um impacto pouco claro
• Possíveis mudanças nos seguros cibernéticos
• Tendências de aumento de espionagem cibernética e ransomware no mundo
• Como os grupos de extorsão usarão ransomware em 2023

Speaker – Guilherme Volpini Cosentino, Security Services Manager, Mandiant

Projeções sobre segurança cibernética em 2023

This session is the third in our multipart virtual series that will provide helpful insights and best practices surrounding  the six critical functions of cyber defense that make up The Defender’s Advantage.  

In this webinar, join Mandiant experts for a discussion on how to effectively contextualize, categorize, and prioritize cyber security incidents to rapidly Detect malicious activity and identify significant business risks. Also learn how to Validate your security control ecosystem to ensure the optimization and success of the detection process to ultimately protect your critical assets.

Detect Risks & Validate Security Controls - Webinar Series Part 3

Nearly one year ago, Russia invaded Ukraine, and we continue to see cyber operations play a prominent role in the war. To provide more insights into the role of cyber, we released Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape Report based on analysis from Google’s Threat Analysis Group (TAG), Mandiant, now part of Google Cloud, and Google Trust & Safety.

Join our upcoming webinar to explore new findings, and retrospective insights, across government-backed attackers, information operations (IO), and cybercriminal ecosystem threat actors from the report. 

Highlights include:
- Shifts in Russia’s government-backed attackers tactics and efforts.
- How Moscow has shaped public perception of the war.
- The effects on the Eastern European cybercriminal ecosystem, and how it has changed.

Speakers:
Toni Gidwani, Security Engineering Manager - Google Threat Analysis Group
Tina Tong, Threat Intelligence Analyst - Google Threat Analysis Group
Ben Read, Senior Manager of Threat Analysis - Mandiant, now part of Google Cloud

Fog of War: How the Ukraine Conflict Transformed the Cyber Threat Landscape

2023 will see businesses prepare for and comply with new Canadian legal requirements   for cybersecurity, such as Bill C-26, C-27 and the Office of Superintendent of Financial Institution’s B13 Guidelines, which will respectively apply to critical infrastructures, customer data privacy and financial services. 

Compliance with these requirements is critical while the amount of time allowed to organizations to implement is relatively short. Organizations will have to demonstrate compliance. 

Mandiant (now part of Google Cloud) and Norton Rose Fulbright Canada LLP are pleased to invite you to join them for an online webinar on February 22nd at 2.00 pm ET. 

Cybersecurity practitioners, decision makers and legal counsels can learn and gather: 

• An overview of what exactly B13, C26 and C27 entail in terms of cybersecurity for their respective industries 
• Best practices to efficiently implement those new regulations 
• Best practices to navigate cyber readiness in an ever changing legal landscape 

Speakers -
Greg Davison - Moderator - Head of Mandiant Sales, Canada  
Ali Arasteh - Head of Mandiant Consulting, Canada 
Imran Ahmad - Partner, Head of Technology, Co-Head of Information Governance, Privacy and Cybersecurity

Cyber Readiness in the 2023 Canadian changing legal landscape

This session is the second in our multipart virtual series that will provide helpful insights and best practices surrounding the six critical functions of cyber defense that make up The Defender’s Advantage.  

In this webinar, join Mandiant experts for a discussion on how to understand and effectively implement your collective Threat Intelligence to make the right security decisions. We will also dive into the establishment of Command and Control to orchestrate the prioritization of activities performed by all six cyber defense functions to achieve security resilience and reduce the overall impact of cyber attacks.

Who should attend:
CISOs
Cyber defense directors
SOC managers
Seasoned and new cybersecurity practitioners

Utilize Threat Intelligence, Establish Command & Control - Webinar Series Part 2

Learn how to activate the six critical functions of Cyber Defense to optimize your security program in the face of harmful adversaries. Building a best-in-class cyber defense organization will provide confidence in your ability to protect, defend and respond to sophisticated [and inevitable] threats that can cripple business operations. 

As outlined in Mandiant’s award-winning book,“The Defender’s Advantage” organizations are defending against adversaries within their very own environment. Because the defender owns the environment in which they go head-to-head with these ruthless attackers, it’s important to remember that the defender has a fundamental advantage–however many  organizations struggle to capitalize on it.

This multipart webinar series will provide helpful insights and best practices surrounding the six critical functions of cyber defense that make up The Defender’s Advantage.  

Register for this first session to receive an executive overview of The Defender’s Advantage and its six critical functions of cyber defense—Threat Intelligence, Command and Control, Detect, Validate, Respond and Hunt. Each of these functions represents different responsibilities focused on distinctive goals, while collectively working together to rapidly identify and effectively respond to threats. 

Who should attend:
CISOs
Cyber Defense Directors
SOC Managers
Seasoned and new Cybersecurity Practitioners

Take Control of Your Cyber Defense with The Defender’s Advantage Series, Part 1

Cada año vemos que el panorama de amenazas evoluciona de diferentes maneras. Si bien a los defensores les queda el desafío crítico de navegar la incertidumbre, el camino por delante no tiene que ser tan confuso. Al estudiar las tendencias que vemos hoy, podemos visualizar una imagen más clara de las batallas que esperamos librar el próximo año.

Para ayudar a las organizaciones a estar preparadas para 2023 y puedan mejorar su defensa cibernética, el experto en amenazas de Mandiant, Jorge Lozano, presenta una sesión en la cual trata con profundidad muchos de los temas discutidos en el último informe, Prevision de ciberseguridad de Mandiant para 2023, que incluye:

• Es probable que los riesgos cibernéticos rusos continúen siendo de alto ritmo y alto impacto
• Las amenazas de espionaje cibernético chino siguen siendo muy agresivas
• Los actores iraníes pueden aumentar en la escalada de ataques debido a la creciente agitación interna
• Es probable que las operaciones de información continúen aumentando en ritmo, con un impacto poco claro
• El seguro cibernético puede restringir el acceso y la cobertura
• Es probable que el sudeste asiático vea un aumento en el espionaje cibernético y el ransomware
• Es probable que los actores de extorsión continúen evitando el ransomware a favor de la extorsión pura a través del robo de datos

Unese a nuestro webinar para entender todas estas tendencias más en detalle

Vocero - Jorge Lozano - Strategic Services Manager LATAM

Previsión de ciberseguridad de Mandiant para 2023

Mandiant is pleased to invite you to a webinar discussion on ransomware attacks with our panel of experts from Baker Hostetler, Marsh, and Coveware.

Throughout 2021, there was a significant increase in the number of ransomware attacks across industries, with an estimated 1/3 of all organizations worldwide having experienced a ransomware attack or some form of a breach. Once opportunistic hackers have evolved into highly sophisticated cyber criminals, and their ransom demands have now reached several millions of dollars per incident, on average. Due to their complexity, these incidents result in significant financial, operational, reputational, and legal consequences.

Today, organizations are expected to be prepared for a ransomware attack. We will provide practical takeaways that organizations from all industries can implement.
Discussion topics will include:

• Threat profile of a ransomware attack including prevention and recovery strategies
• Legal implications of a ransomware attack 
• Insurance measures available to mitigate cyber risk
• Considerations and requirements for ransomware recovery negotiations

Developing Your Ransomware Playbook: Best Practices and Legal Considerations

Our frontline Mandiant Intelligence experts continue to work around the clock and across the globe to relentlessly protect our customers from today’s most advanced threats.

Join our expert Threat Intelligence team, as they provide an overview on the cyber developments over this past quarter:

•       2023 Strategic Trends & Predictions: We’ll cover our predications for ransomware, 
        state-sponsored threat activity, and threat actors constant evolution to evade 
        detection.

•       Global Distribution Campaigns: We’ll look at the significant volume of threat activity 
         we observe and the various types of globally distributed campaigns.  

•        And more…We’ll take a deep dive look into one Phishing-as-a-Service offering and 
          explore a novel malware ecosystem.

Exclusive Webinar for Mandiant Clients - Q4 2022 Intelligence Briefing

The U.S. Federal Bureau of Investigation recently issued a private industry notification that hackers are actively targeting healthcare payment processors to reroute funds to attacker-controlled accounts. 
  
Join Mandiant Experts Nick Schroeder and Lori Ainbinder as they discuss the unique cyber security challenges healthcare organizations face. They will review recent threats and public stories of healthcare impacted by threat actors, and learnings to be gained from those experiences. Nick and Lori will also touch on recent trends and recommendations on areas of focus for healthcare cyber security professionals.

Preparing for Cyber Security Threats in Healthcare

Every year we see the threat landscape evolve in different ways. While defenders are left with the critical challenge of navigating the uncertainty, the road ahead doesn’t have to be so foggy. By studying the trends we see today, we can paint a clearer picture of the battles we expect to be fighting in the coming year. 

To help organizations be prepared for 2023 so they can improve their cyber readiness, Mandiant threat expert Andrew Kopcienski is presenting a deep-dive session to cover many of the topics discussed in the latest report, Mandiant Cyber Security Forecast 2023, including:  

• Russian cyber risks likely to continue to be high-tempo and high-impact 
• Chinese cyber espionage threats continue to be highly aggressive
• Iranian actors may increase in escalating attacks due to rising internal turmoil 
• Information operations likely to continue to increase in tempo, with unclear impact 
• Cyber insurance may restrict access and coverage
• Southeast Asia likely to see an increase in cyber espionage and ransomware 
• Extortion actors likely to continue to eschew ransomware in favor of pure extortion 
   through data theft

Mandiant Cyber Security Forecast 2023

El informe anual M-Trends 2022 es una fuente confiable de evidencia y liderazgo intelectual para los profesionales de la seguridad. Contiene todas las métricas, conocimientos y orientación que la industria de la ciberseguridad espera. Proporciona datos oportunos basados en la experiencia de respuesta a incidentes de primera línea de Mandiant. Ofrece información sobre las infracciones y operaciones de los atacantes más impactantes de todo el mundo.

Lo invitamos a participar en nuestro webinar "M-TRENDS 2022 - Tendencias de ciberseguridad más importantes en la actualidad". Únase a uno de los mejores analista de amenazas de Mandiant, para informarse acerca de las últimas tendencias y lo que significan estos hallazgos para su organización.

Los temas a desarrollar serán:

• Tiempos de permanencia globales y regionales
• Detección por tendencias de origen
• Métricas de orientación de la industria
• Grupos de amenazas nuevos y notables
• Principales vectores de infección y familias de malware
• Técnicas de ataque de mayor incidencia.

M-TRENDS 2022 - Tendencias de ciberseguridad más importantes en la actualidad

The retail sector is at high risk for cyber-attacks due to its size, close customer interactions, recognizable brands and frequent transaction rates. Cyber threats to the retail sector come from both financially motivated and state-sponsored espionage actors, and threaten the global economy. 

In this webinar, Stefanie Hoover, VP, Loss Prevention Magazine interviews Erin Joe, Head of Strategy and Alliances at Mandiant, the market leader in cyber threat intelligence and incident response, about the unique cyber threat landscape in the retail sector. Erin will discuss current threats, tactics and trends as well as approaches leaders and defenders can employ to improve their defensive posture and readiness. Topics include:

• Threat briefing on actors and trends in the retail sector
• Links between cyber and physical threats
• Strategies to harden and protect a retail security environment
• Advice for retail leaders to manage a cyber-attack and maintain business continuity

Defenses Against Destructive Cyber Threats to the Retail Sector

Web filtering data can be a treasure trove of threat activity (PUPs/PUAs). The challenges with finding these threats come from the vast volume of sensor data. PUP malware beaconing signals may or may not occur at regular intervals and a human security analyst can't be expected to keep track of all the web requests generated by a single host for an hour, let alone a day or a week. The solution to this challenge is Robotic Decision Automation, which can consider over 60 factors specific to web filtering data when identifying malware and other malicious activity. 

Key takeaways from this webinar:
 -Web filter data volume is no longer an issue for monitoring
 -Monitoring HTTPS traffic reduces Mean Time to Respond (MTTR)
 -The Respond Analyst is the first solutions that allows for real-time analysis and triage of web proxy data


The Respond Analyst integrates with leading web proxy vendors: Palo Alto Networks, Symantec, McAfee, Cisco, Forcepoint, Carbon Black and ZScaler.

Finding Incidents Using Web Filtering Data

Web filtering

Security Operations

Cyber Defence

Cyber Security

Security Analysis

Malware

Threat Detection

Incident Detection

Automation

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Finding Incidents Using Web Filtering Data

Presented by

About this talk

More from this channel