Hi [[ session.user.profile.firstName ]]

The Power of Streaming: Windows Event Streaming with FireEye Endpoint & Helix

Hunting threats is easier when have the power of all your sensors working together. By uniting previously unconnected sources, the multiplier effect brings power to your Security Operations Center.

Join us to learn how FireEye Helix delivers this functionality entirely native to your workflows, bringing the world-class ability to prevent, detect, and respond to security threats to your organization. See how machine learning, algorithms and statistical analysis can enhance your detection capabilities. Hear real-life examples of how to improve your threat hunting with Windows logs.

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
Recorded Nov 9 2020 13 mins
Your place is confirmed,
we'll send you email reminders
Presented by
J.R. Wikes, Principal Systems Engineer, FireEye; Julius Di Filippo, Solutions Architect, FireEye
Presentation preview: The Power of Streaming: Windows Event Streaming with FireEye Endpoint & Helix
  • Channel
  • Channel profile
  • Supply Chain Attack – Campanha de Intrusão Global Jan 28 2021 6:00 pm UTC 60 mins
    Arthur Cesar Oreana
    A FireEye descobriu uma ampla campanha que estamos rastreando como UNC2452. Os atores por trás dessa campanha tiveram acesso a inúmeras organizações públicas e privadas em todo o mundo através de atualizações trojanizadas do software Orion da SolarWinds, de gerenciamento e monitoramento de TI. Esta campanha pode ter começado no outono de 2020 e atualmente está em andamento.

    A atividade pós-comprometimento incluiu movimentação lateral e roubo de dados. A campanha é obra de um ator altamente qualificado e a operação foi realizada com significativa segurança operacional.

    Estamos trabalhando incansavelmente para defender e ajudar nossos clientes contra essas e futuras ameaças e gostaríamos de aproveitar este momento para compartilhar um briefing técnico – apenas para convidados – no dia 28 de janeiro às 15hs (horário de Brasília), conduzido por Arthur Cesar Oreana, da FireEye. Este briefing irá discutir as ameaças atuais e resumir as melhores práticas em evolução ao investigá-las e mitigá-las.

    Eu gostaria de convidá-lo pessoalmente a participar da sessão para obter uma visão e orientação específicas para o Brasil.
  • The Security Operations Center is Essential – But Is it Effective? Jan 26 2021 6:00 pm UTC 45 mins
    Larry Ponemon, Founder of the Ponemon Institute and Dan Lamorena, VP Marketing for XDR at FireEye
    From COVID to the cloud and from ransomware to work-from-home, everything changed, fast. The foundation of it all – the Security Operations Center, or SOC, played a critical role in supporting how enterprises tackled the pivot in how we work, communicate and connect, while ensuring a strong security posture for the organization. The Ponemon Institute researched how these changes have impacted the effectiveness of the SOC in the “Second Annual Study on the Economics of Security Operations Centers: What is the True Cost for Effective Results?”

    What stands out this year?

    • COVID-19: The pandemic’s impact on how SOCs operate and tackle security challenges as remote employees create new access points and bad actors take advantage.
    • Strong Hiring & Salaries: Jobs and salaries are up as CISOs drive to employ qualified security analysts and retain them in an environment where competition for their services is ruthless.
    • ROI of the SOC is Dropping: Complexity, analyst turnover and the growing cost of MSSP support for security monitoring drives lower scores in SOC investment.
    • Budgets include Automation & Extended Detection & Response: Extended Detection & Response (XDR) and security automation solutions have emerged as budgetary priorities as CISOs seek answers to improve security engineering effectiveness and cost.

    Let’s dig into what it all means for the next year. Join the report author, Larry Ponemon, Founder of the Ponemon Institute and Dan Lamorena, VP of Marketing for XDR at FireEye, for a live discussion on the state of today’s SOC, staffing, budgets for SOC tools, cost considerations for outsourcing and ROI.
  • Resumen Técnico de FireEye para CISOs de Latinoamérica Jan 21 2021 6:00 pm UTC 60 mins
    Stephen Fallas y Carlos Ayala de FireEye
    FireEye ha descubierto una campaña generalizada, que estamos rastreando como UNC2452. Los actores detrás de esta campaña obtuvieron acceso a numerosas organizaciones públicas y privadas de todo el mundo. Los mismos obtuvieron acceso a las víctimas a través de actualizaciones troyanizadas del software de gestión y supervisión de TI Orion de SolarWinds.

    Se presume que esta campaña pudo haber comenzado en la primavera de 2020 y actualmente está en curso. Actividades posteriores a la vulneración que afectaron la cadena de suministro incluyen movimientos laterales y el robo de datos. La campaña es obra de un actor altamente calificado y la operación se llevó a cabo con una seguridad operativa significativa.

    Estamos trabajando incansablemente para defender y ayudar a nuestros clientes contra estas y futuras amenazas y nos gustaría aprovechar este momento para informarles sobre una sesión técnica que se realizará solo por invitación el 13 de enero de 2021 a la 2 p.m. hora de Nueva York, la cual estará a cargo de Stephen Fallas y Carlos Ayala de FireEye. En esta sesión se analizarán las amenazas actuales y resumirán las mejores prácticas en evolución a la hora de investigar y mitigar dichas amenazas.
  • DebUNCing Attribution to Counter Threats More Effectively Jan 21 2021 4:00 pm UTC 60 mins
    Kelli Vanderlee Manager, Intelligence Analysis, Mandiant and Jeff Guilfoyle, Principal Product Manager, Mandiant
    Malicious cyber operations are not a force of nature. Instead, behind every compromise are human operators using tools and techniques to accomplish various goals.
    As a result, when reading about a malware campaign like “SUNBURST”, security practitioners try to answer essential questions like “Who could be behind this attack?” “What are they trying to accomplish?” or “How do they operate?”

    Solving these questions is often easier said than done. Actionable threat intelligence can provide unique insight so that security teams act in concert, quickly understand risks, prioritize resources to take the most effective countermeasures.

    Join our host, Bart Lenaerts-Bergmans, Sr. Product Marketing Manager, Mandiant with presenters, Kelli Vanderlee, Sr. Manager, Analysis, Mandiant and Jeff Guilfoyle, Principal Product Manager, Mandiant Advantage, as we explore key concepts:

    • How modern attribution works and the analytic processes
    • Understanding new actors (uncategorized) and which details to pay attention to
    • Navigating recent threat actor UNC2452 and Sunburst Malware using Mandiant Advantage
  • To XDR or Not to XDR? Recorded: Jan 19 2021 36 mins
    Chris Triolo, Chief Customer Officer at Respond Software and Jackie Groark, VP, Security/CISO at Veristor
    The security operations center (SOC) will never keep up with information overload. CISOs are challenged to transform the paradigm so the investments in people payoff, while reducing attrition and making security work fun. Automation is only just part of the solution.

    Modern security operations need to abandon the current model bogged down by formalities in process and procedure to one that is incident-aware, and situation focused. As enterprises deploy solutions for endpoint detection and response (EDR), security teams are realizing that they also need tools and strategies that are more all-encompassing to include threat intelligence, cloud services, SOAR, and next-gen SIEM, among others. So, where is the SOC to go from here?

    Join Chris Triolo, Chief Customer Officer at Respond Software, as he welcomes Jackie Groark, VP of Security and CISO at Veristor. Triolo and Groark will explore the promise of Extended Detection and Response (XDR) and start a discussion on how to supercharge automation and effectiveness in the security operations center.
  • FireEye Helix Explained - Helix Analytics Recorded: Jan 14 2021 54 mins
    ​Sarah Cox, Sr. Instructional Designer, FireEye and Dustin Seibel, Mgr, Sr, Detection Research, FireEye
    FireEye Helix enables you to take control of any incident from alert to fix, saving valuable time, resources and effort. This unified security operations platform addresses traditional SIEM shortfalls while delivering highly efficient, low-maintenance security automation.

    Join us for the next session in a series of webinars, as our experts highlight:

    • How Helix analytics automate the detection of suspicious activity in your environment using techniques that rules alone cannot provide
    • The types of detectors employed by analytics to identify specific kinds of activity that are often associated with attackers
    • Analytics Advisories that help you identify additional data sources for analytics detections in your environment
    • Techniques for building context on analytics alert to enhance alert analysis and response
    • How to improve threat and vulnerability detection with advanced user behavioral analytics

    A hands-on Helix demonstration shows how you can build context on analytics alerts and leverage analytics for hunting. And you can stay on after the session for an in-depth Q&A with our experts.
  • UNC2452: What We Know So Far Recorded: Jan 12 2021 57 mins
    Benjamin Read, Director, Threat Intelligence Analysis and John Hultquist, VP, Mandiant Threat Intelligence
    Get the latest on UNC2452, the actor behind the SolarWinds supply chain compromise

    FireEye's Mandiant team recently uncovered a threat actor leveraging a supply chain to carry out intrusions in a uniquely impactful campaign. The actor behind these intrusions, UNC2452, focuses heavily on operational security, which has limited historic perspective on their behavior and made them very difficult to detect; however, we are rapidly learning more about them.

    Join our Mandiant experts for this webinar where we will offer the latest intelligence on this important threat actor.
  • Measure, Improve & Optimize your Cybersecurity Recorded: Jan 6 2021 53 mins
    Lluis Coma, EMEA Consulting Sales Engineer, FireEye
    Mandiant Security Validation allows you to accurately assess a company's security posture. We help our clients take a proactive approach to identifying and mitigating risks due to incorrect configurations, inefficiencies in products, and / or established security processes.

    Register for the webinar and find out how Mandiant Security Validation enables you to:

    • Evaluate your security posture in order to prioritize investments;
    • Optimize the configuration of your technologies to maximize the return on investment;
    • Compare your security with market standards such as MITRE ATT&CK Framework and others;
    • Test the correct operation of your DLP-type tools;
    • Measure the security of your security processes in the CLOUD;
    • Validate the correct operation of your Endpoint tools;
    • Confirm network segmentation in IT / OT / SCADA environments.

    The results can be extremely interesting for managers of SOCs, CISOs and for the Board of Directors.
  • Security Effectiveness Strategies Recorded: Dec 29 2020 58 mins
    Major General Earl Matthews, VP of Strategy, Mandiant Security Validation& Jeff Compton, Global Head, Mandiant Threat Intel
    Security Effectiveness Strategies: How to Validate and Improve Your Security Posture

    To stay ahead of an evolving threat landscape, security teams must continuously improve their processes and technology. But even with their investments, security professionals still need answers to pressing questions:
    -Who are the attackers that target my industry and what techniques do they use?
    -Which alerts matter most and how do I respond?
    -Are my tools, controls, processes working as expected?
    -Where should I focus improvement efforts?

    Join Major General Earl Matthews USAF (Ret), VP of Strategy, Mandiant Solutions and Jeff Compton, Senior Manager, Global Head of Intelligence Consulting, FireEye Mandiant Threat Intelligence for our upcoming webinar to:

    -Learn how cyber threat intelligence can inform which attackers target your industry and understand the techniques they employ
    -Find out how continuous validation can pinpoint where you have gaps so you can target improvements where they are needed
    -Understand how validation technology powered by relevant intelligence can generate proof of effectiveness and reduce risk

    Register Now
  • Survey Says: A Modern SOC Requires XDR Recorded: Dec 2 2020 55 mins
    Dave Gruber, Senior Cybersecurity Industry Analyst at ESG and Mike Epplin, Solutions Architect at Respond Software
    XDR is a relatively new term in the security tools landscape. It stands for Extended Detection and Response – the approach that security operations centers should extend visibility and analysis to include threat intelligence, telemetries, vulnerabilities, and other relevant IT information. XDR is built to accelerate detection and response and reduce security engineering headaches that plague security operations teams.

    What are the challenges with current approaches to detection and response? Should you displace your current SIEM? What about the cloud?

    Let’s talk about it. Join Respond Software as we host a live chat with Dave Gruber, Senior Cybersecurity Industry Analyst, from ESG. Dave will discuss the key findings from the latest industry research on XDR in the ESG eBook, The Impact of XDR in the Modern SOC. Hosted by Mike Epplin, Solutions Architect, get the definitive roadmap for everything you need to modernize the SOC.

    We will explore why XDR is so important for security teams to address today’s advanced attacks, how organizations are approaching XDR implementations, and what core outcomes can be expected. If you are evaluating XDR, join us here on BrightTALK on December 2 at 11 am ET. You don’t want to miss it!

    Source: ESG eBook, The Impact of XDR in the Modern SOC – Taking Detection and Response to the Next Level, November 2020.
  • FireEye Chat | Front and Center on Security Predictions: A Year in Review Recorded: Dec 2 2020 26 mins
    Sandra Joyce, EVP, Mandiant Threat Intelligence and John Hultquist, Sr. Director, Mandiant Threat Intelligence
    Join our FireEye Chat expert-to-expert discussion for a look back on the predictions from last year’s Security Predictions report to see how we fared. We’ll also highlight other major cyber security occurrences of this year that has altered the course of direction for the industry as we move into 2021.
  • Threat Intelligence Briefing: Adversarial Motives, Intents and Capabilities Recorded: Nov 19 2020 45 mins
    Sandra Joyce EVP, Head of Global Intelligence Mandiant, moderated by James Hanson Vice President and Publisher Nextgov
    Cyber attacks continue to grow across government agencies, in both frequency and scope. It’s increasingly difficult for IT leaders to track threat actor behaviors, including those sponsored by nation states and financially motivated criminal operations.

    In this digital event, government media and industry leaders discuss what’s at stake for government agencies, from critical infrastructure and national resilience issues to risk management and civilian network defense. Tune in to explore the following topics and more:

    • How nation-state interests are driving advanced persistent threat (APT) activity
    • Insights into recently investigated APT groups
    • The latest tactics, techniques and procedures (TTPs) used by adversarial groups
    • The state of the ransomware landscape
  • [CISO Panel] Ciberseguridad en la nube: ya no es solo un problema de visibilidad Recorded: Nov 19 2020 52 mins
    Stephen Fallas, Zeus López González, Raúl Gómez Voguel, Gerald Segura Zúñiga
    La migración a entornos de múltiples nubes y el panorama de amenazas en evolución plantean nuevos riesgos para las organizaciones. A medida que los datos se encuentran en múltiples instancias de nube, los atacantes evolucionan para aprovechar la falta de visibilidad y de control, colocando las operaciones en riesgo de una brecha.

    Participa junto a nuestros expositores el jueves 19 de noviembre del 2020 a las 10:30 a.m. UTC / 8:30 a.m. PT donde analizaremos la complejidad, estrategias y habilidades necesarias para mantener de forma efectiva las operaciones en los entornos de nube. Abordando aspectos como:

    ¿Cómo puedo obtener una mayor visibilidad en todos los entornos de nube?; ¿Está mi equipo deteniendo eficazmente la fuga de datos y protegiendo la integridad de los datos?; ¿Mi equipo tiene evidencia para comunicar adecuadamente las métricas claves a nuestros ejecutivos?; ¿De qué lado del modelo de responsabilidad de nube compartida es responsable mi equipo?

    Inscríbase hoy >

    PANEL DE EXPERTOS

    Zeus López González
    CISO Transformación Digital – Banco Azteca – Mexico

    Raúl Gómez Voguel
    CISO – Banco BHD León -  Republica Dominicana

    Gerald Segura Zúñiga
    Gerente Ciberseguridad – Davivienda Costa Rica

    Moderador:
    Stephen Fallas
    Cybersecurity Architect Strategist, FireEye/Mandiant
  • Desvendando os Cinco Principais Mitos Sobre Segurança na Nuvem Recorded: Nov 19 2020 64 mins
    Arthur Cesar Oreana e Daniel Gomes
    De acordo com o Gartner, até 2022 espera-se que as organizações sejam responsáveis por pelo menos 95% de suas falhas de segurança na nuvem. Mas se você mudar a forma como pensa a segurança na nuvem, a sua história poderá ser outra!

    Junte-se a nós em um webinar ao vivo enquanto desvendamos vários mitos comuns que colocam em risco sua migração rápida e segura para a nuvem:

    • A nuvem não é segura
    • Minha organização não usa a nuvem
    • Meu provedor de nuvem vai me manter seguro
    • A nuvem é apenas o computador de outra pessoa
    • Atacantes avançados não estão mirando na nuvem

    Você também aprenderá como identificar um provedor confiável para que possa aproveitar com segurança os avanços que a nuvem oferece.
  • Validate Security Performance to Rationalize Investments Recorded: Nov 17 2020 51 mins
    General Earl Matthews, VP of Strategy for Mandiant Security Validation
    Security assumptions do not equal security effectiveness. With increasing pressure on boards of directors and CEOs to provide evidence that business assets are protected from the fallout of a potential breach, the need to justify security investments is now a key performance metric. Only through security validation and continual measurement of security effectiveness across technology, people and processes can you rationalize cyber security investments and prove value to the C-suite.

    In this session, led by General Earl Matthews, VP of Strategy for Mandiant Security Validation, you can learn:

    - Best practices for investment prioritization when it comes to hiring, training and security solution procurement
    - How security validation testing can identify areas of overlap in capabilities, inefficiencies in product expectations, and gaps in overall security posture, and help you optimize performance and value
    - Steps to take to strengthen your security posture and minimize cyber risk in order to protect your brand reputation and economic value
  • The Ultimate Pairing of Threat Intel and Validation Recorded: Nov 12 2020 30 mins
    Brian Contos, VP, Technology Innovation for Mandiant Security Validation & Sandra Joyce SVP, Global Intelligence for Mandiant
    Sandra Joyce, FireEye SVP & Head of Global Intelligence, returns to talk with Brian about recent infamous hacker groups’ exploitation of COVID-19, why having more security tools damages your chance of surviving a breach, and gives insight into findings from the Mandiant Validation Security Effectiveness Report.
  • Living Off The Land on a Private Island: An Overview of UNC1945 Recorded: Nov 12 2020 47 mins
    Mandiant Threat Experts
    Through Mandiant investigation of intrusions between February 2018 through September 2020, the FLARE Advanced Practices Team observed a group Mandiant tracks as “UNC1945” compromise and operate against a tailored set of targets within the financial and professional consulting industries by leveraging access to third-party networks.

    Please join Mandiant’s Justin Moore and Jacob Thompson, for a look at UNC1945, including the group’s:

    • Demonstrated access to exploits, tools, and malware for multiple operating systems
    • Exploitation of an Oracle Zero-day
    • Disciplined interest in covering or manipulating their activity
    • Advanced technical abilities during interactive operations

    Register Now!
  • To XDR or Not to XDR? Recorded: Nov 11 2020 37 mins
    Chris Triolo, Chief Customer Officer at Respond Software and Jackie Groark, VP, Security/CISO at Veristor
    The security operations center (SOC) will never keep up with information overload. CISOs are challenged to transform the paradigm so the investments in people payoff, while reducing attrition and making security work fun. Automation is only just part of the solution.

    Modern security operations need to abandon the current model bogged down by formalities in process and procedure to one that is incident-aware, and situation focused. As enterprises deploy solutions for endpoint detection and response (EDR), security teams are realizing that they also need tools and strategies that are more all-encompassing to include threat intelligence, cloud services, SOAR, and next-gen SIEM, among others. So, where is the SOC to go from here?

    Join Chris Triolo, Chief Customer Officer at Respond Software, as he welcomes Jackie Groark, VP of Security and CISO at Veristor. Triolo and Groark will explore the promise of Extended Detection and Response (XDR) and start a discussion on how to supercharge automation and effectiveness in the security operations center.
  • How Continuous Validation Helps Protect the Supply Chain Recorded: Nov 11 2020 58 mins
    Matt Shelton, Director, Technology Risk and Threat Intelligence, FireEye
    The Expanding Attack Surface: How Continuous Validation Helps Protect the Supply Chain

    Organizations are increasingly using third party providers to manage critical components of their infrastructure. The introduction of cloud services, managed service providers, and Software-as-a-Service (SaaS) has increased the size of an organization’s attack surface. A breach of proprietary and confidential information is just as impactful coming from the supply chain as it is from an organization’s infrastructure. Join Matt Shelton, Director, Technology Risk and Threat Intelligence, as he explains how intelligence-led validation can help tighten controls and reduce risk. In this webinar:

    -Hear about the realities of today’s threat landscape, sophisticated attackers and the implications on managing your security stack and processes
    -Learn how threat intelligence helps you take decisive action
    -Find out how continuous validation helps you understand the true measure of your security
    -Get insights into an actual use case where a company’s supply chain was breached to see how intelligence-led validation could have helped prevent it

    Register Now
  • A Global Reset: Cyber Security Predictions 2021 | Expert Roundtable Recorded: Nov 9 2020 45 mins
    FireEye Mandiant Expert Panel
    A Global Reset: Predictions for the Future of Cyber Security | Roundtable Discussion

    The year 2020 has been an unprecedented time of change and has shaped up in a way that nobody could have expected. This year’s activities continue to alter the future course of cyber security, making it even more important to ensure that we better prepare ourselves for what’s to come.

    On Monday, November 9th at 12 p.m./3 p.m. ET, join our expert panel as they share cyber trends and challenges in 2021. During the webinar, our experts will touch on various topics discussed in our upcoming report, A Global Reset: Predictions for the Future Cyber Security, including:
    • How remote work will evolve and affect organizations operationally
    • Insights into how threat actors will leverage the pandemic in their attacks
    • The growing need for intelligence-led security validation
    • The future state of cloud security
    • Nation-state activity and changing TTPs
    • How ransomware has pivoted from business risk to a national security risk

    Expert Panel:
    • Dave Baumgartner, CIO, FireEye (Moderator)
    • Maj. Gen. Earl Matthews, VP of Strategy, Mandiant Security Validation
    • Martin Holste, Cloud CTO, FireEye
    • John Hultquist, Sr. Director, Mandiant Threat Intelligence

    Please also check out our FireEye Cyber Summit 2020 for more interesting sessions: https://www.fireeye.com/company/events/cyber-summit-2020.html

    Register Now!
The leading provider of next generation threat protection
FireEye is the world leader in combating advanced malware, zero-day and targeted attacks that bypass traditional defenses, such as firewalls, IPS and antivirus.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Power of Streaming: Windows Event Streaming with FireEye Endpoint & Helix
  • Live at: Nov 9 2020 2:00 pm
  • Presented by: J.R. Wikes, Principal Systems Engineer, FireEye; Julius Di Filippo, Solutions Architect, FireEye
  • From:
Your email has been sent.
or close