Living Off The Land on a Private Island: An Overview of UNC1945

De acordo com o Gartner, até 2022 espera-se que as organizações sejam responsáveis por pelo menos 95% de suas falhas de segurança na nuvem. Mas se você mudar a forma como pensa a segurança na nuvem, a sua história poderá ser outra!

Junte-se a nós em um webinar ao vivo enquanto desvendamos vários mitos comuns que colocam em risco sua migração rápida e segura para a nuvem:

• A nuvem não é segura
• Minha organização não usa a nuvem
• Meu provedor de nuvem vai me manter seguro
• A nuvem é apenas o computador de outra pessoa
• Atacantes avançados não estão mirando na nuvem

Você também aprenderá como identificar um provedor confiável para que possa aproveitar com segurança os avanços que a nuvem oferece.

Mandiant Security Validation allows you to accurately assess a company's security posture. We help our clients take a proactive approach to identifying and mitigating risks due to incorrect configurations, inefficiencies in products, and / or established security processes.

Register for the webinar and find out how Mandiant Security Validation enables you to:

• Evaluate your security posture in order to prioritize investments;
• Optimize the configuration of your technologies to maximize the return on investment;
• Compare your security with market standards such as MITRE ATT&CK Framework and others;
• Test the correct operation of your DLP-type tools;
• Measure the security of your security processes in the CLOUD;
• Validate the correct operation of your Endpoint tools;
• Confirm network segmentation in IT / OT / SCADA environments.

The results can be extremely interesting for managers of SOCs, CISOs and for the Board of Directors.

Security assumptions do not equal security effectiveness. With increasing pressure on boards of directors and CEOs to provide evidence that business assets are protected from the fallout of a potential breach, the need to justify security investments is now a key performance metric. Only through security validation and continual measurement of security effectiveness across technology, people and processes can you rationalize cyber security investments and prove value to the C-suite.

In this session, led by General Earl Matthews, VP of Strategy for Mandiant Security Validation, you can learn:

- Best practices for investment prioritization when it comes to hiring, training and security solution procurement
- How security validation testing can identify areas of overlap in capabilities, inefficiencies in product expectations, and gaps in overall security posture, and help you optimize performance and value
- Steps to take to strengthen your security posture and minimize cyber risk in order to protect your brand reputation and economic value

Sandra Joyce, FireEye SVP & Head of Global Intelligence, returns to talk with Brian about recent infamous hacker groups’ exploitation of COVID-19, why having more security tools damages your chance of surviving a breach, and gives insight into findings from the Mandiant Validation Security Effectiveness Report.

Through Mandiant investigation of intrusions between February 2018 through September 2020, the FLARE Advanced Practices Team observed a group Mandiant tracks as “UNC1945” compromise and operate against a tailored set of targets within the financial and professional consulting industries by leveraging access to third-party networks.

Please join Mandiant’s Justin Moore and Jacob Thompson, for a look at UNC1945, including the group’s:

• Demonstrated access to exploits, tools, and malware for multiple operating systems
• Exploitation of an Oracle Zero-day
• Disciplined interest in covering or manipulating their activity
• Advanced technical abilities during interactive operations

Register Now!

The Expanding Attack Surface: How Continuous Validation Helps Protect the Supply Chain

Organizations are increasingly using third party providers to manage critical components of their infrastructure. The introduction of cloud services, managed service providers, and Software-as-a-Service (SaaS) has increased the size of an organization’s attack surface. A breach of proprietary and confidential information is just as impactful coming from the supply chain as it is from an organization’s infrastructure. Join Matt Shelton, Director, Technology Risk and Threat Intelligence, as he explains how intelligence-led validation can help tighten controls and reduce risk. In this webinar:

-Hear about the realities of today’s threat landscape, sophisticated attackers and the implications on managing your security stack and processes
-Learn how threat intelligence helps you take decisive action
-Find out how continuous validation helps you understand the true measure of your security
-Get insights into an actual use case where a company’s supply chain was breached to see how intelligence-led validation could have helped prevent it

Register Now

A Global Reset: Predictions for the Future of Cyber Security | Roundtable Discussion

The year 2020 has been an unprecedented time of change and has shaped up in a way that nobody could have expected. This year’s activities continue to alter the future course of cyber security, making it even more important to ensure that we better prepare ourselves for what’s to come.

On Monday, November 9th at 12 p.m./3 p.m. ET, join our expert panel as they share cyber trends and challenges in 2021. During the webinar, our experts will touch on various topics discussed in our upcoming report, A Global Reset: Predictions for the Future Cyber Security, including:
• How remote work will evolve and affect organizations operationally
• Insights into how threat actors will leverage the pandemic in their attacks
• The growing need for intelligence-led security validation
• The future state of cloud security
• Nation-state activity and changing TTPs
• How ransomware has pivoted from business risk to a national security risk

Expert Panel:
• Dave Baumgartner, CIO, FireEye (Moderator)
• Maj. Gen. Earl Matthews, VP of Strategy, Mandiant Security Validation
• Martin Holste, Cloud CTO, FireEye
• John Hultquist, Sr. Director, Mandiant Threat Intelligence

Please also check out our FireEye Cyber Summit 2020 for more interesting sessions: https://www.fireeye.com/company/events/cyber-summit-2020.html

Register Now!

Session Agenda:

- 10:30 a.m. PT - Intro to Financial Services Spotlight

- 10:31 a.m. - 11:02 a.m. PT - Navigating Today's Cyber Challenges- David Wong, VP, Mandiant Consulting joined by expert panelist, Holly Ridgeway - EVP, Chief Security Officer, Citizens Bank and Tim Hillyard - AVP, Cyber Security Threat and Response, Voya Financial

- 11:02 a.m. - 11:27 a.m. PT -Key Threats to Financial Services Today - John Miller, Director, Mandiant Threat Intelligence

- 11:27 a.m. - 11:46 a.m. PT - Improve Your Cybersecurity to Protect Against FIN11 - Ursula Cowen, Threat Research Analyst, Mandiant Security Validation and Andy Moore, Sr. Technical Analyst, Mandiant Threat Intelligence

- 11:46 a.m. - 12:01 p.m. PT - Spotlight on Financial Services: Live Q&A

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html

Session Agenda:

-9:15 a.m. - 9:40 a.m. - Take Control of Your Cloud Environments - Martin Holste, Cloud CTO, FireEye and Lisun Kung, Sr. Director, Cloudvisory, FireEye

-9:40 a.m. - 10:01 a.m. - FireEye Products: A Complete Solution Working Together - Phil Montgomery, Sr. VP, Product Marketing, FireEye

-10:01 a.m. - 10:24 a.m. - Detection and Response: Pioneered by FireEye - Steve Ledzian, CTO, APAC, FireEye

To check out the full event program, please visit https://www.fireeye.com/company/events/cyber-summit-2020.html

Session agenda:

- 8:00 a.m. PT. - Welcome and intro

- 8:02 a.m. -8:22 a.m. PT - New Ransomware Trends: A Threat Evolves - Sandra Joyce, EVP and Head of Mandiant Threat Intelligence

- 8:22 a.m. - 8:49 a.m. PT - Preparing for Disruptive Intrusions: Mitigating the Risk of Data Theft, Ransomware, Public Shaming and Extortion - Charles Carmakal, Sr. VP and Mandiant Strategic Services CTO

- 8:49 a.m. - 9:07 a.m. PT - Mandiant Advantage: Achieving Focused Business Outcomes through Threat Intelligence and Validation - Chris Key, EVP of Products, Mandiant Solutions

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html

The need to improve how companies prove security effectiveness in today’s business climate is clear: attacks are on the rise, targets are expanding, adversaries are more motivated, and their tactics are increasingly insidious.

Now, more than ever, organizations need access to emerging threat data as it happens. Security leaders need to be able to provide proof to their organization that these threats cannot and will not breach their defenses by being able to prioritize the threats that matter to them now and take action.

This session will show how relevant and emerging threat data combined with controls validation technology provides insight into what is most important to test against and what to prioritize based on the knowledge of who and what might be targeting an organization or industry. Through this approach to security validation, security leaders can provide evidence to C-level leadership and give them confidence that controls are working as they should against threats and adversaries delivering expected value and maintaining the organization’s accepted level of risk.

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html

With the chance of an attacker affecting more organizations today—notably around ransomware progression and the shift to remote work—your security function is continually challenged to keep pace with incident prevention, detection and response.

Transformation timelines often occur in two ways: proactive action to mitigate future threats, or reactive measures to remediate an existing incident—the latter can be detrimental. It’s imperative for security teams to develop and mature their security posture through capability improvement across four key areas: security architecture, cyber defense, governance and risk management.

In this session, you'll learn how Mandiant helps organizations conduct transformational changes of critical security functions and staff readiness through hands-on support across these critical areas. We’ll also share a roadmap of our new transformation services on the horizon.

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html

Today's security professionals have more network security challenges than ever before. With infrastructure located on-premise, as well as in private, hybrid and multi-cloud environments, managing and securing the network has become increasingly complex.

In this session, we’ll discuss the opportunities and challenges our customers face across a growing variety of use cases, how customers can integrate FireEye detection directly into their custom application, and how they can leverage FireEye’s full portfolio of solutions to address infrastructure security wherever they need it.

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html

Advanced attackers fly under the radar of prevention or detection technologies, living off the land, leveraging features and tools found in the operating system. From an attacker’s perspective, using legitimate or existing tools and features makes the defender’s job inherently more difficult. Picking out the malicious use of built-in OS tools is like looking for a needle in a haystack.

With FireEye Endpoint Security and our protection modules, these living off the land based attacks are made visible to FireEye and can be stopped. See how you can quickly implement Endpoint Security modules to disrupt attackers.

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html

All the Knowledge of FireEye at Your Fingertips | Endpoint Security with Process Tracker, Enricher and Detection on Demand

When an attack occurs, it may take a while to understand who is attacking, what methods are they using and what are they typically after. This information can very useful to understand how to detect all aspects of the attack, how to best remediate, and how to prevent it from happening again.

Join us to hear how Endpoint Security with detection modules can arm you with the context you need to respond effectively, mitigate damage, and prevent the next attack from occurring.

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html

Some attackers are staying one step ahead of detection and response, laying in wait and being stealthy to get to valuable data. They're patient, only escalating privileges when they are sure it will lead to something valuable and cleaning up their trail so it's difficult to see what they did. Once the attack is recognized, it may be too late to stop them from accomplishing their mission.

In the past there has been no easy and reliable way to find these stealthy attacks. Now with Endpoint Security, Event Streamer and Helix, these low fidelity breadcrumbs are correlated to a single attack, with visibility into the attack.

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html

Managing complex cloud deployments is challenging, especially when determining how pervasive rogue cloud instances, or cloud sprawl, is in your environment. But once you obtain a realistic measure of your cloud security posture, then you can effectively correct it.

Watch this twenty-minute session to learn how FireEye Mandiant can bring world-class prevention, detection, and response capabilities to proactively outmaneuver threats in your cloud environment. We’ll discuss: The value of baselining your cloud security posture; How to gain greater visibility across hybrid, public, private, and multi-cloud environments; and Best practice cloud security based on frontline use cases.

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html

Hunting threats is easier when have the power of all your sensors working together. By uniting previously unconnected sources, the multiplier effect brings power to your Security Operations Center.

Join us to learn how FireEye Helix delivers this functionality entirely native to your workflows, bringing the world-class ability to prevent, detect, and respond to security threats to your organization. See how machine learning, algorithms and statistical analysis can enhance your detection capabilities. Hear real-life examples of how to improve your threat hunting with Windows logs.

For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html