Browse communities
Browse communities
Presenting a webinar?

The Case for Integral Attack Path Analysis

Mark Bouchard, AimPoint Group Founder and Principal Analyst and Ron Gula, Tenable CEO
Taking Vulnerability Management to the Next Level:
The Case for Integral Attack Path Analysis

Are your high-value servers and the data they contain really safe from attack, even with multiple countermeasures in place? Given today’s highly motivated attackers and the increasingly sophisticated threats they are generating it is not surprising that patching, firewalls, intrusion prevention systems and other commonly deployed defenses are no longer sufficient. Unfortunately, all it takes is a single, seemingly unimportant system to provide skilled attackers with a beachhead they can use to work their way through and around your defenses. Tenable’s next-generation vulnerability management, with integrated attack path analysis capabilities provides the answer, delivering the tools, insights, and intelligence organizations need to identify and close off otherwise overlooked attack paths – while simplifying infrastructure and streamlining operations in the process.

Join AimPoint Group Founder and Principal Analyst Mark Bouchard and Tenable CEO Ron Gula and learn:

• Why traditional vulnerability management fails to measure up
• What’s needed to efficiently identify and close common attack paths
• Processes, tips and techniques for conducting attack path analysis
• The benefits that can be derived from a next-generation vulnerability management solution with integral attack path analysis capabilities
Jun 19 2012
63 mins
The Case for Integral Attack Path Analysis
More from this community:

IT Security

  • Live and recorded (5381)
  • Upcoming (116)
  • Date
  • Rating
  • Views
  • In this webcast we will look at how to effectively manage Macs in the enterprise as well as mobile devices leveraging your existing IT infrastructure.

    The growth of Mac in the enterprise is undeniable. Apple’s success with the iPhone and iPad is bleeding over into end user preference for laptops. Where Macs used to account for only low single digit percentages of devices deployed and were therefore largely ignored, they are now growing across all verticals and industries and represent a significant challenge for IT.
  • Unfortunately, there is a high likelihood that organizations will suffer a breach by advanced malware. Learn how to minimize response time through real-time forensics to understand the scope of compromise including:

    - Identifying attacked endpoints
    - Finding indicators of compromise
    - Analyzing malicious activity
    - Tracing outbound communication, and more
  • Unfortunately, there is a high likelihood that organizations will suffer a breach by advanced malware. Learn how to minimize response time through real-time forensics to understand the scope of compromise including:

    - Identifying attacked endpoints
    - Finding indicators of compromise
    - Analyzing malicious activity
    - Tracing outbound communication, and more
  • Practice Makes Perfect When Defending Against DDoS Attacks

    DDoS attacks have been on the rise, especially hard-to-detect Layer 7 attacks that take down websites via resource exhaustion. Take the guesswork out of defending against these attacks by validating your DDoS defense effectiveness using realistic scenarios of real-world users and attacker behavior at scale.

    In this webinar, we will analyze and discuss the techniques and technology necessary to validate defenses against DDoS attacks:
    • Take a deep dive into multi-vector DoS attack strategies
    • Learn how to attack yourself in a controlled, safe environment
    • Create a DDoS Range to test your network defenses, personnel, and incident playbook

    Register now to reserve your spot.
  • Did you know the average breach goes undetected for 229 days? The earlier you can detect and respond to a breach, the faster you lower the risk and potential damage. Traditionally, companies have implemented a number of point solutions to for each new threat, an expensive and cumbersome approach. However, by combining threat protection from Fortinet with threat detection and response from AlienVault, companies now have an affordable way to significantly reduce the cost and complexity of complete threat management.

    Join threat experts from AlienVault and Fortinet for this webcast to learn how this integrated solution will provide:

    · Continuous threat prevention, detection and remediation in an easy-to-use solution

    · The ability to identify all critical assets and the potential attack surfaces in your network

    · Advanced analysis of FortiGate logs for threat identification and response through AlienVault USM

    · Simplified protection of your network with ONLY two products, at a price you can afford

    · Continual improvement of your security posture through frequent assessment.

    · Integrated threat intelligence that maximizes the efficiency of your security monitoring program
  • As organisations accept that they are more than likely to be breached, strengthening business resilience and response capabilities is becoming just as important as developing defensive strategies. As a result, organisations are crafting risk-based approaches to balance their priorities in order to protect, detect, respond and recover.

    Drawing on the findings of the Infosecurity Europe Industry Survey, this panel of industry experts will discuss the challenges for information security practitioners and how to prioritise and balance risk. The speakers will share insight into how to develop an information security strategy that protects the organisation’s information assets, whilst ensuring it is resilient and capable of responding robustly to incidents.
  • Companies rely heavily on networked technology today to operate their businesses. Highly distributed organizations like restaurant chains, retail stores, financial services or supply chain companies have an extra layer of difficulty. Rarely does each of the remote locations have IT expertise on site. As an IT manager, you are demanded by your executive management to keep the network available 100% of the time, avoid security breaches, support all the new strategic marketing initiatives and to do all of this with less money than you had in your budget last year! This session will review the top 5 challenges an IT manager in this situation needs to consider and suggest solutions:

    1) Executive mandate to "Do more with less"
    - Free-up your time to do what you do best
    - Vendor consolidation
    - Outsource, focus Internal resources on strategic tasks

    2) Lack of IT Expertise at remote sites
    - Consistency of deployment, Office in a box
    - How to make sure all locations have the same technology
    - Preplanned for growth and new services

    3) Sometimes lack of ownership of remote sites (Franchises)

    4) Security compliance/PCI DSS

    5) High availability
    - Network is down, business has stopped (can't take payments)
  • Join us to hear Africa Director Hendrik Malan and guest speaker Grant Theis, CEO of ttrumpet, as they discuss the emergence of Over-the-Top (OTT) providers and the potential opportunities for growth in the enterprise market.
  • Wie Sie in drei Schritten ein klares IT-Configuration Management aufsetzen

    Als Verantwortlicher für IT-Security sind Sie konstant mit möglichen Angriffszenarien und deren Abwehr beschäftigt. Ein Großteil der Angriffe sind nur deshalb erfolgreich, weil Komponenten in Ihrem Netzwerk unzureichend konfiguriert sind.
    Die Herausforderung ist, genau diese Maschinen zu identifizieren und sicher zu stellen, dass sie korrekt konfiguriert werden und dies auch bleiben.
    Lernen Sie in unserm Webcast wie Qualys Policy Compliance Ihr IT-Configuration-Management verbessern kann und damit Ihre Basis-Security stärkt und das Ganze voll automatisiert.
    Erfahren Sie:
    • Etablieren und Umsetzung von Security Configurations
    • Automatisierung und Durchführung von regelmäßigen Configuration Assessments
    • Priorisierung und Umsetzung von Remedation Workflows
  • Vous souhaitez en finir avec l’information dispersée à travers des centaines de répertoires partagés, espaces personnels, et disques durs locaux ?

    Vous êtes à la recherche d’une plateforme collaborative tout-en-un ?

    Vous êtes certainement déjà familier avec Microsoft SharePoint, mais êtes-vous sur de connaître l’étendue de son périmètre fonctionnel ?

    Car si SharePoint reste une excellente plate-forme intranet, de portail web, de collaboration et de partage documentaire, SharePoint va bien au-delà de ces fonctions avec le réseau social (RSE), les outils de développement, et la gestion documentaire (de type GED).

    Participez à notre webinar pour mieux comprendre la richesse de la plateforme et ses bénéfices : une collaboration unifiée et des gains de productivité à chaque niveau de l’entreprise (utilisateurs métiers, DSI, direction).

    Nous aborderons également les modèles de déploiement de SharePoint (100 % cloud, hybride ou on-premises) ainsi que les limites et bénéfices de chaque configuration.

    Dans un second temps, nous nous pencherons sur les questions de déploiement de SharePoint et nous découvrirons comment AvePoint, avec sa solution de migration pour SharePoint 2013 & Office 365, vous permet d’accélérer la mise en place de votre plateforme.

    Nous ferons un tour d’horizon des problèmes les plus communément rencontrés pendant les projets de migration, et nous verrons en 3 points comment AvePoint vous permet notamment de les adresser :

    • Optimisation des ressources dédiées à la migration en automatisant la suppression du contenu obsolète

    • Réduction de la perturbation des activités pendant le processus de migration grâce à une planification personnalisée.

    • Maintien de l’ensemble du contenu, des permissions et des métadonnées jugés pertinents par vos équipes.
  • Channel
  • Channel profile
  • Healthcare’s Unique Vulnerability Management Challenges Recorded: Nov 14 2013 56 mins
    Moderator: Craig Shumard, Principal, Shumard and Associates, LLC, Emeritus CISO, Cigna
    This webcast will explore the unique and very challenging landscape that healthcare provider organizations face managing system vulnerabilities.

    Along with the common vulnerability management challenges associated with operating a large enterprise, healthcare organizations face risks and vulnerabilities from a wide array of medical devices, a proliferation of mobile devices (both managed and non-managed) and electronic medical record (EMR) systems that are often hosted in the cloud.

    During this session, our panel will discuss:

    - The impact of evolving industry security standards and regulation on vulnerability management

    - What safeguards are being implemented to mitigate risk

    - Containing risk, while enabling operational agility to adopt new technologies

    - Your questions and comments

    Panelists:

    - Larry Brandolph, CISO, Temple University

    - Dr. Bryan Cline, VP, CSF Development and Implementation, and CISO for the Health Information Trust Alliance (HITRUST)

    - Joel Garmon, CISO, Wake Forest Baptist Medical Center

    - Brad Sanford, CISO, Emory University and Emory Healthcare

    - Marcus Ranum, CSO, Tenable Network Security

    - Craig Shumard, Principal, Shumard and Associates, LLC, Emeritus CISO, Cigna
  • Communicating Vulnerabilities to Management: Making the Rubber Meet the Road Recorded: Nov 12 2013 62 mins
    Paul Asadoorian (Product Evangelist), Jack Daniel (Technical Product Manager), Renaud Deraison (CRO)
    Is your organization’s security vulnerability information getting to the right people? Security vulnerability identification without resolution is frustrating and dangerous to your organization.

    Please join Paul, Jack, and Renaud Deraison (Tenable’s Chief Research Officer and the creator of Nessus) for the final webcast in the “Vulnerabilities Exposed” series where we will discuss how to detect and prioritize vulnerabilities, and then communicate them to the responsible parties for resolution.

    Tenable will arm you with new ways to keep the vulnerability information flowing, in the right directions and to the right people.

    • Find the vulnerabilities that matter
    • Prioritize patches for the greatest impact
    • Communicate problems to get, and keep, them fixed
  • Reduce Security and Compliance Gaps with Continuous Security Monitoring Recorded: Nov 7 2013 63 mins
    Mike Rothman and Jack Daniel
    Organizations are moving from “Periodic” scanning to “Continuous Monitoring” to protect their information assets from advanced threats and exposure from new technologies such as mobile and virtual systems. But, don’t assume that Continuous Monitoring just means more frequent scanning.

    Join Mike Rothman, President of Securosis, and Jack Daniel, Tenable Product Manager, as they discuss how to choose the right technology and focus on the key vulnerability management processes to create a proactive risk-based security and compliance management program.
  • BYOD-Bring Your Own Devastation-Taking On the Mobile Threat-"Vulns Exposed" Recorded: Oct 22 2013 58 mins
    Paul Asadoorian (Product Evangelist) and Jack Daniel (Technical Product Manager)
    What is the security status of your organization's BYOD environment?

    Join Paul Asadoorian and Jack Daniel for the third webcast in the “Vulnerabilities Exposed” series where they’ll discuss BYOD as one of today’s fastest growing security challenges and present Tenable solutions to help your organization stay ahead of mobile threats.

    Learn how to find and secure your BYOD and corporate mobile devices:

    • Detailed BYOD/mobile device snapshots: find iOS, Android-based, and Windows phone devices connected to your corporate network and their vulnerabilities
    • Full mobile asset discovery: continuously detect transient mobile devices, both managed and unmanaged, and their vulnerabilities
    • Unified mobile device management: powerful dashboards, reporting, alerting, and data sharing for organization-wide management of mobile device risk and compliance
  • How will Software Security Evolve? - Geeking Out with Marcus Ranum Recorded: Oct 17 2013 60 mins
    Marcus Ranum, CSO, Tenable Network Security
    Software security remains the "elephant in the room" of computing. The obvious answer is that it's a hard problem. But more subtle answers are rooted in how the software industry is structured.

    In this webcast, Gary McGraw and Marcus Ranum will engage in a conversation about how the industry might eventually evolve.
  • Addressing the Security Challenges of Virtualization - "Vulnerabilities Exposed" Recorded: Sep 24 2013 59 mins
    Paul Asadoorian & Jack Daniel of Tenable; Russell Butturini, Sr. Enterprise Security Architect at Healthways
    How secure is your virtual environment? Attend the second webcast in the "Vulnerabilities Exposed" webcast series where we'll discuss virtual machine (VM) sprawl, virtual “Whack-a-Mole,” and how your virtualization layer is equivalent to physical access.

    Paul and Jack will explain how to inventory, scan, and harden your virtual infrastructure and present Tenable solutions. Tenable customer, Russell Butturini, will discuss his experiences using Tenable products in the virtual environment at his company.

    Learn how to find and secure your VMs:

    • 7 steps to virtual security nirvana: our process to systematically secure your virtualized environment
    • Found another one!: use active scanning and real-time monitoring to find all your VMs
    • Patch and system hardening made easy: reduce overhead when hardening your virtual environment
    • Communication is key: prioritize risk and distribute the information to the people who can get the problems fixed
  • BYOD and Clouds: "The Perfect Storm" (Part 2) - A Politics of Security Webcast Recorded: Sep 19 2013 56 mins
    Craig Shumard, Principal, Shumard and Associates, LLC, Emeritus CISO, Cigna
    Part 2 of this series will focus on the risks and safeguards related to cloud storage repositories and mobile application security in an ‘any device/any channel’ engagement model.
  • Why Choose Tenable over Qualys? Recorded: Sep 5 2013 63 mins
    Jack Daniel: Technical Product Manager, Paul Crutchfield: SE Director - Tenable Network Security
    This webcast highlights the key capabilities of Tenable's vulnerability management solution and the benefits it provides over Qualys.
  • Reducing Your Patch Cycle to Less Than 5 Days - "Vulnerabilities Exposed" Series Recorded: Aug 27 2013 64 mins
    Paul Asadoorian (Product Evangelist) and Jack Daniel (Technical Product Manager)
    Is a 90-day patch cycle the best your organization can achieve? Join Paul Asadoorian and Jack Daniel for the first webcast in the “Vulnerabilities Exposed” series where they’ll dive deep into the challenges of vulnerability management and present creative solutions to help you fully leverage your vulnerability management process and reduce your patch cycle.

    Learn four ways to dramatically reduce your patch cycle:

    • More is less: complete vulnerability discovery with consolidated remediation means you patch fewer systems to fix more problems
    • Faster is better: real-time monitoring allows you to patch as you go
    • Work smarter, not harder: automated patch management system validation reduces discrepancies between IT security and network operations
    • No one likes surprises: identify deteriorating process trends before they become problematic
  • BYOD and Clouds: "The Perfect Storm" (Part 1) - A Politics of Security Webcast Recorded: Jul 18 2013 55 mins
    Craig Shumard, Principal, Shumard and Associates, LLC, Emeritus CISO, Cigna
    This two part webcast series examines how BYOD deployments along with cloud computing are collectively impacting security risks, how various organizations are updating their security processes to account for these technologies, and what safeguards are being implemented to mitigate risks as they are deployed.
  • Vulnerability Management nach BSI IT-Grundschutz Recorded: Jul 16 2013 29 mins
    Oliver Rochford, Tenable Senior Engineer
    In diesem Webinar von Tenable Network Security erfahren Sie wie Sie fortlaufend Windows-spezifische Massnahmen & Controls aus dem Massnahmenkatalogen überprüfen und auswerten können und wie Sie nach IT Grundschutz einen Nessus Audit durchführen. Report Auswertung und wie Remediation schnell in die Wege geleitet werden kann werden auch besprochen, oder wie Sie durch kontinuierliches Monitoring IT Grundschutz Compliance-Auflagen erfüllen können.

    Participant dial-in option.

    International Dial-In+44 (0) 1452 555566
    Germany 06922224918
    Austria 019286568
    Switzerland 0565800007

    Please quote the following conference ID: 14321710
  • Implementing an Effective Vulnerability Management Program Recorded: Jul 16 2013 44 mins
    Brian Honan, BH Consulting, Industry Security Expert
    Brian Honan presents this webinar on how to develop an effective Vulnerability Management program and what to consider when incorporating it into a wider security strategy. A best practice guide on how to identify your most critical assets, protect your data and reduce the breach to detection gap.
  • Increase Security Effectiveness with the 20 Critical Security Controls Recorded: Jun 19 2013 34 mins
    Leslie Forbes (Systems Engineer)
    Automating the 20 Critical Security Controls has demonstrated reduction in risk by over 90%. Tenable is the first vendor to offer an integrated real-time risk management solution to help organizations easily implement these controls.
  • Geeking Out with Marcus Ranum - Malware Response Recorded: Jun 4 2013 60 mins
    Marcus Ranum, CSO of Tenable, and Joel Yonts, CISO of Advanced Auto Parts
    Within the past five years, we have seen an escalating strategic use of malware and its negative impact on organizations. The TTPs (tactics, techniques, and procedures) of various threat actors have caused not only a demand for incident response capabilities, but also the need for in-house reverse engineering and malware response skills to aid incident response and forensic activities.

    Please join Marcus Ranum and special guest, Joel Yonts, on Tuesday, June 4 at 2PM EST for an interactive conversation on malware response programs and their importance and role in today’s enterprise security operations.

    Topics covered:
    •Strategy and objectives for developing a malware response process
    •How to build a malware analysis team
    •What tools to employ for malware response, and other related topics
  • Managing Vulnerabilities in Virtualized and Cloud-based Deployments Recorded: May 30 2013 60 mins
    Ron Gula (CEO), Jack Daniel (PM) - Tenable Network Security
    Technologies such as virtualization and cloud-delivered services offer organizations the benefits of hardware consolidation and rapid provisioning and deployment. However, they also bring security and compliance challenges that break traditional vulnerability management solutions by allowing un-scanned and unpatched systems to become active in any part of the organization. A new model that offers real-time identification and assessment of these technologies is required to mitigate the risks. Find out more about it in this webcast…
  • Cyber Threats News and APT Defenses - A Politics of Security Webcast Recorded: May 23 2013 57 mins
    Craig Shumard, Principal, Shumard and Associates, LLC, Emeritus CISO, Cigna
    There has been a lot of press lately on the escalating cyber threats especially from China. A panel of security experts and practitioners will discuss focus on how this press coverage has changed how organizations think about these cyber threats and what countermeasures they need or plan to implement to address escalating crimes, espionage, or warfare cyber risks.
  • Is your Network Infrastructure Adequately Protected? Recorded: May 15 2013 63 mins
    Jack Daniel: Technical Product Manager, Paul Asadoorian: Product Evangelist - Tenable Network Security
    Network devices including firewalls and routers are the gatekeepers to “endpoint” resources and are increasingly using complex software components. These devices are often remotely accessible and whose configuration changes regularly, making them susceptible to vulnerabilities and misconfigurations. To add to this, network and security teams are often separate parts of an organization often leading to incomplete understanding of vulnerable infrastructure. In this webcast, we examine how to identify vulnerable devices and communicate them across multiple teams and ultimately fortify these devices from configuration and security issues.
  • Increase Security Effectiveness with the 20 Critical Security Controls Recorded: May 1 2013 64 mins
    Ron Gula (CEO) & Jack Daniel (PM) - Tenable Network Security
    Automating the 20 Critical Security Controls has demonstrated reduction in risk by over 90%. Tenable is the first vendor to offer an integrated real-time risk management solution to help organizations easily implement these controls.
  • How Will CDM Impact Your Organization? Recorded: Apr 10 2013 59 mins
    Ron Gula, CEO, and Paul Crutchfield, Director of Sales Engineering, Tenable
    DHS' CDM program combines the valuable lessons learned from the existing implementation of FISMA mandates, the strides made by the Cyberscope program, and the proven results of the State Department’s iPOST program. During this webinar, we will discuss:

    - Current challenges in enterprise continuous monitoring
    - How to move your program from periodic system state analysis to real-time monitoring
    - A glimpse into the future: DHS CDM and it's affect on security and regulatory compliance
  • Geeking Out with Marcus Ranum - Take 2 Recorded: Apr 3 2013 60 mins
    Marcus Ranum, CSO of Tenable, and special guest, Ron Dilley
    Defining "normal" is one of the hardest things we do in security (the other is trying to get people to write perfect code!), but there are a few tricks that work. In this second session, Marcus Ranum and Ron Dilley will be talking about detection algorithms and the problem of defining "normal" network activity.
Industry-expert insights on overcoming critical security challenges
Tenable Network Security brings you critical, timely insights and advice on how to protect your IT infrastructure from the latest threats and ensure compliance and clean audits, while effectively understanding and communicating risk. With guests including renowned technical experts and specialists, senior executives, and industry leaders, you’ll gain multiple perspectives on how to address IT security challenges — along with the practical, hands-on advice you need to stay ahead of threats.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Case for Integral Attack Path Analysis
  • Live at: Jun 19 2012 5:00 pm
  • Presented by: Mark Bouchard, AimPoint Group Founder and Principal Analyst and Ron Gula, Tenable CEO
  • From:
Your email has been sent.
or close
You must be logged in to email this