Name: 5 Active Directory Security Settings Attackers Leverage
Start: 2021-06-23T13:36:00Z
End: 2021-06-23T13:36:28.000Z
Location: BrightTALK
Rating: 0

Tenable®, Inc. is the Cyber Exposure company. Over 30,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 30 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.

Conventional wisdom suggests larger budgets and staff equate to greater security. In practice, these investments are often made in silos, leading to fragmented visibility across the attack surface. Lacking the attacker’s perspective, teams can be inundated by alert noise, making it hard to see the forest through the trees. So, how can you optimize outcomes from cyber investments to deliver measurable improvements in risk posture?

For answers, check out this on-demand webinar hosted by Tenable's Director of Exposure Management, Pierre Coyne, and Manager, Security Engineering, Michael Morgan. Topics covered include:

>> The limitations of siloed security and how threat actors exploit them
>> Five steps to improve visibility and prioritization across traditionally siloed security programs, including vulnerability, cloud, web, identity, and OT
>> Approaches to align cyber spend and resources to business goals
>> Key indicators that will help you drive measurable exposure reduction

5 Steps to Help You Optimize Prioritization and Disrupt Attack Paths

For insights into why tagging remains crucial for effective cloud resource management, and guidance for mitigating issues caused by inconsistent tagging, don’t miss this on-demand Tenable webinar exploring:

>> Lessons learned from breaches caused by poor tagging and cloud resource hygiene
>> Implementing strategic workflows to test automation scripts and exception handling
>> How and why you should be using policy-as-code to enforce proper tagging and policy definition
>> How Tenable Cloud Security helps optimize your tagging efforts

Tag, You’re It! Best Practices for Optimizing Your Cloud Tagging Strategy

According to VMWare’s The State of Kubernetes 2023 report, 52% of you struggle to meet Kubernetes security and compliance requirements. This is no surprise. From risky default configurations to vulnerable container images, when it comes to Kubernetes, there’s no shortage of security challenges to address.

To get your K8s security on track, don’t miss our March CloudCover session, covering key questions such as:

>> How to get visibility into Kubernetes clusters?
>> What are the top things Kubernetes security newbies need to know?
>> How can you control access to Kubernetes APIs and running clusters and ensure the security of privileged containers

Kubernetes Confessions: Put An End to Those Risky K8s Security Sins

For guidance on ways you can more effectively secure your interconnected OT-IT-IoT environment, join our panel of experts: Joseph Price, OT Cybersecurity Program Lead, Deloitte, Mark Weatherford, Chief Cybersecurity Strategist, Coalfire, Marty Edwards, Deputy CTO for OT/IoT, Tenable, and Nathan Wenzler, Chief Security Strategist, Tenable for this webinar exploring:

>> Why CISOs need to understand the risk created by exponential growth in connected OT and IoT devices

>> Closing visibility gaps to more effectively manage risk and make informed decisions

Minimize the Risk Posed by Your Interconnected IT/OT/IoT Environments

As your organization ramps up hybrid and multi-cloud deployments, your security team may be challenged to keep pace. How do you reduce complexity, minimize exposures, enforce least privilege, and prioritize security gaps at scale without overextending your resources?

For answers, don’t miss this on-demand webinar exploring how Tenable Cloud Security extends Tenable’s trusted vulnerability management capabilities to the cloud, supercharging your security program with contextual prioritization and guided remediation, giving your team the tools needed to become cloud security experts in less than 48 hours.

How to Make Your Security Team Experts In Cloud Security In Less Than 48 Hours

Check out this on-demand webinar to learn how you can operationalize identity security to achieve accurate real-time risk prioritization and Continuous Threat Exposure Management (CTEM).

On their own, flaws and weaknesses in your Active Directory and Entra ID (formerly Azure AD) environments expose your organization to potentially grave consequences. At the same time, these gaps in identity hygiene impact your organization’s overall level of cyber risk.

Watch this on-demand webinar and learn how you can effectively operationalize identity-first security, gaining valuable context for assessing and prioritizing risk across your entire attack surface.

Topics covered will include:

>> How identity insights add contextual intelligence for improving your risk-assessment strategies

>> Best practices for creating a mature identity security program that enables real-time risk prioritization and Continuous Threat Exposure Management (CTEM)

>> How Tenable helps develop your zero-trust security program to optimal levels

Identity Risk Prioritization and Continuous Threat Exposure Management (CTEM)

Whether for economic gain or achieving some malicious outcome, threat actors are doing their best to target and disrupt your most critical business functions. To mount an effective defense, you must bridge the gap between traditional IT cybersecurity practices and the specialized needs of OT environments.

>> Learn how Tenable empowers you to secure your entire attack surface by watching this on-demand webinar exploring key capabilities of Tenable One for OT/IoT, including:

>> Why a converged solution is needed, how it works, and enables proactive security across your entire converged attack surface
How Tenable One for OT/IoT breaks down silos and functions to make your operations more secure, effective, and safe

Reduce Risk Across Your Entire IT, OT, and IoT Attack Surface Now

Using research and analyses from multiple sources, this session will discuss how to formulate a strategy to reduce visibility gaps and communicate business risk tied to your exposure. Watch now to learn about:
• Least Privilege Access Control (Everywhere)
• Attack Surface Management
• Cyber Exposure Score

Cloud Security and Exposure Management: Priorities, Barriers and Risks

Learn how you can effectively discover, quantify, and assess risk in your OT/ICS attack surface.
You cannot successfully defend and protect your organization without having a complete, detailed, and timely inventory of your entire OT/ICS attack surface. This includes the device and system configuration data required for assessing vulnerabilities, safety issues, and potential attacks.

To learn how you can master your OT/ICS asset inventory, join Dick Bussiere, Principal OT Security Engineer with Tenable, for this webinar covering the following topics:

>> Overcoming common asset discovery challenges and fallacies
>> The differences between passive and active discovery, how they work, the benefits of each technique, and when to use them
>> Going beyond asset discovery, to capture the data needed for effective risk analysis and security/operational decision-making

Capture the Complete OT/ICS Asset Inventory You Need to Protect Your Operations

Real-world identity insights for security, cloud, and IAM practitioners.

Your organization’s identity and access management efforts have far-reaching implications on overall security posture. Understanding the similarities and differences between identities and entitlements across your cloud and on-prem attack surface is central to a preventive security program.

During this CloudCover session, Tenable experts discuss the nuances of identity risk management across multi-cloud and on-prem environments. By participating you will gain insights into practices DevOps, IAM, and security teams can use to protect your environment and block bad actors from lateral movement.

Securing Identities Across Your Entire Attack Surface

Cloud infrastructure is an attacker’s playground. So how do you reduce your attack surface?

Join us to find out how you can leverage an identity-first CNAPP approach for full asset discovery, deep risk analysis, runtime threat detection & compliance reporting. In this on-demand webinar, Lior Zatlavi will explain how to use powerful visualization, prioritization & remediation tools to close the cloud expertise gap. By watching you  will learn how to:

>> Leverage an identity-first CNAPP approach for full asset discovery, deep risk analysis, runtime threat detection & compliance reporting
>> Automate cloud infrastructure security to reduce your cloud attack surface
>> Empower stakeholders to drive accurate risk prioritization and remediation across complex multi-cloud environments

Leveraging CNAPP to Close the Cloud Security Expertise Gap

Join experts from Tenable and HCLSoftware for this on-demand webinar exploring ways to streamline patching and optimize your remediation efforts.
As your attack surface expands and vulnerabilities proliferate, having an efficient patching process, with little to no friction between infosec and IT teams, is crucial for maintaining an effective cybersecurity posture. So, what’s needed to make this happen for your organization?

For guidance and practical advice, check out this on-demand webinar with experts from Tenable and HCLSoftware covering the following topics:

>> What makes a “critical” vulnerability “critical” and how does this get in the way of effective patching?/li>

>> Closing the communication gap between security and IT teams to enhance security, compliance, and patching efficiency

>> How key capabilities of the combined Tenable-HCL BigFix solution streamline patching and optimize remediation efforts

When it Comes to Vulnerabilities, “Critical” Doesn’t Always Mean “Critical...”

Learn How to Unlock the Power of Integrations with the Tenable OT Security API

This on-demand session provides an introduction to the Tenable OT Security API, sharing use cases and step-by-step instructions for leveraging the API. Topics covered include:

>> An overview of pyTenable, the Python library used for interacting with the Tenable OT Security API
>> Step-by-step guidance on enabling the Tenable OT Security API
>> An overview of GraphQL and the GraphiQL playground
>> Top Tenable OT Security API use cases

In the Lab with Tenable OT Security, January 2024 - API Primer

Join former Gartner analyst Tom Croll for insights on leveraging CNAPPs to enhance security, agility, and competitive advantage in the cloud era.

Cloud Native Application Security Platforms (CNAPPs) are revolutionizing the way modern organizations practice cybersecurity. Led by co-creator of CNAPP, cloud security architect, CTO, and former Gartner analyst Tom Croll, this on-demand webinar provides a deep dive into the strategic application of CNAPPs, sharing practical advice and guidance, including:

>> Demystifying the fundamentals of CNAPPs, their architecture, and how they differ from traditional security models
>> Exploring the tangible security and business benefits of CNAPPs, including risk reduction, improved compliance, and enhanced agility in responding to security threats
>> Practical guidance on integrating CNAPPs into existing security frameworks, emphasizing minimal disruption and maximizing efficiency
>> Plus, Tom will share his thoughts on cloud security trends for 2024

Harness the Power of Cloud Native Application Security Platforms (CNAPPs)

Check out this on-demand webinar for insights into the mechanisms and paradigms Azure provides for managing permissions. The session also shares best practices and lessons learned from large Tenable customers regarding the effective use of Tenable Cloud Security to address Azure entitlement challenges.

Key things you will learn:

>> How Azure entitlements work
>> How to manage Azure identities and security posture at scale
>> How to gain visibility into entitlements granted in Azure subscriptions
>> Why applying change control to permissions is essential
>> How to remediate over-privileged identities using activity log tracking

Best Practices for Managing Azure Identities and Security Posture at Scale

For organizations reliant on operational technologies, one of the important threat detection frameworks is MITRE ATT&CK® for ICS. Based on real actions exhibited by threat actors, MITRE ATT&CK for ICS is a variant of the enterprise and mobile ATT&CK matrices, and is regularly updated to reflect the latest adversary behaviors.

Join Dick Bussiere for this on-demand webinar to learn the techniques attackers use to compromise OT infrastructures. By understanding the techniques, you can proactively bolster your security posture with Tenable.ot. Through discussion and demonstration, the session will explore:

> Using MITRE to think like an attacker and become more proactive
> Ways to incorporate MITRE ATT&CK for ICS into your overall OT security workflows
> How Tenable.ot maps to the ATT&CK techniques and tactics

The MITRE ATT&CK for ICS Framework... And What to do About it

Join Tenable and guest presenter, Brian Wrozek, Principal Analyst, Forrester to explore opportunities and challenges facing your OT/ICS security team in 2024. Topics covered:

>> New attack tactics and defense techniques

>> What to expect from an evolving regulatory landscape and the market for cyber insurance

>> Business drivers leading to OT/IoT/IIoT device adoption and OT vs. IT return on investment and budget allocation

2024 OT Security Trends – From the Boardroom to the Industrial Floor

Check out this on-demand webinar for insights into the development of the National Security Telecommunications Advisory Committee (NSTAC) draft report, and a discussion about its recommendations for improving the security of your converged IT/OT systems.

Led by experts who contributed to the NSTAC report, this webinar shares key findings, recommendations and guidance for measures you can take to improve the resilience of your organization's IT/OT networks and systems. Though focused on Federal Civilian Agencies, the report and its findings are relevant for all public and private sector organizations reliant on OT.

The Time for Prioritizing Your IT/OT Cybersecurity is Now

Everyone knows Active Directory. Not only is it a seasoned IAM, nearly every organization in the world uses it. That said, there are many built-in configurations and processes that “just work” without the need for any manual configurations. Many administrators are not aware these exist. Surprise: the attacker does and leverages them to move laterally and gain privileges.

In this webinar you will learn:

• How an attacker can leverage the SDProp process
• Which service account configurations attackers look for
• How an old Unix attribute can cause an immediate privilege elevation
• How a migration-related attribute can allow domain admin privileges
• What details you need to verify for your trusts

Looking for concrete actions to fortify your organization's security today? Start watching.

5 Active Directory Security Settings Attackers Leverage

Active Directory

Cyber Security

Cyber Attacks

Ransomware

Information Security

Microsoft

Cyber Defence

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

5 Active Directory Security Settings Attackers Leverage

Presented by

About this talk

More from this channel