Name: Active Directory Log4Shell Risks: What You Need to Know to Protect Your Network
Start: 2022-03-24T20:30:00Z
End: 2022-03-24T20:30:17.000Z
Location: BrightTALK
Rating: 0

Tenable®, Inc. is the Cyber Exposure company. Over 30,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 30 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.

Results from our global 2024 Cloud Security Outlook study are out! In the past 18 months, 95% of organizations surveyed had cloud-related breaches, and many were harmed by exposed sensitive data. To gain insight into the report findings, as well as real-world innovations that can make your enterprise's cloud security investments more effective, join our team of cloud security experts to explore:

>> Best practices to reduce the risk of cloud data breaches
>> How to strengthen the weakest link in your cloud security environment
>> Top key performance indicators (KPIs) that organizations are using to show the return on their security investments

Tenable Cloud Security Outlook Report 2024

Water and wastewater utilities are critical to public health and safety. Recognizing the ever-present and evolving nature of cyber threats, state, and local government agencies need to prioritize the security of water systems and protect these vital services from disruption. 

You can elevate your cybersecurity knowledge and capabilities by checking out this expert-led on-demand webinar, providing actionable insights and strategies for public-sector water utilities.

Topics covered:

>> A brief review of the threat landscape targeting the water sector
>> Regulation, legislation, and funding opportunities
>> Best practices and proactive measures to bolster your cybersecurity resilience and protect your operations
>> How Tenable OT Security helps strengthen your cyber defenses and safeguard your services

Safeguarding Your Water Utility: Tenable Experts Share Cybersecurity Insights

Learn how Tenable Cloud Security helps you implement AWS security best practices and reduce risk across even the most complex environments.
Are you looking to strengthen the security and boost the compliance of your AWS deployments? Join Lior Zatlavi, Director of Cloud Security Advocacy at Tenable, for an insightful webinar sharing practical guidance and best practices for securing your AWS environment.

During this on-demand webinar, Lior reviews key concepts from understanding the shared responsibility model to governing and reporting on compliance frameworks such as the AWS Well-Architected, covering:

>> Implementing robust access controls and identity management best practices
>> Enhancing visibility and monitoring capabilities to better detect and respond to security incidents and maintain compliance
>> Identifying and preventing common misconfigurations and security pitfalls
>> How Tenable Cloud Security effectively automates and simplifies AWS security best practices and compliance efforts

Secure Your AWS Environment with Confidence

Learn how to develop a comprehensive vulnerability management program that balances operational continuity with risk reduction.

Vulnerabilities are inevitable in complex operational technology (OT) environments. While patching and remediation are ideal, some vulnerabilities may remain unaddressed due to operational constraints, legacy systems, or vendor limitations.

Join us for this on-demand episode of “In The Lab with Tenable OT Security” to explore effective strategies for mitigating risks from vulnerabilities that cannot be immediately remediated. Topics covered include:

>> Identifying and prioritizing non-remediable vulnerabilities in your OT environment using Tenable OT Security
>> Understanding the potential operational impact and risk exposure of these vulnerabilities
>> Implementing compensating controls and mitigation techniques to reduce attack surface and exploitation risk
>> Developing comprehensive vulnerability management programs aligning with best practices, and compliance requirements, and balancing operational continuity with risk reduction

Risk Mitigation When You Cannot Remediate Vulnerabilities On Critical OT Systems

The Tenable OT Security integration with Splunk provides deeper visibility into OT assets, vulnerabilities, and threats, enabling more informed risk assessment and faster, more effective incident investigation and response. For guidance on making this happen, check out this on-demand webinar with experts from Tenable and Splunk exploring the capabilities and benefits of the integrated Tenable OT Security and Splunk solution.

Topics covered:

>> Achieving comprehensive visibility and asset inventory across your organization’s entire IT-OT attack surface
>> Enhanced security monitoring, risk-based decision-making, and incident investigation and response
>> Streamlined compliance monitoring and reporting for requirements of NERC CIP and common regulations and frameworks

Splunk & Tenable Optimize Security Across Your IT/OT Enterprise Attack Surface

Conventional wisdom suggests larger budgets and staff equate to greater security. In practice, these investments are often made in silos, leading to fragmented visibility across the attack surface. Lacking the attacker’s perspective, teams can be inundated by alert noise, making it hard to see the forest through the trees. So, how can you optimize outcomes from cyber investments to deliver measurable improvements in risk posture?

For answers, check out this on-demand webinar hosted by Tenable's Director of Exposure Management, Pierre Coyne, and Manager, Security Engineering, Michael Morgan. Topics covered include:

>> The limitations of siloed security and how threat actors exploit them
>> Five steps to improve visibility and prioritization across traditionally siloed security programs, including vulnerability, cloud, web, identity, and OT
>> Approaches to align cyber spend and resources to business goals
>> Key indicators that will help you drive measurable exposure reduction

5 Steps to Help You Optimize Prioritization and Disrupt Attack Paths

For insights into why tagging remains crucial for effective cloud resource management, and guidance for mitigating issues caused by inconsistent tagging, don’t miss this on-demand Tenable webinar exploring:

>> Lessons learned from breaches caused by poor tagging and cloud resource hygiene
>> Implementing strategic workflows to test automation scripts and exception handling
>> How and why you should be using policy-as-code to enforce proper tagging and policy definition
>> How Tenable Cloud Security helps optimize your tagging efforts

Tag, You’re It! Best Practices for Optimizing Your Cloud Tagging Strategy

According to VMWare’s The State of Kubernetes 2023 report, 52% of you struggle to meet Kubernetes security and compliance requirements. This is no surprise. From risky default configurations to vulnerable container images, when it comes to Kubernetes, there’s no shortage of security challenges to address.

To get your K8s security on track, don’t miss our March CloudCover session, covering key questions such as:

>> How to get visibility into Kubernetes clusters?
>> What are the top things Kubernetes security newbies need to know?
>> How can you control access to Kubernetes APIs and running clusters and ensure the security of privileged containers

Kubernetes Confessions: Put An End to Those Risky K8s Security Sins

For guidance on ways you can more effectively secure your interconnected OT-IT-IoT environment, join our panel of experts: Joseph Price, OT Cybersecurity Program Lead, Deloitte, Mark Weatherford, Chief Cybersecurity Strategist, Coalfire, Marty Edwards, Deputy CTO for OT/IoT, Tenable, and Nathan Wenzler, Chief Security Strategist, Tenable for this webinar exploring:

>> Why CISOs need to understand the risk created by exponential growth in connected OT and IoT devices

>> Closing visibility gaps to more effectively manage risk and make informed decisions

Minimize the Risk Posed by Your Interconnected IT/OT/IoT Environments

As your organization ramps up hybrid and multi-cloud deployments, your security team may be challenged to keep pace. How do you reduce complexity, minimize exposures, enforce least privilege, and prioritize security gaps at scale without overextending your resources?

For answers, don’t miss this on-demand webinar exploring how Tenable Cloud Security extends Tenable’s trusted vulnerability management capabilities to the cloud, supercharging your security program with contextual prioritization and guided remediation, giving your team the tools needed to become cloud security experts in less than 48 hours.

How to Make Your Security Team Experts In Cloud Security In Less Than 48 Hours

Check out this on-demand webinar to learn how you can operationalize identity security to achieve accurate real-time risk prioritization and Continuous Threat Exposure Management (CTEM).

On their own, flaws and weaknesses in your Active Directory and Entra ID (formerly Azure AD) environments expose your organization to potentially grave consequences. At the same time, these gaps in identity hygiene impact your organization’s overall level of cyber risk.

Watch this on-demand webinar and learn how you can effectively operationalize identity-first security, gaining valuable context for assessing and prioritizing risk across your entire attack surface.

Topics covered will include:

>> How identity insights add contextual intelligence for improving your risk-assessment strategies

>> Best practices for creating a mature identity security program that enables real-time risk prioritization and Continuous Threat Exposure Management (CTEM)

>> How Tenable helps develop your zero-trust security program to optimal levels

Identity Risk Prioritization and Continuous Threat Exposure Management (CTEM)

Whether for economic gain or achieving some malicious outcome, threat actors are doing their best to target and disrupt your most critical business functions. To mount an effective defense, you must bridge the gap between traditional IT cybersecurity practices and the specialized needs of OT environments.

>> Learn how Tenable empowers you to secure your entire attack surface by watching this on-demand webinar exploring key capabilities of Tenable One for OT/IoT, including:

>> Why a converged solution is needed, how it works, and enables proactive security across your entire converged attack surface
How Tenable One for OT/IoT breaks down silos and functions to make your operations more secure, effective, and safe

Reduce Risk Across Your Entire IT, OT, and IoT Attack Surface Now

Using research and analyses from multiple sources, this session will discuss how to formulate a strategy to reduce visibility gaps and communicate business risk tied to your exposure. Watch now to learn about:
• Least Privilege Access Control (Everywhere)
• Attack Surface Management
• Cyber Exposure Score

Cloud Security and Exposure Management: Priorities, Barriers and Risks

Learn how you can effectively discover, quantify, and assess risk in your OT/ICS attack surface.
You cannot successfully defend and protect your organization without having a complete, detailed, and timely inventory of your entire OT/ICS attack surface. This includes the device and system configuration data required for assessing vulnerabilities, safety issues, and potential attacks.

To learn how you can master your OT/ICS asset inventory, join Dick Bussiere, Principal OT Security Engineer with Tenable, for this webinar covering the following topics:

>> Overcoming common asset discovery challenges and fallacies
>> The differences between passive and active discovery, how they work, the benefits of each technique, and when to use them
>> Going beyond asset discovery, to capture the data needed for effective risk analysis and security/operational decision-making

Capture the Complete OT/ICS Asset Inventory You Need to Protect Your Operations

Real-world identity insights for security, cloud, and IAM practitioners.

Your organization’s identity and access management efforts have far-reaching implications on overall security posture. Understanding the similarities and differences between identities and entitlements across your cloud and on-prem attack surface is central to a preventive security program.

During this CloudCover session, Tenable experts discuss the nuances of identity risk management across multi-cloud and on-prem environments. By participating you will gain insights into practices DevOps, IAM, and security teams can use to protect your environment and block bad actors from lateral movement.

Securing Identities Across Your Entire Attack Surface

Cloud infrastructure is an attacker’s playground. So how do you reduce your attack surface?

Join us to find out how you can leverage an identity-first CNAPP approach for full asset discovery, deep risk analysis, runtime threat detection & compliance reporting. In this on-demand webinar, Lior Zatlavi will explain how to use powerful visualization, prioritization & remediation tools to close the cloud expertise gap. By watching you  will learn how to:

>> Leverage an identity-first CNAPP approach for full asset discovery, deep risk analysis, runtime threat detection & compliance reporting
>> Automate cloud infrastructure security to reduce your cloud attack surface
>> Empower stakeholders to drive accurate risk prioritization and remediation across complex multi-cloud environments

Leveraging CNAPP to Close the Cloud Security Expertise Gap

Join experts from Tenable and HCLSoftware for this on-demand webinar exploring ways to streamline patching and optimize your remediation efforts.
As your attack surface expands and vulnerabilities proliferate, having an efficient patching process, with little to no friction between infosec and IT teams, is crucial for maintaining an effective cybersecurity posture. So, what’s needed to make this happen for your organization?

For guidance and practical advice, check out this on-demand webinar with experts from Tenable and HCLSoftware covering the following topics:

>> What makes a “critical” vulnerability “critical” and how does this get in the way of effective patching?/li>

>> Closing the communication gap between security and IT teams to enhance security, compliance, and patching efficiency

>> How key capabilities of the combined Tenable-HCL BigFix solution streamline patching and optimize remediation efforts

When it Comes to Vulnerabilities, “Critical” Doesn’t Always Mean “Critical...”

Learn How to Unlock the Power of Integrations with the Tenable OT Security API

This on-demand session provides an introduction to the Tenable OT Security API, sharing use cases and step-by-step instructions for leveraging the API. Topics covered include:

>> An overview of pyTenable, the Python library used for interacting with the Tenable OT Security API
>> Step-by-step guidance on enabling the Tenable OT Security API
>> An overview of GraphQL and the GraphiQL playground
>> Top Tenable OT Security API use cases

In the Lab with Tenable OT Security, January 2024 - API Primer

By watching this video you will get a better understanding of how Log4J (Log4Shell) exploitation can impact your Active Directory environment and overall security posture, and steps you can take to mitigate the threat.

Active Directory Log4Shell Risks: What You Need to Know to Protect Your Network

Log4Shell

Log4J

Active Directory

Cyber Attacks

Cyber Threats

Attack Vectors

Cyber Security

Information Security

Vulnerabilities

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Active Directory Log4Shell Risks: What You Need to Know to Protect Your Network

Presented by

About this talk

More from this channel