Browse communities
Browse communities
Presenting a webinar?

Dissecting the 2013 Vulnerability Landscape

Morten Stengaard – Secunia CTO and Kasper Lindgaard – Secunia Head of Research
Every year Secunia releases a review of the vulnerability landscape, based on its vulnerability research and data from its Personal Software Inspector (PSI) user base.
The data in this research helps security professionals around the globe make sense of the evolution of the threat landscape and the trends throughout the year.
In this webinar, Secunia’s CTO, Morten Stengaard and Head of Research, Kasper Lindgaard, will interpret the data presented in the Secunia Vulnerability Review 2014 and answer questions. The review will be released on 26th February at 20:00 CET.
Before 26th February, you can pre-register to receive a copy of the review as soon as it is released, at:
http://secunia.com/resources/reports/vr2014/

Key takeaways:
-The number of vulnerabilities and zero-days detected in 2013
-The security state of browsers and PDF readers
-How quick vendors are to respond to vulnerabilities
-Which programs are more vulnerable
Mar 20 2014
39 mins
Dissecting the 2013 Vulnerability Landscape
Join us for this summit:
More from this community:

IT Security

  • Live and recorded (5371)
  • Upcoming (110)
  • Date
  • Rating
  • Views
  • CyberEdge Group, a premier information security research firm, recently announced the results of its 2015 Cyberthreat Defense Report. Designed to complement Verizon’s annual Data Breach Investigations Report, this report provides a 360-degree view of organizations’ security threats, current defenses, and planned investments. Over 800 security decision makers and practitioners from across North America and Europe were surveyed in December 2014. Attend this insightful webinar to learn:

     How many were affected by a successful data breach in 2014
     How many think they’ll be victimized in 2015
     What portion of IT spending is dedicated to security
     Which cyberthreats concern security professionals the most
     Which security defenses are present or planned for acquisition
     Plus two dozen additional insights from security professionals just like you
  • CyberEdge Group, a premier information security research firm, recently announced the results of its 2015 Cyberthreat Defense Report. Designed to complement Verizon’s annual Data Breach Investigations Report, this report provides a 360-degree view of organizations’ security threats, current defenses, and planned investments. Over 800 security decision makers and practitioners from across North America and Europe were surveyed in December 2014. Attend this insightful webinar to learn:

     How many were affected by a successful data breach in 2014
     How many think they’ll be victimized in 2015
     What portion of IT spending is dedicated to security
     Which cyberthreats concern security professionals the most
     Which security defenses are present or planned for acquisition
     Plus two dozen additional insights from security professionals just like you
  • With data breaches and data leakage incidents becoming front page news, cyber investigations are taking on more importance within organizations. This calls for a new set of skills to be developed such as the ability to work with all levels of law enforcement, lawyers and attorneys and within the judicial system. Many of these investigations will call for the cybersecurity practitioner to be a witness and give testimony. What's the best way to do this to protect yourself and the organization, while also providing the information that will help law enforcement and the justice system to get the information they need? Join (ISC)2 on March 26, 2015 at 1:00PM Eastern for our next "From the Trenches" webcast where we'll talk about what it means to be an expert witness and the best practices for serving as one.
  • As a security professional, you are on constant alert for external threats. But many breaches are caused internally by incorrect configuration of IT resources, including SSL. To help improve how encryption is used, Qualys created a research project called SSL Labs to address two major problems of the ecosystem: lack of tools and documentation.
  • As organizations work hard to ensure complete anti-malware coverage on desktops, servers, and at the perimeter, attackers are already moving on to techniques completely outside those detected by traditional security tools. Enterprises must consider alternative approaches to defending their infrastructure and turn their focus to tools, products and techniques that approach security in new and different ways.

    In this webinar, Eric and Dave will discuss:

    • How the volume of system alerts from Network Security solutions are creating lots of noise but lack context to focus on the real threats facing your data
    • How to stop advanced threats – with no advance knowledge of the tools or malware – by following the attack sequence
    • Why bridging the gap between system security and data protection is the key to stopping ever increasing sophisticated attackers from stealing your data
  • This webinar draws on Bradford Networks’ extensive BYOD experience to help organizations avoid the landmines that plague BYOD initiatives.

    Attend this webinar and you will learn how to avoid:
    • Organizational Resistance - Establish and manage a cross-functional committee of stakeholders to build consensus
    • Support Burden - Leverage proven techniques to educate end users and minimize help desk calls
    • User Frustration - Implement ultra flexible BYOD policies without compromising security
    • Onboarding Latency - Maximize the end users’ ability to self-administer new and lost/stolen devices
    • Vulnerable Endpoints – Guided remediation for user devices that are under-protected and non-compliant
  • Attackers always have a goal in mind and it’s up to you to understand how they will get there. But how is that possible when there is simply too much data to sort through and act upon?

    The upcoming release of Core Insight 4.5 adds new attack intelligence features to consolidate, normalize, and prioritize vulnerability management initiatives enterprise-wide. These features allow users to reduce the noise from scanners by more than 90%, so that you can focus on the most critical threats.

    Join us on March 26, 2015 at 1pm ET to get a sneak peek and live demo of Core Insight 4.5. Hear about new features such as:

    - User customizable and flexible reporting
    - Centralized asset store for extended scalability
    - Enhanced exploit matching and filtering
    - Interactive and adaptive attack paths
  • Attackers always have a goal in mind and it’s up to you to understand how they will get there. But how is that possible when there is simply too much data to sort through and act upon?

    The upcoming release of Core Insight 4.5 adds new attack intelligence features to consolidate, normalize, and prioritize vulnerability management initiatives enterprise-wide. These features allow users to reduce the noise from scanners by more than 90%, so that you can focus on the most critical threats.

    Join us on March 26, 2015 at 1pm ET to get a sneak peek and live demo of Core Insight 4.5. Hear about new features such as:

    - User customizable and flexible reporting
    - Centralized asset store for extended scalability
    - Enhanced exploit matching and filtering
    - Interactive and adaptive attack paths
  • Attackers are constantly trying to find new exploits to penetrate network defenses and bypass security controls. In 2014, Mandiant’s M-Trends report indicated that it takes an average of 229 days to detect the presence of a threat actor on an enterprise network. Organizations are starting to realize that the evolution in technologies alone cannot stop such incidents, as the actors continue to change their tactics.

    Organizations need to consider supplementing their security technologies and processes with their people. By leveraging employees as human sensors, we not only adopt “see something, say something”, but we are able to add an extra layer of defense and exponentially reduce detection time as well.

    In this webinar, PhishMe’s Senior Researchers Ronnie Tokazowski and Shyaam Sundhar will discuss:

    • Engaging human sensors as a layer of defense
    • Utilizing user reports to detect malware
    • Real use cases of user detection within our enterprise
  • Sutter Health is a not-for-profit health system serving more than 100 communities in Northern California. Each year its 5,000 physicians care for more than 10 million outpatient visits and discharge more than 200,000 in-patients.

    As healthcare systems transition from “fee for service” to “fee for value” reimbursement models, there is an increasing focus to drive down 30-day re-admission rates, particularly for high risk patients. To this end, Sutter Health is piloting Project RED (Re-engineered Discharge) which leverages predictive analytics to identify high-risk patients and then prescribes alternative discharge workflows aimed at lowering the risk of re-admission.

    Join us as Kristen Wilson-Jones, Sutter RD&D CTO, shares how Sutter Health has leveraged MuleSoft’s Anypoint Platform in an orchestrated plecosystem of technologies to power Project RED by enabling real-time patient risk scoring, clinical workflow management and bi-directional integration with Epic.

    Topics covered
    -------------------
    + How Sutter Health is lowering 30-day re-admission rates by re-engineeing clinical workflows
    + The need for connectivity to enable workflow re-design
    + Best practice in moving from an application-centric to a data object-centric connectivity approach
  • Channel
  • Channel profile
  • All About the Thousands of 2014 Vulnerabilities - From Secunia Research Apr 14 2015 3:00 pm UTC 45 mins
    Kasper Lindgaard, Director of Research and Security, Secunia
    Every year, Secunia Research releases a review of the global vulnerability landscape, based on their large vulnerability database and data from the Secunia Personal Software Inspector (PSI) user base.

    The data in this research provides security professionals around the world with perspective on the impact and evolution of the threat landscape and what has trended throughout the year.

    In this webinar, Secunia’s Director of Research and Security Kasper Lindgaard will discuss the data presented in the Secunia Vulnerability Review 2015 and answer questions.

    The review itself is released on March 25.

    Before March 25, you can pre-register to receive a copy of the review as soon as it is released:

    www.secunia.com/VR2015

    Key takeaways:

    - The number of vulnerabilities and zero-days detected in 2014

    - How quick vendors are to respond to vulnerabilities

    - Which programs are more vulnerable

    - How products bundled with open source applications and libraries affect security
  • How to Mitigate the Risk of Software Vulnerabilities Recorded: Mar 26 2015 32 mins
    Marcelo Pereira, Product Marketing Manager
    Software vulnerabilities remain one of the most common attack vectors for security incidents and data breaches, either as the entry point for hackers or the enabler of privileges escalation inside networks.
    Despite awareness of the risk, and the fact that most software vulnerabilities have a fix the day they are made public, organizations continue to fail to execute mitigation actions. The consequence is that we continue to see costly breaches affecting businesses around the globe.
    In this webinar, Marcelo will talk about how the use of vulnerability intelligence can be a game changer to help organizations become better at mitigating the risk of software vulnerabilities.
    Key takeaways:
    -Data related to software vulnerabilities
    -The challenge of prioritizing mitigation
    -How the use of vulnerability intelligence can help support consistent risk reduction
  • Understanding Software Vulnerabilities Recorded: Mar 24 2015 30 mins
    Marcelo Pereira, Product Marketing Manager
    Software vulnerabilities remain one of the most common attack vectors for security incidents and data breaches, either as the entry point for hackers or as the enabler of privileges escalation inside networks.
    This webinar demystifies software vulnerabilities, shows how they relate to the wider ecosystem and demonstrates how this knowledge can be used to define strategies and improve security.
    Key takeaways:
    -What is a software vulnerability
    -How a software vulnerability becomes a threat
    -A glimpse of how threats multiply
    -How addressing vulnerabilities impacts risk reduction
  • Reducing the Risk of Targeted Attacks with Intelligence Recorded: Mar 17 2015 47 mins
    Marcelo Pereira, Product Marketing Manager, Secunia
    If your intuitive response to the risk of targeted attacks is to run and get some Advanced Threat

    Protection, do yourself a favour and take a step back. The reality is that, while the number of advanced

    attacks has been increasing, the vast majority of cases still use fairly simple techniques and exploit

    publically known vulnerabilities that can be solved by regular patching or other mitigation actions.

    In this webinar we will talk about how you should use vulnerability intelligence to reduce the attack

    surface for hackers and strengthen resilience before you think of implementing ATP solutions.

    Key takeaways:

    - An overview of a multi-layered security approach

    - How to leverage vulnerability intelligence to reduce risk
  • Deploying a Configuration Manager Lab in Azure via PowerShell Recorded: Dec 16 2014 46 mins
    Trevor Sullivan, Microsoft MVP-PowerShell
    During this webinar, we will discuss the process of deploying a Microsoft System Center 2012 Configuration Manager lab environment on the Microsoft Azure platform, by using Desired State Configuration, the Azure PowerShell module, and general PowerShell automation.
  • How to mitigate the risk of APT with a multi-layered approach to security Recorded: Dec 11 2014 39 mins
    Andrei Vilcan, Head of Information Security, Banca Transilvania
    In this webinar, Andrei Vilcan will present his approach to Information Security and how he and his team work to mitigate the risk of Advanced Persistent Threat attacks at Banca Transilvania.
    He will introduce the aspects of the multi-layered approach to the Information Security strategy he is in charge of implementing, the challenges he faces and his achievements so far.
    As a Secunia CSI user, he will share how the solution helps him in one of the key areas of his strategy: security patch management.

    About Andrei: Andrei is Head of Information Security at Banca Transilvania. He has 23 years of experience in IT Management, the past 6 of which is in IT Security. He works to protect his organization’s assets, including customer data, to ensure that the business can operate without disruptions.
  • Heartbleed, Bash Bug and Poodle: What we learnt from the Big Three in 2014! Recorded: Dec 3 2014 33 mins
    Kasper Lindgaard, Director of Research and Security, Secunia
    In April, one fairly minor vulnerability - Heartbleed - sent the IT community reeling. Since then we’ve had Shellshock/Bashbug and Poodle.

    2014 was a year of high profile cases that effected massive changes in the IT community - and the lessons learnt should stay top of mind.
  • Focus: Software Vulnerability Management Recorded: Oct 14 2014 36 mins
    Marcelo Pereira, Business Development and Analyst Relations, Secunia
    RISK.

    Managing risk must start with reducing the cracks and holes through which unwelcome visitors can gain access to any valuables you want to protect.

    Software vulnerabilities are often the entry points used by cybercriminals to get into organizations and escalate attacks. For that reason, having a comprehensive overview and accurate information on software vulnerabilities is one of the critical factors to assess risk and prioritize the actions that will have a strong and consistent impact on reducing the attack surface.

    The immediate result of managing software vulnerabilities is the proactive reduction of risk, but there is another, often overlooked, benefit for organizations. Less cracks and holes means less noise for those who monitor environments for incidents and are responsible for responding to them. The outcome is improved accuracy, faster responses and lower cost.

    In this webinar we explain the intelligence that goes into managing software vulnerabilities, how it differs from basic information about vulnerabilities and how organizations can benefit from intelligence to become more secure.
  • Secunia's Corporate Software Inspector 7.0 Reviewed live Recorded: Aug 19 2014 46 mins
    Microsoft MVP Kent Agerlund, Coretech
    Walk through Secunia's Corporate Software Inspector, CSI, 7.0 with Microsoft MVP Kent Agerlund, Coretech. Kent will walk through and review Secunia's CSI 7.0 live - while demoing the tool and answering questions. In addition he will review the System Center CnfgMngr 2012 Plug-in - the add on piece to Secunia's CSI 7 solution.
  • Compelling Reasons to use Vulnerability Intelligence Recorded: Aug 12 2014 34 mins
    Marcelo Pereira, Business Development and Analyst Relations at Secunia
    Dealing with the threat of cyber-attacks becomes more complex as the methods used by hackers to break into organizations and steal valuable assets become more sophisticated. Business leaders panic when hearing about the risks of advanced targeted attacks (ATA), advanced persistent threat (APT) and other acronyms.

    As fairly simple techniques are all it takes to exploit vulnerabilities, and vulnerability exploitation is behind the majority of security breaches, one of the challenges organizations face in the race against cyber-attacks is acquiring trusted information about vulnerabilities to enable security teams to define strategies to mitigate risk.

    In this webinar we will talk about the reasons why vulnerability intelligence is a critical part of an information security strategy. We will discuss how vulnerability research, and the intelligence derived from it, can help organizations improve their security posture.

    Key takeaways:

    What makes vulnerability intelligence trustworthy

    The most effective uses of vulnerability intelligence

    How to leverage vulnerability intelligence to reduce risk
  • Work Smarter Not Harder Recorded: Aug 6 2014 58 mins
    Nash Pherson, Microsoft MVP, Now Micro
    In this one hour session, Microsoft MVP Nash Pherson and Right Click Tools Author Ryan Ephgrave will show day-to-day scenarios that all ConfigMgr Administrators will recognize, but utilize tools that make them easier. These include things like keeping your ConfigMgr infrastructure healthy and happy, taking care of ConfigMgr Clients, and deploying and troubleshooting software updates. Come see the Now Micro Right Click Tools and Secunia Corporate Software Inspector in action!
  • Patching and Compliance: A CISO's perspective to reducing risk Recorded: Jul 15 2014 48 mins
    Larry Whiteside, Chief Information Security Officer for LCRA
    Join us on Tuesday, July 15th for a Webinar with Larry Whiteside, Chief Information Security Officer for LCRA, as he discusses Patching and Compliance: A CISO's perspective to reducing risk.

    Over the past few years security has gotten caught up in the latest hype or trends related to threats. This has caused many security teams to lose focus of some basic things that can be done to mitigate new and old threats in their environment. In this Webinar we will discuss tride and true techniques to mitigate risk and help security organizations take care of some low hanging fruit.
  • Using PowerShell with ConfigMgr 2012 R2 Recorded: Jun 20 2014 50 mins
    Greg Ramsey, Microsoft MVP, Dell, Inc
    In this session, we will discuss how to use PowerShell with ConfigMgr to make your job easier. You will learn about the integrated cmdlets, as well as how to step out and leverage WMI when you need to handle those ‘special’ PackageFlags and other tasks.
  • ConfigMgr HTTPS Client Communication Recorded: Jun 19 2014 46 mins
    Jason Sandys
    HTTPS client communication enables other features within ConfigMgr including IBCM and Mac OSX support and also increases the security of client communication. The pre-requisite for HTTPS client communication and implementing HTTPS client communication is simple, right? Well, as many have found out, the added complexity of a PKI and certificates makes this task much more complex than it appears at first. This session will cover the not-so-basics along with the multiple possible pitfalls when implementing HTTPS client communication in ConfigMgr.
  • Managing 3rd Party Updates with Microsoft’s System Center Configuration Manager Recorded: Jun 18 2014 48 mins
    Meaghan McKeown, Director Business Development, Secunia
    Attend this session and learn tips and tricks on how to solve the daily challenges around patching your environment with Microsoft and non-Microsoft updates. We will outline best practices and demonstrate how to effectively patch 3rd party applications in System Center Configuration Manager.
  • Was Heartbleed Really that Critical? Recorded: Jun 18 2014 30 mins
    Kasper Lindgaard, Director Research and Security
    Was Heartbleed really that critical? What’s all the commotion about? Why did it cause so much trouble?

    Part of the answer lies in the failed disclosure of it. In early April 2014, Heartbleed was the hot topic, not only in the security media, but equally in mainstream vehicles. Very few times in the past has a vulnerability received such extensive media coverage. And even as its newsworthiness lessens, the consequences of Heartbleed continue to develop.

    In this webinar, Secunia’s Director of Research and Security, Kasper Lindgaard will present his views on the disclosure of the Heartbleed vulnerability, and how it exemplifies that an unsuccessful coordinated disclosure increases the risk of exploitation. Kasper will also talk about the impact for technology vendors using the vulnerable Heartbeat in their products, and give an overview of the number of products and vendors affected to date.

    Key takeaways:
    -Insights into the dynamics of vulnerability research and how it impacts security in the context of the Heartbleed event.
    -The impact of Heartbleed for technology vendors.
    -Figures on vendors and products affected.
    -Learnings from the Heartbleed incident for the industry and for security practitioners.
  • Strategies to Prevent ConfigMgr Oopsies Recorded: Jun 17 2014 55 mins
    Nash Pherson, Microsoft MVP
    ConfigMgr 2012 R2 is the most powerful systems management tool available… and that power may keep your manager up at night. This session will cover strategies for developing the people, process, and technical tools required to reduce the risk of an ‘oops’ with ConfigMgr. We will discuss how to develop staff members to appropriately utilize ConfigMgr, common mistakes and how to overcome them, and how to leverage the built-in Role Based Administration security model.
  • System Center Configuration Manager and the art of Compliance Management Recorded: Jun 16 2014 47 mins
    Kent Agerlund, Microsoft MVP, Coretech
    With Compliance Settings aka Management you can combine all the cool features in Configuration Manager into a single set of rule. In this session you will learn how to use compliance settings to control your Windows environment, Apple Mac OS X environment and your mobile devices.
  • Dissecting the 2013 Vulnerability Landscape Recorded: Mar 20 2014 39 mins
    Morten Stengaard – Secunia CTO and Kasper Lindgaard – Secunia Head of Research
    Every year Secunia releases a review of the vulnerability landscape, based on its vulnerability research and data from its Personal Software Inspector (PSI) user base.
    The data in this research helps security professionals around the globe make sense of the evolution of the threat landscape and the trends throughout the year.
    In this webinar, Secunia’s CTO, Morten Stengaard and Head of Research, Kasper Lindgaard, will interpret the data presented in the Secunia Vulnerability Review 2014 and answer questions. The review will be released on 26th February at 20:00 CET.
    Before 26th February, you can pre-register to receive a copy of the review as soon as it is released, at:
    http://secunia.com/resources/reports/vr2014/

    Key takeaways:
    -The number of vulnerabilities and zero-days detected in 2013
    -The security state of browsers and PDF readers
    -How quick vendors are to respond to vulnerabilities
    -Which programs are more vulnerable
  • Custom Data Gathering and Use with ConfigMgr, Part 2 Recorded: Feb 18 2014 50 mins
    Jason Sandys, Enterprise Client Management MVP
    This Webinar is a follow-on session from part 1 presented at System Center Universe and will focus on advanced ways to gather use data within System Center Configuration Manager (ConfigMgr); it will build on the part 1 material including some advanced inventory techniques including the use and creation of data discovery records (DDRs). It will also tackles some of the common challenges and how to overcome them when gathering data from managed systems.
Take pre-emptive action against vulnerabilities and security breaches
Secunia is recognised industry-wide as a pioneer and global player within the IT security ecosystem, in the niche of Vulnerability Management. Our award-winning portfolio equips corporate and private customers worldwide with Vulnerability Intelligence, Vulnerability Assessment, and automated Patch Management tools to manage and control vulnerabilities across their networks and endpoints.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Dissecting the 2013 Vulnerability Landscape
  • Live at: Mar 20 2014 3:00 pm
  • Presented by: Morten Stengaard – Secunia CTO and Kasper Lindgaard – Secunia Head of Research
  • From:
Your email has been sent.
or close
You must be logged in to email this