Hi [[ session.user.profile.firstName ]]

Using Crowd-Sourced Threat Intelligence to Stay Ahead of Exploits

As part of developing a vulnerability management strategy, it’s important to think through the “what if” scenarios that you need to defend against. However, if you’re only considering your own knowledge of potential threats, your plan will likely be incomplete. Join Jaime Blasco, Director of AlienVault labs for a discussion on how to use collaborative threat intelligence to strengthen your vulnerability management strategy. In this session, Jaime will cover:
Trends in the global threat landscape
The value of data diversity in threat intelligence
How to use threat intelligence to inform your vulnerability management strategy
Recorded Nov 7 2013 37 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Jaime Blasco Director, AlienVault Labs AlienVault
Presentation preview: Using Crowd-Sourced Threat Intelligence to Stay Ahead of Exploits

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • How Smart Security Teams Use Cyber Threat Intelligence Sep 19 2017 5:00 pm UTC 60 mins
    Sacha Dawes, Principal Product Marketing Manager, AlienVault
    As malware and ransomware become more commercialized, and the evolution of threats accelerates, it’s hard for organizations to keep up – even when they have multiple security products deployed. The latest SANS Cyber Threat Intelligence Survey showed that organizations using threat intelligence can gain dramatic improvements in visibility into threats, to enable a faster and more accurate response.

    Join AlienVault for this practical session to learn how smart security teams are integrating cyber threat intelligence into their day to day operations. You'll learn:
    - What threat intelligence is, and how it speeds threat detection and incident response
    - Key questions to help you evaluate threat intelligence sources and plan for integrating it into your operations
    - How AlienVault USM Anywhere integrates threat intelligence with other security capabilities to save valuable time
    - A demo of AlienVault USM Anywhere showing how threat intelligence adds valuable context to alarms
  • AlienVault Partner Program: An Intro to AlienVault USM Recorded: Aug 17 2017 60 mins
    Mike LaPeters, VP Global Channel Sales & Garrett Gross, Director of Field Enablement
    Watch our partner webcast to learn about our award-winning, easy-to-sell AlienVault® USM™ platform and the AlienVault Partner Program. SIEM solutions integrate and analyze the data produced by other security technologies but unfortunately most mid-market organizations don't have the resources and time to create and maintain the data correlation rules that make SIEM solutions useful. This offers an opportunity for you to capitalize on the benefits of AlienVault USM. Once your prospects understand our approach to unified security management, it becomes a very quick sales cycle.

    An intro to AlienVault USM
    How to identify prospects quickly with a simple set of questions
    How to sell the benefits of USM for easier and faster threat detection
  • How to Grow and Accelerate your Managed Security Business Recorded: Aug 17 2017 33 mins
    Garrett Gross, Director Field of Enablement
    Security continues to be one of the top three IT concerns for SMB, mid-market and large enterprise customers. Security and Cloud continue to be the top two industry/market spend opportunities for the channel to invest in, according to CompTIA’s 2016 Annual IT Report. The opportunity for MSPs to become Managed Security Service Providers (MSSPs) is exploding – as is the opportunity for MSSPs to strengthen and expand their bottom line and market share. If you are interested in expanding your current MSP practice with security offerings, please watch this “How-to" discussion on building and growing an MSSP. We discuss best practices and illustrate what “best in class” looks like when it comes to:

    Common security challenges for the mid-market
    Considerations when selecting security vendor partners and ensuring a profitable practice
    Operational, financial, and process considerations that are key to a successful MSSP
    Essential skills critical to build successful MSSPs
    Solutions, business resources, tools, and programs available to enable the success of an MSSP
    In addition, we discuss some common mistakes MSSPs make and how to avoid those when building your practice.
  • Threat Intelligence: The MSP’s Secret Weapon Recorded: Aug 17 2017 34 mins
    Garrett Gross, Director Field of Enablement
    One of the biggest challenges when creating a managed security offering is developing threat intelligence and instrumenting it with existing security controls. This challenge is magnified exponentially as a company's client base grows and needs evolve.

    In this session, you’ll learn about the benefits of building your service offering around a unified security platform and how integrated threat intelligence accelerates the detection process. We’ll also recommend how MSSPs can leverage open threat sharing communities and custom intelligence development to maximize revenue and differentiate themselves from the competition.

    Attend this Webchat and you will also learn:

    The importance of developing a comprehensive understanding of not only the different data types collected for analysis, but also the ways in which the data types interact with each other
    The need for an intelligent approach to identifying the latest threats to achieve the broadest view of threat vectors, attacker techniques and effective defenses
    Why the use of coordinated rule set updates is key to maximizing the effectiveness and efficiency of threat intelligence
    and to ensuring that your clients are protected no matter how (and how often) their business grows and needs change
  • A Step-By-Step Guide to Building a Profitable Security Practice Recorded: Aug 17 2017 33 mins
    Garrett Gross, Director of Field Enablement
    As your clients work on their 2017 budgets, they will be paying a lot of attention to security. It’s probably the top priority for most of them. Threat profiles have expanded, new attack vectors have emerged and legacy systems simply can’t keep up. It’s not nearly enough to sell some security software or deploy a few firewalls. For IT service providers, this presents both a challenge and an opportunity. On one hand, your customers need new security solutions that you haven’t delivered before. But on the other hand, your customers want to pay you for services that will increase both your revenues and profits.

    Given that your customers will want their security challenges addressed immediately, you need to rapidly develop the skills and services required to get the job done.

    In this fast-paced session, join experts from AlienVault and MSPmentor to outline a step-by-step process you can follow to build a thriving, profitable security practice. Key topics to be addressed include:

    The five vital technology tools you need to run an effective security practice
    A detailed profile of the target customers most likely to adopt IT services to help accelerate your sales process
    A map for building and pricing your security service packages to meet customers’ needs (and for building your profits)
  • Adding the S to MSP: Making Money in a Competitive Market Recorded: Aug 17 2017 35 mins
    Mike LaPeters, VP Global Channel Sales & Mike Calonica, VP American Sales
    Anybody can deliver technology, but these days MSPs also need to protect their customers’ networks and data. Cyber threats are a growing concern, and if you can’t provide security, your customers will find a provider who can. That’s why adding security to an MSP’s palette of services isn’t just an option; it’s a must.


    In this webcast, experts from Penton and AlienVault will discuss how to turn your MSP into a profitable MSSP by adding security for customers to protect their business from the scourge of cybercrime. Join this session to learn more about:

    Current threats and how they are evolving
    Comprehensive threat protection for the cloud
    Unified security for detecting threats and responding to incidents
  • Use of Managed Security Service Providers (MSSPs) - Benefits, Challenges and Tre Recorded: Aug 17 2017 55 mins
    Garrett Gross Director, Field Enablement
    Research shows that about half of organizations deploy a mix of in-house and outsourced IT security. Companies turn to outsourced and managed security services providers to alleviate the pressures they face, such as assessing and remediating against new types of attacks, protecting their organization against data theft, and addressing skills shortages and filling resource gaps. The 2017 Spotlight Report covering MSSP usage revealed the latest data points and trends in how organizations are leveraging Managed Security Services Providers (MSSPs) to augment, or in some cases completely outsource their security programs.

    In this session you'll learn about key findings from this survey including:

    The predominant driver for organizations to consider managed security services
    The most critical capabilities organizations look for in MSSPs
    The most requested security services offered by MSSPs
    Key benefits respondents have achieved by partnering with an MSSP

    Whether you are evaluating using an MSSP, or are an MSSP yourself, join us to gain valuable insights into how MSSPs are helping their clients. We'll also provide an overview of how our report sponsor, AlienVault, enables the threat detection capabilities of many MSSP's with their unified threat detection platform, AlienVault USM
  • How to Simplify PCI DSS Compliance with a Unified Approach to Security Recorded: Aug 15 2017 59 mins
    Sacha Dawes, Principal Product Marketing Manager, AlienVault
    Demonstrating compliance with PCI DSS is far from a trivial exercise. The 12 requirements of PCI DSS often translate into a lot of manual and labor-intensive tasks in order to access the necessary data and reports from many different systems and tools. And, even after compliance is achieved, many teams struggle to maintain the processes and reporting between audits. Join us for this webcast covering what capabilities are needed for PCI DSS compliance, and how to simplify implementation with a unified security toolset like AlienVault Unified Security Management.

    We'll cover:
    - What core security capabilities you need to demonstrate compliance
    - The top challenges in meeting and maintaining compliance with PCI DSS
    - Best practices to help you plan and prepare for an audit
    - How AlienVault Unified Security Management simplifies threat detection, incident response, and compliance
  • Stop Malware in its Tracks with Security Orchestration Recorded: Jul 18 2017 60 mins
    Sacha Dawes, Principal Product Marketing Manager, AlienVault
    Security professionals are locked in a vicious cycle, with malicious actors spinning out new threats daily and security teams racing to keep up. Reducing the time to detect and defend against malware is critical. What if you could identify and block threats earlier? With the security orchestration capabilities in AlienVault USM Anywhere, you can.

    USM Anywhere is a security monitoring platform that unifies security visibility across your cloud and on-premises assets. New AlienApps™ extend the capabilities of USM Anywhere by interacting with other IT security and IT operations products like Cisco Umbrella, Palo Alto Networks and Service Now to centralize the orchestration of incident response activities.

    Join us for this webcast to learn:

    - What security orchestration means, and why it has become essential for fast, efficient incident response
    - How USM Anywhere can automate incident response activities, saving valuable time
    - How AlienApps help you reduce the friction of integrating and orchestrating across your security point solutions

    About the Presenter:
    Sacha joined AlienVault in Feb 2017, where he is responsible for the technical marketing of the AlienVault Unified Security Management (USM) family of solutions. He brings multiple years of experience from product management, product marketing and business management roles at Microsoft, NetIQ, Gemalto and Schlumberger where he has delivered both SaaS-delivered and boxed-product solutions that address the IT security, identity and management space.
  • Petya Variant Ransomware: How to Detect the Vulnerability and Exploits Recorded: Jun 27 2017 32 mins
    Sacha Dawes, Principal Product Marketing Manager. Chris Doman, Threat Engineer
    As you've likely heard, a variant of the Petya malware is spreading rapidly and is known to have affected organizations worldwide, regardless of size. This variant of Petya follows a similar attack method to last month's WannaCry ransomware, though it uses the PsExec and WMI services for distribution.

    Once compromised, the ransomware will overwrite the Master Boot Record (MBR), encrypt individual files that match a list of file extensions (including documents, archives, and more), and after a reboot of the system will present the user a message requesting a ransom in Bitcoin to decrypt the system. As with WannaCry, the ETERNALBLUE exploit toolkit (which was released by the Shadow Brokers group in April 2017) is suspected to be a key part of the attack.

    Join us for a 30-minute technical webcast to learn more about this Petya variant, and how the unified security controls in AlienVault USM Anywhere can help you quickly identify vulnerable systems and attacks.

    You'll learn:

    What the AlienVault Labs security research team has uncovered about this threat
    How to scan your environment (cloud and on-premises) for critical vulnerabilities with AlienVault USM
    How AlienVault USM leverages threat intelligence for early detection of threats like this variant of Petya
    How built-in response orchestration capabilities in AlienVault USM can stop the threat from spreading
  • The Shadow Brokers: How to Prepare for What’s Next After WannaCry Recorded: Jun 20 2017 46 mins
    Peter Ewane, AlienVault Security Researcher
    The Shadow Brokers are a hacking group who have published several leaks containing hacking tools from the National Security Agency (NSA), resulting in high profile malware attacks like the recent WannaCry ransomware attacks. So, what can we expect next as a result of the leaked hacking tools? The AlienVault Labs security research team has been analyzing the leaked information in an effort to understand potential attack vectors, and create the necessary threat intelligence updates for AlienVault products.

    Join us for a live, technical webinar on Tuesday, June 20th to learn more about the Shadow Brokers and what the AlienVault Labs team has uncovered about potential threats posed by the leaked tools.

    You’ll learn:
    A brief history of Shadow Brokers activity
    Analysis of the leaked hacking tools and exploits and their potential impact
    How to use information related to Shadow Brokers available in the Open Threat Exchange
    An overview of threat intelligence updates made to AlienVault products
  • Detect Ransomware Before it’s Too Late with AlienVault USM Anywhere Recorded: Jun 13 2017 54 mins
    Sacha Dawes, Principal Product Marketing Manager, AlienVault
    By now you've probably heard about ransomware like CryptoLocker, which encrypts your data and demands payment to unlock it. These threats are typically delivered via malicious email attachments or websites, and once they execute and connect to an external command and control server they encrypt files throughout your network that can only be unlocked with a key from the attacker. Spotting infections quickly can limit the damage.

    AlienVault USM Anywhere uses several built-in security controls working in unison to detect ransomware. Join us for a live demo that will show you how USM Anywhere detects these threats quickly, saving you valuable clean up time and limiting potential damage from the attack.

    You'll learn:

    How AlienVault USM Anywhere detects ransomware
    How the behavior is correlated with other signs of trouble to alert you of the threat
    Steps you should take to stop the threat and limit the damage
  • Malware Detection - How to Spot Infections Early with AlienVault USM Anywhere Recorded: May 16 2017 53 mins
    Sacha Dawes, Principal Product Marketing Manager, AlienVault
    Malware has been a thorn in the side of IT pros for years, and will continue to be for years to come as new strains and variants evolve. The impact of malware to your business can be huge, as was demonstrated last year by the Mirai botnet, one of the largest and most disruptive distributed denial of service (DDoS) attacks of 2016. Join us for a webcast covering the essentials of malware detection, along with a demo of how to detect malware with AlienVault USM Anywhere.

    In the webcast, you'll learn:

    Common types of malware and the challenges of detecting them
    Why you need both signature and anomaly detection to protect against malware
    How USM Anywhere can alert you of malware infections so you can take action quickly
    What to do when you detect malware activity on your network

    Hosted By
    Sacha Dawes
    Principal Product Marketing Manager
    Sacha joined AlienVault in Feb 2017, where he is responsible for the technical marketing of the AlienVault Unified Security Management (USM) family of solutions. He brings multiple years of experience from product management, product marketing and business management roles at Microsoft, NetIQ, Gemalto and Schlumberger where he has delivered both SaaS-delivered and boxed-product solutions that address the IT security, identity and management space. Originally from the UK, Sacha currently lives in Seattle, though soon moving to Austin, TX where he is based.
  • WannaCry Ransomware: How to Detect the Vulnerability and Exploits Recorded: May 14 2017 57 mins
    Sacha Dawes, Principal Product Marketing Manager, AlienVault
    As you've likely heard, WannaCry is a new ransomware variant that takes advantage of a vulnerability in the Windows operating system (MS17-010) to encrypt the infected computer’s data and hold it hostage until a ransom is paid. In addition, the vulnerability enables WannaCry to quickly spread to other machines in the same environment – all without any human intervention. While Microsoft issued a patched to the vulnerability in March 2017, millions of computers have not been updated and remain susceptible to the attack.
    Join us for a technical webcast to learn more about WannaCry, and how the unified security controls in AlienVault USM Anywhere can help you quickly identify vulnerable systems and attacks.
    What the AlienVault Labs security research team has uncovered about this threat
    How to scan your environment (cloud and on-premises) for the vulnerability with USM Anywhere
    How USM Anywhere leverages threat intelligence for early detection of threats like WannaCry
    How built-in response orchestration capabilities in USM Anywhere can stop the threat from spreading
  • How to Use OTX with AlienVault OSSIM Recorded: Apr 26 2017 42 mins
    Skylar Talley, Product Manager
    The AlienVault® Open Threat Exchange™ is an open platform for security research that provides a mechanism for updating your OSSIM instance with the latest threat intelligence from AlienVault Labs or other security researchers. By connecting your OSSIM instance to OTX, you will continuously receive updates from the researchers you trust to help detect relevant Indicators of Compromise (IoC's) in your environment. Or, you can use OTX for your own security research and to share your results with the community.

    Join us for this OSSIM training session covering how to:

    Set up an OTX account and link it to your OSSIM instance
    View OTX Pulses to get context on threats
    See how the OSSIM platform alerts you of IoCs from OTX in your environment
    Hosted By
    Skylar Talley
    Product Manager
    Skylar joined AlienVault in January of 2017 as a Product Manger for USM Appliance and OSSIM. Before AlienVault, Skylar was a Product Manager at SpareFoot, a marketplace for self storage, and Waldo Photos, a seed stage photo sharing startup. Since joining the product team at AlienVault, Skylar has been focused on coming up to speed on AlienVault's diverse user base and all of the different ways that the USM Appliance product helps organizations address their security needs. Moving forward, he'll be responsible for all development work on USM Appliance and would love to talk to you about your experience with the product!
  • Shorter, Faster Threat Detection and Response with AlienVault and Cisco Recorded: Apr 24 2017 38 mins
    Jeff Olen, Product Manager at AlienVault and Kate MacLean, Product Manager at Cisco Umbrella
    Threats continue to increase in sophistication and frequency, your environment is getting more complex with the addition of cloud infrastructure, and your siloed security tools leave you struggling to get a unified view of your security posture. How can you reduce the time to detect and defend against malware in today’s environment? It’s not enough to wait for malware to reach your network or endpoints before you try to detect and stop it. What if you could identify and block threats earlier? With Cisco Umbrella and AlienVault USM Anywhere, you can.

    Join us for a 45-minute webcast to learn how you can quickly improve your threat detection and response time with AlienVault USM Anywhere and Cisco Umbrella. During this session, you’ll learn about each product and see how the integration enables you to:

    Focus on threat response and not writing complex security analytics rules
    Get prioritized, contextual alarms leveraging threat intelligence from both Cisco and AlienVault
    Automate policy enforcement between the platforms for rapid response
    Enhance threat visibility and reduce mean time to detection & response

    Co-hosted By Jeff Olen, Product Manager, AlienVault
    Jeff joined the AlienVault product management team in 2016, with a primary focus on the USM Anywhere platform. He has more than 15 years of experience managing award-winning software products in a variety of industries including security, education, legal and digital media.

    Co-hosted By Kate MacLean, Senior Product Marketing Manager, Cisco Umbrella
    Kate MacLean is responsible for the positioning and go-to-market strategy. Kate has been in the security industry for over nine years, with experience in network, cloud, and data security. Prior to working at Cisco, she worked at RSA, the Security Division of EMC, now Dell. Kate’s undergraduate degree is from Bentley University, and she will be graduating from Boston University with her masters in business administration later this year.
  • How to Detect and Investigate Brute Force Attacks with AlienVault USM Anywhere Recorded: Apr 18 2017 49 mins
    Sacha Dawes, Principal Product Marketing Manager, AlienVault
    A brute force attack is one of the more common types of attack that malicious actors use to try and gain access to your IT servers, applications and data. In theory, a brute-force attack can be used to attempt to decrypt any encrypted data (except for data encrypted in an information-theoretically secure manner). These attacks are relatively simple for attackers to implement and they can wreak havoc on your organization when successful. However, many IT security teams may not be aware that they are at risk from these attacks, or what to do about them.

    Join us for a live demo where we'll demonstrate how the AlienVault Unified Security Management (USM) approach, delivered as a SaaS solution with our USM Anywhere offering, can help you detect and investigate these types of attacks.

    You'll learn:

    - How attackers can use brute force attacks to gain access to your network
    - Steps you can take BEFORE an attack to identify systems or applications that may be at greater risk
    - How USM Anywhere can alert you immediately of brute force attacks targeting your cloud, hybrid cloud and on-premises environments
    - How to use USM Anywhere to investigate brute force attacks and identify compromised assets

    About the Presenter:
    Sacha Dawes is responsible for the technical marketing of the AlienVault Unified Security Management (USM) family of solutions. He brings multiple years of experience from product management, product marketing and business management roles at Microsoft, NetIQ, Gemalto and Schlumberger where he has delivered both SaaS-delivered and boxed-product solutions that address the IT security, identity and management space.
  • Get Powerful Threat Detection for the Cloud Recorded: Mar 14 2017 48 mins
    Danielle Russell, Sr. Product Marketing Manager
    Cloud computing promises advantages such as lower IT cost, increased agility and better support of business functions. However, cloud security concerns continue to top the list of barriers to cloud adoption.

    AlienVault is at the leading edge of cloud security with AlienVault USM Anywhere. USM Anywhere extends our award-winning approach to threat detection, Unified Security Management (USM), to the cloud. Whether you are looking to secure your AWS & Azure cloud environments, hybrid cloud or on-premises assets, USM Anywhere delivers essential security capabilities in a single SaaS platform.

    Viewers will learn how easy is to:
    - Discover all assets across your AWS, Azure and on-premises environments
    - Scan for vulnerabilities across cloud-based and physical assets
    - Detect emerging threats with real-time, integrated threat intelligence
    - Monitor asset logs including Azure Insights, AWS CloudTrail, S3 and ELB
    - Respond quickly to incidents & conduct thorough investigations

    About the Presenter:

    Danielle is a Senior Product Marketing Manager at AlienVault, responsible for product messaging and positioning, go-to-market strategy, and sales enablement. Prior to AlienVault, Danielle held a marketing leadership position with an IT software company in the telecommunications industry. Danielle earned a B.S. Life Sciences Communication from the University of Wisconsin.
  • OSSIM Training: How to Get the Most Out of Policies & Actions Recorded: Mar 13 2017 58 mins
    Javvad Malik, Community Manager/ Security Evangelist
    One of the most valuable capabilities of OSSIM is the ability to define policies to tune event processing and trigger actions based on certain types of events. This special user training webcast will walk you through how to use policies and actions to:

    Filter unnecessary events and false positives
    Trigger e-mail notifications for critical events
    Improve performance of OSSIM
    Turn security policies into security practice
  • How to Configure your OSSIM Installation: Network IDS and syslog Collection Recorded: Mar 7 2017 57 mins
    Mark Allen VP, Technical Sales
    Network IDS (NIDS) plays an important role in OSSIM by detecting the presence of malware, network attacks, and other malicious network activity. By correlating this information with events collected from other devices, OSSIM helps you connect the dots to detect potential threats.

    Join us for this user training webcast where our OSSIM experts will walk through:

    Configuring OSSIM NIDS including configuring your network interfaces for monitoring
    Enabling an interface for NIDS monitoring using the web interface
    Forwarding syslog events from your networking devices; routers, switches and firewalls to OSSIM
    Enabling appropriate AlienVault plugins to parse network events


    Mark Allen has been engaged in information security and system administration for over 15 plus years. Mark has extensive experience taking complex concepts and making them easier to understand. He has held a variety of technical roles from help desk to litigation support to systems engineer and IT Director for accounting and law firms and large companies such as Epicor, Dell, & Solarwinds.
Security intelligence from leading industry visionaries
AlienVault has simplified the way organizations detect and respond to today’s ever evolving threat landscape. Our unique and award winning approach, trusted by thousands of customers, combines the essential security controls of our all-in-one platform, AlienVault Unified Security Management, with the power of AlienVault’s Open Threat Exchange, the world’s largest crowd-sourced threat intelligence community, making effective and affordable threat detection attainable for resource constrained IT teams. AlienVault is a privately held company headquartered in Silicon Valley and backed by Trident Capital, Kleiner Perkins Caufield & Byers, Institutional Venture Partners, GGV Capital, Intel Capital, Jackson Square Ventures, Adara Venture Partners, Top Tier Capital and Correlation Ventures.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Using Crowd-Sourced Threat Intelligence to Stay Ahead of Exploits
  • Live at: Nov 7 2013 5:00 pm
  • Presented by: Jaime Blasco Director, AlienVault Labs AlienVault
  • From:
Your email has been sent.
or close