How RSA Security Analytics Detects Heartbleed

RSA
See how organizations detected Heartbleed using network monitoring and operationalized intelligence from RSA Security Analytics.
May 20 2014
8 mins
How RSA Security Analytics Detects Heartbleed
Join us for this summit:
More from this community:

IT Security

  • Live and recorded (5260)
  • Upcoming (138)
  • Date
  • Rating
  • Views
  • Join Tom Kellerman, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who need to develop and implement a comprehensive cyber security strategy. Tom will highlight critical information including 2015 cyber threat trends and how risk management strategies have changed.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
    • And more...
  • A new category of threat is emerging – a threat designed to evade traditional signature-based technologies such as Anti-Virus and Intrusion Detection. Attempting to meet the challenge is a new class of technology, “Advanced Malware Protection” or “AMP,” which is an industry term for technology designed to continuously monitor for, offload and detonate files in a sandbox - safely away from the main environment - to observe and detect malicious objects.

    If a security device produces an alert in the forest, who’s there to hear it?

    The challenge is these next generation advanced malware detection solutions produce so much detail about the suspicious activity that most organizations do not have the resources to thoroughly investigate/analyze. The best technology means nothing if you don’t have the right expertise to react to the alert, quickly decipher complex reports, investigate the threat, and determine the right response. And meanwhile, the threat actors aren’t standing still – they’re developing measures to circumvent controls in some traditional sandbox environments.

    You will learn:
    1.How the threat is evolving and how actors are employing evasive practices to overcome traditional and even some more sophisticated security defenses
    2.Why next generation sandboxing and full-system emulation are the keys to combatting evasive malware threats
    3.The expertise needed to accurately identify and diagnose the threat once the alert is received
    4.How to ensure your organization has the ability to respond effectively to the incident and close all the backdoors a threat actor may have opened
  • 2014 could have easily been called, “The year of the biggest security breaches since the beginning of forever.” But given current security practices and technologies, many of the breaches could have been prevented. So why weren’t they?

    Many of the affected companies fell into a very common trap, thinking that if a company goes to the trouble to be legally compliant then it will be effectively “secure.” Unfortunately, as with many kinds of regulations, legal compliance really represents the absolute least amount of effort required. If companies want to give themselves the best chance to avoid the very severe consequences that come with a major breach, there are five practices they need to put in place now.

    Join Adrian Sanabria, Senior Security Analyst at 451 Research, and Amrit Williams, CTO of CloudPassage, on this webinar to learn
    · Possible gaps left by the compliance-first approach to security
    · How to limit vulnerabilities across traditional, virtual and cloud infrastructures
    · Five best practices to avoid a major security breach in 2015
  • The bring-your-own-device (BYOD) movement has been a huge boon for businesses that put a premium on productivity. File sync and share solutions have emerged to help employees work from anywhere, at any time, on any device. In this BrightTALK exclusive, eFolder explores the top seven features that business should consider when adopting a file sync and share solution. Learn what is required for a file sync and share solution to improve collaboration, maximize productivity, and ensure security.
  • Join Tom Kellermann, Chief Cyber Security Officer for Trend Micro, in an informative webinar specifically tailored for corporate executives and directors who are ready to take the reins of a real and effective plan to secure their organization, their data, and their careers against targeted attacks.

    During this live webinar, you’ll learn:
    • How to identify, classify, and protect your valuable data assets
    • How to assess your organization’s vulnerability to attack
    • How to measure and mitigate cyber risks cost-effectively
  • The Internet of Things (the new buzzword for the tech industry) is increasing the connectedness of people and things on a scale that was once beyond imagination. Connected devices outnumber the world's population by 1.5 to 1.It is expected to eventually touch some 200 billion cars, appliances, machinery and devices globally, handling things like remote operation, monitoring and interaction among Internet-connected products.

    In combination with the fact that there are almost as many cell-phone subscriptions (6.8 billion) as there are people on this earth (seven billion), we have all the ingredients for a Perfect Cyber Storm.

    Join me for an informal discussion of the challenges for our profession, and some possible solutions.
  • Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Do you feel alone? No resources? No help? If you are like many security practitioners faced with a mountain of tasks each day and a small (or non-existent) team to help, prioritization and efficiency are key. Join Joe Schreiber, Solutions Architect for AlienVault for this practical session outlining habits to get the most out of your limited resources.

    In this session, you'll learn how to develop routines to efficiently manage your environment, avoid time-sucks, and determine what you can do by yourself and where you need help.

    In this practical session, Joe will cover:
    - How to work around the limitations of a small (or one person) team
    - Tips for establishing a daily routine
    - Strategies to effectively prioritize daily tasks
    - Benefits of threat intelligence sharing
    - Critical investigation & response steps when the inevitable incident occurs
  • Cutting down on the time taken to complete complex document review cycles allows the modern lawyer to operate at the pace required by their industry.

    Join our webinar to learn top tips for shortening these review cycles without losing document integrity and risking corruption. We’ll also cover what technologies are available to provide a quick and accurate way to improve document review efficiency.
  • FireEye recently released a new report that documents how and why governments around the world are turning to the cyber domain as a cost-effective way to spy on other countries, steal technology, and even wage war.

    Whether it’s sensitive military, diplomatic, or economic information, governments depend on the integrity of their data. If that data falls into the wrong hands, the consequences could be severe.

    In the wake of two apparent state- and government-sponsored attacks, APT1 and APT28, government agencies must understand why they are in attackers’ crosshairs, what attackers might be seeking, and how they can protect themselves.

    Join us for a dynamic discussion with subject matter experts where you will learn:

    •What makes your government-related organization an appealing target – whether you’re a political opponent, business, agency or vendor
    •Why it’s important to determine who could be planning an attack, their motives, and how they might carry out their goals
    •How to assess your level of preparedness and how to protect yourself if you are not ready for this new era of cyber warfare
  • Channel
  • Channel profile
  • Make Your Incident Response Program A Key Pillar of Your Security Defenses Recorded: Aug 26 2014 60 mins
    It is now well-accepted in security circles that preventive controls are no longer sufficient to defend your organization against today’s cybercriminal-, nation state-, and hacktivist-led attacks. This leaves monitoring and response teams to pick up the slack. But how can you rebalance your security program across prevention, monitoring and response for maximum effect?

    Organizations have often focused on building out their security operations center (SOC) or critical incident response center or team (CIRC/CIRT) as their central point for improving their monitoring and response capabilities. Whichever name one chooses for this security function, what they all have in common is that they are the organization’s command center for the detection, investigation, and remediation of cyber security incidents. But how can you construct yours?

    This webcast will highlight:
    • The market and technical drivers that are disrupting the security status quo and driving the need for SOCs/CIRCs
    • A maturity model that you can use to assess and more importantly discover key areas for improvement
    • Key areas of focus for improving your incident response people, process, and technology
  • How RSA Security Analytics Detects Heartbleed Recorded: May 20 2014 8 mins
    See how organizations detected Heartbleed using network monitoring and operationalized intelligence from RSA Security Analytics.
  • Improving Critical Infrastructure Cybersecurity with NIST CSF Recorded: Mar 13 2014 43 mins
    Due to increasing pressures from external threats, organizations responsible for critical infrastructure need to have a consistent and iterative approach to identifying, assessing, and managing cybersecurity risk. Recognizing that the national and economic security of the United States depends on the reliable functioning of critical infrastructure, an Executive Order titled “Improving Critical Infrastructure Cybersecurity” (EO 13636) directed the National Institute of Standards and Technology (NIST) to develop a voluntary framework for reducing cyber risks to critical infrastructure.

    Do you clearly understand how this framework affects your organization? Do you know how to implement it? If you want to know more, then attend this complimentary webcast to hear:
    • A practical explanation of the NIST Cybersecurity Framework (CSF) and workflow
    • A description of the scope of the CSF and how it affects you as an organization and industry
    • How to use the CSF to implement the right controls and measure the maturity of your cybersecurity program
    • A demo of customized RSA Archer solutions that will enable your organization to easily manage all of these activities
  • Make Your Incident Response Program A Key Pillar of Your Security Defenses Recorded: Feb 12 2014 60 mins
    It is now well-accepted in security circles that preventive controls are no longer sufficient to defend your organization against today’s cybercriminal-, nation state-, and hacktivist-led attacks. This leaves monitoring and response teams to pick up the slack. But how can you rebalance your security program across prevention, monitoring and response for maximum effect?

    Organizations have often focused on building out their security operations center (SOC) or critical incident response center or team (CIRC/CIRT) as their central point for improving their monitoring and response capabilities. Whichever name one chooses for this security function, what they all have in common is that they are the organization’s command center for the detection, investigation, and remediation of cyber security incidents. But how can you construct yours?

    This webcast will highlight:
    • The market and technical drivers that are disrupting the security status quo and driving the need for SOCs/CIRCs
    • A maturity model that you can use to assess and more importantly discover key areas for improvement
    • Key areas of focus for improving your incident response people, process, and technology
  • Executive Order 13636: Improving Critical Infrastructure Cyber security Recorded: Oct 31 2013 42 mins
    In the event of a full-scale cyber war, attacks on our critical information systems would pose the greatest risk of damage. The loss of capabilities in places like our banking, communications, and energy sectors would cripple our nation. It is for this reason that Executive Order (EO) 13636 was issued in February to improve cyber security among this critical infrastructure.

    Attend this webcast to learn more about this important subject. You will:

    •Learn about how EO 13636 intends to improve cyber threat information sharing between federal and private sector entities
    •Hear how the government plans to promote and incentivize the adoption of cyber security practices among critical infrastructure
    •See the new technology-neutral voluntary framework that NIST has drafted to improve critical infrastructure cyber security. RSA has been involved with the NIST workshops to draft this framework and can explain the draft and how it works
    •Learn how you can implement this framework this in your organization
  • Maximum-Strength Threat Detection for Mid-Size Enterprises Recorded: Aug 1 2013 48 mins
    Advanced threats today do not discriminate – organizations of all sizes are at risk. The impact of an advanced threat can be as daunting to a smaller enterprise as it is to a larger one but with the additional challenges and constraints of budget and security staff. So what is your security posture?

    Watch this webcast to understand how RSA Security Analytics provides visibility, threat intelligence, and analytics to all organizations – and how you can start small.

    You will learn:
    •How to understand your security disposition and how prevention and detection go hand in hand
    •How RSA Security Analytics provides you the visibility required to detect and respond to today’s sophisticated attacks
    •Starter use cases for Network Monitoring that you can automate to jumpstart your security program
  • Improve Your Breach Readiness, Response and Resiliency Recorded: Jul 16 2013 59 mins
    Defending against today’s sophisticated attacks requires a shift in security investments from prevention to a balanced mix of prevention, detection, and response. The challenge is how to make this shift given limited resources and expertise.

    The RSA Advanced Cyber Defense Practice can help by improving your breach readiness, response and resiliency with a three-prong approach: optimize the use of preventive controls, reduce attacker free time, and reduce the time it takes to execute an appropriate response.
    Join this webcast and learn how to:
    •Enhance your security posture
    •Prepare for and respond to security incidents, and evolve in line with the threat environment
    •Develop strategies and tactics for building and improving your security operations programs, including designing and optimizing a security operations center (SOC)
    •Layer in advanced capabilities, such as intelligence and analytics, to develop a more agile and proactive security monitoring function

    Unify your security strategy, operations and technology implementations, and produce an actionable security improvement plan with the help of the RSA Advanced Cyber Defense Practice. Learn more at this important webcast.
  • An Intelligence-Driven SOC: Hear it, See it, Build it Recorded: May 2 2013 47 mins
    Today’s IT security threats are multi-faceted, dynamic and stealthy, and who is the most likely target is very hard to predict. Actionable intelligence fed to an agile security operations center (SOC) is critical as many threats cannot be prevented, but consequently must be detected and remediated quickly.

    With a best-in-class SOC, you have the potential to reduce your average incident response time by up to 60%. This must-see webcast will provide insight on how to best approach building or building-up your SOC. You will see RSA’s SOC-enabling technologies in action in the context of a realistic threat scenario and have the opportunity to deep-dive into four additional technical demos after the webcast.

    You will learn:
    -The specifics of the people, processes and tools needed to build a best-in-class SOC and the benefits to be gained by doing so
    -How to leverage time-saving technology to bridge the gap between priorities and shortages of security savvy resources
    -How EMC’s Critical Incident Response Center (CIRC) implements RSA’s technologies to support the enterprise’s risk and security strategy, and how they all converge to provide the full visibility that is needed to be most effective

    Don’t miss this chance to hear from and ask questions to RSA’s Chief Security Strategist, Jason Rader.

    About the presenter:
    Jason is currently focused on working with clients to develop enterprise security management strategies that include virtualization and cloud security, incident response, Advanced Persistent Threats (APT), and user awareness. Prior to this role, he designed and matured the strategic security offers within EMC’s Global Security Practice, and enjoyed worldwide success as a security consultant and technical trainer outside of EMC.
  • Detecting Advanced Threats on Endpoints Faster than Ever Before Recorded: Apr 25 2013 60 mins
    Learn how RSA’s incident response team leverages RSA ECAT and its signature-less malware detection to quickly gain visibility to identify and contain advanced , targeted attacks in real-world IR engagements. Join this webcast to learn:
    •How the RSA’s expert Advanced Cyber Defense team leverages RSA ECAT to detect even the most advanced malware
    •How RSA ECAT identifies malware on hosts without relying on signatures
    •How your organization can gain fast actionable intelligence to reduce incident response time using RSA’s integrated solutions and services
  • Fighting Advanced Threats with Big Data Analytics Recorded: Mar 14 2013 49 mins
    Organized criminals, nation-state groups, and hacktivists continue to wreak havoc with organizations of all sizes in spite of their security teams’ best efforts. The problem is an over-reliance on antiquated incident management processes, over-dependence on obsolete technology, and failure to use intelligence-based detection approaches. This session discusses how to succeed against advanced adversaries by transforming your security program using big data analytics and by focusing on what really matters to your business.
Better Protect your Organization from Advanced Threats
As rapid advances in technology move countries, institutions, and people closer together, they also shrink the distance between us and potential adversaries. Today’s organizations are at an ever increasing risk of having their sensitive data accessed by sophisticated and continuously evolving cyber attackers. In this segment of the RSA Advanced Threat Video Series, you’ll hear top leaders in the field of cyber security discuss the unique challenges of living in a virtually connected world. Discover why old security models are ineffective in today’s threat landscape and how to better protect your organization from an attack.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How RSA Security Analytics Detects Heartbleed
  • Live at: May 20 2014 5:00 pm
  • Presented by: RSA
  • From:
Your email has been sent.
or close
You must be logged in to email this