SC Media webcasts | IT Security
Skip to navigation Skip to main content

Webcasts

UPCOMING WEBCASTS

This form filters webcasts that are directly below it based on the options given. Filtering will occur immediately when a option is selected or when the form is reset.
Show:
Vendor Webcast

2020 ATT&CK Vision | Correlating TTPs to Disrupt Advanced Cyber-Attacks

MITRE ATT&CK has a major impact on the cybersecurity industry and has given defenders a haystack in which to focus their searching efforts. In a short time, this framework has helped to empower the community with a consistent understanding of evolving TTPs

Register for 2020 ATT&CK Vision | Correlating TTPs to Disrupt Advanced Cyber-Attacks

Sponsored by: VMWare

2020 ATT&CK Vision | Correlating TTPs to Disrupt Advanced Cyber-Attacks

MITRE ATT&CK has a major impact on the cybersecurity industry and has given defenders a haystack in which to focus their searching efforts. In a short time, this framework has helped to empower the community with a consistent understanding of evolving TTPs. What’s most interesting, is where and how these TTPs intersect and how we can use that information to determine patterns and disrupt attacks.

Join Rick McElroy and Greg Foss on April 14th as they discuss these findings, and how to use them to protect your own security environment

Vendor Webcast

AV-Test places Cisco Umbrella first in security efficacy

Learn how Cisco Umbrella, backed by Talos, has the horsepower to actively process and enforce more than 7 million unique malicious domains and IPs concurrently at the DNS layer. Plus, see firsthand how you can log and inspect all web traffic for greater transparency, control and protection with our cloud-based secure web gateway functionality. Appliances and hybrid-cloud solutions can’t come close to enforcing that many threats at once.

Register for AV-Test places Cisco Umbrella first in security efficacy

Sponsored by: Cisco

AV-Test places Cisco Umbrella first in security efficacy

Lots of network security providers claim they are the best. Well we’ve got proof! Brand new third party research from AV-TEST reveals Cisco Umbrella is the leader in security efficacy according to the 2020. If you’re tired of endless security alerts and chasing threats that could have been blocked before damage occurred, you don’t want to miss this webinar!

Learn how Cisco Umbrella, backed by Talos, has the horsepower to actively process and enforce more than 7 million unique malicious domains and IPs concurrently at the DNS layer. Plus, see firsthand how you can log and inspect all web traffic for greater transparency, control and protection with our cloud-based secure web gateway functionality. Appliances and hybrid-cloud solutions can’t come close to enforcing that many threats at once.

With 60,000+ new destinations added daily to our block list, and more than 3 million new domains added daily, Cisco Umbrella delivers unmatched visibility and threat protection. Join us to learn how Umbrella crushed the competition in a new report from AV-Test. Get ready to cut your malware by 50% in minutes, enterprise wide

20/20 webcast

What’s Under Your Network’s Hood

Identifying and removing attacks before they enter the user environment has been the raison d’être for security software since the 1990s, but as attackers get more sophisticated and attacks morphed from signature-based viruses to social-engineered phishing, the playing field and the types of attacks changed dramatically. This Special Report looks at how bolstering your email-based security defenses

Register for What’s Under Your Network’s Hood

Sponsored by: Cofense

What’s Under Your Network’s Hood

If you can’t see something, does it really exist? If your network cannot identify and purge phishing attacks, do you really have network security? Identifying and removing attacks before they enter the user environment has been the raison d’être for security software since the 1990s, but as attackers get more sophisticated and attacks morphed from signature-based viruses to social-engineered phishing, the playing field and the types of attacks changed dramatically.

This Special Report looks at how bolstering your email-based security defenses

  • Both technologically and from a user perspective

  • Can enhance your existing security operations organization and overcome one of the attackers’ favorite inroads into the corporate network.

Vendor Webcast

Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim?

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

Register for Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim?

Sponsored by: KnowBe4

Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim?

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

Join us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will dive into:

  • Why data backups (even offline backups) won’t save you
  • Evolved threats from data-theft, credential leaks, and corporate impersonation
  • Why ransomware isn’t your real problem
  • How your end users can become your best, last line of defense

 

Vendor Webcast

Advancing your cloud migration strategy with confidence

This webcast examines best practices to help organizations advance their cloud strategy without sacrificing security. Our speaker, Jim DeLorenzo from nCipher, identifies security challenges, illustrates what HSMs are and how they work, and highlights how using HSMs on-premises or as a service ensures you maintain control of your cryptography no matter where your applications are running.  

Register for Advancing your cloud migration strategy with confidence

Sponsored by: nCipher

Advancing your cloud migration strategy with confidence

Organizations take advantage of cloud computing for its flexibility, convenience, and cost-effectiveness. Moving workloads to the cloud allows computing and data storage to be used on-demand, reducing capital expenditures. However, as organizations advance cloud migration strategies, security typically tops their list of concerns.

Whether designing new applications to run off-premises on a cloud-first approach, or lifting and shifting existing workloads to private, public, or hybrid clouds, cryptography is used for security. Cloud service providers offer protection of the keys that secure applications and data, but this gives customers little control. Customers that require greater control can generate and bring their own keys using hardware security modules (HSMs) they own or subscribe to as a service.  

This webcast examines best practices to help organizations advance their cloud strategy without sacrificing security. Our speaker, Jim DeLorenzo from nCipher, identifies security challenges, illustrates what HSMs are and how they work, and highlights how using HSMs on-premises or as a service ensures you maintain control of your cryptography no matter where your applications are running.  

Join this webcast to learn:

  • What are critical challenges for cloud migration
  • Why controlling underpinning keys is important
  • How establishing a root of trust protects your keys – and your data

 

Vendor Webcast

3 Steps to Secure Remote Workers and Students

Hit the couch or your newly converted bedroom office and join us on Tuesday, April 28 at 11.am. PT | 2 p.m. ET for this 20 minute step-by-step webinar on how you can improve your security for remote employees and students, without overburdening your staff.  

Register for 3 Steps to Secure Remote Workers and Students

Sponsored by: Cisco

3 Steps to Secure Remote Workers and Students

With less budget, fewer resources, and more employees working from home than ever, you may be feeling overwhelmed. You are not alone. We’ve entered uncharted waters — but that doesn’t mean you’re left without a paddle and a lifejacket. As you navigate this new world of increased remote working, home-schooling, and telemedicine, there are some best practices you can adopt to help keep your employees, staff and students safe. We can help you quickly protect all laptops and Chromebook devices across your organization. 

Hit the couch or your newly converted bedroom office and join us on Tuesday, April 28 at 11.am. PT | 2 p.m. ET for this 20 minute step-by-step webinar on how you can improve your security for remote employees and students, without overburdening your staff.  

We’ll cover: 

  • Why additional security measures are required  
  • How Cisco Umbrella secures remote users on their devices  
  • Deployment scenarios and tips to help you get started  

Vendor Webcast

2020 Asset Management Trends: Navigating Visibility Gaps

Axonius commissioned a research study with Enterprise Strategy Group (ESG) to uncover how asset visibility challenges are impacting IT and cybersecurity professionals across organizations in North America.

Register for 2020 Asset Management Trends: Navigating Visibility Gaps

Sponsored by: Axonius

2020 Asset Management Trends: Navigating Visibility Gaps

Gaining visibility into a comprehensive asset inventory is becoming more complex as three trends converge: the increase in the number and types of devices, rapid public cloud adoption, and the looming IoT explosion. Axonius commissioned a research study with Enterprise Strategy Group (ESG) to uncover how asset visibility challenges are impacting IT and cybersecurity professionals across organizations in North America. 

Join us for a webinar on May 6 at 2 p.m. ET as Nathan Burke, CMO at Axonius and Dan Trauner, Director of Security discuss:

  • Detailed research findings on asset inventory, cloud asset, and IoT asset visibility gaps
  • Practical implications and considerations for security teams
  • Tips and tricks on implementing and improving an asset inventory process
  • Emerging innovations and approaches to continuous asset discovery and automation

Vendor Webcast

Cyber CSI: Learn How to Forensically Examine Phishing Emails to Better Protect Your Organization Today

Cyber crime has become an arms race where the bad guys constantly evolve their attacks while you, the vigilant defender, must diligently expand your know how to prevent intrusions into your network.

Register for Cyber CSI: Learn How to Forensically Examine Phishing Emails to Better Protect Your Organization Today

Sponsored by: KnowBe4

Cyber CSI: Learn How to Forensically Examine Phishing Emails to Better Protect Your Organization Today

Cyber crime has become an arms race where the bad guys constantly evolve their attacks while you, the vigilant defender, must diligently expand your know how to prevent intrusions into your network. Staying a step ahead may even involve becoming your own cyber crime investigator, forensically examining actual phishing emails to determine the who, the where, and the how.

In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will show you how to become a digital private investigator! You’ll learn:

  • How to forensically examine phishing emails and identify other types of social engineering
  • What forensic tools and techniques you can use right now
  • How to investigate rogue smishing, vishing, and social media phishes
  • How to enable your users to spot suspicious emails sent to your organization 

 

ON-DEMAND WEBCASTS

This form filters webcasts that are directly below it based on the options given. Filtering will occur immediately when a option is selected or when the form is reset.
Show:
Vendor Webcast

How to Stop the COVID-19 Phishing Outbreak

Organizations in every industry are seeing a spike in attempts to exploit anxiety about COVID-19 through phishing email and websites that impersonate the CDC, offer vaccines, and prompt users toward the fateful clicks and credential harvesting that lead to malware, ransomware, data theft and rogue financial transactions.

Register for How to Stop the COVID-19 Phishing Outbreak

Sponsored by: Area 1

How to Stop the COVID-19 Phishing Outbreak

Preying  on  employees’ fears of the spreading novel coronavirus known as COVID-19, threat actors are deploying next-gen phishing attacks  to infiltrate Cloud email and get past Secure Email Gateways

Organizations in every industry are seeing a spike in attempts to exploit anxiety about COVID-19 through phishing email and websites that impersonate the CDC, offer vaccines, and prompt users toward the fateful clicks and credential harvesting that lead to malware, ransomware, data theft and rogue financial transactions.

In this webinar, seasoned cyber threat researcher Juliette Cash will help security professionals:

  • Identify the characteristics of COVID-19 phishing attacks and the key attributes that make them effective 
  • Understand how these attacks can be blocked preemptively, before they get to users’ inboxes
  • Develop strategies and a technology posture for preventing phishing attacks that bring new levels of efficiency and effectiveness to SOC teams

Vendor Webcast

How to Disrupt Cyber Attacks with a Layered Defense

We’ve covered common cyberattacks – like spear phishing, island hopping, and ransomware – in previous webinars, but now it’s time to pull together a layered defense strategy. Understanding why and how attacks happen in the first place becomes integral in protecting your systems and your data.

Register for How to Disrupt Cyber Attacks with a Layered Defense

Sponsored by: VMWare

How to Disrupt Cyber Attacks with a Layered Defense

We’ve covered common cyberattacks – like spear phishing, island hopping, and ransomware – in previous webinars, but now it’s time to pull together a layered defense strategy. Understanding why and how attacks happen in the first place becomes integral in protecting your systems and your data.

Join us for this capstone on-demand webinar in which you will learn:

  • how threats continue to evolve
  • what types of attacks are still on the rise
  • best practices that organizations can implement to protect themselves

Vendor Webcast

Multi-Cloud Security: Removing Friction from the Development Process

Join this webinar to learn how cloud deployments are affecting  security teams and how they can use agentless NDR to remove friction with developers, help developers bake security into their processes, and gain the speed and agility in threat detection and response they need to secure their growing business.

Register for Multi-Cloud Security: Removing Friction from the Development Process

Sponsored by: Extrahop

Multi-Cloud Security: Removing Friction from the Development Process

An estimated 500 million new apps will be created in the next five years—more than the total created in the previous four decades. Cloud workflows have helped organizations of all sizes adopt a DevOps mindset, but for SecOps, digital transformation to the cloud creates new vulnerabilities.

Cloud environments expand the attack surface and erase visibility into critical infrastructure and applications, introducing so much complexity—especially inthe case of multi-cloud, used by many 80 percent of enterprises and growing—that many security leaders are forced to say “no” to progress.

There is a way to attack this problem from the inside out. Network Detection and Response (NDR) cuts through hybrid, cloud, and multi-cloud complexity to deliver visibility, threat detection, and automated response at scale.

Join this webinar to learn how cloud deployments are affecting  security teams and how they can use agentless NDR to remove friction with developers, help developers bake security into their processes, and gain the speed and agility in threat detection and response they need to secure their growing business.

Vendor Webcast

Accelerate Threat Detection and Response in Modern Networks

Drawing on learnings from Rapid7’s Research and MDR teams, explore ways to improve security effectiveness with the right telemetry, analytics, and workflows to find threats earlier and respond faster. 

Register for Accelerate Threat Detection and Response in Modern Networks

Sponsored by: Rapid7

Accelerate Threat Detection and Response in Modern Networks

With sprawling environments, multiple clouds,and businesses dependency on IT, security is challenged to keep up with mountains of data, zero in on real threats, and respond quickly to incidents.

Drawing on learnings from Rapid7’s Research and MDR teams, explore ways to improve security effectiveness with the right telemetry, analytics, and workflows to find threats earlier and respond faster. 

20/20 webcast

Open Source Threat Intelligence

This webcast will look at trends in open source threat intelligence and how we can take advantage of these advancements.

Register for Open Source Threat Intelligence

Sponsored by: Anomali

Open Source Threat Intelligence

It is not that threat intelligence is new that makes a difference today; it is that it is becoming the norm rather than the exception. Not only that, threat intelligence also is becoming more diverse and distinctive. Gone are the days when companies relied strictly on data feeds of threats that were known.

Today we are seeing an expansion of threat intel that pulls together customized threats for specific industries, open source threat intel, and avast array of data about emerging threats.

This webcast will look at trends in open source threat intelligence and how we can take advantage of these advancements.

DemoCast webcast

SOC-as-a-Service: Detect, Investigate, and Resolve Threats Faster

In this democast, we’ll discuss how SOC-as-a-Service can help, and what to look for in a modern managed security service provider (MSSP). We’ll also provide a demo of our cloud native ActiveEye platform which offers complete visibility into your cloud, endpoint, and network security, along with 24×7 expert support to detect, investigate, and resolve threats faster.

Register for SOC-as-a-Service: Detect, Investigate, and Resolve Threats Faster

Sponsored by: Delta Risk

SOC-as-a-Service: Detect, Investigate, and Resolve Threats Faster

Organizations today have more attack surfaces and threats to worry about than ever. To add to the complexity, there is a confusing array of security solutions on the market that require time and expertise to evaluate, deploy, and maintain, and a scarcity of people with the skills to do so. The result is often a patchwork of solutions, alert overload, and security teams overwhelmed by too many cyber incidents and tools.

Many organizations, especially small to mid-sized ones, are looking to managed security services and security operations center (SOC) as a service to solve these challenges.

In this democast, we’ll discuss how SOC-as-a-Service can help, and what to look for in a modern managed security service provider (MSSP). We’ll also provide a demo of our cloud native ActiveEye platform which offers complete visibility into your cloud, endpoint, and network security, along with 24×7 expert support to detect, investigate, and resolve threats faster.

Vendor Webcast

Cracking the Zero Trust Code –  Practical ways for making your Zero Trust Security Transformation Effective

In this webinar, guest speaker Forrester’s Chase Cunningham, and AppGate’s VP of Product Jason Garbis will discuss how to make your Zero Trust security transformation effective. 

Register for Cracking the Zero Trust Code –  Practical ways for making your Zero Trust Security Transformation Effective

Sponsored by: Cyxtera

Cracking the Zero Trust Code –  Practical ways for making your Zero Trust Security Transformation Effective

Organizations are moving toward the Zero Trust model, embracing one of the greatest advancements in security in the last 10 years. Due to the amount of noise on the subject, it may be challenging to understand how real-life companies are implementing Zero Trust to solve security problems, the kind of organizations that have benefited the most from their deployments  and how they are overcoming internal constraints.

In this webinar, guest speaker Forrester’s Chase Cunningham, and AppGate’s VP of Product Jason Garbis discuss how to make your Zero Trust security transformation effective. 

 LEARN:

  • Why Forrester is urging organizations to get started and the risks associated with not doing so
  • How businesses across industries and geographies are embracing Zero Trust today 
  • Exclusive Forrester insight and practical advice to overcome internal adoption barriers

20/20 webcast

The Business Imperative of IT Asset Management

This 20/20 webcast looks into why IT asset management has become a business imperative and how today’s IT department identifies assets not only as part ofthe overall governance, risk and compliance responsibilities, but also the far-from-mundane need of securing and protecting the corporate crown jewels, as well as private and personal information stored on the corporate network —locally and in the cloud.

Register for The Business Imperative of IT Asset Management

Sponsored by: Axonius

The Business Imperative of IT Asset Management

It is hard enough today to protect all of an enterprise’s on-premise networked devices, personal devices that link to the network physically or over Wi-Fi, operational technology devices that traverse part of the IT network (lights, electronic doors, etc.), and off-premises devices from business partners and the internet of things.As companies migrate more compute-intensive applications and storage to the cloud, the number of off-prem assets is exploding.

So how can a company keep track of the myriad of computing devices that grow on a daily basis? It all comes down to the often boring task of IT asset management. Of course, we’re not just counting boxes and physical devices anymore.

This 20/20 webcast looks into why IT asset management has become a business imperative and how today’s IT department identifies assets not only as part ofthe overall governance, risk and compliance responsibilities, but also the far-from-mundane need of securing and protecting the corporate crown jewels, as well as private and personal information stored on the corporate network —locally and in the cloud.

Vendor Webcast

What Most Computer Security Defenses are Doing Wrong, and How toFix It 

Join Roger A. Grimes,KnowBe4’s Data-Driven Defense Evangelist, for this webinar where he explores the latest research on what’s wrong with current network defenses and how they got this way.

Register for What Most Computer Security Defenses are Doing Wrong, and How toFix It 

Sponsored by: KnowBe4

What Most Computer Security Defenses are Doing Wrong, and How toFix It 

Most companies have huge gaps in their computer security defenses and can be compromised at will by a determined hacker. The industry even has a term for it: “Assume Breach”.But it doesn’t have to be that way!

Join Roger A. Grimes,KnowBe4’s Data-Driven Defense Evangelist, for this webinar where he explores the latest research on what’s wrong with current network defenses and how they got this way.

Roger will teach you what most organizations are doing wrong, why, and how to fix it. You’ll leave this webinar with a fresh perspective  and an action plan to improve the efficiency and effectiveness of your current computer security defenses.

Roger will teach you:

·      What most companies are doing wrong, why, and how to fix it

·      An action plan to improve the effectiveness of your computersecurity defenses

·      How to create your“human firewall

DemoCast webcast

Service Account 101:How to Start Managing Your Service Accounts

How do you ensure proper management of these non-human accounts? Service Account Governance—provisioning, reviewing,and decommissioning these services—needs to be a top priority. Unfortunately, it’s virtually impossible to implement without proper tools

Register for Service Account 101:How to Start Managing Your Service Accounts

Sponsored by: Thycotic

Service Account 101:How to Start Managing Your Service Accounts

Service accounts provide access to critical applications and data but fly under the radar of IT.They are usually created ad-hoc, and you’ve got to manage hundreds or even  thousands of services running across your network, accessing equal numbers of resources. 

Services are programs that run in the background and spring into action when called on by a user, an application, or other services. As such, these accounts typically don’t have  people assigned to them, meaning there is little or no accountability. If the person who created the service account leaves, they might take the  credentials with them, posing a huge security issue.

How do you ensure proper management of these non-human accounts? Service Account Governance—provisioning, reviewing,and decommissioning these services—needs to be a top priority. Unfortunately, it’s virtually impossible to implement without proper tools

Hear from Thycotic to learn how to take control of service account sprawl to assure your service accounts are identified and managed properly. You’ll get the answers to these important questions:

  • What is the best way to create workflows for service accounts?
  • How can I delegate ownership? How/where should I be provisioning service accounts?
  • What is the best way to enforce service account governance?
  • How can I automate the review and decommissioning of these accounts?

Vendor Webcast

It’s time to get cirrus about the cloud 

Many organizations have turned to the agility of the cloud as a means of accelerating growth and streamlining operations. However, with the somewhat endless list of services and options now available, some companies could certainly find themselves straying from a well architected solution.

Register for It’s time to get cirrus about the cloud 

Sponsored by: Rapid7

It’s time to get cirrus about the cloud 

Find yourself gazing towards the cloud with roughly the same intrepidation as the Wright brothers did when they looked to the clouds? Although somewhat daunting,the public cloud has sparked an IT migration worth billions.

Many organizations have turned to the agility of the cloud as a means of accelerating growth and streamlining operations. However, with the somewhat endless list of services and options now available, some companies could certainly find themselves straying from a well architected solution.

Join Rapid7 as we explore the shift and share how to ensure you’re formulating a secure cloud approach.

DemoCast webcast

Prevent Phishing Attacks with Proofpoint’s Security Awareness Training

Educate your staff and limit cyber attacks through Proofpoint’s industry-leading security awareness training. Backed by threat intelligence, Proofpoint’s Security Awareness Training ensures you are delivering the right training, to the right people, and at the right time.

Register for Prevent Phishing Attacks with Proofpoint’s Security Awareness Training

Sponsored by: Proofpoint

Prevent Phishing Attacks with Proofpoint’s Security Awareness Training

Description: 99% of the phishing attacks Proofpoint observed in 2019 require human interaction to succeed, resulting in malware installation, wire fraud, unwitting data disclosures, and more. Educate your staff and limit cyber attacks through Proofpoint’s industry-leading security awareness training. Backed by threat intelligence, Proofpoint’s Security Awareness Training ensures you are delivering the right training, to the right people, and at the right time.

Join our live demo to learn how to:

  • Assess your users’ susceptibility to phishing attacks as well asother cyber threats
  • Deliver customized training to your end users that will drive behavior change, making them a stronger last line of defense
  • Enable your employees to report suspicious messages with a single mouse click

20/20 webcast

Risky Business

This 20/20 webcast & Special Report looks at how to unify the corporate risk practices across all levels of the organization as the CISO, the chief risk officer, and other senior executives try to normalize a very chaotic situation.

Register for Risky Business

Sponsored by: Skybox

Risky Business

Let’s face facts: it’s always about risk. Companies manage risk in a variety of ways for data and cyber security. They manage the financial risk, the supply chain risk, the reputational risk, the compliance risk, and the overall business risk. Virtually every major decision a company makes has some sort of risk associated with it.

So when we’re looking at technical issues — everything from policies and procedures to firewalls to clouds to internal networks — there is always a risk component.

This 20/20 webcast & Special Report looks at how to unify the corporate risk practices across all levels of the organization as the CISO, the chief risk officer, and other senior executives try to normalize a very chaotic situation.

DemoCast webcast

Tackle Your Hybrid Network Complexity in 2020

How can you best secure your complex hybrid network? Traditional network security approaches aren’t enough: innovation is the key. Join us to examine the security innovations that drove SC Media to name FireMon as a 2019 Industry Innovator Award Winner. 

Register for Tackle Your Hybrid Network Complexity in 2020

Sponsored by: FireMon

Tackle Your Hybrid Network Complexity in 2020

How can you best secure your complex hybrid network? Traditional network security approaches aren’t enough: innovation is the key. Join us to examine the security innovations that drove SC Media to name FireMon as a 2019 Industry Innovator Award Winner. 

In this webcast, you’ll see how FireMon’s unique security solutions empower your security team with:

  • Adaptive Automation: Intelligent, configurable network security policy automation that monitors and responds (adapts) in real-time to changes in your environment and business requirements
  • Attack Surface Reduction:Actionable insights into the key risks and vulnerabilities across your ever-changing attack surface – so you can identify and stop threats in their tracks before they materialize 
  •  Proactive Compliance: 100% trusted compliance and risk management, no matter what you discover and change in your hybrid cloud environment

You don’t have to choose between business agility and robust security. You can have it all, and this webcast will show you how.

20/20 webcast

Vendor risk management

This 20/20 webcast looks at the challenges and requirements of vendor risk management and how it could impact you and your company

Register for Vendor risk management

Sponsored by: OneTrust

Vendor risk management

CISOs certainly understand the need for corporate risk management policies and procedures, but what about having policies and procedures for your vendors? If you do not think that is a critical issue, just ask the folks at Target, the poster child for failed vendor risk management.

Many of today’s compliance regulations require vendor risk management policies and procedures – HIPAA hasits Business Associate Contracts and the EU’s GDPR has its own set of requirements for protecting user privacy – but what do you need to know about vendor risk management that you don’t know now?

This 20/20 webcast looks at the challenges and requirements of vendor risk management and how it could impact you and your company

20/20 webcast

The Case for Security Awareness Training

This 20/20 editorial webcast looks at how CISOs can augment their professional cybersecurity team and security operations center with a highly aware user base to identify and defeat potential breaches.

Register for The Case for Security Awareness Training

Sponsored by: Cofense

The Case for Security Awareness Training

It has become cliché to say that the user is the weakest link in cybersecurity. However, it is also true that the user is often the last line of defense — phishing and other potential security attacks often depend on a person clicking on a link or malware-laden file to launch an attack.

While a company might have a top notch cybersecurity operations team, without having an equally trained user base the company is essentially defending itself with one hand tied behind its virtual back.

This 20/20 editorial webcast looks at how CISOs can augment their professional cybersecurity team and security operations center with a highly aware user base to identify and defeat potential breaches.

Vendor Webcast

Phishing prevention and response strategies with proofpoint

Today, more than 80% of breaches are caused by compromised credentials; attackers don’t need to hack in – they can just log in. So how can organizations protect against attacks like phishing?

Register for Phishing prevention and response strategies with proofpoint

Sponsored by: Okta

Phishing prevention and response strategies with proofpoint

Security leaders have their work cut out for them to protect against the rapidly evolving threat landscape and stay ahead of cyber criminals. While the rise in adoption of cloud-based applications serves as a catalyst for rethinking modern security, one consistency remains: email-based credential harvesting remains the most fruitful tactic for today’s threat actors.

Today, more than 80% of breaches are caused by compromised credentials; attackers don’t need to hack in – they can just log in. So how can organizations protect against attacks like phishing?

Join Lucia Milica, CISO at Proofpoint and Marc Rogers, Executive Director, Cybersecurity at Okta as they share:

  • The anatomy of a phishing attack
  • Various prevention and response strategies
  • Best tools and integrations across authentication and email security

20/20 webcast

California’s own GDPR? It’s not alone

This 20/20 webcast would look at recent privacy acts across the country and how it might affect the way U.S. businesses handle privacy concerns going forward. 

Register for California’s own GDPR? It’s not alone

Sponsored by: Micro Focus

California’s own GDPR? It’s not alone

California’s Consumer Privacy Act of 2018 took effect on January 1, 2020. The law gives California residents the right to know what data companies collect about them and how that information is shared. Consumers will also have the authority to prohibit companies from selling their data.

The bill bears similarities to the EU’s General Data Protection Regulation (GDPR) but it is no clone, so even if you currently must comply with GDPR, the CCPA will be different. And, by the way, it’s not the only privacy law at the state level. 

This 20/20 webcast would look at recent privacy acts across the country and how it might affect the way U.S. businesses handle privacy concerns going forward. 

Vendor Webcast

Many ways to defeat multi-factor authentication and how to stop the bad guys

This webcast includes a (pre-filmed) hacking demo by KnowBe4’s Chief Hacking Officer Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security. 

Register for Many ways to defeat multi-factor authentication and how to stop the bad guys

Sponsored by: KnowBe4

Many ways to defeat multi-factor authentication and how to stop the bad guys

Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn’t! 

Join Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist, and security expert with over 30-years experience, for this webcast where he will explore 12 ways hackers can and do get around your favorite MFA solution. 

 This webcast includes a (pre-filmed) hacking demo by KnowBe4’s Chief Hacking Officer Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your MFA solution so that you get maximum benefit and security. 

You’ll learn about the good and bad of MFA, and become a better computer security defender in the process, including:

  • 12 ways hackers get around multi-factor authentication
  • How to defend your multi-factor authentication solution
  • The role humans play in a blended-defense strategy

20/20 webcast

Rating Zero Trust’s Trustworthiness

This 20/20 webcast will address at some of the drivers of the zero trust model, how they impact the data and cybersecurity environments, and ultimately what it means to the companies and their own business models and corporate cultures.

Register for Rating Zero Trust’s Trustworthiness

Sponsored by: Sophos

Rating Zero Trust’s Trustworthiness

As an industry information security is slowly moving from an assumed trust model with the right credentials — login name and password — to a zero trust model where each user, device and application needs to be authenticated continually.

A big part of this transition is ensuring that the authentication is indeed authentic, both for the IT and OT environments.

This 20/20 webcast will address at some of the drivers of the zero trust model, how they impact the data and cybersecurity environments, and ultimately what it means to the companies and their own business models and corporate cultures.

20/20 webcast

The data and application security parfait

This 20/20 webcast will look at various defenses companies can employ, including enhanced identity and access management that ensures the person or device requesting data is indeed verified at multiple levels, along with layered cloud security, to protect data wherever it might reside.

Register for The data and application security parfait

Sponsored by: Micro Focus

The data and application security parfait

Experts tell us that web applications are the number one target of attacks by hackers trying to breach the corporate and cloud network. The more consumer-facing applications a company has, the greater the risk.

But it’s not just consumer apps — cloud-based business apps and data stores are at risk as well. That said, companies continue to migrate not only apps, but also their mission-critical data, to the cloud.

This 20/20 webcast will look at various defenses companies can employ, including enhanced identity and access management that ensures the person or device requesting data is indeed verified at multiple levels, along with layered cloud security, to protect data wherever it might reside.

 

DemoCast webcast

How to reduce risk and prevent account takeover

How can a user-centric approach help you prevent security incidents like Account Takeover yet keep user friction to a minimum so that it doesn’t impact conversions?  

Register for How to reduce risk and prevent account takeover

Sponsored by: Castle

How to reduce risk and prevent account takeover

Attackers continually develop more sophisticated techniques for taking over online user accounts. For security teams, there is a constant challenge. In order to build and maintain customer loyalty, providing the best user experience is a high priority. But the best user experience can leave an organization at risk.

Persistent technology gaps have made the case for a new approach. How can a user-centric approach help you prevent security incidents like Account Takeover yet keep user friction to a minimum so that it doesn’t impact conversions?  

This webcast will discuss and demonstrate:

  • ATO technology gaps with WAFs, Fraud Detection, and Adaptive Auth
  • Understanding identity, behavior and risk of users
  • Using a risk engine for measuring and responding to user risk both pre and post login
  • How to custom-design segmented user journeys based on risk tolerance

Vendor Webcast

Why ransomware remains resilient – and what to do about it!

Join us to see why ransomware still remains an unfortunate reality for organizations of all sizes, and all industries.

Register for Why ransomware remains resilient – and what to do about it!

Sponsored by: Cisco

Why ransomware remains resilient – and what to do about it!

The rise of ransomware continues with attacks doubling in 2019. Sure, cryptomining and Emotet took a lot of the spotlight in 2018 – but ransomware remains a resilient, lucrative form of attack that races to the top of attack vectors for 2019.  And it shows no signs of slowing as security professionals get their budgets ready for 2020.

Ransomware continues to evolve at an alarming rate with more sophisticated variants and hackers modifying attack methods for more even bigger payouts.  Are you at risk?

Join us to see why ransomware still remains an unfortunate reality for organizations of all sizes, and all industries.

Vendor Webcast

A cloud carol: Visiting the ghosts of cloud security, past, present, and futur

In this webcast, industry analyst Paula Musich from EMA and Ryan Davis from ExtraHop will take a Dickensian journey through cloud security past, present, and future, and offer strategies for how security teams change the future state from one of cloud stall to one of cloud as a strategic security driver.

Register for A cloud carol: Visiting the ghosts of cloud security, past, present, and futur

Sponsored by: Extrahop

A cloud carol: Visiting the ghosts of cloud security, past, present, and futur

Cloud has now been around for nearly two decades, and in that time it has altered the past, present and future and sent enterprises down a new path for how IT services are delivered and how businesses view IT resources.
 

While cloud is widely accepted as a business accelerator, it continues to haunt security teams who have gotten a “scrooge” reputation when it comes to cloud migration and adoption. 
 

In this webcast, industry analyst Paula Musich from EMA and Ryan Davis from ExtraHop will take a Dickensian journey through cloud security past, present, and future, and offer strategies for how security teams change the future state from one of cloud stall to one of cloud as a strategic security driver.

20/20 webcast

Ransomware 2020

This 20/20 webcast looks at the current state or ransomware and other email-borne attacks and provides some insights on what you can and should be doing – and perhaps not doing – to prevent attacks.

Register for Ransomware 2020

Sponsored by: KnowBe4

Ransomware 2020

As we approach a new decade on the calendar, we also are approaching new techniques and technologies being used by attackers and defenders alike.

Understanding what’s possible by the attackers helps companies build better defenses, but is it possible to guess what approach will be used next?

This 20/20 webcast looks at the current state or ransomware and other email-borne attacks and provides some insights on what you can and should be doing – and perhaps not doing – to prevent attacks.

 

MarketFocus webcast

Hype or hope: How CISOs can get more from their vendors

Join us as we share advice from some top CISOs and CIOs on how to get the results you expect and deserve from your cybersecurity vendors and products.

Register for Hype or hope: How CISOs can get more from their vendors

Sponsored by: ValiMail

Hype or hope: How CISOs can get more from their vendors

How do you feel about the performance of your cybersecurity vendors? If you’re like most security professionals, “frustrated” probably springs to mind. A recent survey of IT security professionals conducted by SC Media and research firm C.A. Walker found that dissatisfaction runs deep among cybersecurity technology buyers. Some of the common problems: Vague, unverifiable stats, over-promising but under-delivering results, a lack of data showing whether the products are actually working, and no contractual performance guarantees. 

During this webcast, we’ll reveal what many of your colleagues’ pet peeves are — and share advice from some top CISOs and CIOs on how to get the results you expect and deserve from your cybersecurity vendors and products.
You’ll learn:

  • How CISOs hold vendors accountable
  • The secret to effectively narrowing the focus of a vendor conversation
  • Tools for making smart buying decisions
  • Setting a cadence for meetings with your vendors
  • The key to getting vendors to “play nice” with each other

 

DemoCast webcast

Threat hunting in Splunk with Zeek (aka Bro)

Join us to learn how you can use Zeek logs in Splunk to answer critical questions and expand threat hunting capabilities.

Register for Threat hunting in Splunk with Zeek (aka Bro)

Sponsored by: Corelight

Threat hunting in Splunk with Zeek (aka Bro)

To conduct hunting operations, threat hunters need to make quick sense of their environment. Since nearly all attacks must cross the network, it’s an essential source of truth—yet common sources of network data such as Netflow records and DNS server logs provide minimal details and are difficult to correlate.

A better source of network data exists, however, in one of the industry’s best-kept secrets: the open-source Zeek network security monitor. Zeek (formerly known as Bro) transforms raw network traffic into high-fidelity logs that comprehensively summarize network activity across more than 35 protocols at less than 1% the size of full traffic capture–perfect for enabling fast and easy search in SIEM solutions like Splunk.

Register for this webcast to hear from Roger Cheeks, Solution Engineer at Corelight, to learn how you can use Zeek logs in Splunk to answer critical questions and expand threat hunting capabilities.

 

Vendor Webcast

Inside a docker cryptojacking exploit

Uncover recently observed Docker exploit attempts from the field, where attackers were looking for web applications vulnerable to command injection.

Register for Inside a docker cryptojacking exploit

Sponsored by: Threat Stack

Inside a docker cryptojacking exploit

Docker containers are often used to create developer sandbox environments. Because Docker containers can be lightweight, ephemeral infrastructure, they’re a natural fit for building sandboxes.

While Docker is great at managing the lifecycle of these workloads, it’s not a security tool.

In this webcast, we will discuss recently observed Docker exploit attempts from the field, where attackers were looking for web applications vulnerable to command injection. We’ll also provide examples of what to watch for in your logs, cryptojacking and container breakout attempts among them.

Vendor Webcast

Security fundamentals: Vulnerability management 101

We’ve gathered a panel of experts to share their knowledge and experiences with vulnerability management and lessons learned.

Register for Security fundamentals: Vulnerability management 101

Sponsored by: Rapid7

Security fundamentals: Vulnerability management 101

As modern environments evolve, your risk exposure changes by the minute. Each year, you see the amount of data grow exponentially and the threat of attacks become more sophisticated. Minimizing risk and optimizing operations are becoming more challenging. It sometimes feels like a never-ending battle, but reducing risk is possible.

For our upcoming webcast, we’ve gathered a panel of experts to share their knowledge and experiences with vulnerability management and lessons learned. In this interactive webcast, our experts will cover a variety of topics, including:

  • The basics of vulnerability management in the modern environment
  • The importance of a vulnerability management program
  • Best practices for improving your VM program
  • Tips for how your organization can securely move to the cloud

 

 

Vendor Webcast

Fundamentals of delivering secure mobile apps at scale

With digital transformation in full swing, mobile app traffic is outpacing web app traffic for most organizations. Whether businesses build mobile apps to engage with customers, streamline operations, or grow revenue, mobile app security teams are driven by the mandate to move faster to keep pace with mobile app development.

Register for Fundamentals of delivering secure mobile apps at scale

Sponsored by: Now Secure

Fundamentals of delivering secure mobile apps at scale

With digital transformation in full swing, mobile app traffic is outpacing web app traffic for most organizations. Whether businesses build mobile apps to engage with customers, streamline operations, or grow revenue, mobile app security teams are driven by the mandate to move faster to keep pace with mobile app development.  

Join this webcast to learn how the mobile app security fundamentally differs from web app security and how organizations can efficiently scale their mobile appsec programs to meet business demand. 
 
In this webcast, NowSecure Chief Mobility Officer Brian Reed will discuss: 

  • How mobile-first industry innovators are using mobile apps to drive digital transformation, forcing mobile appsec to be built in, not bolted on 
  • How mobile app security is fundamentally different from web app security, and how to successfully navigate those differences 
  • How to prioritize, standardize & scale mobile app security testing using industry best practices and standards like OWASP, CVSS, NIST, GDPR and more. 

Vendor Webcast

Minimize SOC alert fatigue and accelerate triage with insights into destructive objects

This webcast will examine what it means to inject smarter intelligence, remove the noise, and bring greater confidence into the SOC, thereby reducing dwell times and minimizing exposure to breaches and data loss. 

Register for Minimize SOC alert fatigue and accelerate triage with insights into destructive objects

Sponsored by: ReversingLabs

Minimize SOC alert fatigue and accelerate triage with insights into destructive objects

With renewed adoption of Security Operations Centers (SOCs) in response to the evolving and rapidly changing threat landscape and escalating volume of alerts, it’s becoming increasingly important to leverage threat intelligence and security analytics to accelerate SIEM triage and automate incident response.   

This webcast will examine what it means to inject smarter intelligence, remove the noise, and bring greater confidence into the SOC, thereby reducing dwell times and minimizing exposure to breaches and data loss. 

We’ll discuss how to: 

  • Apply rich contextual data to automate triage, clear queues of false positives, and rapidly convict and escalate true alerts
  • Leverage high throughput static analysis to enrich data and classify threats in support of faster prioritization, better decisions and speedier incident response
  • Augment existing Email, AV, EDR, and Sandbox security investments to close gaps, and ensure response playbooks execute properly.

 

 

Vendor Webcast

Zero Trust secure access checklist

How and where can organizations effectuate a Zero Trust security posture in order to mitigate access visibility gaps and control risks while enabling needed accessibility

Register for Zero Trust secure access checklist

Sponsored by: Pulse Secure

Zero Trust secure access checklist

No organization is immune from data breaches and exposures are on the rise. At the same time, enforcing access compliance has never been more challenging due to user, multi-cloud and IoT dynamics. 

How and where can organizations effectuate a Zero Trust security posture in order to mitigate access visibility gaps and control risks while enabling needed accessibility

Join this expert, practitioner webcast to examine: 

  • Critical elements of Zero Trust Network Access Real world process
  • Deployment and interoperability considerations
  • A pragmatic checklist for ensuring the right tools and practice
  • How to avoid user experiencemanagement overhead, and rip & replace investment issue. 

Vendor Webcast

Gearing up for 2020: Best practices to secure your remote workers

 Join us for this webcast to learn how you can improve security, simplify your security environment, and reduce the number of security tools to reduce strain on your limited resources. 

Register for Gearing up for 2020: Best practices to secure your remote workers

Sponsored by: Cisco

Gearing up for 2020: Best practices to secure your remote workers

Today’s workplaces are changing. More organizations are switching to direct internet access (DIA) at satellite offices. Users are embracing cloud apps, skipping the VPN, and enjoying the freedom to work from anywhere. But the draw of DIA creates even more gaps in security for IT.  

Security needs to evolve to secure DIA and mobile users, remote workers, and SaaS apps. With 2020 on the horizon, organizations need a better way to see and control all internet traffic. 

Join us for this webcast to learn how you can improve security, simplify your security environment, and reduce the number of security tools to reduce strain on your limited resources. 

DemoCast webcast

How to operationalize your vendor risk management program

In this webcast, we’ll help you understand the best practices to create efficiencies and mature your Vendor Risk Management processes by identifying pain points and solutions through automation, and roping in the key stakeholders that are needed to provide support when maturing your VRM program.

Register for How to operationalize your vendor risk management program

Sponsored by: SecurityScorecard

How to operationalize your vendor risk management program

In this digital age, organizations are increasingly outsourcing critical business processes to third parties. While this increases operational efficiencies, organizations might be putting their critical data at risk, further confirming the need to adopt a Vendor Risk Management program.  

 

As VRM processes are evolving at a rapid pace, the need to balance efficiency, compliance, and risk is challenging teams now more than ever. Whether an organization has a vendor or third party risk management (TPRM) program that is heavily manual with Excel, SharePoint, Email, etc., a semi-automated workflow or a fully-integrated TPRM program – there are paths to optimizing TPRM programs. 

 Join us for this webcast to: 

-Understand the best practices to create efficiencies and mature your processes. 
Identify the pain points and solutions through automation from basic to advanced. 
-Rope in the needed stakeholders to provide the support needed to mature the program. 

Vendor Webcast

Building an effective security awareness program

Join our webcast as we examine what it means to have and how to build an effective security awareness program. In this session, we’ll discuss:

Register for Building an effective security awareness program

Sponsored by: Proofpoint

Building an effective security awareness program

Implementing and sustaining a successful security awareness program can be a daunting task. Without formal policies and frameworks, many organizations are shooting in the dark when it comes to determining how often to phish and train while managing stakeholder expectations. So what can you do to help your end users better protect themselves?

 

Join our webcast as we examine what it means to have and how to build an effective security awareness program. In this session, we’ll discuss:

 

– Proven best practices for increasing the effectiveness of cybersecurity education

– How to build a culture of security within your organization

– Actionable guidance on executing security awareness & training initiatives that deliver measurable results

Vendor Webcast

Scary Vulnerabilities and Spooky Stats: The State of Software Security (SOSS) Volume 10

To commemorate the chilling 10th volume of Veracode’s flagship report, the State of Software Security (SOSS), we invite you to join this upcoming webinar featuring Chris Wysopal, CTO and co-founder of Veracode.

Register for Scary Vulnerabilities and Spooky Stats: The State of Software Security (SOSS) Volume 10

Sponsored by: Veracode

Scary Vulnerabilities and Spooky Stats: The State of Software Security (SOSS) Volume 10

To commemorate the chilling 10th volume of Veracode’s flagship report, the State of Software Security (SOSS), we invite you to join this upcoming webinar featuring Chris Wysopal, CTO and co-founder of Veracode.

Chris will share how the evolution of this report over the past 10 years demonstrates the frighteningly rapid change and growth in the application security industry, and also what has remained horrifyingly the same. In addition, he’ll take a less-scary look at the AppSec landscape and examine the best practices that are leading to some stellar fix rates. 

During this webinar, Chris will share insights into this year’s key findings including:

  • The prevalence of security debt as a result of not addressing and fixing older findings from scans
  • The impact of scan frequency and cadence on time to remediation, fix rates, and level of security debt
  • The importance of prioritizing vulnerabilities based on risk severity rather than on time of discovery

Vendor Webcast

Are you a target? New research on threats

Which threats are trending in 2019? Join us for this webcast to find out. Plus, you’ll also learn how to leverage threat intelligence to answer these pressing questions:

Register for Are you a target? New research on threats

Sponsored by: Cisco

Are you a target? New research on threats

What separates attack targets from attack victims? The answer is simple: proactive threat intelligence.
 
With emerging threats like Emotet, pervasive phishing, and relentless ransomware attacks on rise, responding to attacks when they happen is not enough. Security teams need to be able to proactively uncover and identify threats before they happen.
 
Which threats are trending in 2019? Join us for this webcast to find out. Plus, you’ll also learn how to leverage threat intelligence to answer these pressing questions:

  • Where do we focus our attention to improve detection and response times?
  • Which threats favor which industries?
  • Which tactics can identify emergent threats more quickly? 


You can take simple steps to improve threat detection and prevent your organization from becoming the next cyber security victim

Vendor Webcast

Security Fundamentals: Threat Detection & Response 101

In this webcast, the Rapid7 team will discuss key considerations for threat detection and response in modern environments that span on-premise and cloud infrastructures.

Register for Security Fundamentals: Threat Detection & Response 101

Sponsored by: Rapid7

Security Fundamentals: Threat Detection & Response 101

As more organizations start migrating to the cloud, security teams are discovering that while security best practices remain the same, cloud environments present some unique challenges that demand new approaches. To successfully manage risk in cloud environments, today’s security teams need to be able to quickly detect and remediate threats. If your organization is already fully utilizing the cloud, or just beginning the migration, this webcast will help to make sure you’re set up for success. 

In this webcast, the Rapid7 team will discuss key considerations for threat detection and response in modern environments that span on-premise and cloud infrastructures.

Discussion topics will include:

  • What’s the same—and what’s different—about on-premises and cloud threat detection?
  • How can frameworks, like MITRE ATT&CK, help teams decide where to start?
  • Where do traditional threat detection and response programs fail in the cloud?

Vendor Webcast

Fire your firewall for better segmentation

Join us and Illumio’s Dan Gould to learn about segmentation innovation that’s faster, simpler, more reliable – and cloud and DevOps-friendly. All without re-architecting the network or slowing it down with firewalls

Register for Fire your firewall for better segmentation

Sponsored by: Illumio

Fire your firewall for better segmentation

Join us and Illumio’s Dan Gould to learn about segmentation innovation that’s faster, simpler, more reliable – and cloud and DevOps-friendly. All without re-architecting the network or slowing it down with firewalls

Vendor Webcast

Network traffic analysis: Why you need it and 6 capabilities you can’t live with

Join us to hear from Jon Oltsik, Principal Analyst at Enterprise Strategy Group (ESG) about why NTA should be a core component of your security strategy, and what capabilities to look for. He’ll be joined by Bryan Doerr, Product Manager, Cisco Stealthwatch who will describe how to gain network-wide visibility, from on-premises to the cloud.

Register for Network traffic analysis: Why you need it and 6 capabilities you can’t live with

Sponsored by: Cisco

Network traffic analysis: Why you need it and 6 capabilities you can’t live with

Your network is becoming increasingly complex, with different types of devices, users and applications connecting from various locations. Attackers are exploiting this complexity to compromise your organization without you even knowing it! So how can you detect such threats?

Because every threat touches the network, Network Traffic Analysis (NTA) solutions that provide visibility into the behavior of every user and device on your network are becoming more popular. The best NTA solutions use advanced analytics to detect anomalies and correlate them to malicious events, so you can prevent security incidents from turning into a major breach.

Join us to hear from Jon Oltsik, Principal Analyst at Enterprise Strategy Group (ESG) about why NTA should be a core component of your security strategy, and what capabilities to look for. He’ll be joined by Bryan Doerr, Product Manager, Cisco Stealthwatch who will describe how to gain network-wide visibility, from on-premises to the cloud.

Vendor Webcast

Redefining privileged access management for agile cloud environments

In this webcast we’ll talk about moving from heavy-handed access control to lightweight, agile access guardrails that are built specifically for DevOps.

Register for Redefining privileged access management for agile cloud environments

Sponsored by: CMD

Redefining privileged access management for agile cloud environments

Managing privileged access inside cloud environments is completely different from the corporate environment. We love Linux because it’s so fast to build and deploy web apps, but the minute you want to put any kind of centralized security or control over that environment, you risk running DevOps into the ground.

The fact is, DevOps needs elevated access like root and sudo to deploy code and fix issues as quickly as possible. However, we also need a centralized way to manage that access so security policies are enforced on sprawling cloud hosts/containers.

In this webcast we’ll talk about moving from heavy-handed access control to lightweight, agile access guardrails that are built specifically for DevOps.

Learn how to implement:

  • Real-time user session monitoring for visibility and audit/compliance

  • Just-in-time access approvals and pre-execution blocks using 2FA or Slack/Teams

  • Threat detection and alerting for Linux based attack vectors

  • Identity-based policy for shared accounts and root-access users

Vendor Webcast

2019 Phishing by industry benchmarking

In this webcast, research from KnowBe4 highlights employee Phish-prone™ percentages by industry, revealing at-risk users that are susceptible to phishing or social engineering attacks. Taking it a step further, the research also reveals radical drops in careless clicking after 90 days and 12 months of new-school security awareness training.

Register for 2019 Phishing by industry benchmarking

Sponsored by: KnowBe4

2019 Phishing by industry benchmarking

As a security leader, you’re faced with a tough choice. Even as you increase your budget for sophisticated security software, your exposure to cybercrime keeps going up!
IT security seems to be a race between effective technology and clever attack methods. However, there’s an often overlooked security layer that can significantly reduce your organization’s attack surface: New-school security awareness training.

Join Joanna Huisman, KnowBe4’s Senior Vice President of Strategic Insights and Research, for a review of the 2019 Phishing Industry Benchmarking Study, a data set of nearly nine million users across 18,000 organizations with over 20 million simulated phishing security tests.

In this webcast, research from KnowBe4 highlights employee Phish-prone™ percentages by industry, revealing at-risk users that are susceptible to phishing or social engineering attacks.  Taking it a step further, the research also reveals radical drops in careless clicking after 90 days and 12 months of new-school security awareness training.

Do you know how your organization compares to your peers of similar size? Attend this webcast to find out!

You will learn more about:

  • New phishing benchmark data for 19 industries
  • Understanding who’s at risk and what you can do about it
  • Actionable tips to create your “human firewall”
  • The value of new-school security awareness training
Vendor Webcast

5 Tips for a Smooth SD-WAN Rollout that Includes Cloud Security to Reduce Costs and Increase Speeds

This webcast will focus on how to successfully pair cloud security with SD-WAN to create direct Internet breakouts from branch offices for lower costs and faster Internet speeds. The tips will show you how to reduce the load on SD-WAN private links so that the overall costs for a SD-WAN rollout are reduced by lowering the burden on SD-WAN equipment and firewalls.

Register for 5 Tips for a Smooth SD-WAN Rollout that Includes Cloud Security to Reduce Costs and Increase Speeds

Sponsored by: iboss

5 Tips for a Smooth SD-WAN Rollout that Includes Cloud Security to Reduce Costs and Increase Speeds

SD-WAN provides a great strategy for connecting offices over commodity Internet connections.  This reduces MPLS costs and provides a software-defined capability to intelligently route traffic between branch office locations. This is critical as bandwidth is increasing exponentially by the day.
 
However, most of the increased traffic is for cloud applications, not for servers sitting at offices.

 This webcast will focus on how to successfully pair cloud security with SD-WAN to create direct Internet breakouts from branch offices for lower costs and faster Internet speeds. The tips will show you how to reduce the load on SD-WAN private links so that the overall costs for a SD-WAN rollout are reduced by lowering the burden on SD-WAN equipment and firewalls.

 
The webcast will also show how to configure an SD-WAN direct Internet breakout from a branch office using tunnels to a cloud security provider.

20/20 webcast

Automating the cloud

In this 20/20 webcast we look at orchestration and automation — how today’s CISO can prevent attacks to cloud-based data by automating individual tasks, but also automating multiple tasks at once.

Register for Automating the cloud

Sponsored by: Rapid7

Automating the cloud

Security in the cloud isn’t quite the same as security on-prem. Cloud-based security requires greater automation than does on-prem because the infosec team doesn’t have hands-on access to the boxes themselves.

But it’s more than that — our growing dependence on the cloud is making processes more complex and challenging. Automation is more than simply finding newer and better ways to keep your data from being infected by malware — it also includes everything from incident response to risk management to threat intelligence.

 In this 20/20 webcast we look at orchestration and automation — how today’s CISO can prevent attacks to cloud-based data by automating individual tasks, but also automating multiple tasks at once.

DemoCast webcast

Shifting security right: Know what you own

There are a number of reasons unknown or unlogged web applications continue to live in portfolios- including M&A activity resulting in acquired web assets, and the proliferation of the digital landscape with marketing promotional sites. Ultimately, the very thing meant to draw attention to your brand and boost your bottom line is the same target attackers go after to infiltrate your organization.

Register for Shifting security right: Know what you own

Sponsored by: Veracode

Shifting security right: Know what you own

It is more common than you would imagine that organizations and brands have more web applications than they realize – as many as 30 percent more than previously known in some cases.

Hear from Bipin Mistry, Director of Product Management at Veracode who will provide examples of how his team has worked with customers to uncover these hidden applications. For example, during one project for a high street bank in the UK, the team discovered 1,800 websites that had yet to be logged!

There are a number of reasons unknown or unlogged web applications continue to live in portfolios- including M&A activity resulting in acquired web assets, and the proliferation of the digital landscape with marketing promotional sites. Ultimately, the very thing meant to draw attention to your brand and boost your bottom line is the same target attackers go after to infiltrate your organization.

Join this session to learn how to uncover unknown web applications in your portfolio to ensure their security from cyber attackers.

Vendor Webcast

Transforming your security operation center into a modernized cyber battle station

The Security Operation Center or SOC has historically played the important role as the ‘command and control’ hub for an organization’s cyber security efforts. However, the reactive SOC of yester-year cannot keep up with today’s advanced adversaries and is failing to keep organizations safe from unknown cyber threats. This must change.

Register for Transforming your security operation center into a modernized cyber battle station

Sponsored by: SecureWorks

Transforming your security operation center into a modernized cyber battle station

The Security Operation Center or SOC has historically played the important role as the ‘command and control’ hub for an organization’s cyber security efforts. However, the reactive SOC of yester-year cannot keep up with today’s advanced adversaries and is failing to keep organizations safe from unknown cyber threats. This must change.
 
To combat this ever-changing threat, Secureworks is leading a transformative movement to re-imagine a new, proactive SOC where faster, more precise intelligence for proactive threat hunting and automated remediation are realized.
 
Data science applied to vendor-inclusive data, multi-device telemetry, and world-class threat intelligence is the only way to transform security operations to outpace and outmaneuver the adversary and become a modernized cyber battle station for a global force of defenders.

What you will learn:

  • The definition of the SOC of the Future and the requirements available today to build it.
  • How Human-Machine intelligence, Artificial Intelligence and Advance Analytic Software give organizations an enduring advantage over the adversary.
  • Emerging analytics tools, real world use cases and software-driven solutions that are transforming the way security teams detect, investigate, and respond to unknown threats across endpoints, networks, and the cloud.
Vendor Webcast

Next-level SecOps with UEBA and MITRE ATT&CK

In this webinar, special guest Joseph Blankenship of Forrester Research will join Stephan Jou, CTO at Interset, a Micro Focus company, to explore how to use the information in the MITRE ATT&CK database to plan out and create metrics for your SecOps strategy.

Register for Next-level SecOps with UEBA and MITRE ATT&CK

Sponsored by: Interset

Next-level SecOps with UEBA and MITRE ATT&CK
Effective security operations (SecOps) requires staying ahead of quickly and constantly changing threats. MITRE ATT&CK—a living knowledge database of real-world threat tactics and techniques—can give your security team detailed information on data sources, examples, mitigation, and detection that can inform threat detection powered by user and entity behavioral analytics (UEBA). Together, ATT&CK and UEBA can connect the dots between unusual activity inside your enterprise and real, actionable security threats.

In this webinar, special guest Joseph Blankenship of Forrester Research will join Stephan Jou, CTO at Interset, a Micro Focus company, to explore how to use the information in the MITRE ATT&CK database to plan out and create metrics for your SecOps strategy. Attendees will learn:

Attendees will learn:

  • How to use the MITRE ATT&CK matrix to quantify, measure, and plan your SecOps strategy
  • Which attack tactics and techniques real-world organizations face most often
  • How anomaly detection models, combined with correlation capabilities, can be mapped to ATT&CK techniques to protect against real threats and adversaries
  • How UEBA augments existing detection capabilities to minimize the chance of serious damage from an attack

Vendor Webcast

Privileged Access Management as a Service: What’s in it for you?

As a security professional, SECaaS gives you a unique ability to play an instrumental role in driving your organization towards better, more secure and compliant operation by securing your most vulnerable area – privileged users. And doing so quickly, efficiently, and inexpensively, without the need to develop in-house expertise in privileged access management. After all, privileged access is the gateway to an organization’s most valuable assets and is at the core of nearly every major security breach.

Register for Privileged Access Management as a Service: What’s in it for you?

Sponsored by: CyberArk

Privileged Access Management as a Service: What’s in it for you?

Operating in a digital economy drives many organizations to take advantage of a SaaS consumption model when it comes to IT products. Security products are no exception, fueling a multibillion-dollar, ever-growing Security as a Service (SECaaS) market.

As a security professional, SECaaS gives you a unique ability to play an instrumental role in driving your organization towards better, more secure and compliant operation by securing your most vulnerable area – privileged users. And doing so quickly, efficiently, and inexpensively, without the need to develop in-house expertise in privileged access management. After all, privileged access is the gateway to an organization’s most valuable assets and is at the core of nearly every major security breach.

While Privileged Access Management (PAM) as a Service is not a brand-new concept, it could be critical for those organizations that simply don’t have the resources to deploy and maintain an on-prem PAM solution. PAM as a Service is a way to outsource complex security solutions needs to experts in the field while allowing internal IT and security teams to focus on core business competencies.

Join this webcast to understand what PAM as a Service can do for you. 

You will learn:

  • Security as a Service recent trends
  • Direct business-centric benefits from moving to a SECaaS approach
  • Main attack scenarios targeting privileged access
  • Privileged Access Management basics in the digital economy
  • “Privilege as a Service” concept and benefits
  • 5 key things to look for when evaluating Privileged Access Security as a Service
  • How to build a foundation for your Privilege Access Security program using PAM as a Service

Our presenters will discuss how consuming privileged access security through SaaS can help your organization save time and resources while implementing essential security controls, all without the need to manage additional infrastructure. Join us for a webcast and we will help you start this conversation with your management today.

Vendor Webcast

5 Must know tips for migrating to office 365 and cloud security while avoiding network outages and brown outs

This webcast focuses on providing key network and cloud security tips for ensuring a successful Office 365 migration while avoiding unnecessary connectivity interruptions. Areas covered include synchronizing with Office 365 signatures, ensuring cloud security doesn’t interfere with Office 365 connections and planning for fast Office 365 connections by leveraging modern cloud security platforms.

Register for 5 Must know tips for migrating to office 365 and cloud security while avoiding network outages and brown outs

Sponsored by: iboss

5 Must know tips for migrating to office 365 and cloud security while avoiding network outages and brown outs

Migrating to Office 365 is part of a big step in cloud application migration. Microsoft Office 365 enables productivity and allows access to business-critical applications from anywhere. The network requirements for Office 365 are much different from those in an on-prem world.

This webcast focuses on providing key network and cloud security tips for ensuring a successful Office 365 migration while avoiding unnecessary connectivity interruptions. Areas covered include synchronizing with Office 365 signatures, ensuring cloud security doesn’t interfere with Office 365 connections and planning for fast Office 365 connections by leveraging modern cloud security platforms.

Vendor Webcast

Achieve better, faster results by augmenting your sandbox with automated static analysis

As malware becomes increasingly sophisticated, evasive, and complex, the task of detecting and analyzing suspicious files becomes a growing challenge. We’ll demonstrate how the seamless integration across these enterprise security solutions brings greater insights into an organization’s files through the combination of static analysis and dynamic analysis from various leading sandbox solutions.

Register for Achieve better, faster results by augmenting your sandbox with automated static analysis

Sponsored by: Reversing Labs

Achieve better, faster results by augmenting your sandbox with automated static analysis

As malware becomes increasingly sophisticated, evasive, and complex, the task of detecting and analyzing suspicious files becomes a growing challenge. Recent research suggests 70% of malware goes undetected.
Good news – now organizations have a means to detect and identify malware through the combination of static and dynamic analysis.

Attend this webcast to hear how automated, high-speed static analysis can optimize your sandbox deployments by addressing the following scenarios:

  • Not all files can or will execute in the Sandbox. Static analysis decomposes numerous formats to expose each of the elements for analysis, including executables.
  • Not all files can be unpacked. Static analysis unpacks complex files to expose executables for processing.
  • The volume of suspect files can overwhelm Sandbox processing. Static analysis expeditiously processes all files and forwards only those targeted for additional analysis to the Sandbox.

We’ll demonstrate how the seamless integration across these enterprise security solutions brings greater insights into an organization’s files through the combination of static analysis and dynamic analysis from various leading sandbox solutions.

Vendor Webcast

Detecting common threats in the cloud

To successfully manage risk in cloud environments, today’s security teams need to be able to quickly detect and remediate threats. If your organization is already fully utilizing the cloud, or just beginning the migration, this webcast will help to make sure you’re set up for success.

Register for Detecting common threats in the cloud

Sponsored by: Rapid7

Detecting common threats in the cloud

To successfully manage risk in cloud environments, today’s security teams need to be able to quickly detect and remediate threats. If your organization is already fully utilizing the cloud, or just beginning the migration, this webcast will help to make sure you’re set up for success.

Join Rapid7 expert, Alan Foster, Senior Security Solutions Engineer, as he walks you through:
 

  • The role that AWS solutions like GuardDuty and CloudTrail play in detecting threats
  • The importance of centralizing all logs and how you can do so easily
  • How to detect suspicious activity in your AWS environment
Vendor Webcast

How to prevent 81% of phishing attacks from sailing right into your inbox with DMARC

In this webcast, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will teach you how to enable DMARC, SPF, DKIM the right way! Then, learn the six reasons why phishing still might get through to your inbox and what you can do to maximize your defenses.

Register for How to prevent 81% of phishing attacks from sailing right into your inbox with DMARC

Sponsored by: KnowBe4

How to prevent 81% of phishing attacks from sailing right into your inbox with DMARC

Only ~20% of companiesuse DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which couldsignificantly cut down on phishing attacks. But even when they are enabled andyour domain is more secure, 81% of phishing attacks still continue to sailright through to the end-user.

In this webcast, RogerGrimes, KnowBe4’s Data-Driven Defense Evangelist, will teach you how to enableDMARC, SPF, DKIM the right way! Then, learn the six reasons why phishing stillmight get through to your inbox and what you can do to maximize your defenses.

What you’ll learn:

  • How to enable DMARC, SPF, and DKIM
  • Common configuration mistakes
  • How to best configure DMARC and other defenses to fight phishing
  • Techniques to empower your users to identify and avoid phishingattempts that make it through your surface-level defense

20/20 webcast

The DevSecOps express

The Dept. of Homeland Security says 90 percent of vulnerabilities come from problems with software. Even a modest improvement in application security could result in a significant reduction in the threat to corporate networks. But some experts believe that DevOps alone is insufficient. This 20/20 webcast looks at how DevSecOps impacts the software development life cycle and what CISOs need to know about how to implement it.

Register for The DevSecOps express

Sponsored by: Veracode

The DevSecOps express

Application security is taking center stage these days as CISOs and CIOs try to determine how best to limit network vulnerabilities.

The Dept. of Homeland Security says 90 percent of vulnerabilities come from problems with software. Even a modest improvement in application security could result in a significant reduction in the threat to corporate networks. But some experts believe that DevOps alone is insufficient.

This 20/20 webcast looks at how DevSecOps impacts the software development life cycle and what CISOs need to know about how to implement it.

Vendor Webcast

Why It’s Time to Kill Your VPN

Technology created in 1996 is antiquated and needs to be replaced. VPNs are dangerous and never intended to secure today’s hybrid, mobile and on-demand IT. Join this webcast to hear why you might want to replace their VPN with SDP and the immediate benefits you’ll realize for doing so. We will also share a real world example of the benefits of replacing VPN.

Register for Why It’s Time to Kill Your VPN

Sponsored by: Cyxtera

Why It’s Time to Kill Your VPN

Technology created in 1996 is antiquated and needs to bereplaced. VPNs are dangerous and never intended to secure today’s hybrid,mobile and on-demand IT.

Furthermore, they create complexity, distracting high-skillsecurity and network professionals with mundane, unnecessary tasks. It’s timeto kill your VPN and replace it with a better approach to secure access, theSoftware Defined Perimeter (SDP).

Join this webcast to hear why you might want to replacetheir VPN with SDP and the immediate benefits you’ll realize for doing so. Wewill also share a real world example of the benefits of replacing VPN.

Vendor Webcast

Lessons from the field: How are skilled testers infiltrating?

In this webcast you will hear from some of Secureworks’ most skilled testers, Nate Drier and Jared McLaren, as they talk about lessons learned from some of their most challenging engagements and the trends they are seeing with clients and their defense practices.

Register for Lessons from the field: How are skilled testers infiltrating?

Sponsored by: SecureWorks

Lessons from the field: How are skilled testers infiltrating?
Many organizations perform regular annual or bi-annual testing to identify network vulnerabilities, gaps in their controls and satisfy industry compliance requirements. Examining results and lessons learned can be limited.

However, wouldn’t it be nice to see what tactics and techniques some of the most skilled testers out there are utilizing across all industries, all levels of maturity and to serve a variety of different objectives?  Join this webcast for an opportunity to see how good guys simulate the bad guys and gain valuable insights.

In this webcast you will hear from some of Secureworks’ most skilled testers, Nate Drier and Jared McLaren, as they talk about lessons learned from some of their most challenging engagements and the trends they are seeing with clients and their defense practices.

Key topics covered include:
  • Examples of real-world engagements
  • Tactics and techniques commonly used to achieve their objectives
  • Trends and weaknesses seen in defenses 
  • Insights and lessons learned 

20/20 webcast

Open source threat intelligence comes of age

This 20/20 will look at trends in open source threat intelligence and how we can take advantage of these advancements. It is not that threat intelligence is new that makes a difference today; it is that it is becoming the norm rather than the exception. Not only that, threat intelligence also is becoming more diverse and distinctive.

Register for Open source threat intelligence comes of age

Sponsored by: Netscout

Open source threat intelligence comes of age

It is not that threat intelligence is new that makes a difference today; it is that it is becoming the norm rather than the exception. Not only that, threat intelligence also is becoming more diverse and distinctive. Gone are the days when companies relied strictly on data feeds of threats that were known. Today we are seeing an expansion of threat intel that pulls together customized threats for specific industries, open source threat intel, and a vast array of data about emerging threats. This 20/20 will look at trends in open source threat intelligence and how we can take advantage of these advancements.

Vendor Webcast

Is the cloud transforming security?

hear from security experts as they share insights on why every business should focus on transforming their security to support any cloud transformation journey. Explore how remote browser isolation is helping customers transform security while simultaneously helping to enable cloud transformation.

Register for Is the cloud transforming security?

Sponsored by: Menlo Security

Is the cloud transforming security?

Everyone is moving to the cloud. It’s faster, scalable, seamless/agile, and less costly. Securing your infrastructure in the cloud, however, doesn’t cut down on time spent protecting applications, workloads, and data. You still need people to process alerts and manage a security solution.

Given this paradigm, hear from security experts as they share insights on why every business should focus on transforming their security to support any cloud transformation journey. Explore how remote browser isolation is helping customers transform security while simultaneously helping to enable cloud transformation.

We will share:

  • How IT teams are adopting a ‘Cloud First’ attitude and how security should be part of this movement
  • Why Isolation is a fundamentally different approach that is transforming enterprise security architecture
  • Core differences that enable us to deliver Isolation from the cloud?

Vendor Webcast

Hacking your organization: 7 steps bad guys use to take total control of your network

The scary fact is that human error is a contributing factor in more than 90% of breaches. With so many technical controls in place hackers are still getting through to your end users, making them your last line of defense. How are they so easily manipulated into giving the bad guys what they want? Well, hackers are crafty. And the best way to beat them is to understand the way they work.

Register for Hacking your organization: 7 steps bad guys use to take total control of your network

Sponsored by: KnowBe4

Hacking your organization: 7 steps bad guys use to take total control of your network

The scary fact is that human error is a contributing factor in more than 90% of breaches. With so many technical controls in place hackers are still getting through to your end users, making them your last line of defense. How are they so easily manipulated into giving the bad guys what they want? Well, hackers are crafty. And the best way to beat them is to understand the way they work.

In this webinar Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will take you through the “Cyber Kill Chain” in detail to show you how a single email slip up can lead to the total takeover of your network.

Roger will show you:

  • How detailed data is harvested using public databases and surprising techniques
  • Tricks used to craft a compelling social engineering attack that your users WILL click
  • Cunning ways hackers deliver malicious code to take control of an endpoint
  • Taking over your domain controller and subsequently your entire network

But not all hope is lost. Roger will also share actionable strategies you can put in place now to greatly reduce your risk. Find out how to protect your organization before it’s too late.

Vendor Webcast

Beyond the phish: A snapshot of end-user behavior

During this webcast, we will share results from the Proofpoint’s Beyond the Phish® Report, which examines end-user understanding of a broad range of cybersecurity topics and best practices. The report features analysis of data related to nearly 130 million cybersecurity questions and offers insights into employee knowledge levels across 14 categories, 16 industries, and more than 20 commonly used department classifications. 

Register for Beyond the phish: A snapshot of end-user behavior

Sponsored by: Proofpoint

Beyond the phish: A snapshot of end-user behavior

Phishing is one of InfoSec’s longstanding threats. But for cybercriminals, email is just one entry point of many. How can you better prepare you and other end users in your organization for cybersecurity threats beyond email-based social engineering? 

During this webcast, we will share results from the Proofpoint’s Beyond the Phish® Report, which examines end-user understanding of a broad range of cybersecurity topics and best practices. The report features analysis of data related to nearly 130 million cybersecurity questions and offers insights into employee knowledge levels across 14 categories, 16 industries, and more than 20 commonly used department classifications. 

We’ll share: 

  • The importance of assessing and training end users about cybersecurity threats beyond email-based social engineering 
  • The strengths and weaknesses among end users across 14 cybersecurity topics, highlighting how end-user knowledge levels vary across industries 
  • A more holistic view of susceptibility by looking beyond knowledge assessments and training activities 
  • How you can use this information to reduce the risk of successful cyberattacks within your organization 

20/20 webcast

Digital transformation as risk management

Marketers call it “digital transformation.” Really it is just another component of risk management, but this time it focuses on such technologies as AI, cloud and fog computing, mobile devices, and the internet of things.

Register for Digital transformation as risk management

Sponsored by: ServiceNow

Digital transformation as risk management

Marketers call it “digital transformation.” Really it is just another component of risk management, but this time it focuses on such technologies as AI, cloud and fog computing, mobile devices, and the internet of things.

While buzzwords might sell products, the CISO and their respective security teams are less interested in shiny new things as they are taking care of the business of protecting data, intellectual property, and keeping bad actors from violating the sanctity of the corporate network — be it on prem or off.

Vendor Webcast

Your ultimate guide to phishing mitigation

This webcast, hosted by Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will cover a number of techniques you can implement now to minimize cybersecurity risk due to phishing and social engineering attacks. We won’t just cover one angle. We’ll come at it from all angles!

Register for Your ultimate guide to phishing mitigation

Sponsored by: KnowBe4

Your ultimate guide to phishing mitigation

 
Spear phishing emails remain the most popular attack avenue for the bad guys, yet most companies still don’t have an effective strategy to stop them. This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Don’t get caught in a phishing net! Learn how to avoid having your end users take the bait.

This webcast, hosted by Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will cover a number of techniques you can implement now to minimize cybersecurity risk due to phishing and social engineering attacks. We won’t just cover one angle. We’ll come at it from all angles!

Strategies include:
– Developing a comprehensive, defense-in-depth plan
– Technical controls all organizations should consider
– Gotchas to watch out for with cybersecurity insurance
– Benefits of implementing new-school security awareness training
– Best practices for creating and implementing security policies







Vendor Webcast

Neutralize phishing attacks with actionable insights

Attend this webinar to hear how investigation and analysis tools can help SOC analysts to triage email-based alerts faster and more accurately. We’ll show examples of manual investigation and automated email classification, and also introduce the benefits of destructive object visibility in high-volume email analysis use cases.

Register for Neutralize phishing attacks with actionable insights

Sponsored by: Reversing Labs

Neutralize phishing attacks with actionable insights

Reports cite that 92% of malware comes through email, and it is the largest source of organizational data loss, so it’s easy to understand that 32% of breaches involved phishing. There are a number of reasons why this is happening: detection rates are too low (from email gateways, abuse boxes and EDR), detailed info is lacking to quickly triage attacks, the SOC is usually overloaded with Alerts, and there is a substantial skills gap.
 
Attend this webinar to hear how investigation and analysis tools can help SOC analysts to triage email-based alerts faster and more accurately.  We’ll show examples of manual investigation and automated email classification, and also introduce the benefits of destructive object visibility in high-volume email analysis use cases.





DemoCast webcast

Removing the “NO!” from innovation

When you talk about security automation, it means different things to different people. Does this mean that organizations should automate everything immediately? And, even if they want to: could they? 

Register for Removing the “NO!” from innovation

Sponsored by: FireMon

Removing the “NO!” from innovation
In the digital age, many see the risk of not getting new application services or changes to market fast enough equal to or greater than the risk of a costly breach.  While most security teams don’t want to put the ‘no’ in innovation, they are challenged to keep up with a significant increase in change requests, number of devices to manage and the stress of improving SLAs allowing modern app developers the ability to release new services in a timely fashion.  
 
To get ahead, enterprises must orchestrate security processes and automate mundane security tasks. When you talk about security automation, it means different things to different people. Does this mean that organizations should automate everything immediately? And, even if they want to: could they? 
 
Automation of global security policy management gives security teams parity with the speed of business innovation. In this webcast we will cover:   
  • Triggers of automation (response to: 1) a new app or service, 3) routine changes in an app or a service, 3) a new security threat)
  • Use cases for automation in policy management (e.g., automating gold standard best practices or global overarching rules, and rapid approval processes to ensure speed of deployment)
  • How an automated global security policy management framework can help organizations leverage innovation without introducing security and compliance risk

20/20 webcast

Are you and your cloud provider ready for today’s threats – or tomorrow’s?

This 20/20 webcast looks at how threat management is changing and why the security model that worked great just a few years ago might well be insufficient to meet today’s threat landscape.

Register for Are you and your cloud provider ready for today’s threats – or tomorrow’s?

Sponsored by: Rapid7

Are you and your cloud provider ready for today’s threats – or tomorrow’s?

We live in a world where clouds are getting bigger, data is moving faster, and threats now attack your cloud provider at the speed of light. 

Unfortunately, many cloud providers still defend against these massive, new threats as though it were 2014. The landscape of data threats is changing; is your company prepared? 

This 20/20 webcast looks at how threat management is changing and why the security model that worked great just a few years ago might well be insufficient to meet today’s threat landscape.



Vendor Webcast

Asset management: The Toyota Camry of cyber security

Join us and Axonius to talk about one of the biggest problems organizations face today.

Register for Asset management: The Toyota Camry of cyber security

Sponsored by: Axonius

Asset management: The Toyota Camry of cyber security

Asset Management – it’s not the most exciting thing in the world. In an industry with technologies like automation, machine learning, and AI, asset management doesn’t get a whole lot of attention, but it’s foundational and one of the biggest problems organizations face today.

Security teams’ jobs continue to get exceedingly difficult, but they’re still spending time trying to figure out where things are and what they are. You’ll see how companies are able to automate asset management to:
-Get a credible, comprehensive asset inventory
-Uncover security solution coverage gaps
-Automatically validate and enforce security policies
-Join this free webinar on Friday, June 28th at 2:00 PM ET with SC Magazine’s 2019 Rookie Security Company of the Year, Axonius.



DemoCast webcast

Advance your threat hunting and incident response

Join us and Carbon Black for a live demo to discover what happened at every stage of an attack with intuitive attack chain visualizations, uncover advanced threats, minimize attacker dwell time, prevent lateral movement and much more.

Register for Advance your threat hunting and incident response

Sponsored by: Carbon Black

Advance your threat hunting and incident response


Today, attackers can compromise your environment in an hour or less however, you have the power to respond and remediate in real time, stopping active attacks and repairing damage quickly. Investigations that typically took days or weeks can be completed in just minutes. CB ThreatHunter correlates and visualizes comprehensive information about endpoint events, giving you greater visibility into your environments.

Join us for a live demo to:

  • Discover what happened at every stage of an attack with intuitive attack chain visualizations
  • Uncover advanced threats, minimize attacker dwell time, and prevent lateral movement
  • Automatically collect and store detailed forensic data for post-incident investigation
  • Use the platform’s open APIs and out-of-the-box integrations to correlate data across your security stack

Vendor Webcast

The AppSec kill-chain evolved – TTPs for modern defenses

In this webcast, we will take a lifecycle approach to understanding web app attacks, share examples of the tools and techniques used in each phase, and the defenses security teams can employ to protect their applications.

Register for The AppSec kill-chain evolved – TTPs for modern defenses

Sponsored by: Threat X

The AppSec kill-chain evolved – TTPs for modern defenses

New and popular frameworks such as MITRE ATT&CK have aided organizations in extending their previous kill-chain models to be more focused on the actual tactics, techniques, and procedures (TTPs) that attackers are using in the real world. And while MITRE ATT&CK was originally designed for Windows-based enterprise networks, the same concepts can apply to application security.

In order to properly defend against adversaries, an organization must be aware of the specific TTPs used at each phase of an attack.

In this webcast, we will take a lifecycle approach to understanding web app attacks, share examples of the tools and techniques used in each phase, and the defenses security teams can employ to protect their applications.

This will include an analysis of:

  • Attacker preparations and anonymity
  • Enumeration and Scanning
  • Gaining credentialed access to applications and accounts
  • Exploitation and detection evasion
  • Abuse of APIs
  • Pivoting to do damage after an exploit

Vendor Webcast

DDI data – a critical enabler of SOAR

Join us to learn more about one of the key sources of contextual network and threat intel data comes from infrastructure that organizations already rely on for connectivity – DNS, DHCP and IPAM. This data along with timely, reliable and accurate threat intel can be used to improve scoring and investigation, assist in prioritizing incoming incidents, and can be relied upon to build automation.

Register for DDI data – a critical enabler of SOAR

Sponsored by: Infoblox

DDI data – a critical enabler of SOAR

Constantly evolving threats and shortage of qualified cybersecurity professionals have led security teams to move to security workflow automation to meet the demands.  It’s not enough to have a great tool nowadays. These tools have to work better together to meet today’s security challenges. Security orchestration, automation and response (SOAR) tools improve efficiency and efficacy of security operations by automating threat intel management, event monitoring and incident response processes.  

One of the key sources of contextual network and threat intel data comes from infrastructure that organizations already rely on for connectivity – DNS, DHCP and IPAM. This data along with timely, reliable and accurate threat intel can be used to improve scoring and investigation, assist in prioritizing incoming incidents, and can be relied upon to build automation

Join this webcast to learn how a well architected DNS, DHCP and IPAM can power SOAR platforms to

  • Block/unblock domains using context
  • Enrich other security tools with valuable IPAM data
  • Enhance and improve incident response with better threat intelligence

Vendor Webcast

GDPR to California Privacy – Managing cloud vendor risk

In this webcast, you’ll learn how to implement successful vendor risk processes, expedite vendor onboarding, and hear practical advice to automate vendor risk management within a software technology platform.

Register for GDPR to California Privacy – Managing cloud vendor risk

Sponsored by: OneTrust

GDPR to California Privacy – Managing cloud vendor risk

Managing vendor risk is a continuous effort under GDPR, California CCPA and other global regulations.

As organizations continue to improve their privacy and security programs, streamlining 3rd and 4th party vendor risk has become a priority.

In this webcast, you’ll learn how to implement successful vendor risk processes, expedite vendor onboarding, and hear practical advice to automate vendor risk management within a software technology platform.

DemoCast webcast

Gaining complete visibility of your environment with attack surface monitoring

Join Rapid7 and SC Media for an in-depth look into Attack Surface Monitoring with Rapid7’s Project Sonar research and industry reports. Learn how data from these sources can be leveraged in Rapid7’s industry-leading vulnerability management solution, InsightVM, to provide complete visibility into your environment.

Register for Gaining complete visibility of your environment with attack surface monitoring

Sponsored by: Rapid7

Gaining complete visibility of your environment with attack surface monitoring

Join Rapid7 and SC Media for an in-depth look into Attack Surface Monitoring with Rapid7’s Project Sonar research and industry reports. Learn how data from these sources can be leveraged in Rapid7’s industry-leading vulnerability management solution, InsightVM, to provide complete visibility into your environment.

During this webinar, you’ll learn about:
-The importance of having complete visibility of both your organization’s known and unknown assets
-Rapid7’s unique research project, Project Sonar, that regularly catalogs the public internet
-Industry reports released by Rapid7 based on data from Project Sonar, among other sources
-How data from Project Sonar can be leveraged within Rapid7’s industry-leading vulnerability management tool, InsightVM

Vendor Webcast

Risk-based adaptive DevSecOps

Join us and Synopsys to learn how the adaptive pipeline can help you rank risks, identify changes, and improve responsiveness, how to accelerate deployment to production without compromising security and four models you can implement to help align your people, process, and technology.

Register for Risk-based adaptive DevSecOps

Sponsored by: Synopsys

Risk-based adaptive DevSecOps

Building security automation into the DevOps pipeline is a key pain point for many organizations. Some firms deploy to production as frequently as every five minutes—a velocity that security struggles to match.

Implementing intelligence within the DevOps pipeline supports security activities by matching the team’s velocity, providing intelligent feedback, and supporting organizations as they scale their security testing activities.

A risk-based adaptive pipeline can close the gap between DevOps and security teams, helping DevOps teams accelerate deployment to production without compromising security.

In this webcast, you’ll learn:
– How the adaptive pipeline can help you rank risks, identify changes, and improve responsiveness
– How to accelerate deployment to production without compromising security
– Four models you can implement to help align your people, process, and technology



20/20 webcast

Is your cloud security up to snuff?

This 20/20 webcast looks at how you can ensure that your cloud storage security meets or exceeds any regulatory and corporate governance requirements. Remember: Your data is your responsibility.

Register for Is your cloud security up to snuff?

Sponsored by: Rapid7

Is your cloud security up to snuff?

As corporations move their applications, data storage and operations to the cloud, the first question the CISO should ask is: Is our cloud as secure as we can make it?

Depending on the cloud provider’s basic services is not enough; the data is yours and it’s your job to make sure you have all the components in place that you could have on your on-prem data center.

This 20/20 webcast looks at how you can ensure that your cloud storage security meets or exceeds any regulatory and corporate governance requirements. Remember: Your data is your responsibility.

Vendor Webcast

Aligning security with the flow and storage of information

Join us and OpenText™ Senior Director of Product Marketing, Hope Swancy-Haslam, as she interviews experts Anthony Di Bello, OpenText vice-president of strategy, and Judy Branham, Aon Cyber managing director on Aligning Security with the Flow and Storage of Information.

Register for Aligning security with the flow and storage of information

Sponsored by: OpenText

Aligning security with the flow and storage of information


Today’s cyber-attackers, armed with better tools and techniques at their disposal, are more effective than ever at compromising endpoints and finding their way into business IT systems.

Research shows only 53 percent of incident response teams are “mature” in their ability to effectively respond when an event occurs.  It is imperative for security teams to stay current on the latest methodologies and approaches for endpoint detection and response.

Learn how to manage vulnerability issues and apply forensic-grade security best practices. Join OpenText™ Senior Director of Product Marketing, Hope Swancy-Haslam, as she interviews experts Anthony Di Bello, OpenText vice-president of strategy, and Judy Branham, Aon Cyber managing director on Aligning Security with the Flow and Storage of Information.

Discussion will include:

  • The convergence of risk, security, and legal teams around security issues
  • The application and value of a “zero trust” approach in endpoint security
  • The importance of aligning security to the flow and storage of information
  • How teams can be more effective by understanding sensitive data and its location
  • What it means and why it makes sense to bring security closer to protected information 
  • Forensic security methodologies to apply in every environment

Vendor Webcast

Rethink infrastructure access: Traditional methods aren’t cutting it

Join us to learn how to effectively secure server access by applying the core principles of Zero Trust and enforce strict just-in-time, least privilege access in a manner that doesn’t get in the way of productivity.

Register for Rethink infrastructure access: Traditional methods aren’t cutting it

Sponsored by: Okta

Rethink infrastructure access: Traditional methods aren’t cutting it

As you adopt cloud IaaS to meet business goals, effective security controls can’t be an afterthought. This elastic infrastructure environment requires smart access controls; but how do you adhere to your security policies without limiting automation?

Join us to learn how to effectively secure server access by applying the core principles of Zero Trust and enforce strict just-in-time, least privilege access in a manner that doesn’t get in the way of productivity.

Featured guest Dr. Chase Cunningham, principal analyst for Forrester Research, and Ivan Dwyer from Okta will discuss:
 -Why you need to re-think your infrastructure access approach
 -Why identity is the cornerstone of securing server access
 -How to put Zero Trust in practice across the infrastructure layer
 -Why secure server access is a strong “tip of the spear” use case for larger Zero Trust initiatives

DemoCast webcast

How to scale your dynamic analysis program

Join us for this democast to learn how to implement a dynamic analysis program that meets these four key criteria: Scalability, discovery, speed and automation & integration

Register for How to scale your dynamic analysis program

Sponsored by: Veracode

How to scale your dynamic analysis program

Web applications continue to be the primary attack vector for hackers looking to breach organizations, and applying dynamic application security testing (DAST) gives you security assurance for how your application will perform in the real world. The key is applying it to your organization’s entire application portfolio without slowing down delivery.

What will you learn?

Dynamic analysis is an important solution in a mature application security program because this form of testing more easily unearths different kinds of vulnerabilities, including information leakage, cryptographic issues, and cross-site scripting. You know that it is important to secure all of your organization’s web applications – including the ones you did not know you owned – while ensuring speed to market to meet customer demands and expectations.

Scalability: The ability to scan multiple applications at once – whether they are authenticated or unauthenticated – to keep security from being a bottleneck.Discovery: Uncover every web application associated with your organization, even if you did not create it in-house, to create an exhaustive inventory.Speed: Deliver high-quality results quickly, and in a smart way that saves time. Automation & Integration: Scans that run automatically and integrate with existing processes and tools keep your security and development teams moving quickly

Join us for this democast to learn how to implement a dynamic analysis program that meets these four key criteria:

-Scalability: The ability to scan multiple applications at once – whether they are authenticated or unauthenticated – to keep security from being a bottleneck.
-Discovery: Uncover every web application associated with your organization, even if you did not create it in-house, to create an exhaustive inventory.
-Speed: Deliver high-quality results quickly, and in a smart way that saves time.
-Automation & Integration: Scans that run automatically and integrate with existing processes and tools keep your security and development teams moving quickly.




Vendor Webcast

Uncovering advanced persistent threats

Join us for a step-by-step walk through of how the Operation Cloud Hopper attack unfolded and how security professionals can implement automated defenses to detect malicious behavior like APT10’s attack before the breach occurs.

Register for Uncovering advanced persistent threats

Sponsored by: Carbon Black

Uncovering advanced persistent threats

In one of the largest ever sustained global cyber espionage campaigns known as Operation Cloud Hopper, a Chinese threat actor group dubbed APT10 was able to infiltrate managed IT service providers to gain unprecedented access to their clients’ intellectual property and sensitive data. Leveraging “Red Leaves” malware, attackers were able to breach and freely move about laterally in their unsuspecting victims’ environments.

Join us and Tristan Morris, cybersecurity strategist at Carbon Black, as he walks us step-by-step through how the attack unfolded and how security professionals can implement automated defenses to detect malicious behavior like APT10’s attack before the breach occurs.

We will cover:

  • Why threat hunting is so critical today
  • How new intel can kick off a threat hunt
  • How to quickly hunt across your enterprise
  • How to scale your future threat hunts leveraging automation

Vendor Webcast

What keeps IT pros like you up at night

With so many possible issues for you to address, what do other IT pros like you really have a handle on and what’s keeping them lying awake at night?

Register for What keeps IT pros like you up at night

Sponsored by: KnowBe4

What keeps IT pros like you up at night

As corporations move their applications, data storage and operations to the cloud, the first question the CISO should ask is: Is our cloud as secure as we can make it?

Depending on the cloud provider’s basic services is not enough; the data is yours and it’s your job to make sure you have all the components in place that you could have on your on-prem data center.

This 20/20 webcast looks at how you can ensure that your cloud storage security meets or exceeds any regulatory and corporate governance requirements. Remember: Your data is your responsibility.

Vendor Webcast

Turn your phishing links into read only

Join us to see how Isolation can help you eliminate malware and improve productivity of your employees.

Register for Turn your phishing links into read only

Sponsored by: Menlo Security

Turn your phishing links into read only

99% of security breaches are initiated through email and webmail attacks. Thus, proving prevention obviously fails, and detection and response are far from guaranteed. So why try the same old failed security approaches?

It’s time to try something that’s transforming email security—isolation. Isolation doesn’t block threats—it eliminates.

In this webcast, attendees will learn:
-How to combat users who are re-offenders when it comes to clicking unsafe email links and attachments
-Need an additional layer other than a sandbox waiting for patient zero
-The ease of deploying isolation without interfering with user experience in 10 minutes

Save your seat to see how Isolation can help you eliminate malware and improve productivity of your employees.

DemoCast webcast

How to speed incident response with network data

Join us as we step through a rapid, end-to-end investigation and response process, from early breach detection to forensic analysis in just minutes, relying on Network Traffic Analysis for authoritative and detailed data.

Register for How to speed incident response with network data

Sponsored by: Extrahop

How to speed incident response with network data

Investigating and responding to security incidents can take hours or days if analysts are forced to manually correlate data and contact other teams to access secondary system logs or even packet captures they need to be confident about what actually happened.

Join us as we step through a rapid, end-to-end investigation and response process, from early breach detection to forensic analysis in just minutes, relying on Network Traffic Analysis for authoritative and detailed data.


-Identify which devices and users were involved in an incident
-Dig into transaction records and layer 7 payloads to see exactly what users and resources were involved
-Access packets and decryption keys for incontrovertible proof and root cause analysis

Vendor Webcast

Keeping pace with the continuous reinvention of endpoint protection

Join us and Ian McShane of Endgame for a discussion on modern approaches to endpoint protection.

Register for Keeping pace with the continuous reinvention of endpoint protection

Sponsored by: Endgame

Keeping pace with the continuous reinvention of endpoint protection

Join us and Ian McShane of Endgame for a discussion on modern approaches to endpoint protection. Learn what antivirus functions you can replace, eliminate, or improve with an effective endpoint protection platform. We’ll cover how to evaluate if it’s time for your organization to replace legacy AV with modern tools to prevent targeted attacks, and how you can implement endpoint protection technology to increase your organization’s security efficacy and the productivity of existing security staff.

Vendor Webcast

Incident Response in a world full of threats: Are you prepared?

Join us, NTT Security, and Carbon Black experts to see how organizations can better predict, prevent, and respond to today’s advanced persistent threats. We’ll walk through real world examples and implications for your business or public sector entity.

Register for Incident Response in a world full of threats: Are you prepared?

Sponsored by: Carbon Black, NTT Security

Incident Response in a world full of threats: Are you prepared?

The threat landscape is more fluid than ever and knowing how to efficiently respond to an incident is critical to the sanctity of your data and bottom line.

NTT Security and Carbon Black experts team up to show how organizations can better predict, prevent, and respond to today’s advanced persistent threats. We’ll walk through real world examples and implications for your business or public sector entity.

Vendor Webcast

Inside your weakest link: How persistent attackers view your endpoint strategy

In this webcast, we will discuss today’s most common endpoint security strategies and technologies including Windows 10, Virtual Desktop Infrastructure, EPP, EDR, etc. In evaluating these approaches, we will look at each from the user’s perspective, the admin’s perspective, and most importantly: through the attacker’s perspective.

Register for Inside your weakest link: How persistent attackers view your endpoint strategy

Sponsored by: Hysolate

Inside your weakest link: How persistent attackers view your endpoint strategy

Our endpoints are a mess: users are frustrated, admins are unhappy and most breaches still start on an endpoint.

In this webcast, we will discuss today’s most common endpoint security strategies and technologies including Windows 10, Virtual Desktop Infrastructure, EPP, EDR, etc. In evaluating these approaches, we will look at each from the user’s perspective, the admin’s perspective, and most importantly: through the attacker’s perspective.

Let’s cut through the marketing fluff and discuss the benefits and drawbacks of various approaches so that you can better understand your weakest link.



Vendor Webcast

Attackers Who Live off the Land – How to Stop Them by Starving Them

Examine ways to deprive attackers of what they need to move laterally in your network

Register for Attackers Who Live off the Land – How to Stop Them by Starving Them

Sponsored by: Illusive

Attackers Who Live off the Land – How to Stop Them by Starving Them
Cyberattackers and insider threats increasingly rely on a living-off-the-land techniques to evade detection as they move toward critical systems. Every day, users and processes in your network leave goodies for attackers—credentials and connections that enable lateral movement and network persistence. 
 
In this upcoming webcast, we’ll examine ways to deprive attackers of what they need to move laterally in your network.
 
Join us to discuss:
  • How normal business activity creates dangerous opportunities for malicious lateral movement
  • The cyber hygiene functions needed to harden the network against LotL-style attacks
  • How continuous visibility into your attack surface can augment other core security functions, such as privileged access management (PAM) and vulnerability management.

Vendor Webcast

Deploying and servicing Windows 10 in the dawn of modern management

Explore what is possible today with pure modern management, how including Configuration Manager to deliver a co-managed environment changes the picture and how Windows Servicing Suite provides comprehensive, self-service automation that gives users a consistent experience whether in the office or remote.

Register for Deploying and servicing Windows 10 in the dawn of modern management

Sponsored by: 1E

Deploying and servicing Windows 10 in the dawn of modern management

With Windows 7 extended support ending in less than 10 months, time is running out for organizations that still have not completed their migration to Windows 10, who are now looking for the quickest and safest route to complete their migration in time. Those organizations that have already completed their migration are faced with the challenge of updating them with the semi-annual Feature Updates. With an increasingly remote workforce, a desire to reduce infrastructure and improve user experience, IT teams are looking to Microsoft Modern Management – a collection of cloud-based management technologies including Azure AD, InTune, AutoPilot, Windows Store for Business and Windows Update for Business – to address these challenges.

Whether migrating existing devices to Windows 10, provisioning new computers, replacing devices through normal hardware lifecycle or rebuilding devices to resolve issues (break-fix), the most important thing for the user is that they are able to get up and running with their data and applications with minimal disruption to their working day. Once the user has their new Windows 10 device, they don’t want to be inconvenienced with forced Feature Updates that render their device unusable just when they needed to do something important.

In this webcast, we explore what is possible today with pure modern management, how including Configuration Manager to deliver a co-managed environment changes the picture and how the 1E Windows Servicing Suite provides comprehensive, self-service automation that gives users a consistent experience whether in the office or remote.

20/20 webcast

Tomorrow’s attacks today

This webcast looks at the current threat prevention landscape, as well as looking ahead to what we might see in the months or years to come. Will your network be ready for every attack in the next generation breach? Probably not – but you could be better prepared.

Register for Tomorrow’s attacks today

Sponsored by: Juniper

Tomorrow’s attacks today

It’s 2 a.m. Do you know where that threat to your network is coming from? If not, perhaps you need to beef up your threat identification and prevention software. Today not only are threats constant, they are often masked as either valid data transmissions or as nothing more than simply communications via email or a messaging app. It also might be fileless in the form of a query that asks the user to take an action that will generate the breach, so there might be nothing for your defensive measures to find in the incoming transmission at all. This webcast looks at the current threat prevention landscape, as well as looking ahead to what we might see in the months or years to come. Will your network be ready for every attack in the next generation breach? Probably not – but you could be better prepared.

20/20 webcast

Schrödinger’s Network

Join us for this 20/20 webcast that looks at network visibility – what it is, why it’s essential and what happens when you don’t have it.

Register for Schrödinger’s Network

Sponsored by: FireMon

Schrödinger’s Network

One would think that network security is just an extension of the Schrödinger’s cat thought experiment.

One need not actually see the data files to know what you have and both how and where it’s moving through your networks, but if you want to be compliant with the multitude of laws worldwide concerning privacy, personal information, and especially personal health information, you had better know what you have, where it is and its status.

Today’s 20/20 webcast looks at network visibility – what it is, why it’s essential and what happens when you don’t have it.

DemoCast webcast

Cloud app security without gaps for any device, anywhere: iboss and Microsoft CAS partnership

Join us, Paul Martini, CEO/CTO at iboss Cloud Security and Anisha Gupta, Program Manager at Microsoft as we discuss the challenges and best practices in securing safe, controlled access to cloud apps.

Register for Cloud app security without gaps for any device, anywhere: iboss and Microsoft CAS partnership

Sponsored by: iboss

Cloud app security without gaps for any device, anywhere: iboss and Microsoft CAS partnership

As the network perimeter continues to erode and more of your corporate data is living across multiple clouds, ensuring your employees have safe and monitored access to approved cloud apps is essential.

Just as important is the ability to detect those leveraging unauthorized cloud apps which can violate corporate and regulatory policy as well as expose the organization to data loss.

Join us, Paul Martini, CEO/CTO at iboss Cloud Security and Anisha Gupta, Program Manager at Microsoft as we discuss the challenges and best practices in securing safe, controlled access to cloud apps.

Vendor Webcast

Remove the bias from your vulnerability management program

Uncover the limitations of vulnerability management tools and the risks associated with unknown assets.

Register for Remove the bias from your vulnerability management program

Sponsored by: Expanse

Remove the bias from your vulnerability management program

Vulnerability scanners are indispensable in an IT team’s toolkit. Unfortunately, they have one big flaw: they can only scan what you tell them to scan. But what about the assets you don’t know about?

A robust security program is incomplete – and your vulnerability management tools are not being used to their full potential – if you do not address their limitations dealing with unknowns. In this webcast, you’ll learn:

  • The limitations of vulnerability management tools
  • The risks associated with unknown assets
  • Methods you can use to find those unknown assets

Vendor Webcast

2019 Phishing threat landscape: Real phish remain the real problem

Examine all of the obvious changes in the phishing threat landscape, plus look ahead at trends shaping 2019.

Register for 2019 Phishing threat landscape: Real phish remain the real problem

Sponsored by: Cofense

2019 Phishing threat landscape: Real phish remain the real problem

Despite investment in next-gen technologies and employee awareness training phishing threats continue to become more sophisticated and more effective. It’s time for organizations to accept that REAL phish are the REAL problem. Join the Cofense Phishing Threat Landscape review to discover the trends defining phishing in 2019 and priorities for defending your organization going forward.

Attend this webinar to learn how attackers are:

  • Using major malware types and their innovative tactics, techniques, and procedures
  • Intensifying credential theft as organizations move infrastructure and applications to the cloud
  • Evolving Emotet and the threat actors behind the botnet
  • Increasing proliferation of sextortion phishing emails

We’ll examine all of the obvious changes in the phishing threat landscape, plus look ahead at trends shaping 2019.

Vendor Webcast

Gray Day: How I caught the most damaging spy in American history

Imagine if the FBI locked you in a room for eight hours a day with the most ruthless and damaging spy in United States history.

Register for Gray Day: How I caught the most damaging spy in American history

Sponsored by: Carbon Black

Gray Day: How I caught the most damaging spy in American history

Imagine if the FBIlocked you in a room for eight hours a day with the most ruthless and damagingspy in United States history. Imagine feeling unqualified and outgunned,knowing the country depends on you to succeed despite the fact no one hasprovided the means to do so. Robert Hanssen was a notorious cyber spy chargedwith selling American secrets to Russia for more than US$1.4 million in cashand diamonds.

His ability toexploit computer systems allowed him to protect his identity during a 22-yearspy career. In this edge-of-the-seat spy thriller talk, Eric O’Neill sharesintricate details of the investigation and shows how you can find successinside yourself by setting small goals that lead to big accomplishments untilfinally, through courage, confidence, and determination, victory is achieved.

Join us for a webcast highlighting Eric’s story and more.

Vendor Webcast

Dissecting Shlayer Malware via MITRE ATT&CK

Join us for “Dissecting Shlayer Malware via MITRE ATT&CK” to learn an introduction to Shayler, the method this malware uses to subvert built-in macOS security mitigations, and how the techniques used by this malware map to the MITRE ATT&CK framework, visualizing this using a real-world sample.

Register for Dissecting Shlayer Malware via MITRE ATT&CK

Sponsored by: Carbon Black

Dissecting Shlayer Malware via MITRE ATT&CK

Over the past year, a family of macOS malware named Shlayer has been successful at infecting countless numbers of systems across the world.

Join us for “Dissecting Shlayer Malware via MITRE ATT&CK” to learn:
· An introduction to Shayler
· The method this malware uses to subvert built-in macOS security mitigations
· How the techniques used by this malware map to the MITRE ATT&CK framework, visualizing this using a real-world sample.

Vendor Webcast

The ransomware hostage rescue guide

Join us and Erich Kron CISSP, Security Awareness Advocate at KnowBe4 we look at scary features of new ransomware strains, give actionable info that you need to prevent infections, and provide tips on what to do when you are hit with ransomware. 

Register for The ransomware hostage rescue guide

Sponsored by: KnowBe4

The ransomware hostage rescue guide

It is estimated that a business falls victim to a ransomware attack every 40 seconds, adding up to a projected $11.5 billion in damages for this year.

As ransomware attacks become more targeted and damaging, your organization faces increased risk that can have your networks down for days or even weeks. So, how can your organization avoid getting held hostage?

Join us and Erich Kron CISSP, Security Awareness Advocate at KnowBe4 we look at scary features of new ransomware strains, give actionable info that you need to prevent infections, and provide tips on what to do when you are hit with ransomware. 

In this webcast we will cover:

What new scary ransomware strains are in the wild

  • Am I infected?
  • I’m infected, now what?
  • Proven methods of protecting your organization
  • How to create a “human firewall”

Don’t get held hostage and become a statistic! Join us to learn how to avoid these scary attacks.

20/20 webcast

Identifying tomorrow’s threat intelligence profile

This 20/20 looks at how threat intelligence used for proactive and reactive applications, combined with a variety of analytics applications, can help you identify future as well as existing threats. 

Register for Identifying tomorrow’s threat intelligence profile

Sponsored by: Rapid7

Identifying tomorrow’s threat intelligence profile
You’ve spent a lot of time, money and effort to build out a mature network- and data-security team. You’ve gone through the growing pains to identify the mistakes that lead to fraud and data breaches because the staff didn’t know what to look for, and the blood, sweat and tears of building an experienced team with appropriate tools for the day.

Now what? Everything you’ve done in the past has prepared you for fighting legacy attacks — the bad guys (and gals) are morphing their precision attacks on a daily basis, so the question becomes: What have you done to fight tomorrow’s attacks?

This 20/20 looks at how threat intelligence used for proactive and reactive applications, combined with a variety of analytics applications, can help you identify future as well as existing threats.    

DemoCast webcast

Mastering prevention: See more attacks, stop more attacks

Uncover how you can use behavioral analytics to prevent both known and unknown threats

Register for Mastering prevention: See more attacks, stop more attacks

Sponsored by: Carbon Black

Mastering prevention: See more attacks, stop more attacks

Today’s attackers are constantly evolving and adapting to bypass traditional endpoint security, making it difficult for many organizations to keep their systems safe. 

Simply relying on signatures — which are easily changeable — is no longer an effective way of protecting your systems. In order to future-proof yourself from emerging threats, you need to take an approach that looks at behaviors and attack patterns. 
Join us as we discuss:
  • How you can use behavioral analytics to prevent both known and unknown threats
  • How to ask questions of all endpoints and take action to remediate in real time
  • How you can gain better visibility into your enterprise with Next-Gen AV and Live Query capabilities, provided on a single console with a single agent

20/20 webcast

Reactive Intelligence

This 20/20 webcast looks at what we can do today to better prepare for the attacks of tomorrow by understanding the threat intelligence ecosystem and improving how CISOs can identify attackers already within the network more quickly.

Register for Reactive Intelligence

Sponsored by: Anomali

Reactive Intelligence

It seems that every time we see advancements in threat intelligence and analytics, the bad guys are already a step ahead of us.

No matter how much money we throw at new technology, new data feeds and new training, attackers are still making their way into our networks, stealing our data, and making the data security teams and the C-suite look like the junior varsity team playing against the pros. Often security pros talk about threat intel as a tool for proactive attack deterrence and interception, but the technology is equally useful, if not more useful, in reactive identification of successful intrusions.

This 20/20 webcast looks at what we can do today to better prepare for the attacks of tomorrow by understanding the threat intelligence ecosystem and improving how CISOs can identify attackers already within the network more quickly. Understanding what makes a threat intelligence ecosystem will help CISOs understand what might be missing in theirs and serve as the necessary gap analysis to ensure your threat intel is working up to its peak performance.

Vendor Webcast

2019 State of the Phish

Explore findings from the 2019 State of the Phish Report. and uncover data-driven intelligence you and your team need to manage end-user risk more effectively within your organization.

Register for 2019 State of the Phish

Sponsored by: Proofpoint

2019 State of the Phish

Phishing continues to be the number one attack vector. Why? Because it works — all too well. Today’s cybercriminals can evade advanced perimeter technology through carefully planned, increasingly sophisticated phishing attacks. Industries of every kind are affected, from financial organizations to government contractors to healthcare firms.

Join Proofpoint Security Awareness Training for a webinar, where we’ll explore findings from the 2019 State of the Phish Report. It provides the data-driven intelligence you and your team need to manage end-user risk more effectively within your organization. In this webinar, we will explore data related to the following:

– Tens of millions of simulated phishing emails: Analysis of tens of millions of simulated phishing emails sent to end users over a 12-month period.

– 16 industries: Comparisons of activities and results from organizations and their employees across 16 industries.

– Nearly 15,000 survey responses from infosec professionals: Responses reveal the challenges they are facing, their views of the threat landscape, and the actions they’re taking to fend off phishing attacks.

– 7,000+ technology user insights: Results from a survey of more than 7,000 working adults in the US, UK, France, Germany, Italy, Australia, and Japan, providing a global perspective on the awareness levels of the average end user.

Vendor Webcast

How to Remove Complexity as a Threat to Security

Uncover how hybrid, mobile, and on-demand IT increase security complexity and how to remove unnecessary complexity.

Register for How to Remove Complexity as a Threat to Security

Sponsored by: Cyxtera

How to Remove Complexity as a Threat to Security

No doubt as a security leader you are constantly making decisions on what tools and solutions are needed to secure your elusive IT landscape. Complexity may be threatening your security posture as you react to secure your hybrid workloads.

 
Join Leo Taddeo, CISO at Cyxtera and former Special Agent in Charge of the Special Operations/Cyber Division of the FBI’s New York Office alongside Jason Garbis and Ian Breeze of Cyxtera, as we address the mounting complexity security professionals face today. You will hear recommendations for removing unnecessary complexity that threatens your cyber resiliency.

Key Topics:

  • How hybrid, mobile, and on-demand IT increase security complexity
  • How the evolving landscape of digital risk adds complexity
  • How to remove unnecessary complexity
  • Where to focus your efforts

Vendor Webcast

From chaos to clarity: New trends on securing roaming users & branch offices

With highly distributed environments becoming the norm, find out how to shift your security, gain control and protect users more effectively.

Register for From chaos to clarity: New trends on securing roaming users & branch offices

Sponsored by: Cisco

From chaos to clarity: New trends on securing roaming users & branch offices

With highly distributed environments becoming the norm, SaaS usage on the rise and roaming users an attractive target for threats, find out how to shift your security, gain control and protect users more effectively.

Enterprise Strategy Group partnered with Cisco to validate trends in the market, customer perceptions and technology consumption patterns. Research reveals a shift in the market leading to a fundamentally new approach to how organizations secure roaming users and branch office (ROBO) locations.

Join ESG Security Analyst, Jon Oltsik, and Cisco Product expert, Negisa Taymourian, for a unique perspective on the state of cybersecurity today.

Vendor Webcast

Comparing SIEMs, MDR, and MSSPs for security monitoring, detection, & response

Compare and contrast SIEM, MDR, and MSSP so you have the right questions in hand when considering your options.
 

Register for Comparing SIEMs, MDR, and MSSPs for security monitoring, detection, & response

Sponsored by: Arctic Wolf

Comparing SIEMs, MDR, and MSSPs for security monitoring, detection, & response

Midmarket enterprises need to monitor their environment to detect and respond to threats that inevitably crop up.  There are three major approaches to solving this security conundrum: deploy a security information and event management system (SIEM), use managed detection and response (MDR), or use a managed security service provider (MSSPs).  This webinar compares and contrasts the three approaches so you have the right questions in hand when considering your options.
 
What you will learn:

  • Why monitoring, detection and response is an essential element of a robust security strategy
  • What elements comprise the SIEM, MDR, and MSSP solution approaches?
  • How do these approaches take advantage of the cloud as well as monitor cloud assets?
  • What is the security “sweet spot” for MDR? 

Vendor Webcast

Implementing behavioral analysis and attacker deception for higher confidence AppSec

Learn how to quickly and successfully implement solutions that leverage behavioral analytics and attacker deception.

Register for Implementing behavioral analysis and attacker deception for higher confidence AppSec

Sponsored by: Threat X

Implementing behavioral analysis and attacker deception for higher confidence AppSec

Modern AppSec is driven by hard metrics and results. Teams need to secure a larger application footprint, address a higher volume of threats, reduce open cases, and virtually eliminate false positives, and they must do it with limited time and inadequate resources.

The expectations and threats against security teams are “next-gen,” but the tools with which they’re asked to respond are not.

In Part I of this series, Strengthen your web app defenses using behavioral analysis and attacker deception, we dove into the various behavioral analysis and attacker deception approaches that make for truly next-gen AppSec, and the benefits of each. In this webcast, we will share how to quickly and successfully implement solutions that leverage behavioral analytics and attacker deception. 

We will also show examples of how each detection strategy can be used in real-world scenarios to drive blocking decisions that are accurate, scalable, and measurable.

Topics will include:

  • Using behavioral analysis to detect threats early in the kill chain
  • The act and benefits of engaging attackers in deception techniques
  • Using decision engines to reduce both false positives and caseloads
  • Implementing these techniques in your AppSec strategy

Vendor Webcast

Getting more from less: 3 ways replacing AV with a security platform can help you

48% of organizations are using more than 25 different discrete or point security tools to manage, investigate, and respond to security threats.

What if it was possible to have a single platform that simplified your security stack and improved your protection?

Register for Getting more from less: 3 ways replacing AV with a security platform can help you

Sponsored by: Carbon Black

Getting more from less: 3 ways replacing AV with a security platform can help you

The threat landscape is growing increasingly sophisticated and is bypassing traditional antivirus. To combat this, IT and security professionals are adding products to their security stack.

In fact, 48% of organizations are using more than 25 different discrete or point security tools to manage, investigate, and respond to security threats. Each has its own endpoint agent, dataset, console, and back end. The result is a lot of complexity and not enough efficacy. It doesn’t have to be this way.

What if it was possible to have a single platform that simplified your security stack and improved your protection?

Join us for this webcast where we will discuss:

  • The current state of security and why adding more point solutions isn’t the answer
  • How replacing traditional antivirus with consolidated endpoint security in the cloud can improve your protection and simplify your operations
  • How predictive security cloud can make it easier for you to prevent, investigate, remediate, and hunt for threats.

Vendor Webcast

The state of encryption and how to improve it

Explore the use of encryption and access controls to understand how organizations currently use these technologies and identify IT and security professionals’ top priorities in file security.

Register for The state of encryption and how to improve it

Sponsored by: Vera

The state of encryption and how to improve it

Join us as we explore the use of encryption and access controls to understand how organizations currently use these technologies and identify IT and security professionals’ top priorities in file security.

What you’ll learn:

  • How organizations currently use access controls and encryption to avoid security breaches
  • Why sensitive and personal data is often left accessible and unencrypted
  • How Always-on File Security puts security teams back in control of data, even when it’s shared with others

Editorial webcast

Encryption everywhere: It’s the best of times and the worst of time

This webcast will look at the issues surrounding encryption everywhere, ranging from productivity and latency challenges to the benefits of protecting the data all the time and everywhere.

Register for Encryption everywhere: It’s the best of times and the worst of time

Sponsored by: Cisco

Encryption everywhere: It’s the best of times and the worst of time

Encryption has been the standard by which companies are able to protect their data from prying eyes. Encrypting data at rest, data in transit and active data can be a challenge on multiple levels.

Today’s webcast looks at the issues surrounding encryption everywhere, ranging from productivity and latency challenges to the benefits of protecting the data all the time and everywhere.

Remember that the bad actors are lurking everywhere, so that’s where your data needs protection.

Vendor Webcast

Using Zero Trust to protect financial services networks

With Phil Packman, a CISO at BT, as your host, learn from the founder of Zero Trust & Field CTO at Palo Alto Networks, John Kindervag, and the VP of Global Financial Services at Forescout, Tom Dolan, how your company can more easily embrace Zero Trust to proactively combat today’s high frequency and sophistication of cyberattacks.

Register for Using Zero Trust to protect financial services networks

Sponsored by: ForeScout

Using Zero Trust to protect financial services networks

Is Zero Trust really achievable given the complexity in financial service organizations, especially considering limited staff, mergers and acquisitions and compliance pressures? 

Join us to learn how your company can embrace Zero Trust to:

  • Proactively combat today’s high frequency and sophistication of cyberattacks
  • Gain unparalleled situational awareness of malicious activity
  • Prevent the exfiltration of sensitive data and money
  • Simplify adherence to compliance regulations

Vendor Webcast

Is browser isolation the new ‘sandbox’ for security?

Identified by Gartner as “one of the single most significant ways to reduce web-based attacks,” remote browser isolation has become an important line item in IT budgets around the world. But not all Isolation is created equal.  With so many offerings how do you weed through the noise?

Register for Is browser isolation the new ‘sandbox’ for security?

Sponsored by: Menlo Security

Is browser isolation the new ‘sandbox’ for security?

Protecting organizations from web threats has typically been done with a proxy or DNS solution, but a new approach has emerged.

Isolation defends against today’s sophisticated zero-day exploits using an “air-gapped” browsing approach.

Identified by Gartner as “one of the single most significant ways to reduce web-based attacks,” remote browser isolation has become an important line item in IT budgets around the world. But not all Isolation is created equal.  With so many offerings how do you weed through the noise?

Join us and Menlo Security to learn:

  • Why remote browser isolation technology adoption is on the rise
  • Key use cases for Isolation that should be evaluated
  • 3 critical requirements when selecting a practical browser isolation solution

Vendor Webcast

Strengthen your web app defenses using behavioral analysis & attacker deception

Uncover the roles that behavioral analysis and active attacker engagement and deception play in application security.

Register for Strengthen your web app defenses using behavioral analysis & attacker deception

Sponsored by: Threat X

Strengthen your web app defenses using behavioral analysis & attacker deception

Overburdened security teams are finding it increasingly difficult to keep pace with the enormous volume and increasing sophistication of daily threats. This, coupled with the limitations and challenges of traditional WAF signature approaches has left many organizations exposed and desperate to find a solution.

What we need are detection and remediation options that are fast, automated, and accurate, but the path to a solution may not be clear for busy security teams. What solutions exist today to make this possible? And how can well-established security teams make the transition?

Join us for part I of this two-part series where we will go beyond the search for the “perfect” tool, and instead, show the practical power of combining two next-generation techniques into a single automated process. Specifically, we will review the roles that behavioral analysis and active attacker engagement and deception play in application security, and how when combined, they deliver accurate and low-burden threat protection results that far surpass legacy AppSec approaches.

Key topics will include:

  • Different types of behavioral analysis in application security
  • Strengths and weaknesses of behavioral analysis
  • An overview of techniques for attacker engagement and deception
  • How to combine both techniques into an automated application security model

Vendor Webcast

Vulnerability management – Why programs fail and what you can do about it

Explore some of the more common reasons vulnerability management programs fail, and more importantly what we can all do to ensure that doesn’t happen.

Register for Vulnerability management – Why programs fail and what you can do about it

Sponsored by: Rapid7

Vulnerability management – Why programs fail and what you can do about it

Vulnerability management should be at the core of every information security program (it’s CIS Control #3) and yet it is often one of the most misunderstood elements.
 
Requiring strong leadership and many foundational elements to be successful, programs often topple because the legs of the table we have built are not sturdy to hold the weight of our scanning tools, and the data these tools produce.
 
Join us and Rapid7’s Brian Carey for a discussion on some of the more common reasons vulnerability management programs fail, and more importantly what we can all do to ensure that doesn’t happen.
 
Some of the topics we’ll cover include:

  • The leadership void – setting goals and expectations from the top
  • Roles & responsibilities
  • Asset management
  • Classification & prioritization
  • Remediation
  • Reporting to your executive teams & board

20/20 webcast

Digging down into a resilient infrastructure

Take a deeper dive into determining your resilience, looking at what components constitute a resilient framework and how to measure if your framework is making an impact.

Register for Digging down into a resilient infrastructure

Sponsored by: Capsule8

Digging down into a resilient infrastructure

During our 20/20 webcast Resilience is not futile, we discussed the importance of building resilience into your security program. 

As we continue our discussion on cyber resilience, we’ll take a deeper dive into determining your resilience, looking at what components constitute a resilient framework and how to measure if your framework is making an impact.
 
Among the topics we’ll discuss are practices and metrics that security teams should consider when attempting to adopt resilience. 

20/20 webcast

Integrating security across your cloud

This 20/20 webcast will look at how data is managed, performance is monitored and analytics are collected and normalized across the cloud infrastructure. It will also look at how security operations are managed and executed in this ever-changing environment.

Register for Integrating security across your cloud

Sponsored by: Symantec

Integrating security across your cloud

As companies move their applications and operations from on-prem data centers to the cloud, a variety of security concerns become more complex. 

Applying security controls to servers outside of the physical control of IT means depending on web services and remote management.  And since your data might not be in a single cloud – one benefit of cloud computing is spreading your data among multiple physical servers – data management can be difficult. 

This 20/20 webcast will look at how data is managed, performance is monitored and analytics are collected and normalized across the cloud infrastructure. It will also look at how security operations are managed and executed in this ever-changing environment.

Vendor Webcast

Networking and security – Bury the hatchet in the cloud

Join us to find out why joining forces with your networking manager may be the best thing for your security team right now.

Register for Networking and security – Bury the hatchet in the cloud

Sponsored by: Cisco

Networking and security – Bury the hatchet in the cloud
Are network operations and security teams burying the hatchet? 
 
According to the 2018 Enterprise Network Management Megatrends report, 91 percent of network operations teams have established formal collaboration with the security team.
 
Enterprises around the globe are grappling with the transition to the cloud and what that means for networking and security practices. 
 
After years of being at odds, shared goals have brought these teams together. Aligning efforts is leading to risk reduction, cost containment, improved performance, and better security.
 
Join us to find out why joining forces with your networking manager may be the best thing for your security team right now.

Vendor Webcast

The impact of unsecured digital identities

Uncover the real costs of unsecured identities, and how building a case using compelling data can help you better protect your organization.

Register for The impact of unsecured digital identities

Sponsored by: Keyfactor

The impact of unsecured digital identities

Between tracking devices and certificates, getting ahead of cert expirations, and preventing outages – all with limited resources and funding – it’s not easy to feel confident that you’re doing all you can to reduce the risk of a breach or downtime.

Keyfactor’s 2019 study with the Ponemon Institute, The Impact of Unsecured Digital Identities, is the first report of its kind to provide data on the risks that unmanaged certificates pose. And it shows the business impact – to your brand, customer retention and productivity – that will earn the attention of senior executives.

Join industry expert Larry Ponemon and Keyfactor’s CSO Chris Hickman to learn more about what they’ve uncovered, the real costs of unsecured identities, and how building a case using compelling data can help you better protect your organization.

Fascinating findings include:

  • Respondents experienced an average of four unplanned outages due to certificate expiration in the past two years at an average cost of $11.1M
  • 65% of respondents are adding additional layers of encryption technologies to comply with regulations & policies
  • 61% of companies are not confident they’re able to secure keys and certificates from generation to revocation 
As an attendee, you’ll receive a free copy of the report which you can share with your team and leadership.

Vendor Webcast

Undetected malware: The ticking time bomb in your network

An Accenture report found that in 2017 there were 130 large-scale targeted breaches in the US ­­­­– a number growing by 27% per year.

So how can a security team proactively search out and eliminate this undetected malware?

Register for Undetected malware: The ticking time bomb in your network

Sponsored by: Reversing Labs

Undetected malware: The ticking time bomb in your network

With all the security defenses organizations have in place, it is a wonder that cyberattacks still get through, but they do.

An Accenture report found that in 2017 there were 130 large-scale targeted breaches in the US ­­­­– a number growing by 27% per year. These attacks go undetected for months, and once detected, take weeks and hundreds of thousands of dollars to contain.

So how can a security team proactively search out and eliminate this undetected malware?

Join us as we discuss:

  • The limitations of existing security infrastructure and why malware and malicious code infections continue to rise
  • How automated static analysis offers greater visibility to advanced malware attacks
  • A before-and-after case study of an “unknown PDF” attachment to a phishing attack email

20/20 webcast

User education: The key to the malware and credential theft explosion

This 20/20 webcast will look at how to educate users to be that last line of intelligent defense, that is smarter than the technology and how to teach them to recognize phishing and other potential threats that was clever enough to get past our technological best efforts.

Register for User education: The key to the malware and credential theft explosion

Sponsored by: Cofense

User education: The key to the malware and credential theft explosion

We’ve heard it from the experts time and time again – the user is the last line of defense for information security.

The problem, of course, is that users often expect and assume that the first, second, and third lines of defense – the company’s security technology – has already stopped threats and attacks before they even get to the users’ systems.

We in the industry know this isn’t always accurate, but how do you explain that to users?

That’s exactly what we plan to address in this 20/20 webcast – how to educate users to be that last line of intelligent defense, that is smarter than the technology; we’ll talk about how to teach them to recognize phishing and other potential threats that was clever enough to get past our technological best efforts.

Vendor Webcast

ATT&CK™ deep dive: Lateral movement

Join us for a deep dive into the MITRE ATT&CK™ framework and lateral movement. 

Register for ATT&CK™ deep dive: Lateral movement

Sponsored by: Carbon Black

ATT&CK™ deep dive: Lateral movement
Emotet has been big news for years, with research outlets regularly taking fresh looks at the malware as it evolves to infect organizations of all sizes. The trojan moves laterally to target employees’ banking credentials or deliver other malware. 
 
Join us for a deep dive into the MITRE ATT&CK™ framework and lateral movement. 
 
This ATT&CK™ Deep Dive will walk through how to:
  • Detect and respond to tactics in the Emotet malware family
  • Apply detection strategies to find other threats
  • Build your detection program with similar repeatable processes

Vendor Webcast

Best practices for complying with application security regulations for financial services

How to navigate key financial compliance requirements and regulations through application security and secure development.

Register for Best practices for complying with application security regulations for financial services

Sponsored by: Veracode

Best practices for complying with application security regulations for financial services

Over the past several years, the financial industry has issued regulations addressing cybersecurity and information security controls. As a result, enterprises within the industry are now holding their software vendors accountable for meeting standard application security policies.

Most organizations are still dealing with manual processes and arduous penetration testing, and therefore demonstrating compliance via minimal documentation. As a result, these organizations and their suppliers are at risk of noncompliance, and worse, of breach.

Tune in to this webcast where Chris Wysopal, Chief Technology Officer and Co-Founder at Veracode, will discuss how to navigate key financial compliance requirements and regulations through application security and secure development.

Specifically he will discuss:

  • The impact of recent major regulations – the EU General Data Protection Regulation (EU GDPR) and NY State Department of Financial Services (NY DFS) Cybersecurity Regulations – on application security standards and secure development practices

  • How to get started with secure development practices in order to effectively navigate these requirements

  • How to build a software development process that has continuous security, is measurable, and is transparent

Vendor Webcast

The Pilot’s Checklist: Cover your six

Explore the art of systemically identifying gaps before it’s too late

Register for The Pilot’s Checklist: Cover your six

Sponsored by: Carbon Black

The Pilot’s Checklist: Cover your six

More and more often, we hear about another high-profile cybersecurity breach or ransomware attack at a large, well-known organization.

When it comes to nailing security fundamentals and suppressing operational risk, security professionals today can learn a thing or two from the elite pilots that have dominated the skies since World War II.

Join us and Carbon Black Security Strategist Jason Madey as we walk you through the pilot’s checklist and discuss how a forty-thousand-foot view keeps your organization safer from cyberattacks. In this webcast you’ll learn:

  • How to keep your fleet in line with unfiltered visibility
  • The art of systemically identifying gaps before it’s too late
  • What historical approaches for suppressing risk mean for us today

Vendor Webcast

Debunking the top 5 myths about SIEM

Uncover the truth about the capabilities a SIEM can provide, how a SIEM can help you address security and compliance and what it takes to manage one.

Register for Debunking the top 5 myths about SIEM

Sponsored by: IBM

Debunking the top 5 myths about SIEM

Do you ever hear conflicting opinions about SIEMs and wonder what to believe? There are some common myths and misconceptions about SIEM solutions that we want to dispel.

In this webcast, we will provide the truth about the capabilities a SIEM can provide, how a SIEM can help you address security and compliance and what it takes to manage one.

You’ll hear security experts review:

  • Popular SIEM myths and common misconceptions
  • Why you should leverage a modern SIEM for a proactive security posture
  • What to expect from a modern SIEM platform today

Vendor Webcast

Today’s balancing act: Security & flexibility

Explore how a sound cloud security strategy can help better defend against security threats, simplify security and support user demands. 

Register for Today’s balancing act: Security & flexibility

Sponsored by: Cisco

Today’s balancing act: Security & flexibility

As core enterprise apps and services move to the cloud, you need to protect access across all devices, office locations, and roaming users — even when they’re off VPN.

Nowhere is this more apparent than in the consulting industry. While comfort levels with cloud services are on the rise, complexity persists regarding visibility and control.

If you’re struggling with how to balance flexibility with the need to safeguard company and client data against malware and risk of exposure, join us on Wednesday, February 27th.

Our guest speaker, Joseph Paradi, Sr. Director ITS Infrastructure at Avanade, will discuss how a sound cloud security strategy can help better defend against security threats, simplify security and support user demands.

20/20 webcast

The art of cyberwar

This 20/20 webcast looks at the motivations of cybercriminals, the kinds of vulnerabilities they are looking for in your network, and why it is essential for companies to understand and acknowledge their own limitations and how they can address those challenges in order to gain the upper hand over potential attackers.

Register for The art of cyberwar

Sponsored by: Thycotic

The art of cyberwar

The ancient Chinese General Sun Tzu famously wrote about how to win military encounters by knowing your enemy.

Millennia later, his lessons about knowing your cyberenemy are just as valid as his military tactics from 2500 years ago.

This 20/20 webcast looks at the motivations of cybercriminals, the kinds of vulnerabilities they are looking for in your network, and why it is essential for companies to understand and acknowledge their own limitations and how they can address those challenges in order to gain the upper hand over potential attackers.

Vendor Webcast

How to select and evaluate endpoint security products

Uncover why 8 percent of security and IT professionals do not feel adequately prepared to defend their organizations.

Register for How to select and evaluate endpoint security products

Sponsored by: Carbon Black

How to select and evaluate endpoint security products

93 percent of organizations are targets on non-malware attacks. At the same time, attackers are innovating faster than traditional defenses can keep up.

It’s no wonder 8 percent of security and IT professionals do not feel adequately prepared to defend their organizations.

It’s time for a new approach to endpoint security. But with so many offerings what should you buy?

During this webcast you’ll learn:

  • How to determine the capabilities you need to address the problems you face
  • The top questions you should ask an endpoint security vendor to understand the nuances of their approach
  • How next-generation endpoint security can help you prevent, detect, and respond to threats

Vendor Webcast

Key considerations for improving your threat detection and response strategy

Join us as we discuss the results of the 2019 Threat Detection and Response Survey and how the findings can inform threat detection and response for CISOs in the year to come.

Register for Key considerations for improving your threat detection and response strategy

Sponsored by: Fidelis

Key considerations for improving your threat detection and response strategy

As adversaries continue to have success, more organizations have recognized the need to implement a threat detection and response strategy. However, with an expanding attack surface, lack of skilled resources, and blind spots across the environment, this is a huge challenge to overcome.

That’s why Fidelis commissioned research firm ESG to conduct a survey that would identify the key challenges that cybersecurity professionals are facing when approaching threat detection and response today, and what trends and strategies are forming as a result.

Join us as Senior Principal Analyst and ESG Fellow, Jon Olstik and Fidelis Threat Research Director, Danny Pickens along with SOC Operations expert, Travis Aldrich, discuss the results of the 2019 Threat Detection and Response Survey. We’ll be considering the implications of the results and how these findings can inform threat detection and response for CISOs in the year to come.

Key themes covered will include:

  • Threat hunting in a detection and response strategy
  • Threat intelligence reigning supreme as an EDR attribute
  • Point products vs. consolidated solutions
  • Detection and response and dealing with the skills shortage

Vendor Webcast

Cybersecurity metrics – Visibility to make the right decisions

Learn how you can be confident in not just making decisions, but the right ones with data backing you.

Register for Cybersecurity metrics – Visibility to make the right decisions

Sponsored by: Sumo Logic

Cybersecurity metrics – Visibility to make the right decisions

In cybersecurity, organizations are often blind and making decisions with no real data or understanding of their environment.

How do you even really know if you’re making the right decision? Is it just a flick of the wrist or is based off of what you had at breakfast? To win in cybersecurity, you must have real-time visibility into threats.

This webcast will discuss how you can be confident in not just making decisions, but the right ones with data backing you.

Vendor Webcast

The 2019 security strategy from the former CSO of Facebook and Uber

Uncover the major security risks to prepare for in 2019

Register for The 2019 security strategy from the former CSO of Facebook and Uber

Sponsored by: CloudFlare

The 2019 security strategy from the former CSO of Facebook and Uber

How are you planning to secure your employees, your company, and your customers in 2019?

Prior to joining Cloudflare as its Chief Security Officer (CSO) in 2018, Joe Sullivan spent 5+ years as CSO for Facebook and 2.5 years as CSO for Uber. He also previously held security and legal roles at PayPal and eBay and served on the Obama Administration as a member of the Commission on Enhancing National Cybersecurity.

With over a decade of experience from some of the world’s most influential companies, Joe will share the core strategies he is taking to help protect Cloudflare and, as a result, its 12M domains who rely on its services for security and performance.

Join us learn:

  • Major security risks to prepare for in 2019
  • The plan to improve internal discipline around “incident response”
  • The critical shift in thinking and strategy around the world becoming “borderless”
  • The “security maturity model” to evaluate and plan the security roadmap

If you and your team are in the middle of planning how to maintain and improve your security posture for 2019, sign up to attend now. Attendees will also get a copy of the actual Security Maturity Model you can use with your own team.

20/20 webcast

Through the DNS looking glass

This 20/20 webcast looks at the state of the art of DNS security, how things are changing and what CISOs need to know to help them sleep at night.

Register for Through the DNS looking glass

Sponsored by: Nominet

Through the DNS looking glass

There are no shortages of network security tools. For years we have been able to slice and dice the network, finding new ways not only secure the network, but also open vulnerabilities to those whose singular goal is to defeat our best security efforts.

One of the vital organs of the network is the Domain Name System, which maintains records on which device is doing what on the network, how often, what assets they access, and all kinds of data essential for an attacker.

This webcast looks at the state of the art of DNS security, how things are changing and what CISOs need to know to help them sleep at night.

20/20 webcast

Resilience is not futile: How to make life harder for hackers and fight back against attacks

This 20/20 webcast looks at how you can build a resilient response plan and team.

Register for Resilience is not futile: How to make life harder for hackers and fight back against attacks

Sponsored by: Capsule8

Resilience is not futile: How to make life harder for hackers and fight back against attacks

Not every company is able to survive a breach or disaster.

Poor planning, such as having your server backups in the same general area as your data center after an earthquake or flood, or a poorly defined incident response plan could lead to a company not being able to restore their systems after a breach or natural disaster.

Also, having all of your disaster recovery and business continuity capabilities in your physical data center could put you at greater risk.

This 20/20 webcast looks at how you can build a resilient response plan and team.

Vendor Webcast

Stop parasites on your network

Unwanted applications can hide for months or even years at a time on organizations’ networks — potentially causing security, compliance and performance risks.

So what should you do?

Register for Stop parasites on your network

Sponsored by: Sophos

Stop parasites on your network

Unwanted applications can hide for months or even years at a time on organizations’ networks — potentially causing security, compliance and performance risks.

And in many cases next-gen firewalls can’t identify and block them. So what should you do?

Join this informative webcast to see:

  • Common types of hidden apps and the problems they cause
  • Why most modern firewalls can’t identify them
  • How to solve the problem with Synchronized App Control

Vendor Webcast

The beginner’s guide to building your incident response playbook

Learn how to combine comprehensive intelligence gathering, incident management, workflows, and analytics to implement SOAR successfully at your organization.

Register for The beginner’s guide to building your incident response playbook

Sponsored by: DomainTools

The beginner’s guide to building your incident response playbook

Cybersecurity as an industry is seeing an ever increasing number in relation to our skills gap according to the recent ISC2 research, Cybersecurity Workforce Study, that states the shortage of cybersecurity professionals around the globe is nearing 3 million.

As these roles go unfilled, our practitioners are finding themselves increasingly unable to meet the needs of their organizations as severe/critical incidents rise to an average of 224 per day according to the 2018 EMA Megatrends Report.

Security Orchestration, Automation, and Response (SOAR) has the ability to help organizations with security processes, automation of specific actions, and intelligently inform teams, with the end goal of efficiency.

Join us to learn how to combine comprehensive intelligence gathering, incident management, workflows, and analytics to implement SOAR successfully at your organization.  

In this webcast you will learn:

  • Strategies to build out complementary datasets with your SOAR tools
  • Best practices in the deployment and use of SOAR tools
  • Real world examples of leveraging playbooks

Vendor Webcast

Checkmate: A lesson in vulnerability management strategy

Unlock actionable advice for building your vulnerability management program. 

Register for Checkmate: A lesson in vulnerability management strategy

Sponsored by: Rapid7

Checkmate: A lesson in vulnerability management strategy

The game of Chess originated in India around the 6th century AD. The purpose was believed to be for developing battle strategies, which is exactly what we do in cyber security.

Chess helps improve mental abilities such as problem solving, critical thinking, pattern recognition, planning ahead, focus and concentration. This is the same mindset we strive for as IT professionals, specifically in vulnerability management. The vulnerability management goal is easy. It’s the surrounding problems, patterns and planning that makes it difficult.

In this webcast, we will discuss thinking strategically of your vulnerability management program as a chess game. Our expert speaker, Nadean Tanner, will share actionable advice for building your vulnerability management program. 

Vendor Webcast

The business benefits of switching to endpoint security in the cloud

According to a Forrester study, organizations who switch to Predictive Security Cloud (PSC), a next-generation endpoint protection platform, can realize significant business benefits and cost savings.

Register for The business benefits of switching to endpoint security in the cloud

Sponsored by: Carbon Black

The business benefits of switching to endpoint security in the cloud

Endpoints are the front line of defense against cybercriminals, but traditional endpoint security is failing to protect from attacks. In fact, more than 50% of organizations surveyed in 2017 experienced a data breach.

According to a recent Forrester study, organizations who switch to Predictive Security Cloud (PSC), a next-generation endpoint protection platform, can realize significant business benefits and cost savings. The study focuses on replacing traditional endpoint security with NGAV and EDR on the PSC.

Join us, along with guest speaker Kathleen Byrne, Senior Consultant at Forrester, as we share the results of the study.

You will learn:

  • Forrester’s methodology and key findings
  • The quantifiable benefits participants in the study achieved by switching to the PSC, including better protection, improved visibility into threats, and faster response times
  • A framework you can use to evaluate the potential ROI your organization can achieve with the PSC

DemoCast webcast

Advance your threat hunting and incident response

Learn how you can correlate and visualize comprehensive information about endpoint events, giving you greater visibility into your environments.

Register for Advance your threat hunting and incident response

Sponsored by: Carbon Black

Advance your threat hunting and incident response

Today, attackers can compromise your environment in an hour or less. You need the power to respond and remediate in real time, stopping active attacks and repairing damage quickly.

Investigations that typically take days or weeks can now be completed in just minutes.

Learn how you can correlate and visualize comprehensive information about endpoint events, giving you greater visibility into your environments.

Join us as we:

  • Discover what happened at every stage of an attack with intuitive attack chain visualizations
  • Uncover advanced threats, minimize attacker dwell time, and prevent lateral movement
  • Automatically collect and store detailed forensic data for post-incident investigation
  • Use open APIs and out-of-the-box integrations to correlate data across your security stack

Vendor Webcast

Building a modern threat detection program: Where to begin?

The top threats industries face today—with an industry vertical breakdown

Register for Building a modern threat detection program: Where to begin?

Sponsored by: Rapid7

Building a modern threat detection program: Where to begin?

If you’re building out a strategy to find a compromise as it happens, it’s not a simple process. You need to map out the most likely threats to your organization, ensure you’re collecting the right security data, and make sure your team has the bandwidth, expertise—and confidence—to take action when evil appears on your network.

Join us for this webcast where we will cover:

  • The top threats industries face today—with an industry vertical breakdown
  • The data sources you need to collect and analyze
  • The structure & processes behind global SOCs
  • In-house SOC or MSSP? Properly assessing total cost of ownership and the hidden costs that lurk beneath.

Vendor Webcast

Adaptive defenses: The immunology of cyber resilience

Uncover why tactics – not tools – are key to cyber resilience.

Register for Adaptive defenses: The immunology of cyber resilience

Sponsored by: SecureWorks

Adaptive defenses: The immunology of cyber resilience

The exponential growth of the data economy demonstrates the increased value organizations place on digital information and reinforces the critical need for security to keep pace with the digital transformation.

Imagine a world where your cybersecurity system interacts with a software-driven ecosystem, and where learning models power software-driven detections and actions to deliver an ongoing defense. Then peer further into the future of a software derived ecosystem that provides ongoing resiliency and improves immunity to unknown cyber threats.

In our January 22 webcast, Secureworks CTO Jon Ramsey will walk through the biological equivalent of a future-proof security system that evolves at the speed and scale of digital transformation.

What You Will Learn:

  • How Secureworks’ network effect provides broad and diversified visibility into the global threat landscape
  • Why tactics – not tools – are key to cyber resilience
  • How the security space and Secureworks are moving toward adaptive defense

Vendor Webcast

Hybrid defense: How to defeat 2019’s biggest threats

Discover major industry trends like machine learning and security orchestration, automation, and response (SOAR), and also dive into how three key innovations—hybrid AI, hybrid cloud security, and hybrid IT teams— enable any organization to deploy world-class defenses.

Register for Hybrid defense: How to defeat 2019’s biggest threats

Sponsored by: Arctic Wolf

Hybrid defense: How to defeat 2019’s biggest threats

There’s one certainty in cybersecurity: 2019’s attacks are going to be even worse than the ones we’ve faced. So, how are cybersecurity experts gearing up to meet these new challenges? 

In this webcast, we will address major industry trends like machine learning and security orchestration, automation, and response (SOAR), and also dive into how three key innovations—hybrid AI, hybrid cloud security, and hybrid IT teams— enable any organization to deploy world-class defenses.

We’ll discuss how:

  • Human-AI hybrid technology delivers security that’s more than the sum of its parts
  • Managed detection and response (MDR) is rising to the challenge of new hybrid-cloud architectures for business
  • SOC-as-a-service is transcending the challenges posed by both in-house and traditional consulting staffing strategies

Vendor Webcast

Using a next gen WAF to effectively protect APIs & microservices

Expose the common challenges faced by application security teams to protect APIs and microservices, and how they differ from standard, legacy applications.  

Register for Using a next gen WAF to effectively protect APIs & microservices

Sponsored by: Threat X

Using a next gen WAF to effectively protect APIs & microservices

APIs have become a strategic necessity for conducting business due to the agility, innovation, and automation they enable. While 90% of the business reaps the benefits of this technology, the security teams are often exposed to a slew of new challenges that can’t be solved by long-standing security tools and strategies.

Unfortunately, the bulk of application security solutions are stuck in the dark ages, using bloated appliance or virtual appliance-based approaches that can’t automatically scale up and down with the application and don’t support automated deployments that are already built into the DevOps toolbox. It’s often like fitting a round peg into a square hole…it’s not going to work without some level of adaptation.  

For infinite scale, you want to tightly couple the deployment of security with your app. This demands a lot from your security strategy and your WAF. So, what are the characteristics of a WAF that matches this type of design? In this webcast, we will address 8 key elements of an API and microservices friendly web application firewall solution, including:  

  •    The ability to be centrally managed  
  •    Lightweight to allow linear scale 
  •    Support a robust API 

The experts will also expose the common challenges faced by application security teams to protect APIs and microservices, and how they differ from standard, legacy applications.  

20/20 webcast

Locking down vulnerabilities

This 20/20 webcast will look at how companies can determine what and where each device is located — be it in the cloud or on prem — where and how in those devices or platform the security vulnerabilities present themselves, and most important, how to determine the priority for what needs to be addressed now and what can wait until later.

Register for Locking down vulnerabilities

Sponsored by: Skybox

Locking down vulnerabilities

Managing vulnerabilities is sometimes considered the secret sauce of keeping companies secure.

First, of course, companies need to know what they have and where they have it. That’s a bigger challenge than you think, considering your “resources” might not actually be something you can access, such as a cloud infrastructure.

Next is distinguishing what is and is not a vulnerability. Once you identify a vulnerability, then comes the magic part: knowing which vulnerabilities need to be addressed immediately and which can be set aside for later.

This 20/20 webcast will look at how companies can determine what and where each device is located — be it in the cloud or on prem — where and how in those devices or platform the security vulnerabilities present themselves, and most important, how to determine the priority for what needs to be addressed now and what can wait until later.