SC Media webcasts | IT Security
Skip to navigation Skip to main content

Webcasts

UPCOMING WEBCASTS

This form filters webcasts that are directly below it based on the options given. Filtering will occur immediately when a option is selected or when the form is reset.
Show:
Vendor Webcast

GDPR to California Privacy – Managing cloud vendor risk

In this webcast, you’ll learn how to implement successful vendor risk processes, expedite vendor onboarding, and hear practical advice to automate vendor risk management within a software technology platform.

Register for GDPR to California Privacy – Managing cloud vendor risk

Sponsored by: OneTrust

GDPR to California Privacy – Managing cloud vendor risk

Managing vendor risk is a continuous effort under GDPR, California CCPA and other global regulations.

As organizations continue to improve their privacy and security programs, streamlining 3rd and 4th party vendor risk has become a priority.

In this webcast, you’ll learn how to implement successful vendor risk processes, expedite vendor onboarding, and hear practical advice to automate vendor risk management within a software technology platform.

Vendor Webcast

DDI data – a critical enabler of SOAR

Join us to learn more about one of the key sources of contextual network and threat intel data comes from infrastructure that organizations already rely on for connectivity – DNS, DHCP and IPAM. This data along with timely, reliable and accurate threat intel can be used to improve scoring and investigation, assist in prioritizing incoming incidents, and can be relied upon to build automation.

Register for DDI data – a critical enabler of SOAR

Sponsored by: Infoblox

DDI data – a critical enabler of SOAR

Constantly evolving threats and shortage of qualified cybersecurity professionals have led security teams to move to security workflow automation to meet the demands.  It’s not enough to have a great tool nowadays. These tools have to work better together to meet today’s security challenges. Security orchestration, automation and response (SOAR) tools improve efficiency and efficacy of security operations by automating threat intel management, event monitoring and incident response processes.  

One of the key sources of contextual network and threat intel data comes from infrastructure that organizations already rely on for connectivity – DNS, DHCP and IPAM. This data along with timely, reliable and accurate threat intel can be used to improve scoring and investigation, assist in prioritizing incoming incidents, and can be relied upon to build automation

Join this webcast to learn how a well architected DNS, DHCP and IPAM can power SOAR platforms to

  • Block/unblock domains using context
  • Enrich other security tools with valuable IPAM data
  • Enhance and improve incident response with better threat intelligence

DemoCast webcast

Advance your threat hunting and incident response

Join us and Carbon Black for a live demo to discover what happened at every stage of an attack with intuitive attack chain visualizations, uncover advanced threats, minimize attacker dwell time, prevent lateral movement and much more.

Register for Advance your threat hunting and incident response

Sponsored by: Carbon Black

Advance your threat hunting and incident response


Today, attackers can compromise your environment in an hour or less however, you have the power to respond and remediate in real time, stopping active attacks and repairing damage quickly. Investigations that typically took days or weeks can be completed in just minutes. CB ThreatHunter correlates and visualizes comprehensive information about endpoint events, giving you greater visibility into your environments.

Join us for a live demo to:

  • Discover what happened at every stage of an attack with intuitive attack chain visualizations
  • Uncover advanced threats, minimize attacker dwell time, and prevent lateral movement
  • Automatically collect and store detailed forensic data for post-incident investigation
  • Use the platform’s open APIs and out-of-the-box integrations to correlate data across your security stack

Vendor Webcast

The AppSec kill-chain evolved – TTPs for modern defenses

In this webcast, we will take a lifecycle approach to understanding web app attacks, share examples of the tools and techniques used in each phase, and the defenses security teams can employ to protect their applications.

Register for The AppSec kill-chain evolved – TTPs for modern defenses

Sponsored by: Threat X

The AppSec kill-chain evolved – TTPs for modern defenses

New and popular frameworks such as MITRE ATT&CK have aided organizations in extending their previous kill-chain models to be more focused on the actual tactics, techniques, and procedures (TTPs) that attackers are using in the real world. And while MITRE ATT&CK was originally designed for Windows-based enterprise networks, the same concepts can apply to application security.

In order to properly defend against adversaries, an organization must be aware of the specific TTPs used at each phase of an attack.

In this webcast, we will take a lifecycle approach to understanding web app attacks, share examples of the tools and techniques used in each phase, and the defenses security teams can employ to protect their applications.

This will include an analysis of:

  • Attacker preparations and anonymity
  • Enumeration and Scanning
  • Gaining credentialed access to applications and accounts
  • Exploitation and detection evasion
  • Abuse of APIs
  • Pivoting to do damage after an exploit

Vendor Webcast

Asset management: The Toyota Camry of cyber security

Join us and Axonius to talk about one of the biggest problems organizations face today.

Register for Asset management: The Toyota Camry of cyber security

Sponsored by: Axonius

Asset management: The Toyota Camry of cyber security

Asset Management – it’s not the most exciting thing in the world. In an industry with technologies like automation, machine learning, and AI, asset management doesn’t get a whole lot of attention, but it’s foundational and one of the biggest problems organizations face today.

Security teams’ jobs continue to get exceedingly difficult, but they’re still spending time trying to figure out where things are and what they are. You’ll see how companies are able to automate asset management to:
-Get a credible, comprehensive asset inventory
-Uncover security solution coverage gaps
-Automatically validate and enforce security policies
-Join this free webinar on Friday, June 28th at 2:00 PM ET with SC Magazine’s 2019 Rookie Security Company of the Year, Axonius.



ON-DEMAND WEBCASTS

This form filters webcasts that are directly below it based on the options given. Filtering will occur immediately when a option is selected or when the form is reset.
Show:
DemoCast webcast

Gaining complete visibility of your environment with attack surface monitoring

Join Rapid7 and SC Media for an in-depth look into Attack Surface Monitoring with Rapid7’s Project Sonar research and industry reports. Learn how data from these sources can be leveraged in Rapid7’s industry-leading vulnerability management solution, InsightVM, to provide complete visibility into your environment.

Register for Gaining complete visibility of your environment with attack surface monitoring

Sponsored by: Rapid7

Gaining complete visibility of your environment with attack surface monitoring

Join Rapid7 and SC Media for an in-depth look into Attack Surface Monitoring with Rapid7’s Project Sonar research and industry reports. Learn how data from these sources can be leveraged in Rapid7’s industry-leading vulnerability management solution, InsightVM, to provide complete visibility into your environment.

During this webinar, you’ll learn about:
-The importance of having complete visibility of both your organization’s known and unknown assets
-Rapid7’s unique research project, Project Sonar, that regularly catalogs the public internet
-Industry reports released by Rapid7 based on data from Project Sonar, among other sources
-How data from Project Sonar can be leveraged within Rapid7’s industry-leading vulnerability management tool, InsightVM

Vendor Webcast

Risk-based adaptive DevSecOps

Join us and Synopsys to learn how the adaptive pipeline can help you rank risks, identify changes, and improve responsiveness, how to accelerate deployment to production without compromising security and four models you can implement to help align your people, process, and technology.

Register for Risk-based adaptive DevSecOps

Sponsored by: Synopsys

Risk-based adaptive DevSecOps

Building security automation into the DevOps pipeline is a key pain point for many organizations. Some firms deploy to production as frequently as every five minutes—a velocity that security struggles to match.

Implementing intelligence within the DevOps pipeline supports security activities by matching the team’s velocity, providing intelligent feedback, and supporting organizations as they scale their security testing activities.

A risk-based adaptive pipeline can close the gap between DevOps and security teams, helping DevOps teams accelerate deployment to production without compromising security.

In this webcast, you’ll learn:
– How the adaptive pipeline can help you rank risks, identify changes, and improve responsiveness
– How to accelerate deployment to production without compromising security
– Four models you can implement to help align your people, process, and technology



20/20 webcast

Is your cloud security up to snuff?

This 20/20 webcast looks at how you can ensure that your cloud storage security meets or exceeds any regulatory and corporate governance requirements. Remember: Your data is your responsibility.

Register for Is your cloud security up to snuff?

Sponsored by: Rapid7

Is your cloud security up to snuff?

As corporations move their applications, data storage and operations to the cloud, the first question the CISO should ask is: Is our cloud as secure as we can make it?

Depending on the cloud provider’s basic services is not enough; the data is yours and it’s your job to make sure you have all the components in place that you could have on your on-prem data center.

This 20/20 webcast looks at how you can ensure that your cloud storage security meets or exceeds any regulatory and corporate governance requirements. Remember: Your data is your responsibility.

Vendor Webcast

Aligning security with the flow and storage of information

Join us and OpenText™ Senior Director of Product Marketing, Hope Swancy-Haslam, as she interviews experts Anthony Di Bello, OpenText vice-president of strategy, and Judy Branham, Aon Cyber managing director on Aligning Security with the Flow and Storage of Information.

Register for Aligning security with the flow and storage of information

Sponsored by: OpenText

Aligning security with the flow and storage of information


Today’s cyber-attackers, armed with better tools and techniques at their disposal, are more effective than ever at compromising endpoints and finding their way into business IT systems.

Research shows only 53 percent of incident response teams are “mature” in their ability to effectively respond when an event occurs.  It is imperative for security teams to stay current on the latest methodologies and approaches for endpoint detection and response.

Learn how to manage vulnerability issues and apply forensic-grade security best practices. Join OpenText™ Senior Director of Product Marketing, Hope Swancy-Haslam, as she interviews experts Anthony Di Bello, OpenText vice-president of strategy, and Judy Branham, Aon Cyber managing director on Aligning Security with the Flow and Storage of Information.

Discussion will include:

  • The convergence of risk, security, and legal teams around security issues
  • The application and value of a “zero trust” approach in endpoint security
  • The importance of aligning security to the flow and storage of information
  • How teams can be more effective by understanding sensitive data and its location
  • What it means and why it makes sense to bring security closer to protected information 
  • Forensic security methodologies to apply in every environment

Vendor Webcast

Rethink infrastructure access: Traditional methods aren’t cutting it

Join us to learn how to effectively secure server access by applying the core principles of Zero Trust and enforce strict just-in-time, least privilege access in a manner that doesn’t get in the way of productivity.

Register for Rethink infrastructure access: Traditional methods aren’t cutting it

Sponsored by: Okta

Rethink infrastructure access: Traditional methods aren’t cutting it

As you adopt cloud IaaS to meet business goals, effective security controls can’t be an afterthought. This elastic infrastructure environment requires smart access controls; but how do you adhere to your security policies without limiting automation?

Join us to learn how to effectively secure server access by applying the core principles of Zero Trust and enforce strict just-in-time, least privilege access in a manner that doesn’t get in the way of productivity.

Featured guest Dr. Chase Cunningham, principal analyst for Forrester Research, and Ivan Dwyer from Okta will discuss:
 -Why you need to re-think your infrastructure access approach
 -Why identity is the cornerstone of securing server access
 -How to put Zero Trust in practice across the infrastructure layer
 -Why secure server access is a strong “tip of the spear” use case for larger Zero Trust initiatives

DemoCast webcast

How to scale your dynamic analysis program

Join us for this democast to learn how to implement a dynamic analysis program that meets these four key criteria: Scalability, discovery, speed and automation & integration

Register for How to scale your dynamic analysis program

Sponsored by: Veracode

How to scale your dynamic analysis program

Web applications continue to be the primary attack vector for hackers looking to breach organizations, and applying dynamic application security testing (DAST) gives you security assurance for how your application will perform in the real world. The key is applying it to your organization’s entire application portfolio without slowing down delivery.

What will you learn?

Dynamic analysis is an important solution in a mature application security program because this form of testing more easily unearths different kinds of vulnerabilities, including information leakage, cryptographic issues, and cross-site scripting. You know that it is important to secure all of your organization’s web applications – including the ones you did not know you owned – while ensuring speed to market to meet customer demands and expectations.

Scalability: The ability to scan multiple applications at once – whether they are authenticated or unauthenticated – to keep security from being a bottleneck.Discovery: Uncover every web application associated with your organization, even if you did not create it in-house, to create an exhaustive inventory.Speed: Deliver high-quality results quickly, and in a smart way that saves time. Automation & Integration: Scans that run automatically and integrate with existing processes and tools keep your security and development teams moving quickly

Join us for this democast to learn how to implement a dynamic analysis program that meets these four key criteria:

-Scalability: The ability to scan multiple applications at once – whether they are authenticated or unauthenticated – to keep security from being a bottleneck.
-Discovery: Uncover every web application associated with your organization, even if you did not create it in-house, to create an exhaustive inventory.
-Speed: Deliver high-quality results quickly, and in a smart way that saves time.
-Automation & Integration: Scans that run automatically and integrate with existing processes and tools keep your security and development teams moving quickly.




Vendor Webcast

Uncovering advanced persistent threats

Join us for a step-by-step walk through of how the Operation Cloud Hopper attack unfolded and how security professionals can implement automated defenses to detect malicious behavior like APT10’s attack before the breach occurs.

Register for Uncovering advanced persistent threats

Sponsored by: Carbon Black

Uncovering advanced persistent threats

In one of the largest ever sustained global cyber espionage campaigns known as Operation Cloud Hopper, a Chinese threat actor group dubbed APT10 was able to infiltrate managed IT service providers to gain unprecedented access to their clients’ intellectual property and sensitive data. Leveraging “Red Leaves” malware, attackers were able to breach and freely move about laterally in their unsuspecting victims’ environments.

Join us and Tristan Morris, cybersecurity strategist at Carbon Black, as he walks us step-by-step through how the attack unfolded and how security professionals can implement automated defenses to detect malicious behavior like APT10’s attack before the breach occurs.

We will cover:

  • Why threat hunting is so critical today
  • How new intel can kick off a threat hunt
  • How to quickly hunt across your enterprise
  • How to scale your future threat hunts leveraging automation

Vendor Webcast

What keeps IT pros like you up at night

With so many possible issues for you to address, what do other IT pros like you really have a handle on and what’s keeping them lying awake at night?

Register for What keeps IT pros like you up at night

Sponsored by: KnowBe4

What keeps IT pros like you up at night

As corporations move their applications, data storage and operations to the cloud, the first question the CISO should ask is: Is our cloud as secure as we can make it?

Depending on the cloud provider’s basic services is not enough; the data is yours and it’s your job to make sure you have all the components in place that you could have on your on-prem data center.

This 20/20 webcast looks at how you can ensure that your cloud storage security meets or exceeds any regulatory and corporate governance requirements. Remember: Your data is your responsibility.

DemoCast webcast

How to speed incident response with network data

Join us as we step through a rapid, end-to-end investigation and response process, from early breach detection to forensic analysis in just minutes, relying on Network Traffic Analysis for authoritative and detailed data.

Register for How to speed incident response with network data

Sponsored by: Extrahop

How to speed incident response with network data

Investigating and responding to security incidents can take hours or days if analysts are forced to manually correlate data and contact other teams to access secondary system logs or even packet captures they need to be confident about what actually happened.

Join us as we step through a rapid, end-to-end investigation and response process, from early breach detection to forensic analysis in just minutes, relying on Network Traffic Analysis for authoritative and detailed data.


-Identify which devices and users were involved in an incident
-Dig into transaction records and layer 7 payloads to see exactly what users and resources were involved
-Access packets and decryption keys for incontrovertible proof and root cause analysis

Vendor Webcast

Turn your phishing links into read only

Join us to see how Isolation can help you eliminate malware and improve productivity of your employees.

Register for Turn your phishing links into read only

Sponsored by: Menlo Security

Turn your phishing links into read only

99% of security breaches are initiated through email and webmail attacks. Thus, proving prevention obviously fails, and detection and response are far from guaranteed. So why try the same old failed security approaches?

It’s time to try something that’s transforming email security—isolation. Isolation doesn’t block threats—it eliminates.

In this webcast, attendees will learn:
-How to combat users who are re-offenders when it comes to clicking unsafe email links and attachments
-Need an additional layer other than a sandbox waiting for patient zero
-The ease of deploying isolation without interfering with user experience in 10 minutes

Save your seat to see how Isolation can help you eliminate malware and improve productivity of your employees.

Vendor Webcast

Keeping pace with the continuous reinvention of endpoint protection

Join us and Ian McShane of Endgame for a discussion on modern approaches to endpoint protection.

Register for Keeping pace with the continuous reinvention of endpoint protection

Sponsored by: Endgame

Keeping pace with the continuous reinvention of endpoint protection

Join us and Ian McShane of Endgame for a discussion on modern approaches to endpoint protection. Learn what antivirus functions you can replace, eliminate, or improve with an effective endpoint protection platform. We’ll cover how to evaluate if it’s time for your organization to replace legacy AV with modern tools to prevent targeted attacks, and how you can implement endpoint protection technology to increase your organization’s security efficacy and the productivity of existing security staff.

Vendor Webcast

Incident Response in a world full of threats: Are you prepared?

Join us, NTT Security, and Carbon Black experts to see how organizations can better predict, prevent, and respond to today’s advanced persistent threats. We’ll walk through real world examples and implications for your business or public sector entity.

Register for Incident Response in a world full of threats: Are you prepared?

Sponsored by: Carbon Black, NTT Security

Incident Response in a world full of threats: Are you prepared?

The threat landscape is more fluid than ever and knowing how to efficiently respond to an incident is critical to the sanctity of your data and bottom line.

NTT Security and Carbon Black experts team up to show how organizations can better predict, prevent, and respond to today’s advanced persistent threats. We’ll walk through real world examples and implications for your business or public sector entity.

Vendor Webcast

Inside your weakest link: How persistent attackers view your endpoint strategy

In this webcast, we will discuss today’s most common endpoint security strategies and technologies including Windows 10, Virtual Desktop Infrastructure, EPP, EDR, etc. In evaluating these approaches, we will look at each from the user’s perspective, the admin’s perspective, and most importantly: through the attacker’s perspective.

Register for Inside your weakest link: How persistent attackers view your endpoint strategy

Sponsored by: Hysolate

Inside your weakest link: How persistent attackers view your endpoint strategy

Our endpoints are a mess: users are frustrated, admins are unhappy and most breaches still start on an endpoint.

In this webcast, we will discuss today’s most common endpoint security strategies and technologies including Windows 10, Virtual Desktop Infrastructure, EPP, EDR, etc. In evaluating these approaches, we will look at each from the user’s perspective, the admin’s perspective, and most importantly: through the attacker’s perspective.

Let’s cut through the marketing fluff and discuss the benefits and drawbacks of various approaches so that you can better understand your weakest link.



Vendor Webcast

Attackers Who Live off the Land – How to Stop Them by Starving Them

Examine ways to deprive attackers of what they need to move laterally in your network

Register for Attackers Who Live off the Land – How to Stop Them by Starving Them

Sponsored by: Illusive

Attackers Who Live off the Land – How to Stop Them by Starving Them
Cyberattackers and insider threats increasingly rely on a living-off-the-land techniques to evade detection as they move toward critical systems. Every day, users and processes in your network leave goodies for attackers—credentials and connections that enable lateral movement and network persistence. 
 
In this upcoming webcast, we’ll examine ways to deprive attackers of what they need to move laterally in your network.
 
Join us to discuss:
  • How normal business activity creates dangerous opportunities for malicious lateral movement
  • The cyber hygiene functions needed to harden the network against LotL-style attacks
  • How continuous visibility into your attack surface can augment other core security functions, such as privileged access management (PAM) and vulnerability management.

Vendor Webcast

Deploying and servicing Windows 10 in the dawn of modern management

Explore what is possible today with pure modern management, how including Configuration Manager to deliver a co-managed environment changes the picture and how Windows Servicing Suite provides comprehensive, self-service automation that gives users a consistent experience whether in the office or remote.

Register for Deploying and servicing Windows 10 in the dawn of modern management

Sponsored by: 1E

Deploying and servicing Windows 10 in the dawn of modern management

With Windows 7 extended support ending in less than 10 months, time is running out for organizations that still have not completed their migration to Windows 10, who are now looking for the quickest and safest route to complete their migration in time. Those organizations that have already completed their migration are faced with the challenge of updating them with the semi-annual Feature Updates. With an increasingly remote workforce, a desire to reduce infrastructure and improve user experience, IT teams are looking to Microsoft Modern Management – a collection of cloud-based management technologies including Azure AD, InTune, AutoPilot, Windows Store for Business and Windows Update for Business – to address these challenges.

Whether migrating existing devices to Windows 10, provisioning new computers, replacing devices through normal hardware lifecycle or rebuilding devices to resolve issues (break-fix), the most important thing for the user is that they are able to get up and running with their data and applications with minimal disruption to their working day. Once the user has their new Windows 10 device, they don’t want to be inconvenienced with forced Feature Updates that render their device unusable just when they needed to do something important.

In this webcast, we explore what is possible today with pure modern management, how including Configuration Manager to deliver a co-managed environment changes the picture and how the 1E Windows Servicing Suite provides comprehensive, self-service automation that gives users a consistent experience whether in the office or remote.

20/20 webcast

Tomorrow’s attacks today

This webcast looks at the current threat prevention landscape, as well as looking ahead to what we might see in the months or years to come. Will your network be ready for every attack in the next generation breach? Probably not – but you could be better prepared.

Register for Tomorrow’s attacks today

Sponsored by: Juniper

Tomorrow’s attacks today

It’s 2 a.m. Do you know where that threat to your network is coming from? If not, perhaps you need to beef up your threat identification and prevention software. Today not only are threats constant, they are often masked as either valid data transmissions or as nothing more than simply communications via email or a messaging app. It also might be fileless in the form of a query that asks the user to take an action that will generate the breach, so there might be nothing for your defensive measures to find in the incoming transmission at all. This webcast looks at the current threat prevention landscape, as well as looking ahead to what we might see in the months or years to come. Will your network be ready for every attack in the next generation breach? Probably not – but you could be better prepared.

20/20 webcast

Schrödinger’s Network

Join us for this 20/20 webcast that looks at network visibility – what it is, why it’s essential and what happens when you don’t have it.

Register for Schrödinger’s Network

Sponsored by: FireMon

Schrödinger’s Network

One would think that network security is just an extension of the Schrödinger’s cat thought experiment.

One need not actually see the data files to know what you have and both how and where it’s moving through your networks, but if you want to be compliant with the multitude of laws worldwide concerning privacy, personal information, and especially personal health information, you had better know what you have, where it is and its status.

Today’s 20/20 webcast looks at network visibility – what it is, why it’s essential and what happens when you don’t have it.

DemoCast webcast

Cloud app security without gaps for any device, anywhere: iboss and Microsoft CAS partnership

Join us, Paul Martini, CEO/CTO at iboss Cloud Security and Anisha Gupta, Program Manager at Microsoft as we discuss the challenges and best practices in securing safe, controlled access to cloud apps.

Register for Cloud app security without gaps for any device, anywhere: iboss and Microsoft CAS partnership

Sponsored by: iboss

Cloud app security without gaps for any device, anywhere: iboss and Microsoft CAS partnership

As the network perimeter continues to erode and more of your corporate data is living across multiple clouds, ensuring your employees have safe and monitored access to approved cloud apps is essential.

Just as important is the ability to detect those leveraging unauthorized cloud apps which can violate corporate and regulatory policy as well as expose the organization to data loss.

Join us, Paul Martini, CEO/CTO at iboss Cloud Security and Anisha Gupta, Program Manager at Microsoft as we discuss the challenges and best practices in securing safe, controlled access to cloud apps.

Vendor Webcast

Remove the bias from your vulnerability management program

Uncover the limitations of vulnerability management tools and the risks associated with unknown assets.

Register for Remove the bias from your vulnerability management program

Sponsored by: Expanse

Remove the bias from your vulnerability management program

Vulnerability scanners are indispensable in an IT team’s toolkit. Unfortunately, they have one big flaw: they can only scan what you tell them to scan. But what about the assets you don’t know about?

A robust security program is incomplete – and your vulnerability management tools are not being used to their full potential – if you do not address their limitations dealing with unknowns. In this webcast, you’ll learn:

  • The limitations of vulnerability management tools
  • The risks associated with unknown assets
  • Methods you can use to find those unknown assets

Vendor Webcast

2019 Phishing threat landscape: Real phish remain the real problem

Examine all of the obvious changes in the phishing threat landscape, plus look ahead at trends shaping 2019.

Register for 2019 Phishing threat landscape: Real phish remain the real problem

Sponsored by: Cofense

2019 Phishing threat landscape: Real phish remain the real problem

Despite investment in next-gen technologies and employee awareness training phishing threats continue to become more sophisticated and more effective. It’s time for organizations to accept that REAL phish are the REAL problem. Join the Cofense Phishing Threat Landscape review to discover the trends defining phishing in 2019 and priorities for defending your organization going forward.

Attend this webinar to learn how attackers are:

  • Using major malware types and their innovative tactics, techniques, and procedures
  • Intensifying credential theft as organizations move infrastructure and applications to the cloud
  • Evolving Emotet and the threat actors behind the botnet
  • Increasing proliferation of sextortion phishing emails

We’ll examine all of the obvious changes in the phishing threat landscape, plus look ahead at trends shaping 2019.

Vendor Webcast

Gray Day: How I caught the most damaging spy in American history

Imagine if the FBI locked you in a room for eight hours a day with the most ruthless and damaging spy in United States history.

Register for Gray Day: How I caught the most damaging spy in American history

Sponsored by: Carbon Black

Gray Day: How I caught the most damaging spy in American history

Imagine if the FBIlocked you in a room for eight hours a day with the most ruthless and damagingspy in United States history. Imagine feeling unqualified and outgunned,knowing the country depends on you to succeed despite the fact no one hasprovided the means to do so. Robert Hanssen was a notorious cyber spy chargedwith selling American secrets to Russia for more than US$1.4 million in cashand diamonds.

His ability toexploit computer systems allowed him to protect his identity during a 22-yearspy career. In this edge-of-the-seat spy thriller talk, Eric O’Neill sharesintricate details of the investigation and shows how you can find successinside yourself by setting small goals that lead to big accomplishments untilfinally, through courage, confidence, and determination, victory is achieved.

Join us for a webcast highlighting Eric’s story and more.

Vendor Webcast

Dissecting Shlayer Malware via MITRE ATT&CK

Join us for “Dissecting Shlayer Malware via MITRE ATT&CK” to learn an introduction to Shayler, the method this malware uses to subvert built-in macOS security mitigations, and how the techniques used by this malware map to the MITRE ATT&CK framework, visualizing this using a real-world sample.

Register for Dissecting Shlayer Malware via MITRE ATT&CK

Sponsored by: Carbon Black

Dissecting Shlayer Malware via MITRE ATT&CK

Over the past year, a family of macOS malware named Shlayer has been successful at infecting countless numbers of systems across the world.

Join us for “Dissecting Shlayer Malware via MITRE ATT&CK” to learn:
· An introduction to Shayler
· The method this malware uses to subvert built-in macOS security mitigations
· How the techniques used by this malware map to the MITRE ATT&CK framework, visualizing this using a real-world sample.

Vendor Webcast

The ransomware hostage rescue guide

Join us and Erich Kron CISSP, Security Awareness Advocate at KnowBe4 we look at scary features of new ransomware strains, give actionable info that you need to prevent infections, and provide tips on what to do when you are hit with ransomware. 

Register for The ransomware hostage rescue guide

Sponsored by: KnowBe4

The ransomware hostage rescue guide

It is estimated that a business falls victim to a ransomware attack every 40 seconds, adding up to a projected $11.5 billion in damages for this year.

As ransomware attacks become more targeted and damaging, your organization faces increased risk that can have your networks down for days or even weeks. So, how can your organization avoid getting held hostage?

Join us and Erich Kron CISSP, Security Awareness Advocate at KnowBe4 we look at scary features of new ransomware strains, give actionable info that you need to prevent infections, and provide tips on what to do when you are hit with ransomware. 

In this webcast we will cover:

What new scary ransomware strains are in the wild

  • Am I infected?
  • I’m infected, now what?
  • Proven methods of protecting your organization
  • How to create a “human firewall”

Don’t get held hostage and become a statistic! Join us to learn how to avoid these scary attacks.

20/20 webcast

Identifying tomorrow’s threat intelligence profile

This 20/20 looks at how threat intelligence used for proactive and reactive applications, combined with a variety of analytics applications, can help you identify future as well as existing threats. 

Register for Identifying tomorrow’s threat intelligence profile

Sponsored by: Rapid7

Identifying tomorrow’s threat intelligence profile
You’ve spent a lot of time, money and effort to build out a mature network- and data-security team. You’ve gone through the growing pains to identify the mistakes that lead to fraud and data breaches because the staff didn’t know what to look for, and the blood, sweat and tears of building an experienced team with appropriate tools for the day.

Now what? Everything you’ve done in the past has prepared you for fighting legacy attacks — the bad guys (and gals) are morphing their precision attacks on a daily basis, so the question becomes: What have you done to fight tomorrow’s attacks?

This 20/20 looks at how threat intelligence used for proactive and reactive applications, combined with a variety of analytics applications, can help you identify future as well as existing threats.    

DemoCast webcast

Mastering prevention: See more attacks, stop more attacks

Uncover how you can use behavioral analytics to prevent both known and unknown threats

Register for Mastering prevention: See more attacks, stop more attacks

Sponsored by: Carbon Black

Mastering prevention: See more attacks, stop more attacks

Today’s attackers are constantly evolving and adapting to bypass traditional endpoint security, making it difficult for many organizations to keep their systems safe. 

Simply relying on signatures — which are easily changeable — is no longer an effective way of protecting your systems. In order to future-proof yourself from emerging threats, you need to take an approach that looks at behaviors and attack patterns. 
Join us as we discuss:
  • How you can use behavioral analytics to prevent both known and unknown threats
  • How to ask questions of all endpoints and take action to remediate in real time
  • How you can gain better visibility into your enterprise with Next-Gen AV and Live Query capabilities, provided on a single console with a single agent

20/20 webcast

Reactive Intelligence

This 20/20 webcast looks at what we can do today to better prepare for the attacks of tomorrow by understanding the threat intelligence ecosystem and improving how CISOs can identify attackers already within the network more quickly.

Register for Reactive Intelligence

Sponsored by: Anomali

Reactive Intelligence

It seems that every time we see advancements in threat intelligence and analytics, the bad guys are already a step ahead of us.

No matter how much money we throw at new technology, new data feeds and new training, attackers are still making their way into our networks, stealing our data, and making the data security teams and the C-suite look like the junior varsity team playing against the pros. Often security pros talk about threat intel as a tool for proactive attack deterrence and interception, but the technology is equally useful, if not more useful, in reactive identification of successful intrusions.

This 20/20 webcast looks at what we can do today to better prepare for the attacks of tomorrow by understanding the threat intelligence ecosystem and improving how CISOs can identify attackers already within the network more quickly. Understanding what makes a threat intelligence ecosystem will help CISOs understand what might be missing in theirs and serve as the necessary gap analysis to ensure your threat intel is working up to its peak performance.

Vendor Webcast

2019 State of the Phish

Explore findings from the 2019 State of the Phish Report. and uncover data-driven intelligence you and your team need to manage end-user risk more effectively within your organization.

Register for 2019 State of the Phish

Sponsored by: Proofpoint

2019 State of the Phish

Phishing continues to be the number one attack vector. Why? Because it works — all too well. Today’s cybercriminals can evade advanced perimeter technology through carefully planned, increasingly sophisticated phishing attacks. Industries of every kind are affected, from financial organizations to government contractors to healthcare firms.

Join Proofpoint Security Awareness Training for a webinar, where we’ll explore findings from the 2019 State of the Phish Report. It provides the data-driven intelligence you and your team need to manage end-user risk more effectively within your organization. In this webinar, we will explore data related to the following:

– Tens of millions of simulated phishing emails: Analysis of tens of millions of simulated phishing emails sent to end users over a 12-month period.

– 16 industries: Comparisons of activities and results from organizations and their employees across 16 industries.

– Nearly 15,000 survey responses from infosec professionals: Responses reveal the challenges they are facing, their views of the threat landscape, and the actions they’re taking to fend off phishing attacks.

– 7,000+ technology user insights: Results from a survey of more than 7,000 working adults in the US, UK, France, Germany, Italy, Australia, and Japan, providing a global perspective on the awareness levels of the average end user.

Vendor Webcast

How to Remove Complexity as a Threat to Security

Uncover how hybrid, mobile, and on-demand IT increase security complexity and how to remove unnecessary complexity.

Register for How to Remove Complexity as a Threat to Security

Sponsored by: Cyxtera

How to Remove Complexity as a Threat to Security

No doubt as a security leader you are constantly making decisions on what tools and solutions are needed to secure your elusive IT landscape. Complexity may be threatening your security posture as you react to secure your hybrid workloads.

 
Join Leo Taddeo, CISO at Cyxtera and former Special Agent in Charge of the Special Operations/Cyber Division of the FBI’s New York Office alongside Jason Garbis and Ian Breeze of Cyxtera, as we address the mounting complexity security professionals face today. You will hear recommendations for removing unnecessary complexity that threatens your cyber resiliency.

Key Topics:

  • How hybrid, mobile, and on-demand IT increase security complexity
  • How the evolving landscape of digital risk adds complexity
  • How to remove unnecessary complexity
  • Where to focus your efforts

Vendor Webcast

From chaos to clarity: New trends on securing roaming users & branch offices

With highly distributed environments becoming the norm, find out how to shift your security, gain control and protect users more effectively.

Register for From chaos to clarity: New trends on securing roaming users & branch offices

Sponsored by: Cisco

From chaos to clarity: New trends on securing roaming users & branch offices

With highly distributed environments becoming the norm, SaaS usage on the rise and roaming users an attractive target for threats, find out how to shift your security, gain control and protect users more effectively.

Enterprise Strategy Group partnered with Cisco to validate trends in the market, customer perceptions and technology consumption patterns. Research reveals a shift in the market leading to a fundamentally new approach to how organizations secure roaming users and branch office (ROBO) locations.

Join ESG Security Analyst, Jon Oltsik, and Cisco Product expert, Negisa Taymourian, for a unique perspective on the state of cybersecurity today.

Vendor Webcast

Comparing SIEMs, MDR, and MSSPs for security monitoring, detection, & response

Compare and contrast SIEM, MDR, and MSSP so you have the right questions in hand when considering your options.
 

Register for Comparing SIEMs, MDR, and MSSPs for security monitoring, detection, & response

Sponsored by: Arctic Wolf

Comparing SIEMs, MDR, and MSSPs for security monitoring, detection, & response

Midmarket enterprises need to monitor their environment to detect and respond to threats that inevitably crop up.  There are three major approaches to solving this security conundrum: deploy a security information and event management system (SIEM), use managed detection and response (MDR), or use a managed security service provider (MSSPs).  This webinar compares and contrasts the three approaches so you have the right questions in hand when considering your options.
 
What you will learn:

  • Why monitoring, detection and response is an essential element of a robust security strategy
  • What elements comprise the SIEM, MDR, and MSSP solution approaches?
  • How do these approaches take advantage of the cloud as well as monitor cloud assets?
  • What is the security “sweet spot” for MDR? 

Vendor Webcast

Implementing behavioral analysis and attacker deception for higher confidence AppSec

Learn how to quickly and successfully implement solutions that leverage behavioral analytics and attacker deception.

Register for Implementing behavioral analysis and attacker deception for higher confidence AppSec

Sponsored by: Threat X

Implementing behavioral analysis and attacker deception for higher confidence AppSec

Modern AppSec is driven by hard metrics and results. Teams need to secure a larger application footprint, address a higher volume of threats, reduce open cases, and virtually eliminate false positives, and they must do it with limited time and inadequate resources.

The expectations and threats against security teams are “next-gen,” but the tools with which they’re asked to respond are not.

In Part I of this series, Strengthen your web app defenses using behavioral analysis and attacker deception, we dove into the various behavioral analysis and attacker deception approaches that make for truly next-gen AppSec, and the benefits of each. In this webcast, we will share how to quickly and successfully implement solutions that leverage behavioral analytics and attacker deception. 

We will also show examples of how each detection strategy can be used in real-world scenarios to drive blocking decisions that are accurate, scalable, and measurable.

Topics will include:

  • Using behavioral analysis to detect threats early in the kill chain
  • The act and benefits of engaging attackers in deception techniques
  • Using decision engines to reduce both false positives and caseloads
  • Implementing these techniques in your AppSec strategy

Vendor Webcast

Getting more from less: 3 ways replacing AV with a security platform can help you

48% of organizations are using more than 25 different discrete or point security tools to manage, investigate, and respond to security threats.

What if it was possible to have a single platform that simplified your security stack and improved your protection?

Register for Getting more from less: 3 ways replacing AV with a security platform can help you

Sponsored by: Carbon Black

Getting more from less: 3 ways replacing AV with a security platform can help you

The threat landscape is growing increasingly sophisticated and is bypassing traditional antivirus. To combat this, IT and security professionals are adding products to their security stack.

In fact, 48% of organizations are using more than 25 different discrete or point security tools to manage, investigate, and respond to security threats. Each has its own endpoint agent, dataset, console, and back end. The result is a lot of complexity and not enough efficacy. It doesn’t have to be this way.

What if it was possible to have a single platform that simplified your security stack and improved your protection?

Join us for this webcast where we will discuss:

  • The current state of security and why adding more point solutions isn’t the answer
  • How replacing traditional antivirus with consolidated endpoint security in the cloud can improve your protection and simplify your operations
  • How predictive security cloud can make it easier for you to prevent, investigate, remediate, and hunt for threats.

Editorial webcast

Encryption everywhere: It’s the best of times and the worst of time

This webcast will look at the issues surrounding encryption everywhere, ranging from productivity and latency challenges to the benefits of protecting the data all the time and everywhere.

Register for Encryption everywhere: It’s the best of times and the worst of time

Sponsored by: Cisco

Encryption everywhere: It’s the best of times and the worst of time

Encryption has been the standard by which companies are able to protect their data from prying eyes. Encrypting data at rest, data in transit and active data can be a challenge on multiple levels.

Today’s webcast looks at the issues surrounding encryption everywhere, ranging from productivity and latency challenges to the benefits of protecting the data all the time and everywhere.

Remember that the bad actors are lurking everywhere, so that’s where your data needs protection.

Vendor Webcast

The state of encryption and how to improve it

Explore the use of encryption and access controls to understand how organizations currently use these technologies and identify IT and security professionals’ top priorities in file security.

Register for The state of encryption and how to improve it

Sponsored by: Vera

The state of encryption and how to improve it

Join us as we explore the use of encryption and access controls to understand how organizations currently use these technologies and identify IT and security professionals’ top priorities in file security.

What you’ll learn:

  • How organizations currently use access controls and encryption to avoid security breaches
  • Why sensitive and personal data is often left accessible and unencrypted
  • How Always-on File Security puts security teams back in control of data, even when it’s shared with others

Vendor Webcast

Using Zero Trust to protect financial services networks

With Phil Packman, a CISO at BT, as your host, learn from the founder of Zero Trust & Field CTO at Palo Alto Networks, John Kindervag, and the VP of Global Financial Services at Forescout, Tom Dolan, how your company can more easily embrace Zero Trust to proactively combat today’s high frequency and sophistication of cyberattacks.

Register for Using Zero Trust to protect financial services networks

Sponsored by: ForeScout

Using Zero Trust to protect financial services networks

Is Zero Trust really achievable given the complexity in financial service organizations, especially considering limited staff, mergers and acquisitions and compliance pressures? 

Join us to learn how your company can embrace Zero Trust to:

  • Proactively combat today’s high frequency and sophistication of cyberattacks
  • Gain unparalleled situational awareness of malicious activity
  • Prevent the exfiltration of sensitive data and money
  • Simplify adherence to compliance regulations

Vendor Webcast

Is browser isolation the new ‘sandbox’ for security?

Identified by Gartner as “one of the single most significant ways to reduce web-based attacks,” remote browser isolation has become an important line item in IT budgets around the world. But not all Isolation is created equal.  With so many offerings how do you weed through the noise?

Register for Is browser isolation the new ‘sandbox’ for security?

Sponsored by: Menlo Security

Is browser isolation the new ‘sandbox’ for security?

Protecting organizations from web threats has typically been done with a proxy or DNS solution, but a new approach has emerged.

Isolation defends against today’s sophisticated zero-day exploits using an “air-gapped” browsing approach.

Identified by Gartner as “one of the single most significant ways to reduce web-based attacks,” remote browser isolation has become an important line item in IT budgets around the world. But not all Isolation is created equal.  With so many offerings how do you weed through the noise?

Join us and Menlo Security to learn:

  • Why remote browser isolation technology adoption is on the rise
  • Key use cases for Isolation that should be evaluated
  • 3 critical requirements when selecting a practical browser isolation solution

Vendor Webcast

Strengthen your web app defenses using behavioral analysis & attacker deception

Uncover the roles that behavioral analysis and active attacker engagement and deception play in application security.

Register for Strengthen your web app defenses using behavioral analysis & attacker deception

Sponsored by: Threat X

Strengthen your web app defenses using behavioral analysis & attacker deception

Overburdened security teams are finding it increasingly difficult to keep pace with the enormous volume and increasing sophistication of daily threats. This, coupled with the limitations and challenges of traditional WAF signature approaches has left many organizations exposed and desperate to find a solution.

What we need are detection and remediation options that are fast, automated, and accurate, but the path to a solution may not be clear for busy security teams. What solutions exist today to make this possible? And how can well-established security teams make the transition?

Join us for part I of this two-part series where we will go beyond the search for the “perfect” tool, and instead, show the practical power of combining two next-generation techniques into a single automated process. Specifically, we will review the roles that behavioral analysis and active attacker engagement and deception play in application security, and how when combined, they deliver accurate and low-burden threat protection results that far surpass legacy AppSec approaches.

Key topics will include:

  • Different types of behavioral analysis in application security
  • Strengths and weaknesses of behavioral analysis
  • An overview of techniques for attacker engagement and deception
  • How to combine both techniques into an automated application security model

Vendor Webcast

Vulnerability management – Why programs fail and what you can do about it

Explore some of the more common reasons vulnerability management programs fail, and more importantly what we can all do to ensure that doesn’t happen.

Register for Vulnerability management – Why programs fail and what you can do about it

Sponsored by: Rapid7

Vulnerability management – Why programs fail and what you can do about it

Vulnerability management should be at the core of every information security program (it’s CIS Control #3) and yet it is often one of the most misunderstood elements.
 
Requiring strong leadership and many foundational elements to be successful, programs often topple because the legs of the table we have built are not sturdy to hold the weight of our scanning tools, and the data these tools produce.
 
Join us and Rapid7’s Brian Carey for a discussion on some of the more common reasons vulnerability management programs fail, and more importantly what we can all do to ensure that doesn’t happen.
 
Some of the topics we’ll cover include:

  • The leadership void – setting goals and expectations from the top
  • Roles & responsibilities
  • Asset management
  • Classification & prioritization
  • Remediation
  • Reporting to your executive teams & board

20/20 webcast

Digging down into a resilient infrastructure

Take a deeper dive into determining your resilience, looking at what components constitute a resilient framework and how to measure if your framework is making an impact.

Register for Digging down into a resilient infrastructure

Sponsored by: Capsule8

Digging down into a resilient infrastructure

During our 20/20 webcast Resilience is not futile, we discussed the importance of building resilience into your security program. 

As we continue our discussion on cyber resilience, we’ll take a deeper dive into determining your resilience, looking at what components constitute a resilient framework and how to measure if your framework is making an impact.
 
Among the topics we’ll discuss are practices and metrics that security teams should consider when attempting to adopt resilience. 

20/20 webcast

Integrating security across your cloud

This 20/20 webcast will look at how data is managed, performance is monitored and analytics are collected and normalized across the cloud infrastructure. It will also look at how security operations are managed and executed in this ever-changing environment.

Register for Integrating security across your cloud

Sponsored by: Symantec

Integrating security across your cloud

As companies move their applications and operations from on-prem data centers to the cloud, a variety of security concerns become more complex. 

Applying security controls to servers outside of the physical control of IT means depending on web services and remote management.  And since your data might not be in a single cloud – one benefit of cloud computing is spreading your data among multiple physical servers – data management can be difficult. 

This 20/20 webcast will look at how data is managed, performance is monitored and analytics are collected and normalized across the cloud infrastructure. It will also look at how security operations are managed and executed in this ever-changing environment.

Vendor Webcast

Networking and security – Bury the hatchet in the cloud

Join us to find out why joining forces with your networking manager may be the best thing for your security team right now.

Register for Networking and security – Bury the hatchet in the cloud

Sponsored by: Cisco

Networking and security – Bury the hatchet in the cloud
Are network operations and security teams burying the hatchet? 
 
According to the 2018 Enterprise Network Management Megatrends report, 91 percent of network operations teams have established formal collaboration with the security team.
 
Enterprises around the globe are grappling with the transition to the cloud and what that means for networking and security practices. 
 
After years of being at odds, shared goals have brought these teams together. Aligning efforts is leading to risk reduction, cost containment, improved performance, and better security.
 
Join us to find out why joining forces with your networking manager may be the best thing for your security team right now.

Vendor Webcast

The impact of unsecured digital identities

Uncover the real costs of unsecured identities, and how building a case using compelling data can help you better protect your organization.

Register for The impact of unsecured digital identities

Sponsored by: Keyfactor

The impact of unsecured digital identities

Between tracking devices and certificates, getting ahead of cert expirations, and preventing outages – all with limited resources and funding – it’s not easy to feel confident that you’re doing all you can to reduce the risk of a breach or downtime.

Keyfactor’s 2019 study with the Ponemon Institute, The Impact of Unsecured Digital Identities, is the first report of its kind to provide data on the risks that unmanaged certificates pose. And it shows the business impact – to your brand, customer retention and productivity – that will earn the attention of senior executives.

Join industry expert Larry Ponemon and Keyfactor’s CSO Chris Hickman to learn more about what they’ve uncovered, the real costs of unsecured identities, and how building a case using compelling data can help you better protect your organization.

Fascinating findings include:

  • Respondents experienced an average of four unplanned outages due to certificate expiration in the past two years at an average cost of $11.1M
  • 65% of respondents are adding additional layers of encryption technologies to comply with regulations & policies
  • 61% of companies are not confident they’re able to secure keys and certificates from generation to revocation 
As an attendee, you’ll receive a free copy of the report which you can share with your team and leadership.

Vendor Webcast

Undetected malware: The ticking time bomb in your network

An Accenture report found that in 2017 there were 130 large-scale targeted breaches in the US ­­­­– a number growing by 27% per year.

So how can a security team proactively search out and eliminate this undetected malware?

Register for Undetected malware: The ticking time bomb in your network

Sponsored by: Reversing Labs

Undetected malware: The ticking time bomb in your network

With all the security defenses organizations have in place, it is a wonder that cyberattacks still get through, but they do.

An Accenture report found that in 2017 there were 130 large-scale targeted breaches in the US ­­­­– a number growing by 27% per year. These attacks go undetected for months, and once detected, take weeks and hundreds of thousands of dollars to contain.

So how can a security team proactively search out and eliminate this undetected malware?

Join us as we discuss:

  • The limitations of existing security infrastructure and why malware and malicious code infections continue to rise
  • How automated static analysis offers greater visibility to advanced malware attacks
  • A before-and-after case study of an “unknown PDF” attachment to a phishing attack email

20/20 webcast

User education: The key to the malware and credential theft explosion

This 20/20 webcast will look at how to educate users to be that last line of intelligent defense, that is smarter than the technology and how to teach them to recognize phishing and other potential threats that was clever enough to get past our technological best efforts.

Register for User education: The key to the malware and credential theft explosion

Sponsored by: Cofense

User education: The key to the malware and credential theft explosion

We’ve heard it from the experts time and time again – the user is the last line of defense for information security.

The problem, of course, is that users often expect and assume that the first, second, and third lines of defense – the company’s security technology – has already stopped threats and attacks before they even get to the users’ systems.

We in the industry know this isn’t always accurate, but how do you explain that to users?

That’s exactly what we plan to address in this 20/20 webcast – how to educate users to be that last line of intelligent defense, that is smarter than the technology; we’ll talk about how to teach them to recognize phishing and other potential threats that was clever enough to get past our technological best efforts.

Vendor Webcast

ATT&CK™ deep dive: Lateral movement

Join us for a deep dive into the MITRE ATT&CK™ framework and lateral movement. 

Register for ATT&CK™ deep dive: Lateral movement

Sponsored by: Carbon Black

ATT&CK™ deep dive: Lateral movement
Emotet has been big news for years, with research outlets regularly taking fresh looks at the malware as it evolves to infect organizations of all sizes. The trojan moves laterally to target employees’ banking credentials or deliver other malware. 
 
Join us for a deep dive into the MITRE ATT&CK™ framework and lateral movement. 
 
This ATT&CK™ Deep Dive will walk through how to:
  • Detect and respond to tactics in the Emotet malware family
  • Apply detection strategies to find other threats
  • Build your detection program with similar repeatable processes

Vendor Webcast

Best practices for complying with application security regulations for financial services

How to navigate key financial compliance requirements and regulations through application security and secure development.

Register for Best practices for complying with application security regulations for financial services

Sponsored by: Veracode

Best practices for complying with application security regulations for financial services

Over the past several years, the financial industry has issued regulations addressing cybersecurity and information security controls. As a result, enterprises within the industry are now holding their software vendors accountable for meeting standard application security policies.

Most organizations are still dealing with manual processes and arduous penetration testing, and therefore demonstrating compliance via minimal documentation. As a result, these organizations and their suppliers are at risk of noncompliance, and worse, of breach.

Tune in to this webcast where Chris Wysopal, Chief Technology Officer and Co-Founder at Veracode, will discuss how to navigate key financial compliance requirements and regulations through application security and secure development.

Specifically he will discuss:

  • The impact of recent major regulations – the EU General Data Protection Regulation (EU GDPR) and NY State Department of Financial Services (NY DFS) Cybersecurity Regulations – on application security standards and secure development practices

  • How to get started with secure development practices in order to effectively navigate these requirements

  • How to build a software development process that has continuous security, is measurable, and is transparent

Vendor Webcast

The Pilot’s Checklist: Cover your six

Explore the art of systemically identifying gaps before it’s too late

Register for The Pilot’s Checklist: Cover your six

Sponsored by: Carbon Black

The Pilot’s Checklist: Cover your six

More and more often, we hear about another high-profile cybersecurity breach or ransomware attack at a large, well-known organization.

When it comes to nailing security fundamentals and suppressing operational risk, security professionals today can learn a thing or two from the elite pilots that have dominated the skies since World War II.

Join us and Carbon Black Security Strategist Jason Madey as we walk you through the pilot’s checklist and discuss how a forty-thousand-foot view keeps your organization safer from cyberattacks. In this webcast you’ll learn:

  • How to keep your fleet in line with unfiltered visibility
  • The art of systemically identifying gaps before it’s too late
  • What historical approaches for suppressing risk mean for us today

Vendor Webcast

Debunking the top 5 myths about SIEM

Uncover the truth about the capabilities a SIEM can provide, how a SIEM can help you address security and compliance and what it takes to manage one.

Register for Debunking the top 5 myths about SIEM

Sponsored by: IBM

Debunking the top 5 myths about SIEM

Do you ever hear conflicting opinions about SIEMs and wonder what to believe? There are some common myths and misconceptions about SIEM solutions that we want to dispel.

In this webcast, we will provide the truth about the capabilities a SIEM can provide, how a SIEM can help you address security and compliance and what it takes to manage one.

You’ll hear security experts review:

  • Popular SIEM myths and common misconceptions
  • Why you should leverage a modern SIEM for a proactive security posture
  • What to expect from a modern SIEM platform today

20/20 webcast

The art of cyberwar

This 20/20 webcast looks at the motivations of cybercriminals, the kinds of vulnerabilities they are looking for in your network, and why it is essential for companies to understand and acknowledge their own limitations and how they can address those challenges in order to gain the upper hand over potential attackers.

Register for The art of cyberwar

Sponsored by: Thycotic

The art of cyberwar

The ancient Chinese General Sun Tzu famously wrote about how to win military encounters by knowing your enemy.

Millennia later, his lessons about knowing your cyberenemy are just as valid as his military tactics from 2500 years ago.

This 20/20 webcast looks at the motivations of cybercriminals, the kinds of vulnerabilities they are looking for in your network, and why it is essential for companies to understand and acknowledge their own limitations and how they can address those challenges in order to gain the upper hand over potential attackers.

Vendor Webcast

Today’s balancing act: Security & flexibility

Explore how a sound cloud security strategy can help better defend against security threats, simplify security and support user demands. 

Register for Today’s balancing act: Security & flexibility

Sponsored by: Cisco

Today’s balancing act: Security & flexibility

As core enterprise apps and services move to the cloud, you need to protect access across all devices, office locations, and roaming users — even when they’re off VPN.

Nowhere is this more apparent than in the consulting industry. While comfort levels with cloud services are on the rise, complexity persists regarding visibility and control.

If you’re struggling with how to balance flexibility with the need to safeguard company and client data against malware and risk of exposure, join us on Wednesday, February 27th.

Our guest speaker, Joseph Paradi, Sr. Director ITS Infrastructure at Avanade, will discuss how a sound cloud security strategy can help better defend against security threats, simplify security and support user demands.

Vendor Webcast

How to select and evaluate endpoint security products

Uncover why 8 percent of security and IT professionals do not feel adequately prepared to defend their organizations.

Register for How to select and evaluate endpoint security products

Sponsored by: Carbon Black

How to select and evaluate endpoint security products

93 percent of organizations are targets on non-malware attacks. At the same time, attackers are innovating faster than traditional defenses can keep up.

It’s no wonder 8 percent of security and IT professionals do not feel adequately prepared to defend their organizations.

It’s time for a new approach to endpoint security. But with so many offerings what should you buy?

During this webcast you’ll learn:

  • How to determine the capabilities you need to address the problems you face
  • The top questions you should ask an endpoint security vendor to understand the nuances of their approach
  • How next-generation endpoint security can help you prevent, detect, and respond to threats

Vendor Webcast

Key considerations for improving your threat detection and response strategy

Join us as we discuss the results of the 2019 Threat Detection and Response Survey and how the findings can inform threat detection and response for CISOs in the year to come.

Register for Key considerations for improving your threat detection and response strategy

Sponsored by: Fidelis

Key considerations for improving your threat detection and response strategy

As adversaries continue to have success, more organizations have recognized the need to implement a threat detection and response strategy. However, with an expanding attack surface, lack of skilled resources, and blind spots across the environment, this is a huge challenge to overcome.

That’s why Fidelis commissioned research firm ESG to conduct a survey that would identify the key challenges that cybersecurity professionals are facing when approaching threat detection and response today, and what trends and strategies are forming as a result.

Join us as Senior Principal Analyst and ESG Fellow, Jon Olstik and Fidelis Threat Research Director, Danny Pickens along with SOC Operations expert, Travis Aldrich, discuss the results of the 2019 Threat Detection and Response Survey. We’ll be considering the implications of the results and how these findings can inform threat detection and response for CISOs in the year to come.

Key themes covered will include:

  • Threat hunting in a detection and response strategy
  • Threat intelligence reigning supreme as an EDR attribute
  • Point products vs. consolidated solutions
  • Detection and response and dealing with the skills shortage

Vendor Webcast

Cybersecurity metrics – Visibility to make the right decisions

Learn how you can be confident in not just making decisions, but the right ones with data backing you.

Register for Cybersecurity metrics – Visibility to make the right decisions

Sponsored by: Sumo Logic

Cybersecurity metrics – Visibility to make the right decisions

In cybersecurity, organizations are often blind and making decisions with no real data or understanding of their environment.

How do you even really know if you’re making the right decision? Is it just a flick of the wrist or is based off of what you had at breakfast? To win in cybersecurity, you must have real-time visibility into threats.

This webcast will discuss how you can be confident in not just making decisions, but the right ones with data backing you.

Vendor Webcast

The 2019 security strategy from the former CSO of Facebook and Uber

Uncover the major security risks to prepare for in 2019

Register for The 2019 security strategy from the former CSO of Facebook and Uber

Sponsored by: CloudFlare

The 2019 security strategy from the former CSO of Facebook and Uber

How are you planning to secure your employees, your company, and your customers in 2019?

Prior to joining Cloudflare as its Chief Security Officer (CSO) in 2018, Joe Sullivan spent 5+ years as CSO for Facebook and 2.5 years as CSO for Uber. He also previously held security and legal roles at PayPal and eBay and served on the Obama Administration as a member of the Commission on Enhancing National Cybersecurity.

With over a decade of experience from some of the world’s most influential companies, Joe will share the core strategies he is taking to help protect Cloudflare and, as a result, its 12M domains who rely on its services for security and performance.

Join us learn:

  • Major security risks to prepare for in 2019
  • The plan to improve internal discipline around “incident response”
  • The critical shift in thinking and strategy around the world becoming “borderless”
  • The “security maturity model” to evaluate and plan the security roadmap

If you and your team are in the middle of planning how to maintain and improve your security posture for 2019, sign up to attend now. Attendees will also get a copy of the actual Security Maturity Model you can use with your own team.

20/20 webcast

Through the DNS looking glass

This 20/20 webcast looks at the state of the art of DNS security, how things are changing and what CISOs need to know to help them sleep at night.

Register for Through the DNS looking glass

Sponsored by: Nominet

Through the DNS looking glass

There are no shortages of network security tools. For years we have been able to slice and dice the network, finding new ways not only secure the network, but also open vulnerabilities to those whose singular goal is to defeat our best security efforts.

One of the vital organs of the network is the Domain Name System, which maintains records on which device is doing what on the network, how often, what assets they access, and all kinds of data essential for an attacker.

This webcast looks at the state of the art of DNS security, how things are changing and what CISOs need to know to help them sleep at night.

20/20 webcast

Resilience is not futile: How to make life harder for hackers and fight back against attacks

This 20/20 webcast looks at how you can build a resilient response plan and team.

Register for Resilience is not futile: How to make life harder for hackers and fight back against attacks

Sponsored by: Capsule8

Resilience is not futile: How to make life harder for hackers and fight back against attacks

Not every company is able to survive a breach or disaster.

Poor planning, such as having your server backups in the same general area as your data center after an earthquake or flood, or a poorly defined incident response plan could lead to a company not being able to restore their systems after a breach or natural disaster.

Also, having all of your disaster recovery and business continuity capabilities in your physical data center could put you at greater risk.

This 20/20 webcast looks at how you can build a resilient response plan and team.

Vendor Webcast

Stop parasites on your network

Unwanted applications can hide for months or even years at a time on organizations’ networks — potentially causing security, compliance and performance risks.

So what should you do?

Register for Stop parasites on your network

Sponsored by: Sophos

Stop parasites on your network

Unwanted applications can hide for months or even years at a time on organizations’ networks — potentially causing security, compliance and performance risks.

And in many cases next-gen firewalls can’t identify and block them. So what should you do?

Join this informative webcast to see:

  • Common types of hidden apps and the problems they cause
  • Why most modern firewalls can’t identify them
  • How to solve the problem with Synchronized App Control

Vendor Webcast

The beginner’s guide to building your incident response playbook

Learn how to combine comprehensive intelligence gathering, incident management, workflows, and analytics to implement SOAR successfully at your organization.

Register for The beginner’s guide to building your incident response playbook

Sponsored by: DomainTools

The beginner’s guide to building your incident response playbook

Cybersecurity as an industry is seeing an ever increasing number in relation to our skills gap according to the recent ISC2 research, Cybersecurity Workforce Study, that states the shortage of cybersecurity professionals around the globe is nearing 3 million.

As these roles go unfilled, our practitioners are finding themselves increasingly unable to meet the needs of their organizations as severe/critical incidents rise to an average of 224 per day according to the 2018 EMA Megatrends Report.

Security Orchestration, Automation, and Response (SOAR) has the ability to help organizations with security processes, automation of specific actions, and intelligently inform teams, with the end goal of efficiency.

Join us to learn how to combine comprehensive intelligence gathering, incident management, workflows, and analytics to implement SOAR successfully at your organization.  

In this webcast you will learn:

  • Strategies to build out complementary datasets with your SOAR tools
  • Best practices in the deployment and use of SOAR tools
  • Real world examples of leveraging playbooks

Vendor Webcast

Checkmate: A lesson in vulnerability management strategy

Unlock actionable advice for building your vulnerability management program. 

Register for Checkmate: A lesson in vulnerability management strategy

Sponsored by: Rapid7

Checkmate: A lesson in vulnerability management strategy

The game of Chess originated in India around the 6th century AD. The purpose was believed to be for developing battle strategies, which is exactly what we do in cyber security.

Chess helps improve mental abilities such as problem solving, critical thinking, pattern recognition, planning ahead, focus and concentration. This is the same mindset we strive for as IT professionals, specifically in vulnerability management. The vulnerability management goal is easy. It’s the surrounding problems, patterns and planning that makes it difficult.

In this webcast, we will discuss thinking strategically of your vulnerability management program as a chess game. Our expert speaker, Nadean Tanner, will share actionable advice for building your vulnerability management program. 

Vendor Webcast

The business benefits of switching to endpoint security in the cloud

According to a Forrester study, organizations who switch to Predictive Security Cloud (PSC), a next-generation endpoint protection platform, can realize significant business benefits and cost savings.

Register for The business benefits of switching to endpoint security in the cloud

Sponsored by: Carbon Black

The business benefits of switching to endpoint security in the cloud

Endpoints are the front line of defense against cybercriminals, but traditional endpoint security is failing to protect from attacks. In fact, more than 50% of organizations surveyed in 2017 experienced a data breach.

According to a recent Forrester study, organizations who switch to Predictive Security Cloud (PSC), a next-generation endpoint protection platform, can realize significant business benefits and cost savings. The study focuses on replacing traditional endpoint security with NGAV and EDR on the PSC.

Join us, along with guest speaker Kathleen Byrne, Senior Consultant at Forrester, as we share the results of the study.

You will learn:

  • Forrester’s methodology and key findings
  • The quantifiable benefits participants in the study achieved by switching to the PSC, including better protection, improved visibility into threats, and faster response times
  • A framework you can use to evaluate the potential ROI your organization can achieve with the PSC

DemoCast webcast

Advance your threat hunting and incident response

Learn how you can correlate and visualize comprehensive information about endpoint events, giving you greater visibility into your environments.

Register for Advance your threat hunting and incident response

Sponsored by: Carbon Black

Advance your threat hunting and incident response

Today, attackers can compromise your environment in an hour or less. You need the power to respond and remediate in real time, stopping active attacks and repairing damage quickly.

Investigations that typically take days or weeks can now be completed in just minutes.

Learn how you can correlate and visualize comprehensive information about endpoint events, giving you greater visibility into your environments.

Join us as we:

  • Discover what happened at every stage of an attack with intuitive attack chain visualizations
  • Uncover advanced threats, minimize attacker dwell time, and prevent lateral movement
  • Automatically collect and store detailed forensic data for post-incident investigation
  • Use open APIs and out-of-the-box integrations to correlate data across your security stack

Vendor Webcast

Building a modern threat detection program: Where to begin?

The top threats industries face today—with an industry vertical breakdown

Register for Building a modern threat detection program: Where to begin?

Sponsored by: Rapid7

Building a modern threat detection program: Where to begin?

If you’re building out a strategy to find a compromise as it happens, it’s not a simple process. You need to map out the most likely threats to your organization, ensure you’re collecting the right security data, and make sure your team has the bandwidth, expertise—and confidence—to take action when evil appears on your network.

Join us for this webcast where we will cover:

  • The top threats industries face today—with an industry vertical breakdown
  • The data sources you need to collect and analyze
  • The structure & processes behind global SOCs
  • In-house SOC or MSSP? Properly assessing total cost of ownership and the hidden costs that lurk beneath.

Vendor Webcast

Adaptive defenses: The immunology of cyber resilience

Uncover why tactics – not tools – are key to cyber resilience.

Register for Adaptive defenses: The immunology of cyber resilience

Sponsored by: SecureWorks

Adaptive defenses: The immunology of cyber resilience

The exponential growth of the data economy demonstrates the increased value organizations place on digital information and reinforces the critical need for security to keep pace with the digital transformation.

Imagine a world where your cybersecurity system interacts with a software-driven ecosystem, and where learning models power software-driven detections and actions to deliver an ongoing defense. Then peer further into the future of a software derived ecosystem that provides ongoing resiliency and improves immunity to unknown cyber threats.

In our January 22 webcast, Secureworks CTO Jon Ramsey will walk through the biological equivalent of a future-proof security system that evolves at the speed and scale of digital transformation.

What You Will Learn:

  • How Secureworks’ network effect provides broad and diversified visibility into the global threat landscape
  • Why tactics – not tools – are key to cyber resilience
  • How the security space and Secureworks are moving toward adaptive defense

Vendor Webcast

Hybrid defense: How to defeat 2019’s biggest threats

Discover major industry trends like machine learning and security orchestration, automation, and response (SOAR), and also dive into how three key innovations—hybrid AI, hybrid cloud security, and hybrid IT teams— enable any organization to deploy world-class defenses.

Register for Hybrid defense: How to defeat 2019’s biggest threats

Sponsored by: Arctic Wolf

Hybrid defense: How to defeat 2019’s biggest threats

There’s one certainty in cybersecurity: 2019’s attacks are going to be even worse than the ones we’ve faced. So, how are cybersecurity experts gearing up to meet these new challenges? 

In this webcast, we will address major industry trends like machine learning and security orchestration, automation, and response (SOAR), and also dive into how three key innovations—hybrid AI, hybrid cloud security, and hybrid IT teams— enable any organization to deploy world-class defenses.

We’ll discuss how:

  • Human-AI hybrid technology delivers security that’s more than the sum of its parts
  • Managed detection and response (MDR) is rising to the challenge of new hybrid-cloud architectures for business
  • SOC-as-a-service is transcending the challenges posed by both in-house and traditional consulting staffing strategies

Vendor Webcast

Using a next gen WAF to effectively protect APIs & microservices

Expose the common challenges faced by application security teams to protect APIs and microservices, and how they differ from standard, legacy applications.  

Register for Using a next gen WAF to effectively protect APIs & microservices

Sponsored by: Threat X

Using a next gen WAF to effectively protect APIs & microservices

APIs have become a strategic necessity for conducting business due to the agility, innovation, and automation they enable. While 90% of the business reaps the benefits of this technology, the security teams are often exposed to a slew of new challenges that can’t be solved by long-standing security tools and strategies.

Unfortunately, the bulk of application security solutions are stuck in the dark ages, using bloated appliance or virtual appliance-based approaches that can’t automatically scale up and down with the application and don’t support automated deployments that are already built into the DevOps toolbox. It’s often like fitting a round peg into a square hole…it’s not going to work without some level of adaptation.  

For infinite scale, you want to tightly couple the deployment of security with your app. This demands a lot from your security strategy and your WAF. So, what are the characteristics of a WAF that matches this type of design? In this webcast, we will address 8 key elements of an API and microservices friendly web application firewall solution, including:  

  •    The ability to be centrally managed  
  •    Lightweight to allow linear scale 
  •    Support a robust API 

The experts will also expose the common challenges faced by application security teams to protect APIs and microservices, and how they differ from standard, legacy applications.  

20/20 webcast

Locking down vulnerabilities

This 20/20 webcast will look at how companies can determine what and where each device is located — be it in the cloud or on prem — where and how in those devices or platform the security vulnerabilities present themselves, and most important, how to determine the priority for what needs to be addressed now and what can wait until later.

Register for Locking down vulnerabilities

Sponsored by: Skybox

Locking down vulnerabilities

Managing vulnerabilities is sometimes considered the secret sauce of keeping companies secure.

First, of course, companies need to know what they have and where they have it. That’s a bigger challenge than you think, considering your “resources” might not actually be something you can access, such as a cloud infrastructure.

Next is distinguishing what is and is not a vulnerability. Once you identify a vulnerability, then comes the magic part: knowing which vulnerabilities need to be addressed immediately and which can be set aside for later.

This 20/20 webcast will look at how companies can determine what and where each device is located — be it in the cloud or on prem — where and how in those devices or platform the security vulnerabilities present themselves, and most important, how to determine the priority for what needs to be addressed now and what can wait until later.

Vendor Webcast

Enable secure branch transformation

Learn how you can enable secure branch transformation from the branch to cloud edge – without gaps.

Register for Enable secure branch transformation

Sponsored by: Cisco

Enable secure branch transformation

In today’s business environment, branch offices are more important than ever. For the average enterprise, branches generate the vast majority of revenue, but security at the branch remains limited.

As networks become more decentralized and users connect directly to SaaS applications, backhauling all traffic to apply security policy can be expensive, create performance issues and lead to a poor user experience.

So how can you reduce costs, improve security measures and improve application performance without introducing risk from direct internet access?

Join us to learn how you can enable secure branch transformation from the branch to cloud edge – without gaps.

Vendor Webcast

Accelerated security through cloud adoption

Learn from industry experts about common cloud adoption challenges and best practices for securing organic growth without hampering the gains that users are realizing.

Register for Accelerated security through cloud adoption

Sponsored by: Dropbox

Accelerated security through cloud adoption

Today’s cloud adoption is not only driven by the transformations happening across the IT landscape, but also the organic adoption by users where they are driving workflows that make them most productive.  Dropbox has been at the forefront of these converging trends, helping millions stay in sync and protecting important data on behalf of users and their associated organizations.

Come learn from industry experts about common cloud adoption challenges and best practices for securing organic growth without hampering the gains that users are realizing. We’ll talk about getting over the “cloud trust hump”, implementing identity and monitoring solutions that will give you the control and visibility needed for compliance, and flips IT/security from the voice of “No” to hero status.

Vendor Webcast

Slaying the beast! Getting your arms around your vulnerability management program

Take a closer look at why most security teams need vulnerability management, who to work with to get it done, and strategies to reduce the workload.

Register for Slaying the beast! Getting your arms around your vulnerability management program

Sponsored by: Rapid7

Slaying the beast! Getting your arms around your vulnerability management program

Security isn’t just about boundaries and defenses. Maintenance, especially in the form of patching, mitigation and threat reduction, are often just as important as a solid set of firewall rules for reducing an attacker’s ability to compromise your systems or networks.

For most security departments, this maintenance comes in the form of a vulnerability management program. Typically, these include patching, scanning, testing, mitigation- when they’re done properly, they can prevent incidents before they happen. Vulnerability management is the key to a strong security program in any enterprise, but it’s also a lot of work.

In this webcast, we’ll talk about why most security teams need vulnerability management, who to work with to get it done, and strategies to reduce the workload.

Editorial webcast

Wake up and smell the cyber attack

This webcast looks at some of the most popular retail targets and provides insights on how to defend against the ever-present web-based cyberattacker.

Register for Wake up and smell the cyber attack

Sponsored by: Cisco

Wake up and smell the cyber attack

For many retails, the holiday season is like printing money. According to the National Retail Federation, some retailers earn 30 percent of their annual revenue during the season. While the FBI’s IC3 database doesn’t break out crimes by month, its 2017 report shows increases in business email compromises (CEO Fraud), ransomware, and tech support fraud. The FBI reports it received more than 800 complaints on average per day.

Among the sites consumers will face during the holidays are fake retail web sites that actually are malware watering holes, spear phishing emails that drive targets to fake banking or financial services, and ransomware attacks that focus on the servers of web-based retail businesses that get the bulk of their revenue. Add on top of that the political turmoil gripping the nation and sites that purports to raise money for popular causes and now you have all the ingredients for a fraud-filled holiday bonanza.

This webcast looks at some of the most popular retail targets and provides insights on how to defend against the ever-present web-based cyberattacker.

20/20 webcast

A look back at attacks – The worst vulnerabilities and breaches in 2018 and what lies ahead

This webcast will discuss some of the worst breaches and attacks in 2018, some continuing breaches from years past that have yet to be stamped out, and what’s on the horizon in 2019.

Register for A look back at attacks – The worst vulnerabilities and breaches in 2018 and what lies ahead

Sponsored by: Capsule8

A look back at attacks – The worst vulnerabilities and breaches in 2018 and what lies ahead

The year kicked off with a full-on security meltdown when Meltdown and Spectre hit the scene. It was all downhill from there, from Saks to Panera to now Facebook (again), this webcast will discuss some of the worst breaches and attacks in 2018, some continuing breaches from years past that have yet to be stamped out, and what’s on the horizon in 2019.

We also will look at types of attacks and potential targets, how to prepare yourself, and potential legal ramifications for failing to protect customers’ privacy.

Vendor Webcast

Getting more from less: 4 ways replacing AV with a security platform can help you

Take a look at the current state of security and why adding more point solutions isn’t always better

Register for Getting more from less: 4 ways replacing AV with a security platform can help you

Sponsored by: Carbon Black

Getting more from less: 4 ways replacing AV with a security platform can help you

The threat landscape is growing increasingly sophisticated and is bypassing traditional antivirus. To combat this, IT and security professionals are adding products to their security stack.

48% of organizations are using more than 25 different discrete or point security tools to manage, investigate, and respond to security threats. Each has its own endpoint agent, dataset, console, and back end. The result is a lot of complexity to manage and not enough efficacy.

It doesn’t have to be this way. You can get more from less. What if it was possible to have a single platform that simplified your security stack and improved your protection?

Join us as we discuss:

  • The current state of security and why adding more point solutions isn’t always better
  • How replacing traditional antivirus with consolidated endpoint security in the cloud can improve your protection and simplify your operations
  • How to make it easier for you to prevent, investigate, remediate and hunt for threats
20/20 webcast

The risky business of risk management

This 20/20 webcast looks at the changing face of risk management and how companies address both the vertical and horizontal risk challenges they deal with on a daily basis.

Register for The risky business of risk management

Sponsored by: RSA

The risky business of risk management

When it comes to governance, risk and compliance, getting all the key players and their requisite technologies to play together nicely can be a challenge.

The CIO wants the trains to run on time while the CISO is more concerned with security than with operations. Add the risk and compliance responsibilities into the mix and now you have a lot of cooks stirring a big cauldron called managing risk.

This 20/20 webcast looks at the changing face of risk management and how companies address both the vertical and horizontal risk challenges they deal with on a daily basis.

Vendor Webcast

Destructive cyberattacks are on the rise

Gain visibility into the collective experience and insight from nearly 40 leading IR organizations.

Register for Destructive cyberattacks are on the rise

Sponsored by: Carbon Black

Destructive cyberattacks are on the rise

According to the world’s top incident response (IR) professionals, politically motivated cyberattacks from nation-state actors have contributed to an ominous increase in destructive attacks: attacks that are tailored to specific targets, cause system outages, and destroy data in ways designed to paralyze an organization’s operations.

At stake is not only significant financial loss, but also the trustworthiness of the country’s political institutions.

Join Carbon Black’s Chief Cybersecurity Officer, Tom Kellermann, and Security Strategist, Rick McElroy, as they review and discuss the latest findings from Carbon Black’s Quarterly Incident Response Threat Report(QIRTR), including:

  • How nefarious cyber criminals use the dark web to access voter databases and purchase hackers for hire
  • How these attackers use counter incident response, lateral movement and island hopping to remain undetected
  • How enterprise IoT devices are being exploited

In this webcast, you’ll gain visibility into the collective experience and insight from nearly 40 leading IR organizations who participated in Carbon Black’s quarterly report.

Vendor Webcast

The DLP dilemma: Why most data loss prevention deployments aren’t working

Uncover best practices and modern capabilities around encrypting your most important data

Register for The DLP dilemma: Why most data loss prevention deployments aren’t working

Sponsored by: Proofpoint

The DLP dilemma: Why most data loss prevention deployments aren’t working

For most information security professionals, the central link in the security chain is also the weakest: your people. With data as the lifeblood of organizations big and small, how can you keep your data secure, while also allowing your people the access they need to be productive?

Join us as we discuss:

  • Taking a threat aware analysis to provide modern DLP for email, cloud and data at rest
  • Best practices and modern capabilities around encrypting your most important data
Vendor Webcast

Skill sharpening @ the CyberRange: Developing the next generation blue team

This webcast will introduce you to a modern range, survey best of breed tools and capabilities and highlight how a range can support skill development for the blue team operator.

Register for Skill sharpening @ the CyberRange: Developing the next generation blue team

Sponsored by: Regent University

Skill sharpening @ the CyberRange: Developing the next generation blue team

How do you gain defender skills? Do you know exactly how offense should inform defense? Are you learning on the job in the heat of the moment? How do you measure outcomes and ensure success?

Blue team cyber operations skill development depends on reusable, repeatable and measurable scenarios that reflect complex networks to pit the blue team against a modern attacker. It isn’t enough to take a class and run through a lab. Attackers and red teams have dozens of options (including your network), and so does the blue team. Only a cyber range can get you there, but it’s much more than a few virtual machines. It’s about achieving a real outcome: a trained operator, armed with tools, techniques and practices so that they can get in the hunt. 

This webcast will introduce you to a modern range, survey best of breed tools and capabilities and highlight how a range can support skill development for the blue team operator.

Vendor Webcast

Containing insider threats through user-centric machine learning and AI

Explore the role of user-centric AI and machine learning to enable secure data sharing and collaboration across complex enterprise organizations while proactively detecting and preventing unintentional and malicious insider threats.

Register for Containing insider threats through user-centric machine learning and AI

Sponsored by: egress

Containing insider threats through user-centric machine learning and AI

Despite increasing investment in cybersecurity tools, there’s been a significant increase in data breaches, compliance violations and their related costs, specifically those relating to inside threats: accidental loss, misdirected content, and the malicious insider. These types of incidents contribute up to 80% of all breached records and are often the result of human error when handling sensitive data — mistakes that traditional tools are unable to identify and address.

This webcast will explore the role of user-centric AI and machine learning to enable secure data sharing and collaboration across complex enterprise organizations, such as financial organizations and local government, while proactively detecting and preventing unintentional and malicious insider threats.

We will cover:

  • How machine learning and AI can proactively detect user behavior anomalies
  • How enterprises and government organizations are using these technologies and techniques to proactively prevent insider threats and maintain compliance
  • How to develop an automated, self-learning process that analyzes your organization’s risk and compliance posture to drive a policy-based workflow process for data protection and data privacy

20/20 webcast

Zero day and counting

This webcast will take a look at the how companies are still fighting the battle of zero days disclosed months or even years ago, the fallacy of the patch, and why continued detection is important. 

Register for Zero day and counting

Sponsored by: Capsule8

Zero day and counting

When a zero-day vulnerability hits the headlines, alarms sound throughout the industry to figure out how to protect themselves against it. How do we detect it? How will this impact our customers?

But long after the frenzy dies down and attention has moved on to the next vulnerability or breach, the true impact of that zero day can take hold.

Take Heartbleed for example – the vulnerability was introduced in April 2014 but companies are not only still vulnerable, but facing serious security implications. Patching has proven to be both resource and cost intensive, and often is not effective.

This webcast will take a look at the how companies are still fighting the battle of zero days disclosed months or even years ago, the fallacy of the patch, and why continued detection is important. 

Vendor Webcast

Hello direct internet access; hello risk

Learn how to gain better performance and more security effectiveness for your branch offices.

Register for Hello direct internet access; hello risk

Sponsored by: Cisco

Hello direct internet access; hello risk

Business today happens at the branch. But where does IT work? Typically, not at the branch. So enterprises struggle to manage nontraditional users and even more connected devices across disparate branch locations.

As direct internet access increases, the risk of exposure to critical business resources rises. At the same time, application usage via multiple clouds (Office 365, G-suite, etc.) challenges the existing network architecture.

What does this add up to? Pressure for IT staff as they struggle to reduce costs, improve security measures, and application performance.

Join us to learn how to gain better performance and more security effectiveness for your branch offices.

Vendor Webcast

Shift left then shift up: Strengthening your security posture

Learn why Shifting Up provides improved security and cost efficiency in cloud-native environments

Register for Shift left then shift up: Strengthening your security posture

Sponsored by: Aqua Security

Shift left then shift up: Strengthening your security posture

The concept of “shift left” engages security earlier in the development cycle of cloud-native applications, accelerating development while reducing risk.

However, migrating to cloud-native environments also necessitates the security team to “shift up”, focusing on the application layer to account for the shared-service model and “thin OS” environments that are prevalent in these environments.

Join us for this webcast to learn why Shifting Up provides improved security and cost efficiency in cloud-native environments, including: 
•       Container environments
•       Containers as a Service (CaaS)
•       Serverless implementations

Vendor Webcast

Assessing risk in an IT System

Learn the importance of sensitive data discovery, and how having the right security configuration, patching, user management, and access controls in place can reduce your risk and improve your ability to comply with data privacy laws and regulations.

Register for Assessing risk in an IT System

Sponsored by: Oracle

Assessing risk in an IT System

Many organizations don’t really know how much and what type of sensitive data they have.  They may not know how all their systems are configured – and more importantly, where those configurations introduce unnecessary risk.

Francis Bacon once said “Knowledge is power” —  this webcast will show you how to gain the power of knowledge about your environment.  You’ll learn the importance of sensitive data discovery, and how having the right security configuration, patching, user management, and access controls in place can reduce your risk and improve your ability to comply with data privacy laws and regulations.

20/20 webcast

Phishing: Sinister or simply good business (for the cyberattacker)

This 20/20 webcast focuses on the realities of phishing and recommends defenses you can use to reduce your risk and make it a less profitable business for the attackers.

Register for Phishing: Sinister or simply good business (for the cyberattacker)

Sponsored by: Cofense

Phishing: Sinister or simply good business (for the cyberattacker)

We hear horror stories about users clicking on some malware-enabled payload and all of a sudden all of the codes for their hardware security fobs are stolen or a business email compromise (CEO fraud) attack has been launched. Unfortunately, these stories are true.

Phishing and its cousins, spear phishing, vishing, smishing, pharming, and whaling are all serious security concerns, but are they cyber-Armageddon?

This 20/20 webcast focuses on the realities of phishing and recommends defenses you can use to reduce your risk and make it a less profitable business for the attackers.

Vendor Webcast

Using the ATT&CK™ framework to mature your threat hunting program

Learn how to use ATT&CK to increase the efficacy of your threat hunting program

Register for Using the ATT&CK™ framework to mature your threat hunting program

Sponsored by: Carbon Black

Using the ATT&CK™ framework to mature your threat hunting program

Every threat hunt starts with intelligence. As one of the industry’s most comprehensive knowledge bases for adversary behavior, ATT&CK provides a structure for hunters to build their hypotheses and search for threats.

Join Carbon Black, Red Canary and MITRE for “Using the ATT&CK framework to mature your threat hunting program” to learn how to use ATT&CK to:

  • Increase the efficacy of your threat hunting program
  • Hunt for adversary tactics and techniques across the ATT&CK matrix
  • Develop a hypothesis and test it against known techniques
  • Obtain a broader set of evidence by hunting for adversarial techniques rather than specific signatures

20/20 webcast

First responders

This 20/20 webcast looks at the steps you need to take, along with steps you must avoid at all costs, in order to eradicate the breach.

Register for First responders

Sponsored by: IBM

First responders

A data breach has many traits in common with cancer. Discovered early, you might be able to minimize its impact.

Using the right therapies you can minimize its ability to spread, giving you a fighting chance to eradicate the disease. It’s all about how quickly the disease is correctly identified and what you do immediately.

With a data breach, it’s called incident response. What do you do first? What do you never do? How can you contain the breach so that your systems are permanently infected?

This 20/20 webcast looks at the steps you need to take, along with steps you must avoid at all costs, in order to eradicate the breach.

20/20 webcast

Configuring risk

This 20/20 webcast explores configuration risk challenges in-depth and discusses how organizations can leverage existing GRC security strategies to address and reduce configuration risk.

Register for Configuring risk

Sponsored by: Lockpath

Configuring risk

We talk a lot about risk management as part of an overall GRC security strategy, but for this webcast, we’ll focus on one specific area: configuration risk.

Of all the types of security risks companies face, configuration risk is one of the most prevalent; it touches all company assets and affects all parts of the business, however, managing these risks is often deprioritized or overlooked.

There are three main challenges organizations face when evaluating and managing misconfigurations: how to obtain a holistic and accurate view of company assets, how much risk does each misconfiguration pose to the company, and how to communicate these risks to other parts of the business for remediation escalation.

This 20/20 webcast explores these challenges in-depth and discusses how organizations can leverage existing GRC security strategies to address and reduce configuration risk.

Vendor Webcast

The SecOps imperative: How to bridge the security and operations gap

A discussion about the increasing need for security & IT operations teams to modernize existing endpoint security programs by including real-time query and remediation capabilities in their primary security stack

Register for The SecOps imperative: How to bridge the security and operations gap

Sponsored by: Carbon Black

The SecOps imperative: How to bridge the security and operations gap

According to ESG research, 72% of organizations believe that security operations were more difficult in July 2017 than they were two years earlier.

These difficulties stem from security & IT operations teams lacking a reliable way to assess the current state of endpoints across their enterprise. This lack of real-time visibility leads to increased risk of breach, inability to make informed remediation decisions, and unnecessary spending on infrastructure maintenance.

Join the discussion with Jon Oltsik, Sr. Principal Analyst and Fellow at Enterprise Strategy Group, about the increasing need for security & IT operations teams to modernize existing endpoint security programs by including real-time query and remediation capabilities in their primary security stack.

We will discuss:

  • The need to bridge the gap between security and IT operations with shared toolsets, share goals, and shared priorities
  • Why IT hygiene and proactive vulnerability assessment are now vital aspects of any successful endpoint security program
  • How you can leverage real-time query and remediation tools to get a better understanding of the current state of your endpoints

DemoCast webcast

Making threat hunting a reality with metadata and automation

A discussion and demonstration of how to hunt for threats using metadata and automation.

Register for Making threat hunting a reality with metadata and automation

Sponsored by: Fidelis

Making threat hunting a reality with metadata and automation

Traditional security has focused on preventive defenses, but data breaches continue to occur despite the many security tools deployed. With cybercriminals and nation states continuing to innovate and find ways to bypass defenses, organizations continue to be in a reactive mode. Threat hunting flips this model on its head and searches for unknown threats. However threat hunting is hard to do, requiring the right data, tools and expertise.

Join cybersecurity experts for a discussion and demonstration of how to hunt for threats using metadata and automation. We will debunk some of the myths associated with threat hunting and provide strategies to effectively build an effective practice.
Attendees can expect to learn:

• The difference between threat detection and threat hunting, and what expertise is required
• The importance of having the right data for real-time and retrospective analysis
• How to carry out an effective hunt starting with the unknown
• Automating data collection, investigation steps, and response
• The best option for your organization – whether it be product or service

In addition, attendees will see a short demonstration of the Fidelis Elevate™ platform that walks through a threat hunting scenario using metadata and automation

DemoCast webcast

Continuous security for the hybrid enterprise

Unlock the path to more effective cloud security in hybrid enterprises by combining vulnerability management, continuous compliance, and automation and orchestration.

Register for Continuous security for the hybrid enterprise

Sponsored by: FireMon

Continuous security for the hybrid enterprise

The cloud is a notable business advantage, but it does bring numerous security concerns including: a lack of visibility across cloud or between on-premises and cloud environments, monitoring security controls and changes within cloud and multi-cloud environments, and maintaining compliance by monitoring cloud traffic for suspicious and non-compliant behavior. It becomes increasingly complex in hybrid environments because now you’re managing security for on-premise, cloud, virtual, container environments, and more. The time commitment can feel staggering.

It doesn’t have to, however.

Register for this webcast where we will show you the path to more effective cloud security in hybrid enterprises through a mix of:

  • Vulnerability management: See how an attacker could exploit and prioritize your patches;
  • Continuous compliance: Define your own cloud security controls and reduce the time spent on audit prep by making your cloud continuously audit-ready and adherent to the intentions and goals of the enterprise;
  • Automation and orchestration: Ingest behavior details from your cloud, then command security controls to cloud systems from a single console. The idea is instant, worry-reducing cloud control.

Vendor Webcast

Why companies are replacing AV with advanced endpoint protection

Discover how switching from legacy AV to advanced endpoint protection can improve protection and simplify operations for your team.

Register for Why companies are replacing AV with advanced endpoint protection

Sponsored by: Carbon Black

Why companies are replacing AV with advanced endpoint protection

Is legacy antivirus failing to keep your endpoints secure? Perhaps you’re struggling to prevent advanced attacks, your security team is burdened by maintaining overly complex policies, or you’re facing performance issues.
If you’re experiencing any or all of these issues, you aren’t alone.

Today, 70% of successful breaches begin at the endpoint, and you deserve a security provider who can keep your endpoints safe.

Join us for a live webcast with Fulcanelli Chavez, Sr. Security Operations Analyst at D.A. Davidson, who will share how switching from legacy AV to Cb Defense has improved protection and simplified operations for his team.

  • Learn how next-gen AV in the cloud solves a variety of common problems legacy AV users face
  • Get your questions answered about replacing AV with a cloud-based security platform
  • Discover how Cb Defense can help you prevent malware and non-malware attacks and simplify your stack
Vendor Webcast

To SIEM or not to SIEM? Find out your options

Can such a stand-alone platform like security information and event management (SIEM) address your IT security challenges and compliance reporting needs?

Register for To SIEM or not to SIEM? Find out your options

Sponsored by: Arctic Wolf Networks

To SIEM or not to SIEM? Find out your options

A security information and event management (SIEM) platform has been touted as the cornerstone of cybersecurity. But, can such a stand-alone platform address your IT security challenges and compliance reporting needs?  With the growing complexity of SIEM solutions and a shortage of people with cybersecurity skills to manage them, many organizations are looking for alternatives to building their own in-house SIEM and staffing a security operations center (SOC).

In this webcast, Narayan Makaram, Sr. Director of Product Marketing, will examine the following:

  • Business drivers for a SIEM
  • What is/is-not included in a SIEM
  • SIEM deployment options
  • Outsourcing considerations – MSSP vs MDR

Vendor Webcast

Rethinking cybersecurity in the age of attacks

Explore the most promising strategies for 2019 in combating Internet based threats.

Register for Rethinking cybersecurity in the age of attacks

Sponsored by: Cisco

Rethinking cybersecurity in the age of attacks

2019 is around the corner. Our existing cybersecurity environment demands a new way to think about our cybersecurity strategy, one that aligns our security investments with our business risks, and is less centered on ideal prevention and more focused on reality.

Organizations are struggling to gain visibility into traffic involving their own cloud infrastructure in order to identify risky, suspicious and malicious activity. During this webinar we’ll challenge existing misconceptions and the changing motivations of cyber attackers.

Join cloud security experts as we explore the most promising strategies for 2019 in combating Internet based threats.

Vendor Webcast

Levers of human deception: The science and methodology behind social engineering

Explore the different levers that social engineers and scam artists pull to make us more likely to do their bidding.

Register for Levers of human deception: The science and methodology behind social engineering

Sponsored by: KnowBe4

Levers of human deception: The science and methodology behind social engineering

No matter how much security technology we purchase, we still face a fundamental security problem: people. This webcast will explore the different levers that social engineers and scam artists pull to make us more likely to do their bidding.

Join us as we share fun and engaging examples of mental manipulation in everyday life: from the tactics used by oily car dealers, to sophisticated social engineering and online scams. Additionally, we’ll look at how to ethically use the very same levers when educating our users.

Key Takeaways:

  • The Perception Vs. Reality Dilemma
  • Understanding the OODA (Observe, Orient, Decide, Act) Loop
  • How social engineers and scam artists achieve their goals by subverting OODA Loop’s different components
  • How we can defend ourselves and our organizations
Vendor Webcast

Beyond signatures and anomalies: Attacker-centric web security

Take a deep dive into the attacker-centric phenomenon and the importance of prioritizing high-risk, high-impact threats and proactively blocking malicious threats.

Register for Beyond signatures and anomalies: Attacker-centric web security

Sponsored by: Threat X

Beyond signatures and anomalies: Attacker-centric web security

All too often, security teams spend the majority of their time tuning their WAF rules to keep up with changing threats and application environments, and fail to stop the more advanced and high-impact techniques.

Just as attack types are becoming more sophisticated, so are the malicious actors behind them. It’s time to shift the focus away from trying to detect the ever-changing and near-infinite list of individual attacks, and instead, hone in on fundamental attacker behaviors and build attacker profiles.

Join us as we discuss this attacker-centric phenomenon and the importance of:

  • Prioritizing the high-risk, high-impact threats
  • Tracking behaviors and proactively blocking malicious attackers
  • Focusing on the most malicious behaviors instead of chasing down countless anomalies
Editorial webcast

Cryptomining: The next malware attack

Explore how cryptomining works and how to determine if your computing resources are being used without your knowledge for cryptomining.

Register for Cryptomining: The next malware attack

Sponsored by: Cisco

Cryptomining: The next malware attack

Mining for cryptocurrencies is no small task; it takes a lot of CPU and GPU cycles to process the data necessary to generate the currencies.

Not everyone has the technical wherewithal, financial resources and a massive amount of hardware to build their own cyrptomine, so what options do they have? The answer is simple and as old as time: If you don’t have the resources, you “borrow” from someone who does.

Join us as we look at how cryptomining works and how to determine if your computing resources are being used without your knowledge for cryptomining.

DemoCast webcast

Identify and neutralize active phishing attacks in minutes

Learn how to automatically analyze messages against multiple intelligence and reputation systems, reducing an organization’s typical threat triage time from days to minutes without requiring additional work from human analysts.

Register for Identify and neutralize active phishing attacks in minutes

Sponsored by: Wombat Security

Identify and neutralize active phishing attacks in minutes

Proofpoint CLEAR is the first joint solution using Wombat Security’s powerful end-user solutions post-acquiring them earlier this year.

Attend this DemoCast – a new SC webcast program that features both industry expertise and a solutions demonstration – to see easy ways to stop potentially malicious emails that pass through perimeter defenses.

Join this program to learn how to automatically analyze messages against multiple intelligence and reputation systems, reducing an organization’s typical threat triage time from days to minutes without requiring additional work from human analysts.

Vendor Webcast

Supercharging Security with Behavioral Analytics: The fastest path to finding insider threats, fileless malware and data breaches

A discussion on how to practically and effectively boost the IQ of your security arsenal with behavioral analytics so you can find threats faster than ever.

Register for Supercharging Security with Behavioral Analytics: The fastest path to finding insider threats, fileless malware and data breaches

Sponsored by: Interset

Supercharging Security with Behavioral Analytics: The fastest path to finding insider threats, fileless malware and data breaches
Join special guest Joseph Blankenship, principal analyst at Forrester, along with Interset CTO Stephan Jou and Security Strategist Paul Reid for a discussion on how to practically and effectively boost the IQ of your security arsenal with behavioral analytics so you can find threats faster than ever.

This webinar will:

  • Explore how security analytics can extract intelligence from other security tools
  • Demonstrate how analytics surfaces different types of insider threats
  • Show the impact of security analytics on SOC operations and threat hunting
Vendor Webcast

Cybersecurity That Actually Works: Creating Human-Centered Policies

Learn how to make proactive cybersecurity policies that are a catalyst for business innovation, rather than playing catch-up to business realities.

Register for Cybersecurity That Actually Works: Creating Human-Centered Policies

Sponsored by: SafeGuard Cyber

Cybersecurity That Actually Works: Creating Human-Centered Policies

As a security professional, you know the importance of understanding your risks before deciding how to allocate resources to mitigate specific threats. But are you certain that you’re considering all of the communication and collaboration tools that your employees might be using to get their job done?

More than likely, you have teams using third-party tools like Slack for group communication or a sales rep using WhatsApp to reach customers.

In this webinar you’ll learn how to make proactive cybersecurity policies that are a catalyst for business innovation, rather than playing catch-up to business realities.

Vendor Webcast

Managing Shadow IT to Reduce Risk While Increasing Productivity

Discover how you can gain visibility into what applications users are accessing from your network and managed devices, and how to easily block risky apps that aren’t approved.

Register for Managing Shadow IT to Reduce Risk While Increasing Productivity

Sponsored by: Cisco

Managing Shadow IT to Reduce Risk While Increasing Productivity
Unauthorized IT applications create risk in multiple ways, potentially leading to compromised user identities, data loss through unknown channels, and the introduction of malware into customer environments.Are you worried? According to Gartner, more than 40% of IT spend is in fact shadow IT. Wow.

Join cloud security experts as we explain how to stop worrying and start taking action. It’s time to take control of Shadow IT in your organization. Learn how you can gain visibility into what applications users are accessing from your network and managed devices, and how to easily block risky apps that aren’t approved.

20/20 webcast

Threat Intelligence Primer: Understanding Where to Start

Threat intelligence is a lot more than just getting lists of threats that are attacking companies like yours around the world.

Register for Threat Intelligence Primer: Understanding Where to Start

Sponsored by: SecureWorks

Threat Intelligence Primer: Understanding Where to Start

Threat intelligence is a lot more than just getting lists of threats that are attacking companies like yours around the world. Sure, getting feeds of new attacks is certainly useful and a key component, but threat intelligence is a lot more than just feeds and speeds.

It includes everything from understanding where your flexible and sometimes-disappearing perimeter resides to identifying shadow IT, defending against advanced threats, identifying and stopping insider attacks as well as external breaches, and understanding the ever-changing fundamentals of detecting threats. That’s right — threat intelligence is part of everything the security team does every day. So where do you start? Right here.

Vendor Webcast

10 SMB Endpoint Security Problems Solved by the Cloud

Learn how next-generation endpoint security in the cloud solves the most common challenges that SMBs are facing.

Register for 10 SMB Endpoint Security Problems Solved by the Cloud

Sponsored by: Carbon Black

10 SMB Endpoint Security Problems Solved by the Cloud

Are you struggling to keep your endpoint security up to date? You’re not alone. Small to mid-sized companies have less resources — yet have the same risk of attack as larger companies. And that risk is only increasing. In 2017, the number of ransomware attacks increased by 30x and the number of breaches increased by 40%.

Good news! Smaller companies can protect themselves just as well as large enterprises thanks to cloud-based endpoint security.
Join us for a live webinar to discuss how next-generation endpoint security in the cloud solved the most common challenges SMBs are facing.

You will learn:

  •  The 10 most common security problems facing small to mid-sized companies
  •  How cloud-based endpoint security addresses those problems
  •  The benefits of replacing traditional antivirus with a cloud-based security platform
Vendor Webcast

Big threats, small teams: Protecting your company from 2018's most active threats

It’s never been more important to re-evaluate your endpoint security strategy.

Register for Big threats, small teams: Protecting your company from 2018's most active threats

Sponsored by: Barkly

Big threats, small teams: Protecting your company from 2018's most active threats

54% of small and midsize organizations were compromised by a cybersecurity attack last year. With the rise of new fileless infection and exploitation techniques that successfully bypass existing endpoint security tools, it’s never been more important to re-evaluate your endpoint security strategy.

Join this webinar featuring Jack Danahy, CTO and security industry veteran from Barkly to learn:

  • How new attack techniques are bypassing legacy antivirus and detection-based endpoint security tools
  • Practical strategies for blocking ransomware and zero-day campaigns with enterprise-class security designed for IT teams
  • Tips for catalyzing management to justify your investments in protection, detection, and response
Vendor Webcast

Secure your Journey to the Cloud and your Public Cloud

Let’s examine how you respond to your critics and see how you can secure your journey to the cloud, and more importantly the public cloud itself.

Register for Secure your Journey to the Cloud and your Public Cloud

Sponsored by: Oracle

Secure your Journey to the Cloud and your Public Cloud

After many reviews and going back and forth, you have finally decided to lift and shift your workloads/ apps to the cloud.

You have people fighting on whether security is an enabler or a blocker to move to the cloud.

Let’s examine how you respond to your critics and see how you can secure your journey to the cloud, and more importantly the public cloud itself.

Vendor Webcast

Stop Unknown Threats: Deep Learning for Deeper Cybersecurity

Join this webinar to learn how the predictive deep learning technology detects new and unseen malware, protecting you from never-seen-before attacks.

Register for Stop Unknown Threats: Deep Learning for Deeper Cybersecurity

Sponsored by: Sophos

Stop Unknown Threats: Deep Learning for Deeper Cybersecurity

With 75% of malware threats unique to a single organization, reactive endpoint security alone is not enough.
 
Join this webinar to learn how the predictive deep learning technology in Sophos Intercept X detects new and unseen malware, protecting you from never-seen-before attacks. 
 
We’ll cover:
•  The latest malware trends and attack techniques
•  Why traditional endpoint protection alone is not enough
•  How Intercept X uses predictive deep learning to detect unseen malware
•  What the experts are saying about Intercept X
 
We’ll also explore additional advanced protection capabilities in Intercept X, including anti-ransomware and anti-exploit technology, and why it’s the world’s most comprehensive endpoint protection.

Vendor Webcast

12 Ways to Hack Two-Factor Authentication

This webinar where will explore 12 ways hackers can and do get around your favorite 2FA solution.

Register for 12 Ways to Hack Two-Factor Authentication

Sponsored by: KnowBe4

12 Ways to Hack Two-Factor Authentication

Everyone knows that two-factor authentication (2FA) is more secure than a simple login name and password, but too many people think that 2FA is a perfect, unhackable solution. It isn’t!
 
Join Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist, and security expert with over 30-years experience, for this webinar where he will explore 12 ways hackers can and do get around your favorite 2FA solution. 
 
The webinar includes a (pre-filmed) hacking demo by KnowBe4’s Chief Hacking Officer Kevin Mitnick, and real-life successful examples of every attack type. It will end by telling you how to better defend your 2FA solution so that you get maximum benefit and security.
 
You’ll learn about the good and bad of 2FA, and become a better computer security defender in the process, including:
· 12 ways hackers get around two-factor authentication
· How to defend your two-factor authentication solution
· The role humans play in a blended-defense strategy

Editorial webcast

The Big Bang Endpoint

Today’s “endpoints” can be anywhere and almost anything.

Register for The Big Bang Endpoint
The Big Bang Endpoint

Let’s face facts: Today’s “endpoints” can be anywhere and almost anything. The internet of things (IoT) means that endpoints might be embedded sensors, components of critical and not-so-critical infrastructure, mobile computers and phones, games and just about anything you can think of.

It’s no longer a moat or fence that defends the perimeter — it’s an array of technologies that often are not even accessible physically to the company’s infosec team as endpoints expand out and away from the corporate network. It is an on-going challenge as companies attempt to find the right mix of technologies, expertise, and training to address the expansion.

Today’s editorial webcast looks at how CISOs are addressing the expansion, what techniques work and what doesn’t, and how the security team’s responsibility is evolving to meet the battle between financial and human resources, compliance and legal requirements, and simply put, the capabilities of the staff.

Vendor Webcast

How to Select and Evaluate Endpoint Security Products

It’s time for a new approach to endpoint security.

Register for How to Select and Evaluate Endpoint Security Products

Sponsored by: Carbon Black

How to Select and Evaluate Endpoint Security Products
93% of organizations are targets of non-malware attacks. At the same time, cyberattackers are innovating faster than traditional defenses can keep up. No wonder 80% of security and IT professionals do not feel adequately prepared to defend their organizations.
It’s time for a new approach to endpoint security. But with so many offerings what should you buy? Join us for a live webinar with Mike Rothman, Analyst & President at Securosis, who will help you navigate the selection process.
During this session you will learn:
How to determine the capabilities you need to address the problems you face
The top questions you should ask an endpoint security vendor to understand the nuances of their approach
Vendor Webcast

Real Time Behavioral AI

Join Jeremiah Grossman, SentinelOne Advisor, and Gary Mello, SentinalOne Evangelist for a webcast about Real Time Behavioral AI and the SentinelOne Platform.

Register for Real Time Behavioral AI

Sponsored by: Sentinel One

Real Time Behavioral AI

Join Jeremiah Grossman, SentinelOne Advisor, and Gary Mello, SentinalOne Evangelist for a webcast about Real Time Behavioral AI and the SentinelOne Platform.  Behavioral AI is one of the most effective defenses to stop today’s most advanced attacks, such as fileless, script based & live attack.  In this session we will cover:

 

  1. Behavioral AI Overview
  2. Why not all Behavioral AI technologies are the same
  3. Live attack demonstrations  
Vendor Webcast

Exposed and At Risk! Why Your Approach to Web App Security is Insufficient

Proven web application security approaches and modern WAF technologies to address the rapidly evolving security needs of hybrid cloud environments.

Register for Exposed and At Risk! Why Your Approach to Web App Security is Insufficient

Sponsored by: Threat X

Exposed and At Risk! Why Your Approach to Web App Security is Insufficient

While web and legacy apps, APIs, and microservices are now common and essential components of any digital business, their ever-increasing complexity also creates vast attack surfaces and prime targets for malicious threats. In fact, according to a recent survey conducted by Ponemon, 80% of organizations stated their web apps were compromised ‘sometimes’ or ‘frequently.’ This figure is shockingly high, considering 73% of those organizations were utilizing a web application firewall (WAF). So where is the disconnect?

Join Michael Suby, Vice President of Research at Stratecast | Frost & Sullivan, and Bret Settle, CEO and Founder of Threat X, as they discuss the power of combining proven web application security approaches and modern WAF technologies to address the rapidly evolving security needs of hybrid cloud environments. 

You will learn:

  • Why both the drivers and types of web application attacks are rapidly evolving.
  • What threats you ARE missing with your current approach to web application security.
  • Why it’s critically important that your WAF solution protects ALL your Web applications.
  • Why security technology and human expertise/intervention are powerful partners.

Vendor Webcast

Tracing Threat Actors by Their Footprints and Web Assets

Learn how the threat intelligence space is transforming

Register for Tracing Threat Actors by Their Footprints and Web Assets

Sponsored by: DomainTools

Tracing Threat Actors by Their Footprints and Web Assets

Organizations are experiencing new and evolving cyberthreats that are increasing in both sophistication and frequency. In response to the new challenges, threat hunting is gaining momentum as a security practice that helps organizations take a more proactive stance on security. Many SOCs are going through a posture shift as they pivot from traditional reactive security stance to a hybrid approach that includes proactive hunting of threats that is oftentimes powered by a host of indicators and web assets.

 

Join DomainTools Data Systems Engineer, Mike Thompson to learn how the threat intelligence space is transforming and what techniques security professionals can apply to stay a step ahead of threat actors by mapping their infrastructure.

Vendor Webcast

Solving The Cybersecurity Skills Shortage in Law Firms

What are optimal approaches for law firms to manage staffing needed to monitor and defend their valuable data and infrastructure?

Register for Solving The Cybersecurity Skills Shortage in Law Firms

Sponsored by: Arctic Wolf

Solving The Cybersecurity Skills Shortage in Law Firms

The evidence is clear: law firms of all sizes need to securely handle sensitive information associated with their clients, investigators, and witnesses. According to the American Bar Association’s 2017 Legal Technology Survey Report, 22 percent of respondents suffered a security breach at their law firms.*

Compromised client information can destroy reputations and lead to decreased billables and lost business. While the need for improved security is evident, IT and security teams struggle to locate, retain and train talent needed to maintain and improve their security posture.  What are optimal approaches for law firms to manage staffing needed to monitor and defend their valuable data and infrastructure? 

In this Arctic Wolf webinar, we dive into:

  • Why cybersecurity is top of mind in the legal community
  • The IT and Cybersecurity skills shortage and its impact on security
  • How SOC-as-a-Service approaches enable law firms to rapidly improve their security posture and provide evidence to satisfy technology audits
Vendor Webcast

Under Pressure: Prepping for a Post-Quantum World

Join renowned Public Key Infrastructure (PKI) expert and Certified Security Solutions (CSS) CTO, Ted Shorter, as he outlines the defense against quantum computing, crypto-agility

Register for Under Pressure: Prepping for a Post-Quantum World

Sponsored by: CSS

Under Pressure: Prepping for a Post-Quantum World

On the eve of quantum computing, the definitive need for crypto-agility is greater than ever. The ability to locate, manage, and securely update digital certificates on a network or on a device seems like a simple task, yet with the advent of new Enterprise use cases and flourishing IoT device introductions, management at massive scale becomes a challenge. Facing mounting pressures, IT security personnel and product managers are tasked with implementing solutions fit for today’s environment plus tomorrow’s post-quantum world. Join renowned Public Key Infrastructure (PKI) expert and Certified Security Solutions (CSS) CTO, Ted Shorter, as he outlines the defense against quantum computing, crypto-agility:
 

  • Demystifying quantum computing: cryptographic kryptonite
  • Challenges with digital certificate/device management at scale
  • Futureproof, quantum-safe digital identity solutions for today’s Enterprise & IoT
Vendor Webcast

Still Falling Foul to Phishing?

Learn how organizations can prevent, detect and respond to all email threats, including phishing and social engineering and how you can use this framework to better protect your organization.

Register for Still Falling Foul to Phishing?

Sponsored by: Proofpoint

Still Falling Foul to Phishing?

It has been around for many years, but phishing is not a problem that’s going away any time soon. In fact, given that attackers have shifted from targeting systems to targeting people, phishing is a tool of growing importance for threat actors, and something that potential victims need to be aware of. Learn how organizations can prevent, detect and respond to all email threats, including phishing and social engineering and how you can use this framework to better protect your organization. 

Join us as we discuss: 

  • Effective security training to help prevent falling for an attack 
  • The right tools and methods for detecting phishing 
  • How to respond when to email threats
Vendor Webcast

How to Make Endpoint Security Easy

What if you could prevent attacks before they occur and spend less time managing multiple agents?

Register for How to Make Endpoint Security Easy

Sponsored by: Carbon Black

How to Make Endpoint Security Easy

Traditional anti-virus solutions can’t keep up with the pace of emerging threats. What if you could prevent attacks before they occur and spend less time managing multiple agents?

Join us for a live webinar with Ryan Manni, Security Operations Manager at Hologic, as we discuss their evaluation of cloud-based endpoint security and why they chose Cb Defense.  Hologic is an innovative medical technology company focused on improving women’s health.  Their security challenges included preventing non-malware attacks, gaining visibility into remote employees, and managing complex infrastructure with a small IT staff. 

  • Learn why Hologic replaced their traditional AV solution with Cb Defense
  • Discover how Cb Defense can help you prevent emerging attacks and simplify your security stack
  • Get practical advice on replacing traditional AV with a cloud-based security platform
Vendor Webcast

How to Accelerate GDPR Compliance with Druva inSync

Join us for a live, technical webinar and learn what the GDPR requires and how to accelerate compliance within your business.

Register for How to Accelerate GDPR Compliance with Druva inSync

Sponsored by: Druva

How to Accelerate GDPR Compliance with Druva inSync

The deadline for General Data Protection Regulation (GDPR) compliance has passed. As organizations scramble to meet the strict requirements put in place by the European Union, many of us still don’t understand what it is – or how to achieve compliance.

Join us for a live, technical webinar and learn what the GDPR requires and how to accelerate compliance within your business. Our special guest, Michael Osterman, President of Osterman Research and Druva’s Sarah Beaudoin, Product Marketing Manager will review the results of the new report, “The GDPR Deadline has passed. What should you do?”

You’ll learn:
• Essential requirements of GDPR
• How prepared your organization is for GDPR compliance
• Critical implications to backup, storage, recovery and archiving of data
• How Druva can help accelerate your GDPR compliance readiness

Register Now

 

Vendor Webcast

What Most Computer Security Defenses Are Doing Wrong and How to Fix It

You’ll leave this webinar with a fresh perspective and an action plan to improve the efficiency and effectiveness of your current computer security defenses.

Register for What Most Computer Security Defenses Are Doing Wrong and How to Fix It

Sponsored by: KnowBe4

What Most Computer Security Defenses Are Doing Wrong and How to Fix It

Most companies have huge gaps in their computer security defenses and can be compromised at will by a determined hacker. The industry even has a term for it: “Assume Breach”.  But it doesn’t have to be that way!

Join Roger A. Grimes, a 30-year computer security consultant and author of 10 books, for this on-demand webinar where he explores the latest research on what’s wrong with current network defenses and how they got this way. Roger will teach you what most organizations are doing wrong, why, and how to fix it. You’ll leave this webinar with a fresh perspective and an action plan to improve the efficiency and effectiveness of your current computer security defenses.

Roger will teach you:

  • What most companies are doing wrong, why, and how to fix it
  • An action plan to improve the effectiveness of your computer security defenses
  • How to create your “human firewall”
Editorial webcast

Morphing Threat Intelligence

Consider threat intelligence not only from its traditional place in the overall security function, but ways to use it to expand your security functions and capabilities.

Register for Morphing Threat Intelligence

Sponsored by: Recorded Future

Morphing Threat Intelligence

Generally when we think of threat intelligence, we think of using threat feeds to defend against malware and other pre-breach defenses. This is often included in the vulnerability management component of network security, but threat intelligence is much more than that. Today we’ll explore how using threat intelligence for incident response or perhaps more transactional functions such as security operations or security leadership can help expand a company’s security footprint and consider threat intelligence not only from its traditional place in the overall security function, but ways to use it to expand your security functions and capabilities.

20/20 webcast

Vulnerability Management: The Final Frontier

This 20/20 webcast addresses how to recognize and manage these vulnerabilities, and ultimately how to reduce your risk.

Register for Vulnerability Management: The Final Frontier

Sponsored by: Rapid7

Vulnerability Management: The Final Frontier

We’ve said it before and we’ll say it again: It’s all about managing risk, which means managing vulnerabilities. The decisions companies make about what security products they employ generally comes back to risk. It could be financial risk in terms of sales lost, money stolen or potential fines and lawsuits due to vulnerabilities in processing personal information, credit card data, or simply identity and access management. It could be reputational risk from network vulnerabilities – certainly a very visible and tangible issue faced by companies such as Target, Home Depot and social media sites following massive breaches.  It could be legal risk – the vulnerabilities here are too numerous to list. Today’s 20/20 webcast addresses how to recognize and manage these vulnerabilities, and ultimately how to reduce your risk.

Vendor Webcast

GDPR: The New World of Data Privacy is here. Now What?

Join us for a recap of GDPR’s history, a brief overview of some of the regulation's key elements, and a quick checklist of basic steps you can take in preparation for GDPR.

Register for GDPR: The New World of Data Privacy is here. Now What?

Sponsored by: Oracle

GDPR: The New World of Data Privacy is here. Now What?

After over two years of preparation, the European Union’s General Data Protection Regulation has finally arrived. The General Data Protection Regulation (GDPR) is all about protecting your data and a significant amount of sensitive personal data resides in databases. Have you assessed all your data sources to locate personal data? Do you have critical controls to protect that data? Do you have a coordinated strategy to ensure overall compliance? Join us for a recap of GDPR’s history, a brief overview of some of the regulation’s key elements, and a quick checklist of basic steps you can take in preparation for GDPR. We will also discuss some of the best practices we’ve seen Oracle Database customers take in order to accelerate GDPR compliance.

Vendor Webcast

The Future of Vulnerability Management In A Changing Threat Landscape

Join Jeremiah Grossman, SentinelOne Advisor, and Eran Ashkenazi, VP Services and Field Operations, SentinelOne, for a webcast discussing a new approach to Vulnerability Management.

Register for The Future of Vulnerability Management In A Changing Threat Landscape

Sponsored by: Sentinel One

The Future of Vulnerability Management In A Changing Threat Landscape

Adobe recently published a security bulletin highlighting a vulnerability in their flash player product. This report also disclosed that the issue had impacted all Adobe flash player versions prior to 28.0.0.137. Once weaponized, in this case reportedly by North Korea, the attack manipulated embedded flash code in Office Documents to gain full access of the target machine.  This is just one more example, out of hundreds, that stresses the critical nature of real-time vulnerability management and virtual patching in a world where scanning is just too slow.

Join Jeremiah Grossman, SentinelOne Advisor, and Eran Ashkenazi, VP Services and Field Operations, SentinelOne, for a webcast discussing a new approach to Vulnerability Management. Directly on an endpoint, it’s possible to quickly monitor overall risk by comparing the software inventory on the device against all known vulnerabilities. This scanless approach to Vulnerability Management is able to systematically deliver remediation guidance, understand and minimize attack surfaces, and do so at unprecedented speed. 

You will learn: 
a. About the future of Endpoint Protection: Autonomous EPP + EDR + Vulnerability Management 
b. Real-time endpoint driven data versus slow and resource intensive network scanning 
c. SentinelOne’s all-in-one solution: No additional agent

 

20/20 webcast

Cloudy With a Chance of SIEMs

This 20/20 webcast will address the challenges CISOs face from the ever-improving attackers.

Register for Cloudy With a Chance of SIEMs

Sponsored by: Rapid7

Cloudy With a Chance of SIEMs

Being predictable is the death knell for network security. Defenses are becoming more sophisticated so attackers using standard attacks are a sure way of getting caught. That means that attackers are forced to become more sophisticated and cleverer with their attacks. It also means the corporate defense, and mainly the tools that interpret the attacks, need to be better. Today’s 20/20 webcast will address the challenges CISOs face from the ever-improving attackers.

Vendor Webcast

Mobile Phishing 2018: A look at mobile threats now facing every enterprise

Mobile phishing is the biggest unsolved cybersecurity problem facing enterprises today

Register for Mobile Phishing 2018: A look at mobile threats now facing every enterprise

Sponsored by: Lookout

Mobile Phishing 2018: A look at mobile threats now facing every enterprise

Mobile phishing is the biggest unsolved cybersecurity problem facing enterprises today. The rate at which users are receiving and tapping Phishing URLs on their mobile device has grown by an average of 85% Year-over-Year since 2011. Lookout-exclusive research into mobile phishing has uncovered a number of malicious actors globally, including the state-sponsored group behind Dark Caracal that focused on mobile phishing to compromise over 600 phones in over 21 countries. Even Pegasus, the one-tap remote jailbreak exploit sold by cyber-arms dealer NSO group required the victim to tap a phishing message in an SMS. FrozenCell, xRAT, ViperRAT, SocialPath, and Xsser/mRAT are all mobile threats that start with phishing.

Vendor Webcast

Capturing the Flag with Active Deception Defenses

Join security experts to learn what happens when active deception defenses are put into a CTF exercise against human attackers and malware.

Register for Capturing the Flag with Active Deception Defenses

Sponsored by: Fidelis

Capturing the Flag with Active Deception Defenses

Capture the flag (CTF) exercises and events continue to increase in popularity providing essential training and skills development for defenders on blue teams and attackers on red teams.  Jeopardy style or attack-defense CTF cyber exercises enable experienced participants and novices to work side by side on teams developing communication, time management and problem solving skills in a safe environment with ground rules and prizes for winners.  Defending blue teams often dread the embarrassment of being attacked and compromised until modern deception defenses arrived.  Deception defenses mimic a real environment with decoys and breadcrumbs creating an unknown mine field for attackers to detect their activity and movements giving defending blue teams a new advantage.   

Join security experts to learn what happens when active deception defenses are put into a CTF exercise against human attackers and malware? 

 

  • Learn the types of capture the flag exercises and benefits for participants
  • Assessment of blue team and read team CTF exercises for your organization
  • Comparing honeypot research versus post-breach deception detection
  • Understand the most popular breadcrumbs and decoys for deception and why
  • Lessons learned from active deception defenses within a CTF exercise

 

Vendor Webcast

Securing the Virtual Data Center

Establish a Least Privilege Environment around applications to lock them down and dramatically shrink the attack surface

Register for Securing the Virtual Data Center

Sponsored by: Carbon Black

Securing the Virtual Data Center

As applications in the data center become more distributed and more dynamic, they have become increasingly difficult to secure. Traditional security solutions are not flexible enough to keep up with applications as they change over time, leading to breakdowns in security.

Additionally, traditional endpoint security solutions are focused on preventing the infiltration step of the kill chain, but threats inside the data center are well past this step — busy propagating or extracting information from the environment.

Join Carbon Black and VMware to learn how to:
• Establish a Least Privilege Environment around applications to lock them down and dramatically shrink the attack surface
• Understand the value of behavioral threat detection and how, by leveraging application context and scope to perform advanced analysis, you can catch threats that evade least privilege
• Learn how to benefit from an automated, orchestrated response that remediates threats with precision and minimizes business impact while eradicating the threat

 

Vendor Webcast

Cybersecurity Heroes Aren’t Born … They’re Made

Join our experts as we dive into the report and share best practices and pitfalls as we try to create a culture of security within our organizations and community.

Register for Cybersecurity Heroes Aren’t Born … They’re Made

Sponsored by: Wombat Security

Cybersecurity Heroes Aren’t Born … They’re Made

Phishing has long been a headline threat for infosec teams — but email is just one entry point for cybercriminals. Webinar attendees will learn why it’s important to assess and train their end users about cybersecurity threats beyond email-based social engineering.

During this session, we will share results from the Wombat Security 2018 Beyond the Phish® Report, which analyzes data from nearly 85 million responses to cybersecurity knowledge assessments and training challenges presented to global end users across multiple industries during 2017. We will discuss end users’ strengths and weaknesses across 12 cybersecurity topics — from identifying social engineering scams to protecting confidential information to working safely outside the office. We’ll also highlight variations in end-user knowledge levels across industries, giving you a benchmark against which to compare your organization’s readiness.

Attendees will also see how data insights from knowledge assessments and training activities differ from those related to simulated phishing attacks, and how using these tools together can give a more complete view of susceptibility. Finally, we’ll provide guidance about how to use this information to strengthen your end users and reduce the risk of successful cyberattacks within your organization.

Join our experts as we dive into the report and share best practices and pitfalls as we try to create a culture of security within our organizations and community.

 

20/20 webcast

Breaking Bad – or Good Habits

In Part 2 of our series on social engineering, we’ll take a deeper dive on some approaches attackers take, why they work and what we can do to defend against them.

Register for Breaking Bad – or Good Habits

Sponsored by: KnowBe4

Breaking Bad – or Good Habits

We recently looked at how to identify a social engineering attack and how they work in My Friend My Enemy. In Part 2 of our series on social engineering, we’ll take a deeper dive on some approaches attackers take, why they work and what we can do to defend against them. As much as human nature tells you that it’s polite to hold open a door or to answer a door if someone knocks, sometimes that’s just the wrong thing to do. Here’s why.

Vendor Webcast

Getting Started With Threat Intelligence

Maintaining situational awareness can be a full time job, and you need to know how the latest high profile attack affects your organization… like 15 minutes ago.

Register for Getting Started With Threat Intelligence

Sponsored by: ThreatConnect

Getting Started With Threat Intelligence

Security professionals need to quickly identify real threats to their organization, even if they don’t have the budget to build out a dedicated threat intelligence team. Maintaining situational awareness can be a full time job, and you need to know how the latest high profile attack affects your organization… like 15 minutes ago. 

The good news is that small security teams can use threat intelligence to increase detection while minimizing the number of false positives being sent to defensive devices.
 
Join us for this interactive webcast where you’ll learn how to:
• Select and optimize the threat data you’d like to ingest in your SIEM or EDR device
• Minimize the time it takes to determine whether or not something is a threat
• Keep up with new threat actors, attack patterns, and CVEs

Vendor Webcast

Reduce Cyber Risk with Tenable and ServiceNow

Learn how a small security team from Carfax went from using email for vulnerability management to automating the process down to a click of a button.

Register for Reduce Cyber Risk with Tenable and ServiceNow

Sponsored by: ServiceNow

Reduce Cyber Risk with Tenable and ServiceNow
Vulnerabilities and the risks they pose to security continue to be big news. Keeping up with an overwhelming number of vulnerabilities in continually expanding IT environments is challenging, but it’s one of the best ways to reduce your cyber risk. To successfully manage vulnerabilities, you need to detect, prioritize, and remediate efficiently. Combining Tenable Security Center® and ServiceNow® Security Operations allows you to automate vulnerability remediation so you can work faster and keep your business safe.
Join us for this hour-long webinar on Tuesday, May 1, at 8am PDT/11am EDT, and learn how a small security team from Carfax went from using email for vulnerability management to automating the process down to a click of a button. Hear from Carfax Security Analyst Jered Bare about how they integrated Tenable and ServiceNow, along with benefits and lessons learned in the process. 
Nick Keuning, Solution Architect at Tenable and David Barkovic, Director, Product Management at ServiceNow will also demonstrate how best to use these products together to get efficient vulnerability response. Don’t miss this informative webinar!
Vendor Webcast

Improving Incident Response Outcomes

Join us for a one hour webcast featuring the key findings of Secureworks newly-released Incident Response Insights Report 2018: Risks, Remedies, and Best Practices for Defending Against Cyber Threats.

Register for Improving Incident Response Outcomes

Sponsored by: SecureWorks

Improving Incident Response Outcomes

How to Defend Faster and Reduce Risk More Effectively in the Face of a Cyberattack

All too often companies are learning the hard way — during an incident — how they could have been better prepared to stop the threat or reduce the damage. Join us for a one hour webcast featuring the key findings of Secureworks newly-released Incident Response Insights Report 2018: Risks, Remedies, and Best Practices for Defending Against Cyber Threats. Webcast takeaways will include:
• Threat and attack trends identified by responders in 2017
• Lessons learned by organizations in a wide variety of incident response (IR) scenarios
• Key recommendations for IR planning, practices and capabilities that improve security defenses and mitigate business risk.
• Live Q&A with experts from our Counter Threat Unit™ (CTU) and Incident Response team

In 2017, Secureworks’ team of incident responders helped hundreds of organizations navigate through complex and high-risk security incidents. Now the top insights from those collective engagements will be shared by a panel of speakers from the Secureworks Counter Threat Unit and Incident Response practice.

This program offers the support you need to prepare better for emerging threats, understand how you might be vulnerable, and respond more effectively when an incident does occur. Program content is appropriate for cybersecurity leaders, incident responders, CIOs, CTOs, and executives with responsibility for enterprise risk management.

 

Vendor Webcast

Enabling Data-Driven Cybersecurity Decisions with Continuous Security Validation

Register for this informative webcast to learn more about how your organization can work toward eliminating the fear, uncertainty, and doubt associated with cybersecurity.

Register for Enabling Data-Driven Cybersecurity Decisions with Continuous Security Validation

Sponsored by: NSS Labs

Enabling Data-Driven Cybersecurity Decisions with Continuous Security Validation

Despite extensive effort and investment, achieving an effective cybersecurity strategy remains an elusive pursuit. Enterprises spent an estimated US$90 billion on cybersecurity products in 2017, and yet a recent NSS Labs survey of CISOs in North America reveals that 52% of enterprises see no “value-add” from their currently deployed security products. Security teams are under more pressure than ever to justify budget allocation for security controls, but most of the time, measuring security effectiveness is a guessing game.

Anil Nandigam, Senior Director of Product Marketing with NSS Labs, will conduct a live demonstration of the Continuous Security Validation Platform. This cloud-based customizable platform provides real-time empirical data regarding the effectiveness of enterprise security controls and also reveals the operating systems and applications most often targeted by today’s active threats. Anil will also discuss how an international bank and a top-five management consulting firm are using this platform to make data-driven cybersecurity decisions. 

Register for this informative webcast to learn more about how your organization can work toward eliminating the fear, uncertainty, and doubt associated with cybersecurity.

 

20/20 webcast

Putting Threat Intelligence to Work Part II

We’ll take a deeper dive into making threat intelligence work for you, including addressing issues of infrastructure, training, nation state attacks, and proactive threat management.

Register for Putting Threat Intelligence to Work Part II

Sponsored by: Arbor Networks

Putting Threat Intelligence to Work Part II

Last week we talked about the changing threat landscape — understanding the change, anticipating the next evolution of change, and having actionable defenses in place. This week we’ll take a deeper dive into making threat intelligence work for you, including addressing issues of infrastructure, training, nation state attacks, and proactive threat management.

Vendor Webcast

Making Awareness Stick: Secrets to a Successful Security Awareness Training Program

Join Erich Kron, Security Awareness Advocate at KnowBe4, as he shares results-focused strategies and practical insight on how to build a world-class program.

Register for Making Awareness Stick: Secrets to a Successful Security Awareness Training Program

Sponsored by: KnowBe4

Making Awareness Stick: Secrets to a Successful Security Awareness Training Program
With 91% of data breaches being the result of human error, security leaders, auditors, and regulators increasingly recognize that a more intentional focus on the human side of security is critical to the protection of organizations. However, organizations have been struggling with and debating the effectiveness of traditional security awareness and training. 
Join Erich Kron, Security Awareness Advocate at KnowBe4, for this webinar “Making Awareness Stick: Secrets to a Successful Security Awareness Training Program” as he shares results-focused strategies and practical insight on how to build a world-class program.
Key topics covered in this webinar:
  • Why awareness and training matters
  • Key data points to help make the case for awareness in your organization
  • Five secrets to making awareness work in 2018
  • How to create your “Human Firewall”
  • Make this the year that you refuse to settle for mediocrity. Are you ready to go all-in?
Editorial webcast

Bigger Risks, Bigger Challenges

This webcast looks at the challenges today's security team faces, the training necessary today to meet those challenges, and the pressures on the infosec team that might not have existed just a few years ago.

Register for Bigger Risks, Bigger Challenges

Sponsored by: Recorded Future

Bigger Risks, Bigger Challenges

New research shows that the job of cybersecurity staffers is getting far more difficult than it was five years ago. Gone are the days when updating A/V software and applying patches were considered “security.” Today’s security pros need to be concerned with threat intelligence, threat hunting, far more malicious zero-days and state-sponsored attacks. Today’s webcast looks at the challenges today’s security team faces, the training necessary today to meet those challenges, and the pressures on the infosec team that might not have existed just a few years ago.  

Vendor Webcast

Get GDPR-Ready – Because Data Protection Is About to Get Personal

Join us as Adam Nelson, Associate Partner and Global Privacy Leader for IBM Security and Cindy E. Compert, CIPT/M, CTO Data Security & Privacy for IBM Security as they take you through this critical security framework.

Register for Get GDPR-Ready – Because Data Protection Is About to Get Personal

Sponsored by: IBM

Get GDPR-Ready – Because Data Protection Is About to Get Personal

On May 25, 2018, the General Data Protection Regulation (GDPR) will take effect, impacting every organization conducting business with individuals in the EU- consumers, employees, and business contacts alike.  On that date, organizations will encounter new, uniform data protection regulations relating to the information of EU subjects—or potentially face hefty fines and other penalties. Yet many business, privacy and security leaders are not ready for it. To help address our clients’ concerns, IBM Security has developed a five-phased framework approach to GDPR readiness.

Join us as Adam Nelson, Associate Partner and Global Privacy Leader for IBM Security and Cindy E. Compert, CIPT/M, CTO Data Security & Privacy for IBM Security as they take you through this critical security framework.

This webinar will provide an overview of the IBM Security GDPR framework, and will also cover:
• An introduction to the EU GDPR, including its purpose, key aspects and provisions of the regulation, and new or enhanced requirements
• Steps organizations are taking on their path to GDPR readiness and what can be done to prepare 
• A deep-dive into the five phases of GDPR readiness, with a focus on security and privacy requirements and activities for you to consider in each phase
• Solutions that can help organizations address these requirements, no matter where they are in their readiness journey

Vendor Webcast

5 Keys to Understanding Vulnerability Disclosure

5 keys to understanding vulnerability disclosure

Register for 5 Keys to Understanding Vulnerability Disclosure

Sponsored by: Bugcrowd

5 Keys to Understanding Vulnerability Disclosure

2017 was undoubtedly another year of escalation in size, scope and scale of cyber attacks. It goes without saying that this past year everyone was impacted by at least one of these breaches. But it’s been a year of unprecedented change as well – change for the better. With policies and standards in place such as the NIST Cybersecurity Framework, it’s now incumbent on organizations to ensure they are setup to receive vulnerability data from external parties and is already becoming an adhered-to standard for major private organizations.
 
A vulnerability disclosure program (VDP) is the initial first step in helping protect your company from an attack or premature vulnerability release to the public.
 
Join our webinar as we discuss:
 
• 5 keys to understanding vulnerability disclosure
• The impact VDP is having on the industry
• Why implementing a VDP is no longer a nice-to-have, but a necessity