May
25
2:00 PM ET
Cybercast
Supply Chain Security Snags: How to Solve Your Sourcing, SBOM & Scope Struggles
The executive order issued by the White House last year calls for more robust software supply chain protections for federal agencies. Meanwhile, companies are also taking steps toward securing their supply chains. And they are now facing many of the same struggles that government bodies have endured while attempting to adhere to the executive orde...
More info | Register
May
Cybercast
Supply Chain Security Snags: How to Solve Your Sourcing, SBOM & Scope Struggles
The executive order issued by the White House last year calls for more robust software supply chain protections for federal agencies. Meanwhile, companies are also taking steps toward securing their supply chains. And they are now facing many of the same struggles that government bodies have endured while attempting to adhere to the executive orde...
More info | Register
June
Cybercast
Part 1: The Telltale Signs of a Network Compromise: A Stage-by-Stage Attack Chronology
The average dwell time of a network intrusion lasts an average of 197 days before discovery, according to a Ponemon Institute study. During that window, there are key moments where the attackers take an action that might alert you to their presence. If you notice it, then you can mitigate the attack before it’s too late. But uncovering these indic...
More info | Register
Cybercast
The Critical Next Steps After a Pen Test
You’ve completed a pen test and, not surprisingly, the offensive security exercise turned up multiple weak points and exploitable vulnerabilities across your enterprise environment.  Now what? How do you do ensure your pen test results are actionable and that you get the support from leadership to act on the findings? How do you assess the...
More info | Register
Cybercast
Client-Side Security: A Critical Component of 3rd Party Risk, Zero-Trust Initiatives, Compliance and More
Security practitioners have many different initiatives demanding their time: evaluating and mitigating 3rd party risk, enabling strategic business efforts, implementing zero-trust practices, and supporting compliance activities, to name just a few. Often overlooked in these initiatives is a security gap that is critical to close if any of these in...
More info | Register
Cybercast
Ransomware & Zero Days: A 5-Step Action Plan to Avoid Becoming the Next Big Headline
The SolarWinds and Kaseya attacks. Log4Shell and ProxyShell… These are the headlines that give security professionals nightmares. To survive the dizzying pace of today’s modern threat landscape, organizations must have in place an action plan that allows them to quickly triage security incidents, with the confidence that they’re responding t...
More info | Register
Democast
Part 2: Detection & Response Demo: Patrolling Every Packet & Process for Signs of Compromise
Timely threat detection is essential. Every second that a malicious actor lingers inside your network, the odds increase that your organization could be the victim of a major malware attack. Nation-state APT actors are especially adept at staying hidden – but if you know what TTPs and IOCs to look for and you have comprehensive visibility into the...
More info | Register
Cybercast
Kicking Cyber Hygiene Into High Gear: 5 Must-Know Tips for Consistent Execution
When it comes to developing strong security hygiene habits, it’s easy to talk a big game. But consistently executing on these practices is another ballgame entirely. Even the simplest of tasks can become unwieldly as a company’s IT assets scale in size. Nevertheless, businesses can take significant strides in bolstering their cyber hygiene against...
More info | Register
Cybercast
How to Protect Your Applications in the Multi-Cloud
As more organizations adopt multi-cloud strategies, security managers must develop a strategy to consistently protect web applications across hybrid environments, while preserving quality of security and operational efficiency. The traditional approach to application security no longer works in the multi-cloud, and anew approach is needed. Join us...
More info | Register
Cybercast
Ransomware Techniques in 2022: How to Detect Malicious Activity
Ransomware actors are always evolving their techniques. This is especially true now, considering the increased use of legitimate applications and LOLBins (Living off the Land binaries.), combined with the recent emergence of major exploits such as Log4Shell, ProxyLogon and PrintNightmare. Join this session to learn about the latest procedures atta...
More info | Register
Democast
Reinterpreting Risk: Achieving a More Complete Picture of The Threats Lurking in Your Environment
In today’s distributed environment where new threat vectors and vulnerabilities emerge daily, it’s no longer sufficient to prioritize remediation based on a CVSS score. Tanium brings together numerous sources of risk (e.g. vulnerabilities, compliance gaps, sensitive data exposure, and excessive administrative rights) and combines that with the cri...
More info | Register
Cybercast
A Simple, Automated Approach to Vulnerability Management
Secureworks Taegis VDR delivers a fully integrated, comprehensive vulnerability management solution via an automated and configuration-free approach with machine learning and self-learning, built-in ability to prioritize alerts based on the risk level specific to an organization’s business. VDR automatically performs asset and service discovery, d...
More info | Register
Cybercast
Upgrading Your PKI: How to Build Trust Without Boundaries
How do you build trust without boundaries? With multi-cloud and remote work policies taking hold, security focus has shifted from protecting the perimeter to securing everything using trusted identities. In this new reality, public key infrastructure (PKI) is an essential building block.There’s just one problem – most PKI deployments are sorely ou...
More info | Register
Cybercast
Busting The Shift-Left Myth: Why You Must Also Shift Right to Protect Your Expanding Attack Surface
The notion of “shifting left” refers to organizations conducting security testing earlier in a standard linear development process. But there’s a catch: Modern DevSecOps is very much not linear — as there should be robust testing in both staging and production environments. Indeed, to execute DevSecOps properly, security...
More info | Register
Cybercast
When, Where and How: Putting Biometrics & Traditional MFA to Work
Which authentication methods should we use? This is one of the most common questions you’ll need to address as you roll out multi-factor authentication (MFA) across your organization. It’s critical to build a holistic MFA strategy that utilizes the right methods in the right places. While traditional MFA methods such as phone-based or har...
More info | Register
Cybercast
Managing Network Exposure in AWS
Cloud service platforms, like AWS, make infrastructure deployment easier for developers. In practice, organizations tend to expose their instances on the cloud network far more than is actually necessary. Unit 42 Threat Researchers analyzed hundreds of public cloud accounts during the pandemic and found a 68% increase in instances directly exposed...
More info | Register
Cybercast
Automation’s Role in TPRM
It can be tough deciding how much automation you want to introduce into a particular IT security function. While automation does bring speed and efficiency, companies sometimes like to rely on human judgment for important security decisions. This debate is certainly true for third-party risk management, as companies debate if they want to use auto...
More info | Register
Cybercast
Protect Your ICS Environment from Ransomware with Risk Assessments
Ransomware has captured the attention of many due to its far-reaching impacts on industrial control systems. Once an issue that affected IT infrastructure only, now ransomware can target control processing, logistics, distribution, and delivery of critical goods. Ransomware adversaries employ criminal behavior and ransomware groups disappear an...
More info | Register
Cybercast
Operational Changes You Can Make Today to Accelerate Your Journey to Zero Trust
Zero trust is an approach to security that moves defenses from statically defined network perimeters to explicitly identified assets and users. The transition to zero trust is a journey, not a product—and most organizations already have many elements of a zero trust architecture in their enterprise today. By incrementally adopting and implementing...
More info | Register
Cybercast
Implementing Zero Trust: Challenges and Solutions as Seen in a CyberRisk Alliance Study
Despite the hype around Zero Trust, many organizations still struggle to implement it, according to responses to a CyberRisk Alliance Business Intelligence survey. Of the 300 IT security professionals who responded, only 35% are familiar with the principles of Zero Trust and only 36% have implemented it. But they plan to push forward in the coming...
More info | Register
Cybercast
DDoS Attacks March On…and On…and On
Cybercriminals may have launched a few less DDoS attacks in 2021, but after the extraordinary rise during the pandemic, the attacks (still 14% more than pre-pandemic) continue to evolve with new strategies for disrupting networks and extorting targets. Adversaries continue to evolve in parallel to defenders making it just as, or more difficult tha...
More info | Register
Cybercast
Spilling Secrets? How Tech and Development Teams Can Sidestep Password Pitfalls
Software engineers and code developers face a unique set of password management challenges that can put organizational secrets in danger. Technical teams must take care to avoid embedding credentials, SSH keys, DevOps secrets and other confidential secrets into their code. Moreover, these workers can potentially risk leakage of secrets when employ...
More info | Register
Cybercast
Continuously Hacking Yourself – Attack Surface Management + Pen Testing
These days, improving security is fraught with challenges. Your attack surface keeps changing. You likely have vulnerabilities hiding in assets you don’t even know exist. And convincing people to remediate vulnerabilities after you identify them is harder than it should be – oftentimes, they won’t even admit there’s a problem!  In our up...
More info | Register
Cybercast
Your Guide to Ransomware Hostage Rescue: 2022 Edition
As ransomware attacks become increasingly targeted and damaging, infected businesses run the risk of having their data held hostage and their network operations disrupted for days or even weeks. The danger has never been more real – and there are no more excuses: Organizations must understand the core fundamentals of ransomware prevention, respons...
More info | Register
Cybercast
Customer Onboarding: An Industry-by-Industry Look at Account-Creation Fraud
The process of signing up a new customer has opposing objectives at play. On one hand, you want to ensure the account sign-up process is quick and painless for legitimate users. But you also want to have enough safeguards in place to weed out fraudsters, identity thieves, and bots who attempt to create fake accounts to cause financial and reputati...
More info | Register
Cybercast
Continuous Breach Attack Simulation: A Pragmatic Approach to Your Security Portfolio
How do you manage your security portfolio? Do you use regulatory frameworks as a basis? As a target? Experience shows that these frameworks are an important starting-off point but should not be considered the targeted end-state. How confident are you that your controls will function correctly during a real attack? Time and time again, we see th...
More info | Register
Cybercast
Reducing Third-Party Identity Risk During the Great Resignation and Beyond
4.5 million people have quit their jobs during the pandemic1. It’s the reason why 73% of CEOs surveyed cite labor and skills shortages as their top concern in 20222. Businesses are turning to third-party workers to fill the talent gap – and these users often need the same access to systems and data as regular employees. Whether the third par...
More info | Register
Democast
Log4j & Your Third-Party Portfolio… What’s Your Next Move
When it comes to reacting to a security threat, no one has time for another assessment. Join CyberGRX experts Gary Phipps, VP of Solutions Engineering, to learn how you and your third parties can defend yourself differently in the face of a cyber attack. We’ll talk about a new way to respond that includes: What proactive steps a third ...
More info | Register
Cybercast
Dodging Destruction with Detection: Threat Hunting to Stop Ransomware
Ransomware is a big business. Attacks are becoming more sophisticated, and extortion is the name of the game when it comes to extracting payments from targets. These types of threats, combined with increased supply chain vulnerabilities, require a more proactive approach to securing your organization. To stay ahead of these attacks, security admin...
More info | Register
Democast
Shutting down Data Staging and Data Exfiltration Attacks
Data Staging and Data Exfiltration are common activities used in today’s ransomware playbooks. Data Staging is a combination of locating the data the attackers want to exfiltrate and then bringing all the parts together into a single repository. Data Exfiltration involves disguising the activities to steal confidential data out of the organi...
More info | Register
Cybercast
Proactive Cloud Security: Visibility Is Key to a Confident Program
To establish an effective and proactive cloud security program, you need a plan to operationalize across your environment, while taking advantage of all the efficiencies and methodologies that make your security team’s job more manageable. But to truly inspire company-wide confidence in your approach, security leaders also need to know what they a...
More info | Register
Cybercast
Making Real Changes to Help Overburdened SOC Teams in 2022 and Beyond
The change in workforce dynamics caused by the pandemic and inability to stop attack campaigns requires drastic improvements to how Security Operations Centers (SOCs) function. Many user organizations must contend with a lack of quality of data, superior analytics and confidence in automation — leaving security teams to struggle. How can more than...
More info | Register
Cybercast
Click Happens: The Case for Isolation Technology Rooted in Zero Trust
We live in a world where the question is no longer whether your company will experience a data breach, but when. Hardly a day goes by that you don’t hear about a major data breach or a new cyberattack that’s making headlines—and the costs associated with these security events continue to mount. One solution is isolation technology rooted in Zero T...
More info | Register
Cybercast
API Protection: Minding the Gap that (Probably) Exists in Your Web Application Security Program
APIs are the great connectors. API communications now make up more than 80% of Internet traffic and Gartner predicts that they will become the most frequent attack vector this year. Yet APIs are often overlooked in web application security programs. It’s not surprising that attackers are taking advantage of this gap and increasingly targeting web ...
More info | Register
Cybercast
Menacing Malware: Exposing Threats Lurking in Your Linux-Based Multi-Cloud
90% of cloud runs on Linux, but current countermeasures are focused on addressing Windows-based threats, leaving multi-cloud deployments vulnerable to attacks. So, is it any wonder that malware is propagating in multi-cloud environments under the radar? Based on research conducted by VMware’s Threat Analysis Unit, this webcast uncovers th...
More info | Register
Cybercast
Cloud Security, Simplified: Why CNAPP is the Future of Cloud Security
In 2021, Gartner identified Cloud Native Application Protection Platforms (CNAPPs) as a new category that combines CSPM, CWPP, KSPM, and CIEM in one platform. CNAPPs have full coverage and visibility into cloud estates and can detect risks across the technological stack, including cloud configuration, workload and identity. In this webcast, Marcel...
More info | Register
Cybercast
Exploring the Results of CyberRisk Alliance’s Third-Party Risk Management Study
Third-party relationships have expanded exponentially as companies seek outsourced services and software to perform optimally and backfill talent amid the ongoing pandemic. That expansion has broadened attack surfaces as threat actors target weaker vendors with strong market penetration to quietly surveil and paralyze systems. For security teams t...
More info | Register
Webcast
The Age of MSSPs: Uncovering the Why’s of Managed Services
With security threats continuously mounting and the threat landscape evolving at record speeds, organizations continue to seek the guidance of Managed Security Service Providers (MSSPs). Why do these firms leverage MSSPs and what are the benefits of these investments? In this session, we’ll break down how MSSPs help to address challenges with: ...
More info | Register
Democast
Why Decryption Matters
Within the MITRE ATT&CK framework, which attacks would you miss by not fully decrypting traffic?  Can fully decrypted traffic help detect attacks sooner? This webcast explores how to use decryption to more accurately detect malicious activity and defend against it. Speakers: Jamie MolesSenior Technical Marketing ManagerExtraHopJamie...
More info | Register
Cybercast
Managing Risk In An Ever Moving As-A-Service Environment
In the infrastructure and platform-as-a-service worlds, application developers are the new infrastructure superstars. With concepts ranging from containers to infrastructure as code, we are experiencing a paradigm shift in how tightly coupled application code and the related infrastructure are. Often security is underrepresented in this formula an...
More info | Register
Cybercast
Unleash and Secure the Cloud With Zero Trust Access
The true potential of the cloud is often hindered by security controls that weren’t purpose-built for dynamic, microservice architectures or the shared security and compliance responsibility common to cloud providers. Zero Trust security helps organizations harden their defenses and empower their enterprise with accelerated transformation initiati...
More info | Register
Democast
Targeting Microsoft: Ransomware techniques and how to spot them
Microsoft Active Directory (AD) is a target-rich environment for malicious actors. Attackers hone in on it because it’s widely used and remains backward compatible with many versions of Microsoft Windows and Server environments. This webcast explores the specific techniques they use (DoublePulsar, for example) and how to defend against it vi...
More info | Register
Webcast
Unpacking the Sophos 2022 Threat Report
You’ve been hearing it every January for the last decade: The coming year will see a continued escalation of ransomware attacks. But these past 12 months have been different. Ransomware gangs took their attacks to a dangerous new level, targeting ubiquitous software used by business, government agencies and critical infrastructure and rev...
More info | Register
Cybercast
Application Security in Depth: Understanding the Three Layers of AppSec Testing
Today’s approach to defense in depth for application security are siloed, lack context, and results have fallen short. But a layered approach is the key to building a world-class AppSec program that spans the entire Software Development Lifecycle (SDLC). So, how does our approach need to change? In this webinar, you’ll hear from three exp...
More info | Register
Cybercast
Security That Empowers the Business
Security has long been seen as the “department of no”, known for phrases like, “You can’t do that”, and “You can’t use that application.” But what if we told you that this mindset could change in an instant? That and security could be the business enabler it was meant to be?  Join “Securi...
More info | Register
Democast
1Password for Business Demo
With 1Password Business, your team can securely store and share passwords, infrastructure secrets, and other sensitive information – helping protect your organization’s most vulnerable data. Join us for an upcoming 1Password Business Demo to learn the platform’s many features, how to use it both effectively and safely, and how to maximize both sec...
More info | Register
Cybercast
Ransomware Recovery: Lessons From The CRA/InfraGard Survey
When ransomware gangs attack, organizations’ recovery efforts are often complicated by a lack of process and procedures, limited resources and a general lack of crisis management planning. Those are among the findings from a survey CyberRisk Alliance conducted among InfraGard’s 77,000-plus membership, which includes organizations in the financi...
More info | Register
Cybercast
The Easiest Way to Enhance your Salesforce Security
Salesforce provides business-critical services for organizations interfacing with a vast matrix of suppliers, vendors, partners and customers. Unfortunately, the more connected the organization, the more appealing it is cyber criminals looking to gain access to these companies’ data and networks, and they’re targeting the Salesforce platform to do...
More info | Register
Cybercast
The Realities of Ransomware
Ransomware attacker tactics are constantly shifting – sometimes drastically – In this session Greg looks at the evolution of this prolific and damaging type of attack. He’ll share stories from the frontline, looking at how the criminals operate, their techniques and how you can lower your risk of becoming their next victim. Speakers: G...
More info | Register
Cybercast
How to Control Access to Cloud Resources and SaaS Applications
With the rapidly accelerating move to cloud computing and the use of SaaS applications, organizations are struggling with legacy technologies like VPN, CASB, and “Legacy” MFA solutions that are either not secure enough, not easy enough for end users or both. What is emerging is modern, fundamentally strong multi-factor authentication that is enabl...
More info | Register
Cybercast
How to Gain Visibility into the World of Mobile App Security Threats
You’ve developed an app, applied in-app protection, pen-tested it, then published it. But the need for mobile app security doesn’t stop once it’s released into the wild. This webinar will explore the role real-time threat monitoring plays in the constantly evolving app security landscape and how it can help you strengthen your mobile app security....
More info | Register
Webcast
Stopping IoT attacks using NDR
Unmanaged endpoints like IoT devices represent a significant and growing risk surface. Network Detection and Response (NDR) solutions monitor network traffic to generate rich security evidence that enables asset inventory, vulnerability assessment and threat monitoring. In this presentation, experts from Corelight and Microsoft will walk you throu...
More info | Register
Webcast
Optimizing Security Operation Programs with Asset Intelligence
The goal of SecOps teams is to monitor, detect, investigate, and respond to suspicious activity and events. Often, this leaves these teams in a reactive state, with minimal opportunity to reduce false-positives and innovate. One key aspect of innovative, mature SecOps programs? Their ability to gather context from data sources to inform investigat...
More info | Register
Webcast
Detecting the Next Breach: How to Win the War with NSX NDR
When it comes to detecting the next cyber breach, would your organization pass the test? SE Labs recently conducted the industry’s first network detection and response (NDR) test against NSX NDR using a range of advanced persistent threats designed to compromise systems and penetrate target networks. Join two VMware experts: Lead Cybersecurity...
More info | Register
Webcast
Accelerate your Zero Trust initiative with stronger and simpler access controls
Securing who has access to what, when and under the right conditions is foundational to any mature network security strategy. Learn how to augment and replace failing legacy security controls with Zero Trust Network Access (ZTNA), a proven and effective solution that minimizes risk AND simplifies operations. In this webcast, Jim Anthony will demon...
More info | Register
Webcast
Three XDR Use Cases, How To Achieve Them
The noise about eXtended Detection and Response (XDR) focuses too much on the market and vendors and not enough on problems security teams must solve. This webcast panel discussion among industry experts will focus on three of the most pressing cybersecurity challenges, why they are hard to solve, and how the right approach to XDR might actually m...
More info | Register
Webcast
SOC from Anywhere: A View from Expel’s Workbench™
The pandemic illustrated the need for security operations that can function from anywhere. But a lot of orgs don’t have the resources to build this capability in-house and are turning to managed detection and response (MDR) providers for help. One of these providers is Expel — positioned as a leader by Forrester in a recent head-to-head eval...
More info | Register
Webcast
Key Strategies To Combat Malware In An Ever-Moving IaaS
As more sensitive workloads and data continue to migrate to the cloud, cyber criminals and malicious actors are refocusing and sharpening their efforts to locate and attack them. Bad actors have discovered that they too can leverage the power of the cloud by compromising cloud applications and assets with malware and Trojans. After establishing a ...
More info | Register
Webcast
Optimize Your Security Operations
With endless security alerts, expanding product portfolios, understaffed SOCs and remote teams, the demands placed on security professionals are increasing every day.  Watch this webinar for live demos of products, including Cortex™ XSOAR, that can help you overcome your current SOC challenges and minimize stress in your high-pressure job....
More info | Register
Webcast
From Asset Management to Asset Intelligence: Crossing the CAASM
As IT and security teams struggle to manage a complex sprawl of devices, users, cloud services and software, there’s one certainty we can rely on (thanks to the second law of thermodynamics): things will only get more complex. But there’s good news.  What we previously thought of as “asset management” has evolved. T...
More info | Register
Webcast
Ransomware Recovery: Lessons from the CRA/InfraGard Survey
When ransomware gangs attack, organizations’ recovery efforts are often complicated by a lack of process and procedures, limited resources and a general lack of crisis management planning. That, according to a survey of InfraGard’s 77,000-plus membership, which includes organizations in the defense/industrial base, commercial facilities, financial...
More info | Register
Webcast
Adversarial Emulation: How Does Your Team Rate?
Security teams know the key to catching and stopping attacks early is to understand how their adversaries think. But many are behind the curve, according to a recent survey (conducted by CyberRisk Alliance and sponsored by PlexTrac) among 315 security influencers and decision makers in the U.S. and Canada. When it comes to stopping ransomware a...
More info | Register
Webcast
APIs: The new application attack surface
APIs sit at the heart of modern application development, connecting vital data and services. Hackers understand this reality and are increasingly targeting APIs. Existing security tooling cannot detect or stop today’s sophisticated API attacks.  In this webinar, you’ll learn steps you can take right now to reduce your API attack surface....
More info | Register
Webcast
Browser Isolation: Extend Zero Trust threat and data protection
Today, the web browser is likely everyone’s most-used application. But with users online more than ever and constantly executing unknown, untrusted code, the browser also represents one of an organization’s largest attack surfaces.  Browser isolation solutions execute all browser code in the cloud — far away from local devices. That ...
More info | Register
Webcast
Attack Surface Management: A Game-Changer in Security Operations
In May, June, and July 2021, MIT Technology Review Insights, in association with Palo Alto Networks, surveyed senior executives with technology decision-making responsibilities across Asia-Pacific, Europe, the Middle East, Africa, and North America. The research seeks to understand what organizations across the globe are doing to understand and co...
More info | Register
Webcast
Top strategy to investigate threats, simplify operations and scale security
When it comes to security, deciding where to dedicate resources is vital. It’s critical to know what security issues are most likely to crop up within your organization and their potential impacts. The challenge is that the most active threats change over time as the prevalence of different attacks ebb and flow. Tune in to this webcast to learn...
More info | Register
Webcast
New findings indicate organizations prioritize cybersecurity initiatives but lack fundamentals
A new survey of over 1,000 security leaders shows organizations are making strides to improve their security posture but are missing the foundational capabilities needed to realize them. Among the roadblocks to achieving a risk-oriented posture are ineffective security metrics, operational inefficiencies and the lack of full visibility. How are se...
More info | Register
Webcast
Outfox attackers with continuous attack emulation
With the proliferation of cloud, IoT, SaaS and agile everything, today’s IT environments are incredibly dynamic — and under constant attack. Traditional solutions weren’t built for these modern attack surfaces, missing critical exposures and overlooking attack-chain steppingstones, while inundating security pros with false positives. As a result, ...
More info | Register
Webcast
Thwart supply chain attacks by securing development / build vulnerabilities
Given the spate of software supply chain attacks, organizations need to do more to understand and correct development and build process vulnerabilities. The recent SolarWinds and Kaseya attacks have helped highlight some of the broader and pervasive software supply chain vulnerabilities that impact most organizations today. Modern, agile developme...
More info | Register
Webcast
$354 million in potential losses – ‘It Started Out with a Phish’
While it had always been business-critical, email became even more crucial as the COVID pandemic forced organization to adopt new business procedures rapidly. This is evident in Area 1 Security’s new study, “It Started Out with a Phish,” which analyzes over 31 million threats across multiple organizations and industries. This session will highligh...
More info | Register
Webcast
Ransomware protection for your hybrid environment
With the prolific amount of ransomware attacks in the news lately, it’s understandable that you might be concerned about your organization’s level of protection against outside threats and bad actors. The accelerated adoption of digital transformation initiatives that rapidly drove both data and applications to the cloud over the past year resulte...
More info | Register
Cybercast
Malicious Browser Notifications: The New Phishing Attack You’re Not Blocking
Cybercriminals have added a devious weapon to their attack arsenals — malicious browser notifications. And the worst part is they’re not blocked by any current cyber defense. These innocuous looking pop-ups can wreak havoc on your network while remaining completely undetected. They look more realistic than traditional phishing methods and are desi...
More info | Register
Webcast
Data Access? Sure, but there are conditions
Users need access to data and applications, but do they need it all the time? Just as manufacturing saw a sea change with just-in-time component delivery, security teams can develop policies and procedures for just-in-time access for users who need data by validating and verifying devices before access is granted. This webcast looks at how con...
More info | Register
Webcast
CSPM, CWPP, CNAPP & CASB, Oh My!
The vendor landscape for cloud security and compliance solutions is crowded, diverse and confusing. John Alexander, Director of Technical Product Marketing at Orca breaks down the vendor landscape, drawing on Orca and Analyst research, including Gartner’s recent Cool Vendors in Cloud Security Posture Management. Then see how, from a single SaaS...
More info | Register
Webcast
Tailored security: How to select the right managed security provider
Every organization is unique when it comes to cybersecurity, with a specific set of requirements, budget, technologies and headcount that varies for every team. Finding a true security partner that will tailor its services to your exact needs can mean the difference between early detection and mitigation or being another number in a queue with mor...
More info | Register
Cybercast
3 Essentials for automating security across hybrid cloud
Today’s networks are expanding beyond on-prem to include cloud and hybrid deployments. While enterprises seek to balance agility and security, they are also faced with skills shortages and the need to work with the technology of multiple vendors. Automation is key to addressing these challenges while offering cloud, network and security teams the ...
More info | Register
Cybercast
Is Cloud IAM really the new perimeter?
We’ve moved away from having discrete access controls associated with each of our datacenter services to leveraging the public cloud where we issue credentials with full administrative power across all cloud capabilities, including virtual machines, containers, networking, DNS, storage buckets, long-term archived storage and often much more....
More info | Register
Webcast
Attack Surface Management: How to build a defense against attackers
Adversaries are much faster at finding vulnerable assets to attack than defenders are at finding those same assets to secure. To help enterprises gain ground in this battle, the Palo Alto Networks Cortex Xpanse research team studied the public-facing internet attack surface of some of the world’s largest businesses. In this webcast, Palo Alto N...
More info | Register
Webcast
Carbanak+FIN7: Unpacking the MITRE round 3 results
In the new Round 3 MITRE ATT&CK Evaluation, Cortex XDR was evaluated against attack tactics and techniques that have been leveraged by the threat actor groups Carbanak and FIN7. This evaluation involved two complete attack scenarios, modeled against real-world sophisticated attacks targeted at financial institutions. We’ve put together an expe...
More info | Register
Webcast
Has XDR Crossed the Chasm/ EDR is dead, long live XDR
When Cortex XDR was launched in 2019 by Palo Alto Networks as a solution to a siloed detection and response market, no one could anticipate the speed at which Extended Detection and Response (XDR) would proliferate across security operation centers globally. Join Josh Zelonis, Field CTO and Evangelist at Palo Alto Networks as he takes attendees...
More info | Register
Person to Person
The marauders within
Threats don’t come only from external sources; data exposure events caused by insiders can often be more destructive. Malicious insider attacks unquestionably have a damaging impact on organizations, but non-malicious insider incidents occur every day – when users with legitimate access are involved in unintentional data loss or exposure – and can...
More info | Register
Webcast
Friction-free DevOps: How to secure and govern silently
Software developers are tasked with developing and releasing software at breakneck speed, while security teams must have visibility into every workload that debuts to measure risk. Cloud security teams can’t be autonomous as they depend on developers to install security agents to give them that very workload visibility. What’s more? Se...
More info | Register
Webcast
Are you keeping up with phishing attacks?
Phishing today is as dangerous and prevalent as it’s ever been, often saddling organizations with ransomware attacks and destructive and dangerous malware infestations. Fortunately, through a combination of threat intelligence, threat hunting, managed phishing and threat detection services and employee training, companies and their security teams ...
More info | Register
Person to Person
Unlock data-centric security
Perimeter security likely will not be enough to secure the networks of the future. Today’s perimeter is more like tentacles that reach out far beyond the borders of the corporate network and cloud and into your partners’ networks, kiosks and mobile devices. So how do you protect your data at rest, in transit or in use? Zero trust is an option, but...
More info | Register
Person to Person
CRAE Index reveals how cybersecurity leaders are responding to increased threats
If you’d like to hear how security pros are responding and adapting to increased attacks and breaches — including facilitating more comprehensive cyber threat management strategies and best practices and increasing investments and utilization of resources — join the discussion of our panel experts. The Cybersecurity Resource Alloca...
More info | Register
Webcast
The future of code security with transparent benchmarking
The demand for automation in vulnerability discovery increases with the number of lines of code released every minute. The ability to identify vulnerabilities in source code comprehensively, efficiently, and with few false positives is an important primitive to achieve this. In this session, see how we demonstrate success in these areas, includ...
More info | Register
Webcast
Achieve friction-free zero trust with business partners
Supply chain hacks rose 42% in Q1 2021 compared to the prior quarter, and nearly 140 organizations reported being impacted by supply chain attacks in Q1, according to the Identity Theft Resource Center. If attackers’ success in executing supply chain attacks, business email compromise, and financial fraud are dependent on exploiting your partne...
More info | Register
Democast
How to eliminate security blind spots across AWS, Azure and GCP
Are you using agents, network scanners, or CSPM tools to detect risks across your public cloud estate? If so, there’s a better way. Delivered as SaaS, Orca’s SideScanning technology reads your cloud configuration and workloads’ runtime block storage out-of-band, giving you cloud-wide, workload-deep security and compliance for AWS, Azure and GCP &#...
More info | Register
Webcast
Magnify your threat visibility in a hybrid world
In a hybrid world, the ability to identify and stop a threat before it becomes a breach is an uphill battle. Many organizations struggle to maintain proactive security. Managed Detection and Response (MDR) services can help alleviate these burdens while ensuring a proactive, robust security posture. Join Trustwave in this session to learn more ...
More info | Register
Webcast
Hacking multifactor authentication: An IT pro’s lessons learned after testing 150 MFA products
Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than award-winning author and Data-Driven Defense Evangelist at KnowBe4, Roger Grimes. While researching his most recent book Hacking Multifactor Authentication, Roger tested ove...
More info | Register