As organizations continue to deal with emerging threats in the malware space, its easy for some to take a complacent view and say, Malware, haven't we done this already? We've been dealing with this for decades. And while people who take this view aren't necessarily wrong, ransomware continues to be one of the most popular cyber attacks among organizations. With malware and ransomware becoming more sophisticated and threatening than ever befor...

The 2020 Automation and Integration Survey provided an overview of where organizations are in their automation/integration journey. This new 2021 survey builds upon its predecessors by identifying those areas where organizations feel they have achieved the benefits of security automation and integration (SOC, IR, other) and then exploring why they feel this way: How mature do organizations feel their use of automation is this area? What are th...

This webcast will explore how users protect their phones at a device and/or application level and gain insights on how organizations secure their company-provided, enterprise devices. Security is more than just a simple device today, so we aim to cover the best practices for protecting your personal and company-owned data.

Today, defenders have in their arsenal faster and more capable technology than ever before. We can build robust prevention, detection, and response processes that augment and empower security analysts. In this solutions forum, we’re going to look at four areas of technology that deliver these improvements and help bolster an organization’s security posture: Zero Trust Endpoint Detection and Response Identity and Access Management R...

Threat intelligence can be a powerful tool to fine tune SOCs efficiency and effectiveness in defending against cyber threats. Join this session to learn how to make the most out of threat intelligence and productively apply it to all the key functions in the SOC protection, detection, and response. Our speakers will walk you through: What companies do to reduce the gap between cyber resilience and business impact How to predict and prevent, th...

Asset visibility, threat detection, and investigative playbooks are critical ICS/OT technologies in your defense against industrial adversaries. However, accessing the information that these technologies need can be a significant challenge for asset owners and operators, as this information is often located throughout your OT environment, including the lower layers of the OT architecture. To solve this problem, Network Visibility tools are use...

Memory forensics is a key component of any incident investigation involving endpoints. It can help determine whether an infection did in fact occur, and if so, what type of threat is involved. However, most SOC/IR teams do not fully utilize memory forensics techniques as part of their investigations usually from lack of time or technical know-how. In this talk, we will show you how Intezers endpoint scanner and Volatility plugin analyze live e...

This session will describe the differences between version 7.1 and version 8 of the Center for Internet Security Twenty Critical Security Controls. This major rewrite of the twenty CSCs reflects core changes in today\'s computing and infrastructure environments.

In Part 1 of this series, MGT516 course author Jonathan Risto discussed what makes a good metric and provided 5 metrics to start measuring within your vulnerability management program, regardless of your program maturity. In this second part of the Vulnerability Management series, MGT516 course author Jonathan Risto will discuss the following metrics: Mean Time to Resolve Average Exposure Window Vulnerability Reopen Rate and why these advanced...