Threat Exposure Management (TEM) is a new approach to security designed to help organizations identify, prioritize and manage unexpected risks or exposures. This approach differs from standard threat management practices by taking a contextual view of threats, focusing on establishing a process for how information is collected and integrated together to inform better and faster decision making. Though the term, threat exposure management, is n...

There is no doubt that Zero Trust has become one of the main topics in the cybersecurity industry. Since the US Federal Government mandated agencies to accelerate the adoption of Zero Trust and issued detailed guidelines on implementing a Zero Trust Architecture in the second half of 2021, Zero Trust has become both the ‘de facto’ cybersecurity approach and a controversial concept used by some as a marketing ploy. But what is Zero...

This session is to walk through a demonstration of Pentera: The Automated Security Validation solution. Organizations over the years have been following a defense in depth model to protect their critical assets. While this strategy makes sense; the tools, processes, and procedures surrounding this initiative have grown significantly. How confident can organizations be that each layer and the enormous effort undertaken is working effectively? D...

Storing your data in cloud services doesn't always guarantee the security of it. Data loss can occur for various reasons including human errors, ransomware attacks, or other kinds of malicious deletion.It is important to understand the retention policies and data back-up strategies so we can quickly react to any threats that could lead to permanent data loss and quickly recover data. This webinar will focus on the possible external factors tha...

Discovering, identifying, inventorying, and assessing all digital assets — a continuous process known as Attack Surface Management (ASM) — is essential for organizations to secure their environment. After all, you can’t protect what you don’t know about. External threats, vulnerabilities, shadow IT, and cloud misconfigurations are a few critical areas that may sneakily pose risks to organizations. The goal for IT and se...

Operational technology (OT)/industrial control system (ICS) security is an ever-changing and evolving field required to continually adapt defense strategies to meet new challenges and threats—all while maintaining the safety and reliability of facility operations. This event will focus on how OT/ICS defenders across all industries meet these challenges, and will highlight key areas to help defend critical infrastructure moving forward, i...

News Flash: You’re not just responsible for your own organization’s risk anymore. You need to watch out for your friendly, and sometimes not-so-secure, business partners, too. Third-party risk assessment is crucial to the defensibility of your cyber ecosystem, yet the task can be daunting. How do you know whether a third party has been the victim of a security breach? Which ones are most likely to experience a ransomware attack? W...

One of the most prolific attacks over the past few years, that has touched nearly every industry and kept security professionals up at night, is ransomware. Ever-looming as the threat that can bring an organization to a halt, we have seen an explosive growth in ransomware and extortion attacks. Driven by never-ending vulnerabilities and automated attack tools, ransomware shows little signs of slowing down. It is time to change that pace. Join...

Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses. Once attackers have gained access to your infrastructure, be it through a compromised host or through physical access, they will be looking to gain access to further resources. While there is a wide variety of ways that attackers can use to broaden their footprint in your environment, this webcast will focus on...

Do we ask too much of our security validation platforms? Is it really possible to mitigate risks created by security gaps, vulnerabilities, and external exposure across an entire organization? Yes—it’s all about asking, and answering, the right questions. In this webcast, Senior SANS Instructor Dave Shackleford and Cymulate’s Director of Cyber Evangelism Dave Klein examine the Cymulate Extended Security Posture Management Pl...