Discover the Cost of Failed Trust:
Attacks That Could Cost You $400 Million

Presented by:

Every enterprise is potentially risking upwards of $400 million from attacks against cryptographic keys and digital certificates—yet few enterprises are managing these critical resources.

Rather than learn about these emerging attacks by falling victim yourself, discover them in Ponemon Institute’s First Annual Cost of Failed Trust Report.

The ground-breaking report unearths a vast vulnerability—thousands of unmanaged keys and certificates—that hackers are already exploiting. Discover the critical cloud technology that you need to secure. Learn about a common, but easily-preventable attack against trust.

Download the report today.

---

The New York Times fell for a spear-phishing attack.
Could your organization?

Presented by:

You’ve probably read the news: The New York Times recently acknowledged it had been under attack by China-based hackers for months. In its own report, the newspaper noted, "[investigators] suspect the hackers used a so-called spear-phishing attack.”

"Would I be able to recognize a spear-phishing attack?” That's what employees—and especially executives—are asking. They want to know how to ensure that a seemingly harmless email doesn’t put them in the headlines.

Find out how to protect yourself against spear-phishing and other advanced threats.

• Register and watch this webcast for guidance on how to recognize advanced threats and protect yourself from them.

Then take the Operation Spear Phish Challenge to test your knowledge.

---

Forrester Research: Kill Your Data To Protect
It From Cybercriminals Whitepaper

Presented by:

As cybercriminals have become more skilled and sophisticated, the effectiveness of traditional perimeter-based security controls have become eroded. As a result, encryption has become a strategic cornerstone for security and risk management.

This whitepaper shares best practices about how you can make cybercriminals bypass your network and look for less robustly protected targets, and addresses why key and certificate management is becoming the benchmark for effective security and compliance.

Download now to learn:

1. Why valuable data should be encrypted to remove the hacker’s threat
2. Why key management is the most important component of your enterprise encryption strategy
3. Best practices and standards for managing encryption keys across your infrastructure (data center, cloud, mobile)
4. Next steps for security and compliance risk remediation

Download Kill Your Data to Protect it From Cybercriminals and protect your data from cybercriminals and your organization from failed security audits.

---

Forrester Research: Why Encryption Key Management
is the New Strategic Milestone

Presented by:

Join speaker John Kindervagg of Forrester Research, Inc. and Jeff Hudson of Venafi for an informative on-demand webinar, "Emerging Threats and Ubiquitous Encryption."

This webinar shares best practices and real-world case studies, and addresses why key and certificate management is becoming the benchmark for effective security and compliance.

View now to learn:

1. Why valuable data should be encrypted to remove the hacker's threat

2. Why key management is the most important component of your enterprise encryption strategy

3. How the world's leading, Fortune-ranked organizations address key management

4. Best practices and standards for managing encryption keys across your infrastructure (data center, cloud, mobile)

5. Next steps for security and compliance risk remediation

View this valuable webinar now and protect your data from cybercriminals and your organization from failed security audits.

As an added bonus, view now, and you'll also receive access to a July 2012 Forrester Research, Inc., report from John Kindervag, Principle Security and Risk Analyst,"Kill Your Data to Protect it From Cybercriminals".

---

7 Security Trends to Watch Out for in 2013

Presented by:

Information security continues to grow more complex, and 2013 will be no exception. Using data from the Websense Threatseeker network, which gathers information from over 900 million global endpoints and analyzes up to 5 billion content requests per day, our Security Labs™ team developed these 7 predictions to provide insight into key threats to prepare for in 2013. We encourage you to use these 7 predictions to review your current defenses and identify security gaps in 2013 and beyond.

Our 7 predictions include:

• Why more cross-platform threats will be targeted at mobile devices
• How legitimate mobile app stores will host more malware in 2013
• Why government-sponsored cyber-attacks will likely increase

All webinar attendees will also receive a copy of the full 2013 Predictions Report, which also includes spotlight articles on Mobile Security, Email Security and Java Exploits.

Click here to view this free webcast.

---

DLP 3.0 Redefining Data Protection
in the Age of Combined Threats

Presented by:

Date: Wednesday, January 30, 2013
Time: 12 Noon EST

DLP 3.0 defines data protection in terms of the combined risks and threats that companies must be able to identify, measure, and mitigate in order to protect their most critical data. Companies who do not or cannot take this foundational and holistic approach to data protection are at serious risk to experience a breach and suffer the expensive consequences.

In this web seminar you will learn:

• DLP 3.0, what has changed and what you must know
• Effective strategies for building a DLP 3.0 program
• The technology requirements for DLP 3.0
• Your Next Steps in meeting the DLP 3.0 challenge

Click here to register for this webinar.

---

How to Reduce Your Organization’s
Exposure to Phishing

Presented by:

Date/Time: Friday, December 14, 2012, 2 p.m. (EDT)
Speakers: Christian Kirsch, Product Marketing Manager, Rapid7 and Joe Dubin, Product Manager, Rapid 7

Phishing is often the initial attack vector of a data breach. Many organizations already conduct end-user trainings and implement technical security controls to protect their data. The challenge is to know how much the organization is exposed to phishing and which countermeasures actually reduce risk.

In this webinar for IT and security professionals, Christian Kirsch and Joe Dubin discuss how you can reduce your organization’s exposure to phishing attacks by gaining quick insight of risks and addressing them on technical and training levels.

You will learn about:

• Simulating a phishing attack to get a fast overview of your risk exposure.
• Identifying where your organization is the most vulnerable.
• Providing security awareness training and tweaking technical controls based on your insights.

Click here to register for this free webcast.

---

BYOD Accelerated: What You Need to Know
to Keep Your Mobile Devices Secure

Presented by:

Date/Time: Thursday, November 29, 2012, 2 p.m. (EDT)
Speaker: Saj Sahay, Senior Director of Product Marketing, Mobilisafe, Rapid7

The Bring Your Own Device trend is coming fast and furious - according to Gartner Research, over 800,000,000 mobile devices were sold in 2011, and that is expected to grow to over 1 billion in 2012. Enabling BYOD is a known driver of employee productivity, but it also creates significant organizational security risk. Eliminating these risks is now a top concern for most organizations, but there are inherent complexities with the mobile ecosystem, evolving employee behavior, and lack of adequate knowledge of mobility at most organizations that make securing mobile devices a difficult undertaking.

Join Rapid7 on Thursday, November 29 at 2:00 p.m. EST for a free webcast on the top challenges with securing mobile devices. The webcast will address top security concerns and challenges including controlling user behavior, mobile device vulnerability patching, dealing with lost or stolen devices and managing multiple device platforms.

The presentation will also include a live demonstration of Mobilisafe, Rapid7’s mobile risk management solution.

Register Now - Space is Limited!

---

Data Breach 2012: Preparation, Response and Effective Communication with the C-Suite

Presented by:

Data breaches abound in 2012 and security professionals have done a good job raising awareness in the C-Suite, but more can be done. This presentation gives you an overview of some of the more noteworthy breaches this year, discusses trends, the legal landscape, how to plan for a breach and get buy-in from the C-Suite.

Speaker: Tom Hibarger is Managing Director in the Washington, DC office of Stroz Friedberg, a digital risk management and investigations firm. Prior to joining Stroz Friedberg, Mr. Hibarger was an Assistant U.S. Attorney in Washington, DC, most recently serving as the Chief of the Criminal Division. Prior to that, Mr. Hibarger was a Computer Hacking and Intellectual Property (CHIP) prosecutor. He is a member of the Georgetown University Law Center Cybersecurity Law Institute Advisory Board and recently lectured at the 2012 Virginia Information Technology Legal Institute on Ethical Issues Related to Cybersecurity.

Click here to view this presentation.

---

Spotting the Speed Bumps: Understand
Your Mobile Vulnerability Risk

Complimentary Webcast
Presented by:

Do you know how to protect your company data against mobile vulnerabilities?

Join Rapid7's complimentary webcast on Thursday, November 1 at 2 pm, where Dirk Sigurdson, Director of Engineering for Mobilisafe at Rapid7, will discuss the importance of understanding mobile vulnerabilities and risks and best practices for mitigation.

This webcast will cover:

• Mobile vulnerability overview and landscape
  
  
• Differences of vulnerabilities including examples of severe
  
  
• How to tackle remediation for mobile vulnerabilities

This webcast will also include a live demonstration of Rapid7’s mobile risk management solution, Mobilisafe.

Date: Thursday, November 1
Time: 2 pm ET / 1 pm CT / 11 am PT / 7 pm London

Register Now - Space is Limited!

---

Don’t Get Burned: Assess Your IPv6 Risks

Presented by:

In this webcast, Bernd Leger, VP of Marketing, Products & Solutions at Rapid7 and Ryan Poppa, Product Manager at Rapid7, discuss the risk associated with IPv6, even if you are not running an IPv6 environment. With challenges in identifying devices that are IPv6 enabled in your IPv4 environment, IPv6 represents a significant attack vector that hackers can use to tunnel in through IPv4 devices and then exploit IPv6 vulnerabilities currently not identified.

By watching this webcast you will learn:

• The current state of affairs of IPv6 and what makes its security aspects unique to protecting your corporate assets.
• How to minimize IPv6 threats by discovering, scanning and identifying vulnerabilities in your networks.
• How to identify IPv6 assets in your networks, even if you are running IPv4 environments.
• How to integrate IPv6 security into your broader security program.

Click here to register.

---

Analyzing the Most Dangerous Threats…
Those That Succeed

Presented by:

Click Here to View On-Demand

According to the latest Advanced Threat Report from the FireEye Malware Intelligence Lab, today’s dynamic, stealthy threats are evading typical security defenses in record numbers. In the past six months, malicious infections have risen nearly 400%.

Join Ali Mesdaq, Security Researcher, FireEye, for an inside view into the most dangerous and successful cyber attacks that are compromising networks today.

Attend the webcast and learn about the five keys cybercriminals use to ensure success, including:

• Increasing the use of Web-based malware

• Targeting the most valuable industries

• Blending URLs and attachments in email-based attacks

• Utilizing throw-away domains

• Increasing the number of single-use malicious attachments

You’ll also learn why signature-, reputation- and basic behavior-based technologies are no longer effective against today’s threats.

---

How a Top Financial Institution Stops Cyber Attacks

Presented by:

Now Available On-Demand

The financial services industry is a top target for cybercriminals. Successful cyber attacks continue to increase and the related costs have risen into the multimillions.

Join Jerry Archer, SVP/Chief Security Officer, Sallie Mae, along with FireEye security experts, for a live webcast, "The Rising Costs of Targeted Attacks on Financial Institutions.” Learn how Sallie Mae benefits from using signature-less technology from FireEye to combat targeted and zero-day threats. This special broadcast also includes a live Q&A to answer your most pressing questions.

Key topics will include:

• Dynamic defenses to stop targeted, zero-day attacks.

• Real-time protection to block data exfiltration attempts.

Integrated inbound and outbound filtering across multiple protocols, and much more.

---

Muddy Waters: How to Swim Clear of
Application Security Vulnerabilities

(Part of Life's a Breach Webcast Series)
JOINT WEBCAST WITH SECURITY INNOVATION

Presented by:

Date: Thursday, September 6, 2012 at 2:00 pm Eastern

Speakers: Bernd Leger, VP of Marketing, Products & Solutions, Rapid7 and Ed Adams, CEO, Security Innovation

Registration link and webcast overview

With web applications vulnerabilities such as cross-site scripting and SQL injection representing 41% of all disclosures in 2011, a holistic security program that combines proactive vulnerability management with security awareness at the core in combination with developer training is more essential than ever.

In this Webcast, part of Rapid7's "Life's a Breach" summer webcast series, Bernd Leger, VP of Marketing, Products & Solutions at Rapid7 and Ed Adams, CEO, Security Innovation will provide best practices how to build security education from the ground up into your security program.

Key benefits of attending:

• Build a holistic security training program across engineering, IT and security teams

• Incorporate training needs into your SDLC to optimize security

• How to leverage online training programs to drive self-sufficiency

Click here to register.

---

United Airlines Case Study - SSL Certificate Management in the Data Center, Cloud and Mobile at United Airlines

Presented by:

Of the many interesting case studies at this year’s RSA Conference 2012, the United Airlines story was particularly compelling on key management. With multiple systems and applications leveraging PKI in their data centers, private cloud and on mobile devices, the airline giant had thousands of digital certificates and keys to manually manage.

Download a copy of the case study now to discover how United Airlines:

1. Discovered that its certificate-management problem was bigger than it thought

2. Created a plan to implement and automate certificate lifecycle management

3. Found and quickly addressed significant security and operational risks

Is your organization suffering unanticipated downtime from expired certificates? United Airlines has some advice for you. Check out slide 29 in their RSA Conference 2012 presentation.

Click here to register.

---

Life's a Breach!

Presented by:

When: Wednesday, August 8
Time: 2:00 pm ET

Join Bernd Leger, VP of Marketing, Products & Solutions at Rapid7 and Jody Brazil, President and CTO at FireMon, for a free webcast, "Surfing the Riptides: How to detect the undercurrents of real security risk." In the webcast Bernd and Jody will discuss how to build out a comprehensive vulnerability and security risk management strategy

Participants of this webcast will learn:

• How to discover, assess and prioritize vulnerabilities and misconfigurations in your networks, databases, operating systems and web applications
• How to visualize attack paths, showing how an attacker could penetrate the network
• How to conduct what-if analysis to ensure you know which remediation steps have the greatest impact to protect your critical assets
• How to measure risk and make it specific to your security program

Register now - space is limited!

---

Engaging Your Mobile Customers
While Protecting Sensitive Data

Presented by:

Mobile access by customers for business services, applications, information and transactions continues to grow at a rapid pace and serves as a key driver of customer engagement and revenue. Companies are investing a great deal in easy access and a positive customer experience.

But while device proliferation, multi-device users and BYOD has presented opportunities, application readiness and the protection of sensitive data must be addressed to support a seamless and trusted engagement.

During this webcast we will discuss the mobile opportunities businesses are attempting to capitalize on; the readiness, security and usability challenges that must be overcome; and various security solutions businesses can take advantage of to reach their mobile customer engagement goals.

Date: July 24

Speaker: Tyson Whitten, Senior Principal, CA Technologies Security Business Unit

Time: 1:00pm EDT

Click here to register.

---

Industry Webinar: Eight Steps to a
Secure Cloud Infrastructure

Sponsored by: 

Date: Wednesday, June 6, 2012

Time: 10:00 AM CST

As cloud computing solutions go mainstream, data security and privacy concerns are at the center of the IT outsourcing debate. What is the new landscape with regard to infrastructure, data security, compliance, regulatory implications and outsourcing? How are these concerns pushing CISOs and CIOs to adapt their cloud type, delivery model and platform architecture to stay ahead of the competition?

Chris Richter, CISSP, CISM Vice President, Security Products and Services, Savvis a CenturyLink Company will provide an eight-step overview addressing these questions while exploring how information security impacts cloud computing, IT outsourcing and time to market. Join the conversation about how IT security professionals can work through these considerations and service delivery models to meet business needs in the boardroom.

The webinar will feature:

• How to filter-out the hype of cloud computing (good and bad) and pragmatically assess the risk of moving applications to the cloud
• The criteria necessary to evaluate whether to outsource your cloud computing environment
• Industry and regulatory compliance standards and how to evaluate adherence viability

Click Here to register for this complimentary live webinar.

Can't make this date? Register for the event and receive the slides and Webinar recording 48 hours after the Webinar.

---