Industry experts from some of today's top security companies offer their thought leadership and expertise to help tackle current security threats and challenges.
Web Portals: Platforms at Significant Security Risk
From online shopping and
banking to accessing personal health information, consumers are moving more of
their personal lives to the Web. Get the latest Forrester Research report and
learn about the top business risks to consumer-facing Web portals and the
latest identity-related technologies that some organizations are already using
or plan to adopt to minimize their exposure.
here to read the whitepaper.
Partners Research – "Exposing the Malicious Use of Keys and Certificates"
Gavin Hill - Director of Product Marketing and Threat Research, Venafi
With over a 15 years of experience in product development and marketing in the
cybersecurity space, Gavin Hill is particularly adept at identifying where
enterprises are at risk and developing products that mitigate those risks
related to evolving cyber threats. At Venafi he is responsible for the Venafi
Threat Research Center, focusing on Next-Generation Trust Protection.
Katie Bowen - Threat Intelligence Analyst, iSIGHT Partners
At iSIGHT Partners, Katie Bowen is responsible for researching, analyzing and
producing intelligence products and briefings for private sector and government
clients on current and emerging cyber threats.
For years, digital trust that is foundational to every business and government
has been established by cryptographic keys and digital certificates. Recently,
this trust has come under attack from cyber criminals. Through theft and
forgery, malicious actors use stolen or compromised keys and certificates to
attack and infiltrate organizations by stealing data and valuable IP. Their
motives are different, as are their tactics and techniques.
In this webinar you will:
here to view.
- Gain insight into the profiles of malicious
- Understand the current cyber threat
- Learn about real-world examples of attacks
on keys and certificates
- Understand the exposure to your
Forrester Research – Attacks On Trust: The Cybercriminal’s New Weapon
- John Kindervag is a Principal Analyst at Forrester
Research serving Security & Risk Professionals. John is a leading
expert on wireless security, network security, security information
management, and PCI data security. He is a 25-year veteran of the
high-tech world and holds numerous industry certifications, including
CISSP, CEH, QSA, and CCNA.
- Jeff Hudson is the CEO of Venafi, the market leading
cybersecurity company in Next-Generation Trust Protection. Jeff has over
25 years of leadership and management experience in information technology
and security management. He has spent a significant portion of his career
developing and delivering leading-edge technology solutions for financial
services and other Fortune-ranked organizations.
Due to the rise of cybercriminal attacks on trust, more and more
organizations are finding themselves vulnerable to data theft and IP loss.
Hackers have learned how to access cryptographic keys and digital certificates
and exploit the trust they provide to infiltrate networks and systems. Current
IT security solutions are unequipped to detect and remediate these types of
costly assaults and compromises.
Our presenters will guide you through both the risks and the
here to view.
- The rise of trust-based attacks
- Reasons why keys and certificates are
targeted as the weakest link in your defense
- How current security measures are failing
to protect organizations
Calculate The Real Costs of Advanced Attacks and Secure the Budget to Stop Them
- Mike Rothman, Analyst and President,
Even with a seemingly robust security posture, organizations are
all too often exposed to breaches because traditional security defenses simply
cannot detect today’s advanced attacks. Remediation is possible, but comes at a
Join Securosis Analyst Mike Rothman for a live webcast explaining how to
respond to security incidents, model the costs of cyber attacks, and secure the
right budget for a vigorous defense.
Why you should attend:
here to register for the
- Learn how to create a detailed process map
and remediation plan.
- Discover how costs can be modeled to assess
the economic impact of attacks.
- Get the budget you need by learning the
hidden costs of doing nothing - and how to substantiate the ROI of
advanced threat protection.
Vulnerability Voodoo: The Convergence of Foundational Security Controls
- Charles Kolodgy, Research Vice President, IDC Security
- Edward Smith, Product Marketing Manager, Tripwire
Join Charles Kolodgy, Research Vice President for IDC's Security
Products, and Edward Smith, Product Marketing Manager at Tripwire, to learn how
Vulnerability Management at "The New Tripwire” benefits you and your
organization. You’ll also learn how an intelligent approach to performance
reporting and visualization enables better decision making.
In this webcast, Charles and Edward will discuss:
here to register for the
- Integrating Vulnerability Management with
other security controls to improve compliance and security posture
- Leveraging Vulnerability Management beyond
the server room to reduce risk across the entire enterprise
- Combining business intelligence from
Vulnerability Management with other security controls to make better
SANS WhatWorks in Detecting and Blocking Advanced
- John Pescatore, SANS Director of Emerging Security Trends
- Anonymous, Cyber Security Analyst National Laboratory
With cyber attacks increasing exponentially year over year, you
need to prepare yourself for 2014 with vital information that will help
strengthen your cyber security posture. Learn how a large research organization
ensures effective operations and cybersecurity capabilities, and how advanced
threat protection from FireEye helps get the job done.
In an interview between SANS Director of Emerging Security, John
Pescatore, and a veteran cybersecurity analyst, learn how one agencies desire
to take a more aggressive approach to detecting security incidents prompted
them to look at new threat detection systems.
Today, FireEye proactively
inspects traffic on their high speed networks, and detects malicious events
unseen by other installed network security systems.
here to register for the webinar.
Defending Against Advanced Cyberthreats and APTs
Advanced persistent threat (APTs) are no longer associated exclusively with government agencies. They're now a very real threat to many organizations in various industry sectors. Unfortunately, most existing technologies can no longer keep up with the increasing amount of threats perpetrated against them.
This webcast clarifies the nature of APT risks and provides recommendations on how organizations can better protect themselves. Topics include:
Register to view the webinar today.Or download our new whitepaper, "5 Essentials to Protect against APTs.”
- The 7 Stages of Advanced Threats
- How to Defend Against Advanced Threats
- How Websense is playing a leading role in APT defenses
Enabling Fast Responses to Security Incidents with Threat Monitoring
Combating today's cybercriminals requires insight into advanced threats and improved responsiveness to the threats that most current defenses are missing.
As a result, many IT departments are looking for tools that can provide visibility into infected systems, blended attacks, call-home communications, data exfiltration and other advanced threats. This webcast examines the value of threat monitoring and highlights how the new Websense® TRITON® RiskVision™ solution can quickly improve your security posture without disrupting productivity.
- Why IT needs hands-on tools for threat monitoring
- How targeted attacks operate across the 7 stages of advanced threats
Register to view the webinar today.
Websense TRITON RiskVision provides unrivaled insight into advanced
threats, data theft and data loss — plus actionable reporting and
How a Hacker Breaks An Application with
Vulnerability ChainingPresented by:
Click here to register.
In any given application, vulnerabilities can
range from a minor case of Information Leakage to major Insufficient Authorization/Authentication,
and anywhere in between. With such a wide range of vulnerabilities it is easy
to see how, say, an issue with Insufficient Anti-Automation can be minor.
However, a malicious attacker will more than likely focus on multiple vulnerabilities;
this tactic can exploit seemingly minor vulnerabilities and result in a much
more dangerous exploit. Thus, it is clear that apparently "minor”
vulnerabilities can be used in combination with more "dangerous” finds to
create a truly devastating attack that could compromise an entire application.
Caleb Brinkman - Application Security Researcher, WhiteHat Security
Caleb Brinkman is an application security specialist working in the R&D
engineering department at WhiteHat Security. Caleb has been programming since
before high school with a focus on video games and security.
Firsthand Feedback from Hackers to Mitigate Risks
Hacker Methods Revealed
What can the IT security community learn from a "blackhat" who says
he’s decided to go legit?
While many IT security professionals shy away from listening to
anything from the dark side, much can be learned from knowing your adversaries
and what makes them tick.
Join this webinar to learn insights into where your defense
strategy might be at risk and what methods hackers are deploying to thwart
current security measures. We will also cover how this attack information is
used to build defense strategies.
We’ll discuss the following aspects:
- What motivates hackers
- Gain insight to devise better solutions or
to abandon failed technologies
- What attacks are really being used in the
- How the hacker mind sees the world
- How security researchers leverage this attack
- Tracking attacks and deploying protection
Robert Hansen - Director of Product Management, WhiteHat Security
Robert Hansen (CISSP) is the Director of Product Management at WhiteHat
Security. Mr. Hansen has co-authored "XSS Exploits" and wrote the
eBook, "Detecting Malice." Robert is a member of WASC, APWG, IACSP,
ISSA and has contributed to several OWASP projects.
Matt Johansen - Manager,
WhiteHat Security Threat Research Center (TRC), WhiteHat Security
Matt Johansen is a manager for WhiteHat Security’s Threat Research Center
(TRC). Matt began his career as a security consultant for VerSprite, where he
was responsible for performing network and web application penetration tests
for clients. He then took at role at WhiteHat as an application security
specialist for the TRC and quickly rose through the ranks. He currently manages
more than 40 at the company’s Houston location.
here to register.
What You Don’t Know CAN Hurt You: Eliminating Cyber Security Blind Spots and Optimizing Incident Response
Date: June 24, 2013
Time: 10 a.m. PT / 1 p.m. ET
Click here to register today!
The traditional cyber security infrastructure is riddled with blind spots…open doors for threats we can’t see, because the tools we traditionally rely on can’t see them. Detecting data leakage your DLP misses, detecting the new malware your IDS and antivirus don’t recognize, and monitoring traveling and telecommuting employees -- whether they’re logged into your network or not -- are all tremendous challenges for organizations. This is because the traditional cyber security model is piecemeal and dangerously inefficient. For most organizations, their ability to detect threats ends with their DLP and signature-based prevention and alerting tools. Then when a compromise is detected, incident responders rely on a variety of disparate tools and meet in person to share and correlate findings.
Join Dale Beauchamp, branch manager in the information assurance and cyber security division of the TSA, and Jason Mical, vice president of cyber security at AccessData Group as they describe how the cyber security model is evolving and discuss the capabilities that are required to overcome these detection and response obstacles. Beauchamp and Mical will review and advise on the following:
- Investing in detection and response vs. prevention
- The need for technology that picks up where signature-based prevention and alerting tools leave off
- Achieving rapid response through integrated analysis
- Proactive detection – the final frontier – what it takes to detect unknown threats and malicious insiders before damage is done
- Implementing real-time collaboration among all information security teams with reporting up and down the chain of command
MEET THE PRESENTERS…
Dale Beauchamp, Branch Manager, Focused Operations, Office of Information Technology, Information Assurance and Cyber Security Division, Transportation Security Administration
Dale Beauchamp, currently serves as Branch Manager, Focused Operations for the Office of Information Technology, Information Assurance and Cyber Security Division. Dale provides oversight for Computer Network Defense, Forensics, Advanced Persistent Threat and e-Discovery for TSA. Dale previously served as Senior Forensics and Intrusions Instructor for the Defense Cyber Training Academy. As an instructor for DCITA he developed and delivered courses for federal state and local law agencies engaged in the investigation of high technology crime and intelligence gathering. Dale has seven years law enforcement experience as a Maryland State Trooper. As a Trooper he was assigned to the Computer Crime section where he worked as a Computer Forensic Investigator providing, detailed digital forensics analysis support to a host of criminal and administrative investigations. Dale has a Bachelor of Science degree from the University of Baltimore in Business Administration.
Jason Mical, Vice President of Cyber Security, AccessData Group
As Vice President of Cyber Security, Jason is responsible for the global management of AccessData’s cyber intelligence and incident response solutions and assists AccessData’s clients with the assessment of IT risk reduction in such areas as electronic intercepts, intrusion analysis, virus detection, incident response, privacy, asset management, policies, standards and guidelines. Jason also offers his expertise and consulting services to clients and other audiences on issues of electronic, computer and physical security investigations.
Jason has more than 25 years experience in telecommunications fraud prevention, physical security management and network security investigations. During his career, he has developed and implemented overall network security, physical security and fraud control programs for several global organizations. He has also developed security and fraud awareness training seminars used to educate employees, as well as federal, state and local law enforcement officials, and has established and operated security incident response teams and forensic investigation units for several large enterprise organizations. Jason has been an active member with the FBI Infraguard, United States Secret Service Electronic Crimes Task Force, ISSA, HTCIA, ASIS, ANSIR and CTIA Fraud Task Forces.
Click here to register today!
Why Java Exploits Remain a Top Security Risk
Most Java installations — 94 percent — are unpatched or outdated, making them insecure and a popular vehicle for cyberthreats. Yet updating Java installations is not always an option — it might actually break the mission-critical web applications your employees need to do their jobs.
This webinar will show you how to increase your organization’s security while maintaining its productivity. It will explain Java’s role in today’s web-connected world and its exposure to being compromised, plus offer a variety of alternatives and best practices you can employ to mitigate risks.
You will learn:
- How to determine your organization’s exposure to Java exploits.
- Which security measures might address Java’s "zero-day" risks.
- Whether you really need Java on every system, and what your options are.
Cybercriminals are quick to exploit most Java vulnerabilities. Fortunately, you can take steps to identify your options and mitigate the risk. This webinar will show you how.
View the Webinar today.
On Demand Webinar: Cost of Failed Trust – Attacks of Failed Key & Certificate Management
- Dr. Larry Ponemon, Chairman and Founder, Ponemon Institute
- Jeff Hudson, CEO, Venafi
Overview: APT attackers are using keys and certificates to infiltrate networks and steal data. With these attacks growing 600% year over year, organizations are woefully unprepared. First-ever research shows these attacks expose you to losses of up to $400 million over two years.
In this webinar, you will learn:
Click here to view the webinar.
- Why trust established by keys and certificates is the perfect target of attack
- How keys and certificates are poisoned against your organization
- How the lack of visibility and inability to respond make keys and certificates the ideal APT attack vector
- What strategies can help improve the effectiveness of your APT strategy
- Chris Neely, EMEA Technical Director, Venafi
- Bill Hohle, PS Principal Consultant, Venafi
- Mark Miller, Customer Success Senior Manager, Venafi
Overview of presentation: You carefully protect information with the best security technologies, but data remains only as secure as the encryption keys and certificates that safeguard it. Do you know how many certificates your organization has, where they are and how they’re managed?
This webinar will give you an understanding of Enterprise Key and Certificate Management (EKCM) and with case studies from your peers, will help you to understand how to:
Company Profile: Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise–class solution to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys—from the datacenter to the cloud and beyond—built specifically for encryption management interoperability across heterogeneous environments. Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages.Click here
- Maximize system availability and avoid outages
- Secure critical information
- Achieve and maintain compliance
- Recover quickly from CA compromise
- Reduce costs
to view the webinar.
Interested in showcasing your organization's thought leadership through the ISSA Industry Webinar Sponsorship program?
Please contact Vendor Relations at ISSA International Headquarters.