Investigating and Hunting for Anomalies
Matt Hollcraft, Maxim Integrated CISO
Ryan Kazanciyan, Tanium Chief Security Architect
10 AM PDT
The amount of time an attacker remains within your network directly affects the scope and cost of a breach. As you know, attackers are creative; once in your network, they can remain undetected for months, wreaking havoc along the way.
But investigating and hunting are easier said than done. Each day, security professionals are faced with a constant flood of alerts to filter through and prioritize. And, during an active investigation, it’s a struggle to understand the context of any anomalies without a clear picture of what’s happening across your network.
In this webinar, we’ll share real-world examples from the front lines of cyber-hunting, and discuss best practices on how to reduce the mean time to investigate.
Speaker:Joey Johnson, Premise Health CISO
Healthcare security requirements become even more complicated with the move to the cloud. Competing internal priorities, along with numerous cloud apps to control, increase strain on already under-resourced teams. Visibility and control over data can seem almost impossible when it is being stored in locations you do not own or manage.
In this Bitglass-sponsored webinar led by Premise Health CISO Joey Johnson you will learn about how to avoid console overload by consolidating controls with a cloud access security broker platform.
Key topics include:
- Overcoming security dashboard overload when trying to manage authentication, access controls, devices, threats, compliance, malware, DLP, etc
- Healthcare security options to control data in the cloud
- CASB platform and solution overview
Speaker: Michael D. Molinaro, Chief Information Security Officer & Vice President-Information Systems BioReference Laboratories Inc.
The pervasiveness of Linux systems in the enterprise today means that being able to identify root, specify access controls for Linux users and monitor privileged user activity is now a requirement. As environments become increasingly heterogeneous (Windows, Mac, Unix, Linux, cloud, on-prem., etc.) and complex, centralizing identity and access across the enterprise grows more problematic, while being more critical than ever.
Join Chief Information Security Officer at BioReference Laboratories, Mike Molinaro, who will provide attendees with an educational overview of his identity, access and provisioning business model. Learn from Mike as he walks you step-by-step on how to centralize identity and provision critical security controls on Linux systems. Donning his CISO hat, Mike will demonstrate how security professionals can approach project expectations across different users and management teams in order to dial in proper access controls for privileged users in Linux systems, while earning buy-in from end-users.
After attending this webinar you will also learn:
- What access logs are, and how to monitor users on Linux operating systems
- How and where Active Directory fits in and identifying where your root is
- What the entitlement review process looks like (necessary for Linux, Unix, Windows, Mac)
- Why provisioning is a must for any access needs
- What sudo management is exactly and how sudo works
Date: March 30th
Time: 2 PM EDT/11 AM PST
Greg Schaffer, First Bank CISO
Ely Kahn, Sqrrl Co-founder and former Director of Cybersecurity at the White House
There's no question that security teams are taking an active role in detecting and isolating sophisticated attacks. But, with the flood of alerts and false positives compounded by the difficulty in recruiting qualified personnel, it becomes increasingly important to leverage technology to detect "real" advanced threats quickly so that analysts can be more effective.
This webcast will highlight the findings of CISOs Investigate: User Behavior Analytics — a peer written research report that looks at the benefits of user and entity behavior analytics. It also will incorporate complementary threat hunting technology that enables analysts to proactively detect advanced threats that may evade discovery by automated analytics and alerts.
Used together, UEBA and Hunting can form a closed-loop process fusing together both human-driven and analytics-driven threat detection to significantly improve security operations effectiveness and detect the most sophisticated cyber threats.
In this session, you’ll learn why and how:
- CISOs are using UEBA through real-world use cases
- Threat hunting and UEBA can help organizations improve their security
- Security analysts can use threat hunting and UEBA in conjunction to find advanced attacker behaviors
Bracing for the Next Big Attack? How to Build an Effective Incident Response Plan
Brian Lozada, Zocdoc CISO
Rick Caccia, Exabeam CMO
An incident response plan will either make or break your organization in 2017. History has shown that no organization is immune to cyber threats, increasing the need for effective response. Unfortunately, many IT professionals feel their organizations’ IR capabilities are ineffective.
How do you improve your IR plan?
In this webinar, Zocdoc CISO Brian Lozada, and Exabeam CMO Rick Caccia will discuss the challenges faced as well as provide strategies to help you:
- Automate your response procedures with incident workflows and playbooks
- Reduce response time and errors
- Increase productivity of all IR and SOC staff
- Connect and coordinate all of your security technologies with orchestration
Topic: Your 2017 Cloud Security Action Plan
Matt Hollcraft, Maxim Integrated, Chief Information Security Officer
Dave Ruedger, Maxim Integrated, Chief Security Architect
Rich Campagna, Bitglass, Vice President of Products
We are now three plus years into widespread adoption across industries of public SaaS apps like Office 365. Despite this momentum, security and compliance remain top challenges. This webinar, featuring Matt Hollcraft, CISO for Maxim Integrated, Dave Ruedger, Chief Security Architect for Maxim Integrated, and Rich Campagna, SVP of Products for Bitglass, will help you build a 2017 action plan to embrace public cloud without sacrificing security and compliance.
While offering practical, actionable advice for major apps like Office 365, Matt, Dave and Rich address your top concerns, such as unmanaged device access, external sharing, and mitigating controls. They also provide real world examples of how other organizations have securely navigated the public cloud.
Topic: Office 365 Security - A CISO and Cloud Access Security Broker Give Practical Advice on How to Safeguard Your Data
Greg Schaffer, FirstBank, CISO
Rich Campagna, Bitglass, Vice President of Products
Public cloud apps like Office 365 are being widely adopted in every major industry, with security & compliance at the top of the list of concerns.
In this sponsored Security Current webinar brought to you by Bitglass, Greg Schaffer, CISO at FirstBank, and Rich Campagna, VP of Products at Bitglass, will provide practical cloud security advice that you can apply immediately in your organization.
Topic: Firewall as a Service - Beyond the Next Generation Firewall
Ofir Agasi, Director of PM Cato Networks
Firewall as a Service, recently recognized by Gartner as a high impact emerging technology in Infrastructure Protection, presents a new opportunity to reduce cost, complexity and deliver better overall security for the business.
Join this sponsored webinar brought to you by Cato Networks to learn:
- The challenges IT networking, security and Ops teams face with distributed network security stack andDirect Internet Access
- How Firewall as a Service can address these challenges, and what are the required capabilities
- How Cato Networks protects enterprises in the cloud, simplify network security and eliminate appliance footprint in remote locations