The document discusses several topics related to cybersecurity including integrating endpoint technologies to stop threats, developing adaptive defenses to identify attackers, using threat modeling to assess vulnerabilities, selecting effective endpoint security products, protecting critical servers from advanced threats, finding exploitable flaws through fuzzing, implementing the top 4 critical controls, modern botnets posing major risks to banks, gathering additional threat intelligence from security tools, and training admins to detect and react to attacks.

1. A VISUAL SNAPSHOT OF SECURITY
THREATS, TRENDS AND IDEAS.

2. JEFF POLLARD,
LASTLINE
Integrating Endpoint Workflow to
Stop Attacks Before They Start
Victory does not always require a
waged battle. By integrating best-
of-breed advanced malware
analysis and endpoint technologies,
organizations can effectively
identify and stop threats before
damage occurs.
@LASTLINEINC

3. DR. JOHN JOHNSON,
JOHN DEERE
Keep Your Company from Becoming
Collateral Damage in a Cyberwar
Knowledge of who is attacking you and
what they are after can help you to
develop an adaptive defense to
advanced threats that involves breaking
the kill chain to protect sensitive data,
and more quickly detecting and
responding to threats.
@JOHNDJOHNSON

4. ADAM SHOSTACK,
AUTHOR
Threat Modeling:
Lessons from Star Wars
A simple approach to Threat
Modeling can be to start by
answering these four questions:
What are you building/deploying?
What could go wrong? What are you
going to do about it? And, did you do
a good job?
@ADAMSHOSTACK

5. TODD BELL, INTERSEC
What’s the Big Deal with
End-Point Security?
Endpoint security is becoming a
“must have” for enterprises.
However, not all endpoint products
are created equal. Know what to
look for when selecting a vendor,
including API integration with
existing tools sets and sandboxing
malware.
@INTERSECGROUP

6. TERRY RAMOS,
PALO ALTO NETWORKS
Enhanced Protection For
Your Critical Servers
Reduce the time to detect and
protect against advanced threats
from the network edge to endpoint
systems. With Tripwire Enterprise
and Palo Alto Networks’ WildFire,
you get unprecedented protection
against zero-day exploits.
@PALOALTONTWKS

7. CRAIG YOUNG,
TRIPWIRE
Black Ops Recon:
Finding Your Faults First
Adding fuzzing to your security test
framework plenty of benefits.
Inexpensive cloud computing
resources were used to find
exploitable flaws in open source
software at a cost of less than $0.25
per vulnerability.
@CRAIGTWEETS

8. QUINN SHAMBLIN,
BOSTON UNIVERSITY
Know Then Thyself: Using the Top
4 Critical Controls for
Effective Cyber Defense
Provide a product line that directly
targets the Top 4 Critical Security
Controls. The DBIR says only 10
vulnerabilities account for 99% of
breaches, meaning many organizations
are still not getting the essentials
right.
@BUINFOSEC

9. DR. KEN BAYLOR,
STEALTH WORKER
Cybercrime Tools:
New Uses and Abuses
@BAYLORSECURITY
Modern botnets are a major threat
in the global financial space,
responsible for stealing several
hundred million dollars and billions
in intellectual property. For smaller
banks, botnets can be business-
ending.

10. TRAVIS SMITH,
TRIPWIRE
My Bro the ELK: Obtaining
Context from Security Events
@MRTRAV
Using commercial and open-source
threat intelligence tools, the
TARDIS framework allows you to
gather additional intelligence from
your current security infrastructure
in order to detect historic and real-
time indicators of compromise.

11. JAMES BRODSKY,
SPLUNK
Tripwire + Splunk: Partnering to
Provide You with Better Security
Intelligence
@JAMES_BRODSKY
Integrating Splunk with Tripwire
provides the ability to easily visualize
the overall health of your IT
environment to help reduce the cycle-
time of identifying vulnerabilities,
security violations and mean time to
identify and remediate risks.

12. DAVID NEWMAN,
TELUS
Turning Admins into
Cyber Defenders
@TELUS
By developing defensive capabilities
and situational awareness, Admins
learn to detect and react quickly to
any attack. Operationalizing security
means they become participants,
who are engaged and trained for
“cyberwar.”

13. KELLY KINGMAN,
KINGMNAN INK
Kelly is a graphic recorder that
creates visual summaries of
spoken content like talks,
discussions, and meetings. Her
visuals stimulate creativity and
collaboration to help the
audience retain and understand
information.
@KINGMANINK

14. FOR THE LATEST SECURITY
NEWS, TRENDS AND INSIGHTS,
VISIT US AT:
WWW.TRIPWIRE.COM/BLOG
@TRIPWIREINC
IMAGE COURTESY OF SHUTTERSTOCK.COM