Threats have increased exponentially. Current indicators show a massive increase in threat vectors as a result of COVID-19. What makes this more unsettling is the fact that most ransomware will remain dormant for months before activating. Check out this presentation with ATC provider, TPx. Topics covered during this virtual event include: firewall security, firewall software, endpoints, malware, backups and DR, managed security services and TPx MSx.
There have been many recent publications that focused on malware evasion techniques – specifically techniques that malware employs to avoid detection and tools that can be used to defeat this evasion. But what happens when malware doesn’t need to evade detection because it first disables the very tools you’re using to detect malware and evade detection? It sounds complicated but the threat is very real and extremely easy to accomplish.
Your organization will be breached. It's a matter of when, not if. How you respond may be the difference between recovering and closing your doors.
This talk is designed to help small businesses or businesses with small IT organizations to develop a viable incident response program.
Businesses of all sizes face risks in the everyday acts of using digital technology and the Internet for legitimate purposes. This presentation outlines eight common threats that traditional antivirus alone won't stop, and explains how to protect your organization using endpoint security. For more, visit: http://bit.ly/8Threats_wp
There have been many recent publications that focused on malware evasion techniques – specifically techniques that malware employs to avoid detection and tools that can be used to defeat this evasion. But what happens when malware doesn’t need to evade detection because it first disables the very tools you’re using to detect malware and evade detection? It sounds complicated but the threat is very real and extremely easy to accomplish.
Your organization will be breached. It's a matter of when, not if. How you respond may be the difference between recovering and closing your doors.
This talk is designed to help small businesses or businesses with small IT organizations to develop a viable incident response program.
Businesses of all sizes face risks in the everyday acts of using digital technology and the Internet for legitimate purposes. This presentation outlines eight common threats that traditional antivirus alone won't stop, and explains how to protect your organization using endpoint security. For more, visit: http://bit.ly/8Threats_wp
Learn what cyber security means for your law firm, your employees, and your bottom line. This presentation will provide a snapshot of the IT Security threats facing law firms today, as well as the knowledge and tools you can use to prevent them.
Nuts & Bolts of the Dynamic Attack ChainIBM Security
With significant breaches of personal and corporate data being announced regularly, there is even more value in understanding how the dynamic attack chain really works in addition to what tools your organization can use to disrupt it. From break-in to ex-filtration, you will be taken through a "real-world" scenario to understand how easy it is for attackers to infiltrate your network and steal sensitive data. We will review the technologies you can use to combat these threats and contain the impact of a breach as well as determine what protection strategy you should adopt to avoid being the next headline.
Join this live webinar, presented by Christopher Beier, IBM Security Senior Product Marketing Manager, to:
- Experience a "real world" step-by-step scenario from break-in to ex-filtration
- Learn in detail how the dynamic attack chain works
- Understand which network and endpoint protections your organization should have in place
View the on-demand recording: http://securityintelligence.com/events/nuts-bolts-dynamic-attack-chain/
In this presentation Daniel Michaud-Soucy, Principal Threat Analyst at Dragos, will demonstrate three separate models in order to identify gaps in ICS security posture. First, threat modeling serves as an inward look as an ICS network defender in order to properly understand the environment, the threat actors, the impacts, the risks and the crown jewels pertaining to an industrial process. Second, the ICS cyber kill chain serves as an outward look at the steps an adversary needs to take in order to achieve their objectives. Third, the bowtie model allows a graphical representation of the threats to the environment as well as the protection, detection, and response controls that help secure it. In the end, the asset owner creates a holistic picture of the security controls in their network, pertaining to the threat actors they care about and allows identification of gaps in their strategy.
Visit www.dragos.com to learn more about the Dragos industrial cybersecurity platform for increased visibility of assets, threats and guided responses.
Incident handling of intrusions related to cyber espionage operations is a complex and challenging task. As a national CERT with a unique national early warning detection system, NSM NorCERT has detected and responded to incidents that vary from traditional incident response and abuse handling to counter-intelligence operations. Based on some real-world examples, this talk will be about incident handling of cyber espionage intrusions. What are the most common pitfalls and how can companies be better prepared?
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?IBM Security
Despite the implementation of various security controls, enterprises are being breached on a daily basis. Hackers use a variety of tools and techniques to infiltrate corporate networks and access valuable data. The prevailing method is to infect employee endpoint with advanced malware, steal login credentials and gain a foothold within the corporate network. Identifying effective solutions to prevent and mitigate these threats has never been so challenging.
In this live session Dana Tamir, Director of Enterprise Security Product Marketing at IBM Security Trusteer will:
- Discuss the threats and challenges organizations are facing in today’s rapidly evolving threat landscape
- Examine the business case for endpoint protection and breach prevention
- Provide recommendations for effective endpoint protections
View the on-demand recording: https://attendee.gotowebinar.com/recording/5627325065449913090
Intelligence-based computer network defence: Understanding the cyber kill cha...Huntsman Security
An overview of the cyber-security kill chain concept and the implications for computer security and network defence using real-time anomaly detection, threat intelligence and intelligence response.
Cyber Security - IDS/IPS is not enoughSavvius, Inc
Watch the full OnDemand Webcast: http://bit.ly/CyberSecurityIDSIPS
Network breaches are on the rise. You can find statistics and specific accounts of breaches all over the Web. And those are just the ones companies are willing to talk about.
You have an IDS/IPS in place so you’re protected, right? Not necessarily, since most breaches today are unique, and often employ prolonged, targeted attacks, making them hard to predict and counteract with existing IDS/IPS solutions. Worse, sometimes attacks begin, or are at least facilitated, from within the firewall, whether maliciously or simply due to negligence and inappropriate corporate network usage.
The current environment of profit-driven network attacks requires that you supplement existing IDS/IPS solutions with technology that constantly monitors and records all network traffic, and provides the ability to perform Network Forensics. This way if an attack occurs, and the odds are not in your favor, you can not only characterize the breach, but also assess the damage, ensure no further compromise, and comply with corporate and legal requirements for reporting. Additionally, by employing Network Forensics proactively, you can spot dangerous behavior on your network as it happens, swinging the odds of avoiding an attack back in your favor.
In this web seminar, we will cover:
- Current trends in cyber attacks, including APTs (Advanced Persistent Threats)
- Common characteristics of recent cyber attacks
- Limitations of IDS/IPS solutions
- Using Network Forensics to supplement your defenses
What you will learn:
- Why IDS/IPS solutions fall short
- How to implement a Network Forensics solution
- How to use Network Forensics for both proactive and post-incident security analysis
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
The purpose of the session is to ensure security on the rapidly scaled work from Home situations during the COVID-19 outbreak. The objective is to ensure that they can securely and rapidly connect to all of their applications, including SaaS, cloud, and data-center applications.
The session will be delivered by Mohammad Faizan Sheikh, Channel Systems Engineer, India & SAARC for Palo Alto Networks..
Prevent Getting Hacked by Using a Network Vulnerability ScannerGFI Software
How to (Not) Get Hacked - A Webinar by Greg Shields that discusses how activities such as Network Scanning, Vulnerability Scanning and Patch Management can ensure that your Network Security never gets breached.
Learn what cyber security means for your law firm, your employees, and your bottom line. This presentation will provide a snapshot of the IT Security threats facing law firms today, as well as the knowledge and tools you can use to prevent them.
Nuts & Bolts of the Dynamic Attack ChainIBM Security
With significant breaches of personal and corporate data being announced regularly, there is even more value in understanding how the dynamic attack chain really works in addition to what tools your organization can use to disrupt it. From break-in to ex-filtration, you will be taken through a "real-world" scenario to understand how easy it is for attackers to infiltrate your network and steal sensitive data. We will review the technologies you can use to combat these threats and contain the impact of a breach as well as determine what protection strategy you should adopt to avoid being the next headline.
Join this live webinar, presented by Christopher Beier, IBM Security Senior Product Marketing Manager, to:
- Experience a "real world" step-by-step scenario from break-in to ex-filtration
- Learn in detail how the dynamic attack chain works
- Understand which network and endpoint protections your organization should have in place
View the on-demand recording: http://securityintelligence.com/events/nuts-bolts-dynamic-attack-chain/
In this presentation Daniel Michaud-Soucy, Principal Threat Analyst at Dragos, will demonstrate three separate models in order to identify gaps in ICS security posture. First, threat modeling serves as an inward look as an ICS network defender in order to properly understand the environment, the threat actors, the impacts, the risks and the crown jewels pertaining to an industrial process. Second, the ICS cyber kill chain serves as an outward look at the steps an adversary needs to take in order to achieve their objectives. Third, the bowtie model allows a graphical representation of the threats to the environment as well as the protection, detection, and response controls that help secure it. In the end, the asset owner creates a holistic picture of the security controls in their network, pertaining to the threat actors they care about and allows identification of gaps in their strategy.
Visit www.dragos.com to learn more about the Dragos industrial cybersecurity platform for increased visibility of assets, threats and guided responses.
Incident handling of intrusions related to cyber espionage operations is a complex and challenging task. As a national CERT with a unique national early warning detection system, NSM NorCERT has detected and responded to incidents that vary from traditional incident response and abuse handling to counter-intelligence operations. Based on some real-world examples, this talk will be about incident handling of cyber espionage intrusions. What are the most common pitfalls and how can companies be better prepared?
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?IBM Security
Despite the implementation of various security controls, enterprises are being breached on a daily basis. Hackers use a variety of tools and techniques to infiltrate corporate networks and access valuable data. The prevailing method is to infect employee endpoint with advanced malware, steal login credentials and gain a foothold within the corporate network. Identifying effective solutions to prevent and mitigate these threats has never been so challenging.
In this live session Dana Tamir, Director of Enterprise Security Product Marketing at IBM Security Trusteer will:
- Discuss the threats and challenges organizations are facing in today’s rapidly evolving threat landscape
- Examine the business case for endpoint protection and breach prevention
- Provide recommendations for effective endpoint protections
View the on-demand recording: https://attendee.gotowebinar.com/recording/5627325065449913090
Intelligence-based computer network defence: Understanding the cyber kill cha...Huntsman Security
An overview of the cyber-security kill chain concept and the implications for computer security and network defence using real-time anomaly detection, threat intelligence and intelligence response.
Cyber Security - IDS/IPS is not enoughSavvius, Inc
Watch the full OnDemand Webcast: http://bit.ly/CyberSecurityIDSIPS
Network breaches are on the rise. You can find statistics and specific accounts of breaches all over the Web. And those are just the ones companies are willing to talk about.
You have an IDS/IPS in place so you’re protected, right? Not necessarily, since most breaches today are unique, and often employ prolonged, targeted attacks, making them hard to predict and counteract with existing IDS/IPS solutions. Worse, sometimes attacks begin, or are at least facilitated, from within the firewall, whether maliciously or simply due to negligence and inappropriate corporate network usage.
The current environment of profit-driven network attacks requires that you supplement existing IDS/IPS solutions with technology that constantly monitors and records all network traffic, and provides the ability to perform Network Forensics. This way if an attack occurs, and the odds are not in your favor, you can not only characterize the breach, but also assess the damage, ensure no further compromise, and comply with corporate and legal requirements for reporting. Additionally, by employing Network Forensics proactively, you can spot dangerous behavior on your network as it happens, swinging the odds of avoiding an attack back in your favor.
In this web seminar, we will cover:
- Current trends in cyber attacks, including APTs (Advanced Persistent Threats)
- Common characteristics of recent cyber attacks
- Limitations of IDS/IPS solutions
- Using Network Forensics to supplement your defenses
What you will learn:
- Why IDS/IPS solutions fall short
- How to implement a Network Forensics solution
- How to use Network Forensics for both proactive and post-incident security analysis
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
The purpose of the session is to ensure security on the rapidly scaled work from Home situations during the COVID-19 outbreak. The objective is to ensure that they can securely and rapidly connect to all of their applications, including SaaS, cloud, and data-center applications.
The session will be delivered by Mohammad Faizan Sheikh, Channel Systems Engineer, India & SAARC for Palo Alto Networks..
Prevent Getting Hacked by Using a Network Vulnerability ScannerGFI Software
How to (Not) Get Hacked - A Webinar by Greg Shields that discusses how activities such as Network Scanning, Vulnerability Scanning and Patch Management can ensure that your Network Security never gets breached.
Learn more about how organizations prevented downtime with #BigFix in the wake of #wannacry. References and Use Cases along with a review of our BigFix Solution.
https://www.ibm.com/connect/ibm/ca-en/resources/tomjs/
PoS Malware and Other Threats to the Retail IndustryInvincea, Inc.
This presentation covers:
- Why today’s Retail POS systems are at risk
- How using relatively simple techniques, cyber criminals get onto retailer networks and POS machines
- How POS malware works in capturing credit card data
- How antiquated security architectures and technology put retailers and customers at risk
- How good security architecture and advanced threat protection tools can defeat these attacks before data is breached.
- How to recognize outdated vulnerable POS endpoints that might expose you to credit card fraud
WatchGuard - Cryptolocker en het gevecht tegen IT 's grootste vijand - Orbid ...Orbid
Cybercriminelen werken steeds gerichter en focussen zich niet meer alleen op de multinationals van deze wereld. Ook uw onderneming kan het doelwit zijn van dataverlies en -diefstal. IT-security klimt dan ook steeds hoger op de prioriteitenlijst van CEO’s en CIO’s. En terecht. Om bedrijven te informeren over de belangrijkste veiligheidsrisico’s en beschermingsmaatregelen organiseerden Orbid, Proximus, Veeam en WatchGuard een gratis lunch & learn: “Cybercrime en de continuïteit van uw onderneming” op 2 juni in de opnamestudio's van RTV in Westerlo.
Information Security threats can be many like Software attacks, theft of intellectual property, identity theft, theft of equipment or information, sabotage, and information extortion. Threat can be anything that can take advantage of a vulnerability to breach security and negatively alter, erase, harm object or objects of interest.
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
Nothing strikes fear into the heart of an engineer more than the installation of a firewall to achieve the laudable goal of defense-in-depth through network segmentation. Security teams demand the implementation of firewalls telling everyone, “It’s for compliance!” But the addition of firewalls and other security appliances (aka chokepoints) into an infrastructure infuriates network engineers who design to optimize speed and minimize latency. Sysadmins and DBAs are equally frustrated, because of the increased complexity in building and troubleshooting applications. So it’s down the rabbit hole we go trying to achieve the unachievable with everyone waxing rhapsodic for those bygone days when the end-to-end principle ruled the Internet. Is it really possible to have security coexist with operational efficiency? Organizations seem happy to throw money at technology and operations, but when it comes to policies and procedures, they fail miserably. This is the biggest problem with building a layered design. As engineers, if we don’t have clear policies as a set of requirements, how will we determine the appropriate network segmentation and protections to put in place? The answer lies in aligning network segmentation with an organizational data classification matrix and understanding that while compliance and security often overlap, they’re not the same.
Get Smart about Ransomware: Protect Yourself and OrganizationSecurity Innovation
As ransomware threats continue to rise, it's important to understand how to protect yourself and your organization against these cyberattacks and what you should do if you become a victim.
The ever-escalating threats to your business posed by ransomware and all forms of malware cannot be ignored. Cyber-criminals are employing every technology and tactic available to defeat your security systems and then go completely unnoticed as they systematically penetrate and catalog your systems and data to methodically prepare for a coordinated, carefully orchestrated, multipronged attack. The IBM i can be a rich target of valuable data for these bad actors.
Malware attacks are active, not static. Traditional automated scanning, alerting and remediation practices are no longer enough. Instead, the focus needs to be upon securing critical assets and data stores using a multi-layered defensive approach. In practical terms, this means employing every possible security tool and tactic available, in a coordinated, programmatic way.
Join us for this on-demand webinar to better understand:
o The risks of relying on an “identify and remediate” approach to malware
o A different approach to more effectively prevent malware
o How a multi-layered security strategy can protect IBM i from malware threats
WannaCry Ransomware Attack: What to Do NowIBM Security
View on-demand webinar: http://bit.ly/2qoNQ8v
What you need to know and how to protect against the WannaCry Ransomware Attack, the largest coordinated cyberattack of its kind. WannaCry has already crippled critical infrastructure and multiple hospitals and telecommunications organizations, infecting 100s of thousands of endpoints in over 100 countries. In this on-demand webinar, we discuss the anatomy of this unprecedented attack and IBM Researchers share expert insights into what you can do now to protect your organization from this attack and the next one.
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Security
What is Cyber Extortion? How do cybercriminals use ransomware for attacks? What to do if you are a victim of cyber extortion?
Panda Security answers all these questions and gives you some recommendations and advises to prevent Cyberattacks in this Practical Security Guide to Prevent Cyber Extortion.
We, at Panda, have developed the first solution that guarantees continuous monitoring of all the active processes: Adaptive Defense 360
http://promo.pandasecurity.com/adaptive-defense/en/
Recently a ransomware variant titled “WannaCry” has infected thousands of unpatched endpoints worldwide.This quick presentation will provide a synopsis of what this threat might mean for end users and what actions can be taken in response to this new information.
Behind the Curtain: Exposing Advanced ThreatsCisco Canada
Today's advanced threats hide in plain sight, patiently waiting to strike, challenging security teams to track their progress across their network and endpoints. Meanwhile, executive and board-level reporting requirements are increasing as leadership demands in-depth answers that are unavailable from today’s block/allow security tools. With 55% of organizations unable to identify the origin of their last security breach, it’s time to stop relying on tools that define security based on what they see ‘out there’ and instead hunt for threats by tracking files, file relationships, and both endpoint and network behavior ‘in here’—inside your environment. In the first part of this interactive session, learn how Cisco’s Advanced Malware Protection (AMP) solutions use big data analytics to compare a real-time, dynamic history of your environment to the global threat landscape, automatically uncovering and blocking advanced threats before they strike. Then watch workflow examples demonstrating how your security team can use this advanced visibility and control to dramatically improve their efficiency and finally deliver the business 100% confidence answers.
Similar to Cybersecurity Concerns You Should be Thinking About (20)
2021 will be a transformational year for the CIO. One of the main themes has been how to facilitate easier and more efficient access to applications, while increasing security throughout the WAN. In this discussion, we cover the model for “anywhere operations,” best practices, cloud and cybersecurity mesh.
Your LAN can now be delivered as a cloud-orchestrated service. Learn about key benefits, differentiators and business outcomes, while we deep dive into the Network as a Service (NaaS) concept, end-user experience and analytics.
- What is and Why NaaS?
- NaaS Utility Model
- Analytics to Optimize Your Cloud Network
- Live Q&A
Given an outcome, we often exaggerate our ability to predict and therefore avoid the same fate. In cybersecurity, this misconception can lead to a false sense of corporate security, or worse, bury the true causes of incidents and lead to repeated data breaches or business-disrupting cyber incidents.
Your LAN can now be delivered as a cloud-orchestrated service. Learn about key benefits, differentiators and business outcomes, while we deep dive into the Network as a Service (NaaS) concept, end-user experience and analytics.
- What is and Why NaaS?
- NaaS Utility Model
- Analytics to Optimize Your Cloud Network
- Live Q&A
As more IT leaders pick Microsoft Teams as their collaboration application, they are quickly running into challenges implementing a complementary, robust voice solution. Until now, third-party telephony solutions for Teams have been clunky and often complex. Recently, Microsoft opened the ‘Voice’ portion of the Teams app, allowing UCaaS providers to integrate directly with the Teams’ platform. This move by Microsoft completely changes the paradigm and sets a new bar for voice integration with Teams. Learn about Microsoft Teams for voice and how cloud-to-cloud integration changes the landscape.
Many IT leaders have implemented Microsoft (MS) Teams as their collaboration application. It is a natural extension of their Office 365 licenses. In addition, COVID has accelerated user adoption. For the most part, the platform is performing well. However, some IT leaders are looking at pairing options for more robust, best-of-breed voice and video conferencing solutions.
Below Zoom and 8x8 provide an exclusive briefing for The CIO Circle on unified communications and integration with Microsoft Teams. ATC’s CTO, Nick Enger, moderates the discussion.
COVID-19 has put cloud contact center, otherwise known as Contact Center as a Service (CCaaS), in the spotlight. Even before COVID-19, CCaaS was experiencing explosive growth. There are several significant apparent and not-so-apparent shifts that have CCaaS “trending.” In this presentation, we outline those reasons and help you understand why CCaaS may be your next move to the cloud.
In an ever-changing technology landscape, SD-WAN has emerged as a leading technology to drive IT efficiency. Innovation, market convergence, and a noisy product landscape have made the marketplace more complex than it needs to be. Learn why a managed approach makes things easier and is considered a best practice by many.
Despite best efforts and substantial financial investment, costly breaches continue to happen at an alarming rate. The common approach to securing assets by purchasing sophisticated, layered security technologies is not working. These technologies are necessary, but not enough. A best practice model to minimize risk combines technology with continuous monitoring by security experts in a SOC. This session presents a model for effectively monitoring hybrid, multi-cloud environments. It covers the basic architecture of a modern SOC and proposes a pragmatic approach to providing complete visibility into all potential attack surfaces.
‘Being Ubered’ is a growing and widening concern for all businesses. Every vertical sector has its market disruptors, and they are leveraging the power of digital to transform business to the max. Learn how a hybrid cloud strategy can allow companies and CIOs to digitally transform their business and go from cloud zero to cloud hero.
Mateen Fikree, Manager, Solutions Architecture, CenturyLink; Louie Hollmeyer, Moderator, ATC
More from Advanced Technology Consulting (ATC) (20)
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
3. ATC Welcome and Introduction
Voice | Data | Cloud | Security
TPx – Hidden Gem– 250+ Providers
Essentials and Why Managed Security?
Encourage Dialogue and Q&A
Speaker Intro– Claude Hubert
3
Louie Hollmeyer
louie@4atc.com
4. ThreatsHaveIncreasedExponentially
All current statistics show a massive increase in all threat vectors as a result
of COVID-19:
• COVID-19 informational sites infected with malware are popping up
all around the world
• Ransomware attacks on the rise
• Company attacks on the rise
• Home networks now being actively attacked
• Massive phishing campaigns
• Viruses, trojans, keyloggers, and all other malware also on the rise
Bad actors will use anything to steal data for gain! And now some of them
have more time on their hands because of the COVID-19 confinement.
4
5. Headlines
Here are the headlines from Artic Wolf’s COVID-19 Weekly Threat Roundup
for April 24
Remote Work Attacks Continue
• Phishing Campaign Impersonates Skype
• Phishing Campaign Imitates HR Department Remote Work Announcement
• Zoom User Enumeration Threat Discovered & Remediated
• Zoombombing Hits US Congress Meeting
COVID Related Attacks by State Actors
• Google’s Threat Analysis Group (TAG) Identifies COVID-Themed Attacks By State
Actors
• Suspected Vietnamese threat actors APT32 target Chinese government
Institutions, NGOs Breached
• Emails and credentials for WHO, NIH, Gates Foundation dumped online
• Attackers Use Pulse Secure VPN Vulnerability to Attack Hospitals, Government
Entities
• FBI Alerts of Phishing Attacks Against Hospitals and Healthcare Providers
Small Business Administration (SBA) Leaks and Attacks
• SBA Spoofed to Distribute Remote Access Trojan
5
6. GoldenCybersecurityRule
DON’T CLICK ON THINGS!!!
Received an email with a link? DON’T CLICK ON IT!
Received a pop-up while browsing inviting you to click on something?
DON’T CLICK ON IT!
Malware usually requires you to take some action to do its dirty work
and often all it takes is 1 click! Make sure links are clean before you
click, and if you don’t know, then just DON’T CLICK ON IT!
If possible, get confirmation before clicking, and remember hackers can
take control and respond as someone else, so getting confirmation by
phone is better (and safer) than by email.
6
7. Ex-HackerHacked–Part1
Shortly after the start of the COVID-19 confinement, my home network
crashed randomly. This went on for nearly 3 weeks and happened a few
times every day.
Could not find the cause until I was looking at devices connected to my
network and a computer popped-up that wasn’t mine. A few moments later
my network crashed. Caught it again a little later.
It caused my Ring security system to fail over to 4G, my Philips Hue smart
lights to only work with wall switches, and my Amazon Echos to go offline…
Nothing serious, but annoying.
7
8. Ex-HackerHacked–Part2
Time to replace my router with a firewall with the following features, which I
now deem a necessity:
• Intrusion detection/protection system (IDS/IPS)
• SSL Deep Packet Inspection (DPI)
• Device discovery with ability to require admin confirmation
After looking at some options, I ordered a Bitdefender Box 2, which I
installed and configured as soon as it arrived - No more intrusions and no
more network crashes. Problem solved.
8
9. WhatisaFirewall?
There are 2 types of firewalls:
• A network security device, sometimes referred to as a network or
security appliance.
• A software firewall which runs on a computer.
In both cases, the firewall monitors incoming and outgoing network traffic
and decides whether to allow or block specific traffic based on a defined set
of security rules.
9
10. FirewallSecurityAppliance
Firewalls are a critical network security component as they are the 1st line of
defense against network intrusions. Today’s next generation firewalls are far
more capable than traditional firewalls as they add Unified Threat
Management (UTM) features, such as:
• Anti-virus
• Application control
• Content filtering
• Data Loss Prevention (DLP)
• Intrusion Detection System (IDS)
• Intrusion Protection System (IPS)
• SSL Deep Packet Inspection (DPI)
• Two factor authentication
Note: IDS/IPS are sometimes combined into a single feature.
10
11. DistributedorCentralized?
Firewall security appliances can be distributed at every location or
centralized at a given location or in the cloud. Generally:
• Distributed firewalls provide protection at each location, even when
other locations are compromised, but cost is usually higher, and
takes more work to manage and maintain.
• Centralized firewalls are easier to manage and maintain, and cost is
usually lower overall, but if communications to the centralized
firewall fail, locations may lose access to the WAN or the Internet
unless an alternative local solution is implemented.
11
12. WhattoLookFor?
More and more malware is being delivered with SSL encryption, making SSL
Deep Packet Inspection an absolute necessity.
Look for next generation firewalls with critical UTM features:
• Anti-virus
• Content filtering
• Data Loss Prevention (DLP)
• Intrusion Detection System (IDS)
• Intrusion Protection System (IPS)
• SSL Deep Packet Inspection (SSL DPI)
The more UTM features a firewall has, the more it costs, but it’s still several
orders of magnitude lower than the cost of a breach. Think of it as insurance.
12
13. FirewallSoftware
Windows, MacOS, and some versions of Linux have built-in software firewalls
that are usually enabled by default, although some companies disable them.
In today’s high-performance computers, a software firewall will use a small
percentage of a computer’s processing power, so we recommend software
firewalls be enabled for all network types on all computers.
Remember, if firewall security appliances are compromised, having firewall
software running on computers will provide some protection.
13
14. WhatisanEndpoint?
An endpoint is any Internet-capable device on a network, including:
• Computers (servers, workstations, and laptops)
• Security appliances and Routers
• Network switches
• Printers, plotters, and Scanners
• VOIP phones
• Smartphones
• Tablets
• Etc.
14
15. KeepingEndpointsUptodate
Hardware and software providers normally issue updates and security
patches on a regular basis to fix bugs and potential vulnerabilities.
It is critical that endpoints be kept up to date, including:
• BIOS
• Firmware
• Operating system
• Anti-malware
• Software
15
16. Anti-Malware
Computers are targeted by many threats (ransomware, viruses, trojans,
worms, key loggers, etc.), making anti-malware software a necessity:
• Traditional anti-malware looks for “signatures” in files to identify
viruses and malware.
• Next generation anti-malware still does that, but it also looks at
what programs are doing, in other words, a program’s behavior.
As new threats emerge, anti-malware programs need to be updated to deal
with the new threats.
And remember: no one can guarantee 100% protection.
16
17. Ransomware 17
Ransomware usually lays dormant for some time to allow it to spread and so
it gets on backups. That way, if someone restores their systems from an
infected backup, they bring the ransomware back with it.
To safely recover from a ransomware attack, care must be taken to scan
backups for ransomware and only restore files that are not infected.
Every company, no matter their size, needs to consider Backup and Disaster
Recovery (BDR) a critical component of their cybersecurity measures.
Lastly, paying a ransom motivates hackers to do it again, flags company for
possible future attacks, and there is no guarantee a decryption key will be
provided. Of course, if there is no other way to recover data, companies may
not have a choice.
18. BackupsandDisasterRecovery
Companies need more than just backups; they need a complete Backup and
Disaster Recovery (BDR) solution so they can recover their systems quickly.
A good BDR solution should include malware detection and offsite
replication, either to another location or to the cloud.
Keep in mind:
• 43% of SMBs go out of business after experiencing a major data loss
(Gartner)
• Ransomware costs US Small Business $75B in downtime (Datto)
• Unplanned downtime can cost an SMB $8,600 per hour (Aberdeen)
18
19. WindowsSecurityFeatures
Microsoft Windows has security features built-in that many are not aware of:
• Firewall – Microsoft’s built-in firewall does what a basic firewall
should do.
• Windows Defender – Microsoft’s anti-malware application, which
gets decent results in recent tests. If you install another program,
you can still enable Windows Defender to run on occasion.
• Controlled folders access – A simple yet effective solution against
ransomware. You define a list of folders to protect and which
programs can access them. Any program not given access will not
be able to update those folders.
19
20. Remember
• No solution is 100% safe.
• Security is a multi-layer effort – There is no single solution.
• Security is a moving target – Security measures must be kept up to date.
• Security measures are only expensive before an incident.
• Once an incident has occurred, it’s too late.
• Whenever possible, technology should be used to mitigate risks.
• The golden rule: DON’T CLICK ON THINGS!!!
20
21. Videos
The evail twin – Part 1:
https://www.tpx.com/wp-content/uploads/2018/09/The-Evil-Twin_-
Getting-Hacked-Is-Easier-Than-You-Think-Part-1.mp4
The evil twin – Part 2:
https://www.tpx.com/wp-content/uploads/2018/09/The-Evil-Twin_-
Getting-Hacked-Is-Easier-Than-You-Think-Part-2.mp4
21
23. MSxManagedFirewalls
Firewalls are a strong line of defense against multiple threats and are often the central piece of the security fabric. Depending on
the service level and options chosen, our firewall solution can include:
• Content filtering
• Standard routing policies
• Anti-Virus
• Anti-Spam
• Application control
• Intrusion detection (IDS) / Intrusion protection (IPS)
• SSL packet inspection
• SSL certificates
• Threat detection and alerting (automated log monitoring)
• Active directory integration
• Remote VPN users
• Site to site VPNs
• Reporting
• High availability
• Two factor authentication (hard and/or soft tokens)
23
24. MSxManagedEndpoints
Keeping endpoints and their protection software up to date is a critical part of the security fabric. Depending on service level
and options chosen, our endpoint management solution can offer:
• Workstation and server management
• Automated patch management
• Monitoring and alerting
• Asset management
• Secure remote access agent
• Endpoint protection software (anti-virus and anti-malware)
• Automated reporting
• RMM administration
• 3rd party application assistance and troubleshooting
• Virus and malware deep scan assistance
24
25. MSxManagedBackups
Backups and disaster recovery are an important part of the security fabric. Depending on service level and options chosen, our
backup solution can offer:
• Onsite and cloud backups
• Unified backup and disaster recovery solution
• Off-site retention of backups to cloud environment
• AES/SSL encryption during both transmission and cloud storage
• Optional AES encryption of local backups (on some models)
• Backup screenshot verification
• Ransomware detection
• Fast failback bare metal restores
• Disaster recovery virtualization
• Bandwidth optimization
• End-to-end encryption
• Device and cloud audit reports
25