Building a Threat Hunting Practice in the CloudProtectWise
Building a Threat Hunting Practice Using the Cloud
James Condon, Director of Threat Research and Analysis ProtectWise and Tom Hegel, Senior Threat Researcher ProtectWise
Topics:
Threat Hunting 101
Requirements for Effective Threat Hunting
How the Cloud Can Help
Threat Hunting Best Practices
Questions
Next Steps
See Clearly and Respond Quickly from the Network to the EndpointProtectWise
ProtectWise and Demisto enable security analysts to move quickly from detection to response and resolution. ProtectWise leverages advanced analysis techniques and unlimited retention of full-fidelity network traffic to provide highly reliable detection of known and unknown threats in real-time and retrospectively. Demisto provides automation playbooks that convert these detections into action for the point products in your security infrastructure.
Global CISO Forum 2017: How To Measure Anything In Cybersecurity RiskEC-Council
Richard is a security executive with ~20 years experience ranging from start-ups to global organizations. He is currently the CISO/VP of Trust for Twilio and most recently the VP/GM Cybersecurity and Privacy for GE Healthcare. His background is in Information Security, Digital Risk Management and Product Development with an analytics bent. His current focus is developing quantitatively informed strategies, building agile teams that scale and making digital risk measurable. Likewise, he recently co-authored a decision analysis book called “How To Measure Anything In Cybersecurity Risk” (Wiley 2016) This book targets those looking to improve risk management strategies using predictive analytics.
Caveon Webinar Series - The Art of Test Security - Know Thy Enemy - November ...Caveon Test Security
As Sun Tsu famously said... "If you know your enemy as you know yourself, you need not fear 100 battles." On the battlefield of security -- whether home security, airport security, or test security - the first step to success is knowing the threats.
Are you worried about tests being stolen and shared online? Or test takers cheating by being coached by an expert? If so, the steps to successfully protecting your test and triumphing over these fears include:
• conducting a risk assessment
• determining (and ranking) which threats pose the greatest risk
• strategizing how to render those threats impotent
• determining the right combination of prevention, detection and deterrence tactics for your program
This webinar will teach you to conquer the steps in this test security process. Join Caveon CEO David Foster to learn how to analyze and rank the threats that are specific to your program. You will also discover the three solutions necessary to counter any and all of these threats.
React Faster and Better: New Approaches for Advanced Incident ResponseSilvioPappalardo
It’s impossible to prevent everything (we see examples of this in the press every week), so you must be prepared to respond. The sad fact is that you will be breached. Maybe not today or tomorrow, but it will happen. So response is more important than any specific control. But it’s horrifying how unsophisticated most organizations are about response.
This is compounded by the reality of an evolving attack space, which means even if you do incident response well today, it won’t be good enough for tomorrow.
Building a Threat Hunting Practice in the CloudProtectWise
Building a Threat Hunting Practice Using the Cloud
James Condon, Director of Threat Research and Analysis ProtectWise and Tom Hegel, Senior Threat Researcher ProtectWise
Topics:
Threat Hunting 101
Requirements for Effective Threat Hunting
How the Cloud Can Help
Threat Hunting Best Practices
Questions
Next Steps
See Clearly and Respond Quickly from the Network to the EndpointProtectWise
ProtectWise and Demisto enable security analysts to move quickly from detection to response and resolution. ProtectWise leverages advanced analysis techniques and unlimited retention of full-fidelity network traffic to provide highly reliable detection of known and unknown threats in real-time and retrospectively. Demisto provides automation playbooks that convert these detections into action for the point products in your security infrastructure.
Global CISO Forum 2017: How To Measure Anything In Cybersecurity RiskEC-Council
Richard is a security executive with ~20 years experience ranging from start-ups to global organizations. He is currently the CISO/VP of Trust for Twilio and most recently the VP/GM Cybersecurity and Privacy for GE Healthcare. His background is in Information Security, Digital Risk Management and Product Development with an analytics bent. His current focus is developing quantitatively informed strategies, building agile teams that scale and making digital risk measurable. Likewise, he recently co-authored a decision analysis book called “How To Measure Anything In Cybersecurity Risk” (Wiley 2016) This book targets those looking to improve risk management strategies using predictive analytics.
Caveon Webinar Series - The Art of Test Security - Know Thy Enemy - November ...Caveon Test Security
As Sun Tsu famously said... "If you know your enemy as you know yourself, you need not fear 100 battles." On the battlefield of security -- whether home security, airport security, or test security - the first step to success is knowing the threats.
Are you worried about tests being stolen and shared online? Or test takers cheating by being coached by an expert? If so, the steps to successfully protecting your test and triumphing over these fears include:
• conducting a risk assessment
• determining (and ranking) which threats pose the greatest risk
• strategizing how to render those threats impotent
• determining the right combination of prevention, detection and deterrence tactics for your program
This webinar will teach you to conquer the steps in this test security process. Join Caveon CEO David Foster to learn how to analyze and rank the threats that are specific to your program. You will also discover the three solutions necessary to counter any and all of these threats.
React Faster and Better: New Approaches for Advanced Incident ResponseSilvioPappalardo
It’s impossible to prevent everything (we see examples of this in the press every week), so you must be prepared to respond. The sad fact is that you will be breached. Maybe not today or tomorrow, but it will happen. So response is more important than any specific control. But it’s horrifying how unsophisticated most organizations are about response.
This is compounded by the reality of an evolving attack space, which means even if you do incident response well today, it won’t be good enough for tomorrow.
Cloud security expert Tricia Pattee discusses where to get the most bang for your security buck. Topics covered include:
-The five most common security mistakes
-Top six areas of security spend
-How to maximize budget – and minimize risk
-Hidden cloud security costs
Machine learning is a powerful tool with many well-suited applications for malware detection, classification, and risk quantification. Despite its reputation as a "black box" component to an enterprise security solution, designing a robust machine learning model for malware detection is an involved process: its success hinges on understanding the problem you're trying to solve, the underlying data you utilize, and most importantly, its limitations.
In this Malware Most Wanted session, we analyze working models discuss the strengths, pitfalls, and high-level trade-offs of using machine learning for successful malware detection.
Your agents are fatigued and overwhelmed from fighting rogue attacks, and tailing covert ghost alerts. Meanwhile, the backdoor to your organization has been blown wide-open and cyber attackers are stealing the crown jewels. You need help.
From this mission:
• Uncover how to mitigate ghost alerts and empower your agents to focus on more important security priorities
• Leverage your current security investments-- instead of replacing them
• Learn how automation reduces the need for manual investigation and response
Collaborated cyber defense in pandemic times Denise Bailey
Key Discussion Points -
- How cyber security teams should collaborate in pandemics
- Your remote employees are now your 3rd parties.
- Quickly achieve security by asking a CISO you know
- How to ask a peer without revealing internal information
- What information is useful to share
About Speakers : Akshat Jain | CoFounder at Cyware Labs & Avkash Kathiriya | VP - Security Research and Innovation at Cyware Labs
Akshat Jain – CoFounder at Cyware Labs
A thought leader and a creative thinker, Akshat has immense expertise in bringing innovative technology solutions for tackling societal and enterprise problems. Akshat holds a Management degree from the most prestigious business school in India, IIM Lucknow, and a Master’s degree in Computer Science from the Central University of Hyderabad.
Before founding Cyware, Akshat served as the Director of Programs at Oracle and was key to facilitating cloud ventures for Oracle Enterprise Manager. His earlier role at Adobe Systems also shaped the company’s core products to grow to a substantial scale and helped secure several patents in core technology domains.
Avkash Kathiriya - VP - Security Research and Innovation at Cyware Labs
Information Security professional with overall 10+ years of experience in the defensive side of the Information Security domain. Currently working on security research in the domain of automated Incident Response using orchestration and Threat Intelligence framework for practical implementation. Also, associated with the Mumbai chapter of the Null community (Open security community).
[Webinar] The Art & Value of Bug Bounty Programsbugcrowd
Her TED talk on the power of bug bounties has over a million views, on May 20, 2015, cybersecurity expert Keren Elazari joined Bugcrowd for an exclusive webinar. We did some bug bounty myth busting and trend spotting and had a great turnout. Keren's slides are here.
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadOpenDNS
Practice makes perfect. And unfortunately for security professionals, attackers have realized that persistence is a powerful approach to breaching an organization's defenses.
Focusing on prevention alone is no longer a sufficient strategy for securing your organization against the business risks of a breach. Our current security environment demands an approach less centered on ideal prevention and more focused on reality. During this webcast, we discussed key strategies that limit your risk and exposure to unrelenting threats.
Some highlighted topics include:
- How the shift in attacker motivations has impacted today's threat landscape
- Why preventative techniques alone can no longer ensure a secure environment
- Which strategies need to be considered for a holistic approach to security
- What next steps you can take towards identifying your best strategy against attacks
Drawing from CrowdStrike's work, Cayce Beames will present evolving cybersecurity threats, discussed her thoughts on why traditional security is failing and shared a bit on what this "next generation endpoint protection" is about.
Cayce has been working in technology for over 25 years. From IT Systems Administration to Network Engineering and Internet Security, Risk Management and Compliance Auditing, Cayce has consulted with many Global corporations and traveled extensively. Cayce is currently a governance, risk and compliance analyst at CrowdStrike and founder of the not for profit, public benefit, education for kids organization called "The Computer Club" where she works to inspire kids and adults to address their fear of the unknown and make something awesome with technology.
Best Practice Next-Generation Vulnerability Management to Identify Threats, ...Skybox Security
Speaker: Gidi Chen, CEO & Founder Skybox Security
Infosec Europe 2013
In order to effectively reduce the risks of cyber-attacks, comply with continuous monitoring requirements, and provide visibility to executives, organizations need to manage their vulnerabilities and associated risks on an on-going basis. This is required in order to match or exceed the daily rate of attacks. Why bother to assess your risks every 90 days, if you are attacked daily, given your frequently changed infrastructure? The session will tackle next-generation vulnerability management strategies and best practices to: ensure that vulnerability data is current and accurate; prioritize based on risk to the business; develop a remediation strategy that works and make vulnerability management an essential part of daily change management processes.
• Understand how to link vulnerability discovery, risk-based prioritization, and remediation activities to effectively mitigate risks
• Have real-world examples of organizations that implemented vulnerability management best practices to effectively and measurably reduce risk
• Be armed with pragmatic steps to implement next-generation vulnerability management to eliminate risks and prevent cyber attacks
Penetration testing is a security standard, but that doesn't mean it's the most effective means of assessment.
We'll discuss why crowdsourcing your security results in increased coverage and more complex security vulnerabilites while meeting your compliance requirements. We'll also introduce Flex, our crowdsourced pen test that provides increased results.
Agentless Patch Management for the Data CenterIvanti
Many organizations automate patch management in their end user environments, but often times the Data Center tends to be more manual. What if you could manage your Windows Servers in a better way? Agentlessly discovery, assess and remediation security vulnerabilities. Control your maintenance windows by choosing when to assess, stage updates, execute, and reboot systems. Manage physical and virtual servers, on premises or in the cloud. Contain virtual sprawl in your VMware environments with the ability to scan and automate patching for offline VMs and templates. Integrate into any orchestrator or automation solution using our REST or Powershell APIs to full script and automate patching of complex workloads. Did we mention this can all be done Agentlessly? Join our webinar to learn how.
Cloud security expert Tricia Pattee discusses where to get the most bang for your security buck. Topics covered include:
-The five most common security mistakes
-Top six areas of security spend
-How to maximize budget – and minimize risk
-Hidden cloud security costs
Machine learning is a powerful tool with many well-suited applications for malware detection, classification, and risk quantification. Despite its reputation as a "black box" component to an enterprise security solution, designing a robust machine learning model for malware detection is an involved process: its success hinges on understanding the problem you're trying to solve, the underlying data you utilize, and most importantly, its limitations.
In this Malware Most Wanted session, we analyze working models discuss the strengths, pitfalls, and high-level trade-offs of using machine learning for successful malware detection.
Your agents are fatigued and overwhelmed from fighting rogue attacks, and tailing covert ghost alerts. Meanwhile, the backdoor to your organization has been blown wide-open and cyber attackers are stealing the crown jewels. You need help.
From this mission:
• Uncover how to mitigate ghost alerts and empower your agents to focus on more important security priorities
• Leverage your current security investments-- instead of replacing them
• Learn how automation reduces the need for manual investigation and response
Collaborated cyber defense in pandemic times Denise Bailey
Key Discussion Points -
- How cyber security teams should collaborate in pandemics
- Your remote employees are now your 3rd parties.
- Quickly achieve security by asking a CISO you know
- How to ask a peer without revealing internal information
- What information is useful to share
About Speakers : Akshat Jain | CoFounder at Cyware Labs & Avkash Kathiriya | VP - Security Research and Innovation at Cyware Labs
Akshat Jain – CoFounder at Cyware Labs
A thought leader and a creative thinker, Akshat has immense expertise in bringing innovative technology solutions for tackling societal and enterprise problems. Akshat holds a Management degree from the most prestigious business school in India, IIM Lucknow, and a Master’s degree in Computer Science from the Central University of Hyderabad.
Before founding Cyware, Akshat served as the Director of Programs at Oracle and was key to facilitating cloud ventures for Oracle Enterprise Manager. His earlier role at Adobe Systems also shaped the company’s core products to grow to a substantial scale and helped secure several patents in core technology domains.
Avkash Kathiriya - VP - Security Research and Innovation at Cyware Labs
Information Security professional with overall 10+ years of experience in the defensive side of the Information Security domain. Currently working on security research in the domain of automated Incident Response using orchestration and Threat Intelligence framework for practical implementation. Also, associated with the Mumbai chapter of the Null community (Open security community).
[Webinar] The Art & Value of Bug Bounty Programsbugcrowd
Her TED talk on the power of bug bounties has over a million views, on May 20, 2015, cybersecurity expert Keren Elazari joined Bugcrowd for an exclusive webinar. We did some bug bounty myth busting and trend spotting and had a great turnout. Keren's slides are here.
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadOpenDNS
Practice makes perfect. And unfortunately for security professionals, attackers have realized that persistence is a powerful approach to breaching an organization's defenses.
Focusing on prevention alone is no longer a sufficient strategy for securing your organization against the business risks of a breach. Our current security environment demands an approach less centered on ideal prevention and more focused on reality. During this webcast, we discussed key strategies that limit your risk and exposure to unrelenting threats.
Some highlighted topics include:
- How the shift in attacker motivations has impacted today's threat landscape
- Why preventative techniques alone can no longer ensure a secure environment
- Which strategies need to be considered for a holistic approach to security
- What next steps you can take towards identifying your best strategy against attacks
Drawing from CrowdStrike's work, Cayce Beames will present evolving cybersecurity threats, discussed her thoughts on why traditional security is failing and shared a bit on what this "next generation endpoint protection" is about.
Cayce has been working in technology for over 25 years. From IT Systems Administration to Network Engineering and Internet Security, Risk Management and Compliance Auditing, Cayce has consulted with many Global corporations and traveled extensively. Cayce is currently a governance, risk and compliance analyst at CrowdStrike and founder of the not for profit, public benefit, education for kids organization called "The Computer Club" where she works to inspire kids and adults to address their fear of the unknown and make something awesome with technology.
Best Practice Next-Generation Vulnerability Management to Identify Threats, ...Skybox Security
Speaker: Gidi Chen, CEO & Founder Skybox Security
Infosec Europe 2013
In order to effectively reduce the risks of cyber-attacks, comply with continuous monitoring requirements, and provide visibility to executives, organizations need to manage their vulnerabilities and associated risks on an on-going basis. This is required in order to match or exceed the daily rate of attacks. Why bother to assess your risks every 90 days, if you are attacked daily, given your frequently changed infrastructure? The session will tackle next-generation vulnerability management strategies and best practices to: ensure that vulnerability data is current and accurate; prioritize based on risk to the business; develop a remediation strategy that works and make vulnerability management an essential part of daily change management processes.
• Understand how to link vulnerability discovery, risk-based prioritization, and remediation activities to effectively mitigate risks
• Have real-world examples of organizations that implemented vulnerability management best practices to effectively and measurably reduce risk
• Be armed with pragmatic steps to implement next-generation vulnerability management to eliminate risks and prevent cyber attacks
Penetration testing is a security standard, but that doesn't mean it's the most effective means of assessment.
We'll discuss why crowdsourcing your security results in increased coverage and more complex security vulnerabilites while meeting your compliance requirements. We'll also introduce Flex, our crowdsourced pen test that provides increased results.
Agentless Patch Management for the Data CenterIvanti
Many organizations automate patch management in their end user environments, but often times the Data Center tends to be more manual. What if you could manage your Windows Servers in a better way? Agentlessly discovery, assess and remediation security vulnerabilities. Control your maintenance windows by choosing when to assess, stage updates, execute, and reboot systems. Manage physical and virtual servers, on premises or in the cloud. Contain virtual sprawl in your VMware environments with the ability to scan and automate patching for offline VMs and templates. Integrate into any orchestrator or automation solution using our REST or Powershell APIs to full script and automate patching of complex workloads. Did we mention this can all be done Agentlessly? Join our webinar to learn how.
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...Cam Fulton
Learn how to evaluate risk, what the differences are between vulnerability assessments and penetration tests, and when to implement both.
Presented by AWA International, a division of I.S. Partners, LLC https://www.ispartnersllc.com/awa-international-group/
Some organizations have the resources and skills to secure their IT infrastructure against security threats; however, many organizations cannot do so. Organizations have a state-of-the-art security software solution or pay thousands of dollars for security tools. Even after that, no organization is entirely secure. Certified Threat Intelligence Analyst (C|TIA) allows cybersecurity professionals to enhance their skills in building sufficient organizational cyber threat intelligence. It is a specialist-level program. CTIA is an examination that tests the individuals’ skills and prepares them to make useful threat intelligence in the organization.
Read more: https://www.infosectrain.com/blog/ctia-course-outline/
ISO/IEC 27032 vs. ISO 31000 – How do they help towards Cybersecurity Risk Man...PECB
Organizations need to implement a risk management strategy in order to mitigate, and whenever possible, eliminate cyber risks and threats.
ISO/IEC 27032 and ISO 31000 combined help you to manage cyber risks.
Amongst others, the webinar covers:
• ISO/IEC 27032 vs. ISO 31000
• IRTVH Assessment Framework
Presenters:
Sherifat Akinwonmi
Sherifat is a Cyber Security professional with over 12 years of experience across diverse industries including Agriculture, Oil & Energy Services, Pharmaceuticals, Financial and IT services.
She is part of the top 20 Canadian Women in Cybersecurity – ITWC. She is also a Business Information Security Officer (BISO) with one of the top banks in Northern America.
Sherifat is member of several boards including the Advisory Board for Canadian Women in Cybersecurity, Girls & Women Technological Empowerment Organization (GWTEO).
She has a great passion and interest in enabling women in their professional careers. She volunteers her time mentoring young people to launch their careers in Technology and supports the less privileged.
Geary Sikich
Geary Sikich is a Senior Crisis Management Consultant at Health Care Service Corporation (HCSC). Prior to joining HCSC, Geary was a Principal with Logical Management Systems, Corp., a management consulting, and executive education firm with a focus on enterprise risk management, contingency planning, executive education and issues analysis. Geary developed LMSCARVERtm the “Active Analysis” framework, which directly links key value drivers to operating processes and activities. LMSCARVERtm provides a framework that enables a progressive approach to business planning, scenario planning, performance assessment and goal setting.
Prior to founding Logical Management Systems, Corp. in 1985 Geary held a number of senior operational management positions in a variety of industry sectors. Geary served in the U.S. Army; responsible for the initial concept design and testing of the U.S. Army's National Training Center and other related activities. Geary holds a M.Ed. in Counseling and Guidance from the University of Texas at El Paso and a B.S. in Criminology from Indiana State University.
Geary has developed and taught courses for Norwich University, University of Nevada Reno, George Washington University and University of California Berkley. He is active in Executive Education, where he has developed and delivered courses in enterprise risk management, contingency planning, performance management and analytics. Geary is a frequent speaker on business continuity issues business performance management.
Date: October 12, 2022
More often than not, company executives ask the wrong questions about software security. This session will discuss techniques for changing the conversation about software security in order to encourage executives to ask the right questions – and provide answers that show progress towards meaningful objectives. Caroline will discuss a progression of software security capabilities and the metrics that correspond to different levels of maturity. She’ll discuss an approach for developing key metrics for your unique software security program and walk through a detailed example.
Are you new to Black Duck or open source security? Do you need a refresher? Understanding the fundamentals of open source security is critical to keeping your data and organization safe. During this session, we'll share best practices from the world's leading experts to help you establish a foundation for success.
Intro to a Data-Driven Computer Security DefenseRoger Grimes
Introduces a Data-Driven Computer Security Defense, a computer security defense strategy introduced by the author. Slide deck complements the book and whitepaper and can be used by anyone.
With more than 50,000 new malware created every day organisations can no longer afford to risk the financial and reputational impacts of a security or data breach, which can be too much for a business to recover from. Because of this, IT managers face increasing scrutiny and pressure from CEOs, managing directors and boards to prove that they are keeping the organisation secure.
The changing threat landscape means organisations need to be vigilant and smarter about security. While businesses still face threats from infected devices and malware, attackers have also moved beyond that. For example, there is an increasing number of targeted email attacks with cyber criminals spending time to monitor communications so they can imitate emails that are so sophisticated that even relatively savvy users will open them.
This webinar will explore the building blocks required to ensure you have the roadmap required to best protection against cyber attacks. We will provide you with a high level view of the following topics:
· Audit and discovery – What are your weaknesses and are you compliant?
· Education – Do your employees know when not to open that attachment?
· Policy – Do you have the right policies for your industry?
· Technology – Where to start and what has changed?
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
https://www.brighttalk.com/webcast/14723/234829?utm_source=Compliance+Engineering&utm_medium=brighttalk&utm_campaign=234829 :
With cyber attacks on the rise, securing your data is more imperative than ever. In future, organizations will face severe penalties if their data isn’t robustly secured. This will have a far reaching impact for how businesses deal with security in terms of managing their cyber risk.
Join this presentation to learn the cyber security controls prescribed by regulation, how this impacts compliance, and how cyber risk management helps CISOs understand the degree these controls are in place and where to prioritize their cyber dollars and ensure they are not at risk for fines.
Viewers will learn:
- The latest cybercrime trends and targets
- Trends in board involvement in cybersecurity
- How to effectively manage the full range of enterprise risks
- How to protect against ransomware
- Visibility into third party risk
- Data security metrics
Similar to Risk Management Metrics That Matter (20)
A few years ago Alex Hutton coined the term Security Mendoza Line. It was in reference to Mario Mendoza the baseball player often used as a baseline for how well a player must hit in order to stay in the major leagues and not be demoted. Keeping up with the attacks automated within Metasploit can often serve as that baseline within information security.
More recently, Josh Corman defined HD Moore's Law as "Casual Attacker power grows at the rate of Metasploit". In other words, that baseline is moving and we are not keeping up. In a hyped industry where much of the talk remains around Advanced Persistent Threats it's the baseline that we continue to miss as proven out in reports like Verizon's Data Breach Investigation Report. Looking at the most common breaches they are most likely to be targets of opportunity where the defenders have let the basics slip through the cracks.
In this talk, we will cover why paying attention to HD Moore's Law is important and how to stay on top of this changing threat measurement. We'll offer real world examples on how an organization can identify where they stand against the Security Mendoza Line and how they can alert and defend against falling below the baseline. Content will cover not only identified threats through Metasploit modules but through the myriad of exploit sources available across the internet.
For years businesses have been mining and culling data warehouses to measure every layer of their business right down to the clickstream information of their web sites. These business intelligence tools have helped organizations identify points of poor product performance, highlighting areas of current and potential future demand, key performance indicators, etc. In the information security field we still tend to look at our information in silos. Dedicated engineers solely focused on web application security, network security, compliance and so on, all while bemoaning a lack of support and information.
What if Information Security teams operated with the same insight as the product, marketing and business intelligence groups within their organization? Imagine if you had a data warehouse covering all of your applications, infrastructure, logs, vulnerability assessments, incidents, financial information, and meta data. What could you do with this readily available information?
By gathering and using both internal and public data, information security teams can utilize decision support systems allowing them to prioritize remediation efforts and react faster to issues. When looking through disparate data sources with a security lens, a security team can mine information that may expose threats through multiple vectors or paths.
In this talk, Ed will cover some of the many sources of security data publicly available and how to apply them to add context to your security data and tools to help make more intelligent decisions. Ed also points out a number of ways to repurpose information and tools your company is already using in order to glean a clearer view into your information security program and the threats that may effect it.
That's So Meta: Gleaning Business Context In The Vulnerability Warehouse
Ed Bellis, HoneyApps
For years businesses have been mining and culling data warehouses to measure every layer
of their business right down to the clickstream information of their web sites. These
business intelligence tools have helped organizations identify points of poor product
performance, highlighting areas of current and potential future demand, key performance
indicators, etc. Imagine if you had a data warehouse covering all of your applications,
infrastructure, logs, vulnerability assessments, incidents, financial information, and
metadata. What could you do with this readily available information? In this talk, Ed will
cover some of the many sources of security data publicly available and how to apply them
to add context to your security data and tools to help make more intelligent decisions. Ed
also points out a number of ways to repurpose information and tools your company is
already using in order to glean a clearer view into your security program and the threats
that may affect it.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
2. Ed Bellis
• Co-founder and CTO at Kenna Security, an
automated risk & vulnerability intelligence platform
• Orbitz CISO for 6 years
• 20+ years Info Security experience including
Bank of America, CSC, E&Y
• Contributing Author Beautiful Security
• Frequent speaker at events such as…
About Me
3. Warning
This presentation contains large amounts of data used
for the purpose of proving an information security
theory. No marketers were harmed during the making of
this presentation.
11. The Language Barrier
*source: Cyber Balance Sheet -
The Cyentia Institute
What the CISO perceives
as important versus what
the BoD believes is
important often don’t
match and often neither
are actually given.
14. But First… Some Definitions
Threat: A negative scenario you want to avoid.
Threat Actor: the agent that makes the threat happen.
Vulnerabilities: a weakness that can be exploited.
Risk: a negative scenario you want to avoid combined
with its probability & impact.
19. Selecting the Right Metrics for Risk Management
Risks > Counts
Results > Work
Quantitative Where Possible
20. Know Your Assets
Some Useful Metrics
1.External Asset Coverage
2.Internal Asset Coverage
3.Time to Discover
21. Know Your Business
Some useful metrics here include:
1. System Susceptibility
1. Value to Attackers
2. Vulnerabilities
2. Time to Compromise: How long would it take to compromise any of the key controls for
these assets and applications?
3. Threat Accessibility
1. Access Points and Attack Surface
4. Threat Actor Capability
1. Tools
2. Resources c.
3. Techniques
Does Your Threat Model
Include Alexa Ratings?
22. Know Your Risk
Some Useful Metrics
1.Risk by Asset
2.Risk by Business Unit
3.Trending Risk over Time
4.Mean Time to Risk Reduction
*use targets/goals and mature to SLAs
23. Know Your Resources
Some Useful Metrics
1.Budget Spent on Security Remediation
2.Risk Carried Above Tolerance Level
3.Hours spent per Security Solution
24. Know Your Direction
Some Useful Metrics
1.Risk Reduction by Group Over Time
2.Risk Goal/SLA by Group
3.Cumulative Risk Accepted Over Time
25. Some Not So Useful Metrics
1. Measuring Work AKA “atta boy metrics”
Number of Vulnerabilities Closed
Number of Patches Deployed
Number of Incidents Responded to
26. Some Not So Useful Metrics
2. Measuring Counts “vanity metrics”
Number of Packets Dropped
Number of Malware Detections
Number of IDS Alerts
27. Some Not So Useful Metrics
3. Averages can be a Fool’s Errand
Average Age of Vulnerability
Average Time to Discover
Average Time to Respond
Hint: Averages are skewed by outliers. Medians are your friend.
30. Your Coworkers Have Day Jobs Too
Leverage Existing Tools
• Bug Trackers
• Trouble Ticketing
• Configuration Management
• Continuous Integration & Deployment
Bonus Points: Leverage Existing Tools for Security Purposes
31. Your Coworkers Have Day Jobs Too
Leverage Existing Processes
• Change Management
• Bug Fixing
• Design Reviews
• QA Testing
• Continuous Integration
32. The Payoff
Operationalizing Security Risk Management
Security Teams
Operations Teams
Development Teams
Executive Management
Common Language
Distinct Objectives
Efficiency
Effectiveness