Recently there has been a realization that traditional methods of segmentation like VLANs and Firewalls are not suitable for today’s rapidly changing enterprise environments.
In this webinar come learn about how modern software-defined segmentation solutions:
Start with visibility.
Provide enterprises with easy ways to identify and label workloads.
Provide easy to implement, granular enforcement that goes way beyond IP address and port but is able to lock down by process, user and domain.
Enables DevOp automation, provisioning and management.
Is decoupled from and works in an agnostic fashion across every enterprise platform.
Provides unparalleled security while enabling compliance and ongoing compliance validation.
Guardicore - Shrink Your Attack Surface with Micro-SegmentationCSNP
1) The document discusses micro-segmentation as a better strategy than traditional network segmentation approaches for securing hybrid cloud environments. It argues micro-segmentation provides better visibility, faster deployment, and flexibility compared to VLANs.
2) Various use cases are presented where software-defined segmentation was able to simplify and accelerate compliance efforts for critical applications like SWIFT and PCI in complex, multi-cloud environments.
3) Guardicore is introduced as a company providing software-defined segmentation to securely protect critical assets across on-premises and cloud environments through a simple and intuitive centralized management platform.
David Klein - Defending Against Nation Sate Attackers & RansomwareCSNP
The document discusses research conducted into major cybersecurity breaches over the past 5 years. The research found that successful organizations ("winners") and unsuccessful organizations ("losers") experienced attacks on the same common vulnerabilities. However, winners were distinguished by having an incident response plan, making progress on addressing known vulnerabilities, and incorporating DevOps methods to accelerate and automate security processes. Examples of DevOps security practices included using playbooks to automate updates and remediation tasks, and implementing software-defined segmentation.
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Lancope, Inc.
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ISE and TrustSec
Recent breaches have demonstrated that insider threats and determined attackers are effectively able to operate on the network interior where they can wreak havoc on an organization. As a result, it has become necessary to implement security policies inside the network. This webinar describes a data intelligence-driven approach to dynamically segmenting the network to control threats and protect the enterprise through the use of NetFlow and Lancope’s StealthWatch® System in combination with Cisco ISE and TrustSec.
This webinar will cover:
• design and deployment scenarios
• use cases
• best practices
• configuration examples
• forward-leaning vision
The primary takeaway of this webinar is a methodology for leveraging StealthWatch to drive segmentation policies and control threats on the network interior.
Definition Micro segmentation: Micro segmentation is the process of making network security more flexible by using software defined policies. Learn more at.https://www.fieldengineer.com/blogs/what-is-micro-segmentation/
Secure your workloads with microsegmentationRasool Irfan
The document discusses the future of cyber security and securing workloads in hybrid and multi-cloud environments. It notes challenges around evolving threats, security operations, and compliance. It also discusses priorities for business executives around providing transparency, applying business context to network activity, and simplifying operations and compliance reporting. Methods for securing workloads mentioned include microsegmentation, threat control, and visibility.
This document discusses moving beyond zero trust security models to a more comprehensive security driven networking approach. It advocates for integrating security across network, cloud, and edge infrastructure to gain visibility and control over all access and data flows. A security fabric is proposed that uses automation, open APIs, and behavioral analytics to consistently enforce security policies and rapidly respond to threats across hybrid digital environments. This is argued to provide organizations with a reasonable level of due care to prevent breaches and meet compliance standards.
Overview on the state of WIFI security for WEP, WPA/WPA2, WPA3. Looking at their protocols, weaknesses and attacks.
The presentation finishes with a live demo on 2 attacks: Karma Attack and Evil Portal Attack
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolSylvain Martinez
What is an IDS? What is required for a successful implementation and utilisation? IDS can also be used for penetration testing activities, not just for defence purposes. See how!
This was presented as part of the FIRST Technical Colloquium 2017 Conference in Mauritius on the 30th of November 2017.
Feel free to contact us for more information.
If you are reusing some of the slides or their content, can you please reference our website as the source: https://www.elysiumsecurity.com
Guardicore - Shrink Your Attack Surface with Micro-SegmentationCSNP
1) The document discusses micro-segmentation as a better strategy than traditional network segmentation approaches for securing hybrid cloud environments. It argues micro-segmentation provides better visibility, faster deployment, and flexibility compared to VLANs.
2) Various use cases are presented where software-defined segmentation was able to simplify and accelerate compliance efforts for critical applications like SWIFT and PCI in complex, multi-cloud environments.
3) Guardicore is introduced as a company providing software-defined segmentation to securely protect critical assets across on-premises and cloud environments through a simple and intuitive centralized management platform.
David Klein - Defending Against Nation Sate Attackers & RansomwareCSNP
The document discusses research conducted into major cybersecurity breaches over the past 5 years. The research found that successful organizations ("winners") and unsuccessful organizations ("losers") experienced attacks on the same common vulnerabilities. However, winners were distinguished by having an incident response plan, making progress on addressing known vulnerabilities, and incorporating DevOps methods to accelerate and automate security processes. Examples of DevOps security practices included using playbooks to automate updates and remediation tasks, and implementing software-defined segmentation.
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Lancope, Inc.
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ISE and TrustSec
Recent breaches have demonstrated that insider threats and determined attackers are effectively able to operate on the network interior where they can wreak havoc on an organization. As a result, it has become necessary to implement security policies inside the network. This webinar describes a data intelligence-driven approach to dynamically segmenting the network to control threats and protect the enterprise through the use of NetFlow and Lancope’s StealthWatch® System in combination with Cisco ISE and TrustSec.
This webinar will cover:
• design and deployment scenarios
• use cases
• best practices
• configuration examples
• forward-leaning vision
The primary takeaway of this webinar is a methodology for leveraging StealthWatch to drive segmentation policies and control threats on the network interior.
Definition Micro segmentation: Micro segmentation is the process of making network security more flexible by using software defined policies. Learn more at.https://www.fieldengineer.com/blogs/what-is-micro-segmentation/
Secure your workloads with microsegmentationRasool Irfan
The document discusses the future of cyber security and securing workloads in hybrid and multi-cloud environments. It notes challenges around evolving threats, security operations, and compliance. It also discusses priorities for business executives around providing transparency, applying business context to network activity, and simplifying operations and compliance reporting. Methods for securing workloads mentioned include microsegmentation, threat control, and visibility.
This document discusses moving beyond zero trust security models to a more comprehensive security driven networking approach. It advocates for integrating security across network, cloud, and edge infrastructure to gain visibility and control over all access and data flows. A security fabric is proposed that uses automation, open APIs, and behavioral analytics to consistently enforce security policies and rapidly respond to threats across hybrid digital environments. This is argued to provide organizations with a reasonable level of due care to prevent breaches and meet compliance standards.
Overview on the state of WIFI security for WEP, WPA/WPA2, WPA3. Looking at their protocols, weaknesses and attacks.
The presentation finishes with a live demo on 2 attacks: Karma Attack and Evil Portal Attack
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolSylvain Martinez
What is an IDS? What is required for a successful implementation and utilisation? IDS can also be used for penetration testing activities, not just for defence purposes. See how!
This was presented as part of the FIRST Technical Colloquium 2017 Conference in Mauritius on the 30th of November 2017.
Feel free to contact us for more information.
If you are reusing some of the slides or their content, can you please reference our website as the source: https://www.elysiumsecurity.com
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Dragos, Inc.
This document discusses intelligence-driven industrial security and case studies of ICS attacks. It outlines that ICS security is different than IT security, and common IT security practices can cause issues in ICS environments. Research on ICS vulnerabilities and intrusions is presented, showing gaps. An approach of mapping intelligence models to the ICS cyber kill chain and sliding scale of security is proposed. Case studies of major ICS attacks are reviewed to identify lessons learned around architecture, passive defense, and active defense best practices. Major ICS threat activity groups are also listed.
This document discusses how Crypto-Flow segmentation and encryption can help organizations comply with various security standards and regulations. It provides examples of how Crypto-Flow can be used to encrypt data in transit for ISO27001, PCI-DSS, IEC 62443, NESA, and the Cloud Security Alliance guidelines. It also outlines best practices for key management and testing the security of implemented encryption controls.
The document discusses trends in industrial control system (ICS) security products. It notes the importance of asset inventory for detection and outlines different tiers of ICS detection vendors. Top tier vendors are growing rapidly through investments in R&D and acquisitions. They are distinguished by their large employee size, product maturity, and repeated selection in customer bake-offs and pilots. The document advocates starting with asset management, then adding detection integrated with asset data, and configuring incident response through a retained services model.
This document summarizes a presentation given by Craig Heilmann of IBM Security Services at the S4 ICS Security Conference in January 2015. The presentation discussed accelerating cyber security for operational technology (OT) using a case study. The case study involved a large manufacturer that wanted to transform its security operations over 5 years but faced constraints. The solution was to focus first on operations using an "elastic and agile" model with processes, operations, and technology improvements to quickly detect, respond, and disrupt attacks. This included enterprise-wide password changes and a security program framework to continuously adapt and mature capabilities over time. Cost modeling was also introduced to better plan and rationalize security spending.
The document discusses whether patching control systems is an effective security practice given the challenges of securing industrial control systems. It makes three key points:
1. Patching insecure-by-design devices provides minimal risk reduction since attackers can achieve their goals by exploiting legitimate system features rather than vulnerabilities.
2. Most industrial control systems operate within an insecure-by-design zone, so patching may not prevent attacks since attackers do not need to exploit systems to cause damage.
3. Many control system components have low impact even if compromised, so patching provides little benefit given the effort. Prioritizing patching for systems directly accessible from untrusted networks is recommended over broadly patching everything.
The document discusses security challenges in cloud computing and two scenarios for securing data in the cloud. Extending a company's perimeter into the public cloud involves creating VPN tunnels and applying security tools to cloud servers. Extending the cloud into a company's perimeter involves a cloud provider installing a node on-site. Both scenarios require log monitoring, encryption, firewalls and understanding the provider's security capabilities. The key is properly securing cloud servers as if they were internal servers and clarifying security responsibilities between customers and providers.
Presented: September 21, 2017
At: CS2AI, Washington, DC
A decade ago, ISA99 published the first standard in what is now the ISA/IEC 62443 series. Since then, the series has coalesced into the current form consisting of 13 individual documents in various stages of completion, publication, and/or revision. Printing out all of the existing standards and drafts can easily use up more than a ream of paper. It can be a daunting task to try to apply it to an organization. So, what are you supposed to do? How are you supposed to proceed? In this talk, I’ll go over some of the lessons I’ve learned from helping customers develop and evaluate security programs within their organization.
We are all aware of the current risks when developing a connected product, especially with vehicles since much is at stake both from an information and safety perspective. In this workshop, we will learn how to build Security requirements, architect, design, test and produce Safety and Security critical components using a methodology that works in harmony both with Engineering and Security
Solving ICS Cybersecurity Challenges in the Electric IndustryDragos, Inc.
This document discusses how a mid-sized US electric utility implemented the Dragos cybersecurity platform to improve the visibility of its operational technology (OT) assets and threats, enhance compliance functions, and better support its limited OT security team. The Dragos solution included passive network monitoring sensors, asset characterization, and threat intelligence reporting. It helped the utility address compliance requirements, leverage Dragos' expertise through training and assistance, and improve its detection of OT threats through behavioral analytics and investigation playbooks. The solution demonstrated that combining technology with personnel support can effectively address common industrial control system security challenges faced by electric utilities.
How to Increase ICS Cybersecurity Return on Investment (ROI) Dragos, Inc.
In Austin's presentation, he will align his 2019 top 5 findings from the Dragos Industrial Penetration Testing team to tactical activities that can be performed to reduce cyberrisk within industrial environments. Return on Investment (ROI) is a broad and subjective term. Even in terms of industrial cyberrisk reduction, the interpretation of ROI can change drastically depending on who you ask. As a member of the Dragos Industrial Penetration Testing team, he sees the world around him in terms of exploitation effort. Exploitation effort is the investment required by an adversary to advance through a network. In his presentation, Austin will detail five ways that will significantly increase the time and energy needed for an adversary while minimizing operational and capital expenditure.
In this provocative and sometimes irreverent presentation, retired Brigadier General Greg Touhill, the United States government's first federal Chief Information Security Officer, will discuss why the legacy perimeter defense model has been overwhelmed and made obsolete by the advent of modern mobility and cloud computing. He'll demonstrate how to make the business case that the shift to the Zero Trust security strategy is now essential for businesses to survive and thrive in today's highly contested global digital economy.
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
This presentation reviews the spectrum of perimeter solutions based on unidirectional technology - solutions that are being deployed to protect the safety and reliability of industrial control systems. Learn why the technology is truly unidirectional based on physics and different ways it can be used in SCADA and DCS.
Many practitioners find parts of the spectrum to be counter-intuitive. Further, some parts of the spectrum are straightforward to deploy, and others require that practitioners take some care to ensure that the results really are as strong as they should be. Technologies and techniques covered include unidirectional gateways, secure bypass, temporary/programmed gateway reversals, opposing gateways, secure remote access, and parallel operations and IT WANs.
Cybersecurity Implementation and Certification in Practice for IoT EquipmentOnward Security
This document discusses implementing and certifying IoT equipment for security standards. It begins by outlining five notices for adopting IoT security standards, including explicitly defining relevant standards, determining which standards are needed, investments required, cooperation needed, and benefits of certification. It then provides FAQs and suggestions about adopting standards. Use cases of adopting standards for IoT devices and industrial IoT development processes are presented. The conclusion suggests that adopting standards can help conform to customer requirements, enhance competitiveness, build corporate image, and increase revenue. It invites any remaining questions.
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
A key business goal of any organization is to maintain the constant availability of data and systems that can be trusted for decision-making purposes. The evolving threat landscape has resulted in increasing focus, right to board level, on cybersecurity. IT operational and security teams should demonstrate a comprehensive, cohesive approach in their response to security incidents and data breaches.
Cloud security is must for any of the IaaS, PaaS, SaaS or CaaS initiative. this presentation aims to simplify the concept of cloud security with clear steps to achieve it. It also summarize the controls required to implement cloud security.
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
• Why An Industrial Cybersecurity Standard
• What Is IEC 62443 About
• How It Impacts On You - The Security Lifecycle
• IEC 62443 Certificates
• Reference: Some Ongoing Projects
• Summary
The document discusses securing data centers from cyber threats. It describes how attacks have evolved from manual to mechanized to sophisticated human-led attacks. It advocates employing segmentation, threat defense and visibility measures like firewalls, IDS/IPS, and NetFlow. The Cisco Cyber Threat Defense solution places these tools at the access, aggregation and core layers, including the ASA firewall, Nexus switches, and StealthWatch for network monitoring and analytics. This provides visibility into network traffic across physical and virtual infrastructure to detect threats and policy violations.
Dragos’ Year in Review 2018 report provides insights and lessons learned from our team’s first-hand experience hunting and responding to industrial control systems (ICS) adversaries throughout the year, so we can offer recommendations for stronger defenses for industrial organizations and help drive change in the ICS cybersecurity community.
Protecting the Software-Defined Data Center from Data BreachCA Technologies
In this session, learn:
Security Requirements for our next generation software defined data centers
VMware NSX™, VMware’s network virtualization platform, and how it protects the software defined data center
CA Privileged Access Manager for VMware NSX™, and how it protects the management plane of VMware NSX™
For more information, please visit http://cainc.to/Nv2VOe
Runecast: Simplified Security with Unparalleled Transparency (March 2022)Jason Mashak
Your best future-proofing starts now. Discover, manage, audit and remediate across your hybrid cloud – all via one patented platform. Runecast customers report time savings of 75-90%, security compliance audit readiness, and greatly increased uptime. Enable your IT Security and Operations teams with a single platform for discovering and resolving IT problems you don't yet know about. Ask us about the Runecast Challenge!
Runecast enables organizations with immediate proactive results and ROI in the areas of Cloud Security Posture Management (CSPM), Kubernetes Security Posture Management (KSPM), Governance, Risk Management and Compliance (GRC), IT Operations Management (ITOM), Vulnerability Assessment/Management, Configuration Management and more.
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks Dragos, Inc.
This document discusses intelligence-driven industrial security and case studies of ICS attacks. It outlines that ICS security is different than IT security, and common IT security practices can cause issues in ICS environments. Research on ICS vulnerabilities and intrusions is presented, showing gaps. An approach of mapping intelligence models to the ICS cyber kill chain and sliding scale of security is proposed. Case studies of major ICS attacks are reviewed to identify lessons learned around architecture, passive defense, and active defense best practices. Major ICS threat activity groups are also listed.
This document discusses how Crypto-Flow segmentation and encryption can help organizations comply with various security standards and regulations. It provides examples of how Crypto-Flow can be used to encrypt data in transit for ISO27001, PCI-DSS, IEC 62443, NESA, and the Cloud Security Alliance guidelines. It also outlines best practices for key management and testing the security of implemented encryption controls.
The document discusses trends in industrial control system (ICS) security products. It notes the importance of asset inventory for detection and outlines different tiers of ICS detection vendors. Top tier vendors are growing rapidly through investments in R&D and acquisitions. They are distinguished by their large employee size, product maturity, and repeated selection in customer bake-offs and pilots. The document advocates starting with asset management, then adding detection integrated with asset data, and configuring incident response through a retained services model.
This document summarizes a presentation given by Craig Heilmann of IBM Security Services at the S4 ICS Security Conference in January 2015. The presentation discussed accelerating cyber security for operational technology (OT) using a case study. The case study involved a large manufacturer that wanted to transform its security operations over 5 years but faced constraints. The solution was to focus first on operations using an "elastic and agile" model with processes, operations, and technology improvements to quickly detect, respond, and disrupt attacks. This included enterprise-wide password changes and a security program framework to continuously adapt and mature capabilities over time. Cost modeling was also introduced to better plan and rationalize security spending.
The document discusses whether patching control systems is an effective security practice given the challenges of securing industrial control systems. It makes three key points:
1. Patching insecure-by-design devices provides minimal risk reduction since attackers can achieve their goals by exploiting legitimate system features rather than vulnerabilities.
2. Most industrial control systems operate within an insecure-by-design zone, so patching may not prevent attacks since attackers do not need to exploit systems to cause damage.
3. Many control system components have low impact even if compromised, so patching provides little benefit given the effort. Prioritizing patching for systems directly accessible from untrusted networks is recommended over broadly patching everything.
The document discusses security challenges in cloud computing and two scenarios for securing data in the cloud. Extending a company's perimeter into the public cloud involves creating VPN tunnels and applying security tools to cloud servers. Extending the cloud into a company's perimeter involves a cloud provider installing a node on-site. Both scenarios require log monitoring, encryption, firewalls and understanding the provider's security capabilities. The key is properly securing cloud servers as if they were internal servers and clarifying security responsibilities between customers and providers.
Presented: September 21, 2017
At: CS2AI, Washington, DC
A decade ago, ISA99 published the first standard in what is now the ISA/IEC 62443 series. Since then, the series has coalesced into the current form consisting of 13 individual documents in various stages of completion, publication, and/or revision. Printing out all of the existing standards and drafts can easily use up more than a ream of paper. It can be a daunting task to try to apply it to an organization. So, what are you supposed to do? How are you supposed to proceed? In this talk, I’ll go over some of the lessons I’ve learned from helping customers develop and evaluate security programs within their organization.
We are all aware of the current risks when developing a connected product, especially with vehicles since much is at stake both from an information and safety perspective. In this workshop, we will learn how to build Security requirements, architect, design, test and produce Safety and Security critical components using a methodology that works in harmony both with Engineering and Security
Solving ICS Cybersecurity Challenges in the Electric IndustryDragos, Inc.
This document discusses how a mid-sized US electric utility implemented the Dragos cybersecurity platform to improve the visibility of its operational technology (OT) assets and threats, enhance compliance functions, and better support its limited OT security team. The Dragos solution included passive network monitoring sensors, asset characterization, and threat intelligence reporting. It helped the utility address compliance requirements, leverage Dragos' expertise through training and assistance, and improve its detection of OT threats through behavioral analytics and investigation playbooks. The solution demonstrated that combining technology with personnel support can effectively address common industrial control system security challenges faced by electric utilities.
How to Increase ICS Cybersecurity Return on Investment (ROI) Dragos, Inc.
In Austin's presentation, he will align his 2019 top 5 findings from the Dragos Industrial Penetration Testing team to tactical activities that can be performed to reduce cyberrisk within industrial environments. Return on Investment (ROI) is a broad and subjective term. Even in terms of industrial cyberrisk reduction, the interpretation of ROI can change drastically depending on who you ask. As a member of the Dragos Industrial Penetration Testing team, he sees the world around him in terms of exploitation effort. Exploitation effort is the investment required by an adversary to advance through a network. In his presentation, Austin will detail five ways that will significantly increase the time and energy needed for an adversary while minimizing operational and capital expenditure.
In this provocative and sometimes irreverent presentation, retired Brigadier General Greg Touhill, the United States government's first federal Chief Information Security Officer, will discuss why the legacy perimeter defense model has been overwhelmed and made obsolete by the advent of modern mobility and cloud computing. He'll demonstrate how to make the business case that the shift to the Zero Trust security strategy is now essential for businesses to survive and thrive in today's highly contested global digital economy.
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
This presentation reviews the spectrum of perimeter solutions based on unidirectional technology - solutions that are being deployed to protect the safety and reliability of industrial control systems. Learn why the technology is truly unidirectional based on physics and different ways it can be used in SCADA and DCS.
Many practitioners find parts of the spectrum to be counter-intuitive. Further, some parts of the spectrum are straightforward to deploy, and others require that practitioners take some care to ensure that the results really are as strong as they should be. Technologies and techniques covered include unidirectional gateways, secure bypass, temporary/programmed gateway reversals, opposing gateways, secure remote access, and parallel operations and IT WANs.
Cybersecurity Implementation and Certification in Practice for IoT EquipmentOnward Security
This document discusses implementing and certifying IoT equipment for security standards. It begins by outlining five notices for adopting IoT security standards, including explicitly defining relevant standards, determining which standards are needed, investments required, cooperation needed, and benefits of certification. It then provides FAQs and suggestions about adopting standards. Use cases of adopting standards for IoT devices and industrial IoT development processes are presented. The conclusion suggests that adopting standards can help conform to customer requirements, enhance competitiveness, build corporate image, and increase revenue. It invites any remaining questions.
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
A key business goal of any organization is to maintain the constant availability of data and systems that can be trusted for decision-making purposes. The evolving threat landscape has resulted in increasing focus, right to board level, on cybersecurity. IT operational and security teams should demonstrate a comprehensive, cohesive approach in their response to security incidents and data breaches.
Cloud security is must for any of the IaaS, PaaS, SaaS or CaaS initiative. this presentation aims to simplify the concept of cloud security with clear steps to achieve it. It also summarize the controls required to implement cloud security.
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
• Why An Industrial Cybersecurity Standard
• What Is IEC 62443 About
• How It Impacts On You - The Security Lifecycle
• IEC 62443 Certificates
• Reference: Some Ongoing Projects
• Summary
The document discusses securing data centers from cyber threats. It describes how attacks have evolved from manual to mechanized to sophisticated human-led attacks. It advocates employing segmentation, threat defense and visibility measures like firewalls, IDS/IPS, and NetFlow. The Cisco Cyber Threat Defense solution places these tools at the access, aggregation and core layers, including the ASA firewall, Nexus switches, and StealthWatch for network monitoring and analytics. This provides visibility into network traffic across physical and virtual infrastructure to detect threats and policy violations.
Dragos’ Year in Review 2018 report provides insights and lessons learned from our team’s first-hand experience hunting and responding to industrial control systems (ICS) adversaries throughout the year, so we can offer recommendations for stronger defenses for industrial organizations and help drive change in the ICS cybersecurity community.
Protecting the Software-Defined Data Center from Data BreachCA Technologies
In this session, learn:
Security Requirements for our next generation software defined data centers
VMware NSX™, VMware’s network virtualization platform, and how it protects the software defined data center
CA Privileged Access Manager for VMware NSX™, and how it protects the management plane of VMware NSX™
For more information, please visit http://cainc.to/Nv2VOe
Runecast: Simplified Security with Unparalleled Transparency (March 2022)Jason Mashak
Your best future-proofing starts now. Discover, manage, audit and remediate across your hybrid cloud – all via one patented platform. Runecast customers report time savings of 75-90%, security compliance audit readiness, and greatly increased uptime. Enable your IT Security and Operations teams with a single platform for discovering and resolving IT problems you don't yet know about. Ask us about the Runecast Challenge!
Runecast enables organizations with immediate proactive results and ROI in the areas of Cloud Security Posture Management (CSPM), Kubernetes Security Posture Management (KSPM), Governance, Risk Management and Compliance (GRC), IT Operations Management (ITOM), Vulnerability Assessment/Management, Configuration Management and more.
Yes, you can be pci compliant using a public iaas cloud a case study by phi...Khazret Sapenov
- Phil Cox and Rand Wacker presented on achieving PCI compliance in public clouds. They discussed the shared responsibility model between cloud providers and customers and the challenges of securing systems in dynamic cloud environments.
- Automating security controls is key to maintaining continuous compliance in public clouds where infrastructure is elastic. Controls must adapt to changing environments and verify that server configurations and software remain secure and aligned with standards.
- Presenters provided best practices around understanding provider responsibilities, designing secure applications, hardening systems before exposure, and focusing on automating security operations to ensure compliance across hybrid and multi-cloud deployments.
Aerohive and Barracuda provide a comprehensive solution for mobile-first networks that combines Aerohive's user and device context capabilities with Barracuda's application visibility and controls. This allows administrators to enforce granular application policies at the network edge with Aerohive and at the gateway with Barracuda. The integration leverages information from Aerohive about user identity, device type, and IP address to enhance Barracuda's security policies. Together the solution offers enhanced user-identity awareness, client-less operation, zero performance impact, and comprehensive application visibility and control across wired and wireless networks.
Innovation! Share your wireless network between colleagues and visitors in a safe way.
Aerohive Networks and Barracuda technologies have joined forces and are now compatible to be used together.
Combining both technologies today, allows you to provide secure and fast wireless access to both internal and external visitors at your company and allows you to use a straightforward reporting platform with the Barracuda NG Firewalls to manage all users on your network.
The document discusses the challenges of virtualization security. It highlights issues like inter-VM attacks that bypass traditional security solutions, VMs that are dormant and lack up-to-date security, and the complexity of managing security across many VMs. It then provides an overview of the Deep Security 9.0 architecture and its modules for firewall, deep packet inspection, integrity monitoring, log inspection, and anti-malware. Finally, it outlines the steps to deploy Deep Security on a vSphere environment.
VMware introduced the vShield product line to provide security for virtualized and cloud environments. vShield products included vShield Edge to secure the network edge, vShield App to provide application protection and firewall capabilities between virtual machines, and vShield Endpoint to offload antivirus processing from virtual machines. By consolidating multiple security functions into virtual appliances and enabling security that moves with virtual machines, vShield aims to make security deployments more cost effective, simple to manage, and adaptive to virtual environments compared to traditional hardware-based security solutions.
The document discusses the challenges of implementing effective network segmentation across modern distributed systems. It outlines several common mechanisms used for segmentation, such as VPC networks, security groups, Docker networking, and eBPF/Calico policies. However, it notes that individually these approaches face issues with scalability, coordination, and potential for misconfiguration. The document advocates for a hierarchical approach to segmentation that enforces consistent policies across layers from IAM roles to security groups to individual networks or segments. It raises open questions around coordinating policy specification and management across the different available mechanisms.
VMworld 2013
Moderator: Rob Randell, VMware
Jerry Breaud, VMware
David Barker, EMC
Eric Bruner, Sallie Mae
Noah Weisberger, Coalfire
Tim West, Accuvant
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
The CyberArk training develops your skills and provides the expertise needed to build, deploy, and configure the Privileged Account Security Solution. CyberArk course provides a variety of options to choose from. Through real-world scenarios, our participants will gain hands-on experience establishing CyberArk infrastructure, defining authentication types, and more. This course covers password management in-depth, as well as software aspects such as backup and troubleshooting. Each level displays knowledge of CyberArk Privileged Access Security Solution, which is both innovative and industry-leading.
Introducing a Security Feedback Loop to your CI PipelinesCodefresh
Watch the webinar here: https://codefresh.io/security-feedback-loop-lp/
Sign up for a FREE Codefresh account today: https://codefresh.io/codefresh-signup/
We're all looking at ways to prevent vulnerabilities from escaping into our production environments. Why not require scans of your Docker images before they're even uploaded to your production Docker registry? SHIFT LEFT!
Codefresh has worked with Twistlock to run Twist CLI using a Docker image as a build step in CI pipelines.
Join Codefresh, Twistlock, and Steelcase as we demonstrate setting up vulnerability and compliance thresholds in a CI pipeline. We will show you how to give your teams access to your Docker images' security reports & trace back to your report from your production Kubernetes cluster using Codefresh.
What we learned from MISA Ontario 2020 InfosecGENIANS, INC.
Attendees Need To Consolidate
- Reduce the number of IT Security Solutions
- Select Solutions that provide Multiple Features
- Retire Legacy Solutions!
Attendees Need More Visibility
- Ensure Solutions can see ALL IP Enabled devices
- Ensure Solutions provide Detail and Context!
- Solution should adapt to YOUR environment
Attendees Need Cloud Managed Solutions
- Solution should support Vendor our Customer Cloud Options
- Ease of Deployment and Pricing Options Matter
The document provides an overview of the cybersecurity features and capabilities of VideoEdge Network Video Recorders (NVRs). It discusses the NVR's robustness, access control, ports, device authentication, operating system, system protection, camera security, auditing, security approvals, vulnerability testing, and the product security program. Key capabilities highlighted include role-based access controls, encryption, digital certificates, customized operating system, and penetration testing validation.
The document provides an overview of the cybersecurity features and capabilities of VideoEdge Network Video Recorders (NVRs). It discusses the NVR's robustness, access control, ports, device authentication, operating system, system protection, camera security, auditing, security approvals, vulnerability testing, and the product security program from the manufacturer. Key capabilities highlighted include backup/restore, failover support, role-based access control, encryption, digital certificates, logging/alerts, internal and third-party security testing, and a commitment to ongoing security updates.
Optimizing Spark Deployments for Containers: Isolation, Safety, and Performan...Spark Summit
Developers love Linux containers, which neatly package up an application and its dependencies and are easy to create and share. However, this unbeatable developer experience hides some deployment challenges for real applications: how do you wire together pieces of a multi-container application? Where do you store your persistent data if your containers are ephemeral? Do containers really contain and isolate your application, or are they merely hiding potential security vulnerabilities? Are your containers scheduled across your compute resources efficiently, or are they trampling on one another?
Container application platforms like Kubernetes provide the answers to some of these questions. We’ll draw on expertise in Linux security, distributed scheduling, and the Java Virtual Machine to dig deep on the performance and security implications of running in containers. This talk will provide a deep dive into tuning and orchestrating containerized Spark applications. You’ll leave this talk with an understanding of the relevant issues, best practices for containerizing data-processing workloads, and tips for taking advantage of the latest features and fixes in Linux Containers, the JDK, and Kubernetes. You’ll leave inspired and enabled to deploy high-performance Spark applications without giving up the security you need or the developer-friendly workflow you want.
2021 01-27 reducing risk of ransomware webinarAlgoSec
Micro-segmentation protects your network by limiting the lateral movement of ransomware and other threats in your network. Yet successfully implementing a defense-in-depth strategy using micro-segmentation may be complicated.
In this second webinar in a series of two webinars about ransomware, Yitzy Tannenbaum, Product Marketing Manager from AlgoSec and Jan Heijdra, Cisco Security Specialist, will provide a blueprint to implementing micro-segmentation using Cisco Secure Workload (formerly Cisco Tetration) and AlgoSec Network Security Policy Management.
Join our live webinar to learn:
• Why micro-segmentation is critical to fighting ransomware
• Understand your business applications to create your micro-segmentation policy
• Validate your micro-segmentation policy is accurate
• Enforce these granular policies on workloads and summarized policies across your infrastructure
• Use risk and vulnerability analysis to tighten your workload and network security
• Identify and manage security risk and compliance in your micro-segmented environment
Webinar: Overcoming the Top Challenges of Recovery to the Cloudiland Cloud
iland's CTO, Justin Giardina, covers how cloud-based solutions with Veeam and iland can help you achieve availability and data protection. In this webinar, Justin discussed the common issues faced when leveraging cloud-based backup and DR and provided examples of how these issues can be managed to ease the migration to a cloud environment.
Watch the webinar on-demand: https://info.iland.com/wb-veeamon-recap
This presentation discusses implementing agentless antivirus (AV) and intrusion detection/prevention system (IDS/IPS) security solutions with VMware NSX. It covers using NSX guest introspection for agentless AV and network introspection for IPS/IDS. The presentation demonstrates how these technologies can be tied together and automated through common security policies. It also includes a demo of using NSX features like security groups and distributed firewall to quarantine systems and enforce security policies.
2018 11-19 improving business agility with security policy automation finalAlgoSec
The traditional network is bursting at the seams. Good old perimeter security, enforced by traditional firewall protection, is being joined by distributed firewalls, public clouds and a shared-responsibility security model.
Similar to Software-Defined Segmentation Done Easily, Quickly and Right (20)
Securing Mobile Apps, From the Inside OutSBWebinars
Mobile devices are becoming increasingly better hardened. App stores are helping by vetting apps to weed out malicious behavior. Servers are protected by sophisticated security systems. In the end, the mobile apps themselves remain the most vulnerable elements in a modern application architecture. Once downloaded, they can be reverse engineered and even modified. They may contain or provide gateways to valuable assets, in-app purchases, hidden features or defects, and more, which organizations and developers need to protect. Luckily, protecting Android and iOS apps has also come a long way since the early days of name obfuscation. Have a specific question on Mobile App Protection?
This document discusses a presentation about the journey of migrating applications to the cloud while securing them. It describes challenges with application security and how traditional security tools are not sufficient for modern development environments. It advocates for integrating security into the entire software development lifecycle using an approach called DevSecOps. Specific examples are provided about how SAP Concur integrated Contrast Security's application security platform into their processes and cloud migration to AWS to help shift security left.
Top Cybersecurity Threats and How SIEM Protects Against ThemSBWebinars
Everyone has become increasingly aware of the danger hackers pose—they can steal data, dismantle systems, and cause damage that can take years to recover from. However, organizations often have a false sense of safety when it comes to their security environments. There are countless ways that businesses are making it easier for a threat actor to find their way in undetected.
Join cybersecurity expert Bob Erdman, senior security product manager, as he outlines the most common ways organizations unintentionally put themselves at risk against threats like:
Insider attacks
Alert and console fatigue
Shortage of security staff
Misconfigurations
Excessive access
By better understanding what and where the challenges are, organizations can be better equipped to find solutions. This webinar will also highlight different strategies for mitigating risk, from specific Security Information and Event Management (SIEM) tools to employee education.
Don’t Get Stuck in The Encryption Stone Age: Get Decrypted Visibility with Am...SBWebinars
New TLS encryption standards puts security at the forefront, but what about the visibility issue? Join us for a “How To” webinar covering the newest possibilities for decryption in the cloud to enable incident response, network detection and response and other key security and DevOps use cases .
During the session, Steve Perkins, chief product officer and Erik Freeland, director of customer success at Nubeva, will discuss the complications and opportunities surrounding the new TLS 1.3 protocols. They will walk through how organizations can evolve with new encryption standards and also gain full decrypted traffic visibility for intrusion detection, threat hunting, incident response and beyond with Amazon native packet acquisition technology, Amazon VPC traffic mirroring and industry-leading open source monitoring tools.
Taking Open Source Security to the Next LevelSBWebinars
Join us for a webinar featuring Forrester VP and Research Director Amy DeMartine to learn more about why open source security has become critical for securing modern applications, the main considerations when evaluating an open source security and license compliance solution and what she sees in store for the future.
Additionally, WhiteSource Senior Director of Product Marketing, Jeff Crum, will discuss recent analysis of the Software Composition Analysis (SCA) market, including takeaways from The Forrester Wave™: Software Composition Analysis, Q2 2019.
The Next Generation of Application SecuritySBWebinars
Application security is an effective tool for defending against attacks. But as IT infrastructures shift to “software-defined everything” and move to the cloud, traditional appsec models no longer are enough to protect the application.
This webinar takes a look at how companies are addressing new models to address more dispersed and dynamically connected applications, from traditional web and mobile APIs to containers and microservices.
You're Bleeding. Exposing the Attack Surface in your Supply ChainSBWebinars
While companies are stuck knee-deep responding to alarms within the environment, the supply chain is typically overlooked. Yet, a supply chain attack can have deep repercussions on a company - from data theft and brand tarnishing to regulatory fines. As a security professional, you have the responsibility of safeguarding your company’s data and assets. But how can you control an environment that you don’t even have visibility into?
In this webinar, we will:
Present techniques to unveil your supply chain’s attack surface
Pinpoint warning signs of a supply chain breach
Provide a practical strategy to increase the cyber resilience of your supply chain
Demystifying PCI Software Security Framework: All You Need to Know for Your A...SBWebinars
If your organization is developing a payment app or even just using one in your product, then this webinar is for you.
The Payment Card Industry (PCI) Security Standards Council recently released a new security framework to replace the previous standard (PCI PA-DSS). The new framework is set to better address the changes that the software development industry has seen in the past few years. Agile and DevOps methodologies, cloud and containerized environments and widespread open source usage have become the new normal and with this, present new AppSec challenges. To ensure that users of payment apps remain safe, the new framework aims to lay a substantial value on continuous application security.
Join Alexei Balaganski (Lead Analyst at KuppingerCole) as he discusses:
the new framework and standards, and the difference between them and the previous version
the practical steps organizations need to take in order to follow the new framework
how organizations can leverage automated vulnerability management tools to ensure application security and compliance with the new standards
The document provides a summary of the top 10 threats to cloud security as presented by James Condon from Lacework. The top threats are: 1) publicly accessible resources, 2) leaked keys, 3) malicious insiders, 4) brute force attacks, 5) remote code execution, 6) container escapes, 7) supply chain attacks, 8) malware, 9) cryptojacking, and 10) ransomware. For each threat, examples are given and mitigations are proposed. The document concludes by introducing Lacework's unified cloud security platform.
Deploying Secure Modern Apps in Evolving InfrastructuresSBWebinars
Software development is changing. It is now measured in days instead of months. Microservice architectures are preferred over monolithic centralized app architecture, and cloud is the preferred environment over hardware that must be owned and maintained.
In this webinar, we examine how these new software development practices have changed web application security and review a new approach to protecting assets at the web application layer.
Attendees will learn:
The changes in development models, architecture designs, and infrastructure
How these changes necessitate a new approach to web application security
How development teams can effectively stay secure at the speed of DevOps
Reduce the Burden Of Managing SAP With Enterprise Identity ManagementSBWebinars
Implementing Identity and Access Management universally across multiple IT infrastructures and software platforms is a major challenge for any organization. IAM implementation is no longer about promoting efficiency during an onboarding process, rather it’s more about managing roles, ensuring compliance, and promoting security. To do their daily job successfully, users today expect to get access to information they need from anywhere at any time, regardless of the target system or application. IT departments are struggling to make this access frictionless for users yet maintain compliance with corporate and government-imposed security and privacy regulations. This task is even more complicated if business-critical platforms like SAP are involved – not only SAP has its own security and access governance requirements, it is usually managed by a completely separate team from the one responsible for enterprise-wide IAM program. In this webinar, we will cover the challenges of managing SAP environments in silos, and how One Identity can help overcomes these challenges, and reduce the burden of managing SAP.
You will learn how One Identity Manager:
Provides a unified view and enterprise management of SAP accounts on different systems, as well as the rest of the enterprise
Associates an SAP account with standard user corporate identity, bringing everything under governance
Scales to hundreds-of-millions of SAP objects
Provides SAP-optimized SoD verification and enforcement
Delivers SAP-specialized workflows and business logic within enterprise governance
Integrates with SAP cloud applications through One Identity Starling Connect
Maturing DevSecOps: From Easy to High ImpactSBWebinars
Digital Transformation and DevSecOps are the buzzwords du jour. Increasingly, organizations embrace the notion that if you implement DevOps, you must transform security as well. Failing to do so would either leave you insecure or make your security controls negate the speed you aimed to achieve in the first place.
So doing DevSecOps is good... but what does it actually mean? This talk unravels what it looks like with practical, good (and bad) examples of companies who are:
Securing DevOps technologies - by either adapting or building new solutions that address the new security concerns
Securing DevOps methodologies - changing when and how security controls interact with the application and the development process
Adapting to a DevOps philosophy of shared ownership for security
In the end, you'll have the tools you need to plan your interpretation of DevSecOps, choose the practices and tooling you need to support it, and ensure that Security leadership is playing an important role in making it a real thing in your organization.
How to Kickstart Security and Compliance for Your AWS, Azure, and GCP CloudsSBWebinars
Addressing public cloud security and compliance is overwhelming given the lack of visibility and monitoring security teams have over their assets in the cloud. This problem is further compounded given the cloud’s benefits of speed and scale and that legacy security tools simply can’t keep pace. Alarmingly, Gartner predicts that through 2022, at least 95 percent of cloud security failures will be the fault of the customer.
Join us for a live webinar with Dan Hubbard, Chief Product Officer at Lacework on how to overcome the challenges of protecting your cloud and how to automate security and compliance across AWS, Azure, and GCP, including:
Where traditional security falls short and common threats start
Why end-to-end visibility is critical across all of your cloud environments
How to scale compliance and audit control as your cloud footprint expands
What to consider when securing workloads and containers
Reducing Risk of Credential Compromise at NetflixSBWebinars
Building a secure system is like constructing a good pizza – each individual layer adds flavor that ultimately builds to the perfect bite. At Netflix we have hand-crafted ingredients that by themselves are scrumptious, but when placed together strategically on the crust (read: cloud), constructs a pizza so large that any pizza lover (read: attacker) would be challenged to finish.
Attendees will learn the secret to the sauce that is Netflix Infrastructure Security and how even defensive appsec tooling like Signal Sciences can be used in the mix to be better equipped to start baking pizza in their own kitchen, and leave satisfied.
2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyb...SBWebinars
Curious about what hackers really think of your cyber defenses? Thycotic’s new 2018 Black Hat Conference survey conducted in Las Vegas in August reveals some disturbing answers.
75% hackers say companies fail at applying the principle of least privilege
50% of hackers say they easily compromised both Windows 10/8 within the past year
More than 90% say they compromised Windows environments despite the use of Group Policy Objects (GPO)
Join Thycotic’s Chief Cyber Security Scientist Joseph Carson as he dives into what hackers say about top vulnerabilities they exploit, and how companies are failing to control privileged account credentials. He will then guide you through action steps you can take to limit “overprivileged” users without impacting their productivity.
The State of Open Source Vulnerabilities ManagementSBWebinars
The number of open source vulnerabilities hit an all-time record in 2017 with 3,500 reported vulnerabilities - that's 60% higher than the previous year, and the trend continues in 2018.
Since it’s impossible to keep up with today’s pace of software production without open source, development and security teams are challenged to meet security objectives, without compromising on speed and quality.
It's time to for organizations to step up their open source security game. Join WhiteSource's Senior Director of Product Management, Rami Elron, as he discusses:
the current state of open source vulnerabilities management;
organizations' struggle to handle open source vulnerabilities; and
the key strategy for effective vulnerability management.
Flow Metrics: What They Are & Why You Need ThemSBWebinars
When it comes to assessing an IT transformation (such as Agile and DevOps), performance metrics have come under intense scrutiny. Traditional performance metrics, such as counting the number of lines of code and the number of software bugs should be used with caution, because there are bugs that are not worth fixing and code that is not worth maintaining. These old-school performance metrics represent activities, not outcomes. To visualize and optimize the business value of your software delivery, you need to find a way to measure business outcomes. To do that, we need flow metrics.
Beyond S3 Buckets - Effective Countermeasures for Emerging Cloud ThreatsSBWebinars
Research shows that 25% of organizations have cryptojacking activity in their AWS, Azure, and GCP environments. Is yours one of them? While S3 buckets continue to dominate headlines, cryptojacking and other threats lay quietly behind the scenes. Learn about the latest cloud threats and arm yourself with effective countermeasures.
Building Blocks of Secure Development: How to Make Open Source Work for YouSBWebinars
To keep pace with the increasing demands of software development and delivery, the need for developers to leverage open source components and third party libraries continues to grow. Coupled with the escalating number of vulnerabilities these practices introduce, the result is an increased number of vulnerable entry points for cyber-criminals to exploit. However, this does not mean that companies should or must stop using components in their development efforts. Any company that forbids the use of components would be putting itself at a severe disadvantage in the digital economy. Developers though do need to consider the security aspects of using open source libraries and components as part of their build and testing process.
Take a Bite Out of the Remediation BacklogSBWebinars
Every time you run a new assessment, you identify more and more risk that needs to be mitigated. The weight is crushing, and your to-do list never gets any shorter. Sound familiar?
Join Jadon Montero, Product Manager, and Justin Buchanan, Solutions Manager, on October 10th where we will discuss processes and systems that equip you to take immediate action on newly identified vulnerabilities and take a bite out of your backlog of work.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/how-axelera-ai-uses-digital-compute-in-memory-to-deliver-fast-and-energy-efficient-computer-vision-a-presentation-from-axelera-ai/
Bram Verhoef, Head of Machine Learning at Axelera AI, presents the “How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-efficient Computer Vision” tutorial at the May 2024 Embedded Vision Summit.
As artificial intelligence inference transitions from cloud environments to edge locations, computer vision applications achieve heightened responsiveness, reliability and privacy. This migration, however, introduces the challenge of operating within the stringent confines of resource constraints typical at the edge, including small form factors, low energy budgets and diminished memory and computational capacities. Axelera AI addresses these challenges through an innovative approach of performing digital computations within memory itself. This technique facilitates the realization of high-performance, energy-efficient and cost-effective computer vision capabilities at the thin and thick edge, extending the frontier of what is achievable with current technologies.
In this presentation, Verhoef unveils his company’s pioneering chip technology and demonstrates its capacity to deliver exceptional frames-per-second performance across a range of standard computer vision networks typical of applications in security, surveillance and the industrial sector. This shows that advanced computer vision can be accessible and efficient, even at the very edge of our technological ecosystem.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
Essentials of Automations: Exploring Attributes & Automation Parameters
Software-Defined Segmentation Done Easily, Quickly and Right
1. 1 // Guardicore – Security Boulevard Webinar
Dave Klein
Senior Director
Engineering & Architecture
Guardicore
2. 2 // Guardicore – Security Boulevard Webinar2 // Guardicore – Security Boulevard Webinar
Goals of Today’s Webinar
1. What are the
Challenges Driving
Software-Defined
Segmentation?
3. What are the
Software
Segmentation Rollout
Steps?
FINAL GOAL:
Software-Defined
Segmentation Done
Easily, Quickly & Right!
4. Why Traditional
Segmentation, Firewalls
& First Generation of
Software-Defined
Segmentation Failed?
2. Why Software-
Defined
Segmentation? What
are the Use Cases?
5. What are the Solution
Requirements for
Software
Segmentation?
3. 3 // Guardicore – Security Boulevard Webinar
The Challenges that Have Led to
Software-Defined Segmentation
4. 4 // Guardicore – Security Boulevard Webinar4 // Guardicore – Security Boulevard Webinar
The Era of Software-Defined Segmentation
Current Challenges
Even in enterprises that haven’t moved to cloud.
Even in traditional environments and use cases.
5. 5 // Guardicore – Security Boulevard Webinar5 // Guardicore – Security Boulevard Webinar
The Era of Software-Defined Segmentation
Current Challenges
For Both…
6. 6 // Guardicore – Security Boulevard Webinar6 // Guardicore – Security Boulevard Webinar
The Era of Software-Defined Segmentation
Current Challenges
For IT…
Visibility & Management
7. 7 // Guardicore – Security Boulevard Webinar7 // Guardicore – Security Boulevard Webinar
The Era of Software-Defined Segmentation
Software-Defined
Segmentation
The Solution
8. 8 // Guardicore – Security Boulevard Webinar8 // Guardicore – Security Boulevard Webinar
A Point on the Name
▪ Also known as Micro Segmentation
• But term is often misconstrued/misinterpreted as a single use case
where segmentation is used between the tiers of an application.
▪ Software-Defined Segmentation
• A better term for the solution.
• Hundreds of use cases where Software-Defined Segmentation can be
utilized.
9. 9 // Guardicore – Security Boulevard Webinar9 // Guardicore – Security Boulevard Webinar
Sample Software-Defined Segmentation Use Cases
Point of Sale Systems
Medical Devices
Dev/User Acceptance/Production Environment
Separation
Separation of IoT/Building Controls/Users/Data Centers
Protection of Legacy Apps/OS’
Micro-Segmentation Between Tiers of an Application.
Digital Crown
Jewels Protection
Compliance
Data Center
Transformation
10. 10 // Guardicore – Security Boulevard Webinar10 // Guardicore – Security Boulevard Webinar
Sample Software-Defined Segmentation Use Cases
PCI
SWIFT
HIPAA
GDPR
California Privacy
NY SHIELD
Digital Crown
Jewels Protection
Compliance
Data Center
Transformation
11. 11 // Guardicore – Security Boulevard Webinar11 // Guardicore – Security Boulevard Webinar
Sample Software-Defined Segmentation Use Cases
Digital Crown
Jewels Protection
Compliance
Data Center
Transformation
Mergers & Acquisitions
Cloud Migration
Hybrid Cloud Integration
12. 12 // Guardicore – Security Boulevard Webinar
Steps to Rollout Software-
Defined Segmentation
14. 14 // Guardicore – Security Boulevard Webinar
Learning from Traditional
Segmentation Fails
15. 15 // Guardicore – Security Boulevard Webinar15 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
Platform Specific
VLANs for on-premises only
Security groups only for cloud
Security Groups per VPC per cloud
provider
Multiple Segmentation Techniques
Have to be Combined.
Management & Resource Intensive
Zero Visibility
Lack of Granularity
VLANs & ACLs Security Groups
Premises Clouds
16. 16 // Guardicore – Security Boulevard Webinar16 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
Multiple Segmentation Techniques
Have to be Combined.
Management & Resource Intensive
Zero Visibility
Lack of Granularity
Multiple management platforms means
resource and cost intensive
“It takes me months to change VLANs”
“IP address changes are a nightmare”
Delays, stalled or failed projects
VLANs & ACLs Security Groups
Premises Clouds
17. 17 // Guardicore – Security Boulevard Webinar17 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
Can’t easily identify traffic flows & app
dependencies
Leads to delays, false positive blocks.
Production downtime
VLANs & ACLs Security Groups
Premises Clouds
Multiple Segmentation Techniques
Have to be Combined.
Management & Resource Intensive
Zero Visibility
Lack of Granularity
18. 18 // Guardicore – Security Boulevard Webinar18 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
VLANs & ACLs Security Groups
Premises Clouds
Web Server
tomcat
Policies are only IP address & port based!
Doesn’t segment enough!
Doesn’t reduce risk!
Doesn’t lead to compliance!
Multiple Segmentation Techniques
Have to be Combined.
Management & Resource Intensive
Zero Visibility
Lack of Granularity
19. 19 // Guardicore – Security Boulevard Webinar19 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
VLANs & ACLs Security Groups
Premises Clouds
NO PROCESS LEVEL POLICIES
Web Server
tomcat
Desired Rule
Multiple Segmentation Techniques
Have to be Combined.
Management & Resource Intensive
Zero Visibility
Lack of Granularity
nginx
Proxy Server
Port 443
evil
Web Server
Tomcat
20. 20 // Guardicore – Security Boulevard Webinar20 // Guardicore – Security Boulevard Webinar
Process based policies? = NO
nginx
Proxy Server
Port 443
evil
Traditional Segmentation
VLANs & ACLs Security Groups
Premises Clouds
NO PROCESS LEVEL POLICIES
tomcat
Multiple Segmentation Techniques
Have to be Combined.
Management & Resource Intensive
Zero Visibility
Lack of Granularity
Actual with VLANs, ACLs & Security Groups
Web Server
Tomcat
Policies are only IP address & port based!
21. 21 // Guardicore – Security Boulevard Webinar21 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
VLANs & ACLs Security Groups
Premises Clouds
Web Server
NO IDENTITY BASED RULES
accounting
databases
Alison
Diane
putty
putty
Accounting
Appsshd
sshd
diagnostics
accounting
Desired Rule
Multiple Segmentation Techniques
Have to be Combined.
Management & Resource Intensive
Zero Visibility
Lack of Granularity jumpbox
22. 22 // Guardicore – Security Boulevard Webinar22 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
VLANs & ACLs Security Groups
Premises Clouds
Web Server
accounting
databases
Alison
Diane
putty
putty
Accounting
Appsshd
sshd
diagnostics
accounting
Actual with VLANs, ACLs & Security Groups
NO IDENTITY BASED RULES
Identity based policies? = NO
Multiple Segmentation Techniques
Have to be Combined.
Management & Resource Intensive
Zero Visibility
Lack of Granularity jumpbox
Policies are only IP address & port based!
23. 23 // Guardicore – Security Boulevard Webinar23 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
VLANs & ACLs Security Groups
Premises Clouds
NO FQDN RULES
accounting
databases
Port 443
accounting
GitHub
Web Server
Internet
Ubuntu
DevOps
Web Servers
DevOps
Other Servers
Desired Rule
Multiple Segmentation Techniques
Have to be Combined.
Management & Resource Intensive
Zero Visibility
Lack of Granularity
24. 24 // Guardicore – Security Boulevard Webinar24 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
VLANs & ACLs Security Groups
Premises Clouds
NO FQDN RULES
accounting
databases
FQDN based policies? = NO
Port 443
accounting
GitHub
Web Server
Internet
Ubuntu
DevOps
Web Servers
DevOps
Other Servers
Actual with VLANs, ACLs & Security Groups
Multiple Segmentation Techniques
Have to be Combined.
Management & Resource Intensive
Zero Visibility
Lack of Granularity
Policies are only IP address & port based!
26. 26 // Guardicore – Security Boulevard Webinar26 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
Firewalls
Perimeter
Perimeter Based
Not at the right location.
Doesn’t follow the workloads
Cost prohibitive
27. 27 // Guardicore – Security Boulevard Webinar27 // Guardicore – Security Boulevard Webinar
Traditional Segmentation
Firewalls
Perimeter
Not at the right location.
Doesn’t follow the workloads
Cost prohibitive
Perimeter Based
You need to be
every where
29. 29 // Guardicore – Security Boulevard Webinar29 // Guardicore – Security Boulevard Webinar
First Gen Software Defined Segmentation Vendors
Means L4 policies – same problems
as traditional segmentation
methods
Not platform agnostic. Have to
have the hypervisor firewall
proximity
Two the three vendors in this space
have moved on to non-hypervisor
methods using agents
Clouds
Vendors Who Offer Limited Visibility
Through a Secondary or Tertiary
Package
Vendors who Focus on Hypervisor(s)
Vendors who use agents with
enforcement done by native OS
firewalls
30. 30 // Guardicore – Security Boulevard Webinar30 // Guardicore – Security Boulevard Webinar
First Gen SDS Vendors
In Linux means IP Tables – this
means the same L4 IP and Port
only policies. Just like traditional
methods
In Windows while you have better
granularity you are missing
important other policy types
No Black Lists/Deny Lists
Means you are fighting local admins
for the policies on the box
More latency in native OS firewalls
Clouds
#1 ISSUE FOUND TODAY IN MOST
SOLUTIONS
Vendors Who Offer Limited Visibility
Through a Secondary or Tertiary
Package
Vendors who Focus on Hypervisor(s)
Vendors who use agents with
enforcement done by native OS
firewalls
31. 31 // Guardicore – Security Boulevard Webinar31 // Guardicore – Security Boulevard Webinar
First Gen SDS Vendors
Integrated visibility is essential in
order to create appropriate labels
and policies
It accelerates segmentation
projects
Visibility means you won’t make
mistakes
Clouds
Vendors Who Offer Limited Visibility
Through a Secondary or Tertiary
Package
Vendors who Focus on Hypervisor(s)
Vendors who use agents with
enforcement done by native OS
firewalls
33. 33 // Guardicore – Security Boulevard Webinar33 // Guardicore – Security Boulevard Webinar
Software-Defined Segmentation – Key Elements
Segmentation
Done Fast
Segmentation
Done Right
Segmentation
Done Easily
We’ve covered the use
cases, the why, the steps,
now the how…
34. 34 // Guardicore – Security Boulevard Webinar34 // Guardicore – Security Boulevard Webinar
Software-Defined Segmentation – Key Elements
Widest Possible
platform Support
Platforms
Bare Metal Hypervisors Clouds Containers
Meta-data Integration
Broadest OS Support
Agent with Own
Firewall (not OS
Native)
35. 35 // Guardicore – Security Boulevard Webinar35 // Guardicore – Security Boulevard Webinar
Software-Defined Segmentation – Key Elements
Orchestration meta-data integration
Widest Possible
platform Support
Meta-data Integration
Broadest OS Support
Agent with Own
Firewall (not OS
Native)
36. 36 // Guardicore – Security Boulevard Webinar36 // Guardicore – Security Boulevard Webinar
Software-Defined Segmentation – Key Elements
Orchestration meta-data integration
Widest Possible
platform Support
Meta-data Integration
Broadest OS Support
Agent with Own
Firewall (not OS
Native)
37. 37 // Guardicore – Security Boulevard Webinar37 // Guardicore – Security Boulevard Webinar
Software-Defined Segmentation – Key Elements
Orchestration meta-data integration
Widest Possible
platform Support
Meta-data Integration
Broadest OS Support
Agent with Own
Firewall (not OS
Native)
38. 38 // Guardicore – Security Boulevard Webinar38 // Guardicore – Security Boulevard Webinar
Software-Defined Segmentation – Key Elements
Enterprises run a very wide array of OS’ imaginable
Automated way to ingest new OS kernels/releases quickly
Support end of life systems as well
Legacy/End of Life Modern
Widest Possible
platform Support
Meta-data Integration
Broadest OS Support
Agent with Own
Firewall (not OS
Native)
39. 39 // Guardicore – Security Boulevard Webinar39 // Guardicore – Security Boulevard Webinar
Software-Defined Segmentation – Key Elements
Policy Granularity
Alison
Diane
putty
putty
Accounting Appsshd
sshd
diagnostics
accounting
accountin
g
GitHub
Web Server
Intern
et
Ubuntu
DevOps
Web
Servers
DevOps
Other
Servers
By Process
By User
By FQDN
Widest Possible
platform Support
Meta-data Integration
Broadest OS Support
Agent with Own
Firewall (not OS
Native)
nginx
Proxy Server
evil
Web Server
Tomcat
40. 40 // Guardicore – Security Boulevard Webinar40 // Guardicore – Security Boulevard Webinar
Software-Defined Segmentation – Key Elements
Policy Black Lists
Widest Possible
platform Support
Meta-data Integration
Broadest OS Support
Agent with Own
Firewall (not OS
Native)
Production
ftpd
telnetd
tftpd
To=cat
41. 41 // Guardicore – Security Boulevard Webinar41 // Guardicore – Security Boulevard Webinar
Software-Defined Segmentation – Key Elements
No Contention with Admins for Control
Consistent Policies & Enforcement Across All Platforms & OS’
Less Latency
Server
tomcatOS Firewall
Agent FW
You have control
Admin/Root
SDS
System
You have less latency
Widest Possible
platform Support
Meta-data Integration
Broadest OS Support
Agent with Own
Firewall (not OS
Native)
42. 42 // Guardicore – Security Boulevard Webinar42 // Guardicore – Security Boulevard Webinar
Software-Defined Segmentation – Key Elements
Real time an historical visibility.
Easily allows you to create/apply labels
Easily understand application dependencies
Allows you to sort in a variety of ways that people
wish to see the enterprise
Visibility
Flexible Labeling
Schema
Policy Wizards
RESTAPI