On December 13 2020, the Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to immediately “disconnect or power down SolarWinds Orion products” as they were being actively exploited by malicious actors.
Infosec Skills author and KM Cyber Security managing partner Keatron Evans is helping numerous clients respond to the breach and mitigate any potential damage. Join him as he discusses:
-What we know about the breach so far
-How his clients have responded to the incident
-What to look for in your environment to see if you’ve been affected
In this webinar you’ll gain the insights you need to solve business problems proactively with IT Service (ITSM) and IT Asset Management (ITAM) working together.
Our panel of speakers will discuss real-world use cases where combining ITSM and ITAM processes, data and insights can be part of an overall plan to maximize operational efficiencies and improve service delivery, while also optimizing compliance and cost.
PaloAlto Networks is world’s Cyber Security leader. Their technologies give 65,000 enterprise customers the power to
protect billions of people worldwide.
Cortex, Demisto & Prisma are the few flagship products to prevent attacks with industry-defining enterprise security platforms. Tightly integrated innovations, cloud delivered and easy to deploy and operate.
Topic: Analysis of the SolarWinds exploit
Axel Kloth, Founder and CTO of Axiado, shares his insights on the so-called SolarWinds hack in 2020. This discussion will cover:
- How it happened
- Why it is dangerous
- What we can and should expect in the aftermath
- Why it is so difficult to remove and prove that it is gone
The presentation is followed by a Q&A session with event attendees.
2021/0/15 - Solarwinds supply chain attack: why we should take it sereouslySirris
In this webinar we explain why the SolarWinds attack is different from all known scenarios and how to protect your company or manufacturing site from it. Act fast, be aware!
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Priyanka Aash
Targeted attacks need targeted Defense
What protocol should we use for CTI information exchange?
How should we describe our indicators of compromise
Structured threat information expression (STIX)
How we can keep information within our defined trust boundaries?
Where to store IOCs?
Threat Intelligence Feeds Lifecycle
How to measure the CTI process?
In this webinar you’ll gain the insights you need to solve business problems proactively with IT Service (ITSM) and IT Asset Management (ITAM) working together.
Our panel of speakers will discuss real-world use cases where combining ITSM and ITAM processes, data and insights can be part of an overall plan to maximize operational efficiencies and improve service delivery, while also optimizing compliance and cost.
PaloAlto Networks is world’s Cyber Security leader. Their technologies give 65,000 enterprise customers the power to
protect billions of people worldwide.
Cortex, Demisto & Prisma are the few flagship products to prevent attacks with industry-defining enterprise security platforms. Tightly integrated innovations, cloud delivered and easy to deploy and operate.
Topic: Analysis of the SolarWinds exploit
Axel Kloth, Founder and CTO of Axiado, shares his insights on the so-called SolarWinds hack in 2020. This discussion will cover:
- How it happened
- Why it is dangerous
- What we can and should expect in the aftermath
- Why it is so difficult to remove and prove that it is gone
The presentation is followed by a Q&A session with event attendees.
2021/0/15 - Solarwinds supply chain attack: why we should take it sereouslySirris
In this webinar we explain why the SolarWinds attack is different from all known scenarios and how to protect your company or manufacturing site from it. Act fast, be aware!
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Priyanka Aash
Targeted attacks need targeted Defense
What protocol should we use for CTI information exchange?
How should we describe our indicators of compromise
Structured threat information expression (STIX)
How we can keep information within our defined trust boundaries?
Where to store IOCs?
Threat Intelligence Feeds Lifecycle
How to measure the CTI process?
Security Information and Event Management (SIEM)hardik soni
Leo TechnoSoft SIEM products help's every enterprise with all security threats. Security information and event management software provides real-time visibility.
Threat hunting - Every day is hunting seasonBen Boyd
Breakout Presentation by Ben Boyd during the 2018 Nebraska Cybersecurity Conference.
Introduction to Threat Hunting and helpful steps for building a Threat Hunting Program of any size, from small to massive.
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
MITRE ATT&CK framework is about the framework that is followed by Threat Hunters, Threat Analysts for Threat Modelling purpose, which can be use for Adversary Emulation and Attack Defense. Cybersecurity Analyst widely use it for framing the attack through its various used Tactics and Techniques.
Despite the amazing technologies available today in cybersecurity, organizations still struggle with the most fundamental challenge that has been around for decades: understanding all the devices, users, and cloud services they’re responsible for, and whether those assets are secure.
These slides—based on the webinar hosted by leading IT research firm EMA and Axonius—explain why solving asset management for cybersecurity is becoming increasingly important, and why something so fundamental has quickly risen to the top of CISOs priority lists.
Security Operations Center (SOC) Essentials for the SMEAlienVault
Closing the gaps in security controls, systems, people and processes is not an easy feat, particularly for IT practitioners in smaller organizations with limited budgets and few (if any) dedicated security staff. So, what are the essential security capabilities needed to establish a security operations center and start closing those gaps?
Join Javvad Malik of 451 Research and Patrick Bedwell, VP of Product Marketing at AlienVault for this session covering:
*Developments in the threat landscape driving a shift from preventative to detective controls
*Essential security controls needed to defend against modern threats
*Fundamentals for evaluating a security approach that will work for you, not against you
*How a unified approach to security visibility can help you get from install to insight more quickly
These are slides from local security chapters meetup, Here I tried to explain the challenges in appsec and complete framework for different life cycle of secure software development cycle
Gartner recently released a report on IT security priorities for the remainder of 2014. Amongst respondents, network security, application security, endpoint security, and security services all ranked highly. In this quick-fire, half-day roadshow, Scalar brings you solutions to these problems from three of our most strategic security vendors, as well as a full presentation on our managed security services portfolio.
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
Gartner recently released a report on IT security priorities for the remainder of 2014. Amongst respondents, network security, application security, endpoint security, and security services all ranked highly. In this quick-fire, half-day roadshow, Scalar brings you solutions to these problems from three of our most strategic security vendors, as well as a full presentation on our managed security services portfolio.
Security Information and Event Management (SIEM)hardik soni
Leo TechnoSoft SIEM products help's every enterprise with all security threats. Security information and event management software provides real-time visibility.
Threat hunting - Every day is hunting seasonBen Boyd
Breakout Presentation by Ben Boyd during the 2018 Nebraska Cybersecurity Conference.
Introduction to Threat Hunting and helpful steps for building a Threat Hunting Program of any size, from small to massive.
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
MITRE ATT&CK framework is about the framework that is followed by Threat Hunters, Threat Analysts for Threat Modelling purpose, which can be use for Adversary Emulation and Attack Defense. Cybersecurity Analyst widely use it for framing the attack through its various used Tactics and Techniques.
Despite the amazing technologies available today in cybersecurity, organizations still struggle with the most fundamental challenge that has been around for decades: understanding all the devices, users, and cloud services they’re responsible for, and whether those assets are secure.
These slides—based on the webinar hosted by leading IT research firm EMA and Axonius—explain why solving asset management for cybersecurity is becoming increasingly important, and why something so fundamental has quickly risen to the top of CISOs priority lists.
Security Operations Center (SOC) Essentials for the SMEAlienVault
Closing the gaps in security controls, systems, people and processes is not an easy feat, particularly for IT practitioners in smaller organizations with limited budgets and few (if any) dedicated security staff. So, what are the essential security capabilities needed to establish a security operations center and start closing those gaps?
Join Javvad Malik of 451 Research and Patrick Bedwell, VP of Product Marketing at AlienVault for this session covering:
*Developments in the threat landscape driving a shift from preventative to detective controls
*Essential security controls needed to defend against modern threats
*Fundamentals for evaluating a security approach that will work for you, not against you
*How a unified approach to security visibility can help you get from install to insight more quickly
These are slides from local security chapters meetup, Here I tried to explain the challenges in appsec and complete framework for different life cycle of secure software development cycle
Gartner recently released a report on IT security priorities for the remainder of 2014. Amongst respondents, network security, application security, endpoint security, and security services all ranked highly. In this quick-fire, half-day roadshow, Scalar brings you solutions to these problems from three of our most strategic security vendors, as well as a full presentation on our managed security services portfolio.
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
Gartner recently released a report on IT security priorities for the remainder of 2014. Amongst respondents, network security, application security, endpoint security, and security services all ranked highly. In this quick-fire, half-day roadshow, Scalar brings you solutions to these problems from three of our most strategic security vendors, as well as a full presentation on our managed security services portfolio.
Join us on our upcoming BYOP (Bring Your Own Pizza) "Application Security Meetup" to hear about the latest cyber security breaches, trends and technologies in modern application development.
Agenda:
17:00 - 17:10 - Opening words - by Lior Mazor (Organizer)
17:10 - 17:35 - 'Recent cyber security attacks in Israel' - by Lior Mazor (Organizer)
17:35 - 18:00 - ‘How to deliver a secure product’ - by Michael Furman (Tufin)
18:00 - 18:30 - 'Hacking serverless - Introduction to Serverless Application Security' - by Yossi Shenhav (Komodo)
18:30-19:00 - ‘Post Apocalypse: Exploiting web messaging implementations’ - by Chen Gour-Arie (enso security)
You will learn what is Security Development Lifecycle (SDL).
You will understand why SDL is important.
You will dive in details of SDL and you will see tips for each SDL phase.
You will realize how to roll out an SDL in your organization.
Finally, you will have all skills to deliver a secure product.
Protecting endpoints from targeted attacksAppSense
On this AppSense webinar, guest speaker Chris Sherman, Forrester Research analyst, shared five principles for an effective endpoint security strategy. Anti-virus software isn't enough anymore.
Dan O'Farrell, Sr. Director of Product Marketing for Cloud Computing at Dell, shared how highly-regulated industries have embraced VDI to increase security and reduce costs.
And Bassam Khan discussed how AppSense offers privilege management with just-in-time self-elevation and application control through trusted ownership. This allows you to manage and secure your endpoints while providing a great user experience. And our latest product, AppSense Insight, offers endpoint analytics. Contact us to request a demo at iwanttoknowmore@appsense.com.
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
James Brown, Director of Cloud Computing & Security Architecture, Alert Logic covers:
• The shared security model: what security you are responsible for to protect your content, applications, systems and networks vs AWS.
• Overview of the OWASP Top 10 most critical web application security risks (such as SQL injections)
• Best practices for how to protect your environment from the latest threats
Learn more about how organizations prevented downtime with #BigFix in the wake of #wannacry. References and Use Cases along with a review of our BigFix Solution.
https://www.ibm.com/connect/ibm/ca-en/resources/tomjs/
Behind the Curtain: Exposing Advanced ThreatsCisco Canada
Today's advanced threats hide in plain sight, patiently waiting to strike, challenging security teams to track their progress across their network and endpoints. Meanwhile, executive and board-level reporting requirements are increasing as leadership demands in-depth answers that are unavailable from today’s block/allow security tools. With 55% of organizations unable to identify the origin of their last security breach, it’s time to stop relying on tools that define security based on what they see ‘out there’ and instead hunt for threats by tracking files, file relationships, and both endpoint and network behavior ‘in here’—inside your environment. In the first part of this interactive session, learn how Cisco’s Advanced Malware Protection (AMP) solutions use big data analytics to compare a real-time, dynamic history of your environment to the global threat landscape, automatically uncovering and blocking advanced threats before they strike. Then watch workflow examples demonstrating how your security team can use this advanced visibility and control to dramatically improve their efficiency and finally deliver the business 100% confidence answers.
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
In order to effectively defend your organization, you must think about the offensive strategy as well. But before we get ahead of ourselves let’s talk briefly about the building blocks of a good offense. First is an architecture that is built around a security policy that is aligned with the business risk. Risk must be understood and a cookie cutter approach must be avoided here because again every organization is different and so are their risks.
Threats have increased exponentially. Current indicators show a massive increase in threat vectors as a result of COVID-19. What makes this more unsettling is the fact that most ransomware will remain dormant for months before activating. Check out this presentation with ATC provider, TPx. Topics covered during this virtual event include: firewall security, firewall software, endpoints, malware, backups and DR, managed security services and TPx MSx.
Becoming Secure By Design: Questions You Should Ask Your Software VendorsSolarWinds
The next cyberattack is always around the corner, but you can use every minor incident to help you prepare for major ones. Designing your environment with security in mind at every step will help you better prepare, and you must make sure all those who contribute to your environment are equally secure, including your software partners.
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Description : Organizations have spent massive amounts of money to protect the perimeter of their networks, but if your business exists on the internet, there really is no perimeter. In this presentation, we'll discuss Digital Footprints in understanding your company’s external attack surface. We will discuss social, mobile, web attacks and analyze and review lessons learned recently publicized attacks (Polish banking institutions, Apache Struts Vulnerability or WannaCry ransomware. The speed of business and cybercrime isn't slowing down, so how can you be prepared to address and defend against these types of threats? Attend our session to find out how.
Reducing Your Digital Attack Surface and Mitigating External Threats - What, Why, How:
What is a Digital Footprint?
Breakdown of External Threats (Social, Mobile, Web)
What are blended attacks?
What is actually being targeting at your company?
How are your brands, customers, and employees being attack outside of your company?
How to become proactive in threat monitoring on the internet?
Considerations in External Threat solutions
Threat correspondence tracking considerations
Is legal cease and desist letters adequate in stopping attacks?
Examination of a phishing attack campaign
How phishing kits work
Analysis and lesson learned from recent published attacks
What are the most important capability in a digital risk monitoring solution?
Why You'll Care More About Mobile Security in 2020tmbainjr131
This is a presentation I delivered in September 2015 at the Hacker Halted conference in Atlanta. This prezo looks at trends in mobile security, common & emerging exploits and best practices for organizations to think about implementing.
Why You’ll Care More About Mobile Security in 2020 - Tom BainEC-Council
What is “mobile security?” Seriously, what is it? Is it hardening controls, policy enforcement, knowing how to test mobile apps, mobile antivirus? And how do I map mobile security into an enterprise security strategy?
A year later, it’s still as ubiquitous as it has ever been. However with the sophistication of device-based attacks and with the sheer volume of mobile malware exploding, mobile security maintains its status as a major pain point and a critical element you have to consider when building a security program.
Given the research available and the increasing threatscape, mobile security preparedness predicated on managing the strategy is a better option than reactionary measures. What’s new in 2015 is there is more sufficient evidence that mobile attacks will further penetrate enterprise systems based on the increase of mobile device ‘involvement’ in many major hacks (not necessarily root cause traced to devices or compromised mobile apps)
This presentation will discuss the key trends impacting mobile security and will lay out an updated set of building blocks to produce a holistic mobile security model: from BYOD to mobile policy development to MDM; common and emerging exploits and targeted malware; the myriad of possible mitigations; and the notion of trusted software vs device-specific consideration.
Additionally, before we look at policy implementation best practices, we’ll look at a few key use cases and review a few sample enterprise models to learn how some of top organizations are managing mobile security. Finally, the presentation will take a five-year look outward to determine what impact mobile security will have long-term.
AWS Certified DevOps Engineer: What it is and how to get certifiedInfosec
Watch the full webinar here: https://www.infosecinstitute.com/webinar/aws-certified-devops-engineer-what-it-is-and-how-to-get-certified/
Cloud infrastructure is the backbone of many organizations and services, and DevOps engineers are the professionals tasked with ensuring those systems are responsive, available, scalable and secure. The AWS Certified DevOps Engineer – Professional certification validates your skills in provisioning, operating and managing distributed AWS cloud systems.
Join us on March 27 at 11 a.m. Central to learn how this AWS certification can benefit your career — and what to expect in the first-ever live AWS boot camps from Infosec. In less than 30 minutes, you’ll learn:
- What’s on the AWS Certified DevOps Engineer exam (DOP-C02)
- Career paths AWS certification holders
- Ways you can train and get certified
- Plus Q&A from live attendees
AWS Cloud Operations Administrator: What it is and how to get certifiedInfosec
Watch the webinar here: https://www.infosecinstitute.com/webinar/aws-certified-sysops-administrator/
As the AWS cloud market continues to expand, professionals are needed to administer those systems. AWS Certified Cloud Operations Administrator training prepares you to earn your AWS Certified SysOps Administrator certification — and validates your skills in deploying, managing and operating AWS workloads.
Join us to learn how this AWS certification can benefit your IT and cybersecurity career — and what to expect in the first-ever live AWS boot camps from Infosec. In less than 30 minutes, you’ll learn:
- What’s on the AWS Certified Cloud Operations/SysOps Administrator exam (SOA-C02)
- Career paths AWS certification holders
- Ways you can train and get certified
AWS Certified Security - Specialty: What it is and how to get certifiedInfosec
Watch the webinar: https://www.infosecinstitute.com/webinar/aws-certified-security---specialty-what-it-is-and-how-to-get-certified/
Cloud security skills are among the most in-demand in 2024, and if you work in the cloud, there’s a good chance it involves AWS. The AWS Certified Security - Specialty certification validates your skills in creating and implementing AWS cloud security solutions.
Join us on March 13 at 11 a.m. Central to learn how this AWS certification can benefit your cybersecurity career — and what to expect in the first-ever live AWS boot camps from Infosec. In less than 30 minutes, you’ll learn:
- What’s on the AWS Certified Security exam (SCS-C02)
- Career paths AWS certification holders
- Ways you can train and get certified
- Plus Q&A from live attendees
Watch the webinar here: https://www.infosecinstitute.com/webinar/aws-certified-solutions-architect-what-it-is-and-how-to-get-certified/
Amazon Web Services (AWS) is the market leader for cloud infrastructure, and the AWS Certified Solutions Architect – Associate certification validates your knowledge and skills in designing secure, resilient, high-performing and cost-optimized architectures.
Join us to learn how this AWS certification can benefit your career — and what to expect in the first-ever live AWS boot camps from Infosec. In less than 30 minutes, you’ll learn:
What’s on the AWS Certified Solutions Architect exam (SOA-C02)
Career paths AWS certification holders
Ways you can train and get certified
This webcast is part of the Infosec AWS Training Series: https://www.infosecinstitute.com/resources/?q=aws&Type=Webcast+and+video
Infosec and AWS - A new way to train for your AWS certification (1).pptxInfosec
Watch the webinar: https://www.infosecinstitute.com/webinar/infosec-and-aws-a-new-way-to-train-for-your-aws-certification/
Amazon Web Services (AWS) certifications are some of the most pursued in the IT and cybersecurity industry, by both employers and professionals. And now, there’s a new way to train for them with Infosec.
Join us to learn about the new partnership between AWS and Infosec, making Infosec an authorized live boot camp training provider for AWS certifications. You’ll learn:
- How AWS certification can boost your career
- Which AWS certification is right for you
- How the new AWS live boot camps will work
- Plus Q&A from live attendees
This webcast is part of the Infosec AWS Training Series: https://www.infosecinstitute.com/resources/?q=aws&Type=Webcast+and+video
How AI and ChatGPT are changing cybersecurity forever.pptxInfosec
Watch the full webinar (and demo) here: https://www.infosecinstitute.com/webinar/how-chatgpt-and-ai-are-changing-cybersecurity-forever/
Artificial intelligence (AI) technologies are reshaping both how cybersecurity is done and how people learn cybersecurity. In this live demonstration, Infosec’s Keatron Evans will demonstrate how you can use ChatGPT to perform cybersecurity functions and teach yourself new skills — right now.
Join us on February 23 at 11 a.m. Central to get a practical, hands-on approach around how to use AI for your cybersecurity needs. You’ll learn:
- How malicious actors use AI tools like ChatGPT
- Ways for cybersecurity professionals to get started with AI
- How AI tools can help you learn quicker and better
- Plus Q&A from live attendees
2023.06 - CompTIA Security+ Everything you need to know about the new exam .pptxInfosec
Watch the webinar here: https://www.infosecinstitute.com/webinar/comptia-security-everything-you-need-to-know-about-the-sy0-701-update/
CompTIA’s Security+, the most popular cybersecurity certification in the world, is getting an overhaul! The updated exam (from SY0-601 to SY0-701) re-aligns the certification to match the most in-demand entry-level cybersecurity skills and trends heading into 2024.
Join Patrick Lane, Director of Certification Product Management at CompTIA, to learn how the Security+ certification is evolving so it remains the “go-to” certification for anyone trying to break into cybersecurity. You’ll learn about:
- Evolving Security+ domain areas and job skills
- Common job roles for Security+ holders
- SY0-601 and SY0-701 exam timelines
- Tips to pass the updated Security+ exam
- Plus Security+ questions from live viewers
Learn how to roll out a successful Cybersecurity Awareness Month program that boosts employee engagement all October (and beyond).
Join Infosec’s Emma Waite and Camille Raymond to learn:
- What employee-related risk data is needed to quantify success
- How to communicate your NCSAM plans to stakeholders
- The content and cadence appropriate to drive engagement
- Creative ways organizations are celebrating NCSAM
- How to continue the momentum after October
CompTIA CySA+ certification (CS0-003) changes: Everything you need to knowInfosec
Watch the webinar here: https://www.infosecinstitute.com/webinar/comptia-cysa-certification-changes-everything-you-need-to-know/
Information security analyst is one of the fastest-growing job categories in the U.S., with 35 percent overall growth expected by 2031. CompTIA’s Cybersecurity Analyst+ (CySA+) is one of the most popular certifications related to the role — and it’s getting an update in 2023 to align with the most in-demand knowledge and skills requested by employers.
Join Patrick Lane, Director of Certification Product Management at CompTIA, to learn everything you need to know about the latest CySA+ certification and exam (CS0-003) updates, including:
- Evolving security analyst job skills
- Common job roles for CySA+ holders
- What’s changed from CS0-002 to CS0-003
- Tips to pass the updated CySA+ exam
- Plus CySA+ questions from live viewers
Skills training value: How to differentiate your staff and your organization ...Infosec
Watch the full webinar here: https://event.on24.com/wcc/r/4125122/E0E3F3F43BABD48134E3909C4577F5EA
Hiring skilled people is hard. Once you get them, you want to retain them — and increase their value to your customers. Save your spot to learn more about:
- Challenges with getting and retaining internal talent
- How better skillsets affect margin/profitability
- Using Infosec Skills to attract highest-quality hires
- Using Infosec Skills to upskill your internal team
- Reselling Infosec Skills to your end-user
Learning ≠ Education: How people really learn and what it means for security ...Infosec
Emotion and passion are the two most essential elements in understanding how people learn. Often, the initial response to security threats is throwing technology at the problem. But as we know, you can’t fix all of your security issues without understanding the role humans play in the process.
Join Nick Shackleton-Jones — 30-year learning and development vet, Former CLO at Deloitte UK and CEO and Founder of Shackleton Consulting — to better understand:
- The difference between learning and education
- What really drives how employees learn
- How to develop a growth mindset that truly changes employee behavior
Watch the full webcast here: https://www.infosecinstitute.com/webinar/adult-learning-security/
Security awareness training - 4 topics that matter mostInfosec
National Cybersecurity Awareness Month (NCSAM) is right around the corner. Now’s the time to level up your security awareness training program — and instill best practices in employees that will help keep them (and your organization) secure year-round.
Join us to learn about the four key employee behaviors for NCSAM 2022. All registrants will receive a free Cybersecurity Awareness Month Toolkit, which includes:
1 training module & assessment
5 posters & infographics
1 employee presentation
4 email templates
And more
Join the hunt: Threat hunting for proactive cyber defense.pptxInfosec
As threat hunters, you already know staying ahead of the adversary demands a proactive approach to threat detection and response. Don your virtual threat hunting gear and join Infosec Principal Security Researcher Keatron Evans as he goes sleuthing for cyber threats.
Join us for practical threat hunting insights and career recommendations, including:
Threat hunting knowledge and skills to accelerate your career
How to help clients navigate the threat hunting toolbox and prioritize technology investments
Live demos of notoriously hard-to-detect adversarial behavior like memory-only malware and living-off-the-land techniques
One lucky attendee will win a free year of Infosec Skills. Complete the form to save your seat!
P.S. Don’t miss our novice-level threat hunting session: Threat hunting foundations: People, process and technology.
Threat hunting foundations: People, process and technology.pptxInfosec
Ever wonder what threat hunting is all about? Join Infosec Principal Security Researcher Keatron Evans as he breaks down the basics of what it’s like to have a career hunting down potential cyber threats.
Join us on for an inside look at a day in the life of a threat hunter, including:
Why threat hunters are more critical today than ever before
Knowledge and skills needed to drive threat hunting success
Live demos of essential threat hunting skills and tools used to detect and mitigate adversarial behavior
One lucky attendee will win a free year of Infosec Skills. Complete the form to save your seat!
P.S. Want to go even deeper into threat hunting? Don’t miss our advanced threat hunting session on June 28, Join the hunt: Threat hunting for proactive cyber defense.
It’s been more than a decade since Marc Andreessen popularized the idea that “every company needs to become a software company.” But in 2022, just being a software company isn’t enough; you need to become a secure software company.
That’s why Ted Harrington created a new Infosec Skills learning path based on his best-selling book, “Hackable: How to Do Application Security Right.” Whether you create code, secure systems or manage organizational risk, understanding application security has become a must-have skill. Join us to learn how to:
Avoid common application security mistakes
Implement best practices to secure software systems
Create the business case for security as a competitive edge
Plus, get your live questions answered by Ted
Every registrant will get a free copy of Ted’s new ebook, “How to secure your software faster and better.”
A public discussion about privacy careers: Training, certification and experi...Infosec
The word privacy can have so many meanings. Whether personal, professional or procedural, privacy can be a state of being, an action that requires compliance or a created space of safety.
Join Infosec Skills authors Chris Stevens, John Bandler and Ralph O’Brien as they discuss the intersection of privacy and cybersecurity. They’ll help you walk a path that will lead to an engaging career as a privacy specialist — a job role that grows with more opportunities year after year!
The panel will discuss:
Privacy as it relates to cybersecurity
Privacy certifications that align with your career path
Best practices for studying for IAPP certification exams
Tips for getting experience in the field of privacy
Interviewing for the privacy position you’ve been searching for
Plus your live questions on privacy as a career
Learn intrusion detection: Using Zeek and Elastic for incident responseInfosec
Intrusion detection is a foundational skill for many cybersecurity careers. Learn how intrusion detection works in action in this live webcast. Then take these free intrusion detection system (IDS) tools and start building your skills.
Join Infosec Skills author Mark Viglione on March 8 at 11 a.m. CST to learn all about:
What is intrusion detection?
How intrusion detection fits into different career paths
Live demo of Zeek for log analysis
Live demo of Elastic SIEM for incident response
Plus your live intrusion detection and career questions
There are 4.19 million cybersecurity professionals worldwide, but another 2.7 million are needed for organizations to adequately defend their critical assets, according to (ISC)². Learn how you can get started in cybersecurity and build a career in this lucrative and rewarding field.
CompTIA PenTest+: Everything you need to know about the examInfosec
Penetration testers find and report vulnerabilities before they can be exploited. CompTIA’s PenTest+ is one of the best certifications to validate those skills, and it’s being updated to align with the most up-to-date hacking and pentesting skills requested by employers in 2021.
CompTIA CASP+ | Everything you need to know about the new examInfosec
Want to be an advanced cybersecurity practitioner? Then CompTIA’s CASP+ certification may be the perfect fit for you. The popular certification is getting an overhaul heading into 2022 to ensure it validates the most relevant and in-demand skills — from security architecture and operations to engineering and governance.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
4. What happened?
● FireEye discovered a global attack targeting customers of SolarWinds’ Orion product line. We are tracking
the actors behind this campaign as UNC2452.
● The attack trojanized SolarWinds Orion business software updates in order to distribute malware called
SUNBURST.
● Post exploit activity including horizontal movement has been prevalent.
● The campaign is widespread, affecting public and private organizations around the world.
● FireEye is releasing signatures to detect this threat actor and supply chain attack in the wild. These are
found on our public GitHub page. FireEye products and services can help customers detect and block
this attack. https://github.com/fireeye/sunburst_countermeasures
Sources – FireEye www.fireeye.com, www.mcaffee.com
5. Key findings about malware so far
● Has interest in cloud services and wireless network
usage of victim
● Looks for Solarwinds tools that collect registrant email
addresses, time zone info, etc.
● Has Domain Generation Algorithm for sub-domain
generation for comms back to C2
Sources –
FireEye www.fireeye.com,
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/additional-analysis-into-the-sunburst-backdoor/
7. Responding to the incident
● What horizontal movements are detectable
● Patterns that may not be talked about in the
public domain yet
● Implementing countermeasures and IOC search
criteria with Snort from scratch
8. Take action immediately
● Go to FireEye Github and get the IOC’s
and countermeasures
● Implement in your environment
● Check with your preferred security
vendors
● Keep up to date on new developments
9. Some industry responses
FireEye
● Published IOC's for everyone to use
● Published recommend steps to recovery
● Basically provided free Incident Response Advisory Services to the world
Microsoft
● Invalidated malware certificates
● Sinkholed one of the main CnC domains
● Updated Windows Defender to look for Sunburst
10. Some industry responses
McAfee
● Sharing detailed reverse engineered intelligence
● Updated in real time
Others in the industry
● Other associates/responders
● My personal network
● Countless MSSP’s, SIEM vendors, etc.
● Contributions are growing by the minute
13. Keep your skills sharp
Want to learn Snort, Zeek, memory
forensics and other pertinent skills?
Subscribe to Infosec Skills using
Keatron’s code “evans50” to save
50% on your first month or first
year.
infosecinstitute.com/skills
15. About us
Infosec believes knowledge is power when fighting
cybercrime. We help IT and security professionals advance
their careers with skills development and certifications
while empowering all employees with security awareness
and privacy training to stay cyber-safe at work and home.
www.infosecinstitute.com