Dark Reading Cyber Security Crash Courses
Dark Reading Courses

Enterprise Defense Crash Course  

Thursday, October 6 - Thursday, October 27
Our Lecturer
X
Chris Eng, VP Research, Veracode
Chris Eng, VP Research, Veracode

Chris Eng (@chriseng) is vice president of research at Veracode. Throughout his career, he has led projects breaking, building, and defending software for some of the world's largest companies. He is an unabashed supporter of the Oxford comma and hates it when you use the word "ask" as a noun.


HIDE


Presenter: Michele Fincher, COO and Chief Influencing Agent, Social-Engineer
Sponsor Speaker: Stu Sjouwerman, Founder and CEO, KnowBe4, LLC
Oct 6 1PM
Most major data breaches start with the compromise of a single endpoint a PC, a mobile device, a user who unwittingly gives up credentials. What can your organization to protect its endpoints? How can you create and enforce end user policies that protect your corporate data? In this session, a top expert discusses how endpoints and end users are most frequently compromised and how to keep your end users from falling victim.

Presenter: Andrew Blaich, Security Researcher, Lookout
Oct 13 1PM
Everyone is saying that the introduction of mobile devices and bring-your-own-device (BYOD) policies is a security risk to the enterprise. But exactly where do those risks come from? In this session, a top expert will debunk some of the myths about mobile security while raising up some threats and vulnerabilities you may not know about.

Presenter: Randy Trzeciak, Director, Insider Threat Center, CERT
Oct 20 1PM
Major data leaks such as Edward Snowdens release of NSA data are only the tip of the insider threat iceberg. Every day, enterprises face the threat of losing insider information not only through malicious leaks but through unintentional violations of security rules. How can organizations spot the signs of a data leak and stop it before it goes too far? How can IT help prevent accidental leaks of sensitive data? A top expert offers key advice on stopping data loss from within.

Presenter: Drew Vanover, Director of Technical Solutions, Blue Coat
Oct 27 1PM
As enterprises add new networking capabilities, SDN, and virtualized server environments, the risks they face are changing as well. In this informative session, a top expert on infrastructure security will discuss the latest threats to networks and servers and how your organization can mitigate them.

Archived Tracks
Upcoming Webinars
Webinar Archives
Re-Thinking Your Enterprise IT Security Strategy
Date: Nov 15, 2016
View webinar
Despite enterprises spending more money annually on cybersecurity defense than ever before, the number of businesses compromised continues to increase. Today's approach to data defense isn't where it needs to be and it's time for all enterprises, including yours, to re-think enterprise IT security. This all-day virtual event will offer an in-depth look at some of the myths surrounding enterprise data defense - and how new technologies, better architectures and new ways of thinking could put your business on a path to a more effective enterprise security strategy.

Securing Your Enterprise Infrastructure
Date: Oct 27, 2016
View webinar
As enterprises add new networking capabilities, SDN, and virtualized server environments, the risks they face are changing as well. In this informative session, a top expert on infrastructure security will discuss the latest threats to networks and servers and how your organization can mitigate them.

How Bad Breaches Happen to Good Companies
Date: Oct 27, 2016
View webinar
In this comprehensive webcast, top security experts will join with Dark Reading editors to discuss how breaches begin - and what you can do to stop them. You'll get a look at new Dark Reading research that reveals the latest trends in data breaches and how companies respond to them. You'll get insight on how attackers choose their targets, and how they research and test those targets before they launch an exploit. And you'll get recommendations on how your organization can interrupt the attack chain - and potentially stop a breach from occurring in the first place.

How to Manage Your Data: Get Your Reporting & Analytics Under Control
Date: Oct 26, 2016
View webinar
Do you struggle with standard reporting and the timeliness of those reports? Do you need to see beyond standard reporting and leverage data analytics? Are you using transactional and analytical applications built on separate platforms? There is a better way! You can deliver self-service reporting and analytics to business users in one simple, integrated appliance. Attend and you will learn how to reduce BI costs by standardizing and consolidating reporting, how to deliver advanced analytics without the need for a data expert, and how to get back your time so you can manage your business, not your data.

6 Ways Network Visibility Can Optimize Your Network
Date: Oct 26, 2016
View webinar


Live Demo: Office 365 Provisioning Deep Dive
Date: Oct 25, 2016
View webinar
Since the release of Office 365 five years ago, many of the "easy" Office 365 migrations have been completed. Customers migrating to Office 365 now have much more complex requirements, such as having to work around unique user access and governance challenges that may involve their employees, customers, partners and providers. Solving these unique challenges while providing seamless access across your user populations is an issue many businesses face - but management can be achieved.

Insider Threats & Preventing Data Leaks
Date: Oct 20, 2016
View webinar
Major data leaks such as Edward Snowden's release of NSA data are only the tip of the insider threat iceberg. Every day, enterprises face the threat of losing valuable insider information - not only through malicious leaks but through unintentional, accidental violations of security rules. How can organizations spot the signs of a data leak and stop it before it goes too far? How can IT help prevent accidental leaks of sensitive data? A top expert offers some essential advice on stopping data loss from within.

Security For the Internet of Things - The Missing Link
Date: Oct 19, 2016
View webinar
Whether your business makes connected cars, uses connected medical devices, or employs any other "Internet-enabled" technology, you could be a target for online attackers. As the Internet of Things becomes a broader reality in business, IT and security professionals are being challenged to find ways to secure Internet-enabled technology in all types of non-computer devices. How can Information Security and DevOps develop and manage an effective security strategy for technology? Join IoT security expert John Pironti to discover the five key ways you can make your IoT-connected devices less risky and more secure.

Fooling The Hacker - What Your Enterprise Can Learn
Date: Oct 18, 2016
View webinar
Enterprises spend most of their time avoiding deception and exploits from online attackers. But what happens when the tables are turned? Many are improving their cyber defenses by using "honeypots" and other deceptive techniques to go on the offensive against hackers, gaining insight on their methods before they can do damage to enterprise data.

The Real Risks of Mobile Technology In the Enterprise
Date: Oct 13, 2016
View webinar
Everyone is saying that the introduction of mobile devices and bring-your-own-device (BYOD) policies is a security risk to the enterprise. But exactly where do those risks come from? In this session, a top expert will debunk some of the myths about mobile security while raising up some threats and vulnerabilities you may not know about.

Identify & Remediate Vulnerabilities Hiding In Your Applications
Date: Oct 13, 2016
View webinar
Fixing vulnerabilities isn't just a job for your in-house development team and the giants of Silicon Valley. It's a job for all the developers of the third-party software components embedded in countless applications and services - from open-source, to commercial off-the-shelf, to custom. When there's a vulnerability in one of those libraries, languages, or frameworks - it could be lurking in scores of your applications...do you know which ones? And how do you identify the affected systems, remediate the problem, and secure your company?

Visualization: Let Your Data Speak
Date: Oct 13, 2016
View webinar
Your data analytics project doesn't really achieve a successful completion until you deliver the results to decision makers, whether the recipients are top executives, business unit leaders, or even the public at large. More and more data science teams are delivering those results through data visualization, forsaking those spreadsheets and static charts in printed reports. One of the key advantages to using dataviz is the interactivity and the dynamic nature of data visualizations. But you want to do it right, and remember that your data is telling a story. Get it wrong, and your data just confuses everyone. Be sure to join All Analytics Radio when Berinato shares his advice on best practices -- and bad practices -- in data visualization on Thursday, October 13, at 2 pm ET.

How Voice Network Transformation Can Enable Digital Strategy
Date: Oct 12, 2016
View webinar
Learn how you can quickly and effectively make the upgrades you need to your voice infrastructure, to set the stage for the truly transformational changes that digital transformation can bring. You'll learn how IT leaders are leveraging the potential benefits of these digital initiatives to get funding and support for telecom and network upgrades.

Building Your Next-Gen Security Operations Center (SOCs)
Date: Oct 11, 2016
View webinar
To handle the skyrocketing volume of malware and cyber exploits that hit them each day, many enterprises are building security operations centers (SOCs) that provide a central place for detecting, diagnosing, and remediating online attacks. But thanks to the development of new capabilities and technologies, today's SOC looks very different than those that were built even a few years ago. In this webinar, top experts on building and managing security operations centers will discuss best practices for building and staffing today's SOC, as well as some of the essential tools needed to make the SOC effective.

Endpoints & End Users - Strengthening Your Weakest Links
Date: Oct 06, 2016
View webinar
Most major data breaches start with the compromise of a single endpoint - a PC, a mobile device, a user who unwittingly gives up credentials. What can your organization to protect its endpoints? How can you create and enforce end user policies that protect your corporate data? In this session, a top expert discusses how endpoints and end users are most frequently compromised - and how to keep your end users from falling victim.

Digital Transformation: How Far Along is Your Financial Institution?
Date: Oct 06, 2016
View webinar
The banking industry is undergoing unprecedented changes due to channel proliferation, increasing customer expectations and an increasingly competitive marketplace. Banks must continue to innovate and gain efficiency amidst a flood of incoming data - all while keeping down costs. In order to do this, digital transformation needs to be a priority. Many obstacles stand in the way of this digitalization: evolving business requirements, complex technology and data integration, and long development cycles, slowing speed to market. Banks need to quickly navigate their way through these barriers to achieve digitalization, or risk falling behind the competition.

Core System Testing: How to Achieve Success
Date: Oct 06, 2016
View webinar
Property and Casualty Insurers have been investing in modernizing their core systems to provide flexibility, improve product speed-to-market, support customer growth, and improve underwriting profitability. Many carriers are currently on this transformational journey; and stakes from these transformation initiatives are high, given the large amount spent on initial rollouts and ongoing maintenance of these platforms. It's up to the QA team, with support of IT and business leaders, to focus on quality to achieve the realization of benefits outlined in the business case. Improving the overall quality profile, speed to market, and reduction in costs rely heavily upon automation and application-specific testing approaches.

[Social Media Fraud] Uncovering Tactics & Trends for Cybercrime on Social Media
Date: Oct 06, 2016
View webinar
Social media has taken the world by storm. The number of social media users is expected to grow to a third of Earth's population by 2018 and organizations are expected to spend 21% of their marketing budgets on social media in the next 5 years. Unfortunately, cybercriminals are creating fraudulent accounts to masquerade as corporate brands and defraud unsuspecting fans. In order to stay protected, you'll need to understand how social media threats can impact your organization.

Make IT Security Part Of Your Business Culture
Date: Oct 04, 2016
View webinar
Join us for this webinar as top speakers on social engineering and security awareness discuss how to increase IT Security for your enterprise. Attend and you will understand how to raise consciousness about IT security across your enterprise, discover unique ways your organization can educate users on security threats and appropriate responses, learn to build effective programs that can enable employees to be aware and willing to report potential threats, go beyond basic classes to truly change the thinking in your organization so employees and executives become more aware of IT security.

Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Cybercrime has become a well-organized business, complete with job specialization, funding, and online customer service. Dark Reading editors speak to cybercrime experts on the evolution of the cybercrime economy and the nature of today's attackers.