Webinar Archives
Upcoming Webinars
Mobile security: One size fits nobody
Date: Dec 18, 2014

View archived webinar

The number of remote and mobile workers has grown drastically over the last few years. This growth is beneficial to employers and their employees but it brings with it an inherent set of risks — how do you know that person connecting in is really your employee or that the mobile apps on their device are practicing good security?

Attackers leverage mobile devices to steal or even destroy sensitive data on the device itself as well as using the device as an access point to the internal corporate network. In this Dark Reading webinar, we will discuss the risk posed by mobile and remote access and cover best practices for securing data and connections end to end, from the employee’s device to the data center.

By attending this editorial webinar, you’ll:

  • Discover the ways attackers target the mobile workflow
  • Learn best practices for avoiding intrusion
  • Get valuable reaction tips for when your organization is inevitably targeted for attack
Implementing a Security Maturity Framework: 5 Levels to Improving Your SOC
Date: Dec 16, 2014

View archived webinar

Whether you are a small business or a large organization, having a highly effective security program is critical. Join Bit9 + Carbon Black’s CSO, Nick Levay to learn how you can leverage the Security Maturity Framework to evaluate and improve the effectiveness and efficiency of your security operations team.

Nick Levay, Chief Security Officer, for Bit9 + Carbon Black will discuss:

  • The 5 Step Security Maturity Framework
  • How to utilize a Risk Assessment Matrix to prioritize projects
  • Why governance is critical to an effective SOC
  • Why real world tests are key to a successful and agile SOC

Register now to learn more about how you can utilize the Security Maturity Framework to improve your security operations team.

Security Matters: Threat Assessments for 2015
Date: Dec 11, 2014

View archived webinar

This year has brought profound changes to the security landscape, especially in the area of Distributed Denial of Service (DDoS) attacks. Aside from the traditional saturation objectives of such assaults, DDoS attacks are increasingly used as cyber “smokescreens” to mask more intrusive and more destructive penetration operations. Join Neustar and media leader, Cox Communications, in a forward-looking discussion on what you should consider to safeguard your business in 2015.

During this session, you’ll hear about:

  • 2014 security trends and lessons
  • 2015 DDoS threat assessments
  • Real-world approaches to help keep you safe

Don’t miss this chance to participate in one of the most important conversations you will have this year. Get ready for 2015 by registering today!

 

The DNS Blind Spot: You haven't been looking at DNS in the past - why start now?
Date: Dec 09, 2014

View archived webinar

The Domain Name System (DNS) is a layer of critical infrastructure for how the Internet works. So, it’s not surprising that IT teams allow DNS’s port 53 to be wide open across all networks and systems. According to our survey, 75% of security practitioners do not filter DNS traffic for malicious Internet connections. And it’s rare that DNS activity is used during incident response. This is surprising given that 97% of advanced malware use DNS as part of the attack.

This DNS blind spot has become a hot topic for many security vendors and security practitioners. As the pioneer in DNS-based security, join OpenDNS CTO, Dan Hubbard, as he explains why it’s critical to monitor DNS and examine it in forensic investigations.

In this webinar, you will:

  • See why nearly every Internet connection over TCP/IP, including connections initiated by malware, starts with a DNS request.
  • Learn how DNS, together with other data sources, reveals where on the Internet attacks were launched in the past and where malicious infrastructures are staged for future attacks.
  • Find out how the majority of attacks today can be prevented or contained using DNS.
How to Speed Up Detection of Advanced Attacks
Date: Dec 03, 2014

View archived webinar

Enterprise cyber security breaches often take weeks or months to identify and remediate, causing untold damage to company data. In this special webcast, top cyber forensics experts discuss the methods you can use to find compromises faster, analyze their impact more effectively, and limit the damage they may cause.

Attend this webinar to learn how to:

  • Determine how cyber attackers obfuscate their attacks to make them difficult to detect
  • Recognize information and patterns in existing logs and security data to help identify an attack
  • Uncover best practices for shortening the time period between detection of an attack and remediation of cyber defenses
  • Gain a better understanding of how to use existing security tools and systems to improve incident response times

Register for this webinar to learn how to better recognize sophisticated attacks and more swiftly respond to them, potentially limiting the damage caused by a cyber attack.

Point of Sales System: Architecture and Security
Date: Dec 02, 2014

View archived webinar

To most people, Point of Sale (POS) systems with integrated payment processing are a black box where magic happens. Financial criminals breach hundreds of merchants each year, displaying a better understanding of how these systems operate than the dealer technicians that install and maintain them. With an understanding of POS architecture, integrated payment processing, and weaknesses in the technology, security professionals can better protect local businesses, major retailers, and developers handling payment card information.

Attend this webinar to:

  • Understand how opportunistic attackers breach small businesses and highly skilled targeted attackers bypass multiple layers of defense at large businesses.
  • Fill in your knowledge gap on point of sale systems and the flow of sensitive card data.
  • Dispel common misconceptions on payment security, attacker methodology, and how to see through security vendor hype.
  • Learn effective and efficient risk mitigation strategies for both opportunistic and targeted attackers.

Register for this webinar to learn why detection and response is paramount to a successful defensive strategy.

How to Best Fight Today’s Threats with Next-Gen Threat Response
Date: Nov 20, 2014

View archived webinar

While many organizations understand that today's advanced threats require purpose-built solutions to detect and stop them, the need to complement next-generation threat detection with next-generation incident response capabilities seems to be less well-understood. Instead, organizations try to carry out incident response with outdated manual processes, resulting in high costs from inefficient operations and unresolved incidents.

Attend this webinar to learn how to:

  • Understand what a typical advanced threat looks like and how to detect it
  • Protect your organization against the next generation of rapidly evolving advanced threats
  • Investigate, verify, prioritize and contain security incidents faster and more efficiently

Register for this webinar to learn how an optimized and streamlined approach accelerates incident response time by up to 20X.

Stay Ahead of the Adversary with Network Security Analytics
Date: Nov 19, 2014

View archived webinar

Threat actors often modify their tactics, but their techniques have a longer lifecycle. With network security analytics you can track events over time, empowering you to stay one step ahead of the adversary.

Attend this webinar to learn how to:

  • Establish the benefits of capturing rich metadata
  • Proactively hunt your adversary with network security analytics
  • Utilize network security analytics to solve current industry-wide problems

Register for this webinar to learn how to use network security analytics to stay ahead of the adversary and protect your corporate sensitive data, intellectual property and sensitive information.

Customer Identity: How to Take A Strategic Approach
Date: Nov 13, 2014

View archived webinar

Customer-focused companies strive to make their content available to an ever-growing number of connected users and devices on a much larger scale than ever before. Fortunately, a new consumer-facing solution is gaining currency and has earned a name unto itself: Identity Relationship Management.

Attend this webinar to learn how to:

  • Seamlessly connect customers, devices & things
  • Build relationships
  • Enhance brand equity & grow revenue

Register for this webinar to learn more about the current digital landscape and the business requirements necessary to stay ahead the curve.

How to Take the Complexity out of Compliance
Date: Oct 30, 2014

View archived webinar

Mainframes are well-known for hosting mission-critical corporate information and production applications for many financial, healthcare, government and retail companies that require highly secure systems and regulatory compliance. Demonstrating compliance for your industry can be complex and failure to comply can result in vulnerabilities, audit failures, loss of reputation, security breaches, and even system shut down. How can you simplify enforcement of security policy and best practices? How can you automate security monitoring, threat detection, remediation and compliance reporting? How can you demonstrate governance, risk and compliance on your mainframe?

Attend this webinar to learn how to:

  • Collect and integrate security-relevant events
  • Automate audit analysis to detect potential threats and remediate risks
  • Demonstrate compliance for Sarbanes-Oxley Act (SOX), Payment Card, Industry Data Security Standard (PCI DSS) and Security TechnicalImplementation Guide (STIG).

Register for this webinar to learn how to extend your modern mainframe to help comply with industry regulations, reduce costs and protect your enterprise, while supporting cloud, mobile, social and big data environments.

How to Secure Your AWS Cloud
Date: Oct 28, 2014

View archived webinar

With AWS cloud adoption rapidly growing, you need to make securing your cloud a priority. A breach in security not only endangers your internal network, but can also put your customers’ data in jeopardy. Learn how to build on the AWS security model to protect your data and applications.

Attend this webinar to learn more about:

  • The latest cloud security threat trends
  • Cloud security best practices
  • Leveraging automation

Register for this webinar to learn more about the key steps to securing your AWS Environment.

Card Trends and Payments Fraud in 2014: What You Need to Know
Date: Oct 23, 2014

View archived webinar

With the pressure to adopt EMV in the U.S., the increase in mobile transactions, and growth in alternative payments such as digital wallets, the payments industry is at a crossroad of change. In 2014, one out of every four transactions is conducted on a mobile device. Alternative payments for e-commerce are expected to grow to a $90 billion market by 2017, according to Forrester Research.

Attend this webinar to learn:

  • The latest in EMV adoption and effects of card-not-present fraud
  • How cybercriminals are reacting to emerging market trends
  • Best practices for managing fraud risk

Register for this webinar to learn about the current state of affairs – and the future of cybercrime and fraud – in the payments industry. 

The cost of inaction—what cyber crime could cost your business
Date: Oct 07, 2014

View archived webinar

The average company in the United States loses $12.7 million annually to cyber crime. Other countries are close behind. These are results from the recently completed Ponemon Institute 2014 Cost of Cyber Crime study. You know the risks, but you need the data to plan your defenses and demonstrate the cost of inaction.

View this webinar with Dr. Larry Ponemon to get the information you need. You’ll learn:

  • What cyber crimes are most common and most costly
  • The hidden internal and external costs you incur
  • What security defenses are most effective in reducing losses
  • How businesses with a strong security posture drive down costs
Cloud Data Encryption Myths Debunked
Date: Sep 30, 2014

View archived webinar

Controlling data encryption and key management is a MUST in the cloud. The Internet of Things. Mobility. The app explosion. Big data. As the Internet continues its dynamic evolution in the cloud, the security threat landscape expands alongside it. And in the middle of it all, data is being delivered, accessed, and stored in more places with more devices. Protecting it is paramount.

Attend this webinar to:

  • Dispel common myths of data encryption (the realities may surprise you)
  • Learn the vital role data encryption and key management play in the cloud
  • See how data encryption and key management fit into a broader security framework

Register for this webinar now to learn about a better, smarter approach to data security in the Cloud.

Top 5 Reasons to Switch to a Better Firewall
Date: Sep 18, 2014

View archived webinar

Your firewall is an important piece of your IT infrastructure, so replacing it is a big deal. But how do you make sure that you buy the right solution for your organization?

Attend this webinar to learn about:  

  • 5 reasons to switch to a better firewall
  • Protection from malware threats that won’t sacrifice performance
  • Opportunities for consolidating protection technologies

Register for this webinar to understand the factors you should consider when selecting your next firewall. 

Data Privacy: 2014 Forrester Survey Results
Date: Sep 17, 2014

View archived webinar

The value of information is rising rapidly.  This holds true for both the enterprises uncovering new insights, and those seeking to steal, manipulate or otherwise misuse sensitive data for personal gain.  Forrester has recently completed a Data Security & Privacy study to determine how business leaders are responding to the threat of sensitive data exposure.  In this new era of increased regulation, frequent data breaches and new technology platforms (including cloud, big data, mobile and others) are we doing enough to protect our most valuable asset? 

Attend this webinar to:

  • Learn about the latest findings from Forrester’s Data Security Survey
  • Hear about newest technologies designed to ensure sensitive data protection
  • Gain insight into the privacy and security perspectives of peers around the world
  • Leave with actionable steps to protect your organization’s most valuable asset

Register for this webinar to learn about Forrester's survey findings on data security and privacy.

Multi-Variant Phishing and the New Reality of Mail-Based Threats
Date: Sep 16, 2014

View archived webinar

Many organizations have recognized the threat posed by phishing and have deployed a combination of technology and training to combat what remains the number one threat vector for most organizations. The recent increase in instances of "multi-variant" phishing are now challenging many of these defenses by leveraging a complex, service-based delivery infrastructure to deliver a variety of payloads to victim computers.

Attend this webinar to learn how to:

  • Understand the phishing tools & techniques used by hackers
  • Protect your users, data and organization
  • Get examples of multi-variant phishing campaigns

Register for this webinar to learn more about multi-variant phishing and how to protect your company.

Protecting Your Data from Third-Party Vulnerabilities
Date: Sep 15, 2014

View archived webinar

Recent major security breaches, including a compromise at the Target retail chain, have demonstrated the potential for cyber attackers to reach their targets through business partners and contractors. In this webcast, experts discuss methods for auditing supplier connections to expose potential vulnerabilities before they are exploited.

  • Discuss the various ways that an enterprise might be compromised through partner connections.
  • Highlight recent attacks and exploits that occur through third-party systems and applications.
  • Offer recommendations on how to check/audit third-party systems and applications to expose potential vulnerabilities.
  • Provide tips on how to partner with third parties to ensure better security across the supply chain.
  • Outline methods for working with partners on incident response in the event that a breach does occur.

Cyber attackers are increasingly seeing opportunities for exploiting weaknesses in the “soft spots” of the supply chain. This webcast will help you find ways to defend your enterprise.

How to Manage Security-Compromised Endpoints
Date: Sep 11, 2014

View archived webinar

Online malware and targeted cyberattacks continue to become more sophisticated. While there are many technologies and practices for detecting such threats, there are few simple answers for remediating systems that have been infected. In this webcast, top experts will discuss steps for remediating infected systems that go beyond simple reimaging of the device.

Attend this webinar, which will:

  • Outline the reasons why today’s cyberattacks often are able to circumvent traditional defenses
  • Provide insight on current technologies and practices for detecting and analyzing new infections
  • Offer an overview of current technologies and best practices for handling infections that evade enterprise defenses
  • Discuss ways to remediate infected systems to go beyond simple reimaging
  • Offer recommendations on implementing incident response and remediation processes that deal with the aftermath of an infection/compromise

Register for this webinar to gain insight on what steps to take after an infection occurs.

From Zero-Day Attacks to exploit kits: How to Contain Advanced Threats
Date: Sep 03, 2014

View archived webinar

Security technology is increasingly sophisticated and continues to evolve quickly – so why do attacks still succeed with such alarming frequency? The threat landscape is quickly evolving. Today’s network-based advanced threats are more diverse, more numerous, more refined, more targeted, and more persistent than ever before.

Attend this webinar to learn how to:

  • Understand the nature of advanced threats and why they are difficult to contain with today’s signature-based tools
  • Understand how to maximize the value of the security systems and solutions they already have in place at the web gateway
  • Step through the various methods of attack ranging from basic data theft, Zero-Day attacks, advanced malware, exploit kits and more

Register for this webinar to learn the key questions you must address to strengthen your defenses against advanced attacks.

How Evolved “419 Scammers” Are Targeting the Enterprise
Date: Aug 28, 2014

View archived webinar

Unit 42, the Palo Alto Networks threat intelligence team, recently released a new research paper titled “419 Evolution" on an attack campaign codenamed "Silver Spaniel." The paper describes a series of attacks against businesses emanating from Nigeria. Individuals formerly associated with 419 scams, which have commonly targeted unsuspecting individuals, are responsible for these attacks. These attackers are now using many of the same tools that cyber crime and espionage groups have deployed in the past, making them an emerging threat to the enterprise. In this live webcast with Q&A, researchers from Unit 42 will share key research takeaways from the report.

Join Unit 42 researchers for a live webcast and Q&A that will focus on these key takeaways:

  • Nigerian criminals are now using easily obtained Remote Administration Tools (RATs) such as NetWire, that provide complete control over infected systems
  • Silver Spaniel attacks are specifically designed to evade traditional antivirus programs
  • Indicators of compromise were observed for the NetWire RAT, and Unit 42 recommends protections you can employ against tools used in these attacks

Attend the webinar to find out what you need to know to protect against these advanced threats.

Stop Malware in its Tracks with Crowd-Sourced Threat Intelligence
Date: Aug 12, 2014

View archived webinar

Threat sharing networks have been around for a long time; however they have typically been "invitation-only", available to only large companies, or those within a particular industry. AlienVault OTX is different. It is one of the first (and most diverse) threat sharing networks, open to everyone.

Attend this webinar to learn:

  • How threat intelligence is gathered and vetted in the Open Threat Exchange
  • How to use the threat data provided by OTX free services
  • Examples of the types of threats you can identify with OTX
  • Best practices to investigate and mitigate threats, including a quick tour of AlienVault USM

Register for this webinar to join AlienVault VP of Product Strategy, Russ Spitler, and Systems Engineer, Tom D'Aquino for a practical session covering how to use crowd-sourced threat intelligence to improve network security.

Game Over for Gameover Zeus: Disrupting a Global Cybercriminal Operation
Date: Jul 31, 2014

View archived webinar

On June 2, 2014, Operation Tovar was announced, a multi-national initiative to disrupt the Gameover Zeus botnet and seize infrastructure supporting Cryptolocker ransomware. This initiative was, in part aided by security experts from the Dell SecureWorks Counter Threat Unit (CTU). Gameover Zeus and Cryptolocker were part of a larger cybercriminal ecosystem representative of threats faced by many organizations today.

During this interactive webcast, Ben Feinstein, Director of CTU Operations and Development, will discuss details of the adversary’s operations and tradecraft behind Gameover Zeus and Operation Tovar. Ben will also share clear guidance on how to defend against similar threats in the future. As a result, security professionals can draw lessons on how to better defend against and respond to this broader class of threats. The webcast will answer key questions such as:

  • How did the Gameover Zeus botnet operate and deliver its malware payloads to thousands of systems worldwide? 
  • How was the Gameover Zeus threat group monetizing their botnet?
  • What was Operation Tovar and how did it work?
  • Why do these threats matter to your organization?
  • What concrete actions should your organization be taking to address this class of threats?
How to Avoid Cyber Attack Tools of the Trade
Date: Jul 29, 2014

View archived webinar

There have been multiple high profile worldwide data breaches so far in 2014. Do you wonder what's happening on the US Threat Landscape? Join Alert Logic to hear more about malicious cybercrime, the evolution of hackers, how the underground economy works and how it affects the corporate IT landscape on premises and in the cloud.

Attend this webinar to learn how to:

  • Avoid data breaches, interruptions to availability, and brand damage
  • Understand how the threat profiles in different environments vary and create different security challenges and requirements
  • Work with your cloud or hosting provider with knowledge of how security responsibilities are shared across different parts of the infrastructure stack

Register for this webinar to hear about real threats from a researcher who monitors malicious activity across a wide range of customer environments, from traditional data centers to the cloud, and ask him questions about the ever-evolving threat landscape. This information will help you consider your own security program and investments to maximize their effectiveness. 

Keep your data safe with Dell Data Protection
Date: Jul 24, 2014

View archived webinar

Overcome encryption challenges of the past, with Dell Data Protection | Encryption. From easy deployment to a single management console, learn about the most comprehensive data protection platform to help protect data across your organization.

Attend this webinar to learn how to:

  • How to securely manage your endpoints from a single console while simultaneously providing self-service features for your end-users
  • Best practices for protecting data on PCs, Macs, tablets, external media, phones and the cloud
  • How to easily manage the encryption you already have
  • Plus, how to efficiently audit, report and meet compliance

Register from this webinar to learn from a thought leading security professional with well over 12 years’ experience in network and endpoint security.

How to Prepare for Zero-Day Attacks
Date: Jul 16, 2014

View archived webinar

The HeartBleed bug and then the IE vulnerability brought many companies to their knees. Were you impacted? While you are still working to defend your infrastructure from these two critical threats, the cybercriminal community is working just as hard trying to exploit the weaknesses of your network.  So how well are you prepared for the next zero-day attack?

Attend this webinar to learn how to:

  • Get up to speed on the current threat landscape
  • Discover ways to take advantage of modern-day network security tools and services for ongoing protection against new threats
  • Understand why it truly counts to have a nimble threat research and response team working for you
  • Truly make a big difference to have multiple layers of threat protection to bolster your security posture

Register for this webinar to understand the building blocks of developing a resilient security defense system to help you effectively combat evolving threats as they emerge.

5 Identity and Access Management Myths Debunked
Date: Jul 09, 2014

View archived webinar

We’ve all heard the excuses:

  • “Identity and Access Management (IAM) is too hard and too complex”
  • “IAM is too expensive for me”
  • “It takes too long to achieve success with IAM”
  • “I trust my users, so I don’t need IAM”
  • “IAM doesn’t make me more secure”

We’ve all probably even used one or two of them at times. But whether you believe IAM is just too much for your organization or if you have been “once bitten, twice shy” with a “traditional” IAM solution, the need for identity and access management as a critical component of your security plan will not go away.

Attend this webinar to join Marc Potter, the IAM expert from Dell Software, as we bust the top five IAM myths.  Each myth will be explored in detail and debunked using actual stories from real-life organizations – just like yours.

As a bonus, every web seminar attendee will be sent a copy of Dell Software’s newest book, “IAM for the Real World”.  Register today, spaces are limited!

Stop Letting Security Threats Stop You from Advancing Your Business
Date: Jul 01, 2014

View archived webinar

We all have to protect our environments and ensure internal and external compliance requirements are met. But, how well-equipped are you to transform your security role to one of not just protection and assurance, but of business enablement?

Attend this webinar to learn how to:

  • Eliminate silos of security information in your organization
  • Connect security across your data, infrastructure and applications
  • Protect your data and systems by enabling users to get the right access at the right time

Register for this webinar to learn more about connected security, including network security, identity and access management and data encryption, while also gaining ways to look past the scare tactics, fear, uncertainty and doubt, and focus on the business first.

How to Protect Your Company from Ever-Changing Mobile Threats
Date: Jun 17, 2014

View archived webinar

With the mobile threat landscape evolving with new malware, phishing and advanced threats, enterprises need be more proactive at protecting both their enterprise and their end users. How should you augment your current Mobile Device Management (MDM) environment to provide the mobile security and risk management you need?

Attend this webinar to learn how to:

  • Detect and prevent advanced and malicious mobile threats from exploiting corporate data and applications
  • Implement advanced mobile security that preserves end user experience and privacy
  • Gain visibility into malicious mobile threats for use in broader security and risk management strategy
  • Turn your MDM into dynamic risk based management

Register for this webinar to hear from our panel of security experts from Forrester Research, Intel, and Lacoon Mobile Security to gain practical insight on the steps and tools you need to protect your enterprise from the evolving mobile threat landscape.

Why Simple Security is Better Security
Date: Jun 12, 2014

View archived webinar

Small and mid-sized businesses (SMBs) were the victims in 40% of all data breaches last year, yet security vendors seem to ignore the needs of these businesses when designing their products. Hackers are taking note and actively targeting this big market.

Attend this webinar to learn:

  • Why enterprise-class security offerings are a bad bet for smaller businesses
  • Tips on evaluating and selecting the right security solution
  • The benefits of cloud-managed security

Register for this webinar to join IANS Faculty Member Kevin Johnson and Marty Ward, VP Product Marketing & Corporate Communications at Sophos as they break down the one-size-fits-all approach to enterprise-class security and offer solutions to help simplify your security.

How to Detect SQL Injection & XSS Attacks
Date: Jun 10, 2014

View archived webinar

Two of the oldest and most common attacks used against web applications -- SQL injection attacks and cross-site scripting attacks (XSS) -- continue to impact thousands of websites and millions of users each year. Finding these exposures quickly is essential in order to prevent system compromise and avoid information leakage. SIEM solutions can be invaluable in this effort by collecting and correlating the data you need to identify patterns that signal an attack.

Watch this webinar on-demand to learn:

  • What data you need to collect to identify the warning signs of an attack
  • How to use event correlation to detect cross-site scripting (XSS) and SQL Injection attacks
  • How to identify impacted assets so you can quickly limit the damage

View this webinar now to gain a clear picture of how to use SIEM technology to prevent SQL Injection and XSS attacks.

Insider Threats: How to Find Them Early & Fix Them Fast
Date: Jun 05, 2014

View archived webinar

Your organization has a 50% likelihood of experiencing an insider incident despite deep investments in IT security. Insider threats include fraud, theft of intellectual property, data breaches and leaks, or malicious damage to IT resources. Most organizations that experienced an insider incident indicate it was more damaging than incidents involving hackers. You need the right plan and the right tools to detect, respond and recover from an insider incident.

Attend this webinar to learn:

  • Effective approaches to detect and address insider threats.
  • Research and resources from industry experts to help you prepare and react.
  • Best practices from years of hands-on experience and client engagements.

Verizon data breach investigations report indicates that any breach, insider or otherwise, if found early is 80% less likely to result in damage. Register for this webinar and learn how to find insider threats early and fix them fast.

Agile + DevOps = More Secure Applications
Date: Jun 03, 2014

View archived webinar

Most IT pros understand the benefits of Agile development, and how it can streamline application delivery. What many organizations don't realize, however, is that integrating DevOps with Agile can also increase the security team’s visibility into the dev process. The key is learning to take advantage of these opportunities.

Attendees at this InformationWeek webcast will learn:

  • What benefits DevOps offers the security team.
  • How, and where, to integrate security skill into the process.
  • How to make the most of DevOps. More communication and collaboration equates to more secure development and implementation.

Join Brad Causey and Wendy Schuchart for this informative webcast.

BONUS: All attendees will also receive a complimentary copy of the InformationWeek 2014 DevOps Survey.

Making Cybersecurity Metrics Actionable
Date: Jun 03, 2014

View archived webinar

Building a realistic cybersecurity risk profile for an organization is challenging. It isn't just about collecting more information and assembling more data points – it's instead about framing metrics (many of which organizations probably already have) and tailoring them in such a way that they are contextualized, actionable, and relevant.

In this Dark Reading Webcast, we'll explore:

  • What makes a good metric – what data is being looked at, what benchmarks to compare it to, and why
  • How to tailor risk metrics - how to align metrics with the target audience, creating different "views" of data and creating a tailored picture for your business
  • Integration of internal and external information - ways to align incident and operational information you may have with information about external threats (i.e. Threat Intelligence) to prioritize efforts
  • Strategies to implement – how to get started with a metrics program (particularly if past efforts have been less than successful)
Targeted Attack Defense: Why Humans are the Worst Threat
Date: May 20, 2014

View archived webinar

How attackers exploit end-users have significant security implications for enterprise preparedness and defensive strategies. The vast majority of hacks and data breaches can be traced to phishing emails that were opened by employees in the targeted organization. This webinar will help IT and Information Security decision-makers understand the nature of the generation of targeted phishing attacks, the impact of end-user behavior on their effectiveness, and the limitations of end-user-focused training and awareness efforts.

Attend this webinar to:

  • Learn a data-driven perspective on end-user behavior and targeted phishing campaigns
  • Identify the highest-risk users within your organization-who is clicking and why
  • Defend your organization against sophisticated new “longlining” targeted phishing campaigns
  • Plan for an effective, long-term strategy to adapt to constantly evolving targeted attacks

Register for this webinar to learn how you can mitigate the human factor to improve your defense against targeted attacks. Once you are armed with the details of these potential attacks, you can better arm your security team on where to focus their efforts and how to mitigate the risks with immediate action.

New Incident Response Model Enables Rapid Response to Advanced Attacks
Date: May 08, 2014

View archived webinar

Many enterprises are now realizing that it is no longer a matter of if they will get breached, but rather a matter of when.

Because of this, organizations need security solutions that enable them to rapidly respond to attacks as they happen, as opposed to relying on outdated and expensive incident response services that typically come in post-breach—after data is already out the door.

Register for this webinar to:

    • Uncover the existing challenges for enterprise response teams
    • Discover emerging needs and solutions for today’s advanced and targeted threats
    • Gain best practices on building a pre-breach incident response infrastructure based on real-time detection and an up-to-the-second recorded history

Learn how to save your enterprise time and money while dramatically improving their overall security posture. Register today.

X-Force Threat Intelligence: Protecting Sensitive Data
Date: May 06, 2014

View archived webinar

To effectively combat the rapid increase in attacks, organizations need attack insights from today’s security threat landscape.

Join world renowned experts from the IBM X-Force research team to hear about the latest findings in the latest X-Force Threat Intelligence Report - and discuss how the latest vulnerabilities and security breaches are impacting organizations.

Join this important webinar to:

  • Uncover which attack trends you need to be prepared to address, and explore options to protect against these threats.
  • Gain best practices for implementing an end-to-end data protection strategy including data encryption, monitoring, masking and vulnerability assessment for all data sources and repositories.
  • Learn why the number of overall incidents has increased and the number of leaked records has been steadily rising
  • Discover how more than half a billion records of personally identifiable information - including credit card numbers and passwords - were leaked in 2013
  • Discuss how the actual risks around cloud and mobile are greater than what they are perceived to be

A holistic approach to data security approach is essential for the protection of the entire ecosystem.

Register for this webinar now and find out why data attacks continue to be pervasive and how you can combat them.

BONUS: All Attendees will receive a complimentary copy of: IBM X-Force Threat Intelligence Quarterly Report. The report covers latest security trends—from malware delivery to mobile device risks—based on 2013 year-end data and ongoing research.

Identify Targeted Attacks In Banking With Threat Intelligence
Date: Apr 08, 2014

View archived webinar

Banks and financial institutions have begun to recognize more sophisticated exploits that not only target specific companies, but take advantage of specific vulnerabilities and target specific individuals within the organization.

This webcast offers a closerlook at these attackers, their methods, and some ways to defend against them.

Join “ Analyzing Security Data and Threat Intelligence to Identify Targeted Attacks In Banking,” webinar that will reveal how banks and financial institutions can:

  • differentiate targeted attacks from random hacks
  • leverage tools and best practices that protect against sophisticated attacks
  • use threat intelligence data with internal security information to ferret out targeted attacks
  • respond to targeted attack - and how they can buildstronger defenses against them

This webcast will help you understand the methods and tools used by cyber attackers, and how you can tie your existing security tools to emerging threat intelligence capabilities to improve your cyber defense strategy

Register now.

Understanding and Prioritizing Today's Threats
Date: Mar 27, 2014

View archived webinar

Security is no one-size-fits-all endeavor. In this Webcast, you will learn from the experts how to determine and prioritize which threats apply to your enterprise and how to build in the appropriate defenses against today's constantly evolving attacks.

This webinar will provide insight and advice from renowned security experts on how to:

  • identify which new and existing threats could be used against your organization
  • prioritize these applicable threats
  • pinpoint the proper security practices and processes to protect your resources
  • find possible weak links in your infrastructure that could be abused
  • establish a strategy for triaging new threats

With the overload of information today on new threats, vulnerabilities, and attack campaigns, taking action to protect your organization can be an overwhelming and daunting task. This webinar will help you sift through the growing threat landscape in order to more efficiently and properly prepare your infrastructure for potential attacks.

How To Secure Access in the Era of Mobile, Cloud and Social
Date: Mar 20, 2014

View archived webinar

Enterprises are going through business transformations, while embracing the new technology trends that include mobile, cloud and social.

In this complex IT environment, providing secure access to sensitive data, applications and infrastructure has become more challenging than ever.

Therefore, you need a powerful access management solution that’s built for today’s multi-perimeter world.

Join this webinar to:

  • Discuss how you can prevent insider threat and identity fraud in your complex IT environment.
  • Find out ways to safeguard your mobile, cloud and social interactions especially while accessing corporate resources from outside of your office network.
  • Explore ways to reduce cost and time to value by adopting appliance based access management solution which is easy-to-deploy-and-manage.
  • Get familiar with a new revolutionary access management solution in the market called IBM Security Access Manager, an "All-in-one" appliance
  • Realize what is in store for securing access for mobile application development and adhering to compliance mandates.

Understand the ways you can solve your complex access management problems while adapting new technologies around mobile, cloud and social.

Register Now.

Lessons Learned from the Top Security Breaches of 2013
Date: Mar 17, 2014

View archived webinar

Security breaches in industries like Retail and Financial Services hit home because, on a consumer level, the impact is personal as is the financial loss. But they also highlight the need for strong security policies and procedures regardless of industry. Anywhere valuable information is stored, there is the constant threat of attack. So what can be learned from the top security breaches of 2013? And how can you take action to better protect your business today?

Attend this webinar to learn how to:

  • Understand the threat landscape – have you tested your network for existing vulnerabilities or potential issues? How do you compare with peers and other organizations in your industry?
  • Prepare for the possibility of an attack – do you have an incident response plan in place? How mature are your processes and procedures?
  • Know when to seek help – are you aware of the growing skill gap in the cybersecurity space? Do you understand the impact Security Services can have on extending your capabilities?


Don’t end up in the headlines. Don’t be the next target. Watch this webinar to learn more, and take action to protect your organization today.

The Failure of Traditional Endpoint Protection: How to Defend Your Devices from Advanced Threats
Date: Mar 05, 2014

View archived webinar

Traditional endpoint and server protection solutions have become the punching bag of security.

There is a good reason for that, since solutions including signature-based antivirus have not kept pace in combating advanced threats or zero-day attacks leaving devices defenseless.

A new approach is needed that understands the lifecycle of the attacks, providing capabilities to assess devices, prevent attacks, detect compromise, investigate the incident and finally remediate the environment.

Join Mike Rothman, president and analyst at Securosis, as he describes:

  • The security challenges faced by organizations
  • Emerging endpoint and server protection approaches and technologies
  • How to give your enterprise a chance to protect intellectual property and customer data, and keep business operations running

Register for this webinar to gain a new, research-based approach to endpoint security.

Security Intelligence Solution for System z and the Enterprise Abstract
Date: Feb 06, 2014

View archived webinar

Relying on the security of the mainframe infrastructure is no longer adequate to meet contemporary challenges.

Mainframe data is now assessable via web services, web browsers and mobile devices from anywhere in world.  A more holistic approach to security that considers the entire enterprise is warranted. 

According to the 2011 Verizon Data Breach Investigations Report, greater than 85% of breaches go undetected by the affected organization.  Coupled with the fact that 70% of the world’s production data originates from the mainframe, and then you understand why mainframe customers have a renewed concern about security.

IBM’s Security Intelligence solution provides a massively scalable, real time enterprise security solution that, through the use of advanced analytics, can reduce hundreds of millions security events received daily in to a handful of meaningful events that require action.

  • Recognize the changing risk landscape that now threatens mainframe application and data
  • Recognize the new potential attack surfaces for mainframe applications and data
  • Understand the multi-tiered architectural requirements to monitor and protect the mainframe from more sophisticated attacks.
  • Appreciate the role of Security Intelligence in optimizing and simplifying enterprise security and compliance

Mainframe and enterprise security is a complex, three dimension puzzle: 1) The entire environment must be instrumented to collect security events; 2) Security event information must aggregated to understand the security profile across the enterprise; and 3) Advanced analytics must be applied to the massive amounts of security information to identify those events that require attention. This webinar will present IBM’s Security Intelligence solution for the mainframe and the enterprise.

Adapting Incident Response to Meet the Threat [and Minimize the Impact of a Breach]
Date: Jan 28, 2014

View archived webinar

As the frequency and sophistication of cyber attacks continue to evolve, so too must your capabilities to respond. The reality of security today is that a breach is inevitable. But is your organization prepared for a major compromise today and how will it adapt to a changing threat in the future? Do you really know your environment?  Do you really understand the threat?  Do you know where to focus your limited incident Response Capabilities?  Do you know how to measure the success of your Incident Response and Security plan?

In this webcast, Jeff Schilling – Director of Incident Response and Digital Forensics at Dell SecureWorks, provides a vision for how security must evolve to combat the changing nature of the threat. Jeff will discuss the best methods for layering incident response into the security stack and developing a proven capability to handle a major data breach.  Sharing examples of actual incidents, Jeff will provide practical recommendations you can implement quickly to minimize the “detection to response” window and better protect your networks, servers, hosts and end users.

Privileged Threat Analytics: Detect and Disrupt Network Attacks as they Occur
Date: Jan 23, 2014

View archived webinar

Advanced attacks and malicious insiders are targeting privileged accounts for access to the heart of your enterprise and they are succeeding. Perimeter defenses don’t provide the level of security and reliable protection your organization needs. 

As a result, securing privileged credentials and actively monitoring individual privileged user activity is critical to detecting and stopping attacks in-progress on your network.

Join this webinar to uncover the:

  • Secrets of how criminals are targeting your privileged accounts
  • Techniques you can leverage to secure your privileged accounts
  • Strategies to monitor user behavior that expose compromised accounts

Attend this webinar to learn about the threats to your privileged accounts and how Privileged Threat Analytics, an innovative solution from CyberArk, can identify previously undetectable, malicious privileged user activity and provide immediate, actionable threat alerts.   

Review a short video here:

http://www.cyberark.com/contact/video-introducing-privileged-threat-analytics

Register for this webinar and begin protecting your enterprise in 2014.

Smarter, Shadier, Stealthier Malware: The Latest on Today’s Threats
Date: Jan 22, 2014

View archived webinar

Advanced botnets, exploit kits and Cryptolocker ransomware were a few of the big malware headlines in 2013.  And web-based attacks continue to be the delivery mechanism favored by cybercriminals, making them the biggest threat to your security today. To stay secure, you need to understand the risks and know how these threats work.

Join Sophos security experts Maxim Weinstein and John Shier for a live webcast to learn about the latest trends in malware and what you can do to protect your organization.  They will discuss:

  •  Recent trends in the threat landscape
  •  The complex network of malware distribution
  •  An inside look at Cryptolocker ransomware
  •  How to stay ahead of the latest sophisticated attacks
  •  Predictions for 2014

Register today and be prepared for tomorrow.

Beyond Log Management
Date: Jan 15, 2014

View archived webinar

The threat landscape is constantly evolving, with Advanced Persistent Threats and zero-day exploits challenging our best abilities to keep systems and data safe and secure.  As a result the way we monitor and manage security events is also evolving – and SIEM, which used to be synonymous with log management has evolved to meet today’s threats and prepare for tomorrow’s as well.   Join our complimentary webinar sponsored by Dark Reading and HP to hear from Forrester security expert Edward Ferrara who will discuss how SIEM is evolving and how to best take advantage of the new security tools that puts at your disposal.

Attend this event to learn:

  • How SIEM is evolving in conjunction with the threat landscape
  • Ways application monitoring impacts security management
  • The role of Big Data in correlating security events
  • What do to now to be prepared for the evolution of SIEM

Register now for this important event and bring your questions for our panel of experts to address during the live Q&A following the presentation.

How to Manage Risk & Identify Fraud with Operational Analytics
Date: Jan 15, 2014

View archived webinar

There are a number of operational analytics opportunities and challenges facing decision makers responsible for managing risk and identifying fraud.  Organizations use analytics to examine the business and all its aspects -- its people, its customers, its finances, and its operations. But one of the top use cases is "process and operations optimization and control” -- the heart of operational analytics.

Attend this webinar, presented by an IDC analyst, to learn how to:

  • Assess risks of non-completion of a specific operation within the enterprise
  • Monitor events in order to predict and detect a specific type of operational risk
  • Provide a view that aggregates and combines risks associated with a set of key activities across functions or products or across the enterprise

Register for this webinar, which draws on IDC’s research into Big Data & Analytics trends, to learn about a workload-optimized solution that can support and enable operational analytics for risk assessment and fraud detection.

Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.