Name: Smart SOC 2: Automating Compliance with Drata and AWS
Start: 2024-11-12T18:00:00Z
End: 2024-11-12T18:00:59.000Z
Location: BrightTALK
Rating: 0

CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org.  Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa

Cloud Native applications and Services are the workhorses of modern cloud environments. They hold most of the organization's crown jewels and are therefore often the target for insider and outsider threats. Existing cloud security posture management and hardening solutions (CSPM) as well as real time detection and response solution (EDR) operate in Silo mode and are therefore failing to provide systematic security across the lifecycle of Cloud Native assets.

Cloud Security Reimagined: Bridging the Cloud – DevSecOps - Application Security Gap

What are the must-know secrets to multicloud security? Refactoring applications and AI-driven development reshape cloud security, presenting new challenges to organizations. Security experts must figure out how to be the defenders of their cloud without hindering the teams who build and deploy applications in the cloud.

Join Jason Williams, senior product marketing manager at Palo Alto Networks, for a webinar that explores the six key requirements for securing multicloud environments.

In this webinar, you'll gain insights into:
• Achieving unparalleled multicloud visibility that actually helps you understand your clouds and detect threats swiftly.
• Prioritizing and neutralizing risks effectively to maintain a strong security posture amidst evolving threats.
• Implementing advanced security measures to safeguard sensitive information across all cloud environments.

Equip yourself with the knowledge to enhance your multicloud security strategy. Register now to secure your spot and stay ahead in the ever-evolving world of cloud security.

6 Key Requirements to Multicloud Security

Did you know that for every human identity created  there are 92 Non-human Identities? As more and more NHIs & secrets are  being created by the R&D teams, the number and variety of NHIs per organization are exploding. This webinar will explore the importance of integrating Non-Human identity management into a modern application security program. 

• Key challenges organizations face when it comes to NHI's 
• Best Practices 
• The latest and greatest tools and techniques for discovering, managing, monitoring, and protecting NHIs & Secrets. 

Its time to reclaim control over our Non-Human identities!

It’s Time to Reclaim Control Over Your Non-Human Identities

In today’s fast-paced, multi-cloud world, Identity and Access Management (IAM) has become the cornerstone of enterprise security architecture. As traditional firewalls lose effectiveness, identity now serves as the ultimate control surface, ensuring that only trusted users—whether human or machine—can access the right systems, at the right time, and for the right reasons. But what makes a successful IAM strategy?

This webinar will introduce you to the new 7 A’s of Identity and Access Management, a comprehensive framework for managing identity across: Authentication, Access Control, Authorization, Administration, Attributes, Audit, and Availability. Each of these functions plays a crucial role in protecting your organization’s identity data, ensuring compliance, and boosting your overall security posture. By understanding and applying these concepts, you can lay the foundation for identity-first security in your organization and empower a more flexible, scalable, and secure approach to managing identities.

Join Eric Olden—co-author of the SAML standard, author of Identity Orchestration for Dummies, and CEO of Strata Identity—and host Mark Callahan, Chief Solution Storyteller, as they walk us through each of the 7 A’s, providing real-world examples of how enterprises are putting them to work in today’s complex cloud environments. This thought-leadership session will explore the challenges and opportunities facing organizations in the era of Zero Trust identity and provide actionable takeaways to help you build a resilient and secure IAM strategy.

Achieve Zero Trust Identity with the new 7 A’s of IAM

The skyrocketing adoption of AI has raised the stakes for cloud data protection.  The sheer volume of cloud data has made it difficult to discover and classify sensitive data, let alone prioritize the most critical risks to it.  

Join Tenable Cloud Security experts for an in-depth discussion on how to uncover, prioritize and take action on cloud data exposure with Tenable Cloud Security. 

Register for the session to learn how to: 
• Automate and tailor sensitive data discovery and classification across multi-cloud environments using integrated DSPM capabilities
• Use granular identity and access management insights to better prioritize data risk based on potential impact 
• Enforce least privilege access and AI configuration best practices to cloud AI data used in training and inference. 
• Maintain compliance with regulatory requirements and communicate data exposure risk

Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?

Cloud Threat actors are exploiting vulnerabilities and compromising identities to gain unauthorized access to resources in the cloud. With the escalating frequency of cloud-specific threat vectors, cloud security needs to evolve beyond posture management to threat detection and response across all cloud workloads. Watch this webinar with cloud security experts to learn more about:

• What are cloud-conscious adversaries, and how do they operate? 
• Why does cloud security need threat detection and response?
• What makes detection and response different in the cloud
• How multi-cloud workloads can be protected through cloud detection and response

Defending Against the Cloud Adversary: Detection and Response in the Cloud

The phrase “it's not if, it's when”, has been around for decades. However, businesses still aren’t prepared to recover or resist and therefore be resilient to major incidents. In today’s digital landscape, SaaS data is the lifeblood of every organization, and for compliance leaders, safeguarding this critical asset goes beyond traditional cyber security measures—it's about ensuring continuous data protection, compliance, and resilience against growing threats.

Join us this Cyber Security Awareness Month for an exclusive webinar focused on data in SaaS applications like Salesforce, ServiceNow, and Microsoft Dynamics.  We’ll explore ways to preserve the integrity of historical data and changes needed to build trust in your digital future.

The webinar will cover:
• What causes this lack of preparedness and how do we combat it? 
• How can we more accurately estimate the impact and prepare to ensure core operations will continue?
• Proven strategies for fast identification and recovery from unauthorized access and breaches in SaaS applications.

This session will equip you with the tools to build a resilient foundation for swift recovery from cyber attacks. Don't miss the chance to review your data security strategies and ensure your organization is prepared.

Cyber Attacks: It's not if, It's when! Why aren't we prepared?

Join us for an insightful webinar, "Uncovering Gaps: Enhancing Cloud Security Posture Management," where we will delve into the critical aspects of securing your customers’ cloud infrastructure. 

As organizations migrate to the cloud, ensuring robust operating system security has become paramount. This webinar focuses on identifying and mitigating blind spots in Cloud Security Posture Management (CSPM).

As part of the Shared Responsibility Model, our expert speaker will discuss essential strategies for implementing and managing secure landing zones to form a hardened security foundation to fortify your customers’ infrastructure, ensure resiliency, mitigate threats, and comply with industry regulations.

Key Topics:
• Understanding Cloud Security Posture Management: An overview of CSPM and its importance in maintaining operating system security in the cloud.
• Securing Landing Zones: How to leverage security best practices in landing zones to support compliance.
• Build versus Buy: Reduce time and avoid misconfigurations when securing your customers’ cloud migrations and deployment.
• Addressing Gaps: Techniques for identifying and mitigating operating system security blind spots in cloud infrastructure.

While relevant to all organizations utilizing the cloud, this webinar is designed for cloud service provider partners and resellers looking to offer their customers an elevated level of security in their cloud infrastructure.

Don’t miss this opportunity to gain valuable insights and knowledge into how you can leverage best practices and resources from the Center for Internet Security (CIS) on to enhance the security of cloud infrastructure hosted on AWS, Azure, Google Cloud, and Oracle Cloud.

Uncovering Gaps: Enhancing Cloud Security Posture Management

Data is one of the most frequent targets for cyberattacks and also one of the hardest assets to protect. With growing data volumes, increased regulatory requirements and the shift toward AI, organizations face significant challenges in understanding which sensitive data they hold, who has access to it and where it’s exposed.

To regain visibility and control, organizations are exploring data security posture management (DSPM) and data detection and response (DDR) solutions. These technologies help discover, classify and secure sensitive data, providing the necessary tools to manage data risks effectively in an increasingly complex digital landscape.

Watch Prisma® Cloud's webinar to hear from our senior product marketing lead, Sharon Farber, and gain a better understanding of how to:
• Get started with data discovery and classification in cloud complex datastores.
• Discover agentless tools that allow you to see a full picture of data risk in your environment within 24 hours, without impacting other business operations.
• Monitor data and respond to incidents in near-real time.

Securing the Data and AI Landscape with DSPM and DDR

According to a recent survey, 44% of organizations now recognize compliance as a growth opportunity, but 38% of companies stated that not having an adequate compliance posture slowed their sales cycle. By leveraging innovative strategies and tools, you can transform security and compliance from a necessary burden into a powerful sales enabler.

Join Drata and AWS in a fireside chat with Sign In Solutions to learn how they’ve shared their real-time security and compliance posture and greatly expanded their business. By turning trust into a competitive advantage, Sign In Solutions closed 40% more enterprise deals while decreasing the time they spent on security questionnaires by 25%. 

We will cover:
• How transparency can build trust and be an essential business driver
• Steps to empower your sales teams to self-serve security answers
• Best practices when sharing your security and compliance posture

Conquering Security Reviews: How Sign In Solutions Closed 40% More Deals with Compliance Transparency

Enterprises with stringent security and regulatory requirements face the dual challenge of managing complex Public Key Infrastructure (PKI) operations while securing cloud infrastructure against diverse threats. Legacy PKI systems often impede scalability and efficiency, while the shared responsibility model of cloud computing raises significant data privacy concerns.

To address these challenges, Keyfactor and Anjuna have formed an alliance. This partnership integrates Keyfactor's EJBCA Enterprise, a robust PKI platform, with Anjuna Seaglass, the Universal Confidential Computing Platform. Together, they offer a unified solution that simplifies digital identity management and enhances data security.

Join our webinar to learn how this collaboration empowers organizations to navigate PKI complexities and secure cloud environments, ensuring compliance and operational efficiency. Discover practical insights and strategies to streamline your digital identity management and fortify your cloud infrastructure against emerging threats.

Streamline Digital Identity & Secure Your Cloud: Insights from Keyfactor & Anjuna

IT admins and developers are two highly targeted identities for attackers. So what's the best way to tackle their unique access needs without adding hurdles to their day-to-day workflows? Enforce just-in-time access principles and least privilege whenever possible.

Join us for a dive into the practical applications of just-in-time access and newer themes like zero standing privileges. We’ll explore how these concepts can be combined to bring both operational and security focused benefits with the goal of minimizing standing entitlements while maximizing visibility and user experience across data center and Cloud environments.

In this webinar, you will learn how to bring your security program from foundational to exceptional through best practices for both securing IT admins and developers, as well as discover:

• How to deliver measurable cyber risk reduction while maintaining operational efficiency across these sensitive personas
• How to reduce compliance gaps across environments
• How to overcome identity explosion

Implementing Zero Standing Privileges to Secure Your Organizations' Cloud Environments

The rapid adoption of Generative AI (GenAI) is transforming industries, but it brings significant security challenges, especially with the rise of shadow AI. Rather than block GenAI usage, security teams need to implement robust guardrails to enable safe LLM adoption.

Join our expert-led webinar to explore:
• Shadow AI Risks: Understand and mitigate the dangers of unsanctioned GenAI usage.
• OWASP Top 10 for LLMs: Learn how to address emerging threats to data and AI security.
• Copilot Rollout Failures: Analyze examples of rollout failures and how to manage data entitlement risks.
• LLM Firewalls: Discover why these are insufficient alone and what additional measures are needed.
• Security Guardrails: Best practices for securely moving GenAI projects from lab to production.

This webinar is a must-attend for cybersecurity teams aiming to stay ahead to ensure safe GenAI adoption. Register now to learn how to transform from a reactive to proactive GenAI security approach.

From Shadow AI to Secure GenAI: Building Guardrails for Safe Adoption

Dive deep into the heart of Zero Trust security as we tackle fine-grained access policies essential to the Zero Trust mandate of “never trust, always verify.” This session focuses on the challenges organizations face in maintaining an unwavering security posture for privileged users in an ever-evolving threat landscape. Explore the practicalities of implementing centralized context-aware policies that respond in real-time to changing access requirements and threat levels, even after initial authorization.

Zero Trust in Action: Dynamic, Fine-Grained Policies for Continuous Authorization

In today's dynamic digital landscape, organizations face a myriad of challenges in securing their operational environments, which span diverse infrastructures, services, and applications across cloud and on-premises environments. Effective security strategies demand a comprehensive defense-in-depth approach, encompassing proactive security hygiene, posture management, preventive controls, and robust detection and response mechanisms tailored to combat evolving attack vectors.

As the threat landscape continues to evolve, attackers are increasingly adept at circumventing traditional security measures, underscoring the critical importance of detection and response capabilities. 

Join Drata and AWS on August 27th, as we dive into the latest research findings and practical insights to equip security professionals with the knowledge and strategies necessary to enhance their organization's cloud detection and response capabilities. By addressing these challenges head-on and adopting a proactive approach to cloud security, organizations can fortify their defenses against the evolving threat landscape while optimizing operational efficiency and resilience.

From Reactive to Proactive: Strengthening Cloud Security Posture

As we edge closer to 2030, compliance standards are evolving at an unprecedented pace. Join us for "Cloud Control: Scaling Compliance in Cloud Environments Like a Pro" to learn how to navigate these changes effectively. This session will cover the challenges of maintaining regulatory adherence in dynamic cloud infrastructures and how Continuous Controls Monitoring (CCM) and automation can transform your compliance approach. Gain insights into the integration of compliance as code into DevSecOps workflows, ensuring continuous compliance and security.

We’ll provide practical tips, detailed strategies, and real-world examples to help you streamline compliance processes, reduce manual efforts, and enhance efficiency. Hear from industry experts on the latest trends and technologies shaping the future of compliance. Learn how to prepare your compliance strategy for 2030 and beyond.

Cloud Control: Scaling Compliance in Cloud Environments Like a Pro

In this webinar, we’ll dive into the findings from 400+ cloud security pros and investigate why so many are struggling to optimize cloud security despite having adequate funding and multiple point-specific technologies now reaching mainstream.

The webinar will investigate insights such as:
• 85% struggle to prioritize cloud security events (and why)
• 87% have problems managing too many point-specific cloud security tools and data silos (what's the solution?)
• The most overlooked cloud security blindspot (spoiler: it's secrets scanning)
• The top 10 cloud risks and threats organizations face

While the current state of cloud security may be described as “suboptimal"—some may say “broken"—is reason for hope. Register for the webinar now!

2024 Cloud Security Report: From Insights to Action

Small and medium-sized businesses understand the need for SOC 2 to show proof that they are protecting those they do business with, growing their business safely, and closing deals. But where do you get started? 

Join Drata and AWS for a technical deep-dive into achieving and maintaining compliance with your AWS infrastructure. You will learn how to leverage automation to increase efficiency and reduce human error and build a SOC 2 roadmap that helps you achieve compliance today while keeping infrastructure and code compliant year-round. 

Topics covered: 
• Key areas to focus on when approaching SOC 2 on AWS infrastructure
• How to leverage automation and AI to increase efficiency and shift left on your compliance program
• What to expect before, during, and after the audit
• How to stay proactive with your compliance program

* Attendees are eligible for a free compliance assessment. *

Smart SOC 2: Automating Compliance with Drata and AWS

Compliance

Security Automation

CISO

Cloud

Risk Management

SecOps

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Smart SOC 2: Automating Compliance with Drata and AWS

Presented by

About this talk

More from this channel