Name: Ransomware Best Practices: Agentless Threat Hunting
Start: 2022-03-02T18:00:00Z
End: 2022-03-02T18:00:26.000Z
Location: BrightTALK
Rating: 0

Gigamon® offers a deep observability pipeline that efficiently delivers network-derived intelligence to cloud, security, and observability tools. This helps eliminate security blind spots and reduce tool costs, enabling you to better secure and manage your hybrid cloud infrastructure. Gigamon has served more than 4,000 customers worldwide, including over 80 percent of Fortune 100 enterprises, 9 of the 10 largest mobile network providers, and hundreds of governments and educational organizations.

Imagine the possibilities when service providers can easily access valuable insight about their mobile subscriber base. Information such as what devices and OTT applications subscribers are using as well as when and where they use the mobile network. Marketing, advertising, infrastructure planning, customer service, and product development can all benefit from better subscriber insight, but traditional approaches to collect this data have been costly and complex. In this session, we will cover the latest Gigamon solution innovation that cost-effectively delivers enriched mobile subscriber metadata directly to data lakes and analytics engines, enabling service providers to realize the full potential of subscriber data.

Learn What’s Possible with Enriched Mobile Subscriber Analytics

GigaVUE-OS and GigaVUE-FM offer a rich set of features and capabilities - so many that users can be overwhelmed. In this session, we’ll highlight five high-value features that you may not know about but that could dramatically improve the return on your investment, optimize your workflows, make your tools more efficient, and help keep your networks healthy and secure.

Five Capabilities of GigaVUE-OS and GigaVUE-FM You May Not Know

It’s not a matter of “if” but “when” organizations are breached. That’s the premise that Federal agencies operate under and it’s one that would be prudent to follow. With an Assumption of Compromise, it’s assumed that threat actors are currently living off the land (LTOL) using applications and protocols already available in workloads. Why LTOL and similar attacks can go unnoticed is because of a critical gap in traditional logging that is often overlooked. Learn why relying on logs from a firewall or router as the single source of truth is not enough. In this session, we will take a broad look at logging from the perspective of government threat hunting, and how it can be greatly enhanced with network-derived intelligence to make it far more resilient and harder for bad actors to defeat.

The “Assumption of Compromise”: Government Agency Best Practices

The need to inspect encrypted traffic is critical given the prevalence of encrypted malware lurking in our midst. But with over 90 percent of enterprise data being encrypted, managing this traffic and determining when and where to decrypt it remains a significant challenge for many organizations. Gigamon provides a range of decryption solutions and in this session, we’ll explore the pros and cons of the most common deployment scenarios and help you to learn how to decide which model is most efficient and effective for your organization.

Decryption Lessons Learned: The Most Efficient Deployment Models

Not knowing whether a performance bottleneck is caused by the network or the application itself often leads to a “blame game” among application, network, and cloud teams. This finger pointing can delay resolution and also stifle collaboration. Join us to learn how Gigamon can help you to more quickly and precisely pinpoint the root cause of performance bottlenecks and finally end the “blame game”.

End the “Blame Games” with High-Precision App Troubleshooting

As organizations venture deeper into using complex infrastructures, they are met with the challenge of how to effectively secure lateral movement across all environments.
Join Vectra AI and Gigamon to learn how the biggest dilemma lies in the removal of visibility gaps across all the areas where traffic traverses including North-South, lateral, encrypted, and ingress-egress traffic. Especially in hybrid cloud architectures that rely on public cloud services.    

During this webinar, Vectra AI and Gigamon experts will discuss:
• Challenges customers face when securing their hybrid-cloud infrastructure
• How to address gaps in existing lateral security strategy
• How you can create a lateral security posture that balances effectiveness and cost-efficiency

Secure Lateral Movement in Hybrid Cloud Infrastructure

DevOps must deliver business agility and high application performance together with strong application security. How can security and infrastructure teams work with DevOps to ensure network intelligence-derived security is incorporated directly into the software development process – without compromising speed or quality? In this session we will walk you through a free-to-try, self-contained AWS-based Gigamon tool that demonstrates how network-derived intelligence can help application owners identify and prevent misconfigurations, compliance violations, and vulnerabilities.

“Wow” Your App Owners with Application Insights Derived from Deep Packet Inspection

Navigating the DoD Framework, Leveraging Cloud Tools, and Overcoming Budget Challenges 

The goal of achieving Zero Trust remains a top priority for government agencies, but the realities of operationalizing Zero Trust pose unique challenges to every agency and project. In this webinar we will discuss approaches and tools to the implementation of the Department of Defense Zero Trust model; discuss best practices from the NSA and highlight ways to build a successful foundation for Zero Trust within present budgetary constraints. 

What you will learn from this webinar: 
- Approaches to implement the core activities outlined in the DoD ZT framework  
- How cloud platform tools can help in this implementation, and where they fall short 
- Best-practices developed by the NSA and other security agencies

Operationalizing Zero Trust: Strategies and Best Practices for Government Agencies

Every security organization owns a suite of solutions composed of tools covering endpoints, applications, cloud, and network hardware.  While these tools deliver the functionality promised, threats are still getting through – so we know more work needs to be done. Folks, it’s 2024 and we still don’t know what’s running on our network!  Join us as we walk through: how you can identify critical gaps in your organization’s security posture, the components of a “modern” security posture and finally, how to use network-derived intelligence and telemetry to consolidate tool functions across multiple areas (cloud, observability, security, network) into a single cohesive and proactive security posture.

What Today’s Security Stack Can... and Can’t Do

Explore how Cribl and Gigamon's Application Metadata Insight (AMI) can enhance network security and compliance in today's public sector environments. 
 
In today's complex public sector environments, ensuring network security and compliance is paramount. Application Metadata Insight (AMI) offer a powerful solution to address these challenges. Cribl provides a flexible data management solution, while Gigamon's AMI delivers deep application-level visibility. By integrating these technologies, public sector organizations can:
• Improve security: Gain granular insights into network traffic, identify anomalies, and detect potential threats more effectively.
• Enhance compliance: Collect and analyze relevant data to meet regulatory requirements and mitigate risks.
• Optimize performance: Identify performance bottlenecks and optimize network resources to ensure efficient service delivery.
• Reduce costs: Centralize and consolidate data sources, reducing the need for expensive infrastructure and storage.

Improve Network Traffic Visibility: Utilizing Gigamon & Cribl AMI

This exclusive session discusses top security and compliance challenges facing enterprises today. Gain expert insights from Alan Weckel of 650 Group, LLC and Bassam Khan as they dive deep into key topics: 
 
✓ Security vs. Compliance: First a baseline of this important distinction 
✓ Real-World Compliance Lessons: What we learned after working with a dozen C-level leaders 
✓ Closing Visibility Gaps: How network telemetry sees what log and endpoint telemetry misses 
✓ Navigating VMware Licensing Changes: How to “shock absorb” this rough journey and its impact on compliance 
✓ Generative AI & Data Integrity: How network telemetry both helps with GenAI, and protects against it

2025’s Perfect Storm: Enterprise Security & Compliance in the Age of AI

Are application performance issues consuming your team's resources? In today’s complex multi-cloud environments, teams often spend up to 90 percent of their time identifying root causes rather than fixing problems. Don’t let performance bottlenecks hinder your organization. 

In this engaging webinar, discover how integrating network telemetry from Gigamon with LiveAction’s advanced analytics platform can transform your approach to application performance. We will explore: 
- The challenges of application performance in hybrid cloud environments. 
- How Gigamon and LiveAction provide unparalleled visibility and smart analysis. 
- The benefits of full packet analytics in areas where flow data may be insufficient. 
- The power of our joint solution, offering both flow-based and packet-based visibility across physical, cloud, and virtual networks. 

Plus, learn how NTT’s global network of IT and security experts will sell, deploy, and service this innovative solution, ensuring you get the most out of your infrastructure. 

Don’t miss this opportunity to enhance your understanding of hybrid cloud performance optimization with the power of 3!

Optimizing Performance Across Hybrid Cloud Infrastructures with Gigamon, LiveAction and NTT

Prerequisites for deploying the GigaVUE Cloud Suite for VMware. In this video, we demonstrate the deployment process using GigaVUE Fabric Manager. For further information and to pose any questions, please visit the Hybrid/Public Cloud Group in Gigamon's VÜE Community.

Product Clinic:  GigaVUE Cloud Suite™ Installing the Cloud Suite for VMware

From an operational perspective, using an agentless solution such as mirroring for virtual traffic access seems ideal. Nothing to install, easier to manage, less expensive etc. In fact, the opposite is true. Agent-based traffic access solutions are easier to configure, yield higher performance, and usually cost less than their agentless counterparts.  In this session, we’ll expose the myths and misconceptions about using an agent for traffic access. We’ll also discuss why agents for traffic access are different than traditional tool agents and explain why they might be the best option for your network.

To Tap or Not to Tap and When is an Agent Not an Agent

Cloud platforms like AWS, Azure, and GCP are modern marvels with immense scalability and flexibility. These benefits can also come with sticker shock when your cloud environment is not optimized.  For example, complex tapping and mirroring architectures often lead to unnecessarily high billing costs, especially for packet-based security tools like Cloud Network Detection & Response. In this session, we’ll examine alternative designs and solutions to the default monitoring options from public cloud platforms that can save you a bundle in infrastructure costs.

How to Slash Cloud Monitoring Costs

According to recent findings by Enterprise Strategy Group, 83 percent of organizations say scanning encrypted traffic for threats is a significant or notable concern. Meanwhile, only 34 percent of organizations say they have visibility into all the encrypted traffic in their organization, leaving them vulnerable to threats. It’s no wonder that 69 percent of organizations say they have fallen victim to an attack that used encryption to avoid detection.

However, many of the perceived challenges that organizations face regarding decryption - like complexity, performance, and cost - can be addressed through centralized decryption. In this webcast, you’ll learn how you can enable end-to-end visibility for hybrid cloud by decrypting traffic centrally and distributing those packets to all the security tools in the environment that require them for inspection.

Join us to discover how you can ensure visibility across encrypted traffic and mitigate security risks.

How to Ensure Visibility Across Encrypted Traffic

According to the 2024 Gigamon Hybrid Cloud Security Report, fewer than half of over 1,000 global IT and security leaders surveyed claim to have lateral East-West visibility across their hybrid cloud infrastructure, which includes container-to-container communications. Threat actors know this and are actively exploiting this oversight, as evidenced by recent high-profile attacks which employed lateral movement to evade detection. In this session, we will cover how you can gain simple and scalable deep observability into container environments, at both packet and metadata levels.  You’ll also learn best practices based on recent customer deployment use cases on how to acquire traffic from any container along with accessing and aggregating container traffic from multiple cloud platforms.

Deep Observability for Kubernetes Lateral Traffic

Zero Trust has become top of mind for government and enterprise organizations as a necessary approach to address today’s cybersecurity vulnerabilities.  

As a result, the discussion is now focused on the “how?” rather than the “why?” of Zero Trust.  Join Dell and Gigamon experts as they highlight practical issues impacting industry implementation of Zero Trust.  In this session, we will discuss: 
- What are the components of a successful Zero Trust deployment? 
- Does a Zero Trust deployment need to become a complex integration project? 
- What is fastest, least risky path to achieve Zero Trust compliance? 
- How can Zero Trust be scaled to fit any size organization?   

Please join our experts and your peers to learn how Gigamon and Dell are partnering to bring a Zero Trust solution to market.

Accelerate the Path to Zero Trust with Dell and Gigamon

Originally aired on an ActualTech Media webcast.

Threats are getting better at evading perimeter defenses, that’s a given. After they’ve gotten in, they’re hiding in network blind spots, operating using encrypted traffic and targeting cloud workloads. How do you find adversaries after they’ve bypassed your perimeter and evaded endpoint agents?

Attend this webinar to learn the most effective techniques for dealing with the scourge of ransomware. You’ll hear about the tools you could be using to bolster your defenses and learn about best practices for stopping ransomware attacks. In this session, Chris Borales will discuss the myriad opportunities SOC teams have to hunt for attackers and how improving network visibility, extended network metadata retention are among your best tools to pinpoint adversary activity.

Ransomware Best Practices: Agentless Threat Hunting

Ransomware

Cyber Attacks

Cyber Defence

Best Practice

Threat Defence

Security

Security Analytics

Threat Detection

Cyber Security

Network Visibility

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Ransomware Best Practices: Agentless Threat Hunting

Presented by

About this talk

More from this channel