Name: The “Assumption of Compromise”: Government Agency Best Practices
Start: 2025-01-08T18:00:00Z
End: 2025-01-08T18:00:26.000Z
Location: BrightTALK
Rating: 0

Gigamon® offers a deep observability pipeline that efficiently delivers network-derived intelligence to cloud, security, and observability tools. This helps eliminate security blind spots and reduce tool costs, enabling you to better secure and manage your hybrid cloud infrastructure. Gigamon has served more than 4,000 customers worldwide, including over 80 percent of Fortune 100 enterprises, 9 of the 10 largest mobile network providers, and hundreds of governments and educational organizations.

Imagine the possibilities when service providers can easily access valuable insight about their mobile subscriber base. Information such as what devices and OTT applications subscribers are using as well as when and where they use the mobile network. Marketing, advertising, infrastructure planning, customer service, and product development can all benefit from better subscriber insight, but traditional approaches to collect this data have been costly and complex. In this session, we will cover the latest Gigamon solution innovation that cost-effectively delivers enriched mobile subscriber metadata directly to data lakes and analytics engines, enabling service providers to realize the full potential of subscriber data.

Learn What’s Possible with Enriched Mobile Subscriber Analytics

GigaVUE-OS and GigaVUE-FM offer a rich set of features and capabilities - so many that users can be overwhelmed. In this session, we’ll highlight five high-value features that you may not know about but that could dramatically improve the return on your investment, optimize your workflows, make your tools more efficient, and help keep your networks healthy and secure.

Five Capabilities of GigaVUE-OS and GigaVUE-FM You May Not Know

The need to inspect encrypted traffic is critical given the prevalence of encrypted malware lurking in our midst. But with over 90 percent of enterprise data being encrypted, managing this traffic and determining when and where to decrypt it remains a significant challenge for many organizations. Gigamon provides a range of decryption solutions and in this session, we’ll explore the pros and cons of the most common deployment scenarios and help you to learn how to decide which model is most efficient and effective for your organization.

Decryption Lessons Learned: The Most Efficient Deployment Models

Not knowing whether a performance bottleneck is caused by the network or the application itself often leads to a “blame game” among application, network, and cloud teams. This finger pointing can delay resolution and also stifle collaboration. Join us to learn how Gigamon can help you to more quickly and precisely pinpoint the root cause of performance bottlenecks and finally end the “blame game”.

End the “Blame Games” with High-Precision App Troubleshooting

DevOps must deliver business agility and high application performance together with strong application security. How can security and infrastructure teams work with DevOps to ensure network intelligence-derived security is incorporated directly into the software development process – without compromising speed or quality? In this session we will walk you through a free-to-try, self-contained AWS-based Gigamon tool that demonstrates how network-derived intelligence can help application owners identify and prevent misconfigurations, compliance violations, and vulnerabilities.

“Wow” Your App Owners with Application Insights Derived from Deep Packet Inspection

Every security organization owns a suite of solutions composed of tools covering endpoints, applications, cloud, and network hardware.  While these tools deliver the functionality promised, threats are still getting through – so we know more work needs to be done. Folks, it’s 2024 and we still don’t know what’s running on our network!  Join us as we walk through: how you can identify critical gaps in your organization’s security posture, the components of a “modern” security posture and finally, how to use network-derived intelligence and telemetry to consolidate tool functions across multiple areas (cloud, observability, security, network) into a single cohesive and proactive security posture.

What Today’s Security Stack Can... and Can’t Do

From an operational perspective, using an agentless solution such as mirroring for virtual traffic access seems ideal. Nothing to install, easier to manage, less expensive etc. In fact, the opposite is true. Agent-based traffic access solutions are easier to configure, yield higher performance, and usually cost less than their agentless counterparts.  In this session, we’ll expose the myths and misconceptions about using an agent for traffic access. We’ll also discuss why agents for traffic access are different than traditional tool agents and explain why they might be the best option for your network.

To Tap or Not to Tap and When is an Agent Not an Agent

Cloud platforms like AWS, Azure, and GCP are modern marvels with immense scalability and flexibility. These benefits can also come with sticker shock when your cloud environment is not optimized.  For example, complex tapping and mirroring architectures often lead to unnecessarily high billing costs, especially for packet-based security tools like Cloud Network Detection & Response. In this session, we’ll examine alternative designs and solutions to the default monitoring options from public cloud platforms that can save you a bundle in infrastructure costs.

How to Slash Cloud Monitoring Costs

According to the 2024 Gigamon Hybrid Cloud Security Report, fewer than half of over 1,000 global IT and security leaders surveyed claim to have lateral East-West visibility across their hybrid cloud infrastructure, which includes container-to-container communications. Threat actors know this and are actively exploiting this oversight, as evidenced by recent high-profile attacks which employed lateral movement to evade detection. In this session, we will cover how you can gain simple and scalable deep observability into container environments, at both packet and metadata levels.  You’ll also learn best practices based on recent customer deployment use cases on how to acquire traffic from any container along with accessing and aggregating container traffic from multiple cloud platforms.

Deep Observability for Kubernetes Lateral Traffic

Meeting compliance standards for data privacy and security is mission critical. Whether you’re in healthcare, retail, financial services, or in the public sector, data privacy regulations require that all data-in-motion and data-at-rest for cloud applications adhere to strict security standards. However, ensuring compliance for applications running on public clouds has proven extremely challenging... until now.  In this session, we will discuss and demonstrate how organizations apply Gigamon Application Metadata Intelligence to meet and maintain regulatory compliance.

Closing the Data-in-Motion Compliance Gap

Even with encryption, ransomware and other threats can find their way into your environment. While encryption is foundational for security and privacy, adversaries can take advantage of encrypted channels to hide activities within virtual workloads and to traverse laterally across the hybrid cloud infrastructure. Gigamon Precryption™ technology is the gamechanger that gives SecOps teams plaintext visibility into encrypted traffic and lateral movements – without the complexity or overhead of traditional decryption.  This session will go through how Precryption technology reveals hidden threats plus the latest enhancements to this innovative technology.

Applying Precryption™ Technology to See What's Lurking in Encrypted Cloud Traffic

Explore the synergy between Cribl and Gigamon in enhancing data observability, network performance and security.  In today’s data driven landscape, organizations face the challenge of managing vast amounts of data while ensuring performance, security and compliance. This session will show how Cribl’s innovative data routing and transformation capabilities, combined with network intelligence from the Gigamon Deep Observability Pipeline, enable organizations to gain deeper insights that streamline operations, and power informed decisions.

Optimizing Data Observability: Harnessing the Power of Cribl and Gigamon

Discover how network-derived intelligence with enhanced metadata empowers you to lower security risk by proactively identifying threats, streamline PCI compliance, accelerate your Zero Trust objectives, and lower costs. In this session, you’ll learn how to unlock the full potential of your network data to gain unparalleled visibility into your hybrid cloud infrastructure and empower your InfoSec and SecOps teams to make informed decisions.

Harness the Power of Network Data with Splunk and Gigamon

Despite global information security spending projected at $215B in 2024, today’s organizations are losing ground against cyber criminals. In our annual survey of more than 1,000 security and IT leaders worldwide, we explored cybersecurity challenges and top priorities to secure and manage increasingly complex hybrid cloud infrastructure. Our survey found 1 in 3 organizations were unable to detect a data breach in the last 12 months using existing tools. Why? Join our CSO Chaim Mazal for this keynote session as he shares survey highlights, insights on the state of cybersecurity, and how organizations must adapt to close the preparedness gap.

State of the Cybersecurity Industry: How to Address the Preparedness Gap

Use of encryption for network traffic continues to rise, for both good and bad. Today over 85% of malware relies on encryption to hide in plain sight. The need to decrypt and inspect traffic is easy to see and is recommended by The NSA. Deploying actual decryption in a cost-effective and scalable way while meeting privacy and compliance requirements might not have been easy. However, it doesn’t need to be difficult or expensive. 

Gigamon TLS/SSL Decryption offers a centralized, high-performance solution that improves existing security tools by decrypting traffic once and inspecting it many times. Decrypting traffic exiting the network enables command and control detection, preventing data exfiltration and strengthening the company’s compliance stance. By being able to selectively choose what traffic to decrypt and what not to, it becomes possible to engage the right tools to enhance the security posture effectively.  

This webinar is designed to equip security and network architects with knowledge of current decryption trends, known challenges, and recommended solutions by demonstrating real-world use cases.

Practical Advice for Inline and Out-of-Band Decryption

As organizations migrate to the cloud, they face a new wave of cybersecurity challenges. Today’s security measures frequently fall short in detecting and responding to threats that move laterally across virtual infrastructure, often using encryption to hide. In this webinar, we will cover how a single cybersecurity program built on network visibility across hybrid cloud environments can lead to effective threat management against today’s attacks. 

 

Join us as we discuss: 

 

- Ransomware attack techniques, focusing on virtual lateral traversal 

- Deep packet inspection’s role in identifying and mitigating network threats 

- Illuminating blind spots in your hybrid cloud environments to reduce risk posed by lateral movement offensive techniques  

- Incident response strategies for rapid containment and remediation of network threats 

- Best practices for integrating threat management into your hybrid cloud security architecture 

 

Attendees will gain a deeper understanding of the latest threats using network traffic as an attack vector and walk away with actionable insights to improve their organization's hybrid cloud security posture from comprehensive network visibility.

Cybersecurity Fundamentals: Building Strong Defenses from Network Observability

Organizations are exploring solutions to fortify their security posture as the threat landscape becomes more sophisticated and the number of breaches skyrockets. As teams look for new solutions, the challenge remains:   

How does an organization secure network traffic once it crosses a firewall and becomes East-West traffic?  

Join us to learn how you can build a security posture that combines firewalls with E-W visibility to enable successful detection and response of security issues.  

In this webinar, you will:   
- Learn the importance of integrating East-West visibility into your security posture  
- Discover the tools you need to effectively analyze East-West traffic  
- Understand how to create a scalable security posture that combines covers North-South, East-West, and encrypted traffic

Why Firewalls Are No Longer Enough

Enhancing Hybrid Cloud Visibility and Security with Nutanix and Gigamon

Gain Cloud Visibility and Lower TCO by up to 80 Percent

Customer Panel Discussion: Closing the Cybersecurity Gap, Moderated by Gigamon CSO

Safeguarding Hybrid Cloud Networks for Leading Organizations: Business and Technology Updates

IDC Research: Observability and Security, Two Sides to the Same Coin

Gigamon Visualyze Bootcamp 2024

It’s not a matter of “if” but “when” organizations are breached. That’s the premise that Federal agencies operate under and it’s one that would be prudent to follow. With an Assumption of Compromise, it’s assumed that threat actors are currently living off the land (LTOL) using applications and protocols already available in workloads. Why LTOL and similar attacks can go unnoticed is because of a critical gap in traditional logging that is often overlooked. Learn why relying on logs from a firewall or router as the single source of truth is not enough. In this session, we will take a broad look at logging from the perspective of government threat hunting, and how it can be greatly enhanced with network-derived intelligence to make it far more resilient and harder for bad actors to defeat.

The “Assumption of Compromise”: Government Agency Best Practices

Threat Hunting

Cloud Security

Cyber Attacks

Visibility

Telemetry

Ransomware

Logs

Network Security

Data Security

Visualyze

Welcome to the virtualization community on BrightTALK! Whether it affects servers, storage, networks, desktops or other parts of the data center, virtualization provides real benefits by reducing the resources needed for your
infrastructure and creating software-defined data center components. However, it can also complicate your infrastructure. Join this active community to learn best
practices for avoiding virtual machine sprawl and other common virtualization pitfalls as well as how you can make the most of your virtualization environment.

Virtualization

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The “Assumption of Compromise”: Government Agency Best Practices

Presented by

About this talk

More from this channel