Name: QWERTY Unleashed: Exploring Next-Gen Hacker Techniques for Passwords
Start: 2023-11-08T18:00:00Z
End: 2023-11-08T18:00:55.000Z
Location: BrightTALK
Rating: 5

Netwrix empowers security professionals to face digital threats with confidence by enabling them to identify and protect sensitive data as well as to detect, respond to, and recover from attacks. More than 13,500 organizations across 100+ countries rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity, and infrastructure. By reducing the cybersecurity burden with Netwrix, organizations concentrate on advancing their cause while reducing cyber risk.

For more information, visit www.netwrix.com

In the last twenty years, privileged access management (PAM) has gone through many evolutions to keep pace with the ever-changing cyberthreat landscape. Still, a vital risk remains front and center: Privileged accounts are crucial for the day-to-day work of admins, but they are usually needed for only short periods of time — the rest of the day, they can be compromised by attackers and misused by insiders.

Old-school PAM solutions reduce this risk only to some extent, while being costly and time-consuming to deploy. But it doesn’t have to be this way! In this session, we’ll explore a modern, easy-to-adopt approach that deals with this core problem head-on.

Join this session to learn how you can:
- Leverage privilege orchestration to remove known attack surfaces when at rest
- Dynamically delegate access according to use case without impeding admin efficiency
- Quickly adopt modern PAM tools to centrally control and audit access

Security Renaissance: Why it's time to break with old-school PAM solutions

This is a Identity professionals have traditionally focused on compliance and governance activities, while leaving Security Operations to the Cybersecurity team to monitor the endpoint (EDR) and network (NDR), potentially missing Identity Threats. Cloud adoption has made identity a primary target for cyber security attacks, making it one of the key vectors of attack expansion after infiltration.

As a result, Identity professionals need to consider an Identity Threat Detection and Response (ITDR) program and how to integrate it into their organization’s larger Security Operations Center (SOC). In this webinar, we will discuss the considerations that should be made when bringing on an ITDR program and how to incorporate it into an organizations larger SOC program. By doing so, you can ensure that your organization is well-protected against identity-based cyber threats.shell webinar

Adapting to a New Paradigm in Security: Implementing Identity Threat Detection and Response in Your SOC

In today’s rapidly evolving digital landscape, protecting sensitive data is more challenging than ever. Data Security Posture Management (DSPM) offers organizations a proactive approach to safeguarding data by providing continuous visibility into security risks, vulnerabilities, and compliance gaps across diverse environments. This webinar will dive deep into the core principles of DSPM, exploring how organizations can effectively implement a comprehensive strategy to mitigate risks, maintain compliance, and secure their most valuable data assets.

You will learn best practices for identifying and classifying sensitive data, and continuously monitoring access to critical information. Whether your organization operates on-premises, in the cloud, or in a hybrid setup, this session will offer actionable insights and real-world examples to help you build and maintain a robust data security posture. 

By watching this session, you will gain insights on:

- The fundamental components of Data Security Posture Management (DSPM) and its importance in today’s cybersecurity landscape. 
- How to identify, classify, and secure sensitive data across on-premises, cloud, and hybrid environments. 
- Strategies for maintaining compliance with industry regulations and continuously improving your organization's security posture.

Enhancing Cybersecurity with Data Security Posture Management

Join white-hat hacker Brian Johnson (security enthusiast and president of 7 Minute Security) for an insightful webinar on penetration testing using cutting-edge AI tools. He’ll focus on ChatGPT and PentestGPT, an open-source tool designed to assist in penetration testing that integrates seamlessly with ChatGPT.

Join this session to discover:

- How ChatGPT compares with other prominent language models like those from Meta and Google
- Which types of questions and prompts that ChatGPT excels at, and where it may not be the ideal solution
- What steps are involved in an Active Directory penetration test
- How you can use PentestGPT to jumpstart a pen test, and what its limitations are

But that’s not all! We’ll also discuss how to defend against emerging threats like AI-powered attacks, and explore how Netwrix solutions provide you with a formidable defense.

Hack the Hackers: Exploring ChatGPT and PentestGPT in Penetration Testing

Configurazioni errate e vulnerabilità nascoste nei sistemi AD ed Entra ID sono un vantaggio per gli aggressori informatici. Con Netwrix PingCastle, la nostra soluzione per la valutazione del rischio AD ed Entra ID, ottieni una visione completa dei rischi. Puoi sfruttare le mappature MITRE, ATT&CK™ e ANSSI con il relativo punteggio di rischio per concentrare gli sforzi di sicurezza in modo efficace.
Il risultato? Postura di sicurezza avanzata per il tuo ambiente AD ibrido, correzione efficace e difese migliorate contro le minacce informatiche basate sull'identità in evoluzione.
 
Guarda il nostro webinar e scopri come:
- Elimina i punti ciechi nel tuo ambiente AD
- Identificare e dare priorità ai rischi
- Colmare le lacune di sicurezza
- Monitora e migliora i punteggi di sicurezza per garantire una protezione continua dell'AD

Controlla e riduci i rischi: identifica le vulnerabilità e correggi di Active Directory

Depuis la création des programmes de gouvernance de l'identité, les organisations ont adopté une approche pour principalement sécuriser les accès et ne se sont pas autant concentrées sur le modèle des ressources. Bien que cette approche ait produit des résultats positifs, elle s'est faite au détriment de l'efficacité, de la rapidité et de la précision. Pendant ce webinaire, nous partagerons comment la combinaison des programmes de gouvernance des données et des identités peut produire des résultats plus précis, de meilleurs modèles et une infrastructure plus sûre.

Au-delà de la conformité : pourquoi enrichir la gouvernance des données avec des informations sur les identités ?

Have you recently gone public? Planning an IPO in the coming years and want to know how to prepare? This SOX-focused webinar will cover:  
- How SOX readiness efforts have changed over the past few years 
- Strategy for how to prepare your systems and the way they’re managed 
- The people you need in place 
- In what order you should tackle these challenges

IPO Readiness Checklist for NetSuite and Salesforce

In this session, we will focus on safeguarding sensitive data and protecting SQL servers from unauthorized access. This session will cover effective strategies for identifying and mitigating excessive file reads and unauthorized access to sensitive information.

Join this session to gain insights into:
- Demonstrating "Snaffler" to explore SMB shares/files and discover hidden secrets.
- Using nmap and other tools to locate SQL servers.
- Performing password spraying attacks on SQL "sa" accounts.
- Exploiting stored procedures to capture, crack, or relay domain admin accounts.

Advanced Strategies for SQL Server Protection & Sensitive Information Security

The introduction of PAM to any organization carries a degree of risk. If not introduced and implemented correctly, it can disrupt your IT operations and alienate your administrative staff. Planning and prior consultation with your teams are key to success.
 
Watch this session to:
- Understand the value of workflow mapping
- Explore best practices for deployment and learn how to engage your team
- Compare strategies for introducing PAM to your IT teams
- Learn about new methodologies that can make transitioning to PAM easier

PAM Roadmap: Key Strategies for Effective Deployment and Team Engagement

La transition numérique du secteur de la santé, bien qu'indispensable, a augmenté considérablement le nombre de cyberattaques. Des plus petites structures aux grands hôpitaux, tous sont devenus des cibles privilégiées pour les cybercriminels. En réponse à cette menace croissante, le gouvernement a mis en place le programme CaRE, conçu pour renforcer de manière durable la cybersécurité des établissements de santé.

Lors de ce webinar Boris ROYER Et Jean-Christophe RADIUS de l’hôpital St Joseph, vont vous présenter leur retour d’expérience sur la mise en place d’une solution d’IGA (Gestions des identités et des accès) un des éléments clés du Programme CaRE.

Les points clés abordés pendant ce webinar seront :  
- La gestion des accès aux systèmes d'information
- Le provisioning et déprovisioning automatiques
- Les campagnes de revues des accès
- Comment Netwrix Usercube a leurs aide avec la mise en place du Programme CaRE
- Le ROI d’un tel projet

Programme CaRE : les réponses apportées par la gestion des identités et accès (IGA)

Groups are the fundamental way we manage access both inside Active Directory to control privileged access and readability of directory information as well as outside AD, throughout the rest of your network, to manage both end-user access to information and applications and privileged access to systems relying on AD. 

The biggest issues that contribute to group-based risks include:
There’s no direct way to see all the entitlements a group has across your hybrid on-prem and multi-cloud environment
You frequently find multiple groups with nearly the same name and many of the same users – but not quite
Ownership of groups and criteria for membership is frequently unclear and therefore groups are allowed to grow stale; members are added but never removed
Group-nesting is powerful and has a legitimate use but it can quickly get out of control leading to shocking and unintended results

Groups were always a copious source of findings in my AD security practice where I audited a range of AD implementations and taught regulators like the FDIC and the four large accounting firms how to assess Active Directory. In this session I’ll share what I learned and help you clean up your existing groups in implementing conventions and controls to keep groups secure going forward.

Jennifer Taufan, Netwrix Solutions Engineer, will show you how to:
Report on effective group membership in Active Directory and Entra ID
Understand where groups are granting access to your data sources such as file servers and SharePoint
Monitor and alert on group membership changes

Assessing Your Active Directory: Group Related Risks

In today's rapidly evolving cybersecurity landscape, attackers are leveraging advanced tools like generative AI to find new ways to compromise your IT infrastructure. Watch an insightful webinar where experienced pentester and white-hat hacker Brian Johnson will demonstrate how real-world hackers use tools like ChatGPT to craft sophisticated attacks. More importantly, you'll learn how to detect and prevent these threats.
 
During this session, we will delve into key strategies for strengthening your cybersecurity defenses. This comprehensive webcast will equip you with the knowledge and tools necessary to safeguard your organization’s critical assets.
 
Watch to gain insights into:
- Mitigating Active Directory password spraying attacks.
- Identifying accounts with non-expiring passwords and testing their resilience against weak passwords.- 
- Detecting users in groups with excessive permissions, such as those in "maintenance" groups capable of resetting passwords on key accounts or performing DCSYNC with domain controllers.
- Understanding the role and significance of AdminSDHolder in maintaining security.
 
Don't miss this opportunity to enhance your cybersecurity posture and protect your organization from sophisticated threats.

Mastering Password Security & Active Directory Monitoring

Les erreurs de configuration et les vulnérabilités cachées dans vos systèmes AD et Entra ID représentent une véritable aubaine pour les cyberattaquants. Grâce à Netwrix PingCastle, notre solution pour l’évaluation des risques liés à AD et Entra ID, vous pouvez détecter ces failles et empêcher les malfaiteurs d’exploiter vos systèmes avant qu’il ne soit trop tard. Le résultat ? Une posture de sécurité renforcée pour votre environnement AD hybride, une remédiation efficace et des défenses accrues contre les cybermenaces basées sur l’identité, en constante évolution.

Regardez notre webinaire pour savoir comment :
- Éliminer les zones d’ombre de votre environnement AD
- Repérer les risques et classez-les par priorité
- Combler les failles de sécurité
- Surveiller et améliorer les scores de sécurité pour assurer la protection continue de l’AD

Contrôlez et réduisez les risques : identifiez les vulnérabilités de votre compte Active Directory

As organizações enfrentam atualmente desafios sem precedentes, desde o aumento de ataques de ransomware e de ataques por estados-nação até à necessidade de navegar pelas complexidades de novas regulamentações, como a diretiva NIS2. Este webinar foi desenhado para lhe proporcionar o conhecimento e as estratégias necessárias para se manter à frente destas ameaças, garantindo ao mesmo tempo o cumprimento dos requisitos legais mais recentes.
Junte-se ao nosso próximo webinar e obtenha insights práticos sobre como melhorar os seus processos e formações, otimizar e ensaiar as suas estratégias de resposta, e reforçar os contratos com os seus fornecedores. Também serão exploradas as implicações da responsabilidade pessoal dos órgãos de gestão ao abrigo da NIS2.

Durante o webinar, veremos como as soluções da Netwrix podem permitir uma proteção robusta contra ameaças emergentes e garantir um cumprimento contínuo das regulamentações. Saiba como tirar partido destas ferramentas avançadas para proteger o seu negócio no desafiante ambiente cibernético atual.

Assista ao nosso webinar para:
- Obter dicas práticas para melhorar os seus processos de cibersegurança e estratégias de resposta a incidentes.
- Compreender o impacto da diretiva NIS2 na responsabilidade corporativa e pessoal.
- Conhecer as melhores práticas para treinar e preparar a sua equipa para enfrentar eficazmente os desafios de cibersegurança.
- Descobrir como as soluções Netwrix podem reforçar as suas defesas e facilitar a conformidade com as regulamentações em constante evolução.

Dominar a NIS2: Estratégias de Cibersegurança Vencedoras para as Ameaças de Hoje

Le workstation dei dipendenti, sia su Windows, macOS o Linux, sono diventate dei vettori di attacco e sono quindi presi di mira dagli aggressori. Questo perché sono il collegamento attraverso il quale i dati digitali vengono condivisi, copiati, caricati su servizi cloud di terze parti, stampati e/o spostati su supporti rimovibili. Indipendentemente da dove sono archiviati i dati, l'endpoint è la causa principale della maggior parte degli incidenti di furto di dati.

Come fare quindi a prevenire e rafforzare la propria postura di sicurezza? Parleremo di questo e molto altro ancora nel nostro prossimo webinar.  Guarda il nostro webinar e scopri:

- Perché DLP degli endpoint è fondamentale per proteggere i dati sensibili della tua azienda in un panorama in continua evoluzione
- Come DLP degli endpoint può proteggere la tua azienda dai costi elevati associati alle violazioni dei dati
- In che modo Endpoint Protector consente alle organizzazioni di proteggere i propri dati garantendo al contempo la conformità ai requisiti normativi
- Come l’integrazione con Netwrix Audutor e Netwrix Data Classification consenta di avere una protezione completa a partire dai server on-premises, al cloud e/o ai client

Come prevenire l'esfiltrazione dei dati sugli endpoint e rafforzare sicurezza e conformità

As organizations handle vast amounts of data across multiple repositories, the need for comprehensive data management has never been greater. In this webinar, we'll explore how Data Discovery and Classification lay the foundation for effective governance and privacy. You'll learn how the various disciplines of data management must work together to secure sensitive information and ensure compliance, while addressing the challenges of excessive access, complex entitlements, and endpoint vulnerabilities.

Watch the session to learn how to:
- Identify and classify sensitive data across diverse repositories to reduce security gaps.
- Govern and manage access, entitlements, and permissions to prevent unauthorized exposure.
- Implement best practices for maintaining control over endpoints and ensuring ongoing compliance with privacy regulations.

This webinar will provide the knowledge and tools you need to take control of your data management strategy and enhance your organization's security and compliance posture.

The Path of Data Management: From Discovery & Classification to Governance & Privacy

Are you looking to optimize your Identity Governance and Administration (IGA) processes while driving efficiency and cutting costs? 
Watch our webinar to discover how GroupID can be the game-changing solution that seamlessly integrates with any identity platform. 
Learn how advanced group management with GroupID can fill critical gaps and enhance your IGA strategy for maximum impact. Don’t miss this opportunity to see how GroupID can be the gateway to a streamlined and successful IGA project.
 
What You’ll Learn:

- Simplified Group Membership Requests: Discover how GroupID reduces helpdesk tickets by making group membership requests effortless for users.
- Efficient Group Recertification: Learn how to identify and clean up unused groups, ensuring optimal group hygiene and reducing clutter in your systems.
- Intelligent Groups for Compliance: Understand how GroupID’s intelligent groups enforce compliance, guaranteeing that users have the right access exactly when they need it.
- Temporary Memberships: Explore how temporary memberships prevent over-privileged or under-privileged access, enhancing security and efficiency.

Don’t miss this opportunity to supercharge your IGA strategy with GroupID.

Unlock the Gateway to IGA: Supercharge your projects with GroupID

Organisations today face unprecedented challenges, from a surge in ransomware and nation-state attacks to navigating the complexities of new regulations like the NIS2 directive. This webinar is designed to equip you with the knowledge and strategies you need to stay ahead of these threats while ensuring compliance with the latest legal requirements.

Join us as Jonathan Armstrong, a compliance lawyer, provides actionable insights on refining your processes and training, optimising and rehearsing your response strategies, and strengthening your supplier contracts. He will also explore the personal liability implications for management bodies under NIS2.

Additionally, Dirk Schrader, VP of Security Research at Netwrix, will demonstrate how Netwrix solutions can enable robust protection against emerging threats and seamless regulatory compliance. Learn how to leverage these advanced tools to safeguard your business in today’s challenging cyber environment.

Join our webinar to:
- Gain practical tips for improving your cybersecurity processes and incident response strategies.
- Understand the impact of the NIS2 directive on corporate and personal liability.
- Learn best practices for training and preparing your team to handle cybersecurity challenges effectively.
- Discover how Netwrix solutions can fortify your defences and facilitate compliance with evolving regulations.

Don’t miss this opportunity to fortify your organisation against the latest cyber threats and regulatory mandates.

Mastering NIS2: Winning Cybersecurity Strategies for Today’s Threats

In this electrifying session, Brian Johnson, a master of the digital underworld, will pull back the curtain on the enigmatic world of real hackers, revealing their ingenious tricks, from the stealthy art of password spraying to the creation of DIY password-cracking contraptions.

But the stage is not set for hackers alone; on the front lines of defense, Netwrix Solution Engineer Brendan McNulty a will be your stalwart guardian. He'll rise to the challenge, working tirelessly to preempt, detect, and ultimately outsmart these cunning attacks with Netwrix Auditor and Netwrix Password Policy Enforcer.

Join the session to:

- Explore password spraying techniques, including wordlist creation with tools like Kali's Crunch and Rubeus for Active Directory attacks.
- Discover alternative password sources such as dehashed with practical demonstrations against Active Directory.
- Learn to build your password-cracking rig, create efficient wordlists using "duplicut," and use hashcat for cracking.
- Get an introduction to Elcomsoft Distributed Password Recovery's user-friendly GUI and distributed job capabilities.
- Learn how to detect password spraying attacks and establish a robust password policy for Active Directory without burdening users or IT teams.

QWERTY Unleashed: Exploring Next-Gen Hacker Techniques for Passwords

IT Security

Data Security

Cyber Security

Information Security

Password Management

Data Breach

Cyber Attacks

Cyber Crime

Cyber Defense

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

QWERTY Unleashed: Exploring Next-Gen Hacker Techniques for Passwords

Presented by

About this talk

More from this channel