Name: Adapting to a New Paradigm in Security: Implementing Identity Threat Detection and Response in Your SOC
Start: 2024-12-11T18:00:00Z
End: 2024-12-11T18:00:35.000Z
Location: BrightTALK
Rating: 0

Netwrix empowers security professionals to face digital threats with confidence by enabling them to identify and protect sensitive data as well as to detect, respond to, and recover from attacks. More than 13,500 organizations across 100+ countries rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity, and infrastructure. By reducing the cybersecurity burden with Netwrix, organizations concentrate on advancing their cause while reducing cyber risk.

For more information, visit www.netwrix.com

In the last twenty years, privileged access management (PAM) has gone through many evolutions to keep pace with the ever-changing cyberthreat landscape. Still, a vital risk remains front and center: Privileged accounts are crucial for the day-to-day work of admins, but they are usually needed for only short periods of time — the rest of the day, they can be compromised by attackers and misused by insiders.

Old-school PAM solutions reduce this risk only to some extent, while being costly and time-consuming to deploy. But it doesn’t have to be this way! In this session, we’ll explore a modern, easy-to-adopt approach that deals with this core problem head-on.

Join this session to learn how you can:
- Leverage privilege orchestration to remove known attack surfaces when at rest
- Dynamically delegate access according to use case without impeding admin efficiency
- Quickly adopt modern PAM tools to centrally control and audit access

Security Renaissance: Why it's time to break with old-school PAM solutions

Join white-hat hacker Brian Johnson (security enthusiast and president of 7 Minute Security) for an insightful webinar on penetration testing using cutting-edge AI tools. He’ll focus on ChatGPT and PentestGPT, an open-source tool designed to assist in penetration testing that integrates seamlessly with ChatGPT.

Join this session to discover:

- How ChatGPT compares with other prominent language models like those from Meta and Google
- Which types of questions and prompts that ChatGPT excels at, and where it may not be the ideal solution
- What steps are involved in an Active Directory penetration test
- How you can use PentestGPT to jumpstart a pen test, and what its limitations are

But that’s not all! We’ll also discuss how to defend against emerging threats like AI-powered attacks, and explore how Netwrix solutions provide you with a formidable defense.

Hack the Hackers: Exploring ChatGPT and PentestGPT in Penetration Testing

In this session, we will focus on safeguarding sensitive data and protecting SQL servers from unauthorized access. This session will cover effective strategies for identifying and mitigating excessive file reads and unauthorized access to sensitive information.

Join this session to gain insights into:
- Demonstrating "Snaffler" to explore SMB shares/files and discover hidden secrets.
- Using nmap and other tools to locate SQL servers.
- Performing password spraying attacks on SQL "sa" accounts.
- Exploiting stored procedures to capture, crack, or relay domain admin accounts.

Advanced Strategies for SQL Server Protection & Sensitive Information Security

La transition numérique du secteur de la santé, bien qu'indispensable, a augmenté considérablement le nombre de cyberattaques. Des plus petites structures aux grands hôpitaux, tous sont devenus des cibles privilégiées pour les cybercriminels. En réponse à cette menace croissante, le gouvernement a mis en place le programme CaRE, conçu pour renforcer de manière durable la cybersécurité des établissements de santé.

Lors de ce webinar Boris ROYER Et Jean-Christophe RADIUS de l’hôpital St Joseph, vont vous présenter leur retour d’expérience sur la mise en place d’une solution d’IGA (Gestions des identités et des accès) un des éléments clés du Programme CaRE.

Les points clés abordés pendant ce webinar seront :  
- La gestion des accès aux systèmes d'information
- Le provisioning et déprovisioning automatiques
- Les campagnes de revues des accès
- Comment Netwrix Usercube a leurs aide avec la mise en place du Programme CaRE
- Le ROI d’un tel projet

Programme CaRE : les réponses apportées par la gestion des identités et accès (IGA)

Groups are the fundamental way we manage access both inside Active Directory to control privileged access and readability of directory information as well as outside AD, throughout the rest of your network, to manage both end-user access to information and applications and privileged access to systems relying on AD. 

The biggest issues that contribute to group-based risks include:
There’s no direct way to see all the entitlements a group has across your hybrid on-prem and multi-cloud environment
You frequently find multiple groups with nearly the same name and many of the same users – but not quite
Ownership of groups and criteria for membership is frequently unclear and therefore groups are allowed to grow stale; members are added but never removed
Group-nesting is powerful and has a legitimate use but it can quickly get out of control leading to shocking and unintended results

Groups were always a copious source of findings in my AD security practice where I audited a range of AD implementations and taught regulators like the FDIC and the four large accounting firms how to assess Active Directory. In this session I’ll share what I learned and help you clean up your existing groups in implementing conventions and controls to keep groups secure going forward.

Jennifer Taufan, Netwrix Solutions Engineer, will show you how to:
Report on effective group membership in Active Directory and Entra ID
Understand where groups are granting access to your data sources such as file servers and SharePoint
Monitor and alert on group membership changes

Assessing Your Active Directory: Group Related Risks

In today's rapidly evolving cybersecurity landscape, attackers are leveraging advanced tools like generative AI to find new ways to compromise your IT infrastructure. Watch an insightful webinar where experienced pentester and white-hat hacker Brian Johnson will demonstrate how real-world hackers use tools like ChatGPT to craft sophisticated attacks. More importantly, you'll learn how to detect and prevent these threats.
 
During this session, we will delve into key strategies for strengthening your cybersecurity defenses. This comprehensive webcast will equip you with the knowledge and tools necessary to safeguard your organization’s critical assets.
 
Watch to gain insights into:
- Mitigating Active Directory password spraying attacks.
- Identifying accounts with non-expiring passwords and testing their resilience against weak passwords.- 
- Detecting users in groups with excessive permissions, such as those in "maintenance" groups capable of resetting passwords on key accounts or performing DCSYNC with domain controllers.
- Understanding the role and significance of AdminSDHolder in maintaining security.
 
Don't miss this opportunity to enhance your cybersecurity posture and protect your organization from sophisticated threats.

Mastering Password Security & Active Directory Monitoring

Les erreurs de configuration et les vulnérabilités cachées dans vos systèmes AD et Entra ID représentent une véritable aubaine pour les cyberattaquants. Grâce à Netwrix PingCastle, notre solution pour l’évaluation des risques liés à AD et Entra ID, vous pouvez détecter ces failles et empêcher les malfaiteurs d’exploiter vos systèmes avant qu’il ne soit trop tard. Le résultat ? Une posture de sécurité renforcée pour votre environnement AD hybride, une remédiation efficace et des défenses accrues contre les cybermenaces basées sur l’identité, en constante évolution.

Regardez notre webinaire pour savoir comment :
- Éliminer les zones d’ombre de votre environnement AD
- Repérer les risques et classez-les par priorité
- Combler les failles de sécurité
- Surveiller et améliorer les scores de sécurité pour assurer la protection continue de l’AD

Contrôlez et réduisez les risques : identifiez les vulnérabilités de votre compte Active Directory

As organizações enfrentam atualmente desafios sem precedentes, desde o aumento de ataques de ransomware e de ataques por estados-nação até à necessidade de navegar pelas complexidades de novas regulamentações, como a diretiva NIS2. Este webinar foi desenhado para lhe proporcionar o conhecimento e as estratégias necessárias para se manter à frente destas ameaças, garantindo ao mesmo tempo o cumprimento dos requisitos legais mais recentes.
Junte-se ao nosso próximo webinar e obtenha insights práticos sobre como melhorar os seus processos e formações, otimizar e ensaiar as suas estratégias de resposta, e reforçar os contratos com os seus fornecedores. Também serão exploradas as implicações da responsabilidade pessoal dos órgãos de gestão ao abrigo da NIS2.

Durante o webinar, veremos como as soluções da Netwrix podem permitir uma proteção robusta contra ameaças emergentes e garantir um cumprimento contínuo das regulamentações. Saiba como tirar partido destas ferramentas avançadas para proteger o seu negócio no desafiante ambiente cibernético atual.

Assista ao nosso webinar para:
- Obter dicas práticas para melhorar os seus processos de cibersegurança e estratégias de resposta a incidentes.
- Compreender o impacto da diretiva NIS2 na responsabilidade corporativa e pessoal.
- Conhecer as melhores práticas para treinar e preparar a sua equipa para enfrentar eficazmente os desafios de cibersegurança.
- Descobrir como as soluções Netwrix podem reforçar as suas defesas e facilitar a conformidade com as regulamentações em constante evolução.

Dominar a NIS2: Estratégias de Cibersegurança Vencedoras para as Ameaças de Hoje

Le workstation dei dipendenti, sia su Windows, macOS o Linux, sono diventate dei vettori di attacco e sono quindi presi di mira dagli aggressori. Questo perché sono il collegamento attraverso il quale i dati digitali vengono condivisi, copiati, caricati su servizi cloud di terze parti, stampati e/o spostati su supporti rimovibili. Indipendentemente da dove sono archiviati i dati, l'endpoint è la causa principale della maggior parte degli incidenti di furto di dati.

Come fare quindi a prevenire e rafforzare la propria postura di sicurezza? Parleremo di questo e molto altro ancora nel nostro prossimo webinar.  Guarda il nostro webinar e scopri:

- Perché DLP degli endpoint è fondamentale per proteggere i dati sensibili della tua azienda in un panorama in continua evoluzione
- Come DLP degli endpoint può proteggere la tua azienda dai costi elevati associati alle violazioni dei dati
- In che modo Endpoint Protector consente alle organizzazioni di proteggere i propri dati garantendo al contempo la conformità ai requisiti normativi
- Come l’integrazione con Netwrix Audutor e Netwrix Data Classification consenta di avere una protezione completa a partire dai server on-premises, al cloud e/o ai client

Come prevenire l'esfiltrazione dei dati sugli endpoint e rafforzare sicurezza e conformità

As organizations handle vast amounts of data across multiple repositories, the need for comprehensive data management has never been greater. In this webinar, we'll explore how Data Discovery and Classification lay the foundation for effective governance and privacy. You'll learn how the various disciplines of data management must work together to secure sensitive information and ensure compliance, while addressing the challenges of excessive access, complex entitlements, and endpoint vulnerabilities.

Watch the session to learn how to:
- Identify and classify sensitive data across diverse repositories to reduce security gaps.
- Govern and manage access, entitlements, and permissions to prevent unauthorized exposure.
- Implement best practices for maintaining control over endpoints and ensuring ongoing compliance with privacy regulations.

This webinar will provide the knowledge and tools you need to take control of your data management strategy and enhance your organization's security and compliance posture.

The Path of Data Management: From Discovery & Classification to Governance & Privacy

Are you looking to optimize your Identity Governance and Administration (IGA) processes while driving efficiency and cutting costs? 
Watch our webinar to discover how GroupID can be the game-changing solution that seamlessly integrates with any identity platform. 
Learn how advanced group management with GroupID can fill critical gaps and enhance your IGA strategy for maximum impact. Don’t miss this opportunity to see how GroupID can be the gateway to a streamlined and successful IGA project.
 
What You’ll Learn:

- Simplified Group Membership Requests: Discover how GroupID reduces helpdesk tickets by making group membership requests effortless for users.
- Efficient Group Recertification: Learn how to identify and clean up unused groups, ensuring optimal group hygiene and reducing clutter in your systems.
- Intelligent Groups for Compliance: Understand how GroupID’s intelligent groups enforce compliance, guaranteeing that users have the right access exactly when they need it.
- Temporary Memberships: Explore how temporary memberships prevent over-privileged or under-privileged access, enhancing security and efficiency.

Don’t miss this opportunity to supercharge your IGA strategy with GroupID.

Unlock the Gateway to IGA: Supercharge your projects with GroupID

Organisations today face unprecedented challenges, from a surge in ransomware and nation-state attacks to navigating the complexities of new regulations like the NIS2 directive. This webinar is designed to equip you with the knowledge and strategies you need to stay ahead of these threats while ensuring compliance with the latest legal requirements.

Join us as Jonathan Armstrong, a compliance lawyer, provides actionable insights on refining your processes and training, optimising and rehearsing your response strategies, and strengthening your supplier contracts. He will also explore the personal liability implications for management bodies under NIS2.

Additionally, Dirk Schrader, VP of Security Research at Netwrix, will demonstrate how Netwrix solutions can enable robust protection against emerging threats and seamless regulatory compliance. Learn how to leverage these advanced tools to safeguard your business in today’s challenging cyber environment.

Join our webinar to:
- Gain practical tips for improving your cybersecurity processes and incident response strategies.
- Understand the impact of the NIS2 directive on corporate and personal liability.
- Learn best practices for training and preparing your team to handle cybersecurity challenges effectively.
- Discover how Netwrix solutions can fortify your defences and facilitate compliance with evolving regulations.

Don’t miss this opportunity to fortify your organisation against the latest cyber threats and regulatory mandates.

Mastering NIS2: Winning Cybersecurity Strategies for Today’s Threats

As cybercriminals increasingly target identities and systems, it's essential for organizations to adapt by enhancing their detection, response, and mitigation strategies in real time. Protecting your key on-premises identity infrastructure — Active Directory — is crucial because it remains the backbone of many organizations' access control and authentication processes. When Active Directory is not secure, nothing is. 

This session will provide you with the knowledge and tools needed to strengthen your AD security posture, ensuring your organization is prepared to combat the ever-evolving identity threat landscape.

Watch the session to:
- Understand the key risks and vulnerabilities specific to AD attacks.
- Discover best practices for reducing your identity attack surface and remediating misconfigurations.
- Learn how to implement real-time detection and response strategies to safeguard your on-premises identity infrastructure.
- Explore the latest technologies and techniques to prevent credential theft and privilege abuse within your AD environment.

Fortifying On-Premises Identity Systems: Active Directory Threat Prevention, Detection & Response

Transitioning to Microsoft Intune and Entra ID can be challenging for organizations accustomed to using Group Policy and SCCM for endpoint management and security. The differences in policies, granularity, and capabilities between Intune and SCCM often lead to security gaps, a poor end-user experience, and inefficiencies in managing endpoints.   
Fortunately, Netwrix offers a solution that simplifies this transition for Group Policy and SCCM Administrators. 
 
Watch how 18-time Microsoft MVP and Group Policy expert Jeremy Moskowitz to discover how Netwrix PolicyPak bridges the gaps in endpoint management and security during and after your migration to Entra ID and Microsoft Intune. In this webinar, you'll learn how Netwrix PolicyPak can: 
  
- Consolidate and merge legacy GPOs to streamline Intune migrations. 
- Ensure 100% policy parity between Microsoft Intune and Group Policy. 
- Address the security limitations of Intune's Endpoint Privilege Management add-on. 
- Integrate seamlessly with other Netwrix products, including Netwrix Auditor and Netwrix Privilege Secure. 
  
Don't miss this chance to learn how Netwrix PolicyPak simplifies your migration to Intune and Entra ID.  Register now to secure your spot!

Streamlining Your Migration from Group Policy and SCCM to Intune and Entra ID

À l'ère numérique, la gestion des identités doit être évolutive pour assurer la sécurité des données contre les cyberattaques sophistiquées et respecter les réglementations. Souvent lancés en urgence, les projets de gouvernance des identités doivent être anticipés stratégiquement. Plutôt que de réagir à une compromission, il est préférable d'établir des politiques robustes dès le départ. Nos experts vous fourniront de précieux conseils pour établir une stratégie moderne et efficace de gestion des identités, adaptée aux défis actuels.

Optez pour une gestion et une gouvernance des identités faciles à déployer et à maintenir:
- Solution prête à l'usage dès J 0
- Interface simple et intuitive 
- Autonomie des clients

Sélectionnez une solution innovante qui offre des bénéfices rapides
- Résultats concrets en peu de temps
- Gains mesurables et visibles par votre direction
- Mode de déploiement itératif pour des quick wins récurrents

Utilisez le Machine Learning pour améliorer la gestion et la gouvernance des accès
- Modèle de rôles plus efficace 
- S'adapter à l'évolution permanente de l'entreprise
- Réduction des erreurs humaines

Révolutionner la gouvernance des identités à l'ère numérique : l'IGA 2.0

Note: This is a replay of the webinar with Randy Franklin Smith.

If privileged accounts are the most protected, why do they keep appearing in exploits, like the recent Snowflake/Ticketmaster incident?

The reasons are two-fold:
- Privileged accounts are prime targets.
- Many organizations don’t follow best practices.

In this session on “Assessing the Security of Your Active Directory,” цу]we’ll focus on privileged accounts to help you improve controls and reduce risks. We’ll cover:

Identifying privileged accounts beyond just the Administrators group, including indirect vectors like AD object permissions and Windows system rights.

Using Windows Security Logs to track privileged account logons. Limiting privileged account use to same-security-tier endpoints is crucial, as an admin account is only as safe as the endpoint it’s used on. For instance, some Snowflake contractors reportedly used personal computers with infostealer malware.

Implementing security tiers for accounts, servers, and endpoints to prevent privileged accounts from being exposed to less secure tiers.
Addressing specific risks and controls for privileged accounts in Active Directory.

Our sponsor, Netwrix, offers tools perfect for this topic. Netwrix Auditor can:
- Report on privileged accounts in Active Directory.
- Monitor logons and alert to suspicious activity.
- Generate audit trails and reports for privileged activities.
- Help prepare for audits and ensure compliance.

Jennifer Taufan, Solutions Engineer at Netwrix, will demonstrate these capabilities.

Assessing the Security of Your Active Directory: Privileged Account Risks and Controls

CISOs must often tackle critical IT problems with limited resources and budgets. Effective identity governance and administration (IGA) is a cornerstone for success, especially when it comes to cybersecurity. Unfortunately, IGA projects have traditionally been notoriously long, costly and inflexible. 

Netwrix offers a complete, modern approach to IGA that reduces both total cost of ownership (TCO) and time to value — without sacrificing critical IGA functionality. 

Watch this webinar to discover how this innovative solution enables you to: 
- Leverage state-of-the-art AI and ML to slash IGA implementation time by months or even years and continuously tune your access controls 
- Minimize business disruption with a flexible data model and workflows that can be quickly adapted to your business processes 
- Rapidly build out connectors, in many cases without consultants 
- Avoid costly vendor code reviews with a "low code, no code" model 
- Reduce the risk of risky excessive permissions with separation of duties (SoD) 
And more 

Come see for yourself why Netwrix has been named a leader in the IGA market by top analysts and is trusted by hundreds of enterprise clients worldwide.

Faster IGA Success, Lower TCO with Netwrix

This is a Identity professionals have traditionally focused on compliance and governance activities, while leaving Security Operations to the Cybersecurity team to monitor the endpoint (EDR) and network (NDR), potentially missing Identity Threats. Cloud adoption has made identity a primary target for cyber security attacks, making it one of the key vectors of attack expansion after infiltration.

As a result, Identity professionals need to consider an Identity Threat Detection and Response (ITDR) program and how to integrate it into their organization’s larger Security Operations Center (SOC). In this webinar, we will discuss the considerations that should be made when bringing on an ITDR program and how to incorporate it into an organizations larger SOC program. By doing so, you can ensure that your organization is well-protected against identity-based cyber threats.shell webinar

Adapting to a New Paradigm in Security: Implementing Identity Threat Detection and Response in Your SOC

Active Directory

Cyber Defence

Cyber Attacks

Cyber Defense

Identity Theft

IT Security

Information Security

Data Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Adapting to a New Paradigm in Security: Implementing Identity Threat Detection and Response in Your SOC

Presented by

About this talk

More from this channel