Name: Mitigation of Zero Days Using Scripting and Dynamic Policy Application
Start: 2023-12-04T18:09:00Z
End: 2023-12-04T18:09:24.000Z
Location: BrightTALK
Rating: 4

Centered on intelligent privilege controls, CyberArk provides the most comprehensive security offering for any identity - seamlessly securing human and machine identities accessing workloads from hybrid to multi-cloud, and flexibly automates the identity lifecycle all with continuous threat detection and prevention – protecting organization’s identities and most critical assets by enabling Zero Trust and enforcing least privilege.  

Cyber threats and attack methods are evolving FAST, understanding recent breaches and how to prevent them from happening at your organization is critical. In our webinar, CyberArk Labs Deconstructing Attacker Methods in Recent Breaches, we reviewed some of the most significant breaches of the year. In this webinar we'll be taking a step further and providing you with actionable insights on risk mitigation, demonstrating how cybersecurity best practices can help safeguard your organization against similar threats.

Risk Mitigation Best Practices Based on Recent Breaches

In an era where cyber threats are evolving at an unprecedented pace, understanding the tactics and techniques used by attackers is crucial for effective defense. This webinar, presented by CyberArk Labs, delves into some of the most significant breaches of the year, offering an in-depth analysis of the methodologies employed by cyber adversaries. We will explore how these attacks were orchestrated, identifying the common threads and unique strategies that made them successful. Watch to gain a clearer understanding of the current threat landscape.

CyberArk Labs Deconstructing Attacker Methods in Recent Breaches

As AI technology becomes increasingly integrated into various products and services, it introduces new opportunities and challenges for cybersecurity. CyberArk's Andy Thompson, Offensive Security Research Evangelist, provides valuable insights on the evolution of AI technology and its impact on the cybersecurity threat landscape; how machine identities, including AI services, are becoming new targets for cybercriminals; emerging attack techniques like jailbreaking and indirect prompt injection targeting AI models; real-world demonstrations of AI-based attacks and their potential consequences; strategies to secure machine identities and protect AI-driven automation.

Ex Machina: The Attack Surface of AI-Driven Technology

While “Identity is the new and last standing security perimeter” isn’t unfamiliar, not all organizations have fully embraced it in practice. Today many still rely solely on MFA to secure their workforce identities and fail to properly manage and secure privilege at endpoints. This creates a much wider attack surface for threat actors to work with, and a false sense of security for organizations looking to reduce risk at and beyond the Identity perimeter. So how can organizations take their risk mitigation practices to the next level?  

In this session, CyberArk experts deep dive into advanced strategies and capabilities, including implementing phishing-resistant end-to-end passwordless authentication and Endpoint Identity Security, to reduce the attack surface and thwart potential threats at and beyond the Identity perimeter.

Advanced Strategies for Reducing Risk at and Beyond the Identity Perimeter

Identity and Access Management (IAM) solutions are no longer just ways to provide easy workforce access to applications, but critical tools in security and zero trust network access, creating the first line of defense against malicious actors and insider threats. 

In this panel discussion, experts from CyberRisk Alliance and CyberArk share their insights into trends in this evolution, as well as the best practices to leverage IAM solutions as a strategic security asset to protect organizations from cyberattacks, data breaches, and other threats. They discuss the challenges and opportunities of IAM in the era of cloud, mobile, and social technologies, as well as the emerging trends and innovations in the field.

Beyond IAM Achieving True Identity Security

"As organizations work to secure human identities, the identity attack surface has expanded significantly. While an ability to timely detect and respond to identity-based threats is crucial, proactive reduction of the identity attack surface is essential to prevent the majority of cyber incidents, especially targeted attacks and APTs.  

In this session, CyberArk experts cover five actionable strategies to reduce your identity attack surface. From safeguarding endpoints to protecting sensitive data, you’ll learn how to close your workforce access security gaps from modern attack vectors to help reduce the risk of identity-based attacks. "

5 Ways to Reduce Risk by Minimizing Your Identity Attack Surface

Join us to learn how CyberArk modernizes PAM programs for hybrid and multi-cloud environments. We'll cover right-sized privilege controls with Just-in-time (JIT) access and zero standing privileges (ZSP), enhancing your program to protect against emerging threats.

Modernize Your PAM Program for a Multi-Cloud World

Just as classic muscle cars were once the pinnacle of high performance, legacy IAM represented cutting-edge solutions in its time. However, as innovation transforms both muscle cars and modern IAM, we'll contrast their evolution, showcasing the agility and power of modern IAM solutions in today's digital landscape.
Picture your organization facing the challenges of outdated legacy identity systems, struggling with app migration complexities. Now, envision a streamlined solution—a No-Code Identity Orchestration Platform (IOP) leading your transition to a secure and efficient Identity Access Management (IAM) environment.
We'll guide you through strategies and dive deep into tools and technologies to help you achieve this transformation. 
• Understand the risks and complexities associated with legacy identity providers and on-premises app migration.
• Explore how Identity Orchestration simplifies app migration without requiring code changes, ensuring a smooth transition to modern IAM solutions.
• Discover the Security First approach of IAM solutions combined with Identity Orchestration, enhancing control and resilience.
• Learn phased migration techniques, coexistence with legacy systems, and flexible rollback options to mitigate risks during the transition.
Join us to unlock the benefits of improved organizational efficiency, reduced IT overhead, heightened security, and a seamless user experience as you embrace modern IAM solutions.

Transforming Identity: No-Code Solutions for ditching legacy and embracing Modern IAM

Cybersecurity professionals are tasked with the responsibility of mitigating cyber risk and implementing strategic initiatives, such as Zero Trust. Establishing foundational identity and privilege controls on the endpoint are key to a successful Zero Trust strategy and are vital to prevent privilege abuse (including tampering). Join our webinar to learn why Zero Trust on endpoints should start with Endpoint Identity Security. Discover how enforcing role-specific least privilege can form a strong foundation for the adoption of Zero Trust, Identity-First Security, and other strategic cyber security initiatives.

The Principle of Least Privilege: Accelerate your Zero Trust and Compliance Strategic Initiatives

Maintaining a strong identity security program for employees and remote users is paramount when analyzing threats to an organization's critical assets. Join us to learn more about extending privileged access management to remote workforce, third parties, and external vendors centered around Zero Trust principles. We'll focus on use cases for a modern approach to securing remote access, audit and compliance considerations, and best practices when exploring efficient ways to secure external access for privileged and business users.

Secure Your Vendors' Access from Attacks on Third-party Vulnerabilities

Given the rapidly evolving threat landscape, the importance of a centralized identity security program is vital for both human and machine identities. While other vaults and open-source tools have their merits, these on-premises tools often require costly skills and resources to host and maintain. Organizations may feel stuck supporting the open-source version and dealing with a siloed security experience due to upgrade challenges.

The good news is that you are not alone and there is a migration path to a centralized SaaS secrets management solution that fully integrates with the CyberArk Identity Security Platform. This webinar will demonstrate the steps others have taken to achieve this transition and highlight key security benefits and operational efficiencies that come with it.

Join this webinar to learn:

-The best practices and common pitfalls of moving from an on-premises to a cloud-based solution for managing your secrets and machine identities.

-The benefits of centralizing your secrets management with CyberArk SaaS: Discover how you can reduce the complexity and cost of hosting and maintaining your own secrets management tool, while enhancing your security posture and compliance with CyberArk's SaaS offering.

-How CyberArk SaaS integrates with your DevOps tools and workflows: See how you can leverage CyberArk's APIs and plugins to securely access and rotate your secrets across different environments and platforms while enabling collaboration and automation among your developers and DevOps teams.

How Security Teams are Solving Vault Sprawl with a Modern SAAS Solution

In this eye-opening presentation, we raise the alert of Qilin, a sophisticated Ransomware as a Service operator specifically targeting the U.S. healthcare sector. Discover how threat actors evade EDR detection, exploit MFA vulnerabilities, and execute devastating attacks on medical institutions. Through a detailed walkthrough of real-world scenarios, learn about the offensive tactics employed by threat actors and gain crucial insights into defending against these attacks. Our experts offer an in-depth analysis of the attack methodology as well as valuable industry perspective, including potential solutions including CyberArk Endpoint Privilege Manager. This session is essential for IT professionals in healthcare seeking to bolster their cybersecurity defenses against evolving ransomware threats.

Critical Condition: How Qilin Ransomware Endangers Healthcare

If you are experiencing an organizational tug-of-war in planning your identity security program, you are not alone. Based upon decades of experience, the CyberArk Blueprint for Identity Security was designed to help organizations prioritize initiatives for maximum risk reduction. In this session, CyberArk’s Security Advisory Group breaks down tools, techniques and methods for balancing organizational priorities and drivers with meaningful risk reduction. Learn how to use the CyberArk Blueprint, our identity security best practices program framework, to balance the needs and requirements of your organization as you protect against malicious actors. Whether your organization’s priorities are driven by operational efficiency, an internal incident, a zero trust initiative or something else, the insights will help you to validate your approach against the lessons learned via 8,500+ deployments globally.

Balancing Risk and Organizational Priorities with the CyberArk Blueprint

Watch this informative session to learn how privilege has shifted in the modern workplace, how today’s threat actors take advantage of this shift and what organizations can do to safeguard their high-risk workforce to better implement a Zero Trust strategy.

Every User Can Be a Privileged User: Securing Access for High-Risk Workforce Users

As the digital landscape continues to evolve, identity management remains a critical component of cybersecurity strategy. Watch this informative webinar where leading experts provide essential guidance on navigating identity challenges and opportunities. You'll learn the latest trends in identity and access management (IAM), emerging threats, and best practices for securing digital identities in an increasingly complex environment. Viewers will gain valuable insights into innovative technologies, regulatory developments, and practical strategies for enhancing identity resilience.

Key Identity Guidance with SC Media and CyberArk

In this riveting presentation, Offensive Security Research Evangelist, Andy Thompson delves into the dangerous and ever-evolving tactics of the notorious threat actor group, Scattered Spider. From innovative persistence methods to the shocking use of physical threats, this talk provides crucial insights into the group's latest strategies.

Threat Actor Update - Scattered Spider

Join this session as we delve into the challenges with using traditional IAM solutions, what to look for in modern IAM solutions, and how to utilize intelligent privilege controls and transition from an outdated IAM framework to one that is tailored for your organization’s business and security needs in today’s threat landscape.

IAM Evolution: Enhancing Security in a Hybrid World of Evolving Threats

What is the state of machine identity security in 2024, and what are the most important things to know about securing them for the future?

Find out in this fireside chat, where Uzi Alion, VP, DevSecOps Solutions at CyberArk and Melinda Marks, Practice Director, Cybersecurity at Enterprise Strategy Group discuss the biggest risk factors of machine identities in modern enterprises as well as best practices that organizations can leverage to keep their hybrid secrets secure. 

Key topics include:
• Defense-in-depth (i.e. self-remediation)
• Lack of visibility and central control of secrets
• Ease of stealing secrets in the cloud
• And more

Grab your spot now to gain expert tips for securing your machine identities in 2024 and beyond!

Live From Black Hat 2024: Securing Machine Identities In 2024 & Beyond

Secure Browser: Bringing Identity Security to the Endpoint

Mastering Browser Security for Enterprise Defense

You Had Me at First Click: The Critical Role of the Secure Browser

Endpoint Privilege Security: The Cornerstone of Identity Protection

No More Cookies for You: Attacking and Defending Credentials

Safeguarding Servers

Practical Least Privilege

Level Up Your Security Stack EDR vs Endpoint Privilege Management

Securing the Future: Exploring Emerging Trends in Endpoint Security

Secure Your Desktops and Servers

In this webinar, Jeff Vealey explores least privilege in cybersecurity, using real-world examples of weaponized applications like PrintNightmare and Teams GIFMeControl. Beginning with a precise definition of least privilege, the analysis underscores its critical role in strengthening digital defenses.
Examining the historical backdrop of zero-day vulnerabilities, the webinar discusses traditional security approaches, setting the stage for understanding the power of least privilege in enhancing security postures and mitigating potential breaches. Together, we will focus on the proactive measures necessary to navigate the dynamic threat landscape successfully. This event aims to equip cybersecurity practitioners with actionable insights to fortify systems against emerging threats.

Mitigation of Zero Days Using Scripting and Dynamic Policy Application

Endpoint Security

Zero Day Threats

Zero Trust

Security Trends

Ransomware

Cyber Resilience

Malware

Breach Prevention

Risk Mitigation

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Mitigation of Zero Days Using Scripting and Dynamic Policy Application

Presented by

About this talk

More from this channel