Name: Log4j Lessons Learned: A Blueprint for Zero-Day Defense
Start: 2023-12-28T18:00:00Z
End: 2023-12-28T18:00:19.000Z
Location: BrightTALK
Rating: 0

Your home for everything cloud native! Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk. The Aqua Platform, a Cloud Native Application Protection Platform (CNAPP), integrates security from Code to Cloud, combining the power of agent and agentless technology into a single solution. With enterprise scale that doesn’t slow development pipelines, Aqua secures your future in the cloud. Founded in 2015, Aqua is headquartered in Boston, MA and Ramat Gan, IL protecting over 500 of the world’s largest enterprises.

Here you'll find video content on topics, including but not limited to: Cloud Native Application Protection Platform (CNAPP) Security, Vulnerability Management, Cloud Security Posture Management (CSPM), Software Supply Chain Security, Vulnerability and Risk Scanning, Advanced Malware Protection, Cloud Workload Protection (CWPP)
Kubernetes Security Posture Management (KSPM) & more! 


This session is centered on incident response within cloud native applications. In this video, we’ll guide you through the process of responding to and stopping active threats in real-time. Together, we will discuss strategies to ensure that applications remain operational during security incidents, focusing on minimizing time to remediation and closing the window of exposure.

The session will highlight the unique capabilities of Aqua, including the ability to automatically block or restrict unapproved activity, stopping zero-days in their tracks, all while maintaining operational integrity without downtime.

Watch to gain expertise in formulating incident response plans that not only address immediate threats but also strengthen security measures for future prevention.

Incident Immunity: Effective Runtime Response Without Downtime in Cloud Native

In today's fast-paced cloud-native environments, delivering applications quickly is essential, and security must be seamlessly integrated into the process. This webinar explores how DevSecOps unites development, operations, and security to proactively identify and mitigate security risks, improving both development speed and security.

What You’ll Learn:
• Best Practices: Nine key elements for successful DevSecOps adoption, with actionable insights to immediately strengthen your security approach.
• Challenges in Cloud Native Environments: Tackle the key obstacles like containerization and shifting security left to safeguard the entire software lifecycle.
• Real-World Success Stories: Discover how companies like PayPal have embraced DevSecOps to secure their cloud-native environments.

Join us to see how you can accelerate delivery without compromising security.

DevSecOps: Making It Happen

Beneath the surface of your code could be lurking secrets that no one sees—until it's too late. Aqua Nautilus, the elite research team at Aqua Security, has uncovered a startling truth: nearly 18% of secrets remain hidden, even after they've been "removed," exposing organizations to critical risks. This is more than just a cybersecurity issue—it's a call for a complete rethink of how we protect sensitive data in the cloud-native world.

In this interactive webinar, the Aqua Nautilus team will reveal:

• How conventional scanning tools miss nearly 1 in 5 secrets, and why it’s happening.
• Real-world impact of hidden secrets, feat. case studies from some of the largest companies on the planet.
• Advanced strategies for uncovering & safeguarding secrets that slip through the cracks of traditional scanning methods.

Led by researchers Yakir Kadkoda and Ofek Itach, Aqua Nautilus is at the forefront of protecting cloud-native environments and ensuring the security of critical infrastructures. Their work doesn’t just protect individual companies—it’s a vital service to the broader community, safeguarding the future of cloud security.

Join us to learn how Aqua Nautilus is setting new standards in vulnerability detection and what you can do to protect your organization from these emerging threats.

Behind the Code: Discovering and Protecting Exposed Secrets

In the ever-evolving landscape of cloud security, identifying and mitigating risks is crucial for maintaining the integrity of your cloud environment. We invite you to join industry veterans from Orca Security and Aqua Security, who collectively bring over 40 years of experience in cybersecurity, for an insightful and educational session designed to enhance your understanding of container security and incident response in the cloud.  

Scenario: 
You’ve experienced an actual attack and now need to find the root cause and remediate it. Without runtime controls, your forensic investigations and attack path analysis can feel like chasing ghosts. This webinar will provide you with a comprehensive framework to achieve swift remediation and maintain robust cloud security. 

Key Takeaways: 
● Understanding Attack Paths: Learn how to identify and analyze attack paths within your cloud environment. 
● Framework for Remediation: Discover a structured approach to quickly and effectively remediate security incidents 
● Real-World Demo: Witness a live demo showcasing instant response and investigation techniques in the cloud

Navigating Attack Paths in the Cloud: A Framework for Swift Remediation

Imagine having the confidence to navigate Cloud Native Application Protection Platforms (CNAPPs) with ease, minimizing risks and making smarter decisions for your organization. Join our webinar, "6 Common CNAPP Pitfalls and How to Avoid Them," where we delve into the common challenges and arm you with the knowledge to avoid them.

In this engaging session, you’ll learn how to:

• Streamline Deployment: Navigate deployment complexities effortlessly for a smooth and scalable start.
• Manage Alerts Effectively: Reduce alert duplication and gain clear, actionable security insights.
• Ensure Seamless Integration: Achieve a unified and reliable CNAPP experience through true integration.
• Leverage Pro Tips: Access expert advice and practical strategies to refine your CNAPP approach.

By attending, you'll be equipped to better manage risks, enhance operational efficiency, and make more informed decisions. Don't miss this opportunity to transform your cloud security strategy and secure a confident future.

Watch now and take the first step towards smarter risk management!

6 CNAPP Pitfalls and How to Avoid Them

By the end of the webinar, participants gain a comprehensive understanding of how Aqua Security not only aids in DORA compliance but also fortifies operational resilience and cybersecurity defenses, helping financial institutions navigate the complexities of regulatory compliance and safeguard their services in 2024 and beyond.

Aligning to the DORA Regulations with Aqua

The heavy reliance on third-party components in modern software development has significantly escalated the risk of supply chain attacks. Threat actors frequently exploit public container images to infiltrate organizations and distribute malware, tricking developers into downloading them. While vulnerability scanning provides a strong foundation for robust container security, alone it’s not enough to safeguard your organization against advanced threats.

In this video, we'll be showcasing how patented Dynamic Threat Analysis (DTA) empowers DevSecOps teams to check runtime behavior of their container images before deployment, preventing malicious threats from infecting running applications. During this session, Ali Mokhtari, Solution Architect at Aqua, and Lena Fuks, Product Marketing Manager at Aqua, will discuss the evolving container threat landscape and demonstrate how DTA can help organizations proactively prevent malware incidents and strengthen their defenses.

Key takeaways you can expect:

• Rising software supply chain threats: Learn how public container images can provide a springboard for launching sophisticated supply chain attacks.

• Real-life enterprise use cases: Hear first-hand from a cloud security expert how DTA, trusted by security teams all over the world, helps leading organizations reduce supply chain risk, simplify forensics and investigation, and improve their overall security posture.

• Unique patented technology: See a live demo to uncover why DTA stands out among container security tools and how it goes beyond traditional malware scanners to catch unknown malicious behavior.

• Practical tips for robust container security: Gain actionable insights based on our experience in helping hundreds of organizations develop and implement effective container security programs.

Catch Me If You Can: Uncovering Malicious Behavior in Container Images

In the realm of cloud native security, myths and misconceptions often lead organizations astray, jeopardizing the integrity of their cloud environments. Join us for an informative webinar as we uncover the truth behind some of the most prevalent cloud native security myths and unveil strategies for fortifying your cloud infrastructure.

From debunking the misconception that a specific cloud native security strategy isn't necessary to shedding light on the limitations of traditional security tools, this webinar will challenge common assumptions and provide practical insights to enhance your cloud security posture.

Join us for an expert discussion filled with real-world examples and expert insights. Don't miss out on this opportunity to separate fact from fiction and empower your organization with the knowledge to navigate the cloud native landscape securely.

Register now to secure your spot!

Top 7 Cloud Native Security Myths Debunked

HeadCrab is a highly elusive and sophisticated malware created by an advanced threat actor who utilized custom-made Redis Modules and APIs to build a full-scale malicious framework. Since 2021, the highly advanced malware has deployed several highly technical novel techniques which allowed it to infiltrate servers worldwide. It was evident that the threat actor made operational security a top priority, with several hiding techniques including specifically bypassing security solutions.

In this session, we will share with you a rare and fascinating story of the attack, the tactics we employed to communicate with the attacker, and our technical analysis of both the malware and the persistent tool. We will delve into the malware's 50+ malicious capabilities, including its use of custom Redis commands as communication methods, overwriting Redis commands to avoid detection and fileless attacks to remain hidden. We will also disclose never-before-seen information about a new variant of the malware and the changes the threat actor made to avoid detection.

Furthermore, we will walk you through our investigation of the command-and-control infrastructure of both variants, which led to the discovery that over 2,000 compromised servers were being used as a botnet to help the attacker stay anonymous.

Join us for a captivating and insightful session, getting a glimpse into this advanced operation and the mind behind it.

Key Takeaways:

HeadCrab Sophistication: How this advanced malware was crafted with custom tools for stealthy operations. Evasion Techniques: Insights into the unique methods used to evade detection and maintain a low profile on infected servers. Global Impact: Learn about the extensive reach of HeadCrab malware, which commandeered a botnet of over 2,000 servers, showcasing its capacity as a pervasive cybersecurity threat.

REDIScovering Headcrab - Analysis of a Novel Malware and the Mind Behind It

The second part of our series shifts focus to the detection of threats within the cloud native runtime environment. In this session, we’ll explore advanced methodologies essential for real-time threat detection, with a focus on minimizing time to detection.  

You will learn about the unique architecture of containerized environments and why they require a different level of advanced security. We’ll provide insights into the latest advancements and best practices in monitoring and detecting cloud native threats without impacting system performance. The session will dive into the importance of understanding what signs and signals to look for in a potential breach and how to tailor detection capabilities effectively to cloud native architectures.  

By attending, you will be equipped with the knowledge to implement state-of-the-art threat detection systems in your cloud native environment.

Blinders Off: Synergetic Security in Cloud Native Applications

In this opening session, we establish the foundation of runtime security within cloud native environments. Together, we’ll discuss key concepts, including the architecture of cloud native systems and the unique security challenges they pose.  

The session will provide a detailed overview of the current threat landscape, focusing on the types of threats that are specific to cloud native, such as HeadCrab, Kinsing and others. We will discuss the role of runtime security in this context and introduce the work of Nautilus, Aqua Security’s dedicated cloud native research team, a pivotal force in creating a more secure digital universe for all. 

Join us to gain essential knowledge on building a robust security posture at runtime, how to build proactive measures and the importance of well-architected security strategies.

Unbreakable Cloud: Building the Foundation for Runtime Security

Join Assaf and Moshe as they explore the intersection of CISO expertise and research in the realm of cloud native environments. Moshe, a CISO at a leading cloud native company, discusses the unique challenges and solutions in cloud native security, highlighting the synergy between his team and world-class researchers.

Dive into an overview of cloud native technology, its adoption benefits, and the expanded threat landscape it introduces. Assaf, from Team Nautilus, Aqua Security’s research team, will share insights into unknown cloud threats, vulnerabilities in developer tools, and the role of honeypots in detecting attacks.

The session concludes with Moshe applying these research findings to practical security strategies, emphasizing the role of DevSecOps and the importance of learning from real-world incidents. This webinar offers a blend of expert insights and actionable strategies for enhancing security in cloud-native technology.

A Symbiotic Journey of CISO Expertise and Researcher Insight in Cloud Native

As organizations increasingly migrate their workloads to the cloud, the question of security becomes paramount. Many are left wondering how to effectively protect their multi-cloud workloads from ever evolving and prominent cybersecurity threats. "Mastering Cloud Security: An Introduction to Workload Protection" will discuss the key components of a cloud workload protection solution, focusing on the unique capabilities needed to safeguard workloads against current and emerging threats.

Key Takeaways:
• Understanding the unique challenges of cloud workload security
• A breakdown of critical workload protection capabilities
• Learn about effective protection strategies including behavioral detection techniques, drift prevention, and malware protection
• Practical guidelines for implementing a robust cloud workload protection strategy

Join us for this in-depth look into cloud workload protection and arm yourself with the knowledge and tools needed to safeguard your organization's multi and hybrid cloud environments. Whether you are a seasoned security professional or new to the field, this webinar will offer valuable insights for anyone invested in securing their cloud native applications.

Fortify Your Cloud Journey: Mastering Workload Protection

Containers as a service, like AWS Fargate, have proven to be a valuable mechanism for DevOps teams to build and deploy complex applications at scale. By removing the need for infrastructure management and security, customers can also reduce development costs using AWS Fargate with Amazon EKS.

However, customers are still responsible for runtime security, and ensuring that the code and applications that run on the containers are secured.

In this webinar, we will cover how customers can more easily automate and take advantage of AWS Fargate services to speed the delivery cycle, while still ensuring that security teams could enforce risk mitigation controls that would not disrupt the application’s availability, including.

•Integrating security and assurance into the Fargate container build process 
•Automating assurance policies that prevent non-compliant and unregistered images running 
•Monitoring processes that Fargate containers run, assessing them against policies, and enforcing networking segmentation to prevent container breakouts 
•Blocking unauthorized activities and zero day attacks without stopping all container processes

Security and Assurance for AWS Fargate Containers - A How-To Session

In this session, we'll explore the growing challenges faced by security and risk professionals in managing and securing cloud workloads and discuss effective strategies to mitigate these risks.

Managing cloud security risk has become increasingly complex, with security professionals struggling to keep up with the never-ending list of security alerts and siloed tools across their multi-cloud environments. Traditional CSPM approaches often fall short in providing real-time visibility and context necessary to understand and address cloud security risks effectively.

We’ll explore the key pain points associated with cloud security and highlight actionable solutions to overcome these challenges. Discover how real-time visibility provides the context, clarity and confidence you need to accurately identify cloud security risks, prioritize remediation efforts, and reduce noise by aggregating findings. 

By attending this session, you'll:

• Understand the evolving challenges in managing and securing cloud workloads
• Explore strategies to achieve real-time visibility and effective risk management
• Learn how to prioritize and remediate critical cloud security issues efficiently
• Discover techniques to unify cloud security across the application lifecycle
• Gain insights into achieving regulatory compliance in cloud environments

Cloud Security Explained | Code-To-Cloud and Back Webinar Series

As cloud computing continues to reshape the modern IT landscape, the approach to cloud security must also undergo a seismic shift. Over the years, cloud security posture management (CSPM) has undergone a remarkable transformation, adapting to the ever-changing needs of cloud-native environments.

Join us as we embark on a journey to trace the evolution of CSPM from inception to its cutting-edge state today. In this webinar, we will dive into the evolution of CSPM, exploring the beginnings of the solution, the challenges it aimed to address, and why agentless-only scanning no longer provides real cloud security. Throughout this session, we will analyze the pivotal milestones that have shaped the evolution of CSPM, from basic configuration checks to sophisticated behavioral threat detection and beyond. Then, we'll speculate on what the future holds and how CSPM can keep evolving to address future cloud and cloud-native security challenges.
Key highlights of the webinar:
• The genesis of CSPM: Understanding its origins and initial motivations.
• Evolutionary stages: A comprehensive overview of CSPM's development over the years
• Key challenges and solutions: Examining the pain points CSPM has tackled along the way
• Advanced CSPM capabilities: Understanding the latest innovations driving CSPM effectiveness
• The future of CSPM: Predicting the trajectory and upcoming trends in cloud and cloud-native security

The Evolution of Cloud Security Posture Management (CSPM)

In this session, we'll address the critical pain points and challenges faced by developers and DevOps professionals in ensuring the security of their software development practices. 

Learn how to fortify your software supply chain and effectively manage third-party risks and open-source vulnerabilities. Gain insights into integrating security practices seamlessly into your CI/CD pipeline, enabling you to identify and remediate vulnerabilities in container images early in the development lifecycle. Elevate your container security through advanced container analysis, ensuring compliance and detecting embedded vulnerabilities in your deployments.

By attending this session, you will learn how to:
• Strengthen your software development practices with industry-leading approaches
• Secure your software supply chain and mitigate third-party risks
• Integrate security seamlessly into your CI/CD pipeline for continuous protection
• Enhance container security through advanced analysis and compliance enforcement

Dev Security Explained | Code-to-Cloud and Back Webinar Series

In December 2021, the Log4j vulnerability crashed onto the scene, spoiling the holiday mood for security pros around the globe. Its profound impact on IT environments has called for a fundamental shift in how organizations think about their security strategies. Two years later, it is still on CISOs’ minds. This begs the question, “Have organizations fortified their defenses against the next potential Log4j?” 

Amid the escalating cat-and-mouse game with attackers, Log4j has put the spotlight on the significance of robust runtime security. In this fireside chat with Jake Meloche, Solution Architect at Aqua and Erin Stephan, Principal Product Marketer at Aqua, we’ll delve into the invaluable lessons organizations can learn from the Log4j incident. We will show how Aqua successfully guided its customers through the storm and why prioritizing runtime security is absolutely critical for protecting against similar zero-day threats that are yet to hit.  

Key takeaways you can expect: 
• Ongoing concerns of CISOs worldwide: Understand why CISOs across the globe remain vigilant about the persistent threat of the Log4j vulnerability. 

• Real-life enterprise experience: Uncover how some of the world’s largest organizations handled the Log4 incident and what they learned along the way. 

• Prioritizing runtime security: In the ever-evolving landscape of zero-day vulnerabilities, learn why runtime controls play a pivotal role in a zero-day defense strategy.  

•Actionable advice: Gain insights into protecting your organization from zero-day threats and explore how drift prevention can elevate your runtime security game.

Log4j Lessons Learned: A Blueprint for Zero-Day Defense

Log4j

Zero Day Threats

Cloud Native

Cloud Security

Threat Detection

Threat Defence

Cloud Applications

Cloud Adoption

CNAPP

Runtime Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Log4j Lessons Learned: A Blueprint for Zero-Day Defense

Presented by

About this talk

More from this channel