Name: The Processes to Deliver Effective Threat Detection and Response
Start: 2024-07-10T15:00:00Z
End: 2024-07-10T15:01:00.000Z
Location: BrightTALK
Rating: 0

This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

In the ever-evolving landscape of DevOps, the paradigm is now shifting - where security is taking the central stage. With vast surface areas including containers, cloud, repositories and third party components, cyber threats became prominent then ever before in DevOps. 

Our presentation delves into the evolution from traditional DevSecOps to the advanced elimination of threats in each possible way in every stage of DevOps: Build, Test, Deploy and Operate. Lets see how we can prevent cyber threats with secure cloud architecture, continuous logging and monitoring, required approval processes in place, code scanning along with manual reviews as well ensuring heightened security at every step.

In this session, join Jyotirmayee Pradeep Kumar (Vice President - Cloud DevOps at a well-known global bank) as she unravels the stages of elimination of cyber security threats at each phase of DevOps. Topics for discussion include:
- DevOps landscape and different stages associated with it.
- Surface area of cyber threats in DevOps.
- Security breaches within the DevOps framework.
- Practical strategies for eliminating cyber threats with shift-left security implementations. 
- Diverse approaches to automate security integration into DevOps practices.

Eliminating Cybersecurity Threats: Inspection of DevSecOps

The National Institutes of Science and Technology recently launched a new version of their cyber security framework, NIST CSF v2.0 to provide both government organizations and private industry a comprehensive set of cyber security guidelines. Better yet, this version can easily be integrated into existing frameworks and tools. 

In this session, Hilton analyst Ralph Villanueva will point out how the newly added governance aspect of this framework can boost the detection, respond and recover capabilities of any organization in the event of a cyber-security incident.

Improve Incident Detection and Response Governance with NIST CSF v2.0

Tune into this session from industry thought leader Vincent Amanyi as he highlights a robust strategy to develop core requirements and step-by-step approach to build a resilient foundation of your insider threat program.

Key takeaways:
- How to perform environment assessment. 
- How to establish a clean foundation that is central to your enterprise.
- Learn how to benchmark and manage your maturity journey.
- Develop the right mix of tool for monitoring.

Identifying and Building the Foundation of a Threat Program

How do you know the dangers you face regarding cybersecurity? A threat intelligence program is key to understanding the existing dangers.  However to be truly effective, threat intelligence must be relevant to your situation and environment. Ensuring  that threat intelligence is indeed intelligent in regards to your specific needs requires more than a basic data feed. The presentation from industry thought leader Charles Kolodgy will provide useful insight and information designed to allow you to align your threat intelligence with your specific needs by incorporating other components that complement threat intelligence.

Join this discussion to learn:
- What is threat intelligence and the specific value it provides.  
- How the MITRE ATT@CK framework is a useful tool for threat intelligence.
- Attack surface management is a valuable component of threat intelligence.
- Understand how threat intelligence and attack surface can be reconciled.
- How to evaluate the various cybersecurity threat intelligence offerings available.
- Harmonizing threat intelligence, attack surface, vulnerabilities, and business requirements when making cybersecurity decisions

Ensuring Threat Intelligence Remains Intelligent

APIs have become essential in today's digital ecosystem, enabling seamless data exchange, connecting applications, and driving innovation. However, as they contain valuable data, APIs can also serve as enticing targets for cyber attacks such as DDoS attacks, SQL injections, and cross-site scripting (XSS). A single API breach can jeopardize sensitive information and affect an organization's reputation, financial stability, and compliance. Therefore, it's crucial to have a robust API security program in place. 

In this webinar, we will explore the multifaceted landscape of API security and emphasize its pivotal role in modern enterprises' overall cybersecurity posture. We will delve into the foundational components of API security, explain how each relates to the evolving threat landscape, and discuss practical, actionable ways they can prevent cyber criminals from exploiting vulnerabilities in APIs. We will also provide insight into the capabilities of a mature, end-to-end API security program and define practical milestones to empower you to elevate your API security to the next level.

Key takeaways from this webinar include understanding how attackers' tools, techniques, and procedures are evolving, learning the components of API security and their respective roles, and taking actionable steps to assess and enhance your organization's API security posture. In addition, we will highlight forward-thinking strategies and how web application firewalls (WAFs) can help detect and block malicious traffic, and how API security solutions can provide comprehensive protection for your APIs and work with WAFs to ultimately protect applications and their data.

Elevating API Security

As we improve our defenses, the threat actors step up their game to cause more harm. We will take a practical approach and examine emerging threats from the Dark Web that aim to breach our defenses. 

Using practical examples, we will study these threats and discuss steps that you should be taking to prevent these cyber-attacks.

What to expect:
1. Introduction – Emerging Threats 2024
2. Ransomware Evolution
      - Less encryption, more exfiltration
      - Detection of data leaks
      - Testing for Ransomware attacks
3. Breaches in Cloud and Supply Chain
      - Know your data
      - Extend your perimeter
4. Addressing a Threat
5. Show ROI on Threat Detection and Prevention

Threat Intelligence: The Dark Side of Threat Detection

In the rapidly evolving landscape of cybersecurity, the ability to effectively detect and respond to threats is paramount for organizations across the globe. Traditional threat intelligence mechanisms have often been reactive, focused on addressing vulnerabilities after they have been exploited. However, with the increasing sophistication of cyber threats and the expanding digital footprint of modern enterprises, there is a critical need to pivot towards more proactive and dynamic strategies.

This presentation delves into the latest methodologies and technologies driving the future of threat intelligence. We will explore cutting-edge approaches to data collection and analysis, including artificial intelligence (AI) and machine learning (ML) algorithms, which enable predictive threat modeling and real-time anomaly detection.

We will discuss the importance of expanding threat intelligence sources beyond traditional feeds, incorporating open source intelligence (OSINT), social media analysis, and dark web monitoring to gain a more comprehensive view of potential threats. The role of collaborative intelligence-sharing platforms will also be highlighted, emphasizing how they enhance collective defense mechanisms by fostering an ecosystem of shared knowledge and resources.

Beyond the Horizon: Use AI to Expand Threat Intelligence for Proactive Security

Machine learning advancements have grown rapidly in the last few years. However, machine learning is heavily dependent on data, as machine learning models are trained on vast datasets that are then used to provide insight or draw conclusions. This reliance on data means that machine learning can be subverted by an adversary who is able to manipulate even just a small portion of the data.

This talk will provide an overview of what adversarial machine learning is and details on some categories of vulnerabilities. Additionally, this talk will provide a list of things to think about when using or developing machine learning models.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.

To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)

Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

Adversarial Machine Learning: What is it?

Join us as Gloria D’Anna – co-chair of SAE G32 JA7496 on CyberPhysical Systems takes us through an overview of this standard, along with the illustrative example on the Electric Vehicle Illustrative Example. We’ve been able to work with SAE to provide a video on how to utilize this standard. We’ve selected Electric Vehicles as an illustrative example, as (1) it’s timely and (2) it’s something that we can easily talk about – unlike some other items in the Aerospace / Department of Defense world. Gloria will also provide the link on where you can view complimentary videos from SAE that explain SAE G-32.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.

To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)

Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

SAE G32 CyberPhysical Systems – and the EV Illustrative Example

Obtain a high-level overview of the concept of Generative Artificial Intelligence (GenAI). Then learn about the top attacks against GenAI platforms, real-life scenarios where these attacks could occur, and suggested actions to mitigate these attacks.

WiCyS is proud to provide members the opportunity to earn CPE/CEU credits for attending WiCyS Webinars live.

To earn CPE/CEU credits with the following providers, you must meet the minimum requirements:
- GIAC/(ISC)2: attend for a minimum of 45 minutes or the entirety of the webinar
- CompTIA: attend for a minimum of 60 minutes or the entirety of the webinar (webinar topic must relate to the certificate being renewed)

Attendees who meet the requirements can log into BrightTALK to print out their attendance certificates to submit for CPE/CEU credits.

What is Generative AI and What are the Security Considerations?

Tune into this talk to learn about the integration of Artificial Intelligence (AI) into endpoint detection and response (EDR) systems, focusing on the application of AI-driven behavioral profiling to identify malicious activities. Industry thought leader John Bambenek will delve into the mechanisms by which AI models discern typical from atypical user behaviors, thus enhancing threat detection capabilities. The discussion also will cover the benefits of this holistic approach, including improved detection accuracy and faster response times. Practical case studies will demonstrate the effectiveness of AI behavioral profiling in real-world scenarios, underscoring its significance in the development of robust cybersecurity frameworks.

Enhancing EDR: A Holistic AI-Based Behavioral Profiling Approach

Endpoint protection has been around for decades and is not disappearing anytime soon. While the key requirement of any solution is efficacy (effectiveness in detecting threats), there are many other aspects that should be part of your endpoint solution evaluation and selection process. 

Tune into this presentation from industry thought leader Kevin Tolly who will introduce the audience to three important aspects to consider: 
- Resource utilization.
- Online vs. offline efficacy.
- Hybrid detect/respond solutions. 

Some solutions can consume much or all of the endpoint’s CPU during scans leading to potential degradation of the endpoint’s overall performance. Some solutions are not as effective when they are offline and can’t access their cloud-based threat databases. This can be important for operations-oriented computers that are deliberately disconnected from the Internet. We are also seeing a split between detection and remediation with some solutions consisting of two vendors specializing in each area. These vendors claim that improved detection justifies the split solution. 

Tune in to dive more into these points and see Kevin Tolly present vendor-neutral test data from actual test to demonstrate the differences across some current generation solutions. 

About The Tolly Group
The Tolly Group is an authoritative international testing organization based in Boca Raton, Florida. The Tolly Group has been providing third-party validation of IT products and solutions since 1989.

Next-Gen Endpoint Security: Efficiency, Efficacy, and Hybrid Protection

Tune into this talk presented by the University of Washington's Deveeshree Nayak as she discusses the importance of advancing application security practices into our technology use. As technology continues to integrate more into our lives, it becomes increasingly important to secure educational applications and platforms. 

During the session, we will explore various topics such as the current threat landscape, the significance of secure development, case studies, best practices, the role of education in advancing security practices, future trends, and how to form a team to address security vulnerabilities, manage risks and fortify against cyber attacks. Please join to gain insights into advancing application security practices tailored to various sectors' unique challenges and opportunities. Whether you are an educator, IT professional, or administrator, this talk aims to equip all types of attendees with the knowledge and tools needed to strengthen your institution's security posture.

An Educational Perspective and Mitigation Strategy for Application Security

In an age where artificial intelligence (AI) not only powers innovations but also underpins cybersecurity threats, this session aims to inform and help you prepare against the next wave of digital assaults. This talk will delve into the burgeoning domain where lax API security meets sophisticated AI-driven exploit bots, marking a paradigm shift in how cyber threats are generated and how they must be mitigated.

As smaller entities become increasingly attractive targets due to the reduced cost and effort required for attacks, the session underscores the imperative of adopting secure development practices. It posits that the foundation of robust AppSec in this new era lies not in the procurement of cutting-edge tools, but in the diligent application of well-established security principles. Attendees will leave with the following takeaways:
- Cost-effective strategies that can fortify applications against the onslaught of AI-powered threats.
- Proactive cybersecurity frameworks, with a particular focus on how threat modeling can evolve to address AI-specific vulnerabilities. 
- Actionable insights into applying frameworks like the NIST AI RMF to AI app development. 

The session seeks to equip participants with the knowledge and tools necessary to anticipate and defend against not just the threats of today but those of a rapidly approaching future. Designed for security professionals, application developers, and business leaders alike, this talk will offer a blend of humor, real-world scenarios, and practical solutions to navigate the complexities of securing applications in an AI-driven world. Join us to explore how we can turn "advanced threat guesswork" into a strategic advantage, ensuring our digital defenses are not just reactive but predictively aligned with the cybersecurity landscape's evolution.

Predictive Shenanigans: The New Wave of Application Threats

In the digital age, APIs are the backbone of digital transformation, powering everything from mobile apps to microservices. However, as the complexity and connectivity of systems increase, so does the attack surface and their vulnerability to cyber attacks. The key to securing these systems lies not just in the application of security measures post-development but in embedding security considerations throughout the Software Development LifeCycle (SDLC). This session, sheds light on the process of threat modeling and showcases its critical role in designing secure and resilient APIs.

During this session, we will be covering
- The fundamentals of threat modeling.
- Integrating threat modeling to API lifecycle. 
- Case studies and real-world applications. 
- Tools and techniques for effective threat modeling. 
- Overcoming common challenges. 

This session is designed for developers, security professionals, and IT leaders seeking to enrich their API security strategy through the power of threat modeling. By the end of this session, attendees will be equipped with the knowledge and tools needed to implement a robust threat modeling process, transforming their API design process.

About the speaker:
Elango is CISSP certified and accomplished technology leader with 20+ years of experience building high-performance engineering organizations for high-tech and financial services businesses across multiple geographies. He oversaw several cloud implementations that meet the highest standards of security and compliance for top-tier banks across Singapore, Thailand and the United States.

The Blueprint to Secure API Design Through Effective Threat Modeling

Enabling Effective Threat Detection and Response

End to End Immutability

Fast-Track Cloud-Native Investigations: Win the Race Against Bad Actors

Cybersecurity Evolved: The Impact of AI and ML on Backup and Recovery

Real-World Applications for Better Security: Adlumin’s Threat Research Insights

Enabling threat detection and response should be a key consideration of managers and the senior leadership team. Speciﬁcally supporting threat detection and response processes  needed to deliver an eﬀective solution are imminent as organizations continue to face new and challenging operational risks. 

So what does this mean for any organization believing they are ready, or not? And how do they ensure that their  threat vulnerability and risk assessment (TVRA) is proportionate for the changing cybersecurity environment, while taking into account changes to operational eﬃciency and delivery of products and services to customers? 

Tune into this session presented by business continuity, disaster recovery, cyber resilience and major incident expert Steve Yates, as he discusses enabling threat detection and response for risks facing complex technology ecosystems. Yates will explore current threats and vulnerabilities and the need for a robust risk management process. In addition, he will delve into real technology major incidents, and explore where compliance is a key component of the end solution. Viewers are encouraged to share, in conﬁdence, their major concerns before the presentation if they wish to gain the most from this session.

 By the end of the session, you will be able to: 
- Be aware of the range of threats and vulnerabilities that you may encounter. 
- Form an understanding of a risk assessment framework for supporting cyber resilience. 
- Understand how an integrated technology framework can prevent significant disruptions.

About the speaker
Steve is a Founding Fellow of the Business Continuity Institute (FBCI), as well as being a Disaster Recovery Institute (DRI) International Certified Business Continuity Professional (CBCP) and Cyber Resilience Professional (CCRP).

The Processes to Deliver Effective Threat Detection and Response

Threat Detection

threat detection and response

Cyber Security

Resiliency

Vulnerability Management

Risk Assessment

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The Processes to Deliver Effective Threat Detection and Response

Presented by

About this talk

More from this channel