E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpoints

•Télécharger en tant que PPTX, PDF•

0 j'aime•290 vues

IT security professionals rank third-party application vulnerabilities as the greatest security risk in 2012. Yet, malware continues to exploit these - and other - vulnerabilities to breach our defenses. Knowing how to bridge the gap between knowing the problem and finding a solution is critical to mitigate risks in your endpoint environment. In this presentation, learn: • What the vital layers of defense are for your endpoints. • How to thwart exploitation of your endpoint OS, configuration and 3rd party application vulnerabilities. • How to prevent unknown applications from executing on your systems.

Technologie Business

E is for Endpoint:
How to Implement the
Vital Layers to Protect
Your Endpoints

Today’s Agenda

Current Threat Landscape

Back to Basics with Patch and Configuration Management

Stopping Unknown Applications & Attacks

Q&A

Today’s Panelists

Eric Ogren Paul Henry
Principal Analyst Security & Forensics Analyst
Ogren Group

3

Not Simply A Microsoft Issue

•Since 2009 the most
hacked software was 3rd
party apps and browser
add-ons like Adobe and
QuickTime.
•Yet we focus our attention
on patching Microsoft
OS/Applications.

5

All Hail The New Malware King – Java !

6

Apple Also Got A Needed Dose Of Reality

7

BYOD – On Going Blind Adoption

• A recent survey
of Companies
with 2,000 or
more employees
indicated that
70% permitted
BYOD yet less
then 30% had
policies to
address device
security

9

… Your Plugging That In To My Network?

Source: Juniper Mobile Threat Report

10

E is for Endpoint Series

1: Think Different
2: Back to Basics With Patch and Configuration Management
3: How to Check Unknown Apps at the Door
4: Enabling the Self-Defending Endpoint
5: Secrets to Reducing Complexity and Cost
6: How to Continuously Manage Compliance and Risk

11

Eliminate Exploitable Surface Area

Areas of Risk
at the Endpoint
5%
Zero-Day

30%
Missing Patches

65%
Misconfigurations

Source: John Pescatore Vice
President, Gartner Fellow

13

Patch Management Back in Vogue
• The top security priority is “patching
client-side software”1
» Streamline patch management and reporting
across OS’s AND applications

Source:
1 - SANS Institute

14

3rd Party Applications

• Patch and defend is not just a
Microsoft issue
» More than 2/3 of today’s vulnerabilities come
from non-Microsoft applications

15

Stop Unwanted Applications

»Immediate and simple risk mitigation

18

Application Whitelisting

Unauthorized
•Games
•iTunes
•Shareware
•Unlicensed S/W Known malware
• Viruses
• Worms
• Trojans

Authorized Unknown Malware
• Zero day
•Operating Systems • Targeted
•Business Software • Keyloggers
• Spyware
•Productivity Software

19
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION

Layered Approach to Endpoint Protection

20
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION

More Information
• Quantify Your IT Risk with Free E is for Endpoint Webcast and
Scanners Whitepaper Series
» http://www.lumension.com/special-offer/
premium-security-tools.aspx http://www.lumension.com/E-is-for-Endpoint.aspx

• Lumension® Endpoint Management
and Security Suite
» Demo:
http://www.lumension.com/endpoint-
management-security-suite/demo.aspx
» Evaluation:
http://www.lumension.com/endpoint-
management-security-suite/free-trial.aspx

21

Global Headquarters
8660 East Hartford Drive
Suite 300
Scottsdale, AZ 85255

1.888.725.7828
info@lumension.com
http://blog.lumension.com

Contenu connexe

Tendances

Spy Programs

HHSome

Pegasus Spyware - What You Need to Know

Skycure

1. Mobile Application (In)security

Sam Bowne

FireEye Engineering

Lauren Traurig

There's always a need to stop bad stuff from coming in, but it's important to remember that those inside the firewall can pose an even bigger risk to your network security. Whether its unsuspecting users clicking on phishing e-mails, someone running bit torrent in your datacenter, or a truly malicious user out to sabotage the network, insider threats can really keep you up at night. Join us for this technical demo showing how USM can help you detect: Malware infections on end-user machines Insiders misusing network resources Privileged users engaging in suspicious behaviors

Insider Threats: How to Spot Trouble Quickly with AlienVault USM

AlienVault

Common malware and countermeasures

Noushin Ahson

AlienVault Unified Security Management™ (USM) integrates SIEM/event correlation with built-in tools for intrusion detection, asset discovery, vulnerability assessment and behavioral monitoring to give you a unified, real-time view of threats in your environment. NEW v5.0 (available 4/20) makes it faster and easier than ever to get the insights you need, starting on Day 1. Join us for a live demo to see how new USM v5.0 makes it easier than ever to accomplish these key tasks: Discover all IP-enabled assets on your network Identify vulnerabilities like unpatched software or insecure configurations Detect network scans and malware like botnets, trojans & rootkits Speed incident response with built-in remediation guidance for every alert Generate accurate compliance reports for PCI DSS, HIPAA and more

New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever

AlienVault

Viruses & security threats

wardjo

zero day exploits

Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]

The Malware Menace

Tami Brass

Is Antivirus (AV) Dead or Just Missing in Action

Quick Heal Technologies Ltd.

So, you've got an alarm - or 400 alarms maybe, now what? Security incident investigations can take many paths leading to incident response, a false positive or something else entirely. Join this webcast to see security experts from AlienVault and Castra Consulting work on real security events (well, real at one point), and perform real investigations, using AlienVault USM as the investigative tool. Process or art form? Yes. You'll learn: Tips for assessing context for the investigation How to spend your time doing the right things How to to classify alarms, rule out false positives and improve tuning The value of documentation for effective incident response and security controls How to speed security incident investigation and response with AlienVault USM

Incident response live demo slides final

AlienVault

LogRhythm Zero Day Exploits Use Case

jordagro

Alienvault threat alerts in spiceworks

AlienVault

Chapter 1, Transformasi antivirus

Adi Saputra

FireEye, Inc. is the leader in network malware control, dedicated to eradicating malware from the world's networks. FireEye provides the world's only malware control system designed to secure networks from targeted malware. Our solutions bring advanced network security together with state-of-the-art virtualization technology to combat crimeware and protect customer data, intellectual property and company resources, solving critical business needs without taxing your IT administration. FireEye is based in Menlo Park, CA and backed by Sequoia Capital and Norwest Venture Partners. For more details, visit http://www.fireeye.com.

FireEye

gigamon

Host-based intrusion dection systems (HIDS) work by monitoring activity that is occurring internally on a host. HIDS look for unusual or nefarious activity by examining logs created by the operating system, looking for changes made to key system files, tracking installed software, and sometimes examining the network connections a host makes. AlienVault USM integrates HIDS with other key security controls to help you get the most out of HIDS, including: Analyzing system behavior and configuration status to track user access and activity Detecting system compromise, modification of critical configuration files (e.g. registry settings, /etc/passwd), common rootkits, and rogue processes Correlating HIDS data with known IP reputation, vulnerability scans and more Logging and reporting for PCI compliance

Improve threat detection with hids and alien vault usm

AlienVault

Sandbox Technology in AntiVirus

Ashish Gautam

More information on this webcast: http://ow.ly/IyNdF Have you ever wondered how the bad guys actually get control of a system? And, how they convert that system into a data-syphoning droid? Then you won't want to miss our next live demo, where AlienVault's security gurus Mark Allen & Garrett Gross will walk you through the steps of a system compromise, including how AlienVault USM detects these nefarious activities every step of the way. You'll learn: How attackers exploit vulnerabilities to take control of systems What they do next to find & exfiltrate valuable data How to catch them before the damage is done with AlienVault USM Using a real-world example of a common vulnerability, Mark will show you how USM gives you the evidence you need to stop an attack in its tracks.

How to Detect System Compromise & Data Exfiltration with AlienVault USM

AlienVault

What is Next-Generation Antivirus?

Ryan G. Murphy

Tendances (20)

Spy Programs

Pegasus Spyware - What You Need to Know

1. Mobile Application (In)security

FireEye Engineering

Insider Threats: How to Spot Trouble Quickly with AlienVault USM

Common malware and countermeasures

New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever

Viruses & security threats

zero day exploits

The Malware Menace

Is Antivirus (AV) Dead or Just Missing in Action

Incident response live demo slides final

LogRhythm Zero Day Exploits Use Case

Alienvault threat alerts in spiceworks

Chapter 1, Transformasi antivirus

FireEye

Improve threat detection with hids and alien vault usm

Sandbox Technology in AntiVirus

How to Detect System Compromise & Data Exfiltration with AlienVault USM

What is Next-Generation Antivirus?

Similaire à E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpoints

Defending Behind the Mobile Device

Tyler Shields

Mobile Apps Security

Xavier Mertens

This presentation will take a high level look at the malware life cycle and the role that both hackers and IT professionals play in it. It should be interesting to IT professionals as well as individuals interested in learning more about the general approach used by hackers to gain unauthorized access to systems, applications, and sensitive data. More security blogs by the authors can be found @ https://www.netspi.com/blog/

Declaration of malWARe

Scott Sutherland

DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...

Andris Soroka

Emerging Threats and Trends in Online Security

AVG Technologies AU

Our security practices need to evolve in order to address the new challenges propped up by the rapid adoption of technologies and products to enable the world to WFH. The mantra of the attacker remains consistent -- attack that which yields maximum result -- and that is usually something used by a very very large number of users. This webinar will discuss the Top 10 Security Gaps that CISOs should be aware of as they brace for long WFH periods. What will you learn : -New Attack techniques hackers are using targeting WFH -How to handle decentralisation of IT and technology decisions? -Application risks as enterprises pivot to online/new business model(s) -New risks in the Cloud and due to Shadow IT -Security risks due to uninformed employees & their home infrastructure -How to handle Misconfigurations & Third party risks -How to build a robust breach response and recovery program? Full video - https://youtu.be/bQLfnmhDnQs

Wfh security risks - Ed Adams, President, Security Innovation

Priyanka Aash

The Endless Wave of Online Threats - Protecting our Community

AVG Technologies AU

Mobile phone security has been a hot topic for debate in recent times. The top mobile manufacturers seem to claim that their mobiles and applications are secure, but recent news on mobile hacking and malware suggest otherwise. One of the key challenges in mobile security is the diverse platforms and multitude of operating systems (both open and proprietary) in the market. This makes it almost impossible to devise a generic catch-all strategy for mobile application security. Every platform whether it is iOS, Android, Blackberry, Windows Mobile, Symbian etc. is unique and requires a specialized treatment. In this talk, we will demystify mobile and related application security. We will understand the architectures of various mobile operating systems and the native security support provided by the manufacturers and operating system vendors. Then we will look at how hackers have come up with different techniques and tools to break mobile security, and what mobile companies are doing to mitigate these attacks. Finally, we will look at secure practices for mobile deployment in the Enterprise using policy files and other technology solutions, We will also outline best practices for business users and road warriors, on how to ensure your company data is protected while still continuing to enjoy the flexibility provided by mobile phones.

C0c0n 2011 mobile security presentation v1.2

Santosh Satam

Malicious

Khyati Rajput

Offensive malware usage and defense

Christiaan Beek

Lumension Security - Adjusting our defenses for 2012

Andris Soroka

The New Mobile Landscape - OWASP Ireland

Tyler Shields

Application Explosion How to Manage Productivity vs Security

Lumension

Threats have increased exponentially. Current indicators show a massive increase in threat vectors as a result of COVID-19. What makes this more unsettling is the fact that most ransomware will remain dormant for months before activating. Check out this presentation with ATC provider, TPx. Topics covered during this virtual event include: firewall security, firewall software, endpoints, malware, backups and DR, managed security services and TPx MSx.

Cybersecurity Concerns You Should be Thinking About

Advanced Technology Consulting (ATC)

Is av dead or just missing in action - avar2016

rajeshnikam

Declaration of Mal(WAR)e

NetSPI

DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...

Andris Soroka

Security Requirements in eBusiness

We Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.

Drainware Corporate

Jose Palanco

Malware program by mohsin ali dahar khairpur

Mohsin Dahar

Similaire à E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpoints (20)

Defending Behind the Mobile Device

Mobile Apps Security

Declaration of malWARe

DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...

Emerging Threats and Trends in Online Security

Wfh security risks - Ed Adams, President, Security Innovation

The Endless Wave of Online Threats - Protecting our Community

C0c0n 2011 mobile security presentation v1.2

Malicious

Offensive malware usage and defense

Lumension Security - Adjusting our defenses for 2012

The New Mobile Landscape - OWASP Ireland

Application Explosion How to Manage Productivity vs Security

Cybersecurity Concerns You Should be Thinking About

Is av dead or just missing in action - avar2016

Declaration of Mal(WAR)e

DSS ITSEC CONFERENCE - Spector360 as productivity and security tool - Riga NO...

Security Requirements in eBusiness

Drainware Corporate

Malware program by mohsin ali dahar khairpur

Plus de Lumension

Today, everything has to be patched. From desktop and laptop to server and every operating system in between. With compliance, what we have to pay attention to is what’s actually out there on our network – not just what you wish were there. Servers (Windows, UNIX and Linux)Even Windows-centric environments have at least a few UNIX or Linux servers that need to be secure and patched. Linux and UNIX servers often fulfill critical functions with few and short maintenance windows. These can be a real pain point for admins who specialize in Windows or are managed by an entirely different admin. Desktops (Windows and Macs)Maybe you are responsible for desktops instead of servers. Again it’s not just a Windows story any more. More and more people are opting for Macs instead of Windows. Watch the vulnerability lists and you’ll see that Macs need patching too. The kicker though is the 80/20 rule. If at least 80% of the computers on your network are Windows and the remaining 20% are everything else – it’s a safe bet, given the maturity and ease of WSUS, that 20% of your patching effort goes to Windows but 80% of your effort is consumed with patching all the different flavors of UNIX, Linux and your Mac computers. We need one system to manage all our patches and one pane of glass to prove compliance from data center to desktop. Believe it or not System Center 2012 R2 provides the infrastructure to do just that – it just needs a little help. Last time we showed you how you can patch 3rd party apps on Windows through System Center Update Manager. This time we’ll show you how you can patch non-Windows systems using the new System Center clients for UNIX, Linux and Mac.

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs

Lumension

Mike Rothman, Analyst and President of Securosis, as he dives into an interactive discussion around endpoint security management in 2015. • Protecting Endpoints: How the attack surface has changed, and the impact to your defense strategy • Anti-Malware: The best ways to deal with today’s malware and effectively protect your endpoints from attack • Endpoint Hygiene: Why you can’t forget the importance of ensuring solid management of your endpoint devices • BYOD and Mobility: The extent that corporate data on smart mobile devices impacts your organization • The Most Important Buying Considerations in 2015

2015 Endpoint and Mobile Security Buyers Guide

Lumension

Security expert Randy Franklin Smith from Ultimate Windows Security, shows you a technical and pragmatic approach to mobile security for iOS and Android. For instance, for iOS-based devices, he talks about: • System security • Encryption and data protection • App Security • Device controls Randy also discusses Android-based devices. While Android gets its kernel from Linux, it builds on Linux security in a very specialized way to isolate applications from each other. And learn about iOS and Android mobile device management needs: Password and remote wipe capabilities are obvious but there’s much more to the story. And you’ll hear Randy's list of top-10 things you need to secure and manage on mobile devices in order to protect access to your organization’s network and information.

Top 10 Things to Secure on iOS and Android to Protect Corporate Information

Lumension

2014 BYOD and Mobile Security Survey Preliminary Results

Lumension

Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...

Lumension

Careto: Unmasking a New Level in APT-ware

Lumension

Point of Sale (POS) systems have long been the target of financially-motivated crime. And in 2013 the magnitude of cybercrime against POS systems skyrocketed, with 97% of breaches in the retail sector and 47% in the healthcare sector aimed against POS systems. With sensitive financial and personal records getting exposed by the millions, the FBI recently warned that POS systems are under sustained and continued attack. During this webcast, we will take you into the three critical entry points to POS system attacks. We’ll discuss how the attacks look, the timelines for these breaches, and what proactive security measures you can take to help your organization minimize the risk to your POS systems. •3 Critical Entry Points to POS System Attacks •Impacts to an Organization •Top 3 Security Measures to Minimize Risk

Securing Your Point of Sale Systems: Stopping Malware and Data Theft

Lumension

Thanks to you, the audience at UltimateWindowsSecurity, for the 2014 Survey. It was a great success with over 600 respondents! I appreciate all of you who took the time give me your thoughts. You’ve provided some great ideas for real training for free™ in the coming year and I’ve learned which topics are most important to you. That’s going to benefit all of us. In this presentation, we'll present our findings. We’ll talk about the community’s top goals for 2014, which topics you recommended I cover in 2014 and what our community sees as the greatest security concerns for 2014. And we’ll discuss other trends emerging from the data. Find out about the top trends, such as: SIEM – What are the top SIEM solutions? What is the UWS community’s top 3 biggest challenges with log/monitoring/security analytics? Endpoint Security – How widely is application whitelisting being used and what is driving its adoption? Which endpoint security technologies really work and which are just hype? Mobile Devices – Are employee owned mobile devices supported at your organization? Is your biggest concern with mobile devices malware, data loss, compliance? The Cloud – How widely are your peers embracing the cloud? Is your organization’s security policy, technology and training keeping up with the move to the cloud? Advanced Security Topics – What are your peers doing about “big data”? What about endpoints as sensors, and other new security approaches? This will be a fact-filled and fascinating presentation on where we are and where we are going on a host of different security fronts. Don’t miss it.

2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...

Lumension

2014 Data Protection Maturity Survey: Results and Analysis

Lumension

Organizations around the world are losing intellectual property and customer data to cyber criminals at mind-boggling rates. How is this happening? For 5 consecutive years, the annual State of the Endpoint Report, conducted by Ponemon Institute, has surveyed IT practitioners involved in securing endpoints. This year’s report reveals endpoint security risk is more difficult to minimize than ever before. What are IT pros most concerned about heading into 2014? From the proliferation of mobile devices, third party applications, and targeted attacks/APTs, endpoint security risk for 2014 is becoming more of a challenge to manage. Larry Ponemon of the Ponemon Institute reveals statistics on growing insecurity, IT’s perceived areas of greatest risk for 2014 as well as tactical suggestions for how to improve your endpoint security. Specifically, you will learn: •IT perspective on the changing threat landscape and today’s Top 5 risks; •Disconnect between perceived risk and corresponding strategies to combat those threats; •Tips and tricks on how to best communicate today’s threats and subsequent needed responses up the management chain

Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk

Lumension

Windows XP is Coming to an End: How to Stay Secure Before You Migrate

Lumension

Last time it was Adobe’s code signing servers. This time it’s 2.9 million (let’s just call it 3) customers’ data and lots and lots of source code – including that of Acrobat. Adobe products already require constant patching but offer no enterprise level solution for patching. In this presentation by Ultimate Windows Security, we’ll present why this will likely lead to more and we’ll look at what we know about this latest Adobe breach. But more importantly I’ll show what you can do in advance to protect yourself against zero-day exploits in Adobe products and programs. After all this won’t be the last time a software vendor is hacked. In this day and age we have to protect ourselves from the failures of our software providers. I’ll present 3 ways you can go on the offensive to protect yourself from the constant vulnerabilities discovered in Adobe Reader, Acrobat, Flash and Oracle Java. Here’s what we’ll discuss: *Alternatives to Adobe and Java *Different ways to containing vulnerable apps in a sandbox * Using advanced memory protection technologies to detect and stop buffer overflows and other memory based attacks Patching and AV only helps you close the window on hacker opportunity. To prevent the window from opening in the first place you have to prevent untrusted code from ever running in the first place. That requires application whitelisting and memory protection against code injection – a growing menace that bypasses controls based on file system and EXE scanning. That’s why Lumension is sponsoring this event. I think you’ll be interested seeing 2 of their end-point security technologies that will help protect you from the new exploits on their way as a result of this hack as well as the constant stream of exploits discovered every day. This is going to be a really cool presentation with practical tips that you can apply. Learn how to protect your systems from other software vendor vulnerabilities.

Adobe Hacked Again: What Does It Mean for You?

Lumension

Real World Defense Strategies for Targeted Endpoint Threats

Lumension

APTs: The State of Server Side Risk and Steps to Minimize Risk

Lumension

2014 Ultimate Buyers Guide to Endpoint Security Solutions

Lumension

The European Union’s proposed new data protection regulation aims to update Europe’s data protection laws and to provide a more consistent data protection framework across the Continent. But the new regulation, which replaces the EU’s existing data protection directive and member states’ data protection laws, will put some new demands on organisations holding personal data. Breach disclosure and “the right to be forgotten” will force businesses to update their data protection and retention policies. This presentation will: - Review the current EU laws, and contrast them with laws in other parts of the world; - Examine the arguments for strengthening data protection in Europe, and the likely outcomes; - Look at what security teams should already be doing to put themselves ahead of legislative changes; - Outline strategies and technologies organisations need to meet current and future data protection requirements - Help infosecurity teams to explain the changes – and their consequences – to their boards

Data Protection Rules are Changing: What Can You Do to Prepare?

Lumension

Just over a decade ago, the outcry over Microsoft’s security problems reached such a deafening level that it finally got the attention of Bill Gates, who wrote the famous Trustworthy Computing memo. Today, many would say that Microsoft leads the industry in security and vulnerability handling. Now, it’s Java that’s causing the uproar. But has Oracle learned anything from Microsoft in handling these seemingly ceaseless problems? I’ll start by reviewing the wide-ranging Java security changes Oracle is promising to make. They sound so much like the improvements Microsoft made back with Trustworthy Computing that I’m amazed it hasn’t been done before! We’ll move on to discuss what you can do now to address Java security in your environment. One of the banes of security with Java is the presence of multiple versions of Java, often on the same computer. Sometimes you really need multiple versions of Java to support applications with version dependencies (crazy, I know). But other times, multiple copies of Java are there “just because.” In this webinar, we’ll talk about the current Java mess and how you can get out of it, including: Assessment. We’ll discuss ways and tools for cataloging what versions of Java are actually out there on your endpoints. Identification. We’ll look at methods for identifying which versions are actually required by your users; for instance, I’ll show you how you might use Process Tracking and File Access events in the Windows Security Log to see which Java files are being accessed, by whom, and by which programs. Disabling. Can you just disable Java? Maybe not for everyone, but what if you could disable it for certain roles within your company that make up 25% – or even 75% – of your workforce? That would be worth it. We’ll explore how you might go about such a measure. Hardening. We’ll dive into the technical details of hardening Java and reducing your Java attack surface, where possible. Filtering. Another way to reduce your Java risk is by filtering Java content at your gateway. Again not full coverage control – but what is? Patching. Then, we’ll delve into the Java patching nightmare. Depending on self-updaters on each endpoint, is could be a recipe for disaster, and I’ll explain why. Basically the only way out of the Java mess is a 3rd party solution that can perform centralized patch management and remediation and that’s where our sponsor, Lumension, will come in.

Java Insecurity: How to Deal with the Constant Vulnerabilities

Lumension

Bring Your Own Device (BYOD) is a popular topic in 2013. Trying to understand the security risks and prepare strategies to either adopt, or decide against BYOD for security and data control reasons is the challenge. The 160,000 member Information Security Community on LinkedIn conducted the survey "BYOD & Mobile Security 2013" to shed some light on the drivers for BYOD, how companies will benefit from BYOD, and how they respond to the security risks associated with this trend. With 1,600 responses, some interesting insights and patterns into BYOD were uncovered.

BYOD & Mobile Security: How to Respond to the Security Risks

Lumension

Do you want to know how ‘best-of-breed’ enterprises prioritize their IT risk? Join Richard Mason, Vice President & Chief Security Officer at Honeywell, whose team is responsible for global security, during a roundtable discussion with Pat Clawson, Chairman & CEO of Lumension and Roger Grimes, Security Columnist & Author. Uncover strategies beyond traditional antivirus signatures and learn a more holistic approach to effective risk management. Find out ‘how’ and ‘why’ you can make security a prioritized function within your organization. Join this expert panel webcast to learn how to: 1)Understand your business audiences and evaluate their risk tolerance 2)Leverage reputation management services that are appropriate for your organization 3)Utilize realistic change management to secure prioritized data depositories

3 Executive Strategies to Reduce Your IT Risk

Lumension

APTs have become a major topic of conversation – and in some cases, a critical threat – among IT security departments. But the technology and motivation behind APTs has changed significantly since the introduction of Stuxnet, continuing to evolve rapidly to avoid detection. In this special Dark Reading presentation, a leading expert on the origins and directions of APTs will discuss the changing nature of these sophisticated threats – and how you can prepare your enterprise security environment to detect and mitigate these complex and dangerous attacks.

The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...

Lumension

Plus de Lumension (20)

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs

2015 Endpoint and Mobile Security Buyers Guide

Top 10 Things to Secure on iOS and Android to Protect Corporate Information

2014 BYOD and Mobile Security Survey Preliminary Results

Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...

Careto: Unmasking a New Level in APT-ware

Securing Your Point of Sale Systems: Stopping Malware and Data Theft

2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...

2014 Data Protection Maturity Survey: Results and Analysis

Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk

Windows XP is Coming to an End: How to Stay Secure Before You Migrate

Adobe Hacked Again: What Does It Mean for You?

Real World Defense Strategies for Targeted Endpoint Threats

APTs: The State of Server Side Risk and Steps to Minimize Risk

2014 Ultimate Buyers Guide to Endpoint Security Solutions

Data Protection Rules are Changing: What Can You Do to Prepare?

Java Insecurity: How to Deal with the Constant Vulnerabilities

BYOD & Mobile Security: How to Respond to the Security Risks

3 Executive Strategies to Reduce Your IT Risk

The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...

Dernier

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Delhi Call girls

Presentation on how to chat with PDF using ChatGPT code interpreter

naman860154

What is a good lead in your organisation? Which leads are priority? What happens to leads? When sales and marketing give different answers to these questions, or perhaps aren't sure of the answers at all, frustrations build and opportunities are left on the table. Join us for an illuminating session with Cian McLoughlin, HubSpot Principal Customer Success Manager, as we look at that crucial piece of the customer journey in which leads are transferred from marketing to sales.

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

HampshireHUG

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

Microsoft's Threat Matrix for Kubernetes helps organizations understand the attack surface a Kubernetes deployment introduces to their environments. This ensures that adequate detections and mitigations are in place. By covering over 40 different attacker techniques, defenders can learn about Kubernetes-specific mitigations and controls to deploy to their environments. In this session, we will explore the MS-TA9013 Host Path Mount technique, which is commonly used by attackers to perform privilege escalation in a Kubernetes cluster. Attendees will learn how attackers and defenders can: * Escape the container's host volume mount to gain persistence on an underlying node * Move laterally from the underlying node into the customer's cloud environment * Analyze Kubernetes audit logs to detect pods deployed with a hostPath mount * Deploy an admission controller that prevents new pods from using a hostPath mount

Breaking the Kubernetes Kill Chain: Host Path Mount

Puma Security, LLC

Slack Application Development 101 Slides

praypatel2

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

A Call to Action for Generative AI in 2024

Results

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Rafal Los

MySQL Webinar, presented on the 25th of April, 2024. Summary: MySQL solutions enable the deployment of diverse Database Architectures tailored to specific needs, including High Availability, Disaster Recovery, and Read Scale-Out. With MySQL Shell's AdminAPI, administrators can seamlessly set up, manage, and monitor these solutions, ensuring efficiency and ease of use in their administration. MySQL Router, on the other hand, provides transparent routing from the application traffic to the backend servers in the architectures, requiring minimal configuration. Completely built in-house and supported by Oracle, these solutions have been adopted by enterprises of all sizes for their business-critical applications. In this presentation, we'll delve into various database architecture solutions to help you choose the right one based on your business requirements. Focusing on technical details and the latest features to maximize the potential of these solutions.

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Miguel Araújo

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

[2024]Digital Global Overview Report 2024 Meltwater.pdf

hans926745

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Finology Group – Insurtech Innovation Award 2024

The Digital Insurer

GenCyber Cyber Security Day Presentation

Michael W. Hawkins

08448380779 Call Girls In Friends Colony Women Seeking Men

Delhi Call girls

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

🐬 The future of MySQL is Postgres 🐘

RTylerCroy

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Dernier (20)

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Presentation on how to chat with PDF using ChatGPT code interpreter

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx

Driving Behavioral Change for Information Management through Data-Driven Gree...

Breaking the Kubernetes Kill Chain: Host Path Mount

Slack Application Development 101 Slides

Boost Fertility New Invention Ups Success Rates.pdf

Data Cloud, More than a CDP by Matt Robison

A Call to Action for Generative AI in 2024

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...

Axa Assurance Maroc - Insurer Innovation Award 2024

[2024]Digital Global Overview Report 2024 Meltwater.pdf

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Finology Group – Insurtech Innovation Award 2024

GenCyber Cyber Security Day Presentation

08448380779 Call Girls In Friends Colony Women Seeking Men

Exploring the Future Potential of AI-Enabled Smartphone Processors

🐬 The future of MySQL is Postgres 🐘

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpoints

1. E is for Endpoint: How to Implement the Vital Layers to Protect Your Endpoints

2. Today’s Agenda Current Threat Landscape Back to Basics with Patch and Configuration Management Stopping Unknown Applications & Attacks Q&A

3. Today’s Panelists Eric Ogren Paul Henry Principal Analyst Security & Forensics Analyst Ogren Group 3

4. The Malware Trend Continues… 4

5. Not Simply A Microsoft Issue •Since 2009 the most hacked software was 3rd party apps and browser add-ons like Adobe and QuickTime. •Yet we focus our attention on patching Microsoft OS/Applications. 5

6. All Hail The New Malware King – Java ! 6

7. Apple Also Got A Needed Dose Of Reality 7

8. 600,000 Infected Mac’s Globally 8

9. BYOD – On Going Blind Adoption • A recent survey of Companies with 2,000 or more employees indicated that 70% permitted BYOD yet less then 30% had policies to address device security 9

10. … Your Plugging That In To My Network? Source: Juniper Mobile Threat Report 10

11. E is for Endpoint Series 1: Think Different 2: Back to Basics With Patch and Configuration Management 3: How to Check Unknown Apps at the Door 4: Enabling the Self-Defending Endpoint 5: Secrets to Reducing Complexity and Cost 6: How to Continuously Manage Compliance and Risk 11

12. Patch and Configuration Management

13. Eliminate Exploitable Surface Area Areas of Risk at the Endpoint 5% Zero-Day 30% Missing Patches 65% Misconfigurations Source: John Pescatore Vice President, Gartner Fellow 13

14. Patch Management Back in Vogue • The top security priority is “patching client-side software”1 » Streamline patch management and reporting across OS’s AND applications Source: 1 - SANS Institute 14

15. 3rd Party Applications • Patch and defend is not just a Microsoft issue » More than 2/3 of today’s vulnerabilities come from non-Microsoft applications 15

16. Application Control

17. Defining a Trusted Environment 17

18. Stop Unwanted Applications »Immediate and simple risk mitigation 18

19. Application Whitelisting Unauthorized •Games •iTunes •Shareware •Unlicensed S/W Known malware • Viruses • Worms • Trojans Authorized Unknown Malware • Zero day •Operating Systems • Targeted •Business Software • Keyloggers • Spyware •Productivity Software 19 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION

20. Layered Approach to Endpoint Protection 20 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION

21. More Information • Quantify Your IT Risk with Free E is for Endpoint Webcast and Scanners Whitepaper Series » http://www.lumension.com/special-offer/ premium-security-tools.aspx http://www.lumension.com/E-is-for-Endpoint.aspx • Lumension® Endpoint Management and Security Suite » Demo: http://www.lumension.com/endpoint- management-security-suite/demo.aspx » Evaluation: http://www.lumension.com/endpoint- management-security-suite/free-trial.aspx 21

22. Q&A

23. Global Headquarters 8660 East Hartford Drive Suite 300 Scottsdale, AZ 85255 1.888.725.7828 info@lumension.com http://blog.lumension.com

E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpoints

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpoints

Similaire à E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpoints (20)

Plus de Lumension

Plus de Lumension (20)

Dernier

Dernier (20)

E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpoints