Adopting a Purpose-Built Approach to Linux Security

Workforce mobility, rapidly changing business models and business partnerships contribute to a trend where businesses must be able to seamlessly enable access for everyone, to every digital service. These services might be public cloud, they might be web applications with or without support for federation standards, they might be solely backend services accessed via APIs, or even legacy applications exposed only via some sort of middleware. However, agility in the digital journey mandates that IT can provide seamless access to all these services while keeping in control and enforcing security. Identity as a Service offering, whether deployed from a public or hybrid cloud, can take a central role, by acting as the common fabric connecting all the users and all the services. Such services include support for adaptive authentication, auditing features, broad federation services, authorization capabilities, and various capabilities.

What really makes a “strong” password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods? In this unique webinar you will learn about the recent NIST controversy and related password cracking problems. The “combatants” will be on the one side KnowBe4's Chief Hacking Officer, Kevin Mitnick with decades of first-hand “red-side” penetration testing experience, and on the other side Roger Grimes, KnowBe4's Data-Driven Defense Evangelist with decades of experience on the blue team.

While current anti-phishing solutions usually cover basic entry-level phishing scams using reactive inside-the-firewall defenses, a billion of potential variations of sophisticated phishing scams are already being planned and executed everywhere on the internet, entirely undisturbed, evading most current detection tools. Todays phishing attacks are no longer performed by scruffy hoodie covered villains, but by sophisticated, risk-calculating, online marketing experts who take social engineering to new heights. By constantly using A/B testing to improve their technology with each attack, they know how to tell a convincing story that would trick even the savviest users, causing irreversible reputational and financial damages to brands worldwide.

CI/CD pipelines are the heartbeat of cloud-native supply chains. Developers and DevOps teams depend on them every day to test, integrate, and deliver software, but as they become more exposed to the outside world, they can introduce new complexities and weaknesses. And as the saying goes, chains are only as strong as their weakest link.