Aligning Security Solutions with MITRE ATT&CK

We will be hosting a live webinar on Monday 10 December 2018 at 4pm CET to discuss some of the key findings in the report. Moderated by John Malpas, Publishing Director at Legal Week, the panel will be joined by Andrea Simandy, European Data Protection Attorney at Microsoft, Dora Petranyi, CEE Managing Director at CMS and Dominic Carman, Writer and Consultant, who worked with the Legal Week Intelligence team on the research and writing for the report.

Application Programming Interfaces (APIs) have evolved into business-critical services with a unique set of application security needs. The evolution of the Business Logic Layer was accelerated in part by the popularity of the Postman API Platforms; however, traditional security testing products have struggled to adapt. This next generation of business logic API collections require a fundamentally new technology and native testing experience that empowers organizations to overcome modern security challenges.

Security in the cloud vs. cloud security – whose job is it anyway? According to F5 Labs researchers, 86% of successful data breaches begin with compromises of the application layer services or user identities – placing responsibility for app security squarely in the hands of the app owners, developers, and enterprises deploying them. Application security can be difficult and daunting, but it doesn’t have to be.

When was the last time you had a breach? Are you sure? Today’s attackers are remarkably sophisticated—and can lie in wait for months before you even notice their presence. Here’s the hard truth: if you haven’t detected an attack/compromise in the last 12 months, it is NOT because it’s not happening – it’s because you’re not looking in the right places. A compromise in your network is inevitable – if it isn’t already happening now, it will soon. Given that 100% security simply doesn’t exist, what can you do to control and minimize the damage from attacks? In this previously recorded webinar, my firm will provide a playbook for approaching organizational security from this perspective. You’ll learn how a proper foundation for security is key, followed by proactive threat hunting and active defense.