"Cross-Site Scripting Crash Course"

"With attackers gaining traction, we will take a deeper dive into how to defend against cross-site scripting (XSS) attacks. You will learn what the attack looks like and how to defend against them.

In the webinar, it will cover:

-HTML tricks for cross-site scripting
-JavaScript tricks for cross-site scripting
-Defensive tactics against cross-site scripting"
Watch Now


When you're a hacker, time is on your side. Time to find a soft spot in your armor, to evade defenses, to seek out your most critical data. Increasingly, today's advanced threats circumvent traditional defenses - even sandboxing. You need a new approach.


Improving Cybersecurity Posture While Staying on Budget

Nuspire Networks

Nuspire's Shannon Culp and Dan Hoban discuss planning and prioritizing security projects, staying on top of the ever-changing threat landscape, and staying on track with your budget while doing so.

"Continuous Third Party Monitoring Powers Business Objectives"


"In “Continuous Third Party Monitoring Powers Business Objectives,” BitSight CTO and Co-founder Stephen Boyer and guest speaker, Forrester Research Senior Analyst Renee Murphy will discuss the value businesses are finding in using a solution that has a constant eye on third party cyber threats. Boyer and Murphy will also discuss: - The results of the study BitSight commissioned Forrester Consulting to undertake, examining how IT decision-makers feel about objective, reliable and continuous monitoring. - What can be done beyond compliance to increase security performance. - Which industries stand to benefit most from using automated, objective information security data. - Specific use cases for continuous monitoring and how they help companies improve information security performance. "

HAMMERTOSS: Stealthy Tactics Define a Russian Cyber Threat Group

The Russian cyber threat groups that we monitor frequently design innovative ways to cover their tracks. In early 2015, we came across a malware backdoor, which we call HAMMERTOSS, from an advanced persistent threat (APT) group that we suspect the Russian government sponsors.This group, APT29, employs HAMMERTOSS to compromise its targets. Using a variety of techniques—from creating an algorithm that generate daily Twitter handles to embedding pictures with commands—the developers behind HAMMERTOSS have devised a particularly effective tool. HAMMERTOSS uses Twitter, GitHub, and cloud storage services to relay commands and extract data from compromised networks.

Transforming IT Risk Management With Security Ratings

"If organizations have learned anything from the high volume of recent breaches, it’s that boards are paying attention to cyber security now more than ever, and they want to know one thing - are we more or less secure than the latest victim? Join Jon Oltsik of the Enterprise Strategy Group and Stephen Boyer of BitSight Technologies to learn how businesses are using security ratings to mitigate internal and external security risks while driving better communication of performance metrics with their boards. By allowing executives to measure and compare security performance over time, organizations are improving situational awareness and are able to make risk-based decisions about preparedness, resources, and overall security strategy."