Extending ZeroTrust to the Endpoint

"With exploit kits readily available to attackers, even ‘good’ applications can go ‘bad’. Many endpoint security approaches begin by trusting everything, and monitoring for patterns or malicious behaviors, while others attempt to whitelist trusted applications and block the rest.

The “Zero Trust Model” of information security coined by Forrester, has traditionally been applied to network communications, but today’s advanced cyber threats warrants a new approach in which the Zero Trust model is extended to endpoints. The same rigor must be applied on the endpoint; on the OS, on connected devices, and in memory. This is particularly important as most resources an attacker might be most interested in – data and applications – will live on the endpoint.

Join Palo Alto Networks as we examine how an organization can and should extend a “never trust, always verify” philosophy to their endpoint security"
Watch Now

Spotlight

The parabolic rise and volatile nature of cryptocurrencies portends the enormity of its potential impact. There is widespread speculation. Some pundits predict a cashless society in less than a decade and the more outspoken supporters of Bitcoin predict a price that will eventually crest seven figures. The detractors, irrespective of authority and stature, utter a single word in dismissing the viability of widespread adoption. And that word is “scam”. Not a pretty word. While it certainly speaks to the level of threat the old guard senses from the emergence of crypto and decentralized systems, it also smacks of a fundamental concern that these “monies” can be taken as easily as they can be created.


OTHER ON-DEMAND WEBINARS

UNDERSTANDING THE ATTACK CHAIN TO DETECT INTRUDERS

This webcast for security professionals covers the following topics: Introduction of the Attack Chain Why compromised credentials are the number one cause of breaches The attack chain in the age of cloud services Infiltration, Persistence, and Reconnaissance Lateral movement, and why it’s difficult to detect Common exfiltration techniques Live Demo: Rapid7 UserInsight Speaker: Eric Sun, Product Marketing Manager, Rapid7.
Watch Now

Protecting Your Moving Data – What to Consider When Implementing IT Controls to Comply with GDPR

Ipswitch

The general data protection regulation (GDPR) took a major leap forward in December as the EU Parliament and Council agreed on a text for the bill. When approved, the GDPR will become law in 2018 across all 28 EU Member States and will supersede inconsistent laws across the EU Member States. Upon ratification of the GDPR, we could see: fines of up to 4% of annual turnover for firms which break the rules; mandatory notification of “serious” breaches to the relevant national supervisory authority; a single regulator for multi-national companies regardless of HQ location; and the need to meet “right to be forgotten” and “right to data portability” rules by large internet service providers.
Watch Now

Cyber Security: The Achilles Heel of M&A Due Diligence

FireEye, Inc.

This webinar will discuss the benefits of conducting cyber security due diligence before merging with or acquiring an organization, and why cyber security is an important risk factor in M&A deals. M&A transactions present not only integration challenges, but also added security risks. Cyber criminal and espionage actors target M&A deals in search of privileged deal information they can use for criminal purposes or to monitor negotiations. Mandiant Consulting Services has developed a new Merger and Acquisition Risk Assessment Service to help buyers and sellers provide key decision makers with a clearer picture of the risk and the level of effort needed to ensure the deal is successful. We will provide an overview of the service, and how we address the growing cyber security challenges of fast-paced and confidential transactions. We will also explore a case study and the surprises that can occur post merger or acquisition.
Watch Now

Turning the Tables on Cryptojacking

Malwarebytes

It seems that criminal hackers are always a few steps ahead of everyone else and the recent onset of cryptojacking is a great example. In this webinar, independent information security consultant, professional speaker, and writer of Hacking For Dummies, Kevin Beaver, outlines what cryptomining and cryptojacking are and how they impact your business. He discusses strategies and tactics that you can use to ensure that your network and computer cycles are not used for someone else’s gains. From security policies and standards to endpoint controls to user training, this latest malware craze can be beaten but you must first understand it. Watch the replay and leave better prepared to address this threat.
Watch Now

Spotlight

The parabolic rise and volatile nature of cryptocurrencies portends the enormity of its potential impact. There is widespread speculation. Some pundits predict a cashless society in less than a decade and the more outspoken supporters of Bitcoin predict a price that will eventually crest seven figures. The detractors, irrespective of authority and stature, utter a single word in dismissing the viability of widespread adoption. And that word is “scam”. Not a pretty word. While it certainly speaks to the level of threat the old guard senses from the emergence of crypto and decentralized systems, it also smacks of a fundamental concern that these “monies” can be taken as easily as they can be created.

resources