How to Prioritize and Protect Against Relevant Threats: Context is the Key

Join our IR team for a play-by-play of a live attack simulation and investigation of a rogue insider threat using DatAlert’s new DFIR capabilities. During this training session, our security analysts will execute a new attack scenario in our lab. An insider was paid to exfiltrate sensitive organizational data. To remain uncovered, he takes control on a service account. Using the service account, he scans company filers for documents with indicating keywords. Copies matching documents to his PC.

Workforce mobility, rapidly changing business models and business partnerships contribute to a trend where businesses must be able to seamlessly enable access for everyone, to every digital service. These services might be public cloud, they might be web applications with or without support for federation standards, they might be solely backend services accessed via APIs, or even legacy applications exposed only via some sort of middleware. However, agility in the digital journey mandates that IT can provide seamless access to all these services while keeping in control and enforcing security. Identity as a Service offering, whether deployed from a public or hybrid cloud, can take a central role, by acting as the common fabric connecting all the users and all the services. Such services include support for adaptive authentication, auditing features, broad federation services, authorization capabilities, and various capabilities.

Once a vulnerability becomes known to cybercriminals, the race is on for vendors to create a patch before it is exploited. And with the regular use of exploits in attacks and threats like the WannaCry ransomware using a vulnerability, getting the win has never been so crucial. This month we will cover the bug bounty marketplace, including the different types of markets available to vulnerability researchers. As well, we will review Trend Micro Research and how their research can benefit organizations through responsible disclosure and pre-disclosed filters to virtually patch vulnerabilities.

To lower costs and improve efficiencies, enterprises are moving some or all of their data and applications from on-prem to the public cloud, or even SaaS. And, as OT and IT convergence accelerates, OT teams are evaluating their options as they look to the future. Unfortunately, organizations often fail to ensure that their security infrastructure is ready before migrating.