The State of Cloud Security: Results of the SANS 2019 Cloud Security Survey

Kubernetes is fundamentally a complex system with lots of different potential attack vectors aimed at data theft, currency mining and other threats. Liz Rice, a renowned technology evangelist, will take us through an overview of the current state of security-related features in Kubernetes, and offer directional starting points on how to secure Kubernetes components and the applications that run on top of these Kubernetes components. Brice Fernandes, software engineer and entrepreneur at Weaveworks, will then demonstrate how you can build a secure and reliable Kubernetes deployment pipeline with GitOps best practices, separating the responsibility between packaging software and releasing it to a production environment.

For years, most IT security organizations have waited to detect new threats and then moved swiftly to defend against them. Today, however, there is a new wave of “threat hunting,” in which the security team takes a more proactive approach --seeking out potential threats before the attackers have a chance to act. How do enterprises build threat hunting programs? How do they staff them, and what tools do they need? What skills and training does a great threat hunter need? In this Dark Reading webinar, a top expert discusses the process for building a threat hunting program, and for optimizing the efforts of designated threat hunters in the organization.

Insecure implementations of Remote Desktop Protocol have exposed organizations to serious risks of cyber attacks. Ransomware like SamSam and cryptominers like CrySis exploit insecure configurations, resulting in large and well-publicized breaches like the one that occurred at LabCorp. Because of the nature of Remote Desktop Protocol, these exposures often occur outside of organizations' known IP space, making them difficult to detect and remediate. This webinar will discuss how easily these misconfigurations can occur, how organizations can discover them, even outside of normal IP space, and how they can establish playbooks to remediate and reduce occurrence over time.

On July 16, 2019, Nathan Salminen, Allison Holt, and Paul Otto from the Hogan Lovells Privacy and Cybersecurity and Litigation teams presented a webinar, “Cyberthreats in the Internet of Things” where they explored some techniques that can be used to exploit potential vulnerabilities in connected devices and how those types of events impact organizations from a regulatory and litigation perspective. Many of the nearly 20 billion Internet of Things (IoT) devices deployed worldwide perform critical functions or have access to networks that process highly sensitive information. The proliferation of connected devices across industry sectors has led to the emergence of a significant and distinct threat to many types of organizations, from electric utilities deploying IoT devices across its smart grid to financial institutions using IoT devices in conference rooms that may connect to the same network that financial data flows through.