"The Top Five Things to Know About File Sharing"

With the rapid rise of web application attacks, which is the number one source of data breaches, securing cloud-based web applications is a challenge. In order to fully protect your web applications in the cloud, it is important to know the risks, select the right security tool, and understand your role in the shared responsibility for security. Securing your AWS workload can mean many different things, ranging from locking down your environment via the AWS best practices list, to completely outsourcing the security management and responsibility to another company. While every company’s security journey is different, everyone can agree that the need to monitor and improve security posture is becoming increasingly important.

When usernames and passwords are compromised in a data breach, the consequences extend far beyond the victim organization due to rampant password reuse. For this reason, NIST recently recommended that organizations check users’ credentials against a set of known compromised passwords. However, by patroning dark web forums and paying for spilled credentials, enterprises indirectly support the criminal ecosystem. Furthermore, attackers often don’t publicly post stolen data until months or years after the breach, if at all. Is there a better way to follow NIST guidelines and protect users from account takeover? Join Justin Richer, co-author of NIST Digital Identity Guidelines 800-63B, and Gautam Agarwal, Shape's Senior Director of Product Management, for a lively discussion on NIST’s password recommendations and how best to prevent account takeover fraud at your organization.

Whether you are brand new to InfoSec or a skilled veteran there are ways to push the limits and learn more about this exciting profession. Knowledge doesn’t always come from a classroom but instead can come from networking with other cybersecurity individuals and finding ways to hack anything around you. Mike Felch and Beau Bullock have started various InfoSec meetup groups, spoken publicly, written blog posts, and are on podcasts to help share and learn more at the same time. In this webcast they share a few tips for waking up your inner hacker.

Data points to the fact that companies have difficulty managing third-party open source within their software code bases, leading to compliance, IP, and security risk. These risks are often amplified in legal transactions and can impact “go”/”no go” decisions if not addressed throughout the legal process. Join Leon Schwartz, Ass