Web Application Security Essentials

When security controls fail, can you detect unusual and anomalous activity with sufficient context to accurately ascertain the risk to the organization? Most organizations don't even know when security controls have failed. This is a primary reason why intrusions exist in organizations for upwards of 200 days before being discovered. Additionally, heuristic and homogeneous alerts provide virtually zero context about anomalous activity inside the internal network and do nothing to help cyber defense teams prioritize and correctly remediate cyberattacks.

Once a vulnerability becomes known to cybercriminals, the race is on for vendors to create a patch before it is exploited. And with the regular use of exploits in attacks and threats like the WannaCry ransomware using a vulnerability, getting the win has never been so crucial. This month we will cover the bug bounty marketplace, including the different types of markets available to vulnerability researchers. As well, we will review Trend Micro Research and how their research can benefit organizations through responsible disclosure and pre-disclosed filters to virtually patch vulnerabilities.

While current anti-phishing solutions usually cover basic entry-level phishing scams using reactive inside-the-firewall defenses, a billion of potential variations of sophisticated phishing scams are already being planned and executed everywhere on the internet, entirely undisturbed, evading most current detection tools. Todays phishing attacks are no longer performed by scruffy hoodie covered villains, but by sophisticated, risk-calculating, online marketing experts who take social engineering to new heights. By constantly using A/B testing to improve their technology with each attack, they know how to tell a convincing story that would trick even the savviest users, causing irreversible reputational and financial damages to brands worldwide.

With more than 4,000 new ransomware samples appearing every day, it is impossible for signature-based defenses to keep up. Every indication shows that the rise in ransomware is accelerating, making it mission critical for you to put the right tools and processes in place to defend against these relentless emerging threats. This webinar will help organizations understand the typical behavior that powershell exhibits in environments normally so that ransomware attacks that leverage powershell can be detected quickly.