Security

What's worse than getting hit with a security breach? Getting hit with an easily preventable one.

  • Podcasts // Oct 2014

    Migrating From Cisco ASA to Palo Alto Networks

    In this podcast, the speaker will show how easy it is to move to a next-generation security platform. The speaker also explains about the fundamental differences between Cisco ASA and Palo Alto Networks, and share migration best practices, examples and case studies.

    Provided By Palo Alto Medical Foundation

  • Podcasts // Sep 2014

    Rethinking Mobile Security

    In this podcast, the speaker will discuss the changing threat landscape for mobile platforms, and how this drives a corresponding set of new requirements for security. Instead of being shackled to past principles and philosophies, learn about approaches to security that enable and extend (rather than restrict) access to mobile...

    Provided By Palo Alto Medical Foundation

  • Podcasts // Sep 2014

    VPN Pivoting With Cobalt Strike

    In this podcast, the speaker will discuss about VPN. It creates a network interface on the cobalt strike system and bridges this interface into the target's network. Through a covert VPN interface: the user system may sniff traffic on their target's network, act as a rogue server, or perform man-in-the-middle...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    From the Ground Up

    In this podcast, the speaker will explain about the continuation of that proof and is aimed at developers to help them detect security vulnerabilities using live source-sink analysis. It is dependent on the code coverage and not aimed to be used in a production environment.

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    The DevOps of Everything

    Although the movement started out as a problem statement to solve developer and operations collaboration, it quickly moved into other disciplines such as security, networking and storage. In this podcast, the speaker will take a look at the DevOps affect on things like converged infrastructure, software defined networking, software defined...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Where the Security Rubber Meets the DevOps Road

    DevOps is a natural evolution of agile, lean, continuous integration and other patterns common amongst high performers and continuous process improvement. As someone who has helped dozens of organizations get started with DevOps patterns and tool chains, in this podcast, the speaker will explain where people get started - and...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Autoscaling Web Application Security in the Cloud

    Securing web applications has placed extreme demands on security professionals - in addition to understanding attack patterns and defense tactics, effectively protecting web apps requires some level of programming and database management expertise. With broad adoption of public clouds, this bar is rising once again. Today's cloud enabled applications scale-up...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Cloud Security at Scale and What It Means for Your Application

    Cloud computing is all the rage, but few organizations have really thought about what security means for their applications and networks in cloud-centric deployments. Netflix is amongst the largest users of public cloud resources and consumes roughly 1/3 of all the US's downstream broadband at peak. In this podcast, the...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Bringing a Machete to the Amazon

    With concrete examples and new techniques in this podcast, the speaker will explore \"Full stack\" vulnerabilities and their effect on security and how they create new pitfalls when migrating to and operating in an Amazon Web Services (AWS) world. From the simple (checking in the user AWS credentials to github...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Top 10 Web Hacking Techniques of 2013

    Every year the security community produces a stunning number of new Web hacking techniques that are published in various white papers, blog posts, magazine articles, mailing list emails, conference presentations, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and their mobile...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Runtime Manipulation of Android and iOS Applications

    With over 1.6 million applications in the Apple AppStore and Google Play store, and around 7 billion mobile subscribers in the world, mobile application security has been shoved into the forefront of many organizations. Mobile application security encompasses many facets of security. Device security, application security, and network security all...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Static Analysis for Dynamic Assessments

    Today's dynamic and static web vulnerability scanners are capable of analyzing complex web applications for security weaknesses. They automate testing of much common vulnerability. However, there is a gap between static and dynamic scanners. They find different vulnerabilities. So why aren't dynamic testers running static tools? Typically, they don't have...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Use After Free Exploitation

    Use after free vulnerabilities is the cause of a large number of web browser and client-side compromises. Software bugs residing on the heap can be difficult to detect through standard debugging and QA. In this podcast, the speaker will first define the use after free vulnerability class, and then dive...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Mobile Security Attacks: A Glimpse From the Trenches

    Hackers today apply covert and persistent techniques to attack mobile devices. In this podcast, the speaker will explain about the latest threats on mobile devices from the team who uncovered iOS malicious profiles and HTTP request hijacking. The speaker will describe and demonstrate emerging mobile security threats: from physical, through...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Reversing Engineering a Web Application - For Fun, Behavior and WAF Detection

    Screening HTTP traffic can be something really tricky and attacks to applications are becoming increasingly complex day-by-day. By analyzing thousands upon thousands of infections, the speaker noticed that regular blacklisting is increasingly failing and started research on a new approach to mitigate the problem. Initially reverse engineering the most popular...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Catch Me If You Can: Building a Web Malware Analyzer Using Machine Learning

    With close to 10,000 new, legitimate websites being added to the Google malware blacklist every day, it's clear that infecting websites to spread malware has become the go-to choice for malicious hackers. In this podcast, the speaker will focus on how the problem is evolving, how websites are getting infected...

    Provided By SecurityTube.net

  • Podcasts // Sep 2014

    Modernizing Network Security in SCADA and Industrial Control Systems

    In this podcast, the speaker will discuss the nature of both existing and emerging cyber threats to ICS and why asset owners need to pay attention to them, strategies and frameworks for defending the user's ICS against these threats and next-generation technologies that enable fine-grain visibility, role-based access control, and...

    Provided By Palo Alto Medical Foundation

  • Podcasts // Sep 2014

    How Evolved \"419 Scammers\" Are Targeting the Enterprise

    In this podcast, the speaker will focus on these key takeaways: Remote Administration Tools (RATs) such as NetWire, that provide complete control over infected systems, silver spaniel attacks are specifically designed to evade traditional antivirus programs and indicators of compromise were observed for the NetWire RAT, and unit 42 recommends...

    Provided By Palo Alto Medical Foundation

  • Podcasts // Jul 2014

    Hiding in Plain Sight - What's Really Happening on Your Network

    Today's cyber threats hide in plain sight amidst the user's network traffic, making them nearly impossible to defend against. In this podcast, the speaker will analyze the intertwined relationship between cyber attacks and applications based on recent data collected from over 2,200 networks. The speaker also gives information on how...

    Provided By Palo Alto Medical Foundation

  • Podcasts // Jun 2014

    CryptoLocker - The Ransomware Trojan

    The CryptoLocker malware encrypts certain files with a private key and demands payment to regain access to the files. In this podcast, the speaker will presents deep dive into CryptoLocker and looks at the latest information around what is called one of the two most sophisticated and destructive forms of...

    Provided By SecurityTube.net

  • Podcasts // May 2014

    Digging Deeper Into the IE Vulnerability

    Web browser vulnerabilities remain a fertile ground for hackers to harvest and mount attacks. Latest vulnerabilities found in Internet Explorer (IE) and urgent response from Microsoft highlights the fact that despite end of life announcements for old and less secure products, millions of users remain exposed to threats.

    Provided By SecurityTube.net

  • Podcasts // Jan 2014

    Virtual Event: Test without writing a single line of code…really

    Testing business-critical packaged applications is a high priority for many organizations. These applications must meet the same aggressive project time frames and operations benchmarks as internally-developed software. In this session, you will learn how Turnkey Solutions is helping Iron Mountain increase the speed and effectiveness of its packaged apps testing...

    Provided By Hewlett-Packard (HP)

  • Podcasts // Jan 2014

    McKesson Cloud Automation Podcast

    Download the podcast on how McKesson accomplished a multi-year, pan-IT management transformation. Learn how McKesson's performance journey, from 2005 to the present, has enabled it to better leverage an agile, hybrid cloud model. How McKesson gained a standardized services orientation to achieve agility in deploying its many active applications is...

    Provided By Hewlett-Packard (HP)

  • Podcasts // Jan 2014

    Thinking ahead: Pragmatic steps for successful cloud transformations virtual event

    Public, private, or hybrid, the cloud is creating an array of opportunities for business and IT. And it’s reshaping IT as we know it. But incorporating cloud technology and services into the data center can entail multi-year transformations. The key to successful cloud transformations is developing a pragmatic strategy and...

    Provided By Hewlett-Packard (HP)

  • Podcasts // Jan 2014

    IBM SmartCloud Entry for Power Systems

    The IBM SmartCloud™ Entry on Power Systems™ solution provides a cost-competitive, entry-level private cloud solution that helps speed time to value of your service deployments on your IBM Power Systems servers.

    Provided By IBM

  • Podcasts // Jan 2014

    Messaging Architects: Upgrading to GroupWise 8, 'TOP' Grading to Compliance

    Risk free e-mail infrastructure products to provide 100 percent up time and compliance. Includes policy enforcement and management. In this podcast, the presenter explains about how to utilize Messaging Architects products with GroupWise 8.

    Provided By Novell

  • Podcasts // Jan 2014

    GWAVA: Disaster Recovery for GroupWise

    In this podcast, the speaker explains about disaster recovery for GroupWise which includes a demonstration of reload getting a GroupWise system back up and running at the click of a button.

    Provided By Novell

  • Podcasts // Jan 2014

    Network World: Productivity Software - The Next Generation

    In this podcast, the speaker explains about the network world productivity software. The speaker also explains about the new batch of wikis, blogs, and other collaborative software that helps companies become more productive and deliver value.

    Provided By Novell

  • Podcasts // Jan 2014

    High Availability and Disaster Recovery Options for Novell Open Enterprise Server and GroupWise

    In this podcast, the speaker will discuss options for high availability and disaster recovery for open enterprise server and GroupWise. The speaker will also includes Novell cluster services, business continuity clustering (along with exciting pricing changes) and platespin forge and protect.

    Provided By Novell

  • Podcasts // Jan 2014

    The Ins and Outs of File Systems

    With Open Enterprise Server 2 and the flexibility of Linux, a new question comes to mind: which file system will serve the users' best? In this podcast, learn from the team that has worked with Novell Storage Services for decades, but what they have to say may surprise the users'.

    Provided By Novell

  • Podcasts // Jan 2014

    NetBackup 7.5 for VMware

    In this podcast, the speaker will explain about NetBackup 7.5 for VMware. Get a deep dive look into how the NetBackup Platform provides a superior solution for protecting virtual servers which includes a technology overview.

    Provided By SYMA S.C.

  • Podcasts // Jan 2014

    Attaining Enterprise Wide Compliance with an SAP Certified Solution

    The SAP-certified Novell Compliance Management Platform extension for SAP environments provides a real-time, holistic view of all provisioning, access and security events across both SAP and enterprise IT infrastructure. Get added value from the users' SAP investments while enhancing organizational efficiency, compliance and security.

    Provided By Novell

  • Podcasts // Jan 2014

    Novell Compliance Management Platform: Integrated Identity, Access and Security Management

    The compliance management platform combines identity, access and security management technologies. This combination automates the process of granting users access to resources, while providing a real-time, holistic view of all network events enterprise wide.

    Provided By Novell

  • Podcasts // Jan 2014

    Enhance Security and Compliance Across Your SAP Infrastructure

    Compliance and security management principal for Novell, describes the certified and integrated technologies that Novell and SAP deliver to help the users' mitigate risk, simplify business governance and ensure continuous compliance enterprise wide.

    Provided By Novell

  • Podcasts // Jan 2014

    Novell Storage Manager: Cross Empire Data Migration

    Server platform migrations can be costly and negatively affect user productivity. What's needed is way to migrate file and folder structures while protecting the integrity of security rights and other metadata.

    Provided By Novell

  • Podcasts // Jan 2014

    Files Matter Turn Challenges into Opportunities - Novell File Management Suite

    Data growth is making file management more and more difficult, but the users' can turn file challenges into opportunities to help their business grow. In this podcast, learn how Novell file management suite helps solve their issues and enables a truly mobile workforce.

    Provided By Novell

  • Podcasts // Jan 2014

    Managing Unstructured File Space using Novell File Management Suite

    In this podcast, learn how to describe to a customer how to manage unstructured file space - on a whiteboard, a napkin, or the back of an envelope using simple diagrams.

    Provided By Novell

  • Podcasts // Jan 2014

    Running At 99% Surviging An Application DoS

    Application-level Denial-of-Service (DoS) attacks are a threat to nearly everyone hosting content on the internet. DoS attacks are simple to launch, but can be difficult to defend against. Modern websites are a diverse set of moving parts, and a malicious actor only needs to find the point at which any...

    Provided By SecurityTube.net

  • Podcasts // Jan 2014

    Top Ten Proactive Web Application Controls

    The OWASP proactive control is a \"Top 10 like document\" aimed to help developers build secure applications. In this podcast, the speaker will explain the fundamental controls in critical software categories such as authentication, access control, validation, encoding, query parameterization, data protection, secure requirements, secure architecture and secure design.

    Provided By SecurityTube.net

  • Podcasts // Jan 2014

    HTML5/JS Security

    In this podcast, the speaker explores the vulnerabilities behind JavaScript, including: a new class of vulnerabilities unique only to JavaScript, vulnerabilities in 3rd-party platforms which are exploited through JavaScript code and HTML5 which is considered the NG-Javascript. In turn, HTML5 introduces a new set of vulnerabilities

    Provided By SecurityTube.net