Security

Stay one step ahead of the hackers with strong security management, authentication, encryption and risk strategies.

  • Webcasts // Jul 2015

    Process - The Salvation of Incident Response

    Skilled incident responders are in rare supply. InfoSec tools fall short of automated detection. Sophisticated, targeted attacks are on the rise. In short, the attackers are winning. This webcast will examine how to maximize existing personnel and tools to more effectively identify and quantify security risks.

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Who Watches the Watchers? Metrics for Security Strategy

    In this webcast, the presenter will borrow concepts from epidemiology, repeated game theory, classical and causal probability theory in order to demonstrate some inventive metrics for evaluating vulnerability management strategies. Not all vulnerabilities are at risk of being breached. Not all people are at risk for catching the flu.

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    The Path Well-Traveled: Common Mistakes Encountered With SIEM

    SIEM technology is an invaluable tool in advancing a company's security posture. However, purchasing, implementing, configuring and utilizing that SIEM appliance is prone to mistakes. In this webcast, the presenter will review some common pitfalls and what can be done to avoid them.

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    10 Reasons Your Security Education Program Sucks

    There's no patch for human stupidity-"Training users is a waste of time and resources". Comments like these are not uncommon in the information security community. To that the presenter says, "Seriously guys, it doesn't have to be this hard". In this webcast, the presenter will go through the top ten...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Shooting Phish in a Barrel and Other Bad Fish Puns

    Repetition is a proven successful way to bridge the gap of compliance, teaching the presenter's users real life skills, and helping secure the infrastructure that they are responsible for protecting. This is best implemented with a comprehensive hands-on security phishing and awareness rewards program.

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    The Domain Name System (DNS) - Operation and Security

    The Domain Name System (DNS) is a critical service for the operation of the Internet as all know it. Although the process of resolving human readable domain names into Internet-routable IP addresses may seem simple, this process is backed by a massive, globally-distributed database.

    Provided By SecurityTube.net

  • White Papers // Jul 2015

    Double your defences with Cisco Enterprise Network Security solutions

    Security analysts used to say it’s not a question of if you’ll be attacked but when. Today, the facts are even more alarming: we no longer need to wonder when your network will be targeted. Your business is under attack right now. According to the Cisco 2014 Annual Security Report,...

    Provided By Cisco Systems

  • Webcasts // Jul 2015

    If My CI/CD Teams Have Time for Security, So Do You

    Software development is speeding up; waterfall to agile to continuous integration to continuous deployment. Do the users still have time for security? The presenter says "Heck Ya!" But many development shops are unaware how to add security to their development process and will often use "Security slows down" as a...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Adaptive Monitoring and Detection for Todays Landscape

    In this webcast, the presenter will focus on the importance of a good monitoring and detection program that can adapt quickly to an ever changing threat landscape by utilizing penetration testing, threat intelligence and incorporating this all into a responsive incident response plan.

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Threat Intelligence - A Program Strategy Approach

    Adding threat intelligence as a component of an existing enterprise security program requires methodical adoption and well-defined goals to increase security's effectiveness in handling new and existing threats. From Accuvant-Fishnet's extensive research, the presenters have developed a threat intelligence process model which incorporates leading practices at various maturity levels.

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Cymon: New Cyber Monitoring Tool

    It is the largest tracker of open-source security reports on malware, botnets, phishing and other malicious activities. Cymon ingests over 50K events and 15K unique IP's per day from almost 200 sources across the Internet to build a threat profile and timeline for IP's, domains and URLs.

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    That's Not My RJ45 Jack! IRL Networking for Humans PT. 1

    In this webcast, the presenter will discuss the specifics behind building up the soft skills necessary to effectively socialize and network with other human beings. This webcast will go beyond the obvious "Do this; don't do that" information and focus heavily on how, where and what to practice in order...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Hiding in the ShaDOS

    Alternate Data Streams (ADS) are a feature in NTFS which are often seen as a liability in InfoSec circles. They have been used to obscure malware and rootkits, making it difficult to detect their presence. However, these same qualities that make ADS attractive to malware developers also make ADS an...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Security Culture in Development

    In this webcast, the presenter presents the Security Culture Framework (SCF) and applies it to an entirely fictional development organization. The presenters will discuss awareness training and tying the training to tangible improvements in code. By using the SCF topics/planner/metrics approach, they will move the organization toward developing every more...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Clientless Android Malware Control

    A world without malware is ideal but unlikely. Many of the people would prefer not to install another layer of protection on their already resource constrained handheld mobile device. Alternatively, Android malware detection sans local anti-virus installation has become a reality.

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Weaving Security Into the SDLC

    Automated dynamic analysis of web applications has become de rigueur for security-conscious organizations, especially those with PCI or HIPAA responsibilities. A number of products exist for automated dynamic analysis, ranging from simple scans to complex cloud-based systems with human oversight. What is less common is the static analysis of applications:...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Cracking and Fixing Rest Services

    REST, or REpresentational State Transfer, just refers to the protocol with which the whole Web works. No big. The people are used to using REST with a browser, but there is more to it - they can write programs with REST. The problem is that writing properties and functions using...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    How Google Turned Me Into My Mother: The Proxy Paradox in Security

    Security has been trying to catch up with technology all this time, but the gap may well be increasing, particularly with the growth of consumer devices and the Internet of things. The reason has to do with delegation and proxy activities online. Current IAM models are no match for the...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Intelligence-Led Penetration Testing

    As cyber-attacks become have become sophisticated and prevalent, it is key that penetration testing evolves accordingly to continue to add value to the organizations that use it as a key security control. Utilizing threat intelligence and OSINT as the scoping tools to make a penetration test bespoke, relevant and realistic...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Power to the People: Bringing InfoSec to the Masses

    To truly make a difference in InfoSec, all industry needs to better understand the people using technology and systems: what they're worried about and scared of, and what motivates their behaviors. Combining primary research which explores how the average user feels about cyber security and how this drives their behavior,...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Introducing WiFiPhisher: a Tool for Automated WiFiPhishing Attacks

    Wi-Fi networks are commonly plagued by two serious issues: management frames can be easily forged and wireless devices tend to automatically connect to the access point with the best signal. The evil twin and karma attacks exploit the above issues, allowing attackers to perform man-in-the-middle and phishing attacks.

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Adventures in Communication: Taming the C-Suite and Board

    Organizational concern over information security issues continues to rise in nearly all industries. This concern is providing security professionals unprecedented visibility at the executive and board level, yet many of the users are ill prepared for the opportunity. This webcast will share communications principles, success stories and lessons learned over...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Under the Un-Fluence: The Dark Side of Influence

    Every single one of the recent breaches is due to the failure of the human element. In this webcast, the presenter talks about how malicious hackers influence or in this case unfluence their victims using manipulation and coercion. Security professionals need to understand how they can be vulnerable to the...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Application Security Awareness: Building an Effective and Entertaining Security Training Program

    Application security awareness is imparting knowledge to understand application security, exposing the security mistakes that have been made in the past and activating everyone in an organization to take action for security. The goal of application security awareness is organizational security culture change.

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    An Effective Approach to Defense in Depth

    In this webcast, the presenter illustrates an effective security approach through the image of a castle. The presenter reviews many of the different defenses that can be deployed in unison to better secure a network from a range of threats, using examples based on a wide range of experiences across...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Systemic Vulnerabilities: An Allegorical Tale of Steampunk Vulnerability to Aero-Physical Threats

    In this webcast, the presenter will trace the origin and evolution of a physical-world vulnerability that dates to the late 19th century, and explore whether "Building security in" is even always an available option. The presenter will also look at how a number of industries have approached the analysis of...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Go Hack Yourself: 10 Pentest Tactics for Blue Teamers

    Penetration testing is an art and a science. It takes the knowledge of networks/applications/all things computing as well as critical thinking and an understanding of human behavior to become a truly great tester. The tools and processes to carry out the trade have evolved significantly in the past few years...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Never Surrender-Reducing Social Engineering Risk

    The weakest link in the security chain is often between the keyboard and the chair. People are a problem. They have a natural instinct as humans to trust someone's word. Although various technical means have been developed to cope with security threats, human factors have been comparatively neglected.

    Provided By SecurityTube.net

  • Podcasts // Jul 2015

    Network Forensics: What Are Your Investigations Missing

    Traditionally, computer forensic investigations focused exclusively on data from the seized media associated with a system of interest. Recently, memory analysis has become an integral part of forensic analysis, resulting in a new and significantly different way for digital examiners and investigators to perform their craft.

    Provided By SecurityTube.net

  • Podcasts // Jul 2015

    Finding Unknown Malware

    In this podcast, the speaker will introduce sound methodology for identifying malware, using strategies based on "Knowing normal", "Data reduction" and "Least frequency of occurrence" in order to identify malicious binaries and common methods of persistence. The skills and tools presented here will aid in efficient identification of anomalous files...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Reconciling Objective Data with Analytical Uncertainty

    In this webcast, the presenter will focus on the different sources of analytical uncertainty in traditional and cyber intelligence, where to draw lines between known data and assessed conclusions, and discuss how similar methods can be used to address analytical uncertainty within both traditional and cyber intelligence analysis.

    Provided By SecurityTube.net

  • Podcasts // Jul 2015

    Detecting Malware With Memory Forensics

    Modern malware has become extremely adept at avoiding detection by traditional endpoint analysis tools. Memory forensics gives the investigator multiple solutions for detecting typical malware techniques such as code injection, API hooking, and process hiding. This webcast is an overview of memory forensics including how to acquire memory images and...

    Provided By SecurityTube.net

  • White Papers // Jul 2015

    Http-Burst: Improving HTTP Efficiency in the Era of Bandwidth Hungry Web Applications

    The HyperText Transfer Protocol (HTTP), a key building block of the world wide web, has succeeded to enable information exchange worldwide. Since its first version in 1996, HTTP/1.0, the average number of inlined objects and average total bytes per webpage has been increasing significantly for desktops and mobiles, from 1-10...

    Provided By Cornell University

  • White Papers // Jul 2015

    Temporal and Spatial Classification of Active IPv6 Addresses

    There is striking volume of world-wide web activity on IPv6 today. In early 2015, one large content distribution network handles 50 billion IPv6 requests per day from hundreds of millions of IPv6 client addresses; billions of unique client addresses are observed per month. Address counts, however, obscure the number of...

    Provided By Cornell University

  • Webcasts // Jul 2015

    Gray Hat PowerShell

    People are beginning to realize that there is more to PowerShell than another scripting language. With the adoption come more tools and resources for both the offensive and defensive sides of security. This webcast is designed to give a first-hand look of using PowerShell in both an offensive attacking scenario...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Secret Pentesting Techniques

    It seems that businesses are truly struggling with how to handle the threats the people face as organizations when it comes to information security. From breach to breach, the techniques seem similar yet they completely rip through everything they have tried to protect against. As an industry, they are fighting...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Hacker-NG: Farming the Future It Crowd

    In this webcast, hear the perception of a basement hacker turned IT professional about learning how to learn, the challenges of growing up in "The underground", and bridging the gap into the professional arena; and members of the Reynoldsburg High School Cyber Patriot team who are forging their skills and...

    Provided By SecurityTube.net

  • Webcasts // Jul 2015

    Data Security in the Cloud and Data Breaches: Lawyer's Perspective

    In this webcast, the presenters will be presenting about the lawyers perspective on data security breaches and recent developments and trends in data security breaches. They will also discuss issues relating to managing and responding to data security issues in the cloud. They will also explain about addressing security and...

    Provided By SecurityTube.net

  • White Papers // Jul 2015

    Overview of Malware Analysis and Detection

    Several methods have been devised to smooth the progress of malware analysis and one of them is through visualization techniques. Visualization technique is a basic method which is used to visualize the features of malware or variants. This field focuses on features of individual variants and also helpful to the...

    Provided By International Journal of Computer Applications

  • White Papers // Jul 2015

    A View on Data Security System for Cloud on Hadoop Framework

    To solve the current data security problem for cloud disk in distributed network, for example transmission, storage security problems, access control and data verification, a network cloud disk security storage system based on Hadoop is proposed. Based on the different secret level of client data, it provides selective encryption method...

    Provided By International Journal of Computer Applications