Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Webinar Archives

Upcoming Webinars
How Security Vulnerabilities Are Introduced In the Application Development Process And How to Stop It
Date: Oct 12, 2021

View archived webinar

Every day, enterprises deploy application code that contains critical security vulnerabilities – because those flaws went overlooked or unrecognized by the application development team. How do these vulnerabilities escape the development process?  In this Dark Reading webinar, top application security experts outline some of the most commonly-occurring vulnerabilities and offer insight on how and why these flaws are introduced during software development. Attendees will learn about tools and practices for eliminating these vulnerabilities, and receive advice and recommendations on how to improve the development process to find and fix application security flaws – before the code is deployed.

Defense Strategies to Combat Sophisticated Ransomware and Multi-Vector Attacks
Date: Oct 07, 2021

View archived webinar

To defend themselves effectively, companies need to detect ransomware attacks early, gather the intelligence to understand the attack and prevent attacks from occurring in the future. In this webinar, Shailesh Athalye, EVP Product Management will discuss ransomware trends, defensive maneuvers and discuss the inspiration and research behind Qualys’ new Ransomware Risk Assessment service that provides companies with a hyper-personalized plan to remediate the vulnerabilities in their environment.

Next-Gen Authentication: A Strategy for MFA, Passwordless, and Beyond
Date: Oct 06, 2021

View archived webinar

Cyber experts agree: Data cannot become more secure until end user authentication goes beyond the simple password. But what are the right tools and strategies for authentication in your organization? How can you move beyond the password and implement next-generation authentication technology? In this webinar, experts offer a broad look at your options for multifactor authentication, the challenges and pitfalls of these options, and how to develop an authentication strategy that works best for your enterprise.

Ten Hot Talks from Black Hat 2021
Date: Sep 29, 2021

View archived webinar

The annual Black Hat USA 2021 in Las Vegas featured a full slate of cybersecurity researchers presenting. They offered up discoveries about new critical security vulnerabilities, new threats, and new security tools that enterprise defenders need to know about as they plan their road maps and adjust their strategic priorities for the future. Join us for the webinar for an overview of the ten hottest presentations and learn about some of the key trends explored by researchers, including supply chain security issues, the use and abuse of artificial intelligence in cybersecurity and other business applications, the latest in social engineering and disinformation, and the goings-on within organized threat groups.

Detecting and Stopping Online Attacks
Date: Sep 23, 2021

View archived webinar

Today’s cyber attackers can compromise your systems using a variety of methods, from well-disguised malware to sophisticated, targeted exploits aimed right at your company. How can you identify these attacks quickly and respond effectively?  In this Dark Reading webinar, top experts discuss executive strategies and actionable methods your security operations team can use to detect different types of attacks and trigger a quick, effective response.

The Latest Cloud Security Threats & How to Combat Them
Date: Sep 22, 2021

View archived webinar

More businesses have shifted critical assets and operations to the cloud, as service providers enhance their security capabilities and companies adapt to more remote workforces. And cyber attackers have adapted accordingly. In this webinar, experts outline the top ways that attackers are exploiting cloud services, applications and implementations and give advice on how to use the cloud more securely.

Implement DMARC the Right Way to Keep Phishing Attacks Out of Your Inbox
Date: Sep 21, 2021

View archived webinar

DMARC, SPF, and DKIM are global anti-domain-spoofing standards, which can significantly cut down on phishing attacks. Implemented correctly they allow you to monitor email traffic, quarantine suspicious emails, and reject unauthorized emails. But less than 30% of organizations are actually using them. And even fewer are using them correctly.

In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will teach you how to enable DMARC, SPF, DKIM the right way. You’ll also discover six reasons why phishing still might get through to your inbox and what you can do to maximize your defenses.

Security Alert Fatigue: How to Wake Up and Take Back Control of your SOC
Date: Sep 15, 2021

View archived webinar

Adding new security tools to your SOC toolset may help alert you to the newest cyber threats to your business. However, when a zillion unprioritized alerts hit you in a day, you might start treating them like whack-a-mole or the snooze button on your alarm clock. How can you manage security alerts so they are most meaningful to your business, and act on them in an appropriate, timely manner? In this webinar, learn expert tips on how to improve your processes and use orchestration to relieve security alert fatigue, get the most out of your security investments and improve your cyber incident response.

Test TItle
Date: Sep 15, 2021

View archived webinar

test

"The New Normal" of Supply Chain Security
Date: Sep 08, 2021

View archived webinar

COVID-19 did more than just transform communications between employees and internal enterprise systems. For many enterprises, it also transformed interactions with customers and suppliers, adding new risks and cybersecurity challenges. In this webinar, experts discuss potential vulnerabilities in the new supply chain, and potential threats from online attackers. They also discuss the impact of these changes on compliance with industry and regulatory rules that govern the supply chain. You’ll learn how to protect your data from suppliers or customers whose systems or end users might be at risk. And you’ll get advice on how to protect your sensitive data from third-party vulnerabilities.

How to Outsource Security Without Inviting Risk and Wasting Money
Date: Aug 24, 2021

View archived webinar

The security industry has struggled with a skills shortage for years, and now in the wake of the COVID-19 pandemic, some infosec departments have even greater demands with even smaller staffs. Is outsourcing an option for your organization? If so, what functions are safe to hand over to a third party? In this webinar, experts offer advice on how to effectively use third-party service providers, how to choose a provider that fits your requirements, and how to ensure the third-party provider is meeting your security requirements.

Reduce Supply Chain Risk by External Threat Hunting
Date: Aug 19, 2021

View archived webinar

In this webinar, we’ll look at how one Fortune 100 organization transformed its security program by investing in external threat hunting, establishing a world class threat reconnaissance program that now has proven ROI.  With no-touch monitoring of its third parties’ networks, this company gets ahead of supply chain threats and reduced its exposure. 

Making Security Orchestration Automation and Response (SOAR) Work in Your Enterprise
Date: Aug 17, 2021

View archived webinar

Over the past few years, many enterprises have been improving cybersecurity by implementing the Security Orchestration, Automation, and Response (SOAR) framework, which provides a path to collect threat data from multiple sources and respond to some security events automatically. How does SOAR work in the enterprise? How does it lower security risk, and what skills and tools do you need to make it work in your own organization? In this webinar, experts answer these questions and provide recommendations on practical implementation of the SOAR concept.

Two Sides of the PAM Coin
Date: Aug 11, 2021

View archived webinar

There are two sides of the PAM (Privileged Access Management) Coin. Password vaulting is one. Privilege Elevation is the other.

A vault is a great first step in protecting your company from identity-related data breaches, but don’t stop there! We invite you to join ThycoticCentrify to learn why you must go beyond simply implementing a vault to further mitigate risk and align with modern best practices such as Zero Trust.

Unifying Your Enterprises Endpoint Security Strategy
Date: Jul 27, 2021

View archived webinar

For enterprises that support many users and endpoints, building and maintaining a consistent security strategy was a major challenge even before 2020. Since the onset of the global pandemic, however, it has become more difficult than ever to build and maintain a security strategy that protects enterprise data and users across such a wide variety of devices and locations. In this Dark Reading webinar, top experts discuss strategies and tools for unifying endpoint security policies and practices, and for simplifying the process of end user provisioning, access, and security management. Attendees will get an overview of the methods they can use to unify endpoint security capabilities, and the tools available to manage endpoint security across the enterprise.

Building an Incident Readiness and Response Playbook
Date: Jul 22, 2021

View archived webinar

The cyber attackers hit their mark: now what do you do? Whom do you call first? Do you have a plan to contain the damage, eliminate the threat, avoid destruction of forensic evidence, and keep the business operational at the same time? Do you know how to uphold compliance requirements, address customer questions, and pay for all the unforeseen costs of an emergency? Don't make a data breach any harder than it needs to be. At this webinar, learn the Xs and Os of any good security incident readiness and response playbook.

Building Threat Intelligence into Your Enterprise Security Strategy
Date: Jul 21, 2021

View archived webinar

In recent years, many enterprises have discovered that they can improve their defenses by collecting data about broad trends in online attacks that may pertain to their own IT environments. This “threat intelligence” can make it easier for security teams to prioritize their defense efforts and prepare for online exploits that are likely to hit their organizations. But how should your team go about collecting threat intelligence? How can you correlate this intelligence with your own internal cybersecurity telemetry to determine which attacks might hit your enterprise?

In this webinar, experts offer advice and recommendations on how to collect threat intel, how to analyze it, and how to use it to build a stronger cyber defense.

 

The Threat Hunter's Toolkit: Traits, Techniques, and Favorite Tools of the Trade
Date: Jul 14, 2021

View archived webinar

For years, most IT security organizations have waited to detect new threats and then moved swiftly to defend against them. Today, however, there is a new wave of “threat hunting,” in which the security team takes a more proactive approach --seeking out potential threats using analytical tools. How do these enterprises build threat hunting programs? How do they staff them, and what tools do they need? In this Dark Reading webinar, a top expert discusses the process for building a threat hunting program, and for optimizing the efforts of designated threat hunters in the organization.

Weaknesses in Software Supply Chains: Cybers Unspoken Reality
Date: Jul 13, 2021

View archived webinar

Until the recent SolarWinds compromise, the conversation around supply chains – and more importantly, their vulnerabilities – was rarely discussed in the cybersecurity industry. However, over the last few years, supply chains have become an increasingly lucrative target for hackers. And when the core software supply chain itself is compromised, the results are often catastrophic.

In this webinar, we’ll examine the weaknesses in software supply chains and what organizations should consider to protect themselves from malicious attacks.

Finding and Stopping Enterprise Data Breaches
Date: Jun 24, 2021

View archived webinar

It’s the nightmare of every cybersecurity professional. Not only have cybercriminals breached your enterprise’s IT defenses and compromised critical data, but it wasn’t your team that discovered the compromise. Not only did you fail to keep the attacker out – you failed to detect the breach when it happened.

A new virtual event is designed to help you prevent that nightmare from happening to you. Finding and Stopping Enterprise Data Breaches -- a free, all-day online conference produced by the editors of Dark Reading -- offers a look at some of the latest and most effective methods for detecting threats and compromises, as well as the key steps you should take to mitigate them. You’ll get a look at the next wave of threat detection tools and practices, as well as expert advice and recommendations on how to respond to a data breach. Top security experts and researchers will discuss ways to discover sophisticated and targeted exploits, even when they are well obfuscated. Best of all, you’ll get insight on what to do when you’ve discovered those compromises, including how to limit their impact and when to contact law enforcement.

Among the topics that will be covered at Finding and Stopping Enterprise Data Breaches:

  • A look at some of the latest tools and practices for detecting a compromise, including EDR and xDR
  • Insight on how your organization can use next-generation technologies such as AI and machine learning to uncover sophisticated attacks
  • Methods for analyzing system logs and threat intelligence to help detect hidden attacks
  • Critical actions to take when you suspect your data has been compromised
  • Key steps to mitigate a compromise and limit its impact
  • Building blocks of an effective incident response plan
  • How to staff and train your cybersecurity analysts and first responders

If you want to get up to date on the latest tools and practices for detecting cyber attacks – and limit their impact -- then this virtual event is for you.

Smarter Security Automation for Streamlined SecOps
Date: Jun 23, 2021

View archived webinar

A shortage of skilled IT security professionals has given rise to a whole new class of technology and practices designed to automate repetitive and time-consuming tasks in security operations. But which tasks can enterprises safely automate? How does emerging automation technology work, and how can security teams implement it in a way that is both effective and secure? In this webinar, top experts offer insights on how to make automation work for your security team.

Threat Deception: Tricking Attackers for Fun and Defense
Date: Jun 16, 2021

View archived webinar

All organizations have tools and strategies for keeping attackers out. But what if you could distract and frustrate attackers by making them *think* they’ve gotten in? In this webinar, experts discuss emerging tools and strategies for cyber deception, which enables you to put your attackers into a juicy-looking, yet bogus environment that prevents them from cracking your actual data.

Ransomware Resilience and Response Playbook
Date: Jun 09, 2021

View archived webinar

When ransomware locks up your business’s critical data and essential gear, panic can set in fast–which just makes you more vulnerable. But questions abound: is this a ransomworm that’s going to spread to other endpoints? Are the attackers going to dox us too? Should we pay the ransom even though we know we’re not supposed to? How good are our backups? Have we adequately prepared to continue business operations? Be prepared with some answers. 

A Master Class on IT Security: Roger Grimes Teaches Ransomware Mitigation
Date: Jun 03, 2021

View archived webinar

Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.

With 30+ years experience as a computer security consultant, instructor, and award-winning author, Roger has dedicated his life to making sure you’re prepared to defend against quickly-evolving IT security threats like ransomware.

Join Roger for this thought-provoking webinar to learn what you can do to prevent, detect, and mitigate ransomware.

What We All Got Wrong About The Internet
Date: May 26, 2021

View archived webinar

Throughout the history of the Web, there have been a lot of incorrect assumptions about the internet – and those myths impact how we view cybersecurity today.

Join guest speakers from Palo Alto Networks for a webinar on what we all got wrong about the internet—a talk about the many pervasive (and wrong) assumptions related to the structure of the Internet, and how these bad assumptions continue to influence cybersecurity strategy today.

With a new understanding that what we think we know isn’t always true, we will dive into attack surface management technology and how it can help lead security efforts in the future. Join us for the conversation!

Web Security: Protecting Your Data from Internet Threats
Date: May 19, 2021

View archived webinar

One of the most accessible methods of cracking your corporate data is through a simple Internet connection. In this webinar, experts offer a look at some of the most common ways that cyber attackers use to crack enterprise systems via the Web, and what you can do to improve your own organization’s Web security–not only at the server level, but across your Web-connected systems and applications.

Making XDR Work in Your Enterprise
Date: May 12, 2021

View archived webinar

Cybersecurity teams are working to extend detection and response technologies from the endpoint to many other parts of the enterprise IT environment, including the network, the cloud, and managed services. But how do these “XDR” technologies work in real operating environments?  How do they tie together, and what are the challenges in implementing them?  In this Dark Reading webinar, experts discuss the real-life implementation issues surrounding emerging detection and response technologies. You’ll learn how these emerging technologies can be integrated with your existing cybersecurity tools, and how XDR technology might affect your cybersecurity operations and processes.

Keys to Better Cyber Risk Assessment
Date: May 05, 2021

View archived webinar

The perils of security breaches are widely publicized, but do you know exactly how an attack or breach would affect your business? At this Dark Reading webinar, learn about the costs associated with today’s threats and data breaches, how to measure current threats, and how to quantify the risks to your organization, so that you can implement the tools and processes to prioritize costs and defense strategies specifically for your environment.

Building Asset Management into Your Enterprise Security Strategy
Date: Apr 21, 2021

View archived webinar

A key reason for many enterprise security breaches is that security teams find themselves supporting systems, applications, and devices that they didn’t know they had. Often, attackers exploit these “blind spots” by introducing devices or code that appears to be legitimate. How can you get a complete picture of your IT assets – and identify rogue components that might present a threat to your enterprise?

In this webinar, experts discuss methods and technologies for gaining a more complete picture of your IT environment, and for securing or eliminating unknown elements that attempt to use your network.

Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-20836
PUBLISHED: 2021-10-19
Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening a specially crafted SCS project files.
CVE-2021-41154
PUBLISHED: 2021-10-18
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions an attacker with read access to a "SVN core" repository could execute arbitrary SQL queries. The following versions contain the fix: Tuleap Community Edition 11.1...
CVE-2021-41155
PUBLISHED: 2021-10-18
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following versions contain the fix...
CVE-2021-41152
PUBLISHED: 2021-10-18
OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere on t...
CVE-2021-41153
PUBLISHED: 2021-10-18
The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. Thi...