Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Webinar Archives

Upcoming Webinars
Unifying Your Enterprises Endpoint Security Strategy
Date: Jul 27, 2021

View archived webinar

For enterprises that support many users and endpoints, building and maintaining a consistent security strategy was a major challenge even before 2020. Since the onset of the global pandemic, however, it has become more difficult than ever to build and maintain a security strategy that protects enterprise data and users across such a wide variety of devices and locations. In this Dark Reading webinar, top experts discuss strategies and tools for unifying endpoint security policies and practices, and for simplifying the process of end user provisioning, access, and security management. Attendees will get an overview of the methods they can use to unify endpoint security capabilities, and the tools available to manage endpoint security across the enterprise.

Building an Incident Readiness and Response Playbook
Date: Jul 22, 2021

View archived webinar

The cyber attackers hit their mark: now what do you do? Whom do you call first? Do you have a plan to contain the damage, eliminate the threat, avoid destruction of forensic evidence, and keep the business operational at the same time? Do you know how to uphold compliance requirements, address customer questions, and pay for all the unforeseen costs of an emergency? Don't make a data breach any harder than it needs to be. At this webinar, learn the Xs and Os of any good security incident readiness and response playbook.

Building Threat Intelligence into Your Enterprise Security Strategy
Date: Jul 21, 2021

View archived webinar

In recent years, many enterprises have discovered that they can improve their defenses by collecting data about broad trends in online attacks that may pertain to their own IT environments. This “threat intelligence” can make it easier for security teams to prioritize their defense efforts and prepare for online exploits that are likely to hit their organizations. But how should your team go about collecting threat intelligence? How can you correlate this intelligence with your own internal cybersecurity telemetry to determine which attacks might hit your enterprise?

In this webinar, experts offer advice and recommendations on how to collect threat intel, how to analyze it, and how to use it to build a stronger cyber defense.

 

The Threat Hunter's Toolkit: Traits, Techniques, and Favorite Tools of the Trade
Date: Jul 14, 2021

View archived webinar

For years, most IT security organizations have waited to detect new threats and then moved swiftly to defend against them. Today, however, there is a new wave of “threat hunting,” in which the security team takes a more proactive approach --seeking out potential threats using analytical tools. How do these enterprises build threat hunting programs? How do they staff them, and what tools do they need? In this Dark Reading webinar, a top expert discusses the process for building a threat hunting program, and for optimizing the efforts of designated threat hunters in the organization.

Weaknesses in Software Supply Chains: Cybers Unspoken Reality
Date: Jul 13, 2021

View archived webinar

Until the recent SolarWinds compromise, the conversation around supply chains – and more importantly, their vulnerabilities – was rarely discussed in the cybersecurity industry. However, over the last few years, supply chains have become an increasingly lucrative target for hackers. And when the core software supply chain itself is compromised, the results are often catastrophic.

In this webinar, we’ll examine the weaknesses in software supply chains and what organizations should consider to protect themselves from malicious attacks.

Finding and Stopping Enterprise Data Breaches
Date: Jun 24, 2021

View archived webinar

It’s the nightmare of every cybersecurity professional. Not only have cybercriminals breached your enterprise’s IT defenses and compromised critical data, but it wasn’t your team that discovered the compromise. Not only did you fail to keep the attacker out – you failed to detect the breach when it happened.

A new virtual event is designed to help you prevent that nightmare from happening to you. Finding and Stopping Enterprise Data Breaches -- a free, all-day online conference produced by the editors of Dark Reading -- offers a look at some of the latest and most effective methods for detecting threats and compromises, as well as the key steps you should take to mitigate them. You’ll get a look at the next wave of threat detection tools and practices, as well as expert advice and recommendations on how to respond to a data breach. Top security experts and researchers will discuss ways to discover sophisticated and targeted exploits, even when they are well obfuscated. Best of all, you’ll get insight on what to do when you’ve discovered those compromises, including how to limit their impact and when to contact law enforcement.

Among the topics that will be covered at Finding and Stopping Enterprise Data Breaches:

  • A look at some of the latest tools and practices for detecting a compromise, including EDR and xDR
  • Insight on how your organization can use next-generation technologies such as AI and machine learning to uncover sophisticated attacks
  • Methods for analyzing system logs and threat intelligence to help detect hidden attacks
  • Critical actions to take when you suspect your data has been compromised
  • Key steps to mitigate a compromise and limit its impact
  • Building blocks of an effective incident response plan
  • How to staff and train your cybersecurity analysts and first responders

If you want to get up to date on the latest tools and practices for detecting cyber attacks – and limit their impact -- then this virtual event is for you.

Smarter Security Automation for Streamlined SecOps
Date: Jun 23, 2021

View archived webinar

A shortage of skilled IT security professionals has given rise to a whole new class of technology and practices designed to automate repetitive and time-consuming tasks in security operations. But which tasks can enterprises safely automate? How does emerging automation technology work, and how can security teams implement it in a way that is both effective and secure? In this webinar, top experts offer insights on how to make automation work for your security team.

Threat Deception: Tricking Attackers for Fun and Defense
Date: Jun 16, 2021

View archived webinar

All organizations have tools and strategies for keeping attackers out. But what if you could distract and frustrate attackers by making them *think* they’ve gotten in? In this webinar, experts discuss emerging tools and strategies for cyber deception, which enables you to put your attackers into a juicy-looking, yet bogus environment that prevents them from cracking your actual data.

Ransomware Resilience and Response Playbook
Date: Jun 09, 2021

View archived webinar

When ransomware locks up your business’s critical data and essential gear, panic can set in fast–which just makes you more vulnerable. But questions abound: is this a ransomworm that’s going to spread to other endpoints? Are the attackers going to dox us too? Should we pay the ransom even though we know we’re not supposed to? How good are our backups? Have we adequately prepared to continue business operations? Be prepared with some answers. 

A Master Class on IT Security: Roger Grimes Teaches Ransomware Mitigation
Date: Jun 03, 2021

View archived webinar

Cyber-criminals have become thoughtful about ransomware attacks; taking time to maximize your organization’s potential damage and their payoff. Protecting your network from this growing threat is more important than ever. And nobody knows this more than Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.

With 30+ years experience as a computer security consultant, instructor, and award-winning author, Roger has dedicated his life to making sure you’re prepared to defend against quickly-evolving IT security threats like ransomware.

Join Roger for this thought-provoking webinar to learn what you can do to prevent, detect, and mitigate ransomware.

What We All Got Wrong About The Internet
Date: May 26, 2021

View archived webinar

Throughout the history of the Web, there have been a lot of incorrect assumptions about the internet – and those myths impact how we view cybersecurity today.

Join guest speakers from Palo Alto Networks for a webinar on what we all got wrong about the internet—a talk about the many pervasive (and wrong) assumptions related to the structure of the Internet, and how these bad assumptions continue to influence cybersecurity strategy today.

With a new understanding that what we think we know isn’t always true, we will dive into attack surface management technology and how it can help lead security efforts in the future. Join us for the conversation!

Web Security: Protecting Your Data from Internet Threats
Date: May 19, 2021

View archived webinar

One of the most accessible methods of cracking your corporate data is through a simple Internet connection. In this webinar, experts offer a look at some of the most common ways that cyber attackers use to crack enterprise systems via the Web, and what you can do to improve your own organization’s Web security–not only at the server level, but across your Web-connected systems and applications.

Making XDR Work in Your Enterprise
Date: May 12, 2021

View archived webinar

Cybersecurity teams are working to extend detection and response technologies from the endpoint to many other parts of the enterprise IT environment, including the network, the cloud, and managed services. But how do these “XDR” technologies work in real operating environments?  How do they tie together, and what are the challenges in implementing them?  In this Dark Reading webinar, experts discuss the real-life implementation issues surrounding emerging detection and response technologies. You’ll learn how these emerging technologies can be integrated with your existing cybersecurity tools, and how XDR technology might affect your cybersecurity operations and processes.

Keys to Better Cyber Risk Assessment
Date: May 05, 2021

View archived webinar

The perils of security breaches are widely publicized, but do you know exactly how an attack or breach would affect your business? At this Dark Reading webinar, learn about the costs associated with today’s threats and data breaches, how to measure current threats, and how to quantify the risks to your organization, so that you can implement the tools and processes to prioritize costs and defense strategies specifically for your environment.

Building Asset Management into Your Enterprise Security Strategy
Date: Apr 21, 2021

View archived webinar

A key reason for many enterprise security breaches is that security teams find themselves supporting systems, applications, and devices that they didn’t know they had. Often, attackers exploit these “blind spots” by introducing devices or code that appears to be legitimate. How can you get a complete picture of your IT assets – and identify rogue components that might present a threat to your enterprise?

In this webinar, experts discuss methods and technologies for gaining a more complete picture of your IT environment, and for securing or eliminating unknown elements that attempt to use your network.

Insider Threats: An Interactive Crisis Simulation
Date: Apr 20, 2021

View archived webinar

Every day, sensitive enterprise data is compromised by trusted users who, knowingly or accidentally, expose critical information to the outside world. Such compromises can cost your organization dearly in liability, loss of intellectual property, and loss of customer and supplier trust. Do you have the tools, skills, and staffing needed to prevent such a breach? Do you know what steps you must take in the event of a compromise?

On April 20, Immersive Labs will offer a unique opportunity to see, first-hand, the impact of an insider compromise. This interactive webinar will throw attendees into an emerging insider threat simulation taking place at a fictional pharmaceutical company. In this scenario, participants from various industries must use their decision-making skills to find the insider threat, manage the growing crisis, and prevent the loss of potentially billions of dollars.

The crisis simulation will help attendees see how insider threats can happen, how they spread, and the impact they can have on critical business and personal information. You’ll also get a look at methods your organization can use to prevent such threats, and strategies for mitigating them. Attending this educational simulation will benefit any industry/company concerned with keeping IP, trade secrets or data secure from insider threat.

How to Think Like a Cyber Attacker
Date: Apr 14, 2021

View archived webinar

More and more, enterprises are discovering that the best way to test and defend their organization is to view their IT environment from the perspective of an attacker. But how do you predict an attacker's motives and simulate their methods, and how do you know that you aren’t overlooking key vulnerabilities? In this Dark Reading webinar, experts discuss methods for testing your security’s mettle by thinking like your adversary.

Understanding XDR
Date: Apr 08, 2021

View archived webinar

Over the past few years, many enterprises have discovered the benefits of endpoint detection and response (EDR) tools, which help to identify potential threats and warn security teams to take action. But today, many enterprises are also realizing that other threat surfaces, such as networks and clouds, also provide critical telemetry that can help security teams to quickly identify and respond to threats. In this webinar, experts discuss the benefits and limitations of EDR, and offer recommendations on how to extend these capabilities to other parts of the IT infrastructure in order to improve overall security. 

Detecting and Mitigating Attacks on Remote Workers
Date: Apr 06, 2021

View archived webinar

COVID-19 forced a rapid shift to remote work in every enterprise –and created a green field for cyber attackers. Early attacks focused on COVID-themed phishing attacks, but today cybercriminals are finding new ways of compromising corporate data via home wi-fi, poorly-secured endpoints, and vulnerable mobile devices. In this webinar, experts discuss some of the cyber attacks that have been made on work-from-home end users, as well as exploits against remote systems and devices. More importantly, the experts discuss what you can do to detect such attacks before they can do damage to your corporate data, and how you can mitigate them so they don’t compromise your systems again.

Cybersecuritys Next Wave: What Every Enterprise Should Know
Date: Mar 25, 2021

View archived webinar

Cybersecurity technology and practices are undergoing a sea change. While COVID-19 quarantines literally turned enterprise networks upside down overnight, a new wave of online attacks put enterprise data at risk. Today’s security operations center, once focused entirely on perimeter defenses, is now abuzz with new disciplines, including threat hunting and incident response. And yesterday’s security technologies are being remade with new capabilities, including artificial intelligence, automation, and orchestration.

How is your security organization keeping up with these rapid shifts in process and technology? Have you been briefed on the latest approaches to securing a widely-remote set of users and trading partners? Would you like to know more about evolving methods for automating cybersecurity processes, enabling the security team to do more work with fewer staff? Can AI and machine learning really help your team to detect and mitigate the new wave of sophisticated attacks?

Get the answers to these and many other emerging cybersecurity questions at Dark Reading’s first-quarter event: Cybersecurity’s Next Wave: What Every Enterprise Should Know. This free, all-day online conference, produced by the editors of Dark Reading, offers an online “crash course” on some of the latest tools and best practices for fighting the next generation of security threats. You’ll hear from top experts and practitioners on how to secure remote systems, even after the COVID-19 crisis has settled.

Among the topics that will be covered at Cybersecurity’s Next Wave: What Every Enterprise Should Know:

  • Strategies for improving security in remote and work-from-home systems
  • New methods for securing links to customers and suppliers working remotely
  • Emerging best practices and technologies for automating cybersecurity processes
  • Methods for linking and orchestrating existing systems to improve overall security
  • Tools and processes for collecting and filtering security data
  • Strategies for using AI and machine learning to improve threat detection
  • Advice and recommendations for penetration testing and threat hunting
  • Future directions of security technology – and how to prepare for them

If you want to get up the speed on the latest developments in cybersecurity tools and best practices – including methods for securing today’s widely-remote enterprise workforce -- then this virtual event is for you.

Zero Trust for a Work-From-Home World
Date: Mar 17, 2021

View archived webinar

When organizations abruptly sent vast numbers of employees home, their carefully planned security architectures were forced to adapt to new challenges. But the makeshift WFH security architectures thrown together with duct tape and rubber bands in spring 2020 are not strong enough to handle the needs of an enterprise with a permanently remote workforce. Precious corporate endpoint devices sent to unfamiliar locations, connecting to routers that use default passwords, and sharing space with unsecured IoT devices...is a zero-trust security architecture even possible in a situation like this? In this Dark Reading webinar, learn how to make layered, zero-trust architecture work among today's business realities (and tomorrow's).

People Are The Most Important Part of Autonomous SOC
Date: Mar 16, 2021

View archived webinar

The vision of Autonomous SOC is not one intended to be fully realized, but to provide a framework for solving security operations challenges by prioritizing your most valuable asset, people. As security teams make meaningful improvements in their use of automation, as well as technologies that monitor and adapt, they are prioritizing the most important asset in the people, processes, and technology triumvirate.

In this webinar, we will explore specific challenges to identify, validate, and remediate to advance your own maturity toward an autonomous SOC.

Detecting and Preventing Insider Data Leaks
Date: Mar 11, 2021

View archived webinar

While malicious insiders often get the headlines, most enterprise data leaks are accidental -- caused by end users who fail to follow corporate security policy or try to work around it. In this webinar, experts discuss methods for detecting and preventing risky or anomalous end user behavior, as well as methods for preventing unauthorized access and transfer of data by end users. You’ll also get insight on the evolution of technology used to prevent accidental data leaks, such as data leak protection (DLP) and alternatives.

Drafting a Data Breach Response Playbook
Date: Mar 09, 2021

View archived webinar

The cyber attackers hit their mark, and your sensitive databases have been breached: now what do you do? Whom should you call first? What should you tell customers, employees and other stakeholders; and when? Do you have a plan to contain the damage, eliminate the threat, avoid destruction of forensic evidence, and keep the business operational at the same time? Do you know how to uphold compliance requirements, address customer questions, and pay for all the unforeseen costs of a data breach? Be prepared with some answers. In this webinar, learn what processes and procedures, tools and techniques should go into your data breach response playbook, so your infosec “bad day” doesn’t need to be worse.

Ten Keys to Better Security Data Analysis
Date: Mar 03, 2021

View archived webinar

If you’re swimming in security incident data, alerts, and log files, you’re not alone. How can you aggregate that data and analyze it quickly, to identify sophisticated or obfuscated attacks? In this webinar, experts discuss ways to effectively collect and analyze large amounts of security data, enabling you to surface the threat and exploit information that you need to defend your enterprise. Speakers will also offer recommendations on how to automate some of that data analysis, so that you can identify threats more easily, and stop attackers more quickly.

How Elite Analyst Teams are Transforming Security with Threat Reconnaissance
Date: Feb 24, 2021

View archived webinar

Recent high profile Advanced persistent threat (APT) breaches have highlighted not only the need to see your whole attack surface from the attackers’ perspectives, but the need to get ahead of these threats by monitoring threat actor infrastructures as they evolve.

Organizations in a variety of high-risk industries continually face sophisticated threat actors, and many have fundamentally changed their organizations’ approach to security by implementing forward-leaning threat reconnaissance programs.

In this webinar, we will look at case studies from consumer banks and big retail to illustrate how these organizations are leveraging their analyst teams in more strategic ways to vastly improve their security postures. Learn how these organizations are getting the upper hand on high-criticality threats by tracing, mapping and monitoring the infrastructures of their high priority adversaries.

Protecting Your Enterprise's Intellectual Property
Date: Feb 17, 2021

View archived webinar

Cyber attackers can scrape by stealing personal information and credentials, but the “big score” is intellectual property theft. Attacks on IP require a level of sophistication that most enterprises have never encountered before – is your cybersecurity team ready to face them? In this webinar, you’ll learn about the techniques and tactics that cybercriminals use to crack IP, and how your organization can detect and defend itself against these sophisticated, targeted attacks. 

Building the SOC of the Future: Next-Generation Security Operations
Date: Feb 11, 2021

View archived webinar

No matter what your industry, your organization’s size, or the number of work-from-home staff you have, there is a growing need to monitor your systems for potential threats – and have the capacity to respond quickly in the event of a compromise. To build out this capacity, many enterprises are building or expanding their security operations centers (SOCs) to improve their ability to detect and respond to cyber threats. In this webinar, experts offer insight and recommendations on how to build a next-generation SOC, and what tools and skills you may need to outfit that SOC to respond to today’s most current threats and online exploits.

Securing and Monitoring Networks in the 'New Normal'
Date: Feb 10, 2021

View archived webinar

As the smoke clears from the COVID-19 crisis, one thing is clear: the enterprise network will never be the same. Many end users have discovered that they like working from home, and they’re planning to continue. Many former brick-and-mortar business models have become digital, and will likely stay that way. And network architectures, and the security architectures that support them, will have to change permanently. In this webinar, top experts discuss methods for re-architecting network and security strategies to ensure that these new worker and business models remain safe and minimize cyber risk. You’ll learn how you can adapt your enterprise’s and security tools and practices to the “new normal,” and how to use these changes to make your corporate data more secure.

Making Cybersecurity Work in Small and Medium-Sized Businesses
Date: Feb 03, 2021

View archived webinar

Small and medium-sized businesses (SMBs) sometimes believe they are too small to be targeted by cyber attackers. In recent years, that idea has been debunked by a wide variety of attacks on SMBs, from simple malware to account takeover. Yet many SMBs cannot take advantage of enterprise security tools and services that are too expensive or complex for their small teams to manage. In this Dark Reading webinar, experts offer tips and recommendations for securing the smaller enterprise, and for implementing simple, affordable tools and best practices that make sense for resource-limited SMB.

Now That Ransomware Has Gone Nuclear, How Can You Avoid Becoming the Next Victim?
Date: Aug 18, 2020

View archived webinar

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-37759
PUBLISHED: 2021-07-31
A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
CVE-2021-37760
PUBLISHED: 2021-07-31
A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
CVE-2020-26564
PUBLISHED: 2021-07-31
ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have <!ENTITY content, create a .xml file for a generic survey template (containing a link to this .css file), and import this .xml file at the survey/admin/folderSurvey.do?action=viewImportSurvey['importFil...
CVE-2020-26565
PUBLISHED: 2021-07-31
ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList.do from parameter. This can be used to retrieve possibly sensitive serverInfo data.
CVE-2020-26806
PUBLISHED: 2021-07-31
admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted File Upload of executable JSP files, resulting in remote code execution, because filePath can have directory traversal and fileContent can be valid JSP code.