Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Webinar Archives

Upcoming Webinars
The Threat From the Internet and What Your Organization Can Do About It
Date: Jun 30, 2020

View archived webinar

For most enterprises, the increasing use of the Internet has created new business opportunities, greater efficiencies, and a green field for innovation. But growing use of the Internet is also increasing the risk of cyber attack. In recent years, online attackers have launched a wide range of Internet-borne attacks, ranging from DDoS to DNS-based exploits to infiltration of commercial websites. And with the world relying more heavily on Web-based communications during the COVID-19 pandemic, new threats are emerging. In this webinar, experts describe some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business.

Preparing For, Detecting, and Managing a Critical Data Breach
Date: Jun 17, 2020

View archived webinar

There is one nightmare day that all IT and cybersecurity professionals dread: the discovery of a critical data breach. It’s potentially one of the most impactful – yet least predictable -- days that your business will face. And, to a large extent, that impact will be determined by the decisions you make next.

For the most experienced and effective cybersecurity teams, though, that “really bad day” doesn’t come as a surprise. Such teams prepare for security incidents with tools for early detection and processes for incident response. Just as emergency first responders know how to handle a fire or a hurricane, cybersecurity first responders know what to do in the event of a major data compromise. Is your team ready? You can find out by attending Dark Reading’s June 17 event: Preparing For, Detecting, and Managing a Critical Data Breach.

Preparing For, Detecting, and Managing a Critical Data Breach -- a free, all-day online conference produced by the editors of Dark Reading – will help you and your cybersecurity team lay down the groundwork for a mission-critical data breach. You’ll get insight on the steps you can take today to ready your enterprise for a cyber compromise – including the best methods for building and rehearsing a breach response program. You’ll hear about tools and best practices for detecting a breach, even when it’s well-obfuscated. You’ll get firsthand insight on how to build incident response programs that work, even in the face of an all-out cyber attack. And you’ll get advice on how to minimize the impact of a critical breach, and how to begin remediation as quickly as possible.

Among the topics that will be covered at Preparing For, Detecting, and Managing a Critical Data Breach:

  • Strategies for creating and rehearsing an enterprise-wide breach response plan
  • Best practices and technologies for detecting potential intrusions or infections
  • Recommendations for building and managing an incident response plan
  • Methods for limiting the scope and impact of a data breach
  • How to determine the extent of a breach, and what system/partners may be affected
  • Strategies for speeding the remediation process
  • Limiting the costs and liabilities associated with cyber breaches
  • Lessons learned: how to monitor and collect data on future threats

If you want to know more about how to handle a major data breach – including steps you can take today to limit the impact of a compromise tomorrow -- then this virtual event is for you. Register today!

Preparing For, Detecting, and Managing a Critical Data Breach
Date: Jun 17, 2020

View archived webinar

There is one nightmare day that all IT and cybersecurity professionals dread: the discovery of a critical data breach. It’s potentially one of the most impactful – yet least predictable -- days that your business will face. And, to a large extent, that impact will be determined by the decisions you make next.

For the most experienced and effective cybersecurity teams, though, that “really bad day” doesn’t come as a surprise. Such teams prepare for security incidents with tools for early detection and processes for incident response. Just as emergency first responders know how to handle a fire or a hurricane, cybersecurity first responders know what to do in the event of a major data compromise. Is your team ready? You can find out by attending Dark Reading’s June 17 event: Preparing For, Detecting, and Managing a Critical Data Breach.

Preparing For, Detecting, and Managing a Critical Data Breach -- a free, all-day online conference produced by the editors of Dark Reading – will help you and your cybersecurity team lay down the groundwork for a mission-critical data breach. You’ll get insight on the steps you can take today to ready your enterprise for a cyber compromise – including the best methods for building and rehearsing a breach response program. You’ll hear about tools and best practices for detecting a breach, even when it’s well-obfuscated. You’ll get firsthand insight on how to build incident response programs that work, even in the face of an all-out cyber attack. And you’ll get advice on how to minimize the impact of a critical breach, and how to begin remediation as quickly as possible.

Among the topics that will be covered at Preparing For, Detecting, and Managing a Critical Data Breach:

  • Strategies for creating and rehearsing an enterprise-wide breach response plan
  • Best practices and technologies for detecting potential intrusions or infections
  • Recommendations for building and managing an incident response plan
  • Methods for limiting the scope and impact of a data breach
  • How to determine the extent of a breach, and what system/partners may be affected
  • Strategies for speeding the remediation process
  • Limiting the costs and liabilities associated with cyber breaches
  • Lessons learned: how to monitor and collect data on future threats

If you want to know more about how to handle a major data breach – including steps you can take today to limit the impact of a compromise tomorrow -- then this virtual event is for you.

Building and Managing the Next-Generation Security Operations Center (SOC)
Date: Jun 10, 2020

View archived webinar

No matter what your industry or what your organization’s size, there is a growing need to monitor your systems for potential threats – and have the capacity to respond quickly in the event of a compromise. To build out this capacity, many enterprises are building or expanding their security operations centers (SOCs) to improve their ability to detect and respond to cyber threats. In this webinar, experts offer insight and recommendations on how to build a next-generation SOC, and what tools and skills you may need to outfit that SOC to respond to today’s most current threats and online exploits.

Thinking Like an Attacker: Strategies for Defense
Date: Jun 03, 2020

View archived webinar

More and more, enterprises are discovering that the best way to test and defend their organization is to view their IT environment from the perspective of an attacker. But how do you predict an attacker's motives and simulate their methods, and how do you know that you aren’t overlooking key vulnerabilities? In this Dark Reading webinar, experts discuss methods for testing your security’s mettle by thinking like your adversary.

Red Team Realities
Date: May 28, 2020

View archived webinar

Red Team is an exciting term, but it can be misconstrued. How do you know when it’s the right fit for your organization? Using real-world anecdotes, this webinar will illustrate how to navigate a decision-making process aligned to use cases and desired outcomes tailored to your organization's needs. Listen as we discuss the different levels of cybersecurity assessments, and help you determine which one is right for your organization (hint: it's in the title).

The State of IT and Cybersecurity Operations
Date: May 20, 2020

View archived webinar

As companies tighten their belts, the need for coordination between IT and Cybersecurity Operations has never been more urgent. Now is the time to align organizational priorities and budgets.

Dark Reading recently took a measure of the relationship between IT and Security teams. Join us as we discuss the survey, share it's findings and review best practices for CIOs and other leadership roles.

The Future of the Security Operations Center (SOC)
Date: May 13, 2020

View archived webinar

Today's security operations centers (SOCs) are helping enterprises to defend critical data and initiate security incident response. But most experts agree that today’s SOCs will evolve radically in the near future, as technologies such as orchestration, machine learning, artificial intelligence, and security automation become more tightly integrated into SOC processes. In this webinar, top experts will discuss the long-term evolution of SOC technology, staffing, and processes, and how your enterprise can prepare today to implement the SOC of tomorrow.

Building and Managing an Effective Mobile Security Strategy
Date: May 06, 2020

View archived webinar

Most organizations today allow employees and other users to bring their own mobile devices onto the enterprise network to access corporate data. But in many cases, security teams still do not have comprehensive, enforceable security policies that take into account the many technologies and networks that users may employ to connect their mobile devices.

5 Steps to Integrate SAST into the DevSecOps Pipeline
Date: Apr 29, 2020

View archived webinar

Even software with a solid architecture and design can harbor vulnerabilities, whether due to mistakes or shortcuts. But limited security staff don’t have the resources to perform code reviews and provide remediation guidance on the entire application portfolio. Static analysis, also known as static application security testing (SAST), is an automated way to find bugs, back doors, and other code-based vulnerabilities so the team can mitigate those risks.

How to Effectively Analyze Security Data
Date: Apr 22, 2020

View archived webinar

If your security team is like most cyber teams in large enterprises, you're probably swimming in security incident data, alerts, and log files. How can you aggregate that data and analyze it quickly, to identify sophisticated or obfuscated attacks? In this webinar, experts discuss ways to effectively collect and analyze large amounts of security data, and find the threat info you need to defend your enterprise. Speakers will also offer recommendations on how to automate some of that data analysis, so that you can identify threats more easily, and stop attackers more quickly.

Malicious Insiders: Real Defense for Real Business
Date: Apr 15, 2020

View archived webinar

"Corporate espionage, sabotage and other security incidents could be committed or aided by any insider with something to gain from it. So how might you predict when a once-trustworthy employee is about to do something malicious? How can you give staff all the tools and access privileges they need to be productive, without leaving the organization open to unnecessary risk? 

In this webinar, learn how cybersecurity professionals can reduce, detect and mitigate the insider threat without disrupting business.

Building an Enterprise Strategy for Detection and Response
Date: Apr 09, 2020

View archived webinar

In the past few years, many enterprises have deployed tools and strategies for endpoint detection and response (EDR). But today's security teams realize that EDR alone is not enough. They need visibility across all their assets, including remote users as well as managed and unmanaged devices. In this webinar, top industry experts discuss how to create a strategy that enables the enterprise security team to do detection and response across a wide variety of technologies and services.

Cyber Attack Evasion Techniques
Date: Mar 23, 2020

View archived webinar

When it comes to evasion techniques there’s a perpetual cat and mouse game between malware developers and solutions providers. By drawing on the latest in evasion techniques, malware developers not only go undetected on the compromised machine but more importantly, they hide their malicious indicators and behaviors from detection tools and automated threat analysis systems.

Shaking Off Security Alert Fatigue: Tips for Taking Control
Date: Mar 18, 2020

View archived webinar

Adding new security tools to your SOC toolset may help alert you to the newest cyber threats to your business. However, when a zillion unprioritized alerts hit you in a day, you might start treating them like whack-a-mole or the snooze button on your alarm clock. How can you manage security alerts so they are most meaningful to your business, and act on them in an appropriate, timely manner? 

Preventing Credential Theft & Account Takeovers
Date: Mar 10, 2020

View archived webinar

Breaches that expose passwords and grant cyber attackers access to privileged user accounts are now so common that users greet the news with more shrugs than shock, and security experts advise to "assume user credentials have been exposed." Yet, these attacks can be as catastrophic as they are commonplace.  Stolen credentials and account takeovers are the footholds cybercriminals use to launch all manner of attacks -- from financial fraud and virtual currency theft, to data breaches and cyber espionage. In this webinar learn how these bread-and-butter cyberattacks work and how to bolster your defenses against them.     

Zero-Trust In Practice
Date: Mar 05, 2020

View archived webinar

Credential theft, lateral movement and other cyber attack tricks have foiled perimeter security again and again. We know that the old philosophy of trusting everything and everyone inside a network is no longer sound. The zero-trust model – trust nothing, verify everything – is the proposed answer to this problem. But it’s easier said than done in real enterprise. In this webinar, learn what zero-trust really looks like in practice, how to overcome challenges along the way, what security benefits you’ll realize right away, and how your organization can take the first steps toward implementing a zero-trust model.

Cloud Security Threats Enterprises Need to Watch
Date: Feb 19, 2020

View archived webinar

More businesses are shifting critical assets and operations to the cloud, as service providers enhance their security capabilities --and cyber attackers have adapted accordingly. In this webinar, experts outline the top ways that attackers are exploiting cloud services, applications and implementations and give advice on how to use the cloud more securely.

Building an Incident Readiness and Response Playbook
Date: Feb 11, 2020

View archived webinar

The cyber attackers hit their mark: now what do you do? Whom do you call first? Do you have a plan to contain the damage, eliminate the threat, avoid destruction of forensic evidence, and keep the business operational at the same time? Do you know how to uphold compliance requirements, address customer questions, and pay for all the unforeseen costs of an emergency? Don't make a data breach any harder than it needs to be. In this webinar, learn the Xs and Os of any good security incident readiness and response playbook.

Linking, Orchestrating, and Managing Your Enterprise Security Systems
Date: Feb 04, 2020

View archived webinar
Over the years, most enterprises have purchased and installed a wide variety of security tools and technologies, from security gateways to firewalls to malware detection systems. Individually, they all solve a problem - but they often can't work together or speak a common language. In this webinar, experts will discuss methods and technologies for linking and integrating disparate security systems to provide a more comprehensive view of security threats - and a more structured data defense. You'll get advice on how to tie your security systems together, and how to automate security processes that work across multiple tools and technologies.
12 Ways to Defeat Multi-Factor Authentication and How To Stop the Bad Guys
Date: Jan 28, 2020

View archived webinar

Everyone knows that multi-factor authentication (MFA) is more secure than a simple login name and password, but too many people think that MFA is a perfect, unhackable solution. It isn't!

Join Roger A. Grimes, KnowBe4's Data-Driven Defense Evangelist, and security expert with over 30-years experience, for this webinar where he will explore 12 ways hackers can and do get around your favorite MFA solution.

 

Getting the Most from Threat Intelligence
Date: Jan 23, 2020

View archived webinar

To get the most out of your relationships with information sharing groups (ISACs) and your threat intelligence feeds, you must understand how, why, and when other organizations' cyber attacks relate to your own organization.

In this webinar, learn how to take a fresh look at external threat intelligence and ensure you have an up-to-date view of attackers’ means, motives and opportunity.

Developing and Managing an Endpoint Security Strategy for Your Enterprise
Date: Jan 14, 2020

View archived webinar

Wireless devices. Mobile laptops that could be booted up from anywhere. Desktop systems loaded with sensitive information. Smartphones and smart TVs. For the IT security manager, the concept of “endpoint security” has evolved significantly over the past year or two. How is your enterprise approaching the endpoint security problem? In this webinar, experts offer advice and recommendations on how to build an endpoint security strategy that works across all of the devices that the end user might employ. You’ll also get insight on how to develop a consistent endpoint security strategy that works for all of your end users, no matter what their roles or applications.

How to Prevent 81% of Phishing Attacks from Sailing Right into Your Inbox with DMARC
Date: Dec 10, 2019

View archived webinar

Only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But even when they are enabled and your domain is more secure, 81% of phishing attacks still continue to sail right through to the end-user.

In this webinar, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, will teach you how to enable DMARC, SPF, DKIM the right way! Then, learn the six reasons why phishing still might get through to your inbox and what you can do to maximize your defenses.

Cloud Sprawl: Its Worse Than You Think
Date: Dec 05, 2019

View archived webinar

Organizations today are blind to how many assets they have in the cloud. Many assume they're only in the three major cloud providers (Amazon Web Services (AWS), Google Cloud Platform, and Microsoft Azure). But in practice, most organizations are in ten or more providers. And if you don’t know about all of your cloud instances, you can’t secure them appropriately. Join us on December 5th to learn how to get complete visibility into your cloud infrastructure with the Expanse Internet Operations Management Platform and reduce your cloud attack surface.

Know Thyself: Cyber Threat Intelligence Gathering Inside Your Organization
Date: Dec 04, 2019

View archived webinar

Some of the most important threat intelligence resides right inside your own organization. What can you learn by taking a closer look at your SIEM, internal telemetry, user lists, and other sources?

In this webinar, learn about the tools that can help your internal threat intelligence gathering and how these efforts could help you detect attackers’ lateral movement, disrupt ransomware and protect endpoint devices.

Enterprise IoT: Rise of the Unmanaged Devices
Date: Dec 03, 2019

View archived webinar

By 2021, up to 90% of devices in businesses will be unmanaged and IoT devices - with no security. Which is why attacks on these devices are up 300% in 2019 alone.

Join Armis, the leading enterprise IoT security company, along with IBM Security Services, to see real-life scenarios of these new unmanaged devices - from enterprise to healthcare to manufacturing.

Defeating Advanced Adversaries with Tactical Analytics
Date: Nov 19, 2019

View archived webinar

In this webinar, you will see how tactical analytics (the main pillar of SOC 3.0) can be set up and used to greatly enhance an organization's security posture against advanced adversaries.

It is a known fact that the traditional reactive defense model is both ineffective and obsolete. The sophisticated techniques, tactics and procedures of modern adversaries necessitate that organizations adopt a proactive defense model and transition to SOC 3.0 operations to be better protected. In this webinar, you will be provided with a clear and technical plan on how to transition to SOC 3.0 and, most importantly, on how to establish a tactical analytics capability to effectively detect and defeat advanced adversaries.

Building a Security Culture
Date: Nov 14, 2019

View archived webinar

Most successful cyber security incidents involve a human at your business -- being manipulated, making an honest mistake, or deliberately taking malicious action. So to defend your organization from any cyber threat, all your users must be ever-vigilant: from your app developers to your accountants, from the CEO to the interns. So how do you build a business-wide culture that values security? How do you not only properly educate users on the threats, but make them care about them? In this webinar, learn the elements of a security culture, how to build one at your organization, and how to know it’s working.

Strategies for Protecting Mission-Critical Data
Date: Nov 06, 2019

View archived webinar

Whether it’s customer lists, intellectual property, or a secret recipe, your mission-critical data is what makes your organization unique – the lifeblood of your enterprise. Yet, with one shrewd exploit, an online attacker – or even one of your own employees – could break the security of that critical information. What steps should you be taking to protect it?

Strategies For Protecting Mission-Critical Data, a free, all-day online conference produced by the editors of Dark Reading, offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. You’ll get insight on how to store critical information securely, and how to ensure its security when it is passed across networks. Top security experts will discuss data encryption strategies, on-premises infrastructure defenses, and how to protect mission-critical data across cloud services, network providers, and partner/supplier environments. You’ll get expert viewpoints and recommendations on how to protect your mission-critical data, and advice on how to identify and protect sensitive data that might be handled outside the IT department’s knowledge or control.

Among the topics that will be covered at Strategies for Protecting Mission-Critical Data:

  • Processes and best practices for identifying sensitive data across the enterprise
  • Tips and tools for ensuring that even “trusted users” cannot access or exfiltrate important data without authorization
  • The latest technologies and strategies for protecting on-premises infrastructure, including networks, servers, and storage systems
  • Strategies for encrypting sensitive information, both in storage and in motion across networks
  • Methods for ensuring that business partners handle sensitive information as securely as your own users
  • Recommendations for working with cloud operators and other service providers to ensure the security of data traveling across their networks
  • Special steps you can take to provide extra protection for your most essential data and information

If you want to know more about the available tools and best practices for protecting mission-critical data from cyberattack – and get some help choosing the right methods and technologies for your own organization -- then this virtual event is for you. Register today!

Strategies for Protecting Mission-Critical Data
Date: Nov 06, 2019

View archived webinar

Whether it’s customer lists, intellectual property, or a secret recipe, your mission-critical data is what makes your organization unique – the lifeblood of your enterprise. Yet, with one shrewd exploit, an online attacker – or even one of your own employees – could break the security of that critical information. What steps should you be taking to protect it?

Strategies For Protecting Mission-Critical Data, a free, all-day online conference produced by the editors of Dark Reading, offers a look at the latest tools, strategies, and best practices for protecting your organization’s most sensitive data. You’ll get insight on how to store critical information securely, and how to ensure its security when it is passed across networks. Top security experts will discuss data encryption strategies, on-premises infrastructure defenses, and how to protect mission-critical data across cloud services, network providers, and partner/supplier environments. You’ll get expert viewpoints and recommendations on how to protect your mission-critical data, and advice on how to identify and protect sensitive data that might be handled outside the IT department’s knowledge or control.

Implementing an Effective Defense Against Ransomware
Date: Nov 05, 2019

View archived webinar

Ransomware has become one of the fastest-growing cyber threats faced by enterprises today, not to mention municipal governments, hospitals and schools. What are the most common ways that ransomware gets into systems, and how can you limit the possibility of infection? If you are infected, what steps should you take to mitigate the problem, and how should you deal with the perpetrators? This webinar will answer these questions and more, providing expert advice on how to stop ransomware from infecting your critical systems and data --and what to do if your defenses fail.

Building a Better IT Security Architecture for Your Enterprise
Date: Oct 23, 2019

View archived webinar

Many enterprises invest heavily in specialized cyber defense technology -- but unless they also understand the business they are trying to defend, they will continue to fall prey to attackers. How can a security department find all the business's IT assets, prioritize the business's most valuable data, and develop cybersecurity strategies to defend those assets accordingly? How can a SOC be as quick to fix vulnerabilities as it is to find them them? How can a CISO be sure that they have built a cost-effective security architecture that still meets the needs of their organization? In this webinar, attendees will learn to build an overarching security architecture that is built on a stronger foundation and better anticipates the potential threats to your organization.

Creating and Maintaining Effective Metrics for Assessing Enterprise Security
Date: Oct 15, 2019

View archived webinar

When IT security leaders speak with top management, they're typically asked two questions:

  1. How safe is the organization from cyber threats
  2. How well are enterprise defenses working

During this webinar, top experts will discuss key metrics for assessing security posture, as well as the performance of the security team. You'll learn about some useful ways to measure cybersecurity effectiveness, and how to use those metrics to demonstrate new risks as well as the ongoing performance of your security initiatives.

Cyber Resilience: How To Survive A Cyber Attack and Recover Faster
Date: Oct 10, 2019

View archived webinar

For your business to survive a security incident, it needs to get back to doing business as soon as possible --back to serving customers, cutting paychecks, and running production lines. If your organization were hit by a major incident, how badly would your operations be interrupted and how many customers would you lose for good? In this webinar, learn how to prepare today, to make your business more resilient to cyber attacks tomorrow.

Future-Proofing Your Next-Generation Firewall
Date: Oct 09, 2019

View archived webinar

The Next-Generation Firewall (NGFW) has been the cornerstone of enterprise network security for more than a decade. With the onset of digital transformation -- such as mobility, cloud computing, and software-defined networking – one might conclude that the relevance of NGFW would be waning. However, that couldn't be further from the truth.

NGFW is transforming and is becoming increasingly crucial to the success of enterprise cybersecurity programs. Not only is the NGFW providing more functionality in more places and in more form factors than ever before, but it is also enabling vital integration and orchestration capabilities to foster the holistic, best-of-breed network security architectures enterprises demand.

Attend this Dark Reading webinar and hear as Ovum Senior Analyst Eric Parizo and a special guest from Cisco Security discuss the fundamental capabilities of an emerging "new" generation of NGFW platforms, and how enterprises can benefit from the NGFW technological and market evolution.

10 Incredible Ways to Hack Email & How to Stop the Bad Guys
Date: Sep 24, 2019

View archived webinar

Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware! Join us as we explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious code to run. We will also share a special treat - a (pre-recorded) hacking demo by Kevin Mitnick. If all you were worried about were phishing attempts, think again!

How to Use Artificial Intelligence and Machine Learning to Improve Enterprise Security
Date: Sep 18, 2019

View archived webinar

Many cybersecurity vendors today use terms such as “AI” and “machine learning” to describe the capabilities of their products. But what exactly do these technologies do, and how can you implement them to improve your everyday IT security processes? In this enlightening Dark Reading webinar, a top expert will offer some useful definitions of terms, and discuss practical applications that could speed your incident response time and improve your use of IT security staff resources

AI vs. AI: The Good, the Bad and the Ugly
Date: Sep 10, 2019

View archived webinar

Think about what would happen when hackers start using the power of AI for their malicious ends? With the dissemination of AI knowledge and resources, this has become not a theoretical question of if, but when. In this webinar we’ll be drawing out the implications of this, as we explore the three possible types of attack which include:

  • AI based attacks – where malware is built on AI algorithms as an integral part of its business logic.
  • AI based attack infrastructure and frameworks – where the AI is used elsewhere in the attacker’s environment and infrastructure, for e.g. server malware creation process etc.
  • Adversarial attacks – where “malicious” AI algorithms work to subvert the functionality of “benign” AI algorithms.
Container Security: How to Protect Your Production Environment from the Threats
Date: Sep 05, 2019

View archived webinar

Many organizations are implementing “containerization” strategies in order to speed application development, make deployment more efficient, and improve scalability. But the rapid growth of containers also has opened up new doors for the bad guys, who are increasingly finding vulnerabilities in hastily created containers and taking advantage of a shortage of container security solutions.

In this Dark Reading webinar, experts offer a comprehensive look at the security flaws and vulnerabilities inherent in many container environments and offer tips and recommendations on how you can detect and remediate those issues prior to deployment – before attackers get a chance to exploit them.

Vendor ATT&CK Misdirection and How to Avoid It
Date: Aug 29, 2019

View archived webinar

Every vendor is talking about ATT&CK but do you know your execution from your exfiltration? Your persistence from privilege escalation? In this webinar, you will learn how a simple shift to an adversary-focused approach will help stop targeted threats and will evolve your security program from lean-back to lean-forward – no matter the size or maturity of your security team.

10 Emerging Threats to Enterprise Applications
Date: Aug 27, 2019

View archived webinar

Cyberattacks to today’s enterprises often begin by exploiting a new or recently discovered software vulnerability. What are some of these emerging application vulnerabilities, and how are attackers using them to crack security and expose critical business data?

In this Dark Reading webinar, application security experts offer a look at some of the latest and most potentially damaging threats to current enterprise apps, and how those threats can expose your organization to data compromise and theft. The experts also offer some practical advice on how to identify these threats and vulnerabilities in your organization – and how to secure your applications to limit the impact of an application-focused attack.

DDoS Resilience, Remediation and Recovery: Updating Your Strategy
Date: Aug 13, 2019

View archived webinar

Most organizations keep back-ups and have basic plans to protect themselves from denial of service attacks. However, most of those DDoS response strategies were long before businesses relied upon cloud services for fundamental operations, before our environments were full of IoT devices requiring network access, and long before the threat of IoT botnets. We are more reliant than ever on network access, and attackers have more powerful tools than ever to cut that access off.

So are you ready for a DDoS attack on your network -- or on your service provider’s network – or is it time to update your resilience, remediation and recovery plan? In this webinar, learn strategies that will make your business resilient against the DDoS threats of today.

The Cost of Industrial Cyber Incidents and How to Prevent Them
Date: Jul 30, 2019

View archived webinar

Cyberattacks can cause devastating business disruptions and lead to financial losses reaching hundreds of millions of dollars. The World Economic Forum’s 2019 Global Risk Report ranked cyberattacks causing disruption to operations and critical infrastructure among the top five global risks.

The increasing digital connectivity of industrial networks opens them up to cyber threats, underscoring the importance of protecting not just IT systems, but also operational technology (OT) systems. So what are these risks and how do you protect your organization from falling victim to them?

Improving Enterprise Authentication: Taming the Password Beast
Date: Jul 25, 2019

View archived webinar

Many enterprises have implemented some basic methods for managing user authentication to sensitive data, and some have even mastered the “single sign-on” problem for data access. But today’s IT environment increasingly involves a wide range of user devices and locations, including mobile equipment, cloud services, and even Internet of Things devices. In this Dark Reading webinar, top experts will discuss emerging methods for solving the authentication problem, and for building authentication strategies that go beyond the enterprise premises.

Using Network Segmentation and Microsegmentation to Improve Enterprise Defense
Date: Jul 16, 2019

View archived webinar

When an online attacker penetrates your cyber defenses, he or she may take on the guise of an authorized user, making it possible to move laterally within your IT environment to steal information without detection. One growing strategy for limiting this lateral movement is network segmentation, which can restrict access to critical systems and help limit the damage caused by an online attacker. In this Dark Reading webinar, experts discuss methods for using network segmentation and microsegmentation as part of your organization's strategy for limiting the effects of an online compromise.

COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Shane Buckley, President & Chief Operating Officer, Gigamon,  7/10/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...