Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Join a conversation about the current state of AppSec and industry trends with Chris Wysopal, Veracode CTO and co-founder, and special guest Sandy Carielli, Forrester principal analyst. We'll discuss findings from Veracode's newly released State of Software Security report and how they intersect with Forrester Technographics data for a comprehensive look at software security trends across the last 12 years. You'll learn how to leverage these trends to improve your software security program and safeguard your applications from vulnerabilities like Log4j.

The Veriato Insider Threat Program Maturity Model report was created to help security professionals assess their ability to monitor, detect, and respond to insider threats. Join Insider Threat expert, Jim Henderson from the Insider Threat Management Group, Nick Cavalancia from Techvangelism and Cyber Security Expert, Patrick Knight.

Sophisticated data theft and other covert malicious actions by Insiders can involve covering their tracks with tools to erase data, hide data or even appear to be activities other than what actually occurred.

How criminals extort businesses using RansomWare services from the DarkWeb. One of the biggest trends in technology over the last decade has been the growth of subscription-based service models or "SaaS". Instead of installing software directly in corporate environments, companies providing customers with the ability to effectively rent access to services they need without dealing with development and maintenance.

Data is currency online and on the darkweb where social security numbers sell for $1 each, debit or credit card numbers as much as $110, and passports and medical records $1,000 or more. Without deep visibility into user activity within an organization, suspicious behaviors that signal fraud may go unnoticed and insiders can profit by selling your sensitive data.

Before Covid-19, there were many reasons why employees worked remotely. For some, it was about removing distractions, and for others, it was about maintaining a healthy work-life balance. But as the world starts to reopen, companies now need to decide whether they continue to allow employees to work remotely or not. According to SHRM, 50% of companies recently surveyed, intend to keep offering a hybrid work arrangement, which means that organizations will need to find ways to monitor and manage employees while they're in the office or at home.

Threat hunting is not about detecting known threats or indicators of compromise (IoCs). It is intended to find new attacks that could have gone under the radar with any other security technology. So rather than identifying malware, ransomware or phishing, threat hunting detects hackers that do not use malware but trusted and administrative applications that execute malwareless or fileless attacks that have stolen admin credentials and are freely moving in the network.

Over the past few years, big game ransomware attacks have plagued businesses, healthcare organizations, managed service providers (MSPs) and more, but on May 10th we also saw these attacks shutdown a critical infrastructure oil pipeline. While ubiquitous, shotgun-style spammed ransomware may have dropped in volume, more sophisticated, big-game ransomware attacks targeting business has greatly increased in success and financial impact. These ransomware attacks tend to leverage more sophisticated attack techniques driven by the criminal underground delivering malware as a service. In this presentation, WatchGuard CSO Corey Nachreiner and technical security operations manager Marc Laliberte detail the Colonial Pipeline ransomware attack, and others, so you can learn from these unfortunate incidents. The talk will cover.

Join us as we discuss the findings from the latest quarterly Internet Security Report from the WatchGuard Threat Lab. Built from data collected from WatchGuard-protected networks that have opted in to sharing threat intelligence, the report highlights the latest evolutions in the cyber threat landscape including malware infections, network attacks, and malicious domains. Join CSO Corey Nachreiner and Security Operations Manager Marc Laliberte to learn some of the key findings from Q2 2021.

Threat hunting is not about detecting known threats or indicators of compromise (IoCs). It is intended to find new attacks that could have gone under the radar with any other security technology. So rather than identifying malware, ransomware or phishing, threat hunting detects hackers that do not use malware but trusted and administrative applications that execute malwareless or fileless attacks that have stolen admin credentials and are freely moving in the network.