Advanced Persistent Threats - Cutting Through the Hype
January 19, 2012 at 1pm ET

Advanced Persistent Threats (APTs) are one of the most talked about issues in cyber security - and the most misunderstood. Stealthy, prolonged incursions deep into critical IT systems - by deliberate adversaries - are both sensational media headlines and a critical issue at the top of Federal agendas.

From recent U.S. Intelligence reports that detail nation-state sponsored espionage, to the Operation Shady RAT and Duqu attacks, the U.S. is carefully evaluating the state of advanced attacks and even adapting policy to encompass the use of offensive cyberattacks in response to external threats.

Critical Control System Vulnerabilities Demonstrated - And What to Do About Them
November 2, 2011 at 1pm ET

Control systems are embedded in most industries to automate the production, delivery and safe storage of the food and drinks we consume, the transportation we take, the chemicals we process, and the energy we utilize. These systems, some of which are being connected directly to the Internet, are increasingly vulnerable to cyber threats. In all, the U.S. government has identified 17 sectors relying on control systems as critical to the national infrastructure. Of the 17 critical sectors, 16 of these rely on the safe operations and availability of control systems.

Monitoring and Securing SCADA Networks
October 20, 2011 at 2pm ET

SCADA networks are just different. Compared to enterprise IT networks, they have different security objectives, most of the endpoint actors are machines rather than people, their incidents can have immediate physical consequences, and they are more likely to be targeted by hostile actors such as terrorists. Moreover, SCADA networks must operate at speeds and low latencies that enterprise networks can only covet.

Join leading energy analyst Bob Lockhart from Pike Research and critical infrastructure cyber security expert Eric Knapp to learn what needs to be done to effectively monitor and secure SCADA and ICS networks. This webcast will separate fact from fiction in the growing field of industrial control systems cyber security.

Security Management 2.0: Time to Replace Your SIEM?
September 22, 2011 at 1pm ET

The reality is that many organizations have spent millions and years trying to get productivity out of their SIEM - with mediocre results. Most security teams need to start asking themselves some key questions: Is it time? Are you waving the white flag? Has your SIEM failed to perform to expectations despite your significant investment? If you are questioning whether your existing product can get the job done, you are not alone.

Actionable Intelligence from Advanced SIEM Systems
Wednesday, July 20, 2011 at 2:00 pm ET

To make better, faster security decisions for your organization, you need better information faster. Capturing the existing network event, log and flow data already provided by your infrastructure with a Security Information and Event Monitoring (SIEM) solution is the first key step to better information and intelligence.

However real-time access to and analysis of the mountain of data SIEMs collect is needed for SIEMs to be effective threat detection and incident response tools. Detecting data breaches, insider leaks and persistent attacks means performing multiple, in-depth data dives in seconds or minutes, not hours or days.

Database Monitoring & SIEM — Beyond Compliance to Data Breach and Fraud Detection
Thursday, June 23 at 2:00 PM ET

Database Activity Monitoring is a key requirement of many compliance mandates - monitoring and logging all database activity to ensure that sensitive data is being access appropriately, and by the right people. But when DAM and SIEM are integrated, the combination provides valuable context that can be used to actively protect your network from data loss and fraud. Learn how an integrated, high performance SIEM & DAM solution both addresses compliance needs and helps detect insider threat and external attacks.

Tool Talk Webcast: Moving Past the Hype: SIEM Best Practices for Daily Security Operations
Wednesday, May 25 at 1:00 PM ET

We've all heard the claims, but can you really use a SIEM to detect and respond to real time threats? What are the indications that an advanced attack or insider breach is underway, or about to occur? Learn both best practices and pitfalls to avoid and see first-hand how a content aware SIEM can detect threat activity, investigate incidents and get to the root cause quickly.

Learn must-have SIEM skills and understand how threat detection and incident response is possible using the NitroView Enterprise Security Manager.

Detecting Advanced Threats with New Risk Score Correlation and SIEM
Wednesday, May 4, 2011 2:00 pm ET

Sophisticated malware and determined insiders present dual challenges for IT security teams. Insiders understand internal policies and operate “within the rules,” while advanced malware’s persistence and stealth can evade most detection technologies.

New Risk Score Correlation running on a high performance SIEM can continuously monitor and quantify network activity in real time to uncover potential risks and threats. It helps detect suspicious activity levels associated with users and assets that represent the most significant business risks and alert analysts when closer inspection is needed. Risk Score Correlation complements current rule-based correlation engines to make threat detection more comprehensive, effective and efficient.

Securing ePHI with Effective Database Activity Monitoring
Tuesday, April 26, 2011 2:00 pm ET

Electronic patient health information can be widely distributed throughout multiple databases within a provider’s IT infrastructure.

Monitoring and logging all database activity to ensure that sensitive data is being accessed appropriately, and by the right people, is critical to preventing costly and embarrassing data breaches and meeting HIPAA/HITECH compliance requirements.

Detecting Advanced Threats and Malware with SIEM
Tuesday, April 12, 2011 2:00pm ET

While many organizations have deployed security information and event management (SIEM) solution to meet regulatory compliance requirements, high performance SIEM solutions can do much more. By correlating events, logs, and network flows SIEMs can uncover a range of diverse &low and slow" attacks. With threats moving rapidly "up the stack," content aware SIEMs can integrate database session and application layer data to detect dangerous botnets, hidden payloads and covert communications channels.

3 Key Factors Driving Effective ePHI Monitoring
Thursday, March 24, 2011 2:00pm ET

Monitoring and auditing healthcare provider systems that store, manipulate or transmit electronic patient health information is becoming significantly more important.

The interim Breach Notification Rule that came out in late 2009 increased the need to be able to accurately identify who had accessed information involved in a breach. In 2010 Meaningful Use made it mandatory for systems certified as EHR to have the necessary functionality to create an audit trail of access to patient data to include viewing. In 2011 Accounting for Disclosures, due out in the next 60-90 days, will add to the specificity of exactly what needs to be monitored and reported when a patient requests an accounting of who has seen their record.

The trend is to become more precise, more specific and more efficient in what is monitored and reported. Advanced technologies like Security Information and Event Management (SIEM) solutions are key to automating the processes that enable compliance with these increasingly stringent regulations.

SC eConference: PCI compliance that makes systems secure
Tuesday, March 22 & 23, 2011 11:00am - 3:00pm ET

Meeting the many demands noted in the PCI Data Security Standard is no small feat, as many information security pros well know. And while there are many who claim they’re in line with these industry regulations, they find themselves still getting victimized by cybercriminals. Complying with PCI also can lead to strong security of critical data. However, companies must be vigilant and understand systems constantly change. Experts will provide important insights to how they are reaching a PCI-compliant state that also goes the distance in safeguarding the crown jewels.

Situational Awareness in Industrial Networks
An Early Warning System for Energy, Chemical, Nuclear and Other Industrial Systems
Tuesday, February 22 at 1:00 PM ET

Network behavior and security events can be measured and analyzed to indicate errors, anomalies and threats to our information infrastructure. Industrial processes can also be measured analyzed for availability, performance and quality. What happens when you correlate both metrics together? You achieve an early warning system that exceeds the capabilities of firewalls and intrusion detection systems, providing the situational awareness required to protect critical industrial processes.

Proactive Compliance for PCI-DSS 2.0
Friday, February 11 at 1:00 PM EST

Current compliance methods are reactive and do little to improve security. In place of annual audits and document-heavy processes, a new, Proactive Compliance model makes compliance an element of normal information security operations. Proactive Compliance is an extension of the real-time data gathering, assessment and remediation practices of the Security Operations Center. Compliance is managed day to day and minute to minute, providing clear visibility of compliance posture at any given time. Efficiency is increased, costs are reduced and the annual audit becomes a simple formality. In this presentation we'll cover the requirements, capabilities and benefits of this new compliance model.

The trusted insider threat - Lessons learned from WikiLeaks
Wednesday, January 19, 2011 at 2:00 p.m. ET/11:00 a.m. PT

On-Demand Webcast

Protecting against and detecting potential data leakage is at the heart of the WikiLeaks controversy. However there is no "one size fits all" solution. It must be addressed at multiple levels with collaborating technologies, including SIEM, database monitoring and application monitoring, to provide the most complete prevention and detection strategy possible

Join Jeremy Conway, senior security analyst, NitroSecurity to understand the lessons learned from WikiLeaks and the strategies and technologies available today that can best address this multi-layered threat.

Tool Talk Webcast: Detect Data Loss and Fraud with Application Monitoring and SIEM
December 15 at 1:00 PM EDT

On-Demand Webcast

Every day sensitive information is leaving organizations inside email attachments, file transfers, instant messages, social media and web posts. Confidential data is being altered - whether by a disgruntled employee, or by an outsider using compromised user credentials. Current technologies, like DLP, can be difficult to implement. What other tools are available to under attack security analysts?

Why SIEM should be on your 2011 short list
November 30, 2010 at 2pm ET

On-Demand Webcast

At the onset of 2011, information security is in a rapid state of change. The threat landscape grows more pervasive and sophisticated each day with new attacks targeting applications, zero-day vulnerabilities, and even industrial control systems. At the same time, IT infrastructure is also in the midst of a dynamic shift through the use of mobile devices, virtual infrastructure and cloud computing.

Regain the Advantage with Content Aware SIEM

On-Demand Webcast

Securing today's enterprises and meeting compliance requirements are dual challenges faced by every IT security team. Targeted attacks are happening more frequently, as new exploits are discovered, 'weaponized', and distributed to the world within hours. Compliance audits take too long as security teams rely on manual processes to compile mountains of data and generate required reports.

Detecting Advanced Threats and Malware with SIEM
October 28, 2010 2:00 p.m. ET

On-Demand Webcast

While many organizations have deployed security information and event management (SIEM) solution to meet regulatory compliance requirements, high performance SIEM solutions can do much more. By correlating events, logs, and network flows SIEMs can uncover a range of diverse "low and slow" attacks. With threats moving rapidly "up the stack," content aware SIEMs can integrate database session and application layer data to detect dangerous botnets, hidden payloads and covert communications channels.

Detecting Data Leakage and Cyber Threats to PHI with Security Information Management
October 21, 2010 3pm ET

On-Demand Webcast

As healthcare entities address increasing compliance requirements and implement electronic health record systems, the relentless risk of data leakage and cyber threats becomes even more challenging. Protected Health Information (PHI) is vulnerable to both insider actions and outsider threats. Audit, HR, and Compliance departments all require better and more timely information to meet the numerous investigative, audit and policy mandates. The reputational and financial impacts for failed compliance can have a seven figure impact and become major media events. Instant and ubiquitous access to patient information means risks come faster and have greater potential for having a negative impact which in turn means organizations require controls capable of meeting these risks head on.

Building a Better Bunker: Securing Energy Control Systems
Against Terrorists and Cyberwarriors
October 19, 2010 1:00 PM EDT

On-Demand Webcast

Power is the basis for almost every critical service known to society. Yet, as energy providers move to more open, public-facing Smart Grid technologies, the integrated fabric of our most critical infrastructure is already falling under attack. Worms like Stuxnet are targeting physical control systems, fingers were pointed to blue screen of death during the Gulf Oil Crisis, and other instances of attacks against energy control systems are emerging. In such an environment, one need not go deep to wreak havoc: a simple DDoS attack could shut down an entire region or town, including life-saving air conditioners, ventilators and emergency services’ ability to respond.

Keys to Selecting SIEM & Log Management
September 21, 2010 2pm ET

On-Demand Webcast

Securing today's networks and meeting compliance requirements are dual challenges faced by every IT team. Bad things are happening much faster, as new exploits are discovered, 'weaponized', and distributed to the world within hours. Compliance audits take too long and security teams never look as good as they should, because they generally can't prove what they are doing.

The Emergence of Content Aware SIEM
July 27, 1pm ET

On-Demand Webcast

Content Aware SIEM is a new generation of Security Information and Event Management (SIEM) solutions that now have visibility into network flows, database sessions and application layer data and can combat insider threats, data loss, fraud and advanced persistent threats.

Detecting Dangerous PDFs and Application Layer Threats
July 22, 2pm ET

On-Demand Webcast

Malware making use of PDF files is one of many complex threats that are “moving up the stack” to exploit vulnerabilities at the application and session layers. Visibility into the contents of applications, documents and protocols is needed to capture critical data to detect and remediate these advanced threats.

NERC CIP Best Practices Series -- Part 2 of 2 - June 24, 2pm ET

On-Demand Webcast

In the second installment of our NERC CIP "Best Practices" webcast series, we'll cover how the security and event logs collected as part of your cyber defenses (covered in part 1) can be leveraged for your compliance efforts.

Automating Compliance and Security with SIEM at the Bank of China June 23, 10am ET

On-Demand Webcast

Faced with ever increasing compliance requirements and relentless cyber threats and attacks, the Bank of China in New York needed to automate network security to make its IT staff more effective and efficient.

NERC CIP Best Practices Series -- Part 1 of 2 - June 22, 2pm ET

On-Demand Webcast

In the first installment of our NERC CIP "Best Practices" webcast series, we'll be discussing the challenges faced in securing industrial control systems.

NERC CIP compliance is intended to assure that control systems are adequately secured against cyber attacks. However, adequately protecting SCADA and DCS environments can prove challenging. This webcast will focus on what point security and monitoring products are available for control system "defense in depth", when they should be used, and why.

Detecting Dangerous PDFs and Application Layer Threats - May 25, 2010

On-Demand Webcast

Malware making use of PDF files is one of many complex threats that are "moving up the stack" to exploit vulnerabilities at the application and session layers. Visibility into the contents of applications, documents and protocols is needed to capture critical data to detect and remediate these advanced threats.

Making log data actionable through SIEM integration
April 29, 2pm ET

On-Demand Webcast

Log data collected to meet compliance requirements can be used to increase security as well. If effectively combined with event, activity and flow data, logs contribute to effective threat detection and incident response. A deeply integrated, high performance SIEM and log management solution is required to provide the real-time correlation and analysis needed to make log data actionable.

Automating Security & Compliance with SIEM at Dallas-Fort Worth Hospital Council
April 8, 2010

On-Demand Webcast

Relentless cyber-threats and increasing compliance requirements can overwhelm the existing processes used by hospital IT staffs. New security information and event management (SIEM) solutions automate threat detection, enable rapid incident response and simplify compliance reporting.

Database Monitoring — Beyond Compliance to Proactive Information Protection
April 7, 2010

On-Demand Webcast

Database Activity Monitoring plays an important part in various regulatory compliance mandates, by monitoring and logging all database activity to ensure that sensitive data is being access appropriately, and by the right people. But DAM can also play a vital role in incident response processes. When tightly integrated within an enterprise security management platform, database monitoring provides valuable context that can be used to actively protect your network from data loss and fraud.