OnDemand

Do you want the latest information about problems we face today in information security and the best solutions? If so, then you’ve come to the right place. All of your favorites podcast hosts here at Security Weekly also contribute their vast knowledge and experience to our webcast program. If you’ve been busy, like we all are, then you may have missed a webcast (or 3) over the past year. No worries, we are now archiving select webcasts so you can register and learn how to solve real problems faced by information security professionals today.

Check back, this page will be updated constantly with new webcasts! We are planning an entire series for the upcoming year, topics will include penetration testing, training and education, endpoint detection and response, web application security and more!

  • What Security Products do you Need in the Cloud?

  • Description:

    Stephen Smith and Jeff Braucher from LogRhythm, will discuss the migration of security services/products to the cloud, including topics such as:

    – What products should be heading for the cloud
    – Thoughts on cloud service providers entering the security market
    – Benefits/disadvantages to SaaS security products…Read more!

    Register and watch this webcast now!

  • Orchestrating Application Security to Empower Security Operations Teams

  • Aligning Skills and Tools to Build an Effective Security Program

  • Description:

    With an ever-increasing security skills gap, how should organizations invest to maximize their people, process, and technology budgets? Each organization needs to prioritize its investments based on their current situation and maturity. Ian McShane, VP of Product Marketing from Endgame, will discuss effective succession planning for inevitable employee turnover…Read more!

    Register and watch this webcast now!

  • Closing the Cybersecurity Workforce Gap

  • Description:

    We know there are many job openings in cybersecurity today. We struggle to find the right people for the right job. But who are the right people? What are the right jobs? Whether you are hiring or pursuing a career in information security join this webcast for our take on how to build the right skills and acquire the right talent in cybersecurity today! Our friends at (ISC)² have compiled the most comprehensive study we’ve seen on this topic….Read more!

    Register and watch this webcast now!

  • Evaluating Security Vendors without Losing Your Mind

  • Description:

    Trying to figure out which security solutions work for you is a frustrating process. Getting your organization to agree on goals and expected outcomes, trying to understand what all the different vendor products ACTUALLY do, and testing the solution in some capacity is a daunting process. Many get lost somewhere along the way, and either end up with the wrong solution, not using what has been purchased, or not implementing anything at all!….Read more!

    Register and watch this webcast now!

  • Security Forensics & Threat Hunting - Uncovering Actionable Events

  • Description

    In this webcast, we will cover ways to discover malicious activity in your network. While there are many sources of information, the network remains one of the most reliable as, at some point, attacks must use the network to communicate. Paul Asadoorian and Matt Alderman will provide an overview of analyzing DNS events and other sources to discover subtle attacks against your infrastructure…Read more!

    Register and watch this webcast now!

  • Automating Secure Configuration at Scale

  • Description:

    DevOps is changing the way we deploy Infrastructure. Just like applications, infrastructure is now deployed as code, as pre-configured templates. Paul Asadoorian and Matt Alderman will discuss the challenges of measuring and maintaining the secure configuration of infrastructure that is now delivered as code…Read more!

    Register and watch this webcast now!

  • Tools & Techniques for False Positive Analysis

  • Description:

    For blue teams and network defenders, false positives are a common challenge, and often result in alert fatigue. A consequence of alert fatigue, according to a study conducted by Cloud Security Alliance, is that 31.9% of IT security professionals ignore alerts. Paul Asadoorian and Matt Alderman will discuss the challenges of alert overload, false positives, and the strain it places on security …Read more!

    Register and watch this webcast now!

  • Aligning Security Solutions/Capabilities with the MITRE ATT&CK Framework

  • Description:

    The MITRE ATT&CK framework is quickly becoming a focal point in the security world and for good reason. This framework provides a consistent, industry-wide standard on which you can assess the effectiveness of your security monitoring and alerting capabilities…Read more!

    Register and watch this webcast now!

  • Unify Security with Unified IT Management

  • Description:

    Security is a broad, complex topic with many different facets. And, of course, security is top of mind for many IT teams.
    Automating software patch management to remediate vulnerabilities, Automating the deployment and management of antivirus and anti-malware software, and more!

    Register and watch this webcast now!

  • The Insider’s Motive: Defending Against the 7 Most Common Insider Threats

  • Description:

    Insiders have something outside threat actors never will: trust. Paul Asadoorian and Matt Alderman will discuss the challenges of insider threats, including data exfiltration. Kevin Donovan, Senior Solutions Architect from ObserveIT, will then discuss the top strategies to stop both accidental and malicious insider threats in their tracks, including:
    The top 7 most common insider threat focus areas, from accidental leaks to espionage, What motivates these insider threat actors, and more!

    Register and watch this webcast now!

  • The Intersection of IT, Security, and Risk

  • Description:

    Do you struggle identifying and measuring enterprise risk? How do you prioritize vulnerabilities and threats within your organization? In this session, Paul Asadoorian and Matt Alderman discuss the essential components needed to understand your IT assets, security posture, and potential risks. Learn how to quickly identify and prioritize security incidents, vulnerabilities, and enterprise risks and respond faster using workflows, automation, and orchestration.

    Register and watch this webcast now!

  • Integrating Threat Intelligence Into Your SOC

  • Description:

    Do you struggle with scaling human analysts to process the sheer volume of available threat data? How do you cut out laborious manual collection and get more context apart from threat feeds alone? In this session, Paul Asadoorian and Matt Alderman discuss the challenges of integrating threat feeds into your security operations center (SOC). Allan Liska, senior solutions architect at Recorded Future, will demonstrate how to contextualize threat intelligence from all data sources for faster human analysis, more effective decision-making, and smoother integration with your existing SOC processes.

    Register and watch this webcast now!

  • The State of: File Integrity Monitoring

  • Description:

    Do you need to mitigate user-based threats to privileged files from both insiders and outsiders? How do you know if sensitive files have been accessed or leaked? In this session, Paul Asadoorian and Matt Alderman discuss the history of file integrity monitoring and where is the market heading. Learn how to protect your organization’s critical files, wherever they’re stored, by alerting on malware-related registry changes, improper access of confidential files, and theft of sensitive data.

    Register and watch this webcast now!

  • Rise Above Complex Workflows: Practical Ways To Accelerate Incident Response

  • Description:

    Does your security investigation and incident response workflow “spark joy,” or does it just leave you with more questions that are tough to answer? How do you improve your current data collection, tools, and workflows? In this session, ExtraHop’s VP of Cyber Security Engineering, Matt Cauthorn, will provide practical advice for how to identify areas for improvement in your incident response practice. Learn how Network Traffic Analysis can provide the visibility and data access needed to take investigations from many hours to just a few clicks.

    Register and watch this webcast now!

  • The State of: Indicators of Compromise & Incident Response

  • Description:

    Paul discusses The State of IoC and IR with Michael Gordover from ObserveIT, Myke Lyons from Servicenow, and Michael Clark from Rapid7. Indicator of compromise (IOC),  in computer forensics, is an artifact observed on a network or in an operating system that with high confidence indicates a computer intrusion. Typical IOCs are virus signatures and IP addresses, MD5 hashes of malware files or URLs or domain names of botnet command and control servers.

    Register and watch this webcast now!

  • Which Way Should You Shift Testing In The SDLC?

  • Description:

    Successful DevSecOps is not just shifting security left in the SDLC. Instead, it’s a combination of shifting security left and right by providing key visibility and feedback into the live systems development and operations teams are building and operating so they better prioritize development and make more informed decisions.

    Register and watch this webcast now!

  • How to Analyze & Investigate Malicious JavaScript

  • Description:

    We’ll discuss locating and extracting suspicious code, de-obfuscation, and observing the payloads executing in a safe environment. You can gain valuable information from JavaScript that can then feed other investigation outputs such as YARA rules, openIOC, and other signatures.  The emphasis must be on outputs for continual detection purposes and expanding your investigation scope. We’ll help you answer the next logical question during an investigation: “Has anyone else on my network been affected?”

    Register and watch this webcast now!

  • Zero Detect Cyber Resilience: How to get Attackers to Contain Themselves

  • Description:

    Join us as we discuss how to turn Active Directory into an Intrusion Prevention System, to prevent AD reconnaissance, credential theft, and lateral movement while empowering incident response teams with near-real-time containment and threat intelligence on previously unidentified tradecraft. Containment, powered by attackers giving themselves away, of course, helps incident responders move at code speed!

    Register and watch this webcast now!

  • Tips & Tricks for Defending the Enterprise Using Open Source Tools

  • Description:

    Learn which aspects of your security program can benefit the most from these tools, and how to configure and use them. Steve Kauffman, the Technical Product Manager for LogRhythm will be demonstrating  lightweight threat intelligence: pi-hole in the cloud (+TacyonNet),  vulnerability profiling: Integration with vFeed, patching your systems with Ansible, Network monitoring with Bro, High-performance firewalls with OpnSense, and the best free training resources

    Register and watch this webcast now!

  • Phishing: There's a Sucker Born Every Minute

  • Detecting Malicious Domains

  • Description:

    Join Keith Hoodlet and Paul Asadoorian on our next Security Weekly webcast as they cover some basic tools and techniques to prime your organization for detecting malicious domains and the larger campaigns and actor groups behind them. Tim Helming of DomainTools joins them to show you how to interpret each of the many data points related to a domain. He will show you why they are relevant and what characteristics are indicative of an attacker’s infrastructure.

    Register and watch this webcast now!

  • Symphonies & Robots

  • Description:

    If you’ve ever tried to figure out how a security solution fits into your organization, then you may have been frustrated just like me. You may be aggravated that you can’t get the information that is important to you when visiting a vendor’s website, stopping by their booth at a tradeshow, or reading through some of their whitepapers. ServiceNow has security solutions that address one of the most neglected parts of security today: using automation and orchestration to focus on the critical events that may dramatically impact your business.

    Register and watch this webcast now!