OnDemand

Do you want the latest information about problems we face today in information security and the best solutions? If so, then you’ve come to the right place. All of your favorites podcast hosts here at Security Weekly also contribute their vast knowledge and experience to our webcast program. If you’ve been busy, like we all are, then you may have missed a webcast (or 3) over the past year. No worries, we are now archiving select webcasts so you can register and learn how to solve real problems faced by information security professionals today.

Check back, this page will be updated constantly with new webcasts! We are planning an entire series for the upcoming year, topics will include penetration testing, training and education, endpoint detection and response, web application security and more!

  • The State of: File Integrity Monitoring

  • Description:

    Do you need to mitigate user-based threats to privileged files from both insiders and outsiders? How do you know if sensitive files have been accessed or leaked? In this session, Paul Asadoorian and Matt Alderman discuss the history of file integrity monitoring and where is the market heading. Learn how to protect your organization’s critical files, wherever they’re stored, by alerting on malware-related registry changes, improper access of confidential files, and theft of sensitive data.

    Register and watch this webcast now!

  • Rise Above Complex Workflows: Practical Ways To Accelerate Incident Response

  • Description:

    Does your security investigation and incident response workflow "spark joy," or does it just leave you with more questions that are tough to answer? How do you improve your current data collection, tools, and workflows? In this session, ExtraHop’s VP of Cyber Security Engineering, Matt Cauthorn, will provide practical advice for how to identify areas for improvement in your incident response practice. Learn how Network Traffic Analysis can provide the visibility and data access needed to take investigations from many hours to just a few clicks.

    Register and watch this webcast now!

  • The State of: EDR (Endpoint Detection and Response)

  • Description:

    Confused by all of the endpoint security options? You are not alone! Join Lenny Zeltser, Mike Nichols, Mike Scutt, & Paul Asadoorian in an informative discussion about endpoint security. We cover the options available today for endpoint security, how to evaluate endpoint products, develop requirements and use endpoint security products effectively. If you are involved at any level with endpoint security in your organization this one is not to be missed!

    Register and watch this webcast now!

  • The State of: Security Training & Education

     

  • Description:

    Do you know what questions you should be asking to find the best training and education solutions for your field of work? Are you lost in the vast sea of certifications and degrees available in the cybersecurity field? There is an overabundance of training solutions flooding the market today, which can make the decision-making process that much harder. Paul Asadoorian sits down with Dr. Doug White, Director of the Cyber Security Program at Roger Williams University, and Adam Gordon, Edutainer and SME at ITProTV to dive into the problems they are solving and why their solutions are unique at solving these problems.

    Register and watch this webcast now!

  • The State of: Active Directory

  • Description:

    Enterprises using Active Directory (AD) are known to have significant gaps in security. When speaking to companies who are testing security infrastructure, we find that they have solutions they believe are protecting AD, but in reality they are still vulnerable. They explain methods penetration testers and adversaries alike use to pray on AD. Learn how to check your controls often and stay away from “too good to be true” and “silver bullet” solutions and adopt solutions raising the cost to the attacker.

    Register and watch this webcast now!

  • The State of: Application Security

  • Description:

    In this webcast, Paul Asadoorian is joined by Application Security Weekly's host, Keith Hoodlet, to discuss the current state of Application Security in the Enterprise. Paul & Keith kick things off with a high level discussion on the state of development at most companies today, followed by discussions with Garrett Gross from Rapid7, James Wickett from Signal Sciences, and Reid Tatoris from Distil Networks. Garrett, James, and Reid share with our audience various methods for how security professionals can leverage technologies to support and enhance development workflows in their organization through providing visibility and feedback.

    Register and watch this webcast now!

  • The State of: Indicators of Compromise & Incident Response

  • Description:

    Paul discusses The State of IoC and IR with Michael Gordover from ObserveIT, Myke Lyons from Servicenow, and Michael Clark from Rapid7. Indicator of compromise (IOC),  in computer forensics, is an artifact observed on a network or in an operating system that with high confidence indicates a computer intrusion. Typical IOCs are virus signatures and IP addresses, MD5 hashes of malware files or URLs or domain names of botnet command and control servers.

    Register and watch this webcast now!

  • Which Way Should You Shift Testing In The SDLC?

  • Description:

    Successful DevSecOps is not just shifting security left in the SDLC. Instead, it's a combination of shifting security left and right by providing key visibility and feedback into the live systems development and operations teams are building and operating so they better prioritize development and make more informed decisions.

    Register and watch this webcast now!

  • How to Analyze & Investigate Malicious JavaScript

  • Description:

    We’ll discuss locating and extracting suspicious code, de-obfuscation, and observing the payloads executing in a safe environment. You can gain valuable information from JavaScript that can then feed other investigation outputs such as YARA rules, openIOC, and other signatures.  The emphasis must be on outputs for continual detection purposes and expanding your investigation scope. We’ll help you answer the next logical question during an investigation: “Has anyone else on my network been affected?”

    Register and watch this webcast now!

  • Zero Detect Cyber Resilience: How to get Attackers to Contain Themselves

  • Description:

    Join us as we discuss how to turn Active Directory into an Intrusion Prevention System, to prevent AD reconnaissance, credential theft, and lateral movement while empowering incident response teams with near-real-time containment and threat intelligence on previously unidentified tradecraft. Containment, powered by attackers giving themselves away, of course, helps incident responders move at code speed!

    Register and watch this webcast now!

  • Tips & Tricks for Defending the Enterprise Using Open Source Tools

  • Description:

    Learn which aspects of your security program can benefit the most from these tools, and how to configure and use them. Steve Kauffman, the Technical Product Manager for LogRhythm will be demonstrating  lightweight threat intelligence: pi-hole in the cloud (+TacyonNet),  vulnerability profiling: Integration with vFeed, patching your systems with Ansible, Network monitoring with Bro, High-performance firewalls with OpnSense, and the best free training resources

    Register and watch this webcast now!

  • Phishing: There's a Sucker Born Every Minute

  • Detecting Malicious Domains

  • Description:

    Join Keith Hoodlet and Paul Asadoorian on our next Security Weekly webcast as they cover some basic tools and techniques to prime your organization for detecting malicious domains and the larger campaigns and actor groups behind them. Tim Helming of DomainTools joins them to show you how to interpret each of the many data points related to a domain. He will show you why they are relevant and what characteristics are indicative of an attacker’s infrastructure.

    Register and watch this webcast now!

  • Symphonies & Robots

  • Description:

    If you’ve ever tried to figure out how a security solution fits into your organization, then you may have been frustrated just like me. You may be aggravated that you can’t get the information that is important to you when visiting a vendor’s website, stopping by their booth at a tradeshow, or reading through some of their whitepapers. ServiceNow has security solutions that address one of the most neglected parts of security today: using automation and orchestration to focus on the critical events that may dramatically impact your business.

    Register and watch this webcast now!