Tag Archives: Security

Special Webcast: Five Keys for Successful Vulnerability Management – June 14, 2019 10:30am US/Eastern

This post was originally published on this site

Speakers: Jonathan Risto

Are you feeling overwhelmed by the vulnerabilities reports you receive from your team? You’re not alone. The increased complexity of our deployed software and networks has amplified the potential locations where vulnerabilities can be found, and thats not including our processes and people. Attackers are taking advantage of multi vectors into our organization. Our push to the cloud has increased the demands, as everything is provisioned instantly and ready for use, according to all the marketing material we receive. Being able to stay on top of, and quickly remediate, the priority issues identified in our environments takes a team larger than we are allocated, besides what we can keep staffed.

Enter SANS new class, MGT516: Managing Security Vulnerabilities: Enterprise and Cloud.

The primary goal of this course is to equip those responsible for managing the infrastructure and application vulnerabilities with strategies and solutions that overcome the challenges and stumbling blocks they may encounter. By understanding the problem and potential solutions, participants will be better prepared to meet this challenge and determine what might work for their organization.

In this webcast, we will give an overview of the MGT516 class and give a sneak peek into some of the material. By the end of this talk, you will have a good understanding of the main topics covered in the course, as well as who should attend the class.

Special Webcast: DDI data a Critical Enabler of SOAR – June 14, 2019 1:00pm US/Eastern

This post was originally published on this site

Speakers: Srikrupa Srivatsan

Constantly evolving threats and shortage of qualified cybersecurity professionals have led security teams to move to security workflow automation to meet the demands. Its not enough to have a great tool nowadays. These tools have to work better together to meet todays security challenges. Security orchestration, automation and response (SOAR) tools improve efficiency and efficacy of security operations by automating threat intel management, event monitoring and incident response processes.

One of the key sources of contextual network and threat intel data comes from infrastructure that organizations already rely on for connectivity DNS, DHCP and IPAM. This data along with timely, reliable and accurate threat intel can be used to improve scoring and investigation, assist in prioritizing incoming incidents, and can be relied upon to build automation.

Join this webinar to learn how a well architected DNS, DHCP and IPAM can power SOAR platforms to:

  • Block/unblock domains using context
  • Enrich other security tools with valuable IPAM data
  • Enhance and improve incident response with better threat intelligence

Mozilla Releases Security Update for Thunderbird

This post was originally published on this site

Original release date: June 13, 2019

Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.7.1 and apply the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.

Google Releases Security Updates for Chrome

This post was originally published on this site

Original release date: June 13, 2019

Google has released Chrome 75.0.3770.90 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker can exploit to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.

Exim Releases Security Patches

This post was originally published on this site

Original release date: June 13, 2019

Exim has released patches to address a vulnerability affecting Exim versions 4.87–4.91. A remote attacker could exploit this vulnerability to take control of an affected email server. This vulnerability was detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Exim CVE-2019-10149 page and either upgrade to Exim 4.92 or apply the necessary patches.


This product is provided subject to this Notification and this Privacy & Use policy.

FTC Releases Alert on Updating Software

This post was originally published on this site

Original release date: June 13, 2019

The Federal Trade Commission (FTC) has released an alert on keeping software up to date to help protect sensitive information such as financial and tax information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages consumers to review the FTC article and FTC’s OnGuardOnline for additional information.


This product is provided subject to this Notification and this Privacy & Use policy.

Special Webcast: Authentication: It Is All About the User Experience – June 13, 2019 3:30pm US/Eastern

This post was originally published on this site

Speakers: Matt Bromiley and Hormazd Romer

Authentication, including passwords, remains a weak link for enterprise security, despite many attempts to improve or strengthen it. Because people must authenticate themselves, effective authentication depends heavily on users, whose experience and willingness to comply often compromise security. This SANS webcast and associated new paper looks at the current state of authentication and ways to deploy a better process.

SANS senior instructor Matt Bromiley, with insights from Yubico’s Hormazd Romer, will talk about the challenges with passwords, existing authentication technologies and recent developments to improve authentication. The role of industry standards, including WebAuthn, will be addressed, along with specific recommendations to implement strong authentication that protects the organization and benefit your users.

Register now and be among the first to receive the associated white paper written by Matt Bromiley.

Special Webcast: Authentication: Its All About the User Experience – June 13, 2019 3:30pm US/Eastern

This post was originally published on this site

Speakers: Matt Bromiley and Hormazd Romer

Authentication, including passwords, remains a weak link for enterprise security, despite many attempts to improve or strengthen it. Because people must authenticate themselves, effective authentication depends heavily on users, whose experience and willingness to comply often compromise security. This SANS webcast and associated new paper looks at the current state of authentication and ways to deploy a better process.

SANS senior instructor Matt Bromiley, with insights from Yubico’s Hormazd Romer, will talk about the challenges with passwords, existing authentication technologies and recent developments to improve authentication. The role of industry standards, including WebAuthn, will be addressed, along with specific recommendations to implement strong authentication that protects the organization and benefit your users.

Register now and be among the first to receive the associated white paper written by Matt Bromiley.

Analyst Webcast: How to Build a Data Protection Strategy in AWS – June 13, 2019 1:00pm US/Eastern

This post was originally published on this site

Speakers: Dave Shackleford and David Aiken

As more organizations store sensitive data in the cloud, and as data protection regulations become more stringent, security personnel must develop a strategy to protect their assets in the AWS cloud. However, this poses many important questions, such as: How can I securely migrate data from on-premises storage volumes to AWS services, or from existing AWS services to new AWS services? What controls are needed? And what performance requirements must be met?

In this recorded webcast, SANS analyst and senior instructor Dave Shackleford will explore the controls that are critical to data security and how to scale on-premises data protection strategies to the cloud.

Attendees will learn:

  • The changes organizations must consider before storing data in and scaling data protection to the AWS cloud
  • How to use data loss prevention (DLP), encryption, access controls, user behavior analytics and data life cycle controls as integral parts of a data protection strategy
  • Key steps in scaling data protection to the AWS cloud

Register for this webinar to be among the first to receive the associated whitepaper written by cloud security expert Dave Shackleford.