Top Cyber Security Trends for 2016
Presented by Amichai Shulman, CTO and co-founder, Imperva
With mega-breaches like Anthem, OPM, IRS, Ashley Madison, UCLA Health and TalkTalk all within the past 12 months, chances are your data has been targeted. What does this mean for 2016? Join Imperva CTO and co-founder, Amichai Shulman, as he reveals the top trends that will impact cyber security practices across the globe.
Watch this webinar and learn:
- Why cyber attacks continue to increase in sophistication, magnitude and velocity
- What trends will have the largest and smallest impact on cyber security in 2016
- Why cloud-based apps and the Internet of Things have transformed cyber security
- How you can protect your organization from attacks from the inside
Database Surveillance and Protection: 3 Ways to Stop Hackers
Data thieves are opportunistic, looking for unprotected databases in the forgotten digital corners of your company. They are content to steal any data that lies within easy reach.
Large companies are especially vulnerable. With hundreds or even thousands of databases spread throughout business units and across multiple geographies, it is only a matter of time until your unprotected data is accessed and stolen.
Fortunately, it doesn’t have to be complicated, tedious or expensive to protect all of your sensitive data with a database monitoring solution. The right database monitoring solution can also provide visibility into data usage and simplify compliance audits.
Join us for this webinar to learn:
- Benefits of database monitoring over native audit tools
- Factors to consider before investing in database audit and protection
- 3 specific ways to leverage database monitoring for improved security
The State of Application Security: Hackers On Steroids
Presented by Itsik Mantin, Director of Security Research, Imperva
Organizations of all sizes face a universal security threat from today’s organized hacking industry. Why? Hackers have decreased costs and expanded their reach with tools and technologies that allow for automated attacks against Web applications.
This webinar will detail key insights from the Imperva Defense Center annual Web Application Attack Report. Attend this webinar for an in-depth view of the threat landscape for the year. We will:
- Discuss hacking trends and shifts
- Provide breach analysis by geography, industry, and attack type
- Detail next steps for improved security controls and risk management processes
Database Monitoring: First and Last Line of Defense
Presented by Cheryl O’Neill, Director of Product Marketing, Imperva
In the battle to defend your data you have an edge over the hacker that can prevent or minimize the damage of a database breach. You have the advantage of operating within your own environment and can deploy automated surveillance capabilities to watch sensitive data. When a hacker breaches the firewall or compromises a privileged user they are beyond the reach of most security measures. Only a data centric solution that directly monitors data access will be able to spot and stop the abnormal activity.
Join us to learn how SecureSphere data protection solutions can help you improve your security profile and protect your company against a database breach.
Why Network and Endpoint Security Isn’t Enough
Presented by Cheryl O'Neill, Dir. Product Marketing, Database Security, Imperva | Narayan Makaram, Dir. Product Marketing, Web Application Security, Imperva
The rise in high-profile breaches demonstrates that traditional security defenses are no longer enough. Endpoint and network security cannot defend against sophisticated attacks or compromised insiders.
View this webinar and learn:
- Why traditional security measures fail to stop web attacks and data breaches
- How modernized best practices safeguard against web application attacks
- What strategies enable scalable data protection and simplified audits
How to Balance Ecommerce Security with Performance
Presented by Nabeel Hasan Saeed, Product Marketing Manager, Imperva Incapsula | Ryan McElrath, Chief Technology Officer, American Eagle | Armando Roggio, Senior Editor, Practical Ecommerce
Cyber criminals’ ability to attack and penetrate ecommerce sites has never been more sophisticated. The threats merchants face today include automated bot access, malware injections, DDoS attacks, and many more. How can you protect your ecommerce site? Can all threats be prevented? And how will prevention measures affect your site’s performance and the experience of your customers?
Attend this webinar and learn:
- What threats ecommerce providers face
- Why traditional protection measures affect website performance
- How to protect your website without compromising performance
Stop Account Takeover Attacks, Right in their Tracks
Presented by Narayan Makaram, Director Product Marketing, Web Application Security, Imperva
During every hour of every day, cyber criminals silently bypass traditional perimeter controls. They use millions of stolen user credentials to takeover Web application accounts, access sensitive applications, steal confidential data, and conduct fraudulent transactions. According to the latest Verizon DBIR report, over 50% of Web application attacks launched by organized crime in 2014 involved stolen credentials.
View this webinar to learn why real-time threat intelligence is the key to preventing Web account takeover attacks. We will discuss:
- The anatomy of an account takeover attack
- Best practices to protect Web applications
- The need for real-time threat intelligence
BrightTalk Incident Response and Data Protection Summit: Sophisticated Incident Response Requires Sophisticated Activity Monitoring
Presented by Mike Sanders, Principal SE and Team Lead, Imperva | Bryan Orme, Principal, GuidePoint Security
Are you prepared for a data breach? Are you confident you will find a breach in a timely manner? Facts are over 70% of businesses report a security breach and 75% of breaches are undetected for days or even months. Once discovered, incident response teams are under extreme pressure to close the breach, figure out what happened, what was lost, and calculate the risk. Organizations need a sophisticated incident response plan.
Attend this webinar and learn how to:
- Discover sensitive data, risk, and vulnerabilities
- Detect and block cyber security events
- Investigate incidents and automate remediation
- Demonstrate consistent policy application across all sensitive data
BrightTalk Incident Response and Data Protection Summit: 10 Audit Trail Tips for Better Data Security
Presented by Mike Sanders, Principal SE and Team Lead, Imperva
Every day, hackers unleash massive attack campaigns designed to steal confidential data. Database servers are the primary targets of most of these breaches. Understanding how to effectively monitor databases can prevent data loss, significantly reduce the time to discover the risk, and minimize the damage.
Attend this webinar and learn how to:
- Detect and block cyber security events
- Identify sensitive data, risks, and vulnerabilities
- Automate risk remediation
- Ensure consistent and complete compliance
You will leave this session with tips on how to add an effective database audit and protection plan to your data security and compliance program.
Database Security, Better Audits, Lower Costs
Presented by Terry Ray, Chief Product Strategist, Imperva | Cheryl O’Neill, Director Product Marketing, Database Security, Imperva
The complexity of implementing and maintaining IBM Guardium or a native audit solution within an enterprise environment can quickly run into trouble. Escalating costs, manularity, and gaps in coverage put your company at risk of a failed audit or data breach. This webinar will share the experiences of Imperva customers who have moved from native audit or Guardium to Imperva SecureSphere for database audit and protection (DAP).
Attendees will leave with an understanding of:
- Security and compliance factors that organizations should consider
- The methods of deployment within an enterprise environment
- The monetary and human costs associated with each DAP architecture
BrightTalk Hackers and Threats Summit: Extend Enterprise Application-level Security to Your AWS Environment
Presented by Chris Grove, Director of Solution Architecture, Imperva | Matt Yanchyshyn, Senior, Manager of Solutions Architecture, AWS
When organizations shift to a public cloud environment, security and compliance must remain top of mind. While Amazon Web Services (AWS) provides robust infrastructure-level protections, today’s attackers target the applications themselves.
This webinar will:
- Discuss inherent AWS security capabilities
- Review attack types that target the applications and why traditional security approaches can’t stop them
- Illustrate how Imperva SecureSphere for AWS stops these attacks and enables you to use the security infrastructure in the cloud and on-premise
Securing Access and Protecting Your Data in Office 365
Presented by Orin Thomas, Contributing Editor, Windows IT Pro | Norv Leong, Senior Director of Product Marketing, Imperva Skyfence
The rapid adoption of Office 365 has turned the spotlight on securing access and protecting sensitive corporate data that’s residing in the cloud. Coupled with the proliferation of mobile devices and BYOD in general, IT organizations that adopt Office 365 are now having to cope with a new breed of security challenges different from those they faced with a strictly on-premises deployment.
In this webinar, you'll learn:
- How to monitor access to ensure Office 365 services are limited to authorized users and approved devices
- How to protect against threats, such as Office 365 account hijacks
- How to protect against the leakage of sensitive data through Outlook, OneDrive for Business, and SharePoint Online
BrightTalk Hackers and Threats Summit: An Inside Look at a Sophisticated, Multi-vector DDoS Attack
Presented by Orion Cassetto, Director Product Marketing, Imperva Incapsula
This webinar will explore the current DDoS attack landscape, it will cover the basics of DDoS attacks, current trends including the most recent results from the newly published 2015 Imperva Incapsula DDoS Report. We will also discuss a detailed analysis of one of today’s modern, multi-vector DDoS attacks. While dissecting this DDoS attack, the talk will explore the anatomy and timeline of the attack, as well as the steps used to mitigate each phase of the assault. This session will close with a review of the aspects of effective DDoS protection solutions used to combat these sophisticated denial of service attacks.
Remediate before it's too late - Stop intruders from exploiting holes in your web apps.
Presented by Illena Armstrong, VP, Editorial, SC Magazine and Mark Kraynak, Chief Product Officer, Imperva
With mega breaches coming one right after another, many industry players have registered both disbelief and awe at the sheer numbers of individual credentials stolen. For instance, last year Russian hackers called CyberVor were able to pilfer 4.5 billion unique records, the majority of which were credentials such as IDs and passwords. Reportedly, the thieves took advantage of pre-existing holes in website code to launch SQL injection attacks to prompt web apps to execute malicious commands. In this instance, about 400,000 sites were vulnerable to the assault. But this is just one type of offensive cybercriminals enlist by exploiting well-known and sometimes long-standing vulnerabilities in applications on which companies rely -- even though there are readily available mitigations for them. So what can organizations do to take care of the myriad holes on which online thieves seem to rely? We review some of the more common attacks used by cybercriminal rings, and identify the techniques and over-arching best practices to block them.
How a Low Risk Cloud App Can Become a Big Threat
Presented by Norv Leong, Sr. Director Product Marketing, Imperva Skyfence
Can you identify which ex-employees have access to your cloud data? Would you like to benchmark your cloud app security settings against best practices or compliance standards like PCI, HIPAA and others?
Most organizations are aware of the dangers presented by unauthorized, high-risk cloud apps. But what about your authorized apps like Office 365, Salesforce, Google Apps and Amazon Web Services? Your specific users and implementations are invaluable in assessing the true risk for your company. Listen to this on-demand webinar and learn about contextual risk factors and approaches that can:
- Enable you to see how your cloud environment stacks up against industry best practices
- Mitigate threats from previously authorized users
- Identify ex-employees and unauthorized users with access to your cloud apps
- Simplify risk remediation and policy administration
5 Cyber Security Predictions for 2015
Presented by Anthony Bettencourt, President & CEO, Imperva | Mark Kraynak, Chief Product Officer, Imperva
We’ve combined the data collected from our products with the insights gathered from our customers to come up with some meaningful commentary and helpful guidance for 2015. Check out our predictions for the year ahead and make sure you’re ready.
Anatomy of the Compromised Insider
Presented by Terry Ray, Chief Product Strategist, Imperva
Statistics show that organizations face an ever increasing threat from compromised insiders. These trusted end users routinely have their endpoint security tested by malware and viruses.
Industry analysts are now questioning the current and future capability of anti-virus and anti-malware solutions to mitigate these insider threats. There have been numerous high profile events over the past two years to demonstrate the problems of prioritizing security at the end-point. This webinar will:
- Walk through the process of identifying targets for infection
- Expose tools used to infect and exploit the compromised end-point
- Provide recommendations to mitigate the effects of compromised insiders and data theft
- Download Slides
The Anatomy of Comment Spam
Presented by Shelly Hershkovitz, Security Research Engineer, Imperva
Comment spammers are most often motivated by search engine optimization for the purposes of advertisement, click fraud, and malware distribution. By spamming multiple targets over a long period of time, spammers are able to gain profit, and do harm.
Comment spam attacks can cripple a website, impacting uptime, and compromise the user experience. Quickly identifying the source of an attack can greatly limit the attack’s effectiveness and minimize its impact on your website. This webinar will:
- Present an attack from both points of views – the attacker's and the victim’s
- Identify tools utilized by comment spam attackers
- Discuss mitigation techniques to stop comment spam in its early stages
- Download Slides
Hacking Encounters of the 3rd Kind
Presented by Barry Shteiman, Director of Security Strategy, Imperva
As the software world evolves, more and more companies rely on 3rd party applications and software components as part of their infrastructure. However, this approach does not come without risks.
The implementation of 3rd party applications has its advantages, chief among them shortened development time frames and increased software maturity. Despite these obvious benefits, organizations must remain aware of potential security implications. This webinar will:
- Explain how 3rd party software vulnerabilities might lead to a data breach
- Deliver examples of incidents and how they occur
- Discuss the effectiveness of patching
- Download Slides
Preparing for the Imminent Terabit DDoS Attack
Presented by Orion Cassetto, Sr. Product Marketing Manager, Incapsula
With the rapid growth of volumetric DDoS threats, even the largest networks, equipped with carrier grade hardware and with huge amounts of bandwidth at their disposal, are at risk of being taken down by a large DDoS attack.
Volumetric DDoS threats are leading many financial institutions, service providers, and other large organizations on a search for solutions that can scale DDoS protection beyond their existing network capabilities, and into the Terabit level. Attend this webinar to learn about:
- Expected trends in the evolving DDoS landscape over the next 12-36 months
- Important considerations when selecting your DDoS protection technology
- How to prepare your organization to detect and respond to a DDoS attack
- Download Slides
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Presented by Terry Ray, VP of Global Security Engineering, Imperva
As noted in the 2014 Verizon Data Breach report, “Web applications remain the proverbial punching bag of the internet.” Today’s hackers ruthlessly target Common Vulnerabilities and Exposures (CVEs) to launch multi-site attacks that take control of Web servers and allow their perpetrators to flee with valuable data assets.
HeartBleed stands as the most notorious example of a known vulnerability attack, but with a CVE database running in the thousands, attackers have ample opportunity to profit from unsecure Web applications.
Join us to learn more about the vulnerability landscape and the steps your organization can take to protect yourself against these known vulnerabilities. This webinar will:
- Discuss the latest data breach stats to identify where the most dangerous attacks are coming from
- Explore the attack perpetrators and reveal how they’re being successful
- Present the anatomy of a HeartBleed attack
- Provide mitigation techniques to protect against known vulnerabilities
CUSRF | It's Pronounced "See You Surf" and It's Dangerous
Presented by Amichai Shulman, CTO, Imperva
Cross USer Request Forgery (CUSRF: pronounced "See You Surf") is a new and emerging type of Cross-Site Request Forgery (CSRF) attack that affects users of collaboration platforms and applications, such as LinkedIn and Google Docs.
CUSRF exploits vulnerabilities in social networks to reveal a victim's true identity. Due to special technical characteristics of CUSRF attacks, most traditional counter-measures are irrelevant to the attack's mitigation. This webinar will:
- Give a brief intro of CSRF
- Examine the anatomy of a CUSRF attack, with examples
- Discuss mitigation techniques for both consumers and platform providers
CMS Hacking 101
Presented by Barry Shteiman, Sr. Security Strategist, Imperva
With the rise of blogs, forums, online magazines, e-commerce, and corporate websites, many organizations are turning to Content Management Systems (CMS), such as Joomla or SharePoint, to create rich websites. CMSs simplify website delivery - but they also expose your organization to a new set of vulnerabilities.
Join Barry Shteiman, Imperva Sr. Security Strategist, to see how malicious hackers exploit vulnerabilities found in popular Content Management Systems to systematically identify and attack unsuspecting organizations. This webinar explores:
- What a CMS based site is and examples of recent CMS originated hacks
- Trends in automated CMS hacking
- How to secure your website against vulnerabilities found in CMS systems
4 Security Guidelines for SharePoint Governance
Presented by Carrie MacDaniel, File Security Team, Imperva
82% percent of organizations use SharePoint to store secure content. Over half worry that their deployments do not meet security or compliance requirements. This sentiment is indicative of the growing concern among organizations that their SharePoint deployments are a security disaster waiting to happen.
SharePoint governance can seem like a daunting task and leave many organizations wondering where to start. This webinar provides a four step program for establishing SharePoint governance and security.This webinar will:
- Identify drivers for governance, including regulatory compliance, Web attack protection, and data security
- Provide four steps for securing SharePoint through governance efforts
- Outline a risk-based approach for aligning priorities and investments