Bob Hansmann, Sr Product Mktg Mngr/Infoblox; Brandon Dunlap, Moderator
The Domain Name System (DNS) is essentially the central nervous system of the internet—everyone needs it to work because without DNS services, digital business could come to a halt. Cybercriminals know this too, and exploit DNS services to launch their attacks while simultaneously attacking the DNS services of their targets.
Therefore, it’s not only important to protect your organization’s DNS service, but also to use the data available from DNS services to more rapidly detect and surgically block threat activity such as phishing, DNS tunneling-based data exfiltration, and ransomware.
On March 2, 2023 join Infoblox and ISC2 at 1:00 p.m. Eastern/10:00 a.m. Pacific to hear best practices for an effective DNS security architecture.
Taylor Wilkes-Pierce, Global Director of Solutions Engineering, DomainTools
Threat hunting and SOC teams find themselves in an ever-changing landscape where identifying infrastructure TTPs and adversary domains can be critical to stay ahead of attacks. Manual processes can only get you so far before you’re inundated with so much noise that the bigger picture is lost; parsing through that much data manually hinders prioritization of what’s most important and correlating relevant data points in a campaign becomes challenging.
With that said, you can increase your speed of analysis using security orchestration automation response (SOAR) platforms to help manage and better understand alerts encountered on a daily basis.
Join DomainTools and ISC2 on March 7 to discuss how to separate signal from noise and to automate complex actions and investigations with world class domain and DNS data.
Presenter: Taylor Wilkes-Pierce, Global Director of Solutions Engineering, DomainTools
Moderator: Anthony Lim, CSSLP, Director Advocate, (ISC)² Singapore Chapter
Adam Meyers, Sr. VP Intelligence/Crowdstrike; Brandon Dunlap, Moderator
The 2022 cyber threat landscape was one of persistence, increased scope, and relentless determination. As businesses began to ease pandemic-driven operating environments and adjust to geopolitical shifts—as well as growing economic hardships—adversaries supporting nation-state, eCrime, and hacktivist motivations started the year with a relentless show of effort that ultimately defined 2022.
Join CrowdStrike and (ISC)2 March 23, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific for an in-depth review of how the cyber threat landscape has evolved over the last year, including notable threats, events and trends outlined and explained in the CrowdStrike 2023 Global Threat Report.
In this session, we’ll discuss:
• The most relevant threat issues that organizations face today
• New adversaries uncovered in 2022 and their growing speed and sophistication
• Useful best practices in how you can combat the modern-day threat
Ashley 'AJ' Nurcombe, Sr Cyber Security Engineer, Brandon Dunlap, Moderator
Threat hunting is a challenge to get right, with many potential pitfalls. There are twenty different definitions for threat hunting and ten different ways to do it. Organisations vary from having zero presence in their threat hunting program to multiple full-time hunters, but unfortunately, they often miss many critical pieces. This webinar will cover the common oversights that organisations fall foul of as well as emphasising the importance of network evidence in your threat hunting framework.
On 6 April 2023 join Corelight and (ISC)2 at 1:00 p.m. BST as we cover:
• What threat hunting is (and isn’t!)
• Essential tips and techniques to be successful
• How network data should form the core of your hunting framework
Sander Vinberg, F5 Threat Researcher; Brandon Dunlap, Moderator
You can look at vulnerability risk from several angles, but which one is best?
On May 2, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific join F5 Labs and (ISC)2 as they tackle this topic. The talk will start at the tactical level, where we will review vulnerability targeting data from 2022 to better understand current attacker priorities. We will then briefly cover findings and methods from the Exploit Prediction Scoring System, an open-source vulnerability intelligence project to which F5 has recently begun contributing. The talk will conclude with a big picture view of vulnerability management, exploring F5 Labs’ collaboration with the Cyentia Institute about trends in CVE publication and their implications for the future of vulnerability management.
Reuben Koh, Director, Security Technology and Strategy, APJ, Akamai
With the rise in web applications and APIs, attacks targeting these systems continue to escalate. Cybercriminals are always on the lookout for zero-day vulnerabilities, and new threats are emerging every day. Therefore, it is imperative to stay abreast of the latest attack vectors and mitigation strategies.
In this webinar, Akamai presents its research on the top web application and API attack trends. We will share insights on the current attack trends impacting the Asia Pacific and Japan (APJ) region collectively. Our research also covers where adversaries are focusing their attacks on and what their preferred attack techniques are.
Join us for this session to understand:
- Latest web application and API attack trends in APJ
- Common attack vectors and techniques used by adversaries
- Top countries and industry verticals affected by attacks
- Recommended mitigation strategies
Presenter: Reuben Koh, Director, Security Technology and Strategy, APJ, Akamai
Moderator: Garion Kong, CISSP, CCSP, President, (ISC)² Singapore Chapter
Mike Rothman, IANS Faculty; Brandon Dunlap, Moderator
Without the proper security settings, attackers have found ways to exploit Microsoft OneDrive and Teams as primary distribution mechanisms for ransomware. In this session, on June 8, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific, IANS and (ISC)2 will discuss configurations, settings and tools to help harden M365 applications.
Attendees can expect to learn:
- Conditional access policies to enforce for “thick” endpoints
- Critical user policies and alert triggers to create for detection
- Recommended M365 service policies and Teams security settings