- Видео 261
- Просмотров 1 541 043
mWISE Conference (from Mandiant)
Добавлен 26 авг 2022
Mandiant Worldwide Information Security Exchange (mWISE) joins Google Cloud Next in 2025! Learn more: cloud.withgoogle.com/next
Supercharge Your Frontlines: Purpose-Built CTI for IR & SOC Success
This presentation outlines a framework for building a CTI team optimized to support incident response and SOC operations. Attendees will learn how to align CTI output with operational needs and integrate it into incident response and SOC processes for improved threat detection and response.
Просмотров: 121
Видео
Developing Effective SOC Capabilities using a Knowledge-Based Approach to People, Processes, Tech
Просмотров 1372 месяца назад
Existing industry tools and frameworks do not address developing effective Security Operations Center (SOC) capabilities. Our research has developed an Ontology for SOC Creation Assistance and Replication (OSCAR) to fill this gap and provide a new tool for teams developing SOC capabilities.
Improving Healthcare Incident Response in the Wake of Recent Healthcare Breaches
Просмотров 392 месяца назад
In this talk, we will discuss approaches to improve and modernize incident management programs using the NIST incident response framework as a template. This talk will focus on proposed improvements to the preparation, detection, containment, and recovery phases in the healthcare sector.
From Job Interview to Crypto Heist: How North Korea sponsored threat actor stole crypto currencies
Просмотров 1232 месяца назад
This talk sheds insights into a campaign into a crypto heist performed by a North Korean threat actor. The threat actor used social engineering, source code review and exploit the logic vulnerability to steal crypto currency worth millions of dollars.
Turning Chaos into Privileges: Processing Attacker Data with AI
Просмотров 512 месяца назад
Turning Chaos into Privileges: Processing Attacker Data with AI
The SIEM Isn't Dead: Comparing SIEMs and Data Lakes in Modern Cybersecurity
Просмотров 982 месяца назад
SIEMs may not be dead, but the SecOps landscape is evolving. This talk offers a real and honest discussion on comparing SIEMs and data lakes, leveraging AI/ML for modern SecOps, understanding the challenges and costs of migration, and selecting what's best for your organization.
Wholesome Hashes for a DNS Breakfast: How to Chew Through Adversary Automation
Просмотров 1522 месяца назад
Fuzzy hash searches across all content hosted on the open internet create unique opportunities to fingerprint malicious content and find it as it’s spun up. Minor or even major changes powered by scripts become identifying key details that can be used for defense before an attack is launched.
At the breaking point: is your email safe against ransomware and state-sponsored attacks?
Просмотров 852 месяца назад
As cyber threats become increasingly sophisticated, driven by generative AI, organizations need robust, proactive defenses. This session reveals how AI-powered collaboration tools using the principles of Zero Trust provide a critical first line of defense against email-based attacks, empowering secure work from anywhere.
Unlocking eBPF: The Future of App and Data Security
Просмотров 1542 месяца назад
Explore how eBPF revolutionizes application, API, and data security by extending Linux kernel capabilities to achieve unparalleled visibility. Seamless installation, instant adoption, and high programmability make eBPF a game changer.
Securing AI Systems: Detecting and Stopping GenAI-Enabled Threat Actors
Просмотров 592 месяца назад
Generative AI has opened new avenues for enabling cyber threat actors to conduct phishing, vulnerability research, and other abuse. After months of tracking actors attempting to abuse Google's AI systems, we will share lessons learned in how to detect and stop abuse and exploitation of AI systems.
Threat Modeling as a Fitness Function - Iteratively Improving the Security Posture of your Software
Просмотров 1022 месяца назад
Threat modeling is a tool for understanding what could go wrong in a software architecture. We often miss opportunities by threat modeling in silos without iteratively integrating with all the capabilities of our engineering and security teams. This talk details building such an iterative model.
Effective ROI: Practical Controls to Protect Against Impacts of Data Theft and Ransomware
Просмотров 862 месяца назад
Multi-faceted extortion via ransomware or data theft is a popular end goal for attackers. This presentation will focus on programmatic and technical controls that can not only protect organizations, but also demonstrate a positive return on investment by better protecting the business.
Security Controls: Stupid but Important
Просмотров 992 месяца назад
Application teams are expected to develop secure and compliant solutions, often with no well lit path to follow. We will review how Equifax’s simplified approach enables teams to meet business-critical compliance requirements, and use the compliance framework to also meet security objectives.
Rites of Passage as a CISO
Просмотров 682 месяца назад
Kevin Mandia and seasoned CISOs discuss what you need to know to be a successful CISO.
Looking Around Corners and Defending Against 'the security hotness'
Просмотров 572 месяца назад
Cyber defenders struggle to balance security and innovation. This talk offers a framework for CISOs to evaluate and integrate new technologies BEFORE the next threat or "hotness" becomes real.
Build a High Value Quantitative Risk Management Program on a Budget
Просмотров 932 месяца назад
Build a High Value Quantitative Risk Management Program on a Budget
Unmasking the Hidden Danger: The Critical Role of Insider Threat Penetration Testing
Просмотров 852 месяца назад
Unmasking the Hidden Danger: The Critical Role of Insider Threat Penetration Testing
Lessons Learned from the Summer of Supply Chain Attacks
Просмотров 622 месяца назад
Lessons Learned from the Summer of Supply Chain Attacks
I Wish I'd Known This Before We Got Sued
Просмотров 402 месяца назад
I Wish I'd Known This Before We Got Sued
The Good, the Bad, and the “What the Hell Were you Thinking': Clarifying the Rules of Engagement
Просмотров 442 месяца назад
The Good, the Bad, and the “What the Hell Were you Thinking': Clarifying the Rules of Engagement
How GenAI is Shifting the Defender Landscape
Просмотров 1123 месяца назад
How GenAI is Shifting the Defender Landscape
Leveling Up: Empowering Security Operations with AI
Просмотров 833 месяца назад
Leveling Up: Empowering Security Operations with AI
The Dark Side of Innovation: Generative AI in Cybercrime
Просмотров 1543 месяца назад
The Dark Side of Innovation: Generative AI in Cybercrime
The Data Must Flow: An Analyst-First Perspective on the Next Age for SOCs
Просмотров 1193 месяца назад
The Data Must Flow: An Analyst-First Perspective on the Next Age for SOCs
Secure Remote Identity Verification in the Era of Generative AI
Просмотров 583 месяца назад
Secure Remote Identity Verification in the Era of Generative AI
Securing the Future: A Secure by Design Approach to AI Systems
Просмотров 1453 месяца назад
Securing the Future: A Secure by Design Approach to AI Systems
From Manual Mayhem to AI-Powered SOC: How Generative AI is Revolutionizing Security Operations
Просмотров 1433 месяца назад
From Manual Mayhem to AI-Powered SOC: How Generative AI is Revolutionizing Security Operations
Geopolitical Catalyst - How the Russia-Ukraine War has changed the Hacktivist Landscape
Просмотров 1453 месяца назад
Geopolitical Catalyst - How the Russia-Ukraine War has changed the Hacktivist Landscape
Analyzing VirusTotal's Malware Executables Collection with LLMs
Просмотров 3213 месяца назад
Analyzing VirusTotal's Malware Executables Collection with LLMs
You know what else the greatest stories have in common? They were told and others heard them. They werent censored by CISA like every dissident opinion (later admitted fact) about Covid. CISA is a DHS propaganda and censorship agency. It is the tip of the spear in the government's effort to destroy the 1st Amendment.
So a security guy needs to learn generative AI or machine learning ?
One of the worst titles I've ever seen. If you are talking about SOC, write it within the first 4 words. There is also no clarity on what SOC actually stands for, Security Operation Center? System On a Chip?
Well done Geordie!
Wow... great Geordie and the information really valuable and interesting...keep up the great job you're performing there...congrats!!!
This is really great - relevant and real. Thanks Kevin!
Thanks for the video!
Thanks for the video presentation!
Make more amazing videos. Use a service like 'Promosm'!!!
Just leaving a comment for the algorithm