logo

Log In

[templated item][templated item][templated item][templated item][templated item][templated item][templated item][templated item]
News

News | Webinars

Webinars

Past WebinarsLast 12 Months


Past Webinars

30-day Cybersecurity Sprint – Not Just for the Government

Speaker: Alex Shoykhet | July 23 at 11:30 AM EDT

On June 12th, US federal government CIO Tony Scott launched a government-wide Cybersecurity Sprint, giving agencies 30 days to shore up their systems.  The security solutions provided by Viewfinity cover two important elements on the list, specifically:

  1. Controlling, Containing, and Recovering from Incidents: Contain malware proliferation, privilege escalation, and lateral movement. Quickly identify and resolve events and incidents.
  2. Reducing Attack Surfaces

Because guidelines outlined in the 30-day cybersecurity sprint make sense for all industries, not just the US federal government, we are hosting a 30 minute webinar.  The event will introduce the various methods by which the Viewfinity software addresses the security measures that reduce the attack surface through:

  • Removing administrator rights and managing privilege elevation needs through policies
  • Application Control, Monitoring and Forensics providing threat detection and response
  • Mitigating Pass the Hash tactics that harvest local admin credentials in an attack
  • Protecting against Cryptolocker

Be Your Own Forensics Expert

Thursday, May 21, 2015 2:00 pm ET

Know WHO, WHEN, WHERE, and HOW malicious software invaded your endpoints.

Once a breach occurs, it’s imperative that organizations accelerate their threat investigation and discover the true point of origin of an attack. Viewfinity flags suspect behavior by monitoring all applications installing and running in your environment. Its monitoring tools flag any unauthorized change, and then gather detailed data to help with forensic analysis in the event of a breach. Viewfinity’s ancestry trace reveals infected files, both backward and forward through the installation path; all of the touch points are known and recorded. This monitoring also includes real-time visibility of network events on endpoints, integrating smoothly and leveraging your network firewall data (from Check Point, FireEye, Palo Alto, and so on).

Sign up for this free webcast to learn how Viewfinity:

  • Helps you identify and remediate endpoint threats

  • Pinpoints malware entry and propagation paths

  • Empowers you to create policies that keep malware contained

Don’t miss this opportunity to hear from network security experts – register today!

 

Viewfinity and Check Point Collaborative Threat Response

Thursday, May 14, 2015 at 11:30 AM EDT

Join us for a 20 minute demonstration featuring the collaboration between Viewfinity and Check Point solutions. We'll discuss:

1. How alerts from Check Point and the related information are used by Viewfinity to find bot-infected endpoints
2. How Viewfinity blocks the botnet and its ability to communicate with Command and Control centers.
3. Sending information back to Check Point to update firewall policies
4. Collaboration between Viewfinity and ThreatCloud sandboxing

After registering, you will receive a confirmation email containing information about joining the webinar.

Advanced Endpoint Protection: Full Circle Prevention-Detection-Remediation Based on a Single Agent

April 28, 2:00 pm ET

Hackers are exploiting all potential infiltration points thus it is important to establish your defense structure and response and remediate strategy from all angles.  But with so many solutions out there, where do you start?  Viewfinity offers a unified strategy that supports prevention, detection and remediation all based on the architectural integrity of one agent.  Our advanced endpoint protection solution:

  • Eliminates the security loophole related to Windows administrator rights and controls privilege elevation via policies
  • Is more than whitelisting – we’ll show how monitoring and forensics play a much more important role than launching into full default-deny
  • Shares endpoint information with firewall technology to update firewall policies
  • Performs a payload analysis by sending files for secondary inspection to Palo Alto, Check Point and FireEye sandboxes

Attend this webinar and see live examples of how the Viewfinity product provides full circle advanced endpoint protection.

Endpoint Defense Essentials: Prevention-Detection-Remediation Practices

Speaker: Mike Rothman, Securosis | March 18, 2:00 p.m. ET

This webinar will provide a perspective on all aspects of defending endpoints from modern day attacks.

Mike Rothman, Analyst & President of Securosis will set the stage by digging into the technical innovations that are driving advanced endpoint protection. The focus will be on understanding what is essential to protect your endpoints from advanced attacks, which includes solid hygiene and configuration practices, focusing on least privilege to prevent exploitation, more effective detection, working closely with network-based defenses, and finally investigating and remediating the inevitable compromise.

Alex Shoykhet will follow-up with information related to how Viewfinity can help before, during and after an attack.  Alex will review methods for prevention, detection and remediation and explain how we are able to maintain architectural integrity by enabling endpoint protection from a single agent.  He’ll focus on:

  • Managing privilege elevation after closing down the security loophole related to admin rights
  • Application Control – more than whitelisting – we’ll show how monitoring and forensics play a more important role
  • Advanced threat management that shares endpoint information with firewall technology to update firewall policies

Speakers:
Mike Rothman, Analyst & President of Securosis
Alex Shoykhet, VP of Product Management for Viewfinity

How Hackers Exploit Admin Rights to Access Your Systems

Speaker: Paula Januszkiewicz | February 25, 1:00 p.m. ET

If there is a weakness in your IT security system, wouldn't it be better to find it before someone else does? The best way to do this is to put ourselves into the hacker's role and perform all the activities they would do as well. Of course it requires some very specific knowledge that may be hard to learn when our work focuses more on creating than destroying, but the results will give us a perspective on what other people with bad intentions can see. 

Join this 40 minute journey as our speakers uncover the darker side of IT security and propose solutions to close down dangerous security loopholes: 

  • By way of example, learn what hackers attack first when planning to invade your IT infrastructure, including: use of administrative privileges, installing malware tools, and how hashes/tokens are harvested for penetration. Paula will focus on how hackers gained deep access in some of the more recently publicized security breaches, such as gaining the highest level of administrative privilege computer servers. 
  • Explain the risks related to both least privilege and application control, and why combining them provides the most impressive technical solution for securing endpoints. 
  • Show how administrator rights can be removed and only approved applications will be allowed to run with escalated rights. 
  • Demonstrate unclassified application greylist forensics using file history in a “monitoring mode” – determine if applications require admin rights, further check file integrity with Palo Alto, FireEye and Check Point, and build trusted software sources. 


You’ll walk away understanding how to close down dangerous security loopholes and add a fortified level of security to protect against sophisticated zero-day attacks, malware, advanced persistent threats and other application-based exploits. 

Speakers: 
Paula Januszkiewicz, IT Security Auditor, Enterprise Security MVP, and Microsoft Security Trusted Advisor 
Alex Shoykhet, VP of Product Management, Viewfinity

Answer the Riddle: What happens to APTs when endpoint and network security solutions collaborate?

Friday, December 12, 2014 at 2:00 PM ET

Answer the Riddle:  What happens to APTs when endpoint and network security solutions collaborate? 

You get a threat protection ecosystem that’s designed to leverage your network security controls and data collected via endpoint security! 

Attend this webinar and learn how this integration offers increased visibility and protection. We’ll review how:

  • Viewfinity’s application monitoring and forensic data cross-references with Check Point’s Threat Cloud’s Incident Response Services and Analytic Platform curbs the spawning of suspicious processes
  • Viewfinity is able to identify the root source of the suspicious behavior including the threat origin, such as URL, who, when, how many endpoints have been targeted and all roots associated with the threat.
  • The information is utilized in ThreatCloud post-incident reports and security advisement to strengthen firewall enforcement policies to mitigate future risks.
  • Threat Cloud relays crucial information to endpoints to help accelerate the ability to contain threats; for example, if an application requires elevated privileges, before granting those permissions, the application can be verified with Threat Cloud to ensure its soundness via digital forensic analysis. 

Speakers:

Alex Shoykhet, Viewfinity VP of Product Management
Polomi Batra, Check Point Product Marketing Manager

Application Control is More Than Whitelisting-It’s Monitoring, Visibility, Protection & Default Deny

Thursday, December 4, 2014 at 2:00pm ET

Application Control is More Than Whitelisting-It’s Monitoring, Visibility, Protection & Default Deny

Application Control technology is more than just whitelisting. Organizations have found significant value via full visibility into server and desktop environments by continuously monitoring and observing application behavior. Attend this webinar and learn about best practices for continuous application control & monitoring.  We’ll exploit the power of application control via a logical a step-by-step methodology that covers monitoring, enhanced visibility, protection and then default deny, all without affecting user productivity: 

  1. Server monitoring: know, in real time, what changes are being made in your environment as this is the critical path that invasions will take to get to the heart of your IT operation.  What significant changes are being made on servers? Where did an application originated?  Is the application rated with a high or low reputation score?
  2. Application Forensics: keep track of applications being installed and run, and who, when, and from where applications and files are introduced onto corporate endpoints. This information can be used in the event of a breach.
  3. Greylisting:  these are the applications that are not part of the white or black lists which can be also run in a restricted "greylist mode."   Policies handle these unknown applications, allowing them to be installed and/or run, but privileges are restricted for these applications and they have limited access to resources.
  4. Threat Detection Integration:  detect and diffuse many attacks by sharing suspicious application activity and network behavior with Palo Alto, FireEye and Check Point for thorough analysis and further remediation.
  5. Trusted Sources and Monitoring as a precursor to establishing the white list:  before restrictions are placed, use file history in a “monitoring mode” to identify what applications are actually in use. The monitoring lets you know if these applications require admin rights and can build trusted sources.

Steps hackers take to infiltrate Windows infrastructures & least privilege application control

Wednesday, November 5, 2014 at 1:00 PM ET

If there is a weakness in your IT security system, wouldn't it be better to find it before someone else does? The best way to do this is to put ourselves into the hacker's role and perform all the activities they would do as well. Of course it requires some very specific knowledge that may be hard to learn when our work focuses more on creating than destroying, but the results will give us a perspective on what other people with bad intentions can see.

Join this 40 minute journey as our speakers uncover the darker side of IT security and propose solutions to close down dangerous security loopholes:

  • By way of example, learn what hackers attack first when planning to invade your IT infrastructure, including:  use of administrative privileges, installing malware tools, and how hashes/tokens are harvested for penetration.  Paula will focus on how hackers gained deep access in some of the more recently publicized security breaches, such as gaining the highest level of administrative privilege computer servers.
  • Explain the risks related to both least privilege and application control, and why combining them provides the most impressive technical solution for securing endpoints.
  • Show how administrator rights can be removed and only approved applications will be allowed to run with escalated rights.
  • Demonstrate unclassified application greylist forensics using file history in a “monitoring mode” – determine if applications require admin rights, further check file integrity with Palo Alto, FireEye and Check Point, and build trusted software sources.

You’ll walk away understanding how to close down dangerous security loopholes and add a fortified level of security to protect against sophisticated zero-day attacks, malware, advanced persistent threats and other application-based exploits.

Speakers:  
Paula Januszkiewicz, IT Security Auditor, Enterprise Security MVP, and Microsoft Security Trusted Advisor
Alex Shoykhet, VP of Product Management, Viewfinity

Best Practices for Removing Admin Rights: A Step-by-Step Approach

Tuesday, September 30, 2014 at 2:00 PM EDT

Careful control of administrator rights is the very foundation of IT Security. Allowing admin rights exposes a dangerous security risk, creating an easy entry point for advanced persistent threats, zero-day attacks and sophisticated malware. By removing admin rights and managing privilege needs automatically, organizations can close this fundamental and overly exploited security loophole.  Jason Forgione, Viewfinity Security Engineer, will outline a step-by-step phased approach to removing admin rights and managing privilege elevation needs automatically.

Best practices for making this transition as smooth as possible including identifying who, when, and where, admin rights are being utilized within the environment, the automatic detection of applications requiring elevated privileges, automatically creating aggregated policies to handle the majority of needs, and handling future needs/exceptions, as well as management & compliance reporting.  Following the presentation Jason will answer audience questions related to these transitions and best practices.

How Hackers Exploit Admin Rights to Access Your Systems

Speaker: Marcus Murray | August 20 at 11:30 AM EDT

One of the top reasons, if not the number 1 reason, why an attacker can penetrate your environment and cause a security breach is due to excessive administrative privileges.  If you have not removed administrative rights from your IT environment, you’ll want to attend this webinar during which the methods outlined below will be demonstrated to show how attackers use exploit  admin rights, manipulate security credentials, and hack into your systems.  Marcus Murray, renowned security expert and leader of the Truesec Security Team, an independent elite-team of security consultants operating all over the world.  Situations to be explored include:

  1. Client side exploit targets an endpoint and passwords hashes/tokens are harvested, infiltrates the domain controller, exposing vulnerability to data theft and malware installation
  2. How Pass the Hash is used as an extremely common method hackers employ to use your own systems against you

Following Marcus’ demos on these security vulnerabilities, Alex Shoykhet, VP of Product Management for Viewfinity, will demonstrate how removing admin rights significantly decrease surface for security breaches. The speakers will summarize these exploits and open the discussion up for questions.

Security Vulnerabilities Associated With Having Local Administrator Privileges

Speaker: Paula Januszkiewicz | August 12 at 2:00 PM EDT

Paula Januszkiewicz, IT Security Auditor, Enterprise Security MVP, trainer (MCT) and Microsoft Security Trusted Advisor, will be conducting a discussion that centers on the security threats that are related to having excess local administrator privileges. The situations to be explored include:

  • Owned Identity: Grabbing users' Kerberos tickets
  • Extracting passwords from the operating system: who, where, and how
  • Pass-the-hash scenario where excessive admin rights are exploited to steal the credentials of an admin

After Paula's discussion, Alex Shoykhet, Viewfinity's VP of Product Management, will demonstrate how Viewfinity supports the principal of least privilege rights. He'll discuss how removing admin rights from users and managing privileges at a granular application level reduces the attack surface and helps to stop hackers in their tracks from using local administrative privileges as a back door to stealing credentials via pass-the-hash invasions.








News