Tuesday, September 12, 2023
Dangerous device misuse: How to stop the malpractice

There are many ways that endpoint use can go wrong in a workplace setting -- especially when security isn't accounted for when programming the device or when developing its usage policies. This session will identify and examine some of the most common preventable forms of device security malpractice -- from misconfigurations to lack of patching to recklessly visiting suspicious websites. We'll also suggest how organizations can do a better job of curbing poor cyber hygiene behavior when actively using devices.

Tammy Moskites
Research Session

Vulnerable endpoints make companies easy prey for attackers. The reality is that victims may not even know they're vulnerable until the fangs are already in. In this session, the CyberRisk Alliance research team will present the latest findings from their survey on endpoint security -- including top threats and challenges, opportunities, and strategic considerations for moving forward.

Dana Jackson Daniel Thomas
Secure Enterprise Browsers: Evaluating an emerging cyber solutions category

In late 2022, Venture Beat reported that a new category of cyber solutions -- Secure Enterprise Browser -- has "caught fire" within the investment company, while piquing the interest of CISOs who are looking to secure a growing number of business endpoints, including those operated by remote workers. In theory, SEB fills a need, in that many employees now access and conduct much of their core work tasks online in the cloud -- which makes their browsers a tempting attack vector for cybercriminals looking to compromise devices and exfiltrate data. SEBs typically consist of a standardized browser that restricts certain actions that employees can take such as screen captures or visiting unapproved sites. Other secure browser solutions might install a lightweight agent that adds another layer of security on top of your browser of choice. This webcast will examine the benefits, drawbacks and viability of this emerging category from a cyber venture capital perspective, as a panel of investors weigh in on this trending space.

Bob Ackerman Hank Thomas Hank Thomas Tom Quinn
EDR evasion: A threat analysis of the "Mockingjay" technique

In late June 2023, researchers at MDR and incident response firm Security Joes reported their recent discovery of the Mockingjay process injection technique, which bypasses and evades EDR detection. Essentially, the researchers found that by misusing Windows libraries, one can inject potentially malicious code into various processes without having to execute certain Windows APIs that EDR security solutions normally keep an eye out for and flag as suspicious. In this session, Security Joes researchers will provide important details around their Mockingjay discovery, as well as discuss other common forms of EDR evasion that the end-user community needs to watch out for.

Felipe Duarte Thiago Peixoto
XDR as a managed services model

Why do some organizations prefer managed extended detection and response (XDR) over in-house XDR? Any time you "outsource" a cybersecurity function or capability to a managed service, you lose some degree of control, but the upside is that you can save on budget and resources. This session will look at the opportunities and challenges of MXDR, while explaining why it's important to fully communicate XDR expectations between the service provider and the client.

David Steele