Lightning expert talks
Our webinar series bringing cyber security and cloud experts to share their knowledge and experiences.
Offensive Insight for Cloud Security - Part 2 – Technical Deep Dive
9 September 2021 at 13:00 UK time
Abstract: In this webinar, Tobias will pick up on the first session delivered by Menachem Shafran, who provided insights into the challenges within the cloud.
In the session we will:
share customer case studies, tales from the trenches and showcase both cloud-only and hybrid attack scenarios typically discovered with an overall assessment of the cloud.
focus on the offensive insights that come into play when using and working with different cloud environments and an ever-changing threat landscape.
cover the conceptual integration into existing security tools of the major cloud providers.
About speaker: Tobias Traebing is XM Cyber’s Technical Director for the EMEA market and leads the technical engagements with XM Cyber’s clients and customers. He has worked in the IT security industry for more than ten years in various roles - customer-facing, consulting as an IT security consultant, and several Cyber Security Vendors. He has led teams and projects in Security Operations, Security Architecting, Customer Success, Technical Account Management, and System Engineering.
Tobias Traebing now supports companies and their IT security teams with XM Cyber to optimise the security maturity level in a targeted and efficient manner.
Securing ssh connections with certificates
17 June 2021 at 16:00 UK time
Abstract: Based on a popular blog post, this talk challenges the listener to reconsider using keys for SSH access and instead use SSH Certificates. We will discuss the pros and cons of SSH certificates. We will also guide you on setting up your own open-source SSH certificate authority that you can link to your existing identity provider to deliver single sign-on SSH access to all your servers.
About speaker: Michael Maxey, VP of Product, Smallstep
Offensive Insight for Cloud Security
20 May 2021 at 13:00 UK time
Abstract: Exploration of the recent vulnerabilities, threats and possible exploits in cloud environment and the modern hacker’s perspective. Review the gaps in the traditional security approach and how XM Cyber revolutionises security posture
About speaker: Menachem Shafran is a product leader with more than 15 years of experience in product management and cybersecurity. Mr. Shafran has managed complex product ranging from cybersecurity, homeland security, DevOps automation to mobile applications. His strength in creating a product vision, aligning R&D efforts with sales and marketing has been demonstrated over the years during his tenure at Quali, NowForce, now part of Verint (VRNT), and Radware (RDWR). Prior to his roles in product management, Mr. Shafran served for 5 years in the IDF’s Elite Intelligence Unit 8200, where he served both as a researcher and as a team leader.
Poll results
Quantum in the Cloud: The impact of Quantum Technologies on Cloud Security
2021 02 25 Quantum in the Cloud.pdfPresenter: Bruno Huttner
25 February 2021 at 13:00 UK time
It is now well established that the quantum computer threatens to destroy our cybersecurity infrastructure. The exact timing is still under debate, but a range of ten to fifteen years is generally accepted by the community. In order to protect communications and the safety of all our remote transactions and especially for all cloud applications, we need to start acting now. Fortunately, solutions do exist.
The simplest solutions are classical. They consist of replacing the current algorithms under attack with new ones, which are thought to be resistant to the quantum computer. In addition, in order to further improve security, quantum solutions should be added. In particular Quantum Random Number Generators (QRNG’s) will improve the quality of cryptographic keys, which are broadly used for cybersecurity. They are already available for many applications. Quantum Key Distribution (QKD) can also be used today to protect the confidentiality of communications. QKD backbones are currently under development in several countries. Looking a bit further down the road, quantum networks and the Quantum Internet offer the promise of a different communication infrastructure. The next ten years, dubbed the Quantum Decade , will undoubtedly change the landscape of Cloud security.
Empowering Security Driven Business - Empowering Security Driven Business
12 November 2020 at 13:00 UK time
A hyper focus on security driven automation and vision of delivering value beyond tech commodity service. Objective not driven by compliance and technology gap assessment but look at delivering compliance as a by product of your Information security strategy, tactics and modus operandi. With the shift in consumerisation and advancement in adversarial focus and their TTP Information Security must act as catalyst to drive business transformation, deliver trusted product and/or service and enable speed to the market all while fuelling resiliency and ability to weather brand damage and criticism.
Presenter: Ashish Shrestha
Improving your organisation’s security posture with AWS
10 December 2020 at 13:00 UK time
The presentation is focused on organisation's security posture on AWS, which is also valid for organisations considering using AWS. It starts by introducing a top 10 list of "10 places your security team should spend time". It then explains the background to this list, where it came from! Followed by a walk-through of each item on the list, elaborating on the item and providing AWS best practice guidance. It ends with a recap of the list sums up with where to go to find more detail on the best practice.
Presenter: Mark Evans
The top 10 reasons why identity ecosystems fail
5 November 2020 at 13:00 UK time
An online presentation and discussion covering “The top 10 reasons why identity ecosystems fail”
Presenter: Paul Simmonds
ex-CISO’s take on Cloud Computing
15 October 2020 at 13:00 UK time
An online interview and discussion covering “Mistakes to avoid and other interesting stories”
About Bob Mann
My experience and understanding of the issues has allowed me to develop a sound, pragmatic, but flexible approach to winning across business units.. My experience ranges from protection of Government and MOD clients, through to the securing the financial sector, commercial institutions and the retail environment.