The accreditors of this session require that you periodically check in to verify that you are still attentive.
Please click the button below to indicate that you are.
Many organizations have been laser-focused on user account security to defend against the increase in password spray and phishing attacks, implementing measures such as MFA and even moving to passwordless authentication. But recent cyber attacks show that adversaries are turning their attention toward application identities. Do you know what risky behavior your application identities are up to and how to protect them? Just as with user accounts, organizations will need to address application identities that are compromised through a compromised administrator, credentials-in-code or a malicious application pretending to be legitimate. In this session, learn about attacks against application identities -- how to detect these attacks as well as how to recover and defend application identities going forward against these emerging threats.
Learning Objectives
Detect attacks against application identities.
Respond to application identity compromise incidents.
Take proactive steps to prevent application identity compromise.
Based upon the book _Cybersecurity & Third-Party Risk: Third-Party Threat Hunting_ (endorsed by (ISC)2), we will break the old way of thinking that third-party risk is a compliance, check-box activity into one that is innovative and forward-leaning into the risk…
Staying up to date and learning hacking techniques is one of the best ways to know how to defend an organization from cyber threats. Hacking gamification is on the rise to help keep cybersecurity professionals up to date on the latest exploits and vulnerabilities…
Everyone has a security champion program, but how effective is yours? Are you getting a solid return on investment? Security champions and application security mutually support each other through a security culture. Elite security champions require top-shelf skills and experience…
Thirty years ago, cybersecurity was a small, often overlooked part of protective security. In 2022, cybersecurity is the core of all security activities. Cybersecurity, physical security, insider threat management, information security and security governance have never been more interdependent…