Videos
-
Security vulnerability assessment secrets with Kevin Beaver
Webcast: The 'Hacking for Dummies' author explains how to improve vulnerability assessments with better planning, tools and respect for the process.
-
How to analyze malware with REMnux's reverse-engineering malware tools
Video: Keith Barker of CBT Nuggets demonstrates how to use the free reverse engineering malware tools in REMnux to analyze malware in apps and PDFs.
-
SIEM architecture and operational processes
Anton Chuvakin describes why the success of your SIEM deployment is determined more by operational processes than by its architecture or a specific tool.
-
How to use Nikto to scan for Web server vulnerabilities
Video: Keith Barker of CBT Nuggets shows how to use Nikto, a free and open source tool, to scan for outdated or vulnerable Web servers.
-
Security Onion tutorial: Analyze network traffic using Security Onion
Video: In this Security Onion tutorial, Keith Barker of CBT Nuggets shows how to analyze network traffic using Security Onion's many free features.
-
Armitage tutorial: How to use Armitage for vulnerability assessments
Video: In this Armitage tutorial, Keith Barker of CBT Nuggets shows how to use the Metasploit add-on to perform vulnerability assessments.
-
Data loss prevention tools: Understanding your options
Video: Kevin Beaver uses real-life experiences with data loss prevention tools to help you with your technology choices, rollout and management.
-
How to use ThreadFix to simplify the vulnerability management process
Video: Keith Barker of CBT Nuggets demonstrates how Denim Group's ThreadFix helps simplify the enterprise vulnerability management process.
-
Zed Attack Proxy tutorial: Uncover Web app vulnerabilities using ZAP
Video: Keith Barker of CBT Nuggets offers a OWASP Zed Attack Proxy tutorial. Learn how to find and nullify Web application vulnerabilities using ZAP.
-
PayPal CISO: Laws must foster better cybersecurity information sharing
PayPal's Michael Barrett says many firms fear misuse of shared cybersecurity data. He also discusses the evolution of PCI DSS and mobile payment security.
-
Use the Mandiant Redline memory analysis tool for threat assessments
Video: Keith Barker of CBT Nuggets shows how to use the Mandiant Redline memory analysis tool to conduct threat assessments, defeat rootkits.
-
NSA's Troy Lange details NSA mobile security strategy
Video: NSA mobility mission manager Troy Lange discusses the NSA mobile security strategy, including mistakes made and lessons learned.
-
How to use Microsoft's MAP toolkit security assessment application
Video: Keith Barker of CBT Nuggets details how to use Microsoft's MAP Toolkit security assessment application to find and report on vulnerable endpoints.
-
Tactical Success for Multiplatform Endpoint Security
In this presentation, Craig Mathias discusses the hottest trend in enterprise IT today: BYOD. This discussion focuses on bring your own device (BYOD) security challenges, security techniques and management strategies.
-
Splunk video tutorial demonstrates how to use Splunk for security
Video: Keith Barker of CBT Nuggets walks viewers through a tutorial of how to use Splunk and shows how the free version can be used for IT security.
-
Zenmap tutorial: Mapping networks using Zenmap profiles
Video: In this Zenmap tutorial screencast, Keith Barker of CBT Nuggets explains how to efficiently map networks graphically using Zenmap profiles.
-
How to use Wireshark to detect and prevent ARP spoofing
Video: Keith Barker of CBT Nuggets demonstrates how to use Wireshark, the popular open source packet analyzer, to prevent ARP spoofing attacks.
-
pfSense tutorial: Configure pfSense as an SMB-caliber firewall
Video: Keith Barker of CBT Nuggets provides a brief pfSense tutorial. Learn how to configure pfSense, a free yet surprisingly capable firewall.
-
Log management and analysis: How, when and why
In this presentation, John Burke discusses how to make the most of logs to augment an organization’s overall security posture.
-
DLP use cases: When to use network storage and endpoint DLP
In this video, our expert will explain how different types of DLP work, such as network and endpoint DLP, and how it secures data at rest.
-
Screencast: Employ the FOCA tool as a metadata extractor
Mike McLaughlin demos the FOCA tool as a metadata extractor to expose the 'hidden' data users often post on their own websites.
-
Screencast: How to use GHDB to identify security holes, Googledorks
In this screencast, Mike McLaughlin uses the Google Hacking Database (GHDB) to identify Googledorks and other security vulnerabilities.
-
Screencast: ShareEnum eases network enumeration, network share permissions
Mike McLaughlin displays how easy network enumeration can be with ShareEnum, including the ability to quickly secure network shares and display share permissions.
-
Web application threats: What you really need to know
In this special presentation, Mike Rothman details today's top Web application threats and pragmatic methods to integrate security into the Web application development process.
-
Black Hat 2011: Malware threats, attack vectors and data sharing
Rodrigo Branco talks about vulnerabilities, malware sophistication and whether the move to cloud-based services will change the way cybercriminals work.
-
IT patch management best practices: Overcoming the challenges
This presentation on vulnerability and IT patch management best practices discusses the challenges of improving testing and deployment processes.
-
Enterprise encryption strategy: The path to simple data encryption
This primer on enterprise encryption strategy covers use cases for various devices and data types, and offers strategies for simple data encryption.
-
RSA SecurID attack, social engineering threat analysis from Gartner's Neil MacDonald
In this video, Gartner Vice President Neil MacDonald discusses the SecurID attack at RSA, APT realities and the growing enterprise social engineering threat.
-
Using Windows 7 security features in your data protection program
Lisa Phifer discusses Windows 7 security features like AppLocker, User Access Controls, BitLocker and BitLockerToGo, Volume Shadow Copy and DirectAccess.
-
Identity management maturity model
Learn about identity management and its capabilities in a detailed maturity model that highlights people, process and technology.
-
SIEM market overview: Gartner's Mark Nicolett
Gartner VP and distinguished analyst Mark Nicolett discusses SIEM vendor consolidation, the myth that SIEM is a cost-saving effort and more.
-
Botnets, malware security and capturing cybercriminals: Video
Malware isn't getting more sophisticated, but cybercriminals have better tools to control their botnets and deploy more targeted attacks, says Gunter Ollmann of Damballa, Inc.
-
Choosing the right authentication method for your business
Learn about common authentication methods and how to choose the right multifactor and mobile device authentication solution in this video with Mark Diodati of Burton Group,
-
How to detect and respond to money laundering
Money laundering, by its very nature, is difficult to detect, but expert Eric Holmquist gives advice on how to spot it and how to respond.
-
Key elements of disaster recovery and business continuity planning
In part four of this series, Andre Gold discusses the key aspects of developing a successful business continuity and disaster recovery plan, including location, technology, crisis management and communications.
-
Risky Business: Understanding WiFi threats
Interested in taking your enterprise wireless, or securing the wireless network you already have? Look no further. In this first of a four-part video series, Lisa Phifer of Core Competence explains WiFi threats, including some common attacks.
-
PCI compliance requirement 1: Firewalls
PCI experts Diana Kelley and Ed Moyle review Requirement 1 of the Payment Card Industry Data Security Standard, which includes a mandate for stateful inspection firewalls.
-
PCI compliance requirement 5: Antivirus
Diana Kelley and Ed Moyle of Security Curve review PCI compliance requirement 5: "Use and regularly update antivirus software."
-
Balancing security and performance: Protecting layer 7 on the network
This video will explain options for securing application-layer traffic using network security technologies, architectures and processes, including Layer 7 switches, firewalls, IDS/IPS, NBAD and more.
-
How to perform Microsoft Baseline Security Analyzer (MBSA) scans
This month, Peter Giannoulis of TheAcademyPro.com and TheAcademyHome.com offers an overview of the free Microsoft Baseline Security Analyzer.
-
Security incident response 101
Even the best procedures fail to overcome the stresses in the initial throes of an incident. Security consultant Lenny Zeltser explains how to run a well coordinated response.
-
How to use Nmap to scan a network
Peter Giannoulis takes a look at everybody's favorite, freely available port scanner and OS identifier: Nmap.
-
How to defend against data-pilfering attacks
In this video from Information Security Decisions 2008, Mandiant's Kevin Mandia details data-pilfering attacks and the four ways hackers can penetrate a network.
-
How to manage guest user authentication when building a wireless network
Joel Snyder reviews your different access policies and how to deal with the threat of unauthenticated users.
-
CISSP Essentials Lesson 1: Security management practices
In this CISSP lesson, learn about security management practices.