What the New Verizon Breach Report and RSA Attack Have in Common


MEDIA ADVISORY

LogRhythm Hosts Webinar on Detecting Attacks against RSA SecurID Systems

Windows and Former U.S. Homeland Security Experts to Demonstrate How to Monitor and Protect RSA Authentication Product Using Logs

WHO:     Randy Franklin Smith is an internationally recognized expert on the security and control of Windows and Active Directory. He performs security reviews for clients ranging from small, privately held firms to Fortune 500 companies and international organizations. Previously, he trained IT auditors on Windows security as the developer and primary instructor for MIS Training Institute's Windows and Active Directory audit curriculum. He has published over 300 articles on Windows security in leading IT publications including Information Security Magazine and Windows IT Pro.

Dave Pack, CISSP, is Manager of Knowledge Engineering for LogRhythm. He has over a decade of experience in enterprise information security, advanced data analysis and visualization systems. Dave has served as a lead security analyst at the U.S. Department of Homeland Security Citizenship and Immigration Services Security Operations Center. His team is responsible for developing advanced pattern recognition and correlation rules for the LogRhythm SIEM platform, as well as compliance packages for PCI-DSS, HIPAA, SOX, and other regulatory mandates.

Trent Heisler is Director of Systems Engineering for LogRhythm. He has over 13 years of experience designing, implementing, managing and securing IT networks. Trent has architected log management/SIEM 2.0 solutions for leading organizations in a variety of industries and government sectors. Trent is a frequent speaker at a variety of industry specific venues including AFCOM, ISSA, SANS Institute and Ultimate Windows Security events.

WHAT:   Following the recent security breach at RSA, the company is recommending that customers make full use of their SIEM (Security Information and Event Management) products to detect changes in user privilege levels and access rights. In this hands-on webinar attendees will learn how to monitor security logs from Windows, Active Directory and RSA Authentication Manager (the SecurID server) for this type of activity. Specific uses cases will be demonstrated such as how to detect repeated authentication attempts, where the one-time password was entered correctly but failed due to a bad PIN. This condition could indicate that an attacker has cracked the seed values for the SecurID implementation and is attempting to brute force a user’s PIN.


WHERE:  Live webinar delivered to your desktop.

WHEN:   Tuesday, April 26, 2011 at 12:00 PM Eastern Time


HOW:    To register visit: http://www.ultimatewindowssecurity.com/webinars/register.aspx?id=132
Please contact Marc Gendron at marc@mgpr.net or 781-237-0341 to schedule a conversation with Mr. Heisler.

About LogRhythm

LogRhythm, the leader in log management and SIEM 2.0, delivers log and security event management, file integrity monitoring, and network and user monitoring in a single integrated solution. LogRhythm empowers organizations to comply with regulations, secure their networks, and optimize IT operations. The company received the coveted “Recommended” 5-star designation from SC Labs for SIEM and has received SC Magazine’s Innovator of the Year Award, Readers Trust Award for “Best SIEM” solution and the “Best Buy” designation for Digital Forensics. It is a winner of the 2010 Red Herring 100 Award and was placed by Gartner Inc. in the visionaries quadrant of the Security Information and Event Management (SIEM) Magic Quadrant report for 2010. LogRhythm is privately held and based in Boulder, Colorado with European Headquarters in Maidenhead, England, and Asia Pacific operations in Hong Kong. For more information visit: www.logrhythm.com.


#       #       #-----------------------------------------------------------------------
This message was sent to editor. If you no longer wish to receive email from us, please follow the link below or copy and paste the entire link into your browser. http://www.xmr3.com/rm/1517061-39590254-2-20-AV1-D511/pr@itincanada.ca/HCS8371