Server Security: A Reality Check

  • Webcast Aired Tuesday, 11 Mar 2014 1:00PM EDT (11 Mar 2014 17:00 UTC)
  • Speakers: Jake Williams, Michael Bilancieri

Regardless of how they initially enter the organization, most attackers today still aim to compromise internal servers to steal user credentials, steal sensitive data and turn compromised servers into hosting platforms used to help attackers steal even more assets. This webcast, based on a new whitepaper, will discuss the methodology of internal and external attacks on data center servers and the applications running on them. It will discuss why, even with our layers of security in place today, servers are still vulnerable (for example, unpatched vulnerabilities, unmanaged applications and poor administrative access).

This webcast will discuss how servers need to be protected from the unknown. This \unknown" category of threats includes advanced persistent threats, which can be best prevented by inventorying applications to permit what is known and trusted while denying everything else. The webcast will include discussion of real-world deployments and best practices and how to get started with inventorying applications and then controlling them, in accordance with the SANS critical security controls.

Click here to view the associated whitepaper.