Name: Cracking the Code: Defending APIs from Business Logic Attacks (APJ)
Start: 2023-10-26T03:00:00Z
End: 2023-10-26T03:01:00.000Z
Location: BrightTALK
Rating: 4.8

Imperva is a leading provider of cyber security solutions that protect business-critical data and applications in the cloud and on-premises.

Les données et les API constituent aujourd’hui des angles morts majeurs en termes de sécurité et sont de plus en plus exploitées dans le cadre d’attaques supplychain.

En effet, selon Gartner, d'ici à 2024, l'utilisation abusive des API et les violations de données associées doubleront. 

A l’aube des évolutions réglementaires de NIS2, découvrez les pratiques de sécurité que vous devez adopter pour vos données et API dans un environnement sur site, hybride et/ou multicloud. 

Ce webinar vous permettra d’en savoir plus sur NIS2, les méthodes et outils de sécurité tels que la découverte et la classification, l’analyse des vulnérabilités, et l’analyse comportementale.

Sécurisez vos applications, vos API et vos données pour vous conformer à NIS2

IT professionals were forced to reprioritize their approach to application security in 2023, to focus on new CVEs and targeted customer data breaches. Security teams must also adapt to new economic, political, technological landscapes and of course, new threats. 

Join top security experts from our Office of the CTO, Kunal Anand and Peter Klimek, as they provide key cybersecurity trends, insights, and examples to consider going into next year:

• Shift Left has peaked, what’s next for development teams
• Microservices is the new normal - what does that mean for your organization
• AI becomes the great enabler in 2024, bringing huge opportunities and new cybersecurity risks
• Breaches are now mainstream - how you can prepare

2024 Cybersecurity Trends and Predictions

Are you a CISO determined to bolster your organization's data security strategy against the ever-evolving landscape of AI-driven cyber threats in 2024?

If the answer is yes, mark your calendar for our upcoming webinar experience. Join us for a high-impact session where our expert speakers will delve into the critical cybersecurity incidents of 2023 and unveil the indispensable data security strategies for the year ahead.

Join Sumanth Kakaraparthi, VP of Product Management, Data Security, Imperva with guest speaker, Heidi Shey, Principal Analyst, Forrester Research (Author of the Forrester Wave report on Data Security).

What You'll Learn:
- Stay Ahead of Threats: Gain insight into the latest data breach trends and how they directly impact your organization.
- Proven Protection Strategies: Discover battle-tested methods to fortify your data protection strategy while staying compliant with regulations.
- Actionable Resilience: Acquire actionable strategies to enhance your organization's resilience in evolving cyber threats.
- Cutting-Edge Technologies: Explore the innovative technologies vital for maintaining robust data security in 2024.

This is more than just another webinar; it's your strategic playbook for data security in 2024. Take the chance to equip yourself with the critical insights and tools necessary to safeguard your organization's most valuable assets.

Trends in Data Security 2023: A Strategic Playbook for CISOs

Application modernization is an important journey that can unlock a world of new 
business opportunities. But there is a downside. This effort can inadvertently expose 
your organization to new vulnerabilities that cybercriminals are ready to exploit.

Join our cybersecurity experts as they reveal how the shift from legacy systems to modern applications can increase exposure to business logic abuse. This webinar will provide valuable insights into mapping your threat landscape, how to identify potential security gaps, and tips for crafting an effective defense strategy.

Some topics we’ll cover:

• Real-world strategies for mitigating modernization risks
• Practical tips to defend against business logic attacks
• Actionable guidelines to strengthen your application security

Mapping the Threat Landscape (APJ)

Automated business logic attacks are on the rise, driven by bad bots that can evade detection while wreaking havoc and enabling online fraud. Each year, Imperva analyzes data from our global network to investigate the evolution of automated attacks and the bad bots that drive them, documenting the findings in the Bad Bot Report.

For the 10th anniversary of the Bad Bot Report, Imperva looked closely at the relationship between bad bots, online fraud and API insecurity and the impact of automated attacks across a variety of industries. 

Join Peter Klimek, Director of Technology, Office of the CTO at Imperva, and our guest speaker, Sandy Carielli, a Forrester Principal Analyst, to find out how bad bots are forcing organizations to rethink how they address automated attacks without impacting customer experience.

Attend this session to receive valuable insights, including:
• The top automated attack trends by industry 
• How automated attacks drive online fraud and the resulting impact to the business
• The rise of automated attacks targeting APIs
• The impact of bot remediation techniques on customer experience
• Key recommendations on how to stop bad bots from impacting customer experience

Bad Bots: Balancing Protection Against Customer Experience

Acompáñenos a una entrega más de nuestra serie de webinars técnicos en español. Conozca como las estrategias de prevención y protección de Imperva van más alla de las estrategias tradicionales de protección y ayudan a proteger contra técnicas avanzadas de fraude en este webinar estaremos revisando como protegerse de ataques como Account Take Over y Form Jacking, usando la estrategia de prevención de fraudes de Imperva application protection

Imperva Webinar: Prevención de fraude en aplicaciones (ATO & CSP) - Español

With the holiday shopping season upon us, now is the ideal time to ensure websites and applications are protected from cyberattacks. 

Imperva has seen a dramatic increase in Bot and DDoS attacks leading to online payment fraud and account takeover activity. Stop bad traffic before it disrupts your business and potential revenue. 

Join Peter Klimek, Director of Technology, and one of the industry’s top cybersecurity speakers, to learn how to optimize and protect your applications and website from threat actors.

• Understand and identify new and emerging cyber threats

• Protect your applications and websites from Business Logic Attacks (BLA)

• Maximize web performance and prevent online fraud

Secure your websites and applications now for the busiest time of the year

Mapping the Threat Landscape

内部不正ユーザによる情報漏洩のニュースは後を絶ちませんが、通常の境界線型のセキュリティで防ぐことが困難であり、対応方法も内部脅威の想定に応じて、異なるため、さまざまなソリューションがあると考えております。今回は、内部脅威・内部不正対策をDBに対してのビヘイビアをもとにAIモデルから疑わしさのスコアリングする手法をご紹介いたします。

弊社ソリューションとワークフローを連携させたSOC運用の負荷軽減や実用的洞察サポートを利用による大量SOCアラートの優先順位付けなど、セキュリティエンジニアが不足している現在において、さまざまお役にたてると考えております。

アジェンダ： 
- 内部不正とは？内部不正ユーザとは？ 
- DB版サイバーキルチェーンとImpervaのソリューション
- SOC運用イメージ
- お客様導入事例

*This webinar is conducted in Japanese.

データセキュリティソリューション徹底解説（全5回)　第2回 内部脅威・内部不正におる情報漏えい対策 (Japanese)

In an increasingly interconnected and complex healthcare landscape, safeguarding patient data has become a paramount concern. Healthcare Organizations find themselves at the forefront of the battle against data breaches, as they grapple with the immense responsibility of protecting patients and securing sensitive information. This webinar delves into the key aspects of healthcare data security and potential areas for improvement that are vital for maintaining patient trust.

Join us for this informative webinar, where we'll bring together experts Salwa Rafee, Cybersecurity Senior Executive, and Terry Ray, SVP Data Security CTO to discuss the threat landscape and best practices to avoid data breaches that can impact patient care.

Key Topics to Be Explored:
- How vulnerable is healthcare to cyber threats? Looking back and ahead ..
- Prime targets: Protected Health Information (PHI) and Personal Identifiable Information (PII) data while transmitting, sharing and storing
- The crucial role of data visibility, risk assessments and audits 
- Best practices for identifying unauthorized data access, patterns, and anomalies

Discover actionable strategies and insights that can enhance your organization's data protection measures and ensure the safety and privacy of patient information. Don't miss this opportunity to stay at the forefront of healthcare data security.

Safeguarding Patient Data: Assessing Healthcare Data Protection Measures

Acompáñenos a una entrega más de nuestra serie de webinars técnicos en español. En esta edición hablaremos, algunos conceptos base de protección de bots, websites y SAS, con la siguiente agenda:

·     ¿Qué es Advanced Bot Protection?

·     Protección de Websites

·     Protección de APIs y Apps Móviles
Casos de uso

·     ¿Qué son los SaS Services? - Astrid & Atul

Imperva Webinar: Casos de Uso ABP y Servicios SaS (Español)

APIs have become the backbone of innovation but they have inadvertently created a wider attack surface for cybercriminals.

Without proper security checks, APIs become playgrounds for attackers. Join us as we uncover a growing, hidden danger: business logic abuse.

Some topics we’ll cover:

• How deep discovery and machine learning can provide full API visibility and monitoring
• How to safeguard your most vulnerable APIs, to minimize business logic abuse
• Essential tools needed for evaluating and mitigating Broken Object Level Authorization (BOLA) risk per current IDOR regulatory guidelines
• Full-stack API Security solution vs. pure-play API Security

Cracking the Code: Defending APIs from Business Logic Attacks

So far, 2023 has been a year of shadow vulnerabilities coming to light and the widespread use of AI. With this, IT professionals have been forced to reprioritize and adapt their approach to cyber and data security.

Please join our security experts from the Imperva Office of the CTO, Kunal Anand and Peter Klimek, who will provide an update on the key trends and insights to consider for the rest of 
this year:

• New digital “normal” puts greater reliance on microservices
• Adoption of Generative AI and its use in cybersecurity
• Supply chain disruption becomes a playground for cybercriminals
• Focus on data and the risk of breach
• MOVEit incidents, and the potential for more

2023 Mid-Year Trends Update (APJ)

Join security experts from KuppingerCole Analysts and Imperva as they discuss the challenges of protecting data distributed across hybrid IT environments, and look at what technologies and services can be combined to meet those challenges effectively and efficiently as a growing number of organizations migrate to the cloud. 

Alexei Balaganski, Lead Analyst and CTO at KuppingerCole will explain the concept of a Data Security Platform (DSP), identify the required capabilities and future evolution of DSPs, and look at current data security market trends.

Terry Ray, SVP of Data Security GTM, Field CTO, and Imperva Fellow will share his security industry experience and expertise on data protection, on meeting security requirements of customers and regulators from every industry sector, and provide an overview of Imperva’s data security solutions, with reference to the concept of a data security fabric.

Using Data Security Platforms in a Modern, Hybrid World

Acompáñenos a una entrega más de nuestra serie de webinars técnicos en español. En esta edición hablaremos, como ya es frecuente los eventos promocionales de ventas digitales como pueden ser Cybermonday, Cyberweek, Blackfriday, también los lanzamientos de nuevos productos o bien de espectáculos artísticos y/o deportivos. Cuando esto sucede todas las áreas de IT se ven afectadas por temas de capacidad. Sumado al gran volumen de usuarios reales tenemos los BOTs generando accesos constantes. En esta sesión veremos como el Cloud WAF de Imperva puede ofrecer mecanismos de clasificación de BOTs y generar una Sala de Espera virtual para mantener a los usuarios tranquilos que serán atendidos en un tiempo determinado.

Imperva Webinar: Manejando grandes flujos de usuarios - Cyberdays - Waiting Room

Cracking the Code: Defending APIs from Business Logic Attacks (APJ)

API Security

BOLA

IDOR

Application Security

Business Logic Attacks

Cybersecurity

APIs

Digital Transformation

Machine Learning

Are you an IT service management professional interested in developing your knowledge and improving your job performance? Join the IT service management community to access the latest updates from industry experts. Learn and share insights related to IT service management (ITSM) including topics such as the service desk, service catalog, problem and incident management, ITIL v4 and more. Engage with industry experts on current best practices and participate in active discussions that address the needs and challenges of the ITSM community.

IT Service Management

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Practicing business intelligence allows your company to transform raw data into sets of insights for targeted business growth. The business intelligence and analytics community on BrightTALK is made up of thousands of data scientists, database administrators, business analysts and other data professionals. Find relevant webinars and videos on business analytics, business intelligence, data analysis and more presented by recognized thought leaders. Join the conversation by participating in live webinars and round table discussions.

Business Intelligence and Analytics

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Cracking the Code: Defending APIs from Business Logic Attacks (APJ)

Presented by

About this talk

More from this channel