Live Webinars, Webcasts and Podcasts
Our security experts have compiled a plethora of resources together to help you get more value out
of BeyondTrust products and solutions.
Join us for our live webinars, where you will hear about the latest security issues from industry experts concerning both privileged account management and vulnerability management.
CPE Credit Qualification: Many of our webinars qualify as CPE credit. Please provide your (ISC)2 ID certificate number when you register for the webinar and your CPEs will automatically be added to your (ISC)2 account within 4-6 weeks.
Meet Our Experts
SANS Instructor, Founder at Voodoo Security
Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies.
Group Policy MVP and Contributing Editor at Windows IT Pro Magazine
Darren Mar-Elia is the CTO and Founder of SDM Software, a Microsoft systems management solutions company. Darren has 30 years of IT and Software experience in the Microsoft technology area, including serving as a Director of Infrastructure at Charles Schwab, IT Architect at Autodesk, CTO of Windows Management Solutions at Quest Software, and Senior Director of Product Engineering at DesktopStandard. He has provided architecture and engineering for solutions ranging from private cloud to virtual desktop to network engineering. He has been a Microsoft MVP in Group Policy technology for the last 11 years, and has written and spoken on Windows Server, Active Directory, Group Policy and PowerShell topics around the world. He has been a Contributing Editor for Windows IT Pro Magazine since 1997. He has written or contributed to 13 books on Windows and enterprise networking topics. Darren also speaks frequently at industry conferences on Windows infrastructure topics.
Security MVP, CEO at CQURE
Paula Januszkiewicz, CEO CQURE, penetration tester and mentor of CQURE Academy. Paula is also an Enterprise Security MVP and trainer (MCT) and Microsoft Security Trusted Advisor. She is also a top speaker at many well-?known conferences including TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime, etc., and is often rated as number-?one speaker. Paula is engaged as a keynote speaker for security related events and she writes articles on Windows Security. Her company CQURE has now 3 locations New York, Dubai and Warsaw. Paula has conducted hundreds of IT security audits and penetration tests, including those for governmental organizations, she is a renowned security consultant. Her distinct specialization is related to Microsoft security solutions in which she holds multiple Microsoft certifications, besides being familiar with and possessing certifications in other related technologies and operating systems. Paula is passionate about sharing her knowledge with others. In private, she enjoys researching new technologies, which she converts to authored trainings. She wrote a book about Threat Management Gateway 2010, and is working on her next book. She has access to a source code of Windows! Every year she makes over 200 flights (2013 -? 248) to gain more and more experience, provides penetration tests and consults Customers about how to secure their infrastructures. Her favorite saying is: "I have a tool for that!"
Randy Franklin Smith
Randy Franklin Smith is an internationally recognized expert on the security and control of Windows and Active Directory security who specializes in Windows and Active Directory security. He performs security reviews for clients ranging from small, privately held firms to Fortune 500 companies, national, and international organizations. Randy is the publisher of UltimateWindowsSecurity.com and founder and CEO of LOGbinder software.
Dr. Cole is an industry-recognized security expert with over 20 years of hands-on experience. Dr. Cole has experience in information technology with a focus on helping customers focus on the right areas of security by building out a dynamic defense. Dr. Cole has a master's degree in computer science from NYIT and a doctorate from Pace University with a concentration in information security. He served as CTO of McAfee and Chief Scientist for Lockheed Martin. Dr. Cole is the author of several books, including Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible 2nd Edition, and Insider Threat. He is the inventor of over 20 patents and is a researcher, writer, and speaker. He is also a member of the Commission on Cyber Security for the 44th President and several executive advisory boards. Dr. Cole is the founder and an executive leader at Secure Anchor Consulting where he provides leading-edge cyber security consulting services, expert witness work, and leads research and development initiatives to advance the state-of-the-art in information systems security. Dr. Cole was the lone inductee into the InfoSec European Hall of Fame in 2014. Dr. Cole is actively involved with the SANS Technology Institute (STI) and is a SANS faculty Fellow and course author who works with students, teaches, and develops and maintains courseware.
Derek A. Smith
Director of Cybersecurity Initiatives
Derek A. Smith is an expert at cybersecurity, cyber forensics, healthcare IT, SCADA security, physical security, investigations, organizational leadership and training. He is currently the Director of Cybersecurity Initiatives for the National Cybersecurity Institute at Excelsior College, responsible to perform complex duties relating to the development and coordination of cyber initiatives at NCI. Formerly, he has worked for a number of IT companies including Computer Sciences Corporation and Booz Allen Hamilton. Derek spent 18 years as a special agent for various government agencies and the military. He has also taught business and IT courses at several universities for over 20 years. Derek has served in the US Navy, Air Force and Army for a total of 24 years. He completed an MBA, MS in IT Information Assurance, Masters in IT Project Management, and a BS in Education.
Dr. Mansur Hasib
CISSP, PMP, CPHIMS
Dr. Mansur Hasib is the only cybersecurity and health information technology professional in the world with 12 years experience as Chief Information Officer, a Doctor of Science in Cybersecurity, and the prestigious CISSP, PMP, and CPHIMS certifications. A global thought leader, Dr. Hasib has led technology and cybersecurity strategy for almost 30 years in healthcare, education, biotechnology, and energy. He is a frequent speaker at local, national, and international conferences.
MCSE, MCSA, and Group Policy MVP
Jeremy Moskowitz, MCSE, MCSA, and Group Policy MVP runs www.GPanswers.com to answer tough Group Policy questions. He is also the Founder of PolicyPak Software (www.PolicyPak.com), which creates software to manage applications and user environments using your existing Group Policy, you systems management infrastructure or via the cloud. He has authored the most popular book bestselling book on Windows desktop management: Group Policy: Management, Troubleshooting and Security (www.GPanswers.com/book). Since becoming one of the world's first MCSEs, he has performed Active Directory, Group Policy and Windows infrastructure planning and implementation for some of the nation's largest organizations. Jeremy is a sought-after speaker and training for his Group Policy and Active Directory knowledge. He has spoken at Microsoft TechEd (USA and Europe), REDMOND Magazine?s TechMentor, Windows IT Pro Magazine?s Windows Connections, and others. Get in contact with Jeremy to speak at your company by visiting www.GPanswers.com. Learn more about PolicyPak at www.PolicyPak.com.
Security Expert, IT consultant
Russell Smith specializes in the management and security of Microsoft-based IT systems. In addition to being a Contributing Editor at the Petri IT Knowledgebase, Russell blogs for Netwrix, and is an instructor at Pluralsight. Russell has more than 13 years of experience in IT, and has written a book on Windows security, co-authored one for Microsoft?s Official Academic Course (MOAC) series, and was a regular contributor at Windows IT Professional magazine.
Principal, Brock Cyber Security Consulting, LLC
Mr. Brock is the principal at Brock Cyber Security Consulting, LLC. His primary focus is to help companies improve their capabilities to protect, detect and respond to attacks on their intellectual property from both insider and advanced cyber threats. Previously and for more than 11 years, he was the Global Chief Information Security Officer at DuPont. Prior to this role, he has work in other Information Technology Positions, Marketing, and Research & Development at DuPont and as a Security Officer within the USAF. Within DuPont IT, he was the CIO of the Nylon Flooring business unit. He has also led the development and implementation of several large systems including; manufacturing product control, materials management, engineering maintenance, quality management, and data warehouse systems. While working in the Corporate IT group, he led the migration to open-based systems for both networking and computing. In DuPont Research & Development, Mr. Brock led the development and deployment of imaging based systems, including a patented system to electronically move radiographs between hospitals and remote physicians. He served as an Information Security Officer within the U.S. Air Force and assigned to the National Security Agency (NSA). He served on active duty at the NSA for 4 years and then in a reserve capacity for 26 years. Mr. Brock has BS and MS degrees in Electrical Engineering and is a Certified Information Security Manager, CISM.
Nick Cavalancia has over 20 years of enterprise IT experience, 10 years as a tech marketing executive and is an accomplished technology writer, consultant, trainer, speaker, and columnist.
Nick has attained industry certifications including MCNE, MCNI, MCSE and MCT and was once accused at TechEd of "not having enough digits" in his MCP number (which only has 5). He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange and other Microsoft technologies and has spoken at many technical conferences on a wide variety of topics.
Previously, Nick has held executive marketing positions at ScriptLogic (acquired by Quest, now DELL Software), SpectorSoft and Netwrix where he was responsible for the global messaging, branding, lead generation and demand generation strategies to market technology solutions to an IT-centric customer base.
Chief Information Security Officer
CEO of Secure Ideas
Kevin Johnson is the CEO of Secure Ideas and an IANS faculty member. He has written and taught course for SANS, OWASP, Blackhat and Derbycon as well as leads a number of open source projects. He presents and speaks across the country.
With Russell Smith, Security & IT Expert
August 4, 10:00 AM PT / 1:00 PM ET
It's not uncommon that IT staff are permanently assigned domain administrator privileges to expedite access not only to domain controllers (DCs), but also local administrator permissions on domain member servers and user workstations.
In this session, Russell Smith looks at the risks of assigning domain administrator privileges to IT staff, how to assign local administrator privileges safely, and successfully managing access to DCs.
After this session attendees will:
- Better understand the risks associated with using domain administrator accounts on devices that are not DCs
- Learn how to assign local administrator privileges to IT staff without adding them to the Domain Admins group in Active Directory
- Methods and best practices for granting access to domain controllers
Implementing an Effective Vulnerability Management Program to Minimize IT Security Risk in Your Organization
With Derek A. Smith, Cyber Security Expert
August 11, 10:00 AM PT / 1:00 PM ET
Vulnerabilities are defects that require a patch, upgrade or configuration change. Once a vulnerability is discovered, it is only a matter of time before an attacker can take advantage of the defect. Companies cannot afford to lose time when it comes to Vulnerability Management, as they may suffer immeasurable losses as a result of a compromise. Vulnerability management is an ongoing process that organizations can use to make their IT environment more secure, and become more regulatory compliant. This concept is a critical process that can be very useful and provide great return on investment when implemented carefully, monitored for effectiveness, and adjusted regularly.
Join Cyber Security Expert, Derek A. Smith, who will outline the key steps to effective vulnerability management and provide an in-depth look at the tools, challenges and best practices of each part of the VM lifecycle. The webinar will examine the following:
- The laws of vulnerabilities
- Need for vulnerability management
- The vulnerability management lifecycle
- The key to Security
- The importance of classifying, measuring, integrating and auditing during vulnerability management, and more
- 4 Steps to Reducing Risk with Vulnerability Management
- Vulnerability management best practices
- Using automated tools for Vulnerability Management
With Nick Cavalancia, Industry Expert and Founder of Techvangelism
August 19, 10:00 AM PT / 1:00 PM ET
You've performed countless audits for your critical systems, like AD, Exchange, file systems, and others, and think you have it down by now. But how do you know you're capturing all changes that an auditor needs? In this webinar, hear from industry expert and founder of Techvangelism, Nick Cavalancia, as he discusses what the most common items asked for by auditors are, and then help you prepare for the dreaded next-level questions. You've conquered Auditing 1.0, now it's time for Auditing 2.0.
You will walk away from this webinar being able to answer the following questions:
- What really constitutes an Audit?
- Documentation: How much detail is necessary?
- Audit timeframes: When should you be ready to be audited and how long should it take?
With Randy Franklin Smith, Security Expert
August 27, 10:00 AM PT / 1:00 PM ET
UNIX and Linux with sudo is a fact of life. Without sudo everyone who needs to do anything will be logs on as or su's to root. You've got absolutely no least privilege, no accountability, no control or recourse over malicious insiders with privileged access and you might as well wear a "hack me" sign.
Without sudo compliance is a nonstarter. It's one of the first things auditors look for and it's the native option for you to protect root from being abused. It's also the standard way to implement least privilege and enforce accountability over privileged admins.
But sudo – like most components of Linux/UNIX – is very configurable and it's easy to (pardon the pun) “sudo it wrong”. In this real training for free ™ webinar I will provide a quick intro on sudo - explaining what sudo does in term s of eliminating the need to logon as all-powerful root and providing accountability and least privilege. I will also show you a number of common sudo pitfalls and the risks with sudo if not configured and used correctly.
I'll explain to you how to sudo it right by doing things like:
- Using include files to eliminate duplicate sudo policies between systems
- Managing sudo consistently across multiple systems
- Avoiding ALL
- Using groups instead of user names
- Specifying secure path
- Configuring timeouts
After we discuss how not to "sudo yourself in the foot", Paul Harper, product manager from BeyondTrust, will review commercial options for augmenting sudo and attaining least privilege on UNIX and Linux.
This will be a very technical and useful webinar to help you improve the security, manageability, compliance and accountability of your *nix environment.Register Now