Beyondtrust

Live Webinars, Webcasts and Podcasts

Our security experts have compiled a plethora of resources together to help you get more value out
of BeyondTrust products and solutions.

Receive CPE Credit when you attend our live webinars

Join us for our live webinars, where you will hear about the latest security issues from industry experts concerning both privileged account management and vulnerability management.

CPE Credit Qualification: Many of our webinars qualify as CPE credit. Please provide your (ISC)2 ID certificate number when you register for the webinar and your CPEs will automatically be added to your (ISC)2 account within 4-6 weeks.

Meet Our Experts

Dave  Shackleford

Dave Shackleford

SANS Instructor, Founder at Voodoo Security

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies.

Darren Mar-Elia

Darren Mar-Elia

Group Policy MVP and Contributing Editor at Windows IT Pro Magazine

Darren Mar-Elia is the CTO and Founder of SDM Software, a Microsoft systems management solutions company. Darren has 30 years of IT and Software experience in the Microsoft technology area, including serving as a Director of Infrastructure at Charles Schwab, IT Architect at Autodesk, CTO of Windows Management Solutions at Quest Software, and Senior Director of Product Engineering at DesktopStandard. He has provided architecture and engineering for solutions ranging from private cloud to virtual desktop to network engineering. He has been a Microsoft MVP in Group Policy technology for the last 11 years, and has written and spoken on Windows Server, Active Directory, Group Policy and PowerShell topics around the world. He has been a Contributing Editor for Windows IT Pro Magazine since 1997. He has written or contributed to 13 books on Windows and enterprise networking topics. Darren also speaks frequently at industry conferences on Windows infrastructure topics.

Paula Januszkiewicz

Paula Januszkiewicz

Security MVP, CEO at CQURE

Paula Januszkiewicz, CEO CQURE, penetration tester and mentor of CQURE Academy. Paula is also an Enterprise Security MVP and trainer (MCT) and Microsoft Security Trusted Advisor. She is also a top speaker at many well-?known conferences including TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime, etc., and is often rated as number-?one speaker. Paula is engaged as a keynote speaker for security related events and she writes articles on Windows Security. Her company CQURE has now 3 locations New York, Dubai and Warsaw. Paula has conducted hundreds of IT security audits and penetration tests, including those for governmental organizations, she is a renowned security consultant. Her distinct specialization is related to Microsoft security solutions in which she holds multiple Microsoft certifications, besides being familiar with and possessing certifications in other related technologies and operating systems. Paula is passionate about sharing her knowledge with others. In private, she enjoys researching new technologies, which she converts to authored trainings. She wrote a book about Threat Management Gateway 2010, and is working on her next book. She has access to a source code of Windows! Every year she makes over 200 flights (2013 -? 248) to gain more and more experience, provides penetration tests and consults Customers about how to secure their infrastructures. Her favorite saying is: "I have a tool for that!"

Randy Franklin Smith

Randy Franklin Smith

Security Expert

Randy Franklin Smith is an internationally recognized expert on the security and control of Windows and Active Directory security who specializes in Windows and Active Directory security. He performs security reviews for clients ranging from small, privately held firms to Fortune 500 companies, national, and international organizations. Randy is the publisher of UltimateWindowsSecurity.com and founder and CEO of LOGbinder software.

Eric Cole

Eric Cole

SANS Instructor

Dr. Cole is an industry-recognized security expert with over 20 years of hands-on experience. Dr. Cole has experience in information technology with a focus on helping customers focus on the right areas of security by building out a dynamic defense. Dr. Cole has a master's degree in computer science from NYIT and a doctorate from Pace University with a concentration in information security. He served as CTO of McAfee and Chief Scientist for Lockheed Martin. Dr. Cole is the author of several books, including Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible 2nd Edition, and Insider Threat. He is the inventor of over 20 patents and is a researcher, writer, and speaker. He is also a member of the Commission on Cyber Security for the 44th President and several executive advisory boards. Dr. Cole is the founder and an executive leader at Secure Anchor Consulting where he provides leading-edge cyber security consulting services, expert witness work, and leads research and development initiatives to advance the state-of-the-art in information systems security. Dr. Cole was the lone inductee into the InfoSec European Hall of Fame in 2014. Dr. Cole is actively involved with the SANS Technology Institute (STI) and is a SANS faculty Fellow and course author who works with students, teaches, and develops and maintains courseware.

Derek A. Smith

Derek A. Smith

Director of Cybersecurity Initiatives

Derek A. Smith is an expert at cybersecurity, cyber forensics, healthcare IT, SCADA security, physical security, investigations, organizational leadership and training. He is currently the Director of Cybersecurity Initiatives for the National Cybersecurity Institute at Excelsior College, responsible to perform complex duties relating to the development and coordination of cyber initiatives at NCI. Formerly, he has worked for a number of IT companies including Computer Sciences Corporation and Booz Allen Hamilton. Derek spent 18 years as a special agent for various government agencies and the military. He has also taught business and IT courses at several universities for over 20 years. Derek has served in the US Navy, Air Force and Army for a total of 24 years. He completed an MBA, MS in IT Information Assurance, Masters in IT Project Management, and a BS in Education.

Dr. Mansur  Hasib

Dr. Mansur Hasib

CISSP, PMP, CPHIMS

Dr. Mansur Hasib is the only cybersecurity and health information technology professional in the world with 12 years experience as Chief Information Officer, a Doctor of Science in Cybersecurity, and the prestigious CISSP, PMP, and CPHIMS certifications. A global thought leader, Dr. Hasib has led technology and cybersecurity strategy for almost 30 years in healthcare, education, biotechnology, and energy. He is a frequent speaker at local, national, and international conferences.

Jeremy Moskowitz

Jeremy Moskowitz

MCSE, MCSA, and Group Policy MVP

Jeremy Moskowitz, MCSE, MCSA, and Group Policy MVP runs www.GPanswers.com to answer tough Group Policy questions. He is also the Founder of PolicyPak Software (www.PolicyPak.com), which creates software to manage applications and user environments using your existing Group Policy, you systems management infrastructure or via the cloud. He has authored the most popular book bestselling book on Windows desktop management: Group Policy: Management, Troubleshooting and Security (www.GPanswers.com/book). Since becoming one of the world's first MCSEs, he has performed Active Directory, Group Policy and Windows infrastructure planning and implementation for some of the nation's largest organizations. Jeremy is a sought-after speaker and training for his Group Policy and Active Directory knowledge. He has spoken at Microsoft TechEd (USA and Europe), REDMOND Magazine?s TechMentor, Windows IT Pro Magazine?s Windows Connections, and others. Get in contact with Jeremy to speak at your company by visiting www.GPanswers.com. Learn more about PolicyPak at www.PolicyPak.com.

Russell Smith

Russell Smith

Security Expert, IT consultant

Russell Smith specializes in the management and security of Microsoft-based IT systems. In addition to being a Contributing Editor at the Petri IT Knowledgebase, Russell blogs for Netwrix, and is an instructor at Pluralsight. Russell has more than 13 years of experience in IT, and has written a book on Windows security, co-authored one for Microsoft?s Official Academic Course (MOAC) series, and was a regular contributor at Windows IT Professional magazine.

Larry Brock

Larry Brock

Principal, Brock Cyber Security Consulting, LLC

Mr. Brock is the principal at Brock Cyber Security Consulting, LLC. His primary focus is to help companies improve their capabilities to protect, detect and respond to attacks on their intellectual property from both insider and advanced cyber threats. Previously and for more than 11 years, he was the Global Chief Information Security Officer at DuPont. Prior to this role, he has work in other Information Technology Positions, Marketing, and Research & Development at DuPont and as a Security Officer within the USAF. Within DuPont IT, he was the CIO of the Nylon Flooring business unit. He has also led the development and implementation of several large systems including; manufacturing product control, materials management, engineering maintenance, quality management, and data warehouse systems. While working in the Corporate IT group, he led the migration to open-based systems for both networking and computing. In DuPont Research & Development, Mr. Brock led the development and deployment of imaging based systems, including a patented system to electronically move radiographs between hospitals and remote physicians. He served as an Information Security Officer within the U.S. Air Force and assigned to the National Security Agency (NSA). He served on active duty at the NSA for 4 years and then in a reserve capacity for 26 years. Mr. Brock has BS and MS degrees in Electrical Engineering and is a Certified Information Security Manager, CISM.

Nick Cavalancia

Nick Cavalancia

Founder/Chief, Techvangelist

Nick Cavalancia has over 20 years of enterprise IT experience, 10 years as a tech marketing executive and is an accomplished technology writer, consultant, trainer, speaker, and columnist.

Nick has attained industry certifications including MCNE, MCNI, MCSE and MCT and was once accused at TechEd of "not having enough digits" in his MCP number (which only has 5). He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange and other Microsoft technologies and has spoken at many technical conferences on a wide variety of topics.

Previously, Nick has held executive marketing positions at ScriptLogic (acquired by Quest, now DELL Software), SpectorSoft and Netwrix where he was responsible for the global messaging, branding, lead generation and demand generation strategies to market technology solutions to an IT-centric customer base.

Todd  Bell

Todd Bell

Chief Information Security Officer

Kevin Johnson

Kevin Johnson

CEO of Secure Ideas

Kevin Johnson is the CEO of Secure Ideas and an IANS faculty member. He has written and taught course for SANS, OWASP, Blackhat and Derbycon as well as leads a number of open source projects. He presents and speaks across the country.

September 02 10 AM PT / 1 PM ET

Passwords - A Hacker's Best Friend

With Larry Brock, Security Expert
September 2, 10:00 AM PT / 1:00 PM ET

It's clear that passwords are essential for keeping mission-critical data, servers and assets safe and secure in the enterprise. But if they're so essential, why are we still so ineffective when it comes to managing them? And if passwords are such a no-brainer, why do so many data breaches tie back to poorly managed passwords?

In this webinar, join Security Expert, Larry Brock, who will uncover some recent high impact incidents where attackers took advantage of poorly protected passwords, and how these kinds of attacks over the past few years have resulted in regulators to require improvements. Larry will also focus on how ineffective policies, practices, and solutions for managing passwords often enable attackers easy access to valuable information. He will then layout what actions you can implement now to strengthen your protection.

Join this engaging webinar to also learn about:

  • Some commonly held myths regarding passwords in the enterprise
  • Attack methods and how a few, very common, bad practices enable attackers to easily gain access to internal systems
  • Easy steps for setting up your systems for success with better protection of passwords for both end-users and system managers
  • Some of the improvements that leading companies are implementing to help detect an attack in the early phases of the 'kill chain'

This is a webinar you won't want to miss!

Register Now
September 03 10 AM PT / 1 PM ET

Protecting Windows Endpoints: It's the Least You Should Do

With Nick Cavalancia, Industry Expert
September 3, 10:00 AM PT / 1:00 PM ET

Your endpoints – both your workstations and servers – represent some of the most exposed attack targets on your network. By accessing email and the web, these machines can entertain a direct line to malicious code. And users requiring varying levels of elevated privileges place IT in the precarious position of balancing the potential risk to the network with the needed productivity of the user.

So, how do you protect your endpoints while still keeping users productive?

In this webinar, hear from industry expert and founder of Techvangelism, Nick Cavalancia, as he engages with you, the audience, to discuss:

  • Security vs Productivity: What's the right level of privileges on Windows endpoints?
  • How to block malicious activity in a privileged world
  • Just how much monitoring of elevation and actions is needed?
Register Now
September 08 10 AM PT / 1 PM ET

How Hackers can Scratch off Secrets and Juicy Password Credentials from the Disk

With Paula Januszkiewicz, Security MVP
September 8, 10:00 AM PT / 1:00 PM ET

Do cached credentials bring any danger? Surprisingly your disk drive contains a lot of juicy information that can reveal a lot of secrets, history, and passwords! Yep – that's right, the history of your passwords is not secure!

Join Security MVP, Paula Januszkiewicz and see what kind of information is being stored on your disk drive and how hackers are able to extract information that we think is 'locked' but in actuality is not. Paula will look at cached credentials in detail and the mechanisms that which use passwords…and then show how to extract them.

Be prepared for an engaging and high energy webinar. To prepare this session it took months to write the custom tools being shown – so be sure you do not miss the live webinar! Paula will reveal the world premiere of the DPAPI Discovery during this live demonstration.

Register Now
September 10 10 AM PT / 1 PM ET

Don’t Land in the Auditing Doghouse

With Jeremy Moskowitz, Group Policy MVP
September 10, 10:00 AM PT / 1:00 PM ET

It's no wonder people are afraid of change. One false move and you land in the doghouse. And a problem WILL happen. And when it does, what will the problem look like? Will it be a deleted GPO? An obliterated OU? Something worse?

If you do land in the doghouse, what tools are in the box to help you investigate? And what tools outside the box are going to help you get out of the doghouse?

Join Jeremy Moskowitz, Group Policy MVP and BeyondTrust to learn about how NOT to land in the auditing doghouse.

Register Now
September 23 11 AM PT / 2 PM ET

The Year in Breaches: Can It Get Any Worse?

With Dave Shackleford, SANS Instructor
September 23, 11:00 AM PT / 2:00 PM ET

2015 has seen a staggering number of high profile data breaches and attacks, covering almost every major industry segment imaginable. There have been several major attacks on healthcare organizations, resulting in medical and patient data stolen. The Hacking Team breach exposed numerous 0-day vulnerabilities, and the LastPass and Kaspersky breaches demonstrated that security software companies aren't immune to attacks, either. The OPM breach has some of the most significant implications for long-term identity theft across government and military sectors, and the Ashley Madison breach and subsequent data exposure has led to a number of scandalous revelations about what people are really doing in their spare time.

In this webinar, join Dave Shackleford, SANS Instructor and Founder of Voodoo Security, who will visit some of the major data breaches of 2015, along with some analysis on what happened, who was involved, and what the coming implications may be for the security industry and society in general in months and years to come. From this analysis Dave will also uncover emerging attack trends and what you can do to protect your enterprise.

Register Now
September 29 10 AM PT / 1 PM ET

Securing Windows Server Update Services (WSUS) with SSL

With Russell Smith, Windows & IT Security Expert
September 29, 10:00 AM PT / 1:00 PM ET

While it’s considered best practice to install Windows Server Update Services with the Secure Sockets Layer (SSL) option enabled, this isn’t the default setting, and many organizations use WSUS without SSL because of the additional complexity of setting up a Public Key Infrastructure (PKI). Researchers recently discovered a way to exploit WSUS if SSL isn’t enabled, that could be used to install bogus updates on computers without needing to elevate privileges.In this webinar, Russell Smith discusses how WSUS without SSL can be used to perform injection attacks, and will demonstrate how to configure WSUS to use SSL. By the end of the session, you will:

  • Understand the anatomy of a man-in-the-middle attack for installing bogus updates via WSUS
  • Be able to check if your network is vulnerable
  • Know how to configure SSL in Windows Server Update Services

Defense-in-depth security can help protect against attacks, but if your organization uses WSUS without SSL, it’s recommended you follow Microsoft’s best practices and enable SSL now.

Register Now
October 21 10 AM PT / 1 PM ET

Seven Steps to Complete Privileged Account Management

With Scott Lang, Sr. Director of Product Marketing
October 21, 10:00 AM PT / 1:00 PM ET

Customers in the throes of deploying their privileged account management solutions often ask us, "What's next?" And sometimes, "Where do we begin?" Whether deploying your first privileged account management solution or rounding out your deployment, having a plan – a target end state – is essential. If the old maxim, "A failure to plan is a plan to fail" is true, then you must begin every privileged account management project with the end in mind.

Join this informational webinar with Sr. Director of Product Marketing, Scott Lang, who will dive in and cover his 7-step strategy to achieving complete privileged account management. He will uncover how this process minimizes costs and distractions, and speeds results, helping you unify control and establish accountability over accounts, users, assets, systems and activity.

As an added bonus, all registrants will receive a link to download the solution whitepaper outlining each of these seven steps, where to begin a privileged account management project, how to progress to a higher level of security maturity, and what business outcomes to expect.

Register Now
October 28 10 AM PT / 1 PM ET

Vulnerability Management: How to Think Like a Hacker to Reduce Risk

With Paula Januszkiewicz, Security MVP & Microsoft Security Trusted Advisor
October 28, 10:00 AM PT / 1:00 PM ET

Successful attack prevention strategies consist of a couple of factors that are very often not implemented properly in organizations. These are: identifying, classifying, remediating, and mitigating vulnerabilities.

Quite often I hear: "We do pen-tests once or twice a year! How can it be that we were hacked?!". There could be several reasons why but one is there may be just too many devices with way too many patches and security updates to keep up with; applying patches and updates to every device on your network may not be entirely attainable. Other reasons include time, resources, politics...the list goes on.

Whatever the reason, the basics of vulnerability management remain the same; the process must be well designed, tools easy to implement, and somebody must be directly responsible for its management. Some of the best strategies I've seen is to rely on experience and learn from actual live hacks!

Join Paula Januszkiewicz, in this BeyondTrust sponsored webinar to learn how to identify vulnerabilities, strengthen your systems, and STOP the data breaches that litter the news sites today. I will also demonstration how to exploit systems and how (from the hacker perspective) this can be proactively mitigated!

Register Now
November 02 9 AM PT / 12 PM ET

Passwords – then what? A roadmap to complete privileged identity management

With Andras Cser, Forrester Research, Inc. Vice President and Principal Analyst
November 2, 9:00 AM PT / 12:00 PM ET

Often a common starting point for getting control over privileged access is enterprise password management – or the accounts that enable access to critical internal systems. But what many organizations don't realize is that privileged identity management is more than just the password. Privileged identity management also includes establishing control and accountability over assets, users, systems and activity.

Join this webcast featuring guest speaker, Forrester Research, Inc. Vice President and Principal Analyst, Andras Cser, as he shares strategies for developing a holistic privileged identity management strategy. Andras will discuss how traditional PIM approaches don't work, how to effectively incorporate threat and user behavior analytics, and how to really do least privilege. Sponsored by BeyondTrust, this webcast promises to be informative and actionable for security and risk professionals.

Register Now