Live Webinars, Webcasts and Podcasts

Our security experts have compiled a plethora of resources together to help you get more value out
of BeyondTrust products and solutions.

Receive CPE Credit when you attend our live webinars

Join us for our live webinars, where you will hear about the latest security issues from industry experts concerning both privileged account management and vulnerability management.

CPE Credit Qualification: Many of our webinars qualify as CPE credit. Please provide your (ISC)2 ID certificate number when you register for the webinar and your CPEs will automatically be added to your (ISC)2 account within 4-6 weeks.

Meet Our Experts

Dave  Shackleford

Dave Shackleford

SANS Instructor, Founder at Voodoo Security

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies.

Darren Mar-Elia

Darren Mar-Elia

Group Policy MVP and Contributing Editor at Windows IT Pro Magazine

Darren Mar-Elia is the CTO and Founder of SDM Software, a Microsoft systems management solutions company. Darren has 30 years of IT and Software experience in the Microsoft technology area, including serving as a Director of Infrastructure at Charles Schwab, IT Architect at Autodesk, CTO of Windows Management Solutions at Quest Software, and Senior Director of Product Engineering at DesktopStandard. He has provided architecture and engineering for solutions ranging from private cloud to virtual desktop to network engineering. He has been a Microsoft MVP in Group Policy technology for the last 11 years, and has written and spoken on Windows Server, Active Directory, Group Policy and PowerShell topics around the world. He has been a Contributing Editor for Windows IT Pro Magazine since 1997. He has written or contributed to 13 books on Windows and enterprise networking topics. Darren also speaks frequently at industry conferences on Windows infrastructure topics.

Paula Januszkiewicz

Paula Januszkiewicz

Security MVP, CEO at CQURE

Paula Januszkiewicz, CEO CQURE, penetration tester and mentor of CQURE Academy. Paula is also an Enterprise Security MVP and trainer (MCT) and Microsoft Security Trusted Advisor. She is also a top speaker at many well-?known conferences including TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime, etc., and is often rated as number-?one speaker. Paula is engaged as a keynote speaker for security related events and she writes articles on Windows Security. Her company CQURE has now 3 locations New York, Dubai and Warsaw. Paula has conducted hundreds of IT security audits and penetration tests, including those for governmental organizations, she is a renowned security consultant. Her distinct specialization is related to Microsoft security solutions in which she holds multiple Microsoft certifications, besides being familiar with and possessing certifications in other related technologies and operating systems. Paula is passionate about sharing her knowledge with others. In private, she enjoys researching new technologies, which she converts to authored trainings. She wrote a book about Threat Management Gateway 2010, and is working on her next book. She has access to a source code of Windows! Every year she makes over 200 flights (2013 -? 248) to gain more and more experience, provides penetration tests and consults Customers about how to secure their infrastructures. Her favorite saying is: "I have a tool for that!"

Randy Franklin Smith

Randy Franklin Smith

Security Expert

Randy Franklin Smith is an internationally recognized expert on the security and control of Windows and Active Directory security who specializes in Windows and Active Directory security. He performs security reviews for clients ranging from small, privately held firms to Fortune 500 companies, national, and international organizations. Randy is the publisher of and founder and CEO of LOGbinder software.

Eric Cole

Eric Cole

SANS Instructor

Dr. Cole is an industry-recognized security expert with over 20 years of hands-on experience. Dr. Cole has experience in information technology with a focus on helping customers focus on the right areas of security by building out a dynamic defense. Dr. Cole has a master's degree in computer science from NYIT and a doctorate from Pace University with a concentration in information security. He served as CTO of McAfee and Chief Scientist for Lockheed Martin. Dr. Cole is the author of several books, including Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible 2nd Edition, and Insider Threat. He is the inventor of over 20 patents and is a researcher, writer, and speaker. He is also a member of the Commission on Cyber Security for the 44th President and several executive advisory boards. Dr. Cole is the founder and an executive leader at Secure Anchor Consulting where he provides leading-edge cyber security consulting services, expert witness work, and leads research and development initiatives to advance the state-of-the-art in information systems security. Dr. Cole was the lone inductee into the InfoSec European Hall of Fame in 2014. Dr. Cole is actively involved with the SANS Technology Institute (STI) and is a SANS faculty Fellow and course author who works with students, teaches, and develops and maintains courseware.

Derek A. Smith

Derek A. Smith

Director of Cybersecurity Initiatives

Derek A. Smith is an expert at cybersecurity, cyber forensics, healthcare IT, SCADA security, physical security, investigations, organizational leadership and training. He is currently the Director of Cybersecurity Initiatives for the National Cybersecurity Institute at Excelsior College, responsible to perform complex duties relating to the development and coordination of cyber initiatives at NCI. Formerly, he has worked for a number of IT companies including Computer Sciences Corporation and Booz Allen Hamilton. Derek spent 18 years as a special agent for various government agencies and the military. He has also taught business and IT courses at several universities for over 20 years. Derek has served in the US Navy, Air Force and Army for a total of 24 years. He completed an MBA, MS in IT Information Assurance, Masters in IT Project Management, and a BS in Education.

Dr. Mansur  Hasib

Dr. Mansur Hasib


Dr. Mansur Hasib is the only cybersecurity and health information technology professional in the world with 12 years experience as Chief Information Officer, a Doctor of Science in Cybersecurity, and the prestigious CISSP, PMP, and CPHIMS certifications. A global thought leader, Dr. Hasib has led technology and cybersecurity strategy for almost 30 years in healthcare, education, biotechnology, and energy. He is a frequent speaker at local, national, and international conferences.

Jeremy Moskowitz

Jeremy Moskowitz

MCSE, MCSA, and Group Policy MVP

Jeremy Moskowitz, MCSE, MCSA, and Group Policy MVP runs to answer tough Group Policy questions. He is also the Founder of PolicyPak Software (, which creates software to manage applications and user environments using your existing Group Policy, you systems management infrastructure or via the cloud. He has authored the most popular book bestselling book on Windows desktop management: Group Policy: Management, Troubleshooting and Security ( Since becoming one of the world's first MCSEs, he has performed Active Directory, Group Policy and Windows infrastructure planning and implementation for some of the nation's largest organizations. Jeremy is a sought-after speaker and training for his Group Policy and Active Directory knowledge. He has spoken at Microsoft TechEd (USA and Europe), REDMOND Magazine?s TechMentor, Windows IT Pro Magazine?s Windows Connections, and others. Get in contact with Jeremy to speak at your company by visiting Learn more about PolicyPak at

Russell Smith

Russell Smith

Security Expert, IT consultant

Russell Smith specializes in the management and security of Microsoft-based IT systems. In addition to being a Contributing Editor at the Petri IT Knowledgebase, Russell blogs for Netwrix, and is an instructor at Pluralsight. Russell has more than 13 years of experience in IT, and has written a book on Windows security, co-authored one for Microsoft?s Official Academic Course (MOAC) series, and was a regular contributor at Windows IT Professional magazine.

Larry Brock

Larry Brock

Principal, Brock Cyber Security Consulting, LLC

Mr. Brock is the principal at Brock Cyber Security Consulting, LLC. His primary focus is to help companies improve their capabilities to protect, detect and respond to attacks on their intellectual property from both insider and advanced cyber threats. Previously and for more than 11 years, he was the Global Chief Information Security Officer at DuPont. Prior to this role, he has work in other Information Technology Positions, Marketing, and Research & Development at DuPont and as a Security Officer within the USAF. Within DuPont IT, he was the CIO of the Nylon Flooring business unit. He has also led the development and implementation of several large systems including; manufacturing product control, materials management, engineering maintenance, quality management, and data warehouse systems. While working in the Corporate IT group, he led the migration to open-based systems for both networking and computing. In DuPont Research & Development, Mr. Brock led the development and deployment of imaging based systems, including a patented system to electronically move radiographs between hospitals and remote physicians. He served as an Information Security Officer within the U.S. Air Force and assigned to the National Security Agency (NSA). He served on active duty at the NSA for 4 years and then in a reserve capacity for 26 years. Mr. Brock has BS and MS degrees in Electrical Engineering and is a Certified Information Security Manager, CISM.

Nick Cavalancia

Nick Cavalancia

Founder/Chief, Techvangelist

Nick Cavalancia has over 20 years of enterprise IT experience, 10 years as a tech marketing executive and is an accomplished technology writer, consultant, trainer, speaker, and columnist.

Nick has attained industry certifications including MCNE, MCNI, MCSE and MCT and was once accused at TechEd of "not having enough digits" in his MCP number (which only has 5). He has authored, co-authored and contributed to over a dozen books on Windows, Active Directory, Exchange and other Microsoft technologies and has spoken at many technical conferences on a wide variety of topics.

Previously, Nick has held executive marketing positions at ScriptLogic (acquired by Quest, now DELL Software), SpectorSoft and Netwrix where he was responsible for the global messaging, branding, lead generation and demand generation strategies to market technology solutions to an IT-centric customer base.

Todd  Bell

Todd Bell

Chief Information Security Officer

Kevin Johnson

Kevin Johnson

CEO of Secure Ideas

Kevin Johnson is the CEO of Secure Ideas and an IANS faculty member. He has written and taught course for SANS, OWASP, Blackhat and Derbycon as well as leads a number of open source projects. He presents and speaks across the country.

October 13 10 AM PT / 1 PM ET

The Six Critical Capabilities of Password Management

With Nick Cavalancia, Security Expert
October 13, 10:00 AM PT / 1:00 PM ET

Controlling and monitoring privileged accounts is crucial to preventing data breaches and is often required by compliance. But what are the essential capabilities that IT and security teams should evaluate when selecting a privileged password management solution? In this informative webinar, hear from industry expert and founder of Techvangelism, Nick Cavalancia, as he:

  • Identifies six critical capabilities of password management
  • Demonstrates the impact of having – and not having – these capabilities
  • Defines a roadmap for implementation
Register Now
October 21 10 AM PT / 1 PM ET

Seven Steps to Complete Privileged Account Management

With Scott Lang, Sr. Director of Product Marketing
October 21, 10:00 AM PT / 1:00 PM ET

Customers in the throes of deploying their privileged account management solutions often ask us, "What's next?" And sometimes, "Where do we begin?" Whether deploying your first privileged account management solution or rounding out your deployment, having a plan – a target end state – is essential. If the old maxim, "A failure to plan is a plan to fail" is true, then you must begin every privileged account management project with the end in mind.

Join this informational webinar with Sr. Director of Product Marketing, Scott Lang, who will dive in and cover his 7-step strategy to achieving complete privileged account management. He will uncover how this process minimizes costs and distractions, and speeds results, helping you unify control and establish accountability over accounts, users, assets, systems and activity.

As an added bonus, all registrants will receive a link to download the solution whitepaper outlining each of these seven steps, where to begin a privileged account management project, how to progress to a higher level of security maturity, and what business outcomes to expect.

Register Now
October 22 10 AM PT / 1 PM ET

Properly Delegate Windows Privileges to Safely Manage Active Directory & Domain Controllers

With Russell Smith, IT & Security Expert
October 22, 10:00 AM PT / 1:00 PM ET

We've been talking about this for years; giving IT staff domain administrator privileges for everyday computing tasks, poses great security risks to organizations today. However, we keep doing it.

Join this thorough and engaging webinar with IT & Security Expert, Russell Smith, to see how the careless use of domain administrator privileges can result in a compromised network and how to properly delegate Windows privileges to allow your users to safely manage Active Directory and domain controllers. Russell will also share his top tips for managing Active Directory and performing administration tasks on domain controllers without the need of giving IT staff perpetual domain administrator access.

Join Russell Smith's live webinar on Thursday, October 22, to learn how to:

  • Properly delegate privileges in order to manage Active Directory and domain controllers
  • Virtualize domain controllers
  • Implement Just Enough Administration (JEA) and PowerShell Remoting
  • Protect user groups and authentication silos in Windows Server 2012 R2
Register Now
October 27 10 AM PT / 1 PM ET

Reducing Cloud Security Risk with Credential and Session Management

With Dave Shackleford, SANS Instructor
October 27, 10:00 AM PT / 1:00 PM ET

Many organizations are moving resources to cloud-based environments, and while management of these end-points are generally no different than managing on-prem hosts, the management interfaces to these critical environments are often left unmonitored with weak or uncontrolled password policies, leaving the organization open to insider risks. In many cases, a lack of security can impact cloud adoption.

Join special guest, Dave Shackleford, SANS Instructor & Founder of Voodoo Security, in this upcoming webinar to learn best practices for the storage and session management of administrative credentials to cloud apps like Azure, Amazon AWS, Google, Rackspace, and GoGrid. As your organization moves to greater adoption, this session will provide guidance on security best practices to enable it.

Register Now
October 28 10 AM PT / 1 PM ET

Vulnerability Management: How to Think Like a Hacker to Reduce Risk

With Paula Januszkiewicz, Security MVP & Microsoft Security Trusted Advisor
October 28, 10:00 AM PT / 1:00 PM ET

Successful attack prevention strategies consist of a couple of factors that are very often not implemented properly in organizations. These are: identifying, classifying, remediating, and mitigating vulnerabilities.

Quite often I hear: "We do pen-tests once or twice a year! How can it be that we were hacked?!". There could be several reasons why but one is there may be just too many devices with way too many patches and security updates to keep up with; applying patches and updates to every device on your network may not be entirely attainable. Other reasons include time, resources, politics...the list goes on.

Whatever the reason, the basics of vulnerability management remain the same; the process must be well designed, tools easy to implement, and somebody must be directly responsible for its management. Some of the best strategies I've seen is to rely on experience and learn from actual live hacks!

Join Paula Januszkiewicz, in this BeyondTrust sponsored webinar to learn how to identify vulnerabilities, strengthen your systems, and STOP the data breaches that litter the news sites today. I will also demonstration how to exploit systems and how (from the hacker perspective) this can be proactively mitigated!

Register Now
November 04 9 AM PT / 12 PM ET

Passwords – then what? A roadmap to complete privileged identity management

With Andras Cser, Forrester Research, Inc. Vice President and Principal Analyst
November 4, 9:00 AM PT / 12:00 PM ET

Often a common starting point for getting control over privileged access is enterprise password management – or the accounts that enable access to critical internal systems. But what many organizations don't realize is that privileged identity management is more than just the password. Privileged identity management also includes establishing control and accountability over assets, users, systems and activity.

Join this webcast featuring guest speaker, Forrester Research, Inc. Vice President and Principal Analyst, Andras Cser, as he shares strategies for developing a holistic privileged identity management strategy. Andras will discuss how traditional PIM approaches don't work, how to effectively incorporate threat and user behavior analytics, and how to really do least privilege. Sponsored by BeyondTrust, this webcast promises to be informative and actionable for security and risk professionals.

Register Now
November 10 10 AM PT / 1 PM ET

Strategies for Controlling Third-Party Access to Internal Systems

With Dave Shackleford, SANS Instructor
November 10, 10:00 AM PT / 1:00 PM ET

Often the weak link in the security chain, remote access by third party vendors and contractors requires controlled network separation and activity monitoring. In fact, many recent, high-profile data breaches have occurred due to attacks originating from third-party vendors.

Join special guest, Dave Shackleford, SANS Instructor & Founder of Voodoo Security, in this upcoming webinar to learn tips on how to mitigate that risk – with a focus on secure connection gateways, proxied access, and auditing and recording of the third-party session.

Register Now
November 19 10 AM PT / 1 PM ET

Monitoring What Your Privileged Users are doing on Linux and UNIX

With Randy Franklin Smith, Security Expert
November 19, 10:00 AM PT / 1:00 PM ET

In previous webinars I showed how to control privileged authority in Linux and UNIX. With sudo you can give admins the authority they need without giving away root and all the security risks and compliance problems caused by doing so.

But once you carefully delegate limited, privileged authority with sudo you still need an audit trail of what admins are doing. A privileged user audit trail is irreplaceable as a deterrent and detective control over admins and in terms of implementing basic accountability. But in today's environment of advanced and persistent attackers you also need the ability to actively monitor privileged user activity for quick detection of suspicious events.

So in this webinar, I will dive into the logging capabilities of sudo. Sudo provides event auditing for tracking command execution by sudoers – both for successful and denied sudo requests as well as errors. I'll show you how to enable sudo auditing and how to control where it's logged, if syslog is used and more importantly: what do sudo logs looks like and how do you interpret them?

But sudo also offers session auditing (aka the iolog) which allows you to capture entire sudo sessions including both input and output of commands executed through sudo whether in an interactive shell or via script. I'll show you how to configure sudo session logging and how to view recorded sessions with sudoreplay.

After my session, Paul Harper from our sponsor, BeyondTrust will show you how PowerBroker UNIX & Linux builds on sudo's audit capabilities.

This will be an interesting and technical real training for free™ session. Please register now.

Register Now
December 10 10 AM PT / 1 PM ET

Just-in-time Privileges – Using Context to Determine System Access

With Dave Shackleford, SANS Instructor
December 10, 10:00 AM PT / 1:00 PM ET

We have all faced that moment: The 3am call that a critical system is not available. The typical response to this situation is a fire-call – emergency break-glass access to perform critical maintenance on a system to get it back up and running. But very often there is a flaw in the workflow – risk factors such as location, day or time are often not considered when rendering access which could lead to privilege misuse.

Join special guest, Dave Shackleford, SANS Instructor & Founder of Voodoo Security, in this upcoming webinar to learn best practices for assigning just-in-time privileges to systems considering multiple factors related to access.

Register Now