With the increasing rate of security breaches, today’s applications need to be built more securely at the code level, and that code needs to be tested regularly. The Software Assurance Marketplace was developed to make it easier to consistently test the quality and security of applications and bring a transformative change to the software assurance…
Series: CSIAC Webinars
CSIAC offers free webinars on a regular basis with experts in the technical subject areas of Cybersecurity, Software Engineering, Modeling & Simulation, and Knowledge Management/Information Sharing. This podcast series is all the webinars that have been recorded.
The DoD has outlined a Strategic Vision and goals for DoD Modeling and Simulation (M&S). One of the goals is to “Promote the sharing of tools, data, and information across the DoD Enterprise,” to enable reuse and interoperability of models, simulations, and associated data. Providing visibility into the Modeling & Simulation (M&S) resources across the…
Embedded devices are increasingly connected to network resources for additional functionality with the ultimate goal of greater mission capability. Recently, security of connected devices is being scrutinized with highly publicized vulnerabilities of various consumer devices. While several domains are starting to publish new guidelines for cybersecurity there is not a standardized risk assessment framework for…
This webinar covers the realities of the Enterprise Mission Assurance Support Service (eMASS): what works well, what does not work, and how to best make it work for you. The webinar discusses how to categorize your system, select applicable controls, and leverage eMASS to assist in this process. Two specific topics that are covered are how inheritance works in eMASS (and does not work) and the tricky business of uploading STIGs/CKLs (and the painful lessons associated with doing it the wrong way). For those attending who don't have eMASS access but will have systems being added to eMASS in the future, we discuss how to best prepare your system for import into eMASS. There are some tricks to the trade that will make life easier for everyone on the project!
This webinar highlights recent success in demonstrating substantial improvements in the accuracy under control-flow and data-oriented attacks in Linux, including malicious code reuse, security bypass, and service abuse. The webinar also describes exciting future research directions on hardware-assisted fast tracing, anomaly-detection as a service, supporting domain experts for inter-disciplinary anomaly discovery, and standardizing evaluation.
CryptoLocker is exploding and organizations large and small are being hit with ransomware attacks that hold their computers and networks hostage in exchange for ransom. Attacks have halted patient care and effectively stopped organizations in their tracks. Ransomware has been around for years, however, CryptoLocker attacks have risen sharply in recent months leaving organizations exposed and contemplating paying for their data. Join us for an in-depth look at ransomware and how you can avoid being the next target.
This webinar will describe Comply to Connect (C2C), an automated Network Access Control (NAC) solution that verifies that an endpoint is authorized and meets security requirements before allowing access to the network (i.e. improving mission assurance; increased SA/traffic awareness in JIE; & risk mitigation).
NIST SP 800-171 was revised in December 2016. The revision has produced new requirements, added clarifications, and created many discussion points. This webinar will explain the revision, the impacts it has on your organization, and how you can continue to implement its IA guidelines.
Incorporating security into the design of components used in the Internet of Things (IoT) is essential for securing the cyber-physical infrastructure upon which society depends. This webinar presents the challenges involved in securing IoT components and provides possible solutions by drawing inspiration from the past.
In this presentation, we present a novel approach to detection of bots on social networks in near real-time. Our approach comprises of computationally simple comparisons and calculations, as opposed to the all too common machine learning approach to this problem, or non-real-time approaches that involve network analysis which is both expensive and time-consuming.