The increase in data volume due to the promotion of DX and the spread of cloud usage have made it difficult to manage and protect data, while the risk of data leaks, such as internal fraud and information leaks from cloud services, continues to increase. A new approach to data protection called DSPM (data security posture management) is attracting increasing attention. Unstructured data (Office files, emails, etc.) accounts for more than 80% of all corporate data. Classify the huge number of files scattered within the company (e.g. contracts/invoices/estimates, etc.) or search for necessary information from among them (e.g. extract all files that include a specific employee name) ) has been extremely difficult in the past, but DSPM solutions have appeared that can easily achieve this using generative AI. In this seminar, we will explain the necessity of DSPM using actual incident examples. We will also provide a demonstration of ``automatic classification of unstructured data using AI technology'' using our DSPM product Data X-Ray.

Email delivery has now become an indispensable tool for business operations. However, according to Google's new requirements, if the email does not support DMARC authentication, it may be classified as spam or rejected. Additionally, if you handle the issue in-house, it may take a lot of man-hours to handle the issue, and you may not be able to make good progress.
DMARC implementation support services are attracting attention to address this issue. In this seminar, we will introduce implementation steps and best practices to easily support DMARC authentication.

Recently, there has been an increase in cases of public cloud (AWS, Azure, GCP) breaches, and in particular problems with "excessive privileges" and inadequate privilege management such as "Shadow Admin" have become a problem.
Achieving least privilege is the basic idea of zero trust, and achieving least privilege is also required as a security measure in public clouds.
However, as public clouds have a wide variety of services and privileges, it is extremely difficult to properly manage and visualize them, and the current issue is that privilege management inevitably becomes complicated.
In this seminar, we will introduce CIEM, a solution for achieving least privilege in public clouds, and "CEM", a CIEM product provided by CyberArk.

In recent years, many business applications have become web applications, and an increasing number of companies are conducting most of their daily business operations on a browser basis.
On the other hand, the challenge is that even though most employees use browsers, they are not as secure as companies would like.
In this session, we will talk about the “Enterprise Browser,” a web browser that has been rebuilt for companies that are currently attracting attention.
We will introduce issues and solutions that could not be addressed with conventional security solutions.
We will also explain the differences between the latest technology "Enterprise Browser" and the widely used "Secure Browser".
Please come and join us.

With advances in AI, services such as ChatGPT are gaining traction. This seminar will focus on the risk of information leakage when using ChatGPT for business, and will introduce an approach using enterprise browsers, a new security product, including application methods that cannot be handled by conventional information leakage prevention solutions. I will explain.

Despite being the most widely used "web browser", it is not designed for enterprise use. With the recent changes in the environment, solutions surrounding browsers have issues such as cost, system complexity, and decreased productivity. In this lecture, we will explain how the "Enterprise Browser" provided by Island, a company that has become a unicorn with a valuation of over $1.3 billion in two years after its founding, can be used to improve security, governance, and productivity.

Nowadays, remote work has become commonplace, and a VPN is essential to ensure communication security. However, information leaks are increasing due to attacks that exploit VPN vulnerabilities and failure to apply the latest security patches. ZTNA is attracting attention as a way to address this issue. In this seminar, we will introduce implementation steps and best practices for achieving secure network access, from the basics of ZTNA to advanced applications.

Today's cyberattacks penetrate deep into corporate networks through a variety of entry points and routes. SIEM is once again in the spotlight as a countermeasure. However, many companies have not been able to successfully operate the system after it has been introduced, and many companies continue to use the logs that were obtained at the time of introduction and only check the logs in the event of an emergency. One reason for this is the lack of security experts who are essential for monitoring, analyzing, and responding to incidents. In this video, we will introduce a method called "Managed SIEM" that improves the sophistication of SIEM operations and solves the problem of human resource shortage. If you are worried about SIEM operations, are considering introducing SIEM in the future, or are considering outsourcing SOC operations, please take a look at this opportunity.

SMS boasts a high contact rate as a communication tool from companies to customers, but ``SMS phishing scams'' that disguise as legitimate companies or public institutions and guide users to install fake websites or fraudulent apps that look just like the real thing are rampant. It has become a social problem. In this video, we will thoroughly explain the background of why SMS is used for phishing scams, the latest trends in phishing scams, and the countermeasures companies should take, with a professional smishing analyst.

Over the course of four days, we will introduce the implementation methods and general implementation steps/roadmap for each category, based on the five components/categories that make a Zero Trust network a reality. We will also introduce the latest solution trends and future trends that we are currently investigating. [1. Identity “Where do I start? Key points for introducing “ID security” that can be understood from the overall picture! ～Future-oriented ID security that is necessary in the cloud era～] [2. Devices “The necessity of cyber hygiene and the forefront of IT asset management trends - Real solutions for failure-free asset management in the zero-trace era”] [ 3. Network “The forefront of SASE evolving as a “network” solution - What a corporate network should be when considering the future use of SASE”] [4. Data “The forefront of data protection to detect and prevent information leaks” From DLP implementation techniques to the latest DSPM''] [5. Workload ``The latest micro-segmentation implementation techniques ~ Ransomware countermeasures move from detection to containment'']

As the importance of zero trust increases, I believe there is a shift towards SASE environments, including solutions such as SWG and ZTNA. However, the existence of web-based threats that can bypass these measures has also been confirmed, and caution is required even in SASE environments. In this video, we will introduce web-based threats that you should be aware of even in SASE environments, MenloSecurity's "isolation" which is an effective countermeasure against these threats, and specific methods for linking MenloSecurity with existing SASE solutions.

The pharmaceutical and beauty industries are highly conscious of compliance and require strict document management. We bring you the real voices of companies that have responded to this industry-specific custom with the cloud services "Box" and "mail2CLOUD."
This is a must-listen for anyone who wants to know about secure document management, including eliminating PPAP, regardless of industry.

When we look at the initial intrusion routes in recent cyberattacks, we find that vulnerabilities in externally exposed assets are often targeted. The importance of IT asset management is increasing, and the Ministry of Economy, Trade and Industry has published "ASM (External Attack Surface Management) Implementation Guidelines," and Gartner has introduced a new concept for preparing for security risks, "CTEM (Continuous Threat Exposure Management)." proposed. CTEM is the idea of continuously taking inventory of digital assets from an attacker's perspective and managing and evaluating risks.

In this video, we will explain the trends in security threats surrounding the Japanese market, as well as the outline and necessity of ASM and CTEM. We will also introduce the usefulness of ULTRE RED in the Japanese financial industry along with implementation examples.

690,000 items. This is the number of phishing emails reported in the first half of this year. Additionally, the number of cases in which a company's brand name is used in phishing emails exceeds 80 per month. Phishing emails are becoming more and more sophisticated these days, and business email compromise (BEC), which impersonates companies or individuals, continues to grow. To prevent emails like this that impersonate your company, it is essential to support DMARC. Measures against DMARC will accelerate in 2023. “The Ministry of Economy, Trade and Industry requests credit card companies to implement DMARC measures (deadline for compliance: January 2024)” “DMARC compliance has been incorporated into unified government standards (deadline for compliance: July 2024)” “Compliance with major semiconductor manufacturers DMARC measures added to transaction conditions (deadline for compliance: in 2023)" ``Google and Yahoo will be required to implement DMARC by February 2024 (deadline for compliance: early 2024)'' This seminar will be held at the National Police Academy. Mr. Yukimi Masuda, Japan Proofpoint Chief Evangelist who also serves as a lecturer, will provide a thorough explanation of DMARC compliance and introduce our operational support for setting DMARC to reject.

Emotet was considered the most prevalent threat around 2019. Emotet often uses email as a delivery method for attacks, typically impersonating customers or business partners and feigning replies to induce access to malicious attachments or URL links. In this video, we will introduce Menlo Security's email security feature that utilizes isolation technology as a countermeasure against Emotet that does not rely on user education.

Although generative AI can be expected to have effects such as improving work efficiency, there are security risks such as input of confidential information by employees and information leaks. In this video, we will introduce information leakage countermeasures using Menlo Security to safely use generative AI.

With the rapid spread of cloud services, security measures for cloud access are becoming increasingly important. In this seminar, we will introduce CASB best practices and implementation steps to minimize the risks of cloud usage, from the basics to advanced applications.

Recent phishing attacks are said to be more difficult to counter than before, as attacks have become more sophisticated and methods have become more diverse. Furthermore, the cost of suffering damage from an attack is said to be highest if the initial route is phishing, and countermeasures are considered to be more important than before.
In this video, we will explain trends and attack methods in phishing attacks, and introduce Menlo Security's phishing attack prevention function that utilizes isolation technology.

The guideline "NIST SP800-171" published by the U.S. National Institute of Standards and Technology is one of the guidelines that has become most important in the Japanese market in recent years. NIST SP800-171 is a guideline that covers a very wide range of countermeasures, so we believe that there are many areas that tend to be blind spots in terms of countermeasures. Among these, this time we will focus on the firmware built into all IT devices such as PCs, servers, and network devices, and introduce countermeasures that comply with NIST SP800-171. In recent years, security threats to firmware, the layer below the OS, have been increasing, and this is an area that tends to become a blind spot. In this seminar, we will introduce the latest threat information and countermeasures regarding firmware based on NIST SP800-171.

Although you have created a configuration that includes high-performance, high-priced security products to achieve Zero Trust, do you still face the following issues? ``The overall cost has increased significantly and we are having difficulty securing the budget.'' ``There are so many GUI screens that it is difficult to manage them all due to the amount of man-hours.'' ``The operations are very advanced, so we are having trouble securing the budget. "We don't have the personnel who can use it properly" "Management is very troublesome as contracts and agencies are divided into multiple agencies" This video covers the differences between multi-vendors and single-vendors that should be considered in the zero trust era, and examples of companies that recommend single-vendors. We would like to introduce you to

Internet separation has been introduced by many companies mainly as a countermeasure against web-based threats, and its introduction is recommended in various industry guidelines. However, among the multiple separation methods, the conventional separation method has many problems in terms of operability and safety. In this video, we will explain how isolation can solve the problem of Internet isolation, and introduce Menlo Security, an isolation product with the No. 1 share in the Internet isolation market.

Recently, there have been a series of cases in which attack methods are used to target vulnerable systems facing the Internet. In particular, assets (servers, VPN devices, etc.) of overseas bases and group companies, etc., which tend to be understaffed, are often targeted, and vulnerabilities are compromised, critical incidents occur, and extensive damage is caused. Enterprises are booming.

As an effective measure to prevent such serious security damage, in addition to "Attack Surface Management" that grasps company assets that have been disclosed to the outside, CTEM (Continuous Surface Management), a method for continuous monitoring and management, is available. The concept of Threat Exposure Management is very important. In this video, we will introduce the necessity and method.

Introducing a data breach case where a third-party vendor's software development repository was compromised using Nissan's customer data, and the countermeasures.

GIFShell exploits information using a remote control method called "reverse shell". Learn more about vulnerabilities and how to protect against them.

In recent years, breaches via servers exposed to the outside world account for 60-70% of serious incidents in Japan and overseas. For this reason, it has become extremely important to thoroughly understand and appropriately manage servers exposed to the outside world, including those at overseas offices and subsidiaries related to your company, using Attack Surface Management (ASM). On the other hand, many people may feel that there are limits to being able to fully understand and manage servers related to their company that are exposed to the outside world on their own. Also, even if you want to utilize a solution, there may be people who are worried about which one to choose from among the many ASM solutions available in the world. In this session, we at Macnica, which has accumulated knowledge through handling multiple products and in-house developed services related to ASM, will discuss the issues and trends in tackling ASM that we have learned through conversations with various global companies. Let me introduce you. In addition, while comparing these, we will also introduce the key points for selecting a solution that we know from Macnica, which handles multiple solutions, along with the characteristics of each solution.

The threat of internal improprieties by employees is increasing due to changes in the social environment such as the recent establishment of remote work and the increase in the number of people changing jobs. Instead of responding based on the conventional theory of "good nature," it is now necessary to take countermeasures as a high risk, just like cyberattacks from the outside. In this session, from the standpoint of supporting the introduction and operation of solutions for companies working on internal impropriety countermeasures, we will discuss what kind of efforts are being made, including the introduction of solutions, and what kind of common problems employees who have illegally taken out information have. I will explain if there was any behavior. If you are a company that wants to strengthen internal impropriety countermeasures, or if you want to consider countermeasures but don't know how, please watch this video.

As the number of companies using SaaS is increasing and important data is being gathered in SaaS, there are more cases of information leaks from SaaS due to unauthorized use by users and inadequate settings. In the background, there are multiple issues in terms of SaaS operation and security. In this session, we will present current issues and assumed risks in SaaS operation, and introduce countermeasures. We hope that it will serve as a reference for strengthening SaaS security governance.

Strengthening network security and creating a comfortable communication environment through the introduction of SASE has become an important issue for global companies to consider. However, the reality is that there are many challenges in implementing it.
In this seminar, we will introduce the points that global companies should keep in mind before introducing SASE and the experiences that they actually had a hard time with. In particular, the background of recent SASE considerations, points to note at the planning stage before introducing SASE, examination of cost effectiveness, communication with group companies and overseas bases, import/export issues after introduction, creation of operational systems, etc. , we will focus on the actual situation that should be considered in advance in each phase.
We hope that this seminar will help you grasp the key to success in introducing SASE.

As the ID environment becomes more complex, the operational load increases, and the need for centralized management increases, an increasing number of companies are considering the introduction of ID-related solutions such as IAM/IGA/PAM.
However, because the scope of its introduction is wide and there are many departments involved, you may find it difficult to construct an overall picture of the ID environment that is optimal for your company. In addition, there are many cases where solutions to various ID-related issues are considered individually, and the effectiveness of each solution is not maximized.
In this session, we will explain Macnica 's overall view of ID management, the role of each ID-related solution such as IAM/IGA/PAM, and the effects of using it in combination with a technical perspective.

An increasing number of companies are starting with the introduction of IDaaS toward Zero Trust. In fact, by advancing IDaaS in advance, it is said that there are many benefits such as improving security and being able to smoothly introduce and deploy subsequent solutions.
On the other hand, when considering the introduction of IDaaS, it is necessary to take into consideration the company's IT environment, especially the current ID environment and the future ID management operation required in the cloud era. If you start without an inventory of the current situation and future prospects in advance, there are some cases where the introduction project takes longer than expected, or the introduction itself fails.
In this session, we will introduce the actual situation of the increasingly complex ID environment and the points and issues that should be focused on first when considering the introduction based on use cases.

Zero trust security is currently being adopted by many companies, but don't you think it has nothing to do with your company? In particular, many companies have the misconception that zero trust is premature because the network is centered on a closed network that has not yet actively used the cloud and has not promoted telework. In this session, we will introduce various misunderstandings of Japanese companies related to such zero trust, and present the latest solutions and prescriptions for them. If you think that zero trust is not relevant to your company yet, please join us.

These days, news about cyber crimes and personal information leaks that occur on the Web are flying around almost every day. For example, there was a time when a phishing method that attempted to break through multi-factor authentication and infiltrate a company's SaaS became a hot topic. There must be many people in charge of information systems who felt uneasy.
In this session, we will take up several web cybercrime cases that occurred in FY2022, including phishing and payment application tampering, and look back on them from a technical perspective in an easy-to-understand manner. In addition, the latest trends and mechanisms of countermeasure technologies will be introduced with demonstrations.
It is a must-see for those who have troubles such as "I can't update threat trends and technical information because I'm busy with my daily work"! Let's think together about what we can do to protect important information regardless of B2E or B2C!

In recent years, the amount of data tends to increase explosively due to the sophistication of services and the increase in scale of systems. In addition, with the advent of DBaaS, there are more than a few companies whose data exists in a hybrid environment of on-premises and cloud, making management more complicated. In this session, we will introduce Imperva product solutions along with the latest trend of data security "data centric security" framework to manage this complicated data.

In recent years, the amount of data tends to increase explosively due to the sophistication of services and the increase in scale of systems. In addition, with the advent of DBaaS, there are more than a few companies whose data exists in a hybrid environment of on-premises and cloud, making management more complicated. In this session, we will introduce Imperva product solutions along with the latest trend of data security "data centric security" framework to manage this complicated data.

In recent years, the amount of data tends to increase explosively due to the sophistication of services and the increase in scale of systems. In addition, with the advent of DBaaS, there are more than a few companies whose data exists in a hybrid environment of on-premises and cloud, making management more complicated. In this session, we will introduce Imperva product solutions along with the latest trend of data security "data centric security" framework to manage this complicated data.

In this video, I will explain how to protect and manage privileged accounts, which are said to be involved in 80% of information leaks, mainly in the cloud.

It's been a long time since the keywords "cloud" and "telework" have been in demand, but privileged ID management products are still on-premises, and I think there are many customers who place them in-house and use them internally. CyberArk PAS, a privileged ID management product provided by CyberArk, provides a platform for privileged ID management and a tool for remotely using it in the cloud. For work using privileged IDs, which was conventionally used from within the company, there is a need to carry out work remotely safely and securely in case the building becomes off-limits during the COVID-19 pandemic. I'm here. In this seminar, we will introduce the cloud-based privileged ID management platform "PCloud" and the cloud-based privileged ID remote access platform "ALERO" that can be used remotely.

In this seminar, we will report on the latest trends in network intrusion attack methods. In addition, we will report in detail actual examples of cyberattacks in Japan and overseas, and how these attacks could have been prevented by proper management of administrator privileges, that is, privileged ID management (privileged access management). I will.

Countermeasures that detect and deal with internal improprieties after they occur will not be a fundamental solution. Instead of dealing with fraud after it occurs, we will catch signs as soon as possible and explain in an easy-to-understand manner about measures to prevent fraud, from partial measures according to risk to comprehensive measures.

With the spread of DX and remote work, the use of the cloud by companies is increasing, and the news of information leakage from the cloud is also increasing regardless of IaaS/PaaS/SaaS. "Cloud security" is important to protect assets on the cloud from information leaks and other threats. However, the scope of its application is wide and complicated, so it seems that the current situation is that it is difficult to grasp the whole picture of cloud security. In this session, we will introduce the risks in using and managing the cloud, and explain in an easy-to-understand manner the overall picture of cloud security and what countermeasures are available.

“Zero Trust” has gone from being a buzzword to a well-established security mindset.
On the other hand, although he started running toward the implementation of "Zero Trust", he said that he didn't know what to actually do at his company and how to organize it, while many vendors were selling zero trust solutions. I listen to your voice. Thorough explanation of such issues divided into 4 categories! You can watch only one category that you are interested in.
1.ID
Thorough explanation of ID environment management using products in the three areas of IAM/IGA/PAM
2. SASE/SSE edition
Thorough explanation of the points when selecting SASE/SSE that meet your company's issues and requirements
3.Factory Security
In anticipation of the future realization of zero trust, a thorough explanation of the measures that should be prioritized now and how to implement them
4.XDR/SIEM edition
Thorough explanation of the basic concept and expected effects of XDR, and the positioning of SIEM in XDR

We will also explain the threat trends, what methods attackers use, and also explain the difference between "ITDR", which can be one of the solutions, and other security products such as EDR, IAM, and IGA. will be introduced.

We will technically explain points that are likely to be issues when introducing XDR products, detection capabilities and visibility when compared to security products alone, points of operation, necessary skills, etc.

Why is XDR, which is attracting the most attention in future security measures, necessary? What is the expected effect? After talking about these points, I will tell you about the XDR image that we are aiming to provide.

In this video, an introduction to WebAPI security! We will explain in detail the three things you need to know in order to use APIs in your business.

The scope to be protected by security is expanding in the increasingly complex IT environment, such as cloud computing and remote work. Advanced skills are required to grasp the full picture of attacks from multiple products, such as endpoints and networks, and to deal with them. In addition, it is necessary to respond to alerts issued by multiple security products on a daily basis, which is a problem for security personnel. We will explain the overview, components, and expected effects of the solution called XDR, which throws a hand in such a situation.

Many companies are working on zero trust, but in reality, there are some cases where the project is not progressing well. This time, I will touch on five specific cases where Zero Trust projects do not go well in Japanese companies, and mention the three points necessary for the project to succeed.
・[Five examples] Reasons why Zero Trust projects are at a standstill
・Three points for zero trust success

I think that many companies have introduced CAPTCHA for the purpose of preventing password list type attacks and unauthorized logins. Just as everyone has the experience of not being able to solve a CAPTCHA at once, it is said that introducing a CAPTCHA creates friction for customers and causes some users to leave. In recent years, the number of services that break through CAPTCHAs has been increasing year by year, creating a contradiction that attackers can easily solve.
In this video, we will use a demo to explain how attackers avoid CAPTCHAs.

In response to the diversification and complexity of IT environments, such as the introduction of remote work, migration to the cloud, and the realization of zero trust, security personnel need not only EDR, but also individual alerts from security countermeasure products such as NDR and UEBA. I think that they are worried about how to deal with it, how to gather people with enough skills to deal with it, and how to handle it. Regarding XDR, which is currently attracting attention as a solution to solve them, I will explain how alert response and incident response can be made more efficient and advanced, and what security operations will not change even if XDR is introduced. increase.

The ID environment is one of the most important aspects of creating an environment for zero trust, but what kind of environment is the best? We will introduce the concrete construction model.
・Background of demand for zero trust
・Three reasons why ID is important
・Can IDaaS cover everything? Notable "IGA" and "PAM"
・What are the benefits of considering and introducing the ideal form of ID management?

In this video, we will explain in detail the vulnerabilities and new threats faced by modern websites, an analysis of the attack methods of the attacker group "Magecart", and points to consider in protecting customer information.

I think that the opportunity to see the keyword "XDR" has increased a lot. However, we often hear from our customers that they are worried about where to start. In this session, we will first explain the definition of XDR and the steps that are easy to work on, divided into scenes. Among them, we will mainly introduce the approach to proceed from EDR of the endpoint part as a sensor and NDR of the network part when detecting and responding to multiple products and layers.

Thorough explanation of "specific cooperation" and "implementation procedure" of EDR / IDaaS / SASE / SSE configured in "best of breed type"!
・What is the 3-point defense that realizes zero trust?
・Characteristics and superiority of the solutions of the three companies
・ Image of implementation of three-company collaboration
・Demonstration of three-company collaboration

In this session, how are stolen credentials actually misused after being stolen by phishing? I will explain the actual situation.

Recently, poorly managed servers and network devices exposed to the outside have become a major cause of a rapid increase in security incidents both in Japan and overseas. It's not just your servers that are at risk. There have been many reports of security incidents that have a significant impact on the organization due to poorly managed overseas bases, subsidiaries, business partners, etc. While recognizing supply chain risks in cybersecurity, many people say that they don't know how to deal with them. Therefore, in this session, we will explain the importance of understanding assets exposed to the outside that may be misused and deal with them in advance, and introduce solutions and countermeasures.

Solution SASE (Secure Access Service Edge) attracting attention as the core of zero trust realizationHow can you select the best vendor for your company from among the more than 10 SASE vendors? In this session, we will discuss five points of focus and points when selecting the best SASE vendor: (1) Differences between SASE and SSE, (2) Five core functions, (3) Differences between integrated and acquired types, (4) External collaboration, and (5) Partners. I will explain to If you are reviewing on-premises gateway devices such as existing routers/FW/VPN/proxies and are actually considering implementing SASE, or are gathering information, please join us.

With each passing day, the expectations placed on security personnel grow, as do their responsibilities. Despite this, many companies may feel uneasy about continuing to operate without the necessary skill sets and business design being ambiguous. In this session, we will focus on the "analysis" work, which is the key to flexibly responding to various incidents. We will provide hints for taking a step forward, such as an example of analysis work that is currently being performed.

I believe that many companies are considering introducing IDaaS in order to realize zero trust and improve the cloud usage environment. On the other hand, even if it is called IDaaS, the functions, security, applicable applications, etc. differ greatly depending on the product, so there are some points to note when selecting the IDaaS that is suitable for your company. In this session, we will make use of our experience in handling federation products since 2012. ?” and other criteria for selecting IDaaS.

I think there are many people who imagine ID = IDaaS in Zero Trust. Enabling access "for the right people, resources, at the right time, and for the right reasons" is essential, but essential, requires a comprehensive understanding of identity in general. In this session, we will explain the issues related to ID, which is the key to realizing Zero Trust, the division of ID-related solutions, and how ID governance (IGA) can solve these issues. We will introduce how to reduce the operational burden and achieve a higher level of security by visualizing the IDs that exist on a complex and wide-ranging corporate system, understanding risks, and automating the granting of minimum access rights.

As each company promotes DX in the work environment, "Zero Trust", a security concept that matches the new work style, is attracting attention. One of the most important elements for achieving Zero Trust is IDaaS, which enforces user authentication whenever accessing any information. In this session, we will explain IDaaS selection points for realizing zero trust.

In recent years, instead of directly attacking companies with strong security measures, there have been many cases of damage, such as first targeting business partners with weak security, and then using the business partners as a foothold to attack the original target companies. increase. Are you having trouble with this? We want to comprehensively visualize our company/group companies, supply chains and vendors
・I want to conduct a security risk survey of the acquired company in advance from a third-party perspective
・ Those who want to improve the efficiency of auditing their own company / other companies
・It is difficult to share the status of security measures of the company with management.
・I want to quantitatively plan security measures for management
All of the above issues can be addressed with a single solution.

PPAP is an abbreviation that refers to a security measure when sending and receiving files via email, which has been practiced by the government and many Japanese companies since around 2011. Recently, an increasing number of companies have been discontinuing PPAP as many problems have been highlighted, such as the risk of e-mail interception and the inability to check for viruses. Macnica offers a solution that enables users to "escape from PPAP" by combining cloud storage "Box" and mxHero's "mail2Cloud" without changing any user operations. This video provides an overview of "mail2Cloud", introduces the actual demo screen, and explains the details of the installation procedure. This is a must-see video for those considering “coming off of PPAP”!

We will introduce the reasons why factory security has been attracting attention in recent years with specific examples.

Recently, there are many people who feel that there are more opportunities to see security incidents related to ransomware damage and information leaks at various companies. The background to this is that servers (especially RDP) and network devices (especially VPN) that are open to the public and have insufficient management and vulnerability countermeasures at their own company, subsidiaries, and overseas bases, etc. There are situations where it is being exploited as a fourth intrusion vector to follow. In March of this year, we were damaged by a major company's supply chain VPN infringement, which led to a serious situation of a large-scale stoppage of the factory line. In this video, we will explain in an easy-to-understand manner the background of the recent surge in incidents and the techniques used by attackers. On top of that, as the first step in the measures that each company should implement now, a solution that identifies and visualizes external public assets and stray servers that are not understood by administrators, including overseas bases and subsidiaries related to their company. I would like to introduce you to
If you feel a sense of danger from attacks that exploit VPNs, including ransomware, please watch this video.

A thorough explanation of the vision and future vision of leaders in each field (EDR, IDaaS, SSE) of the "best of breed type", as well as "specific cooperation" and "implementation procedures"! In Part 1, we will talk about three themes: "What is the three-point defense that realizes zero trust?", "Features and superiority of the solutions of the three companies", and "Image of the actual situation of the three-company collaboration".

In implementing data security measures, it is important to understand the risks in the system and identify issues. We will introduce a solution that can realize the most important elements of data security: detection, protection, and control of sensitive data including card information.

In recent years, measures to strengthen security at endpoints such as "EDR" have been attracting attention. When introducing endpoint security products, not only simple introduction costs such as product and maintenance costs, but also operational costs such as verification and training are required. In addition, it is not uncommon for different departments to have different installed products, and as the number of objects to be managed increases, the cost will increase as the number of new endpoint security functions increases. In this seminar, we discussed the theme of "What is the best investment for endpoint security?" We will introduce Tanium, a solution that maximizes the return on investment, along with use cases.

In this video, you can see how Splunk IT Service Intelligence can be used to improve the efficiency of everything from system operation monitoring to failure cause identification, and how to improve the efficiency of IT operations, such as predictive detection using machine learning. to introduce.

In this video, we will demonstrate how to find failures and identify their causes using Splunk IT Service Intelligence (Splunk ITSI).

In recent years, due to the diversification of cyber attacks and the progress of ICT and DX, medical institutions are also calling for the importance of ``strengthening cyber security measures''. One example of this incident is Handa Hospital, Tsurugi Town, Tokushima Prefecture, which was hit by ransomware but responded quickly. Dr. Yasushi Sudo, a hospital business manager who oversaw the response and countermeasures for ransomware infection damage, will share his "experience" and key points of cyber countermeasures from the perspective of the victims. In addition, Macnica will share with you the basics of cybersecurity measures that medical institutions considering implementing security measures should know. *This video is information as of September 22, 2022.

We will explain how Exabeam can eliminate a large number of alerts and efficiently implement security operations (alert handling and situational awareness).

Since 2019, vulnerabilities in critical operating systems such as SSL-VPN devices have been reported one after another. This makes it extremely easy for attackers to invade by bypassing perimeter-based multi-layered defenses and monitoring, which had been considered difficult until now, so they launch attacks that exploit OS vulnerabilities. Now In addition, attackers are beginning to turn their attention to "vulnerabilities in layers lower than the OS (firmware vulnerabilities)," which have not been addressed until now. In this video, a new genre of security measures called Vulnerabilities Below the Operating System (VBOS) is gaining attention as a security solution for vulnerabilities that exist in layers lower than the OS. I will explain the company's products and features.

In this seminar, we will report on the latest trends in network intrusion attack methods. In addition, we will report in detail actual examples of cyberattacks in Japan and overseas, and how these attacks could have been prevented by proper management of administrator privileges, that is, privileged ID management (privileged access management). I will.

We introduce the advantages of Netskope, which is a leader in SSE (Security Service Edge), and the best-of-breed Zero Trust collaboration centered on this product from a Macnica perspective.

In this video, we will demonstrate a predictive analysis method using machine learning from Splunk IT Service Intelligence (Splunk ITSI).

We will introduce Yoshinoya's digital strategy in the EC area and an overview of chargeback countermeasures as a security measure.

"Phishing emails" aimed at stealing authentication information by impersonating a certain person or brand are mainly attacks using URLs. I know there are a lot of things. In this video, we analyze recent trends based on statistical information and actual damage cases related to phishing emails, and introduce countermeasure solutions.

Using a demo, we will explain how Exabeam can detect internal improprieties of employees at an early stage and conduct prompt investigations.

It's been a long time since the keywords "cloud" and "telework" have been in demand, but privileged ID management products are still on-premises, and I think there are many customers who place them in-house and use them internally. CyberArk PAS, a privileged ID management product provided by CyberArk, provides a platform for privileged ID management and a tool for remotely using it in the cloud. For work using privileged IDs, which was conventionally used from within the company, there is a need to carry out work remotely safely and securely in case the building becomes off-limits during the COVID-19 pandemic. I'm here. In this seminar, we will introduce the cloud-based privileged ID management platform "PCloud" and the cloud-based privileged ID remote access platform "ALERO" that can be used remotely.

We will introduce Splunk Phantom, a SOAR (Security Orchestration Automation and Response) product that automates security operations, with use cases and demonstrations. By automatically executing investigations, judgments, and countermeasures against detected events, it is possible to greatly reduce the number of man-hours required for a series of operations from threat detection to countermeasures.

Most cyber crimes are said to start with emails. Although companies have introduced e-mail security products and taken countermeasures, the current situation is that attackers are also trying to infiltrate using all possible means. In particular, the malware "Emotet", which has been wreaking havoc recently, constantly changes its modus operandi and forms, and continues to evolve to evade security measures. As a result, many companies rely on the IT literacy of their employees, falling into an extremely individualized state. This video explains the effectiveness of "FireEye Email Security Cloud Edition" against the latest threats based on specific detection information. If you are worried about the latest email threats such as Emotet, or if you are worried about what specific measures you should take, please take a look at this video.

働き方改革やCOVID-19の先行きが見えない中、リモートワークを推進する企業が増えております。リモートワーカーのリスク管理として内部不正対策が注目されております。このセミナーでは内部不正対策のリーディングカンパーであるExabeamを活用した事例やデモをご紹介させていただきます。

In this video, I will explain how to protect and manage privileged accounts, which are said to be involved in 80% of information leaks, mainly in the cloud.

In this video, we focus on three trends: (1) the sophistication and diversification of attackers' methods, (2) new security risks associated with remote work becoming the norm, and (3) new security risks associated with the use of SaaS and IaaS. We will explain each design element with examples of actual incidents and specific examples of detection rule design for the "ideal form of SIEM" to deal with these.

The burden on the security operation site tends to increase in response to recent sophisticated and diversified cyber attacks, and we are searching for the optimal operation method for our company on a daily basis. In this session, we will explain a series of operation flow from detection to response using SIEM and SOAR based on the issues in security operation obtained from our own research.

The NTTDATA Group has introduced "Exabeam" to its bases in 51 countries and regions around the world. UEBA strengthens defense against cyberattacks and improves security governance! We will introduce the experience up to the introduction of Exabeam in the video.

This video introduces a demonstration of Macnica original Smart Security Monitoring App (SSMA). SSMA is a SIEM App for Splunk Enterprise designed and developed based on the concept of ``providing sufficient functionality for modern corporate security.''

Many cyber crimes are said to start with emails. Although companies have introduced email security products and are taking countermeasures, attackers are still trying to infiltrate their systems using all sorts of means. In particular, the number of companies using Office365 has increased significantly, and simultaneous attacks are being carried out against multiple targets.

This video introduces a demonstration of Macnica original Smart Security Monitoring App (SSMA). SSMA is a SIEM App for Splunk Enterprise designed and developed based on the concept of ``providing sufficient functionality for modern corporate security.''

While it is said that there is a shortage of IT human resources, it is necessary to consider the expertise, skills, and security required of security personnel, such as incident response to respond to increasingly sophisticated attacks and security countermeasure planning suitable for work style reform measures. The scope is expanding. We will use a framework to visualize whether the daily work and operations performed by the person in charge are the security operations that are currently required, and explain the direction of how to address the shortfalls.

Damage caused by fraudulent use of credit cards in Japan is increasing year by year, and most of them occur at EC member stores. In this video, we will introduce the actual situation of online fraud and "Sift", a fraud prevention product. Sift utilizes user attributes, behavior, and delivery destination information that can be obtained by merchants on EC sites, and uses machine learning to identify whether the counterparty is trustworthy. It is recommended for those who have problems such as "I am a victim of fraud", "I am worried about measures against fraudulent use of credit card payments", and "I feel inconvenient about measures against fraudulent use so far".

Cyber threats have become extremely sophisticated, increasing the burden and responsibility of security operators. In addition, the shortage of security engineers and IT personnel and the lack of skills are becoming more serious. SOAR (Security Orchestration, Automation and Response) is expected to be a technology that can solve this problem from the perspective of "improving operational efficiency." However, in order to utilize it, it is important to set goals for introduction and make appropriate preparations. In this session, we will explain the issues and expected effects in introducing SOAR.

A demonstration explains the technical elements of Sift and online fraud countermeasures using Sift.

Now that the shortage of security personnel is becoming more serious, external and internal threats are still increasing, and more advanced security operations are required with a limited number of people. Under such circumstances, we organized points such as the issues required in the security operation site, the adverse effects of such issues, and the functions required for future security operations, and by utilizing SOAR products provided by FireEye, I will explain how we can make operations more efficient.

Various fraud detection tools exist to deal with online fraud such as chargebacks and account takeovers, which are rapidly increasing. In this video, I will explain the difference between the two detection methods, "rule-based" and "machine learning." If you are considering introducing a fraud detection tool or have already introduced it, but you can't feel the effect, please refer to it.

SOAR (Security Orchestration, Automation and Response) is expected to be a technology that solves problems from the perspective of "improving operational efficiency." However, in order to utilize it, it is important to set goals for introduction and make appropriate preparations. In this session, we will explain the issues and expected effects in introducing SOAR.

Lecture for business operators who have concerns about countermeasures against unauthorized use of EC sites, such as "I want to take highly accurate countermeasures against fraud", "I don't know the best countermeasures for my company because there are too many countermeasures", and "I want to reduce the number of man-hours required for operation". is. * October 20, 2021 (Wednesday) sponsored by Nihon Keizai Shimbun "Realization of safe e-commerce by utilizing fraud detection system"

*Webinar archived on March 18, 2022. While there are complex threats that cannot be prevented by conventional measures, such as account hijacking and unauthorized use, appropriate security measures to protect users are essential in order to gain the trust of users and expand business. . In this video, the person in charge of PSIRT freee K.K well-known for its cloud accounting services, took the podium and experienced their company's security measures, a detection rate that was about 100 times higher than before, and a reduction of about 90% in operation man-hours. We introduce the latest countermeasures.

Telework in companies, which started in the wake of the new coronavirus, is being questioned as to how to deal with unique cybersecurity risks and how to respond to incidents. On the other hand, if there are no specific examples of cyberattacks and security incidents that have occurred, many people may be wondering how to address security measures for telework. In this seminar, we will explain the cyberattack "Bottle Expolit Kit" that actually attacked the telework environment of a certain company, and introduce the countermeasures actually taken. This is an actual example where an employee of a certain company was attacked because he was connected to the Internet outside the company without going through the internal network, so there was no perimeter defense such as a proxy or Box, and he directly accessed the website. Regarding countermeasures, we will introduce the countermeasures taken by a certain company for CrowdStrike Falcon in chronological order.

The coronavirus (COVID-19) has forced many companies to change the way they work. This sudden change has presented some difficulties to those who manage corporate systems. Also, looking a little further into the future, I think many companies will use this change as an opportunity to take the helm of digital transformation (DX) rather than returning to the conventional way of working after the chaos settles down. ? In this session, we will explain "Zero Trust" that supports DX and the importance of endpoints in Zero Trust.

Due to the coronavirus (COVID-19), many companies have been forced to change the way they work, and this sudden change has presented some difficulties to those who manage corporate systems. Looking a little further into the future, I suspect that many companies will use this change as an opportunity to implement new security measures, rather than returning to their conventional ways of working after the chaos subsides. In this session, we will organize the points required in the changes in security, and explain the importance of endpoint security and corresponding solutions in realizing zero trust in the new normal era. Those who are considering security measures with keywords such as "telework" and "zero trust", and those who are considering strengthening security for endpoints such as "EDR", "NGAV", and "internal threats". , Please take this opportunity to listen.

The term “EDR” is a word that is often heard these days. However, while actually considering EDR, don't you have questions such as what is different from "anti-virus products" and "Isn't it difficult to analyze alerts when introducing EDR?" In this seminar, we will once again explain "Why is EDR necessary now?" and "From what point of view should EDR be selected?" Please take this opportunity to listen!