WEBINAR
ATT&CK v17 Decoded: What IT & Security Teams Must Know
Exploits targeting hypervisors are at an all-time high. Enterprise virtualization is a prime target for threat groups due to valuable data and the challenges associated with preventing escape to host attacks. This has been validated with the recent ATT&CK v17 update, where MITRE introduced an entirely new matrix for ESXi. This revolutionary change brings to attention existing risks and possible compliance implications in security for many enterprises.
Gabe Dimeglio, CISO of Rimini Street, and Austin Gadient, CTO & Cofounder of Vali Cyber, will discuss MITRE’s logic for this change, looking closely at the threat landscape and in particular the 4 unique techniques MITRE noted for ESXi:
- T1675: ESXi Administration Control
- T1059.12: Command and Scripting Interpreter: Hypervisor CLI
- T1505.006: Server Software Component: vSphere Installation Bundles
- T1673: Virtual Machine Discovery
We will dive into what these techniques mean, featuring demos of real-world attack chains where the techniques were leveraged. You will learn about:
- The MITRE ATT&CK ESXi framework and its implications on risk and compliance
- Effective methods to protect against ransomware and exploits in hypervisors every IT & security team should consider
- Why runtime hypervisor security is now critical
Attendees will also receive an operational playbook with 3 tools that will enable you to quickly and efficiently reduce risk in your VMware environment.
Speakers
Gabe Dimeglio
Mr.Dimeglio serves as CISO, SVP & GM Rimini Protect™ and Rimini Watch™ solutions. In this role, he is responsible for providing strategic leadership and management of Rimini Street’s internal information security and compliance team and programs, the Rimini Protect client-facing security services and solutions, and the Rimini Watch observability solution.
Mr. Dimeglio is a skilled executive leader with over 25 years of experience in IT and security for private and public-sector organizations and expertise in strategic consulting services, risk analysis/risk mitigation, and compliance. A results-driven leader, he specializes in security strategy, services and solution development, management, and delivery for mission-critical, complex enterprise platforms.
Austin Gadient
As Vali Cyber’s co-founder and CTO, Austin developed ZeroLock. ZeroLock is the first Linux security product to deliver portability, performance, and efficacy in one easy-to-use system. Along the way, he extended ZeroLock to protect Linux-based hypervisors in addition to traditional bare-metal and cloud-based Linux systems. ZeroLock is currently the only ransomware protection solution available for hypervisors and excels at stopping the malware that plagues these systems in its tracks. Today, ZeroLock is deployed at DoD organizations, SMBs, and Fortune 500s. It has competed against industry leaders and won time and time again.