The Human Firewall: Building Resilience Against Cyber Deception

The Human Firewall: Building Resilience Against Cyber Deception

Technology will remain one of our biggest security weaknesses; however, today most cyberattacks have a social engineering component, where threat actors target people as the most vulnerable part of the system. As cybersecurity professionals, we are tasked with training our personnel to avoid both simple and complex mistakes while still doing their jobs, delivering good customer experiences, and keeping business running.

 

In recent years, threat actors have dissected business processes to find hidden vulnerabilities, leveraged AI to craft highly realistic scams, exploited employee trust, and even infiltrated corporate ranks from within.

 

This talk will explore the latest techniques for detecting and preventing breaches at the human level, highlight practical approaches to security training, and discuss how we must adapt our business practices to operate under the constant assault on our social systems and trust, well beyond the realm of technology.

 

Takeaways:

- Technology isn’t the weakest link, people are.

- Training must be practical, not theoretical.

- Threat actors evolve, so should we.

- Security is a business function, not just IT.

Alex Holden | 10, 07 2025 | 59 min
Podívejte se na webinář
Threat Actor Psychology: Using Social Engineering and Other Jedi Tricks - Part 2

Threat Actor Psychology: Using Social Engineering and Other Jedi Tricks - Part 2

Forget textbook phishing templates and generic vishing scripts. This is a continuation of the talk that continues a deep dive into the psychology, culture, and behavior of real-world threat actors and shows how we turn their own tactics against them. We’ve been successfully using social engineering techniques against cyber threat actors for decades, and in this presentation, I’ll share some of the key techniques and approaches that have made this possible.

Alex Holden | 10, 03 2025 | 31 min
Deriving ROI from monitoring the Dark Web

Deriving ROI from monitoring the Dark Web

Is it enough to be preoccupied with monitoring the perimeter and fending off attacks against our systems? No! This focus overlooks the root cause of these attacks originating from the Dark Web. It's crucial to extend our vigilance beyond our own organization and encompass our supply chain and cloud by gaining visibility into the Dark Web.

 

While breaches and leaks are inevitable, a swift response and effective remediation can save your organization from a disastrous breach. By keeping a watchful eye on the Dark Web, we can enhance our organization's security and the overall effectiveness of our security program.

 

Learning Objectives:

- Discover the advantages of proactive monitoring of the Dark Web

- Learn how adjusting your defenses to the Dark Web threats can improve -your overall threat landscape

- Learn how to use threat intelligence to prevent losses

- Learn to act on actionable threats, defending corporate data and reputation

Alex Holden | 10, 02 2025 | 59 min
CTI Teams That Win: Skills, Structure, and Strategy

CTI Teams That Win: Skills, Structure, and Strategy

Building an effective Cyber Threat Intelligence (CTI) program is rarely straightforward. From shifting threat landscapes to internal maturity challenges, even experienced teams can struggle to get it right.

 

In this session, we’ll explore the good: what works and why, the bad: common pitfalls and inefficiencies, and the ugly: where CTI efforts often become a liability. Most importantly, we’ll highlight how individuals on the team can play a critical role in driving success by leveraging their unique skills to elevate the entire program. Whether you're building from scratch or looking to fine-tune a mature operation, this talk offers practical insights for making your CTI efforts smarter, stronger, and more impactful.

Alex Holden | 08, 13 2025 | 60 min
CTRL-ALT-Pen Test v2: Five CTI-Powered Techniques & Tactics

CTRL-ALT-Pen Test v2: Five CTI-Powered Techniques & Tactics

We’re back with more on Penetration Testing and Red Teaming powered by real Cyber Threat Intelligence.

 

In this webinar, we’ll break down 5 techniques you should be using in your pen tests. From carefully using Dark Web data to exploiting weak server-side validation, these are practical tips to sharpen your offensive game.

Alex Holden | 07, 22 2025 | 62 min
The Fine Art of NOT Hiring Nation State Threat Actors

The Fine Art of NOT Hiring Nation State Threat Actors

Let’s dive into the world of threat actors posing as remote employees. We’ll uncover their tricks, from passing background checks with mules to what they do once they’re hired. Plus, we’ll share practical tips to spot these imposters before and after they get in.

 

Takeaways:
 - Understand fake remote employee threats.
 - Know how to detect fictitious employee scams and how to prevent them.
 - Learn key steps in investigating fake remote employee scams.

Alex Holden | 07, 09 2025 | 60 min
Smarter Pen Testing with Threat Intel

Smarter Pen Testing with Threat Intel

Traditional penetration tests often miss the mark, failing to replicate the real-world tactics of today's sophisticated threat actors. In this session, Alex Holden, CISO of Hold Security, cuts through the noise and reveals how to transform your pen testing program with actionable threat intelligence.

 

You'll discover the latest attack trends and learn practical methods to simulate realistic cyber threats against your own defenses. From vulnerability exploitation to ransomware and social engineering, this session provides a hands-on guide to assessing your security readiness against the attacks that matter most right now. Leave with a clear roadmap to build a more resilient and threat-informed security posture.

 

Key Takeaways

 

- Understand the limitations of traditional pen testing and why threat intelligence is crucial

- Learn practical techniques for incorporating real-world attack simulations into your security assessments

- Gain a framework for building a more resilient and proactive security posture based on actionable threat intelligence

Alex Holden | 06, 03 2025 | 59 min
Smarter App Security Strategies to Enhance Today’s Cyber Defense

Smarter App Security Strategies to Enhance Today’s Cyber Defense

Application security remains one of the most complex challenges in cybersecurity. Unlike traditional infrastructure, applications are difficult to test across all possible attack vectors, and security failures can lead to devastating breaches.

 

In this session, we will explore emerging threats based on insights from the dark web and real-world incident response cases. We’ll dive into vulnerabilities in various application environments, flaws in business logic, next-generation penetration testing scenarios, and the evolving risks of AI manipulation by threat actors.

Alex Holden | 05, 28 2025 | 58 min
Threat Actor Psychology: Using Social Engineering and Other Jedi Tricks

Threat Actor Psychology: Using Social Engineering and Other Jedi Tricks

Forget textbook phishing templates and generic vishing scripts. This talk dives deep into the psychology, culture, and behavior of real-world threat actors and shows how we turn their own tactics against them. We’ve been successfully using social engineering techniques against cyber threat actors for decades, and in this presentation, I’ll share some of the key techniques and approaches that have made this possible.

Alex Holden | 05, 13 2025 | 32 min
Your Cybersecurity Career and You

Your Cybersecurity Career and You

The cybersecurity industry is in a constant state of flux, presenting both challenges and opportunities for professionals at all levels. Staying ahead requires more than technical skills; it demands strategic thinking and ability to stay relevant. In this talk we will share my insights about the future of the industry and how you can find a place to start or continue your career and reach the top.
Alex Holden | 04, 15 2025 | 17 min
Getting ROI From Monitoring the Dark Web. CIO Summit

Getting ROI From Monitoring the Dark Web. CIO Summit

Monitoring the Dark Web for threats targeting your organization or industry will enhance your ability to understand the real and ever-changing threat landscape to prevent breaches. Learn the practical approach of deriving value from Threat Intelligence and Dark Web monitoring.

Alex Holden | 03, 06 2025 | 60 min
1 2 3

Logo
Řešení Threat Intelligence Services Credential Integrity Service Domain Integrity Service Služby posuzování informační bezpečnosti Reakce na incident a vyšetřování
Naše kanceláře
Autorská práva © 2025 Hold Security