Simplify Your Audit Process, News, BlackHat Interviews - Tomer Bar, Raghu Nandakumara, Erik Huckle - ESW #330

Sep 1, 2023

Guest

Tomer Bar

Guest

Raghu Nandakumara

Guest

Erik Huckle

Guests Tomer Bar, Raghu Nandakumara, and Erik Huckle discuss simplifying audits and managing identity programs. They also cover funding news in cybersecurity, the importance of improved security measures, just-in-time access, and the decline of VPNs. The speakers explore AI in phishing attacks, the ARK browser's innovative features, and zero trust concepts. Additionally, they talk about bridge and attack simulations for auditing purposes and the scope of breach simulations.

Ask episode

Chapters

Transcript

Episode notes

Introduction

00:00 • 2min

Cybersecurity Strategy and Edge Computing Insights

01:32 • 5min

Automating the Audit Process

07:00 • 10min

SalePoint's Multi-Cloud Capabilities

16:43 • 13min

Auditors' Tailored Controls for Different Companies

29:45 • 16min

Discussion on the Drizzly case and the importance of improved security measures

46:12 • 2min

Discussion on Just-in-Time Access and Customer Requests

47:57 • 4min

Whiskey Regulations and ABC Stores

51:58 • 13min

Discussion of a Company Offering Cybersecurity Services and Possible Sponsorship

01:04:40 • 2min

Significance of a $110 Million Growth Round and Password Security

01:06:23 • 9min

The Reality of Failed Startups

01:15:05 • 12min

The Decline of VPNs, Nord Lab's New Initiatives, and Google's AI Focus

01:27:06 • 2min

AI and Phishing Attacks

01:28:44 • 7min

ARK Browser: Innovative Features and Security

01:35:35 • 16min

Pigeons, Station Wagons, and Micro Interviews

01:51:39 • 3min

Discussion on Zero Trust and Lumio's Approach

01:54:49 • 2min

Zero Trust: Reducing Implicit Trust

01:56:50 • 12min

Understanding Interactions and Setting Exceptions

02:08:36 • 5min

Zero Trust and an Interview with Tomer Bar of Safe Breach

02:13:30 • 4min

The Benefits of Bridge and Attack Simulation for Auditing

02:17:39 • 12min

Exploring the Scope of Breach and Attack Simulations

02:30:03 • 4min

Having direct visibility into your access data is crucial for two reasons: 1. Simplifying audit preparation and 2. Managing progress of your identity program to ensure peak performance. Internal auditors and compliance managers need easy access to granular data points to understand and demonstrate compliance to external agencies. Gaining access to real time data creates a great deal of autonomy for audit and identity teams to be able to delve deep into their identity programs and prove compliance. However, making the data available even internally can put organizations at risk for data leaks and data policy violations. Erik will outline how companies can gain access to their current identity search and dashboard data and be able to query in their preferred BI tool based on their own data privacy policies and business needs, significantly reducing risk.

This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpoint to learn more about them!

There's still serious, late stage funding for compelling tech in cybersecurity, SpyCloud proves with it's $110M Series D. We discuss the SentinelOne/Wiz merger rumors. Sadly layoffs and even company failures are still occurring, thought Tyler thinks the market downturn is close to bottoming out. NordVPN spins off an AI skunkworks called NordLabs. The Browser Company has a great company vision page that's worth checking out. Two interesting LLM prompt-related tools to check out are PIPE and promptmap (both on github). Brazilian phone spyware WebDetetive (sic) gets hacked and all victim data deleted. US takes down QakBot and *removes* it from infected systems! Finally, a homing pigeon proves that birds are faster than gigabit Internet :D In this interview, Raghu discusses the specific challenges in securing the cloud and how to overcome them. He shares how to make your life easier by making security a team sport, how to gain the visibility you need across clouds, data centers, and endpoints, and how to get a return on your cloud security investments.

This segment is sponsored by Illumio.

Visit https://securityweekly.com/illumiobh to learn more about them!

It’s no secret that the attack surface is increasing and the best defense is one that’s matched to the most relevant risks. Through proactive and reactive research, The SafeBreach Labs team helps customers discover their most critical threats and security gaps by building the industry’s most current and complete playbook of attacks. In this session, SafeBreach Director of Research Tomer Bar will share how attacks are conducted, which APT group have been the most active, and how breach and attack simulation can help teams think like an adversary and leverage recent vulnerabilities to gain accurate insights.

Segment Resources: https://www.safebreach.com/safebreach-labs/

This segment is sponsored by SafeBreach.

Visit https://securityweekly.com/safebreachbh to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Like us on Facebook: https://www.facebook.com/secweekly

Show Notes: https://securityweekly.com/esw-330