Enterprise Security Weekly (Video) Cynet 360 4.0, YubiKey 5C NFC, & Netskope Cloud Threat Exchange - ESW #198
Sep 9, 2020
John Strand, a security expert known for his insights on penetration testing and cloud security, shares fascinating details on the new YubiKey 5C NFC and its role in multi-factor authentication. He discusses the importance of penetration tests and organizational preparedness in cybersecurity. The conversation highlights industry trends like vulnerability management, the significance of free cybersecurity tools, and recent innovations surrounding cloud security. Strand also delves into partnerships like Sysdig's collaboration with VulnDB for improved threat intelligence.
AI Snips
Chapters
Transcript
Episode notes
Pen Testing as Regular Hygiene
- If you are rolling out a major new product, schedule an external penetration test.\n- Integrate pen testing into regular security hygiene rather than as a reaction to incidents.
Prepare Before Pen Testing
- Build cybersecurity maturity before pursuing penetration tests by implementing basic hygiene like patching.\n- Tailor assessment types to your organization's readiness level: vulnerability assessment, pen test, or red team.
Limits of Cloud Threat Intelligence
- Sharing threat intelligence about cloud attacks needs more than IPs and URLs because cloud attack vectors differ from traditional networks.\n- Current threat feeds often don't fully address cloud security complexities.