The emergence of generative AI has caused us to rethink things on two fronts: how we consume threat detection data, as defenders how we need to shift our thinking and approaches to prepare for attackers' newfound GenAI capabilities But wait - is GenAI even useful for defenders or attackers? We'll dive deep into the state of AI as it pertains to security operations, just as Gartner announces that AI is hitting the trough of disillusionment. What better time to dispel the hype and focus on where real progress can be made? Edward Wu thinks so! Understandably so, as his startup, Dropzone.ai is making a big bet on generative AI to change the face (and pace) of security operations. We'll talk about what has changed here, and I have so many questions: after many generations of AI/ML technology in security, is the current gen really that dramatically different? Dropzone is far from the only startup with the same idea here, how will they differentiate? Is the problem that we need more help than we can possibly hire, or are we fundamentally doing something wrong in security operations? Specifically, what is this tech doing to help? Finally, we'll wrap by talking about where this tech goes next, and can we get there with current technology, or are we dependent on more breakthroughs from companies like OpenAI, Anthropic, and Meta? This week, on Enterprise Security Weekly, we've got: Identity Security gets more funding Wiz walks away BlackHat Announces Startup Spotlight Finalists Crowdstrike post mortem Simple Security Tricks are the Best Security Tricks Splitting the CISO role Web scraping for AI is out of control SEC vs Solarwinds Vaping the Internet Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-369

Twitter Opt-In, the DOJ, DarkSeoul, Fake Employees, PlugX, Stargazer Ghost, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-401

Doug and the Security Weekly crew talk about vulnerabilities, are we patching the right things? This is the burning question. We will try to answer it. Segment Resources: https://blog.sonicwall.com/en-us/2024/04/patch-tuesday-which-vulnerabilities-really-need-prioritizing/ Segment description coming soon!The Crowdstrike incident: what happened and what we can do better, people forget what 0-Day really means, shutting off the heat in January, honeypot evasion and non-functional exploits, what not to use to read eMMC, what if we don't patch DoS related vulnerabilities, a CVSS 10 deserves its own category, port shadow attacks, IPC and DBUS and a very informative and entertaining article, container breakouts, when you are bored on an airplane, Linksys security violations, fake IT workers, Telegram 0-day, and how to be more resilient on the same technology stack! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-836

Elon's Killer Robots, Crowdstrike and More Crowdstrike, Southwest, Play, FrostyGoop, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-400

Generative AI has produced impressive chatbots and content generation, but however fun or impressive those might be, they don't always translate to value for appsec. Allie brings some realistic expectations to how genAI is used by attackers and can be useful to defenders. Segment resources: https://www.forrester.com/blogs/generative-ai-will-not-fulfill-your-autonomous-soc-hopes-or-even-your-demo-dreams/ https://www.forrester.com/blogs/top-5-things-you-need-to-know-about-how-generative-ai-is-used-in-security-tools/ https://www.forrester.com/blogs/the-blob-is-poisoning-the-security-industry/ SAPwned demonstrates tenets of tenant isolation, a weak login flow puts Squarespace domains at risk, how AIs might (or might not) be useful for fixing code, getting buy-in for infosec investments, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-292

Back in April, we covered a story on episode #348 titled "CISO-CEO communication gaps continue to undermine cybersecurity". In that article, Sumedh Thakar, the CEO at Qualys, stated "CISOs must translate technical risks into business impact for CEOs." But he didn't say how. So, we invited him on the show to explain. In this episode, Sumedh walks us through real life interactions with his CISO and Board and explains why security needs to be communicated in business terms. Security is a risk management discipline. No one understand that more than Jeff Recor. Jeff has built risk management practices for Deloitte, Grant Thornton, and Accenture and has recently formed his own risk consulting practice. In this unscripted interview, Jeff will share his insights on the evolution of security as a risk management discipline, what CEOs and Boards really need, and how CISOs can be successful as a business leader. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-357

In this episode of Security Weekly News, Dr. Doug White and Josh Marpet delve into the widespread impact of the recent CrowdStrike and Microsoft technical issue, which disrupted various industries, including airlines, DMVs, and hospitals. They discuss the interconnectedness of modern systems, the reliance on automatic updates, and the critical need for thorough testing and third-party risk management. Emphasizing the importance of understanding and planning for system failures, the hosts highlight the necessity for comprehensive inventories, continuous monitoring, and robust backup plans to ensure business continuity and resilience. Tune in for expert insights into mitigating the significant consequences of system failures. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-399

In this episode of Enterprise Security Weekly, we revisit the insightful book "Jump-start Your SOC Analyst Career" with authors Jarrett Rodrick and Tyler Wall, exploring updates on career paths, opportunities, and the industry's reality. We delve into the myths versus the truths about cybersecurity careers, discussing the viability of high salaries and the best entry points into the field. Next, we tackle the critical issues plaguing the cybersecurity industry despite its rapid growth and increased influence at the board level. We ask why, despite ample resources, are failures more prevalent than ever? Lastly, we cover significant news in enterprise security, including the rumored historic acquisition of Wiz by Google, recent company acquisitions, and the evolving concept of shared responsibility in cybersecurity. Join us for a comprehensive discussion that spans career guidance, industry analysis, and the latest news in enterprise security. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-368

Thinking about getting a 3D printer or have one and need a good primer? Check out this segment, we live 3D print a Captain Crunch whistle and talk all about 3D printing for hackers! Segment Resources: Slides used in this segment: https://files.scmagazine.com/wp-content/uploads/2024/07/3D-Printing-for-Hackers.pdf Major 3D Printer Websites: https://vorondesign.com/ https://www.prusa3d.com/ https://www.creality.com/ https://bambulab.com/ https://elegoo.com Major 3D File libraries: https://printables.com (Prusa) https://thingiverse.com https://thangs.com https://makerworld.com (Bambu Labs) https://cults3d.com Youtube Channels: Uncle Jessy CnC Kitchen The Edge of Tech Makers Muse Find new flaws in UEFI using STASE, combining vulnerabilities to exploit Sonicwall Devices, remote BMC exploits, Netgear patches, and not a lot of information, 22 minutes before exploited, if the secrets were lost, we'd all be in screwed, Exim has not been replaced by something better and its vulnerable, CISA's red team reports, and attackers use drivers to attack EDR, the saga continues! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-835

Floppy Disks, Exim, Kaspersky, Darkgate, AT&T, Josh Marpet, and more are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-398