Enterprise Security Weekly (Audio)

This week, in our first segment, we welcome Yasser Rasheed, Global Director of Enterprise Client Sales at Intel to talk about Protecting Your Environment with Intel vPro platform! Then, Omer Taran, Co-Founder and CTO of CybeReady, joins for an interview about Overcoming Challenges in Multinational Phishing Simulations! Lastly, in the Enterprise News for this week: Funding announcements from Material Security, Abnormal, Teleport, Tailscale, Smallsetp, Phylum and more. Acquisitions include HDiv Security, and Radiflow. New product announcements from Siren, Corelight, Artic Wolf, Onapsis and Aqua! In other news, all South Koreans are about to become one year younger! This segment is sponsored by Intel. Visit https://securityweekly.com/intel to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw273

This week, in our first segment, we welcome Prashasth Baliga, Senior Security Consultant at Palo Alto Networks to talk about Security Orchestration and Automation Simplified! Then, Ryan Fried, Senior Security Engineer at Brooks Running, joins for an interview about Getting Value from SOAR beyond Phishing Workflows! Finally, in the Enterprise Security News, Veza raises $110M for Data Security, Traceable raises $60M for API Security, 10 other security startups get funded, Synopsis buys Whitehat for $330M, HackerOne approves a PullRequest, Bright Security acquires WeHackPurple, LexusNexis acquires BehaviorSec, JupiterOne continues to release some compelling books, the DevSecOps evolution, the future of Product-Led Growth, & more! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw272

This week, in our first segment, we welcome Rich Mogull, the CISO of DisruptOps - FireMon to discuss The Turbulent Cloud Security Market! Then, Andrew Hindle, the Content Chair at Identiverse & Chair of IDPro at Identiverse, joins to discuss Digital Identity: The Cornerstone of Our Digital World! Finally, in the Enterprise News: Basis Theory raises $17 million funding round, Crunchbase Funding Round Profile, Devo Acquires AI-Powered Security Automation Innovator to Deliver the “Autonomous SOC”, Hivemapper Dashcam, Authtech, Twitter accepts Elon Musk’s $44 billion offer, Austin Peay State University on Twitter, Basis Theory raises $17 million funding round, & more! To register for our upcoming webcast with Rich Mogull on Deploying Cloud Applications Securely, visit https://attendee.gotowebinar.com/register/3131398543024475915?source=esw Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw271

This week, in the first segment, we learn all about the technical ins and outs of HP SureClick Enterprise with HP expert Dan Allen and discover how SureClick Enterprise can help improve security efforts in your organization! Then, we bring on a VC to provide an investor’s point-of-view! It’s hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups! Finally, in the Enterprise Security News: Fortress InfoSec raises $125M to help critical infrastructure improve security, ThreatLocker raises $100M, thanks in part to Kaseya’s breach, Obsidian raises $90M to secure SaaS use, DoControl raises $30M to possibly compete with Obsidian, Blueshift raises a seed round to bring SOC and XDR to SMBs, Strike Security raises a seed round to take a different approach to pen testing, Thoma Bravo is still working on an Imprivata exit, The biggest startup failures of all time - how many security vendors are on the list, Is the SEC forcing CISOs into the boardroom, Better, but harder to collect, security metrics, & more! This segment is sponsored by HP Wolf Security. Visit https://securityweekly.com/hpwolf to learn more about them! Segment Resources: https://threatresearch.ext.hp.com/zero-trust-in-reverse-why-the-current-definition-of-zero-trust-is-only-half-full/ Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw270

In our first segment, we welcome Bob Erdman, Director of Development at HelpSystems to discuss The Role of Automation in Pen Testing! Then, Justin Tolman, Forensic Evangelist at Exterro joins us to discuss Forensic Challenges for Security Professionals! Finally in the Enterprise News: Datto to be Acquired by Kaseya for $6.2 Billion, with Funding Led by Insight Partners, Perforce Software Puppet, Synopsys acquires Juniper Networks, Managed detection and response startup Critical Start lands $215M in funding, Thinking About the Future of InfoSec, DuckDuckGo launches Mac app in beta, How I automated my presence in video calls for a week (and nobody knew), Why Do So Many Cybersecurity Products Suck? Segment Resources: The Truth About Pen Testing Automation - https://www.coresecurity.com/blog/the-truth-abouth-pen-testing-automation Core Impact Rapid Pen Tests - https://www.coresecurity.com/products/core-impact/rapid-pen-tests This segment is sponsored by Core Security, A Help Systems Company. Visit https://securityweekly.com/coresecurity to learn more about them! Segment Resources: FTK Over the Air podcast: https://www.exterro.com/ftk-over-the-air-podcast FTK Feature Focus weekly videos: https://youtube.com/playlist?list=PLjlGL4cu_NaM0e7h1RCTJwNnZb-dyUf3B This segment is sponsored by Exterro. Visit https://securityweekly.com/exterro to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw269

In our first segment, we welcome Josh Snow, Principal Sales Engineer at ExtraHop to discuss Common Sense Steps for Implementing Shields Up! Then, Catherine Ullman, Sr. Information Security Forensic Analyst at the University at Buffalo, joins for an interview on Why Learning Offensive Security Makes You A Better Defender! Finally, in the Enterprise Security News for this week: NordVPN raises $100M and becomes the first Lithuanian Unicorn?, Coro lands a $60M Series C for small business-focused security, Airgap Networks closes a funding gap with a $13.4M Series A, Corsha lands a $12M Series A to bring MFA to machine-to-machine API traffic. What? Tru.id lands a $9M seed round to take a stab at using SIM cards for MFA, ex-Alienvault employees raise funding from Ballistic Ventures with Nudge Security, SeeMetrics scores a $6M seed round to provide better KPIs to CISOs, an essay on trust: the two sides of “Say” and “Do”, Ubiquiti continues to alienate the security community with its attacks against Brian Krebs, Why an option to edit tweets is a terrible idea, & more! Segment Resources: A Practical Guide for Shields Up: https://www.extrahop.com/resources/papers/shields-up-guidance-for-organizations/ Free Shields Up Assessment: https://www.extrahop.com/lp/free-shields-up-assessment/ This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw268

This week, Tim Cathcart from Knox County Schools is with us to discuss breaking into cyber from a high school perspective! Then, Steven Turner from Microsoft joins us to sweep away the noise and level set on Zero Trust! Finally, in the Enterprise Security News for this week: 14 cybersecurity startups have raised funding! Massive late stage market corrections underway and talks of self-repricing valuations, A private equity firm acquires Zimperium, Even more massive amounts of cryptocurrency are stolen, The NPM package library is under active, constant attack, Microsoft Azure Defender IoT has trivial critical vulnerabilities, White house earmarks $11B for cybersecurity, Death to SPACs, as well as Several new security vendors and products! Segment Resources: - NIST SP 800-207 - https://csrc.nist.gov/publications/detail/sp/800-207/final - UK NCSC ZT Guidance - https://github.com/ukncsc/zero-trust-architecture - USA CISA/OMB ZT Guidance - https://zerotrust.cyber.gov/ - DOD ZT Reference Architecture -https://dodcio.defense.gov/Portals/0/Documents/Library/(U)ZT_RA_v1.1(U)_Mar21.pdf- Microsoft ZT Guidance - https://docs.microsoft.com/en-us/security/zero-trust/ Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes!  Show Notes: https://securityweekly.com/esw267

This week, in our first segment, we welcome Zane Bond, Director of Product Management at Keeper Security, for an interview on How to Secure Your Secrets! We discuss how, Since IT network secrets unlock access to highly privileged systems and data, securing secrets is just as critical to preventing cyberattacks as securing end-user passwords! Then, Erin Kenneally, Senior Director, Cyber Risk Strategy at Guidewire to discuss Cyber Risk, & how past ransomware incidents could lead to a call for cyber insurance industry adaptation! Finally, we dive straight into the Enterprise News for this week! In the Enterprise Security News for this week: Island raises another $115M to build a secure web browser, less than 2 months after raising $100M, Bionic raises $65M for application intelligence, Israeli startup HUB Security merges with a SPAC to go public on the NASDAQ at a $1.28B valuation, Cybersecurity now has 53 unicorns, which are the most interesting to follow? New data shows VCs pulling back on Series A, B, and C, but is this data any good? Over 90% of orgs had an incident tied to a third party last year, the SEC might require public companies to report hacks and hand over details, & more! Segment Resources: - https://www.linkedin.com/posts/ekenneally_cybersecurity-cyberinsurance-cyberrisk-activity-6831288006494814208-PVtE?utm_source=linkedin_share&utm_medium=member_desktop_web - https://www.linkedin.com/posts/ekenneally_ransomware-a-darwinian-opportunity-for-cyber-activity-6763127736304201728-RriU?utm_source=linkedin_share&utm_medium=member_desktop_web - https://www.linkedin.com/posts/ekenneally_ai-artificialintelligence-cyberrisk-activity-6857351155295514624-Sp2j?utm_source=linkedin_share&utm_medium=member_desktop_web -https://www.dhs.gov/sites/default/files/publications/3950_CYRIE_Report_FINAL508.pdf Segment Resources: https://www.keepersecurity.com/en_GB/secrets-manager.html This segment is sponsored by Keeper Security Visit https://securityweekly.com/keepersecurity to learn more about them! Visit https:// Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw266

This week, in our first segment we're joined by Johanna Ydergard, VP of Product at Detectify joins us to cover a brief overview of the attack surface market - what it is, why it’s necessary to have an additional tool along with DAST, SAST. It will also cover how Detectify’s unique advantage of crowdsourcing is a true differentiator in the EASM market and how the model differs from the big Bug Bounty Platforms. It will detail on how Detectify collaborates with ethical hackers to crowdsource security research from the forefront of the industry, so you can check for 2000+ common vulnerabilities. Next, Learn how a proactive cybersecurity program can be a game changer for an organization's success through continuously assessing risk and evolving to stay ahead of threats. Join us as we discuss impactful ways to stay one step ahead with Pablo Zurro, Product Manager at Core Security, by HelpSystems! Finally, this week in the Enterprise News: Quincy man rescues coworker from Ukraine, Cloudflare Email Security Tools, New CISA Vulns, RSA Conference Acquired, Massive Rounds, Incident Reporting Signed into Law, & more!   Show Notes: https://securityweekly.com/esw265 Segment Resources: https://detectify.com/external-attack-surface-management https://detectify.com/crowdsource/what-is-crowdsource [Guide] Taking Back Control: A Proactive Approach to Advance Your Security Maturity - https://static.helpsystems.com/core-security/pdfs/guides/cs-advancing-your-security-maturity-gd.pdf [Video] Core Impact Pen Testing Software Overview - https://www.coresecurity.com/resources/videos/core-impact-overview https://static.helpsystems.com/hs/pdfs/2022/datasheet/hs-security-maturity-matrix-ds.pdf   Visit https://securityweekly.com/detectify to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Managing firewall rule reviews, especially for PCI-DSS, can be complex but it doesn't have to be. Hear from Jeff Styles as he talks about how you can automate this process to keep you compliant and secure. There's a LOT of noise in the security industry. We've catalogued over 10,000 cybersecurity products and each of the companies behind these products has a marketing team, a twitter account, a blog, and a ton of content to blast at enterprise security buyers. There's an interesting connection between GreyNoise's product, founder, and principles. While building a product that filtered out the noise that wastes most security operations teams' time, Andrew was dead set against building a startup that resembled the typical security startup. We'll discuss Andrew's unique path to market, the latest features of GreyNoise, and where the lines are drawn between malicious and benign scanning. In the Enterprise Security News for this week: Google intends to acquire Mandiant HelpSystems to pick up Alert Logic - at least their 11th security acquisition in the past 3 years, Rumor that Abnormal Security could be our next security unicorn, Axonius raises a $200M Series E, A number of AppSec and cloud security startups raise their first big rounds, SEC requires public companies to report breaches within 4 days,Did we mention Google is buying Mandiant? All that and more, on this episode of Enterprise Security Weekly.   Show Notes: https://securityweekly.com/esw264 Segment Resources: GreyNoise Visualizer (free web tool for researching scanner IPs): https://www.greynoise.io/viz/query/?gnql=last_seen%3A1d GreyNoise Trends for Apache Log4j Exploit Attempts: https://www.greynoise.io/viz/tag/apache-log4j-rce-attempt Visit https://securityweekly.com/firemon to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly