Enterprise Security Weekly (Audio)

This week, In the first segment, we welcome Nathan Hunstad, Principal Security Engineer & Researcher, at Code42, for an interview discussing SIEM and SOAR! Next up, In the Enterprise Security News: Secure and monitor AWS Lamba with new, not related, features from Datadog and Imperva, ServiceNow integrates with Microsoft solutions, SentinelOne wins two awards, Reducing risk with IAM, Kemp lanches Zero Trust, AWS launches another contianer product, Zscaler acquires Smokescreen, Sumo Logic acquires DF Labs, Uptycs, Salt Security and Spec Trust secure funding... and more! Then we close out the show with two pre-recorded RSAC 2021 interviews featuring Drew Rose, from Living Security, & Ganesh Pai of Uptycs!   Show Notes: https://securityweekly.com/esw229 Segment Resources: https://www.code42.com/blog/is-soar-the-new-siem/ Visit https://securityweekly.com/code42 to learn more about them! Visit https://securityweekly.com/livingsecurity to learn more about them! Visit https://securityweekly.com/uptycs to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, in our first segment, we welcome John Masserini, Global Chief Information Security Officer at Millicom Telecom International, to discuss "Identity Management as a Foundation for Future-Proofing your Security". In the enterprise news segment, we discuss all the enterprise security news from RSA Conference 2021. In our final segment, we welcome Mark Bowling, Vice President of Security Response Services at ExtraHop, to discuss "Building a Response Strategy to Advanced Threats".   Show Notes: https://securityweekly.com/esw228 Visit https://securityweekly.com/extrahop-rsac to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, In the first segment, we welcome Damon Small, Technical Director of Security Consulting at NCC Group, for an interview covering the Florida Water Treatment Facility Hack, and the Convergence of OT & IT! Next up, Artisom Holub, Senior Security Analyst and Austin McBride, Data Scientist, from Cisco Umbrella join to talk about some Chart Topping Threats and How Attacks will rage in 2021! In the Enterprise Security News: XM Cyber Announces Integration with Palo Alto Network's Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more!   Show Notes: https://securityweekly.com/esw227 Visit https://securityweekly.com/ciscoumbrella to learn more about them!   Segment Resources: https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952 https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, In the first segment, we welcome Steve Springett, Chair at CycloneDX SBOM Standard, Core Working Group, for a discussion on The Rise of SBOM! Next up, Carlos Morales, CTO Security Services at Neustar, joins for a discussion on how Applications Are Your Lifeblood – Understanding the Changing Attack! In the Enterprise Security News: Code42 enhances Incydr to help identify insider risk related to file uploads to unsanctioned websites, Imperva acquires CloudVector to provide visibility and security for API traffic, ThreatQuotient launches ThreatQ TDR Orchestrator to accelerate detection and response, KnowBe4 Launches Artificial Intelligence-Driven Phishing Feature, and some funding and acquisition updates from Thoma Bravo, Proofpoint, Darktrace, JupiterOne, and more!   Show Notes: https://securityweekly.com/esw226 Segment Resources: https://www.home.neustar/resources/videos/security-you-can-trust https://www.home.neustar/resources/whitepapers/web-application-security-threats https://cyclonedx.org/ https://www.ntia.gov/sbom https://owasp.org/scvs https://dependencytrack.org/   Visit https://securityweekly.com/neustar to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Rickard Carlsson, CEO at Detectify, joins us to talk about collaboration as the modern approach application security. In the Enterprise News for this week: HackerOne Enhances Security Testing Platform, Palo Alto Networks Expands Unit 42 Cybersecurity Consulting Group, Thoma Bravo to take cyber security firm Proofpoint private, BlackRock, Tudor Group Back Cybersecurity Startup Deep Instinct, and more! Authentication and authorization might sound similar, but they are two distinct security processes. Joe Carson, Chief Security Scientist at Thycotic, joins us to discuss why privileges, not identities, are one of the biggest challenges for identity and access. Joe will share Thycotic's simple approach to solving privileged access.   Show Notes: https://securityweekly.com/esw225 Segment Resources: https://blog.detectify.com/2021/04/09/modern-application-security-requires-speed-scale-and-collaboration/ Visit https://securityweekly.com/detectify to learn more about them! Visit https://securityweekly.com/thycotic to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Jeff Deininger, a Principal Cloud Security Engineer, joins us and will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectural elements to deny attackers the crucial traction needed to establish a foothold at the beginning of a campaign, leaving attackers feeling like they are inescapably 'walking on ice'. Phishing links are getting past existing protections and clicked. How do you prevent these attacks? In this segment, Chris Cleveland, CEO at Pixm, will demonstrate how computer vision protection in the browser stops these attacks in real time and how you can know your own gaps. In the Enterprise News for this week, Darktrace targets listing for early May, KKR-backed cybersecurity firm KnowBe4 aims for $3 Billion valuation in U.S. IPO, Dell spins off VMware to fuel post-pandemic PC growth opportunities, lots of funding announcements, and more!   Show Notes: https://securityweekly.com/esw224 Segment Resources: Threat Report: https://pixm.net/wp-content/uploads/2021/03/Pixm-Q4-2020-Threat-Report.pdf Visit https://securityweekly.com/extrahop to learn more about them! Visit https://securityweekly.com/pixm to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, In the first segment, Ryan Noon from Material Security join us for a discussion on Zero Trust! Next up, John Loucaides joins for an interview on firmware attacks, and what enterprises need to do! In the Enterprise Security News:Cyble raises $4M, ThreatQuotient raises $22.5M, OneTrust acquires Convercent, Digital Shadows announces new threat intelligence capabilities, Rapid7 Announces Kubernetes Open Beta in InsightVM, LogRhythm Releases Version 7.7, Imperva unveils new data security platform built for cloud, Acronis releases a new version of Acronis Cyber Protect Cloud, Minerva Labs Launches Cloud Version of its Endpoint Threat Prevention Platform, What's Behind the Surge in Cybersecurity Unicorns? Cisco Umbrella unlocks the power of SASE and more!   Show Notes: https://securityweekly.com/esw223 Segment Resources: Assessing Enterprise Firmware Security Risk in 2021 - https://eclypsium.com/2021/01/14/assessing-enterprise-firmware-security-risk-in-2021/ https://github.com/chipsec/chipsec The Top 5 Firmware Attack Vectors - https://eclypsium.com/2018/12/28/the-top-5-firmware-and-hardware-attack-vectors/ https://material.security/blog/email-is-too-important-to-protect-like-a-tsa-checkpoint https://www.cnbc.com/2021/03/09/microsoft-exchange-hack-explained.html   Visit https://securityweekly.com/eclypsium to learn more about them! Visit https://securityweekly.com/materialsecurity to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, In the first segment, Zack Moody from AVX Corporation join us for an interview on the Rise of Insider Threat post Covid-19! Next up, Juliet Okafor joins for an interview on Why User Adoption in Enterprise Security is Low! In the Enterprise Security News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud and more!   Show Notes: https://securityweekly.com/esw222 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Trey Ford from Salesforce joins us to talk about Platform Security, as well as PaaS and Hosting. Next Up, Jarrett Rodrick from VMware discusses how you can "Jump-start Your SOC Analyst Career"! In the enterprise security news Funding announcements from SecurityScorecard, Secureframe, Axis Security, Orca, Cylera, and Vulcan Cyber. A non-funding announcement from Thinkst. Fortinet aquires ShieldX, VMware acquires Mesh7 and Copado aquires New Context. Knowbe4 files for IPO. Exabeam Launches First-ever Comprehensive Use Case Coverage, Linksys and Fortinet form an interesting partnership, Sonatype targets a more secure software supply chain with a 5-part announcement, CTO.ai Launches Serverless Kubernetes Platform and more!   Show Notes: https://securityweekly.com/esw221 https://www.amazon.com/Jump-start-Your-Analyst-Career-Cybersecurity/dp/148426903   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, our good friend Ron Gula joins us to talk about cybersecurity investments, tips for both enterprises and enturprenurs. In the enterprise security news funding announcements from Coalition, HeraSoft, Cowbell Cyber, Argon, Cynet, Docker, and Cyware. Sonatype Acquires MuseDev, Sumologic Acquires DF Labs, Acronis acquires Synapsys, Lookout grabs CipherCloud and a cybersecurity SPAC. Kasada announces some new features to its bot detection offering, Rapid7 introduces an agent for CloudFront, Aqua supports ARM, and Chris Roberts joins Cynet! Ilia Kolochenko, the chief architect at Immuniweb joins us to talk about attack surface management!   Show Notes: https://securityweekly.com/esw220 Gula Tech Foundation Grant Program - Data Care: https://www.gula.tech/foundation Gula Tech Non-Profits: https://www.gula.tech/projects   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly