The Defender's Advantage Podcast

Cloud security is more important today than ever before. To learn moreabout the topic, Luke McNamara sat down with Martin Holste, CTO forCloud at FireEye, Chris Schreiber, FireEye product strategist, and JRWeiks, FireEye security principal engineer.In this first of two podcasts on cloud security, they discuss some ofthe security challenges that occur when migrating to the cloud,specifically highlighting some of the common problems that quicklyrise to the top once that journey begins. Additionally, they dive intosome of the different tactics that threat actors use to exploit cloudinfrastructure and how organizations can protect themselves.Check out the podcast, and for more information head over to ourFireEye Cloud Security page and our FireEye Partnership with AWS page.

In October 2019, FireEye launched its Purple Team and ContinuousPurple Team Assessments to enable organizations to quantifiablyevaluate security controls and programs against Verodin simulatedattack scenarios. With Purple Team Assessments, Mandiant experts guidean organization’s security team through highly-realistic attackscenarios.Luke McNamara spoke with one of our global red team leads who is onthe front lines managing this new offering, Evan Pena. During theirdiscussion, Evan explains what exactly a purple team is vs. atraditional red and blue team, what are the outputs/deliverables thatcome from a purple team, in what capacity will Verodin be used todeliver this new offering, and more.For more information about FireEye Mandiant Purple Team Assessments,including the FireEye Verodin Security Instrumentation Platform (SIP),please visithttps://www.fireeye.com/services/purple-team-assessment.html

Luke McNamara spoke with Jens Christian Høy Monrad, Head of FireEyeIntelligence, EMEA at FireEye on the EMEA threat landscape. In theirdiscussion, Jens spoke on the multidimensional threats to the region,what those threats look like today, election security affecting thesecountries, and continued challenges for the public and private sector.

Luke McNamara spoke with Jens Christian Høy Monrad, Head of FireEyeIntelligence, EMEA at FireEye on the EMEA threat landscape. In theirdiscussion, Jens spoke on the multidimensional threats to the region,what those threats look like today, election security affecting thesecountries, and continued challenges for the public and private sector.

The healthcare industry faces a range of threat actors and maliciousactivity. FireEye EVP, Products, Grady Summers spoke with PrincipalAnalyst, Luke McNamara on the types of financially motivated cyberthreat activity impacting healthcare organizations, nation statesthreats that the healthcare sector should be aware of, and how thethreat landscape for healthcare organizations evolve in the future.

The importance of being prepared cannot be understated. Companiesexperiencing an email compromise must undertake costly investigationsinvolving forensics services and data mining of affected inboxes tosee if sensitive information has been impacted. If that isn’t badenough, productivity and reputation also stand to take a hit.To shine some light on the business email compromise threat and howbest to defend against it, FireEye EVP and CTO Grady Summers sat downwith Ken Bagnall, VP for Email Security at FireEye, and LaurenWinchester, Privacy Breach Response Services Manager at Beazley.During their chat, the trio discussed awareness, prevention and a newunique offering from FireEye and Beazley.

In April 2018, FireEye CTO, Grady Summers had the opportunity to talkabout some of the latest features of FireEye Email Security with KenBagnall, VP for Email Security at FireEye. Their conversation ended upbeing one of our more popular 'Eye on Security' podcast episodes, soit was a no-brainer that Grady would have Ken back in July 2018 todiscuss some of the changes in email attacks that we had beenobserving.When Ken happily agreed to return for a third appearance, FireEyeChief Intel Strategist, Christopher Porter was particularly glad thatit was his turn to pick his brain. During their chat, Ken andChristopher talked about the innovation behind our secure emailgateway, the intellectual property behind FireEye technologies fordetecting advanced threats that others miss, and some general trendsrelated to email threats that we’re seeing today.Check out the podcast right now, and learn more about how FireEyeEmail Security can help defend against today’s most widely used – andlesser known – email attacks.

In recent weeks FireEye has been talking all about Expertise OnDemand, our annual subscription service that gives customers access tosecurity experts and more. As FireEye Chief Intelligence Strategist,it has been exciting to see the transformation on the Intelligenceside of things, but to get a better look at the Expertise On Demandservice as a whole we turned to Gareth Maclachlan, VP of Strategy andProduct Management.In our latest Eye on Security podcast, Gareth and Christopher discusseverything from how the Expertise On Demand service works and whatmakes it unique, to the overall experience for customers and partners.Gareth also talks about what prompted FireEye to offer Expertise OnDemand in the first place, including an all-too-familiar problem inthe industry: a shortage of trained security professionals.

The United States District Attorney’s Office for the Western Districtof Washington recently unsealed indictments and announced the arrestsof three individuals linked to a criminal organization we have beentracking since 2015 as FIN7. With the threat group in the news quite abit lately, FireEye CTO, Grady Summers sat down to discuss the actorsand the arrests with two of the foremost FIN7 experts: Nick Carr andBarry Vengerik from FireEye’s Advanced Practices Team.They discussed a wide variety of topics, including FIN7’s targeting,why they chose the particular sectors that they did, how they gainedan initial foothold in organizations, their tools and tactics,techniques and procedures (TTPs), some of the methods FireEye used totrack the group, and some of the ways FIN7 activity changed followingarrests made as far back as January 2018.More information on FIN7 and many other threat groups can be found inour Intel Portal as part of our FireEye iSIGHT Threat Intelligenceoffering.