Avsnitt
-
Despite building up impressive security stacks in the Cloud, organizations are still struggling to keep their environments safe. Pentera recently introduced Pentera Cloud as the first tool to provide automated pentesting capabilities for cloud environments. This conversation will focus on the challenge of security validation and pentesting in the cloud, and how Pentera Cloud is redefining the speed and scale of pentesting in the cloud.
This segment is sponsored by Pentera. Visit https://www.securityweekly.com/penterarsac to learn more about them!
Jason Keirstead, Cyware's VP of Collective Threat Defense, takes us beyond the AI buzz in cybersecurity. While AI has tremendous potential for cybersecurity, Jason emphasizes its pragmatic and deliberate application to modernize security operations — not as a panacea but as a strategic ally in enhancing threat intelligence, response capabilities, and operational collaboration. We discuss the practical benefits and limitations of AI, offering insights into how security professionals can leverage AI to augment, not replace, human decision-making and creativity in the ongoing fight against cyber threats.
This segment is sponsored by Cyware. Visit https://securityweekly.com/cywarersac to learn more about them!
Anomali’s AI-Powered Security Operations Platform is a cloud-native solution that delivers the industry’s most comprehensive set of integrated and automated security functions. Anthony Aurigemma discusses how Anomali Copilot automates mundane tasks and enables better analytics and reasoning for today’s security teams – automating half of an analyst’s day, enabling them to focus on strategic work. With the ability to augment or replace legacy security systems, Anomali’s Security Operations Platform helps security teams deliver intelligent, actionable, and accurate insights to their business.
This segment is sponsored by Anomali. Visit https://www.securityweekly.com/anomalirsac to learn more about them!
Show Notes: https://securityweekly.com/esw-361
-
The landscape of phishing attacks continues to rapidly evolve. In 2023, Zscaler ThreatLabz observed a year-over-year increase of 58.2% in global phishing attempts. This surge was characterized by emerging schemes, including voice phishing, recruitment scams, and browser-in-the-browser attacks.
This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them!
In today's complex world, organizations are challenged to modernize their network while also improving their security posture to support digital transformation initiatives. Tim Roddy will talk about what is driving the need for network transformation efforts and why organizations are moving to IAM and SASE (also known as Zero Trust Edge) solutions to support these efforts. He’ll discuss the fast-growing SASE market and the demand for SASE delivered as a managed service due to talent shortages.
This segment is sponsored by Open Systems. Visit https://securityweekly.com/opensystemsrsac to learn more about them!
It’s not rocket science, it’s network security. And yet for many organizations, the road to securing employees and information often results in trade-offs to performance, agility, scalable services, and user experience. While first-generation SASE solutions promised companies a way out of this complexity, those early deployments failed to resolve the root causes of these growth pains--enter Unified SASE as a Service. Going beyond SASE learn what Unified SASE as a Service is and why you should care.
This segment is sponsored by Aryaka. Visit https://securityweekly.com/aryakarsac to learn more about them!
Show Notes: https://securityweekly.com/esw-361
-
Saknas det avsnitt?
-
Emerging threats are targeting organizations from seemingly every angle. This means security teams must expand their focus to secure as many domains as possible. OpenText is building on its holistic approach to cybersecurity with new innovations that make it easier for organizations to secure themselves against next generation threats.
This segment is sponsored by OpenText. Visit https://securityweekly.com/opentextrsac to learn more about them!
In reaction to the increasing potential of threat actors unaffected by the current state of cybersecurity measures and vulnerability management tools yielding “rarely actioned reports and long lists of generic remediations” as the attack surface continues to expand, Gartner has suggested a new program: CTEM - Continuous Threat Exposure Management. A continuous threat exposure management (CTEM) program is an integrated, iterative approach to prioritizing potential treatments and continually refining security posture improvements. Join Hive Pro’s VP of Product Marketing and former Gartner Analyst, Zaira Pirzada to better understand: - The state of the current threat landscape - The SOC pain points - What Continuous Threat Exposure Management is and best practices to implement it
This segment is sponsored by Hive Pro. Visit https://securityweekly.com/hiveprorsac to learn more about them!
Traditional Managed Detection and Response (MDR) methods, centered on threat-based security, often miss the bigger picture of evolving cyber risks. This segment explores the shift towards a proactive, risk-based MDR approach, emphasizing the importance of anticipating and mitigating risks before they escalate into threats. We'll discuss the benefits of integrating risk management into security strategies and the key factors organizations should weigh when enhancing their cyber risk reduction efforts.
This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartrsac to learn more about them!
Show Notes: https://securityweekly.com/esw-361
-
It's the week before RSA and the news is PACKED. Everyone is trying to get their RSA announcements out all at once. We've got announcements about funding, acquisitions, partnerships, new companies, new products, new features...
To make things MORE challenging, everyone is also putting out their big annual reports, like Verizon's DBIR and Mandiant's M-Trends!
Finally, we've got some great essays that are worth putting on your reading list, including a particularly fun take on the Verizon DBIR by Kelly Shortridge.
Show Notes: https://securityweekly.com/esw-360
-
It's the most boring part of incident response. Skip it at your peril, however. In this interview, we'll talk to Joe Gross about why preparing for incident response is so important. There's SO MUCH to do, we'll spend some time breaking down the different tasks you need to complete long before an incident occurs.
Resources
5 Best Practices for Building a Cyber Incident Response PlanThis segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them!
Show Notes: https://securityweekly.com/esw-360
-
This is a great interview with Adam Shostack on all things threat modeling. He's often the first name that pops into people's heads when threat modeling comes up, and has created or been involved with much of the foundational material around the subject. Adam recently released a whitepaper that focuses on and defines inherent threats.
Resources:
Here's the Inherent Threats Whitepaper Adam's book, Threat Modeling: Designing for Security Adam's latest book, Threats: What Every Engineer Should Learn from Star Wars We mention the Okta Breach - here's my writeup on it We mention the CSRB report on the Microsoft/Storm breach, here's Adam's blog post on it And finally, Adam mentions the British Library incident report, which is here, and Adam's blog post is hereShow Notes: https://securityweekly.com/esw-359
-
We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some of the use cases are obvious, while others were a complete surprise to me. Check out this episode if you're looking for some ideas!
This segment is sponsored by SentinelOne. Visit https://securityweekly.com/sentinelone to learn more about them!
Show Notes: https://securityweekly.com/esw-359
-
A clear pattern with startups getting funding this week are "autonomous" products and features.
Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues autonomously" automated remediation automated compliance management & reportingI'll believe it when I see it. Don't get me wrong, I think we're in desperate need of more automation when it comes to patching and security decision-making. I just don't think the majority of the market has the level of confidence necessary to trust security products to automate things without a human in the loop.
The way LimaCharlie is going about it, with their new bi-directional functionality they're talking up right now, might work, as detections can be VERY specific and fine-grained.
We've already seen a round of fully automated guardrail approaches (particularly in the Cloud) fail, however. My prediction? Either what we're seeing isn't truly automated, or it will become a part of the product that no one uses - like Metasploit Pro licenses.
Show Notes: https://securityweekly.com/esw-359
-
This week, Adrian and Tyler discuss some crazy rumors - is it really possible that a cloud security startup valued at over $8 billion in November 2021 just got bought for $200 million???
Some healthy funding for Cyera and Cohesity ($300m and $150m, respectively)
Onum, Alethea, Sprinto, Andesite AI, StrikeReady, YL-Backed Miggo, Nymiz, Salvador Technologies, and Simbian all raise smaller seed, A, or B rounds.
Akamai picks up API security startup, Noname Security, Zscaler picks up Airgap networks, and it's rumored that Armis will acquire Silk Security for $150M.
LimaCharlie seems to be doing some vertical growth, adding its own response and automation capabilities (what they call "bi-directional" capabilities). CISA releases a malware analysis system to the general public. Boostsecurity.io releases "poutine", an open source CI/CD pipeline vulnerability scanner.
Some great essays this week, with Phil Venables' Letter from the Future, Ben Hawkes' Robots Dream of Root Shells, and Aileen Lee's 10 year Unicorn anniversary piece.
We briefly discuss the 3rd party breach that affected Cisco Duo customers, and the financial impact of Change Healthcare's highly disruptive ransomware incident.
Finally, we talk about the latest research on the security of LLMs and the apps using them. It's not looking great.
For more details, check out the show notes here: https://www.scmagazine.com/podcast-episode/3188-enterprise-security-weekly-358
Show Notes: https://securityweekly.com/esw-358
-
Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on a whole different level.
In this interview, we'll talk to Joe McMann about how Binary Defense helps to protect the Cleveland Browns and other professional sports teams.
Show Notes: https://securityweekly.com/esw-358
-
This week, Tyler and Adrian discuss Cyera's $300M Series C, which lands them a $1.4B valuation! But is that still a unicorn? Aileen Lee of Cowboy Ventures, who coined the term back in 2013, recently wrote a piece celebrating the 10th anniversary of the term, and revisiting what it means. We HIGHLY recommend checking it out: https://www.cowboy.vc/news/welcome-back-to-the-unicorn-club-10-years-later
They discuss a few other companies that have raised funding or just come out of stealth, including Scrut Automation, Allure Security, TrojAI, Knostic, Prompt Armor.
They discuss Eclipsium's binary analysis tooling, and what the future of fully automated security analysis could look like.
Wiz acquired Gem, and Veracode acquired Longbow. Adrian LOVES Longbow's website, BTW.
They discuss a number of essays, some of which are a must read:
Daniel Miessler's Efficient Security Principle Subsalt's series on data privacy challenges Lucky vs Repeatable, a must-read from Morgan Housel AI has Flown the Coop, the latest from our absent co-host, Katie Teitler-Santullo Customer love by Ross Haleliuk and Rami McCarthyWe briefly cover some other fun - reverse typosquatting, AI models with built-in RCE, and Microsoft having YET ANOTHER breach.
We wrap up discussing Air Canada's short-lived AI-powered support chatbot.
Show Notes: https://securityweekly.com/esw-357
-
In the days when Mirai emerged and took down DynDNS, along with what seemed like half the Internet, DDoS was as active a topic in the headlines as it was behind the scenes (check out Andy Greenberg's amazing story on Mirai on Wired). We don't hear about DDoS attacks as much anymore. What happened?
Well, they didn't go away. DDoS attacks are a more common and varied tool of cybercriminals than ever. Today, Michael Smith is going to catch us up on the state of DDoS attacks in 2024, and we'll focus particularly on one cybercrime actor, KillNet.
Segment Resources:
Understanding DDoS Attacks: What is a DDoS Attack and How Does it Work? -
NVD checked out, then they came back? Maybe?
Should the xz backdoor be treated as a vulnerability?
Is scan-driven vulnerability management obsolete when it comes to alerting on emerging threats?
What were some of the takeaways from the first-ever VulnCon?
EPSS is featured in over 100 security products, but is it properly supported by those that benefit from it?
How long do defenders have from the moment a vulnerability is disclosed to patch or mitigate it before working exploits are ready and in the wild?
There's SO much going on in the vulnerability management space, but we'll try to get to the bottom of some of in in this episode. In this interview, we talk to Patrick Garrity about the messy state of vulnerability management and how to get it back on the rails.
Segment Resources:
Exploitation TImelines NVD Sources for known exploitation Exploitation in the Wild - RockstarShow Notes: https://securityweekly.com/esw-356
-
As we near RSA conference season, tons of security startups are coming out of stealth! The RSA Innovation Sandbox has also announced the top 10 finalists, also highlighting early stage startups that will be at the show.
In this week's news segment,
We discuss the highlights of the Cyber Safety Review Board's detailed and scathing report on Microsoft's 2023 breach We spend a bit of time on the xz backdoor, but not too much, as it has been covered comprehensively elsewhere We discover half a dozen of the latest startups to receive funding or come out of stealth: Coro, Skyflow, Zafran, Permiso, Bedrock Security, Abstract Security, and Sandfly Apple is reportedly going to have some big AI announcements this summer, and we discuss how overdue voice assistants are for an LLM makeover. Finally, we discuss the amazing innovation that is the Volkswagen RooBadge!By the way, the thumbnail is a reference to the xz backdoor link we include in the show notes: https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
Show Notes: https://securityweekly.com/esw-356
-
This week, in the enterprise security news:
Early stage funding is all the rage AI startups continue to pop out of stealth The buyer's market continues with more interesting acquisitions Purpose-built large language models for security Benchmarking LLMs for security GoFetch? More like... Get outta here (I couldn't think of anything clever) Crowdstrike and NVIDIA team up Why do people trust AI? What do Google Sheets and Carlos Sainz Jr. have in common?All that and more, on this episode of Enterprise Security Weekly!
Show Notes: https://securityweekly.com/esw-355
-
Many years ago, I fielded a survey focused on the culture of cybersecurity. One of the questions asked what initially drew folks to cybersecurity as a career. The most common response was a deep sense of curiosity. Throughout my career, I noticed another major factor in folks that brought a lot of value to security teams: diversity.
Diversity of people, diversity of background, and diversity of experience. I've seen auto mechanics, biologists, and finance experts bring the most interesting insights and forehead-slapping observations to the table. I think part of the reason diversity is so necessary is that security itself is incredibly broad. It covers everything that technology, processes, and people touch. As such, cybersecurity workers need to have a similarly broad skillsets and background.
Today, we talk to someone that embodies both this non-typical cybersecurity background and sense of curiosity - Clea Ostendorf. We'll discuss:
The importance for organizations to actively seek and welcome curious newcomers in the security field who may not conform to traditional cybersecurity norms. Strategies for organizations to foster an environment that encourages individuals with curiosity, motivation, and a willingness to challenge conventional norms, thereby promoting innovative thinking in addressing security risks.Segment Resources:
Evolving Threats from Within - Insights from the 2024 Code42 Data Exposure Report
Show Notes: https://securityweekly.com/esw-355
-
While awareness and attention towards cybersecurity are on the rise, some popular and persistent myths about cybersecurity have almost become threats themselves. API security requires a modern understanding of the threat landscape, with the context that most API providers desire to be more open and accessible to all. We will debunk the 5 worst myths about protecting your APIs.
Segment Resources:
API Security Basics - Everything You Need to Know Graylog API Security - Gain Visibility & Control Over Your API Attack SurfaceThis segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about API security!
Show Notes: https://securityweekly.com/esw-354
-
In the enterprise security news,
Lots of funding news, including: - Nozomi Networks Raises $100 Million to Expand Industrial Cybersecurity Business - BigID Raises $60 Million at $1 Billion Valuation - J.P. Morgan Growth Leads $39 Million Investment in Eye Security - CyberSaint raises $21 million to accelerate market expansion Zscaler Acquires Avalor for $350 Million Cisco completes $28 bn acquisition of cybersecurity firm Splunk Airbus Calls Off Planned Acquisition of Atos Cybersecurity Group Cybersecurity firm Cato Networks hires banks for 2025 IPO, sources say
Show Notes: https://securityweekly.com/esw-354
-
We don't cover a lot of stories in this week's episode, but we go deep on a few important ones. I'm biased, but I think it's a good one, especially having Darwin's input and encyclopedic knowledge available to us.
Also in this week's news:
Homomorphic encryption pops up again! Microsoft Security Copilot has a release date! Sudo for Windows Microsegmentation pops up again! The TikTok Ban Darwin's Newsletter: The Cybersecurity PulseAll that and more, on this episode of Enterprise Security Weekly.
Show Notes: https://securityweekly.com/esw-353
-
In this interview, we talk to Rod Simmons, the VP of Product Strategy at Omada. We'll discuss the complex topic of securing identities against ever growing threats. We'll discuss challenges like unnecessary access, accounts with too many permissions, and a threat landscape that is increasingly finding success from targeting identities. Finally, we'll discuss where the Identity Governance and Administration (IGA) market is going.
Segment Resources:
Analyst Report: The State of Identity Governance 2024Show Notes: https://securityweekly.com/esw-353
- Visa fler