Enterprise Security Weekly (audio)

This week, In the first segment, we welcome Damon Small, Technical Director of Security Consulting at NCC Group, for an interview covering the Florida Water Treatment Facility Hack, and the Convergence of OT & IT! Next up, Artisom Holub, Senior Security Analyst and Austin McBride, Data Scientist, from Cisco Umbrella join to talk about some Chart Topping Threats and How Attacks will rage in 2021! In the Enterprise Security News: XM Cyber Announces Integration with Palo Alto Network's Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more!   Show Notes: https://securityweekly.com/esw227 Visit https://securityweekly.com/ciscoumbrella to

This week, In the first segment, we welcome Steve Springett, Chair at CycloneDX SBOM Standard, Core Working Group, for a discussion on The Rise of SBOM! Next up, Carlos Morales, CTO Security Services at Neustar, joins for a discussion on how Applications Are Your Lifeblood – Understanding the Changing Attack! In the Enterprise Security News: Code42 enhances Incydr to help identify insider risk related to file uploads to unsanctioned websites, Imperva acquires CloudVector to provide visibility and security for API traffic, ThreatQuotient launches ThreatQ TDR Orchestrator to accelerate detection and response, KnowBe4 Launches Artificial Intelligence-Driven Phishing Feature, and some funding and acquisition updates from Thoma Bravo, Proofpoint, Darktrace, JupiterOne, and more!   Show Notes: https://securityweekly.com/esw226 Segment Resources: https://www.home.neustar/resources/videos/security-you-can-trust https://www.home.neustar/resources/whitepapers/web-application-security-threats https://cyclonedx.org/ htt

This week, Rickard Carlsson, CEO at Detectify, joins us to talk about collaboration as the modern approach application security. In the Enterprise News for this week: HackerOne Enhances Security Testing Platform, Palo Alto Networks Expands Unit 42 Cybersecurity Consulting Group, Thoma Bravo to take cyber security firm Proofpoint private, BlackRock, Tudor Group Back Cybersecurity Startup Deep Instinct, and more! Authentication and authorization might sound similar, but they are two distinct security processes. Joe Carson, Chief Security Scientist at Thycotic, joins us to discuss why privileges, not identities, are one of the biggest challenges for identity and access. Joe will share Thycotic's simple approach to solving privileged access.   Show Notes: https://securityweekly.com/esw225 Segment Resources: https://blog.detectify.com/2021/04/09/modern-application-security-requires-speed-scale-and-collaboration/ Visit https://securityweekly.com/detectify to learn more about them! Visit https://securityweekly.com/

This week, we welcome Jeff Deininger, a Principal Cloud Security Engineer, joins us and will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectural elements to deny attackers the crucial traction needed to establish a foothold at the beginning of a campaign, leaving attackers feeling like they are inescapably 'walking on ice'. Phishing links are getting past existing protections and clicked. How do you prevent these attacks? In this segment, Chris Cleveland, CEO at Pixm, will demonstrate how computer vision protection in the browser stops these attacks in real time and how you can know your own gaps. In the Enterprise News for this week, Darktrace targets listing for early May, KKR-backed cybersecurity firm KnowBe4 aims for $3 Billion valuation in U.S. IPO, Dell spins off VMware to fuel post-pandemic PC growth opportunities, lots of funding announcements, and more!   Show Notes: https://securityweekly.com/esw224 Segment Resources: Threat Report: https://pixm.

This week, In the first segment, Ryan Noon from Material Security join us for a discussion on Zero Trust! Next up, John Loucaides joins for an interview on firmware attacks, and what enterprises need to do! In the Enterprise Security News:Cyble raises $4M, ThreatQuotient raises $22.5M, OneTrust acquires Convercent, Digital Shadows announces new threat intelligence capabilities, Rapid7 Announces Kubernetes Open Beta in InsightVM, LogRhythm Releases Version 7.7, Imperva unveils new data security platform built for cloud, Acronis releases a new version of Acronis Cyber Protect Cloud, Minerva Labs Launches Cloud Version of its Endpoint Threat Prevention Platform, What's Behind the Surge in Cybersecurity Unicorns? Cisco Umbrella unlocks the power of SASE and more!   Show Notes: https://securityweekly.com/esw223 Segment Resources: Assessing Enterprise Firmware Security Risk in 2021 - https://eclypsium.com/2021/01/14/assessing-enterprise-firmware-security-risk-in-2021/ https://github.com/chipsec/chipsec The Top 5 F

This week, In the first segment, Zack Moody from AVX Corporation join us for an interview on the Rise of Insider Threat post Covid-19! Next up, Juliet Okafor joins for an interview on Why User Adoption in Enterprise Security is Low! In the Enterprise Security News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud and more!   Show Notes: https://securityweekly.com/esw222 Visit https://www.securityweekly.com/esw for all the latest episode

This week, Trey Ford from Salesforce joins us to talk about Platform Security, as well as PaaS and Hosting. Next Up, Jarrett Rodrick from VMware discusses how you can "Jump-start Your SOC Analyst Career"! In the enterprise security news Funding announcements from SecurityScorecard, Secureframe, Axis Security, Orca, Cylera, and Vulcan Cyber. A non-funding announcement from Thinkst. Fortinet aquires ShieldX, VMware acquires Mesh7 and Copado aquires New Context. Knowbe4 files for IPO. Exabeam Launches First-ever Comprehensive Use Case Coverage, Linksys and Fortinet form an interesting partnership, Sonatype targets a more secure software supply chain with a 5-part announcement, CTO.ai Launches Serverless Kubernetes Platform and more!   Show Notes: https://securityweekly.com/esw221 https://www.amazon.com/Jump-start-Your-Analyst-Career-Cybersecurity/dp/148426903   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook:

This week, our good friend Ron Gula joins us to talk about cybersecurity investments, tips for both enterprises and enturprenurs. In the enterprise security news funding announcements from Coalition, HeraSoft, Cowbell Cyber, Argon, Cynet, Docker, and Cyware. Sonatype Acquires MuseDev, Sumologic Acquires DF Labs, Acronis acquires Synapsys, Lookout grabs CipherCloud and a cybersecurity SPAC. Kasada announces some new features to its bot detection offering, Rapid7 introduces an agent for CloudFront, Aqua supports ARM, and Chris Roberts joins Cynet! Ilia Kolochenko, the chief architect at Immuniweb joins us to talk about attack surface management!   Show Notes: https://securityweekly.com/esw220 Gula Tech Foundation Grant Program - Data Care: https://www.gula.tech/foundation Gula Tech Non-Profits: https://www.gula.tech/projects   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, In the first segment, Chris Cleveland from PIXM join us to discuss using computer vision to combat phishing! Next up, Jeff Foley joins for an interview on the OWASP Amass Project! In the Enterprise Security News: Okta acquires Auth0, KnowBe4 Acquires MediaPRO, PayPal to acquire Curv, and Dropbox to acquire DocSend, Aqua Security raises $135M, Privacera Secures a Series B, YL Ventures sells its stake in Axonius, Snyk Secures a Series E, and McAfee sells its Enterprise business, AWS Announces New Lower Cost Storage, Radware's New Integrated Application Delivery & Protection, Bitdefender launches new Cloud-based EDR Solution, Awake's NDR platform, CrowdStrike Falcon enhancements improve SOC efficiency, Tufin releases Vulnerability-Based Change Automation App, Gigamon launches Hawk, Sonatype Releases New Nexus Firewall Policy to Secure Software Supply Chains, & more!   Show Notes: https://securityweekly.com/esw219 Visit https://securityweekly.com/Pixm to learn more about them! Threat Report: h

This week, In the first segment, Matt Cauthorn & Sri Sundaralingam from ExtraHop join us to discuss why Traditional IDS is Dead! Kimberly Sutherland from LexisNexis Risk Solutions will discuss The New Cybercrime Landscape! In the Enterprise Security News Thycotic and Centrify join forces, Netwrix acquires Strongpoint, SentinelOne plans for IPO, Qomplx plans to go public, and funding announcements from Axonius, HYAS, Armorblox and platform9. Attivo Networks Announces Continuous Assessment and Enforcement for AD, cPacket Networks announces cCloud, a network packet capture and analytics for Azure, Cavirin speeds up the process of keeping customers' hybrid clouds safe, Elastic announces an alerting framework, Bridgecrew automates cloud security in VS Code, Going Passwordless with YubiKey and Microsoft Azure AD, The Free ImmuniWeb Community Edition, GreatHorn vs Proofpoint: A 3rd Party Comparison, CyberArk's New Identity Security Offerings and more!   Show Notes: https://securityweekly.com/esw218 Visit https:/

This week, in the Enterprise Security News, Lastpass is no longer free, Tenable helps with dynamic assets, SecurityScorecard and the Score Planner, Trendmicro XDR, Imperva launches sonar, Funding announcements from: PerimeterX, SPHERE, Red Canary, 1Kosmos, Strata Identity. In the acquisistion news: Sailpoint to Acquire Intello, Crowdstrike to Acquire Humio, Palo Alto to acquire Bridgecrew, Kaseya to Acquire Rocket cyber! In the second segment, we welcome Christopher Crowley from Montance, LLC, to discuss the 2020 Security Operations Survey! In the final segment, Amit Malike & Ganesh Pai from Uptycs join us to discuss Evaluating the MITRE ATT&CK Evaluations in their Third Year!   Show Notes: https://securityweekly.com/esw217 Download the report: https://soc-survey.com/ Visit https://securityweekly.com/uptycs to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.faceb

This week, in the Enterprise Security News, A new Open-source tool helps discover public Azure blobs, A New Eclypsium Integration with Kenna.VM, Armis Raises $125 Million, Okta launches its new open-source design system, Enterprise selfie biometrics solutions from Ping Identity, Bitglass announces technical integrations between SD-WAN providers and its SASE offering, Cisco AppDynamics strengthens security posture, RSA NetWitness Detect AI claims to provide advanced analytics for actionable threat detection, Jetstack Secure delivers protection and visibility of machine identities, Obsidian SaaS security solution now available on AWS Marketplace, and SentinelOne Acquires Scalyr! In the second segment, we welcome HD Moore from Rumble, Inc! In the final segment, Kelley Mak from Work-Bench joins us for a discussion on work-bench ventures!   Show Notes: https://securityweekly.com/esw216 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweek

This week, in the Enterprise Security News, Mission Secure Announces Series B, Akamai Technologies Acquires Inverse,For Microsoft, Security is a $10 Billion Business, Sontiq acquires Cyberscout, IRONSCALES improves the ability to detect phishing attacks, Arista launches a zero trust security framework, Cymulate Integrates with Microsoft Defender for Endpoint, Tenable Empowers MSSPs to Launch Cloud-Based Vulnerability Management Services, StackPath Launches Direct Connect, Rapid7 acquires Alcide.IO to extend cloud security, Imperva updates its WAAP and Data Security offerings, SonicWall Confirms A Zero-Day Vulnerability with NO other details, Arista intros Multi-Domain Macro-Segmentation Service (I don't know what it means, but its provocative)! In the second segment, we welcome Jonathan Cran from Intrigue.io to discuss attack surface management! In the final segment, Sounil Yu from YL Ventures joins us for a discussion on the The Cyber Defense Matrix, the DIE Triad, and Cybersecurity Startups!   Show Notes: h

This week, in the Enterprise Security News, Platform9 unburdens users from the complexities of Kubernetes,Swimlane Raises $40 Million, SonicWall hacked by zero-days in its own products?, Deloitte Buys Root9B, Cygilant and SentinelOne Partnership, Fortinet announces AI-powered XDR, AlgoSec Announced updates to A32, ESET Launches Enhanced Cloud-based Endpoint Security Management, Entrust acquires HyTrust, LogRhythm acquires MistNet, and Huntress Acquires EDR Technology From Level Effect! In the second segment, we welcome Fredrik Nordberg Almroth from Detectify to discuss his recent research into DNS Hijacking to control top-level domains! In the final segment, Allan Alford from The Cyber Ranch Podcast joins us for a discussion on the ever popular topic of Supply Chain Security!   Show Notes: https://securityweekly.com/esw214 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, in the Enterprise Security News, Beyond Security partners with Vicarius, Amazon’s Parler removal and what it means for cloud confidence, Kount sold to Equifax, McAfee vs Crowdstrike, Jumpcloud raises some funds, Red Hat Acquires StackRox, and SolarWinds warnings of weak security and more. In the second segment, we talk Asset Management, Could this be the year we get a better handle on discovering and managing assets? In the final segment, we welcome Chris Blask from Unisys for an interview!   Show Notes: https://securityweekly.com/esw213 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Enterprise security News, Two data security companies merge, Veracode's products are now available in the AWS Marketplace, Zscaler launches a program for organizations dealing with the SolarWinds attack, SolarWinds is being sued in a class action lawsuit, funding announcements from Weaveworks, iBoss and Venafi. Chris Brown, Senior Director of Data Security at Imperva joins us to discuss the state of data security, Sean Metcalf, Founder and CTO at Trimarc Security and Tyler Robinson, Security Weekly host and Offensive Security Director at Trimarc Security will discuss the Solar Winds attack!   Show Notes: https://securityweekly.com/esw212 Visit https://securityweekly.com/imperva to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Enterprise security News, A Hack brought unwanted attention to SolarWinds, Datadog and Snyk unveil GitHub integration to automate software development workflow, Thoma Bravo Invests In Machine Identity Management/Security Startup Venafi, FireEye Closes $400M Blackstone Investment, and DigiCert now enables manufacturers to embed certificates on chips prior to manufacturing! Then, Martyn Crew from Gigamon joins us to discuss how "Visibility Is Critical in Uncertain Times", and we wrap up the show with a pre-recorded interview with Emily Huynh and Mandy McKenzie from Mimecast, discussing the Mimecast Awareness Training Philosophy!   Show Notes: https://securityweekly.com/esw211 Visit https://securityweekly.com/mimecast to learn more about them! Visit https://securityweekly.com/gigamon to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Enterprise Security News, How Kali Linux creators plan to handle the future of penetration testing, Tenable founders launch cybersecurity foundation to hand out grants, FireEye cybersecurity tools compromised in state-sponsored attack, Bitdefender launches cloud-based endpoint detection, response platform for companies, and Sysnet acquires Viking Cloud to enhance its cloud security platform and boost market expansion! Mike Lloyd from RedSeal joins us to discuss "How Can We Vaccinate Our Networks?", and we wrap up the show with an interview with Joe Rivela from Polarity!   Show Notes: https://securityweekly.com/esw210 Visit https://www.polarity.io/sw to learn more about them! Visit https://securityweekly.com/redseal to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, in the Enterprise Security News, securing Amazon EKS, Attivo Networks announces a new integration, a cloud security mapping startup comes out of stealth, recent funding announcements from DefenseStorm, GoSecure, EclecticIQ and more! We discuss The Road To Secure Your Organization, with Ferruh Mavituna, and wrap up the show with a special Round Table Discussion on Cybersecurity and Diversity featuring; Jackie Abrams, Gabe Gumbs, Mandy Logan, & Susan Bosco!   Show Notes: https://securityweekly.com/esw209 Visit https://securityweekly.com/netsparker to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Enterprise Security News, Why Companies Should Outsource Cybersecurity During COVID and Beyond, Sectigo Adds Five PKI DevOps Integrations, a Drupal vulnerability press statement from ExtraHop, Palo Alto Networks launches Industry’s first 5G-Native Security offering, And Passwords exposed for almost 50,000 vulnerable Fortinet VPNs! We discuss Which Multifactor Authentication is the Right One with Matt Barnett, Chief Strategist at SEVN-X!, and then we gain some insights into Sharpening CVSS with Asset Context, with Clayton Fields and Michael Assraf of Vicarius!   Show Notes: https://securityweekly.com/esw208 Visit https://securityweekly.com/vicarius to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly