From Fortune 500 to Education, from startup to running a consulting firm, Brendan's experience in information security has served him well. It all started with his boss speaking outloud about how they 'needed to get someone to handle security', and deciding he wanted to be that someone. Now a CISSP, CISM, and a couple of decades, and many industry changes, later he is still at it. Brendan joins Matt and Paul this week to discuss Patch Management, and how using Automox is helping him in the space!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ESWEpisode163
Kenneth F. Belva, CISSP, CEH is a cybersecurity expert practicing in the field since 1998 serving in both technical and non-technical roles. Ken joins Matt and Paul today to talk about Why scanning for default credentials missing from the rest of the scanning vendors! The problem of default and weak credentials. Why they're still low hanging fruit after all these years. And new solutions to detecting default and weak credentials on the network.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ESWEpisode163
Cloudflare Open-Sources its Network Vulnerability Scanner, Qualys brings its Market Leading Vulnerability Management Solution to the next level, and some acquisition and funding updates from Palo Alto, Cymulate, Detectify, and Perimeter 81!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ESWEpisode163
Jorge Salamero is the Director of Product Marketing at Sysdig. Jorge joins us on the show to talk about Kubernetes, Project Falco, vulnerability pre-deployment, and containers.
To learn more about Sysdig, visit: https://securityweekly.com/sysdig Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode162
Reuven Harrison is the Chief Technology Officer at Tufin. Reuven brings more than 20 years of software development experience, holding two key senior developer positions at Check Point Software, as well other key positions at Capsule Technologies and ECS. He received a Bachelor's degree in Mathematics and Philosophy from Tel Aviv University.
To learn more about Tufin, visit: https://securityweekly.com/tufin Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ESWEpisode162
In the enterprise news, discussing how Sysdig supports Google Cloud Run for Anthos to secure serverless workloads in production, StackRox Kubernetes Security Platform 3.0 Introduces Advanced Features and New Workflows for Configuration and Vulnerability Management, and some acquisition and funding updates from CyberCube, 1Password, Docker, WhiteSource, and more!
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode162
Ward Cobleigh is the Sr. Product Manager at VIAVI Solutions. There's an abundance of potential data sources that can be found within you network. Where should you look? Which data sources offer unique perspectives and value? How can you use these data sources to speed threat identification, understand scope and impact, and aide in remediation steps to minimize impact? This segment will include a brief demonstration of how commonly available data sources can be effectively leveraged by SecOps and NetOps teams.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ESWEpisode161
Baber Amin is the CTO West at Ping Identity. Security has always been perimeter centric with an "US" vs "THEM" approach. Multiple factors are forcing a change to this design pattern, and exposing it's shortcomings. The concept of "zero trust" is really a concept of "defense in depth" applicable when our perimeters are ephemeral and fluid.
To learn more about Ping Identity, visit: https://securityweekly.com/ping
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode161
STEALTHbits releases StealthDEFEND 2.2, its real-time threat detection and response platform, Tenable to Secure Enterprise Cloud Environments with Microsoft Azure Integration, Aqua Security buys CloudSploit to expand into cloud security posture management, and much more!
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode161
Tim Callan is the Senior Fellow at Sectigo. Quantum computing and what its arrival means for IT, traditional computing and infosecurity. TC expects that both architectures will live side by side, with traditional computing serving most tasks and quantum computing being employed for the specific operations where it offers improved efficiency. He will discuss expected outcome of quantum computing is that the world’s existing cryptographic infrastructure will have to change in a fundamental way and future encryption platforms need to be resistant to attacks not just from quantum computers but traditional computers as well.
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode160
Adrian is an Advocate at Thinkst, the company behind the awesome and much loved Thinkst Canary. A former practitioner, PCI QSA, penetration tester, industry analyst and entrepreneur, he has explored many angles of the security industry, attempting to understand what makes it tick and what makes it fail. Adrian is an outspoken researcher that doesn't shy away from uncomfortable truths. He loves to write about the industry, tell stories and still sees the glass as half full.
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode160
In the news, talking about how Trustwave offers threat detection and response for Microsoft Azure, LogRhythm offers migration service to Splunk customers to address security challenges, CrowdStrikes Falcon security platform lands on AWS, and how GitLab plans to ban hires in China and Russia due to espionage concerns!
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode160
Carter Manucy is the Cybersecurity Manager at Municipal Power Agency. Fireside chat around the differences in IT and OT cybersecurity, challenges finding the right folks, challenges facing securing OT specific equipment, workforce development.
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode159
Paul and Matt talk about Deployment, Practice, and Reporting concerning Vulnerability Management.
Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode159