Info

Enterprise Security Weekly (Video)

A look at the current state of enterprise security solutions, including new products, features and industry reporting. Hosted by Paul Asadoorian and John Strand.
RSS Feed Subscribe in Apple Podcasts
Enterprise Security Weekly (Video)
2021
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April


Categories

All Episodes
Archives
Categories
Now displaying: November, 2020
Nov 26, 2020

Vulnerability prioritization has traditionally relied on CVSS scores and other subjective measurements (e.g. asset tagging) that don't factor in internal context. A new approach integrates asset context and application activity to derive rich, internal data.

 

This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw208

Nov 26, 2020

It's widely-accepted that multifactor is a best practice for authentication, but there are a variety of implementations (e.g., smart cards, push notifications, OTPs). We'll talk through the benefits and drawbacks of each and explore why Microsoft's director of identity security just published a blog post about abandoning text messages for Office365/Azure authentication.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw208

Nov 25, 2020

This week, Why Companies Should Outsource Cybersecurity During COVID and Beyond, Sectigo Adds Five PKI DevOps Integrations, a Drupal vulnerability press statement from ExtraHop, Palo Alto Networks launches Industry’s first 5G-Native Security offering, And Passwords exposed for almost 50,000 vulnerable Fortinet VPNs!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw208

Nov 19, 2020

Osquery has grown in popularity because of its broad applicability in enterprise environments. In this tech segment, Ganesh Pai and Julian Wayte from Uptycs will talk about how organizations are using osquery to solve thorny problems such as fleet visibility, compliance and audit, and threat detection and investigation (including MITRE ATT&CK coverage).

 

This segment is sponsored by Uptycs. Visit https://securityweekly.com/uptycs to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw207

Nov 19, 2020

The recent surge of ransomware attacks has highlighted a shift in tactics employed by threat actors looking to extort organizations. Their methodology has changed from a quick, opportunistic attack to a prolonged, targeted approach. This shift in methodology presents threat groups with the opportunity to encrypt more critical data, but also presents security teams with the opportunity to detect activity before data is encrypted. In this talk we'll explore how this allows security analysts to use network detection and response capabilities to discover malicious activity between initial compromise and encryption.

 

This segment is sponsored by Gigamon. Visit https://securityweekly.com/gigamon to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw207

Nov 18, 2020

In the Enterprise News, the all new AWS Network Firewall, Zero Trust for kubernetes, interactive coding simulations, DNS monitoring, and Twitter appoints a new head of security! The latest acquisitions from Cisco, Acronis, Palo Alto Networks, and Flashpoint, and recent funding announcements from Unbound, Havoc Shield, Menlo Security and Cato networks!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw207

Nov 12, 2020

Secure Circle: For a true Zero-Trust environment, it isn’t enough to think about data in cloud services and SaaS applications, we also must protect, control and audit data that egresses form these services onto endpoints. - How do you protect data that egresses from your cloud services (i.e., Github, Workday, SalesForce, Box, OneDrive)? - Do you control access to your data after it egresses from your cloud services?

This segment is sponsored by SecureCircle. Visit https://securityweekly.com/securecircle to learn more about them!

 

Vicarius: Pentesting is littered with politics, bias reporting, and human error. So how do you clean up the trash? A former IDF engineer shares how his stint as a pentester changed the way he thinks about it - and ultimately led to the development of a new technology.

This segment is sponsored by Vicarius. Visit https://securityweekly.com/vicarius to learn more about them! Start your free trial today, visit: https://www.vicarius.io/sign/up

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw206

Nov 12, 2020

In the Enterprise News, BotRx widgets provide analytical context on how attacks impact business operations, New Kasada API protects from botnet attacks and targeted fraud, White Ops Offers Expanded Protection Against Sophisticated Bot Attacks and Fraud through the AWS Marketplace, SentinelOne, an AI-based endpoint security firm, confirms $267M raise on a $3.1B valuation, ZeroNorth unites security and DevOps teams with Defect Density Dashboard, and much more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw206

Nov 11, 2020

Chronicle brings Google-scale threat detection to enterprises with the debut of its threat detection solution, Chronicle Detect. It includes a rules engine that operates at the speed of search, a powerful rules language optimized to describe complex threat behavior, and a regular stream of new rules and indicators, built by our elite research team. Chronicle Detect makes it easy for enterprises to move from legacy security tools to a modern threat detection system.

 

This segment is sponsored by Chronicle. Visit https://securityweekly.com/chronicle to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw206

Nov 5, 2020

The sudden shift to remote work rocked IT teams around the world–disrupting systems that had been carefully designed to keep the business secure almost overnight. As remote work continues, IT teams will need complete visibility of their network more than ever. ExtraHop's Mike Campfield joins Security Weekly to make the case for why Network Detection and Response (NDR) should have a place in security strategies in 2021.

 

This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw205

Nov 5, 2020

A current and active cyberattack is spreading rapidly across organizations, propagating via open redirector domains and subsidiary domains belonging to multiple global brands. The comprehensive and multi-layered attack is delivered via phishing emails, attempting to steal corporate email credentials and deploy malware. Find out how organizations detect this attack. And, we'll discuss how this attack compares to the Proud Boys phishing campaign.

 

This segment is sponsored by GreatHorn. Visit https://securityweekly.com/GreatHorn to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw205

Nov 4, 2020

Offsite-training is expensive and inefficient. It takes key resources away from their jobs and then demands even more time from them by requiring that they then train the rest of the team on what they learned. On-demand training for the entire team through platforms like Cybrary enables leads to train and simultaneously develop training programs for the rest of the team that focus on hands-on skill development in the areas that are relevant and tailored.

 

This segment is sponsored by Cybrary. Visit https://cybrary.it/solved to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw205

1