Info

Enterprise Security Weekly (Video)

News, analysis, and insights into enterprise security. We put security vendors under the microscope, and explore the latest trends that can help defenders succeed. Hosted by Adrian Sanabria. Co hosts: Katie Teitler-Santullo, Darwin Salazar.
RSS Feed Subscribe in Apple Podcasts
Enterprise Security Weekly (Video)
2024
December
November
October
September
August
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April


Categories

All Episodes
Archives
Categories
Now displaying: 2020
Oct 22, 2020

Organizations have millions of vulnerabilities. And our research has shown that those same organizations, large or small, on average, can only fix about one in ten of those vulnerabilities. But as a security practitioner you still need to keep your organization secure, so how do you do that when you can’t possibly fix ALL of your vulnerabilities? Ed Bellis will:

  • Review what years of joint research into vulnerability management with the Cyentia Institute uncovered about the scope of the challenge
  • A breakdown in performance factors by industry and platforms
  • Lay out several factors that drive better remediation performance
  • Provide a deeper understanding of the scope of exposures and how risk informs remediation strategies

 

This segment is sponsored by Kenna Security. Visit https://securityweekly.com/kennasecurity to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw203

Oct 21, 2020

Palo Alto Networks announces cloud native security platform, Akamai launches new API security tool, SentinelOne secures patent for unique approach to uncovering exploits in their initial payload stage, Splunk helps security teams modernize and unify their security operations in the cloud, and Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw203

Oct 15, 2020

Simplifying The Process Of Identifying, Assessing & Mitigating Risks: Liam Downward, CEO of CYRISMA, talks about burdensome technologies that generate bloat within any organization, high licensing costs along with the long deployment times. All of these affect the ROI on organizational resources Time, Money, and People. This segment is sponsored by CYRISMA. Visit https://securityweekly.com/cyrisma to learn more about them!

Get 10% off your monthly bill when you sign up! Visit: https://www.cyrisma.com

 

Summarizing the BlackHat Threat Intelligence Report: Matthew Gardiner, Principal Security Strategist, from Mimecast will provide and overview of Mimecast and the results of their Threat Intelligence Report, BlackHat USA Edition, August 2020. This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecastbh to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw202

Oct 15, 2020

Learn about some of the latest techniques attackers are using when phishing and vishing, including how to protect your users!

 

This segment is sponsored by Rapid7. Visit https://securityweekly.com/rapid7 to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw202

Oct 14, 2020

Bad Neighbor Vulnerability, FireEye Announced ‘Mandiant Advantage: Threat Intelligence’ SaaS-based Offering, Aqua’s Trivy Now Available as a GitHub Action, Datadog adds Deployment Tracking to its APM to prevent outages related to bad code deploys, and Tenable and the Center for Internet Security Enter Partnership to Bolster Cyber Hygiene Across Public and Private Sectors!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw202

Oct 8, 2020

Falcon OverWatch, the CrowdStrike® elite team of threat hunters, has the unparalleled ability to see and stop the most sophisticated threats, leaving adversaries with nowhere to hide. In this segment we'll discuss the OverWatch team’s key threat hunting findings from the first half of 2020, as described in the 2020 Threat Hunting Report. The report reviews intrusion trends during that time frame, provides insights into the current landscape of adversary tactics and delivers highlights of notable intrusions OverWatch identified. Download the full report https://www.crowdstrike.com/resources/reports/threat-hunting-report-2020/ Learn about the latest trends in cyber crime and take a deep dive into some of the tactics, techniques and procedures in use by specific cyber crime groups!

 

Visit https://securityweekly.com/crowdstrike to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw201

Oct 8, 2020

The appearance of safety and actual security often do not align as closely as we would like to think. As enterprise security products get "smarter", the access that they require to your most sensitive data grows. What are some of the risks associated with common classes of security products?

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw201

Oct 7, 2020

Anchore Rolls Out Open Source DevOps Tools, Rapid7 Cloud Identity and Access Management Governance Module for DivvyCloud, Digital Shadows launches access key alerts, Microsoft Azure customers can now implement Datadog as a monitoring solution for their cloud workloads, and Ping Identity unveils PingOne Services!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw201

Sep 24, 2020

Data breaches and insider threats are happening, even with costly and complex data protection programs in place. A reimagined approach to data security needs to be taken.

 

This segment is sponsored by SecureCircle. Visit https://securityweekly.com/securecircle to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw200

Sep 24, 2020

As attackers grow increasingly sophisticated, artificial intelligence (AI) and machine learning (ML) applications in cybersecurity are no longer a “nice to have.” But after years of being tossed around as a buzzword, it’s time to demystify AI/ML to expose how far the technologies have come and how they can keep your business secure if leveraged correctly. We discuss what the terms mean, why they’re critical for cybersecurity, and how/when to apply different types of AI/ML (including supervised, unsupervised, and deep learning) appropriately.

 

This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw200

Sep 23, 2020

ExaGrid releases version 6.0 with Time-Lock for Ransonware Recovery Feature, Microsoft overhauls 'Patch Tuesday', Palantir to begin New York trading on September 30th, Accenture acquires SALT Solutions to build cloud-based industrial IoT platforms, and Code42 Incydr: A cloud-native product that mitigates insider data exposure and exfiltration!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw200

Sep 17, 2020

The drivers behind transformation, or roadbloacks, come in different forms. Mergers and acquisitions present both security challenges and opportunities for growth. Legacy technology always presents unique challenges, especially when it comes to security. Of course, everyone wants to be cloud native, but just how far along are you on the journey? Join us for a discussion on these topics with Jimmy Mesta from Signal Sciences!

 

This segment is sponsored by Signal Sciences. Visit https://securityweekly.com/signalsciences to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw199

Sep 17, 2020

As organizations grow and get more mature, they are looking for ways to achieve more with less. Join this ESW segment to learn how mature organizations approach web application security at scale, how they achieve greater visibility, shift security left and how they save time for their team whilst building more effective web application security programs.

 

This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw199

Sep 16, 2020

Acunetix new data retention policies, 5 Things to Ask Your Web App Pen Test Provider, Microsoft's open source tool for sniffing out Windows 10 bugs, Datadog unveils support for distributed tracing for AWS Step Functions via AWS X-Ray, Gravwell's Data Fusion platform breaks the mold of legacy data ingestion engines, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw199

Sep 10, 2020

Bradon describes Mimecast's "cloud-based resilience platform." What problem(s) they are solving. How they solve it in a unique/differentiated way and the value to the customers.

 

This segment is sponsored by Mimecast. Visit https://securityweekly.com/mimecast to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw198

Sep 10, 2020

In today’s modern enterprise, where traditional security boundaries have all but disappeared, Identity has become the new security perimeter. In this episode, CyberArk Identity Security expert Corey Williams will explore the concept identity security and its key elements, including Privileged Access Management, Multi-factor Authentication, Single Sign-on, and innovations in machine learning and AI - that are powering Identity Security today. Corey will also explore the Identity Security technology landscape and the evolution of Identity, focusing on Identity Security as an enablement tool in the age of remote work arrangements, growing cloud adoption, and everything mobile.

 

This segment is sponsored by CyberArk. Visit https://securityweekly.com/cyberark to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw198

Sep 9, 2020

Yubico Delivers New Security Key the YubiKey 5C NFC, ManageEngine ADSelfService Plus now supports MFA for VPNs to protect remote workforce, Sysdig partners with VulnDB to strengthen vulnerability intelligence reporting, 3 Signs it’s Time for a Penetration Test, and CrowdStrike Expands Support for AWS Workloads and Container Deployments!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw198

Sep 3, 2020

This year we’ve seen organizations accelerate their so-called digital transformation almost overnight. Now we’re getting to the point where security leaders and business owners need to stop and take stock of what happened, what’s a temporary band aid, and figure out how to build their strategy without the luxury of getting yelled at by vendor booths in Mandalay Bay. This segment is sponsored by CrowdStrike. Visit https://securityweekly.com/crowdstrike for a totally free trial! CrowdStrike at Black Hat USA 2020 https://www.crowdstrike.blog/join-crowdstrike-at-black-hat-2020/

 

All applications use APIs—they’re nothing new to the development world. But are organizations factoring API security into their broader security strategy effectively? We’ve seen high-profile breaches at well-known companies stemming from their exposure or use of insecure API endpoints. This raises the question of how your software security initiative addresses the controls you need to ensure the APIs you use and produce are secure. Within this segment, Michael Borohovski will discuss key considerations when designing APIs, along with security controls and security testing that could make or break your software. This segment is sponsored by Synopsys. Visit https://securityweekly.com/synopsys to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw197

Sep 3, 2020

deepwatch Lens Score - The first SecOps maturity benchmarking and planning app. Answers CISO Questions: How mature is my Security Program? How do I compare to my peers? What one thing should I do next? This segment is sponsored by deepwatch. Visit https://www.deepwatch.com/lens-score/ to try deepwatch Lens Score for free!

 

Every organization gets compromised - it’s how you fast you detect and respond that counts. Trends like the overnight move to remote work and the subsequent increase in phishing attacks, the acceleration of cloud adoption, and proliferation of enterprise IoT have expanded the attack surface and complicated the job of security professionals. We’ll explore those trends and the opportunity that lay ahead for security teams post-compromise to prevent an event that results in an outage or incident from becoming a full-scale data breach. This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them! For a free trial of Reveal(x)360 visit: www.extrahop.com/swbh

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw197

Sep 2, 2020

Proofpoint's $300 Million buyback program, LogRhythmn Power Users share their use cases, Bitdefender Enhances MDR Service to Increase Proactive Protection and Advanced Detection, Anchore Unveils Enterprise 2.4 With Expanded & Updated Capabilities, and Auth0's new bot detection!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw197

Aug 27, 2020

A recent study by Enterprise Strategy Group, commissioned by Synopsys, revealed that nearly half of the cybersecurity and development professionals surveyed indicate that their organization knowingly pushes vulnerable code into production due to time pressures. In every sector, development and security teams grapple with the competing demands of development velocity and application security. Today, Patrick Carey will join us to talk about how organizations are working to build security into their development toolchains and processes.

 

This segment is sponsored by Synopsys. Visit https://securityweekly.com/synopsys to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw196

Aug 27, 2020

Penetration testing is the practice of simulating a criminal breach of a sensitive area in order to uncover and fix defensive failures. Rapid7 just released it's 2020 "Under the Hoodie" report which looks at the last 12 months of data exploring the hows and whys of penetration testing, covering mainly internal and external network compromises, with some supplementary data on social engineering and red team simulations. During this podcast we'll talk about some of the key findings and ways you can better secure yourself in the following areas: -Internal network configuration and patch management -Password management and secondary controls - VPNs and internet-based applications

 

This segment is sponsored by Rapid7. Visit https://securityweekly.com/rapid7 to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw196

Aug 26, 2020

Checkmarx Announces GitLab Integration, Panaseer Automates IRM with Archer Integration, How Attivo Networks Strengthens Active Directory Defense, Elastic Security 7.9 delivers a major milestone toward endpoint security integrated into the Elastic Stack, VMware brings Kubernetes to its VMware Fusion and VMware Workstation solutions, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw196

Aug 20, 2020

The concept of purple teaming needs to be expanded to incorporate a culture of collaboration across all proactive and reactive activities within enterprise cybersecurity programs. Learn how PlexTrac can aid in all thing purple teaming and drive to the security posture forward for all. This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! To get one month free, visit: https://securityweekly.com/plextrac

 

Are security operations teams prepared to respond to privacy threats? Although you can achieve security without privacy, namely keeping information safeguarded from those that should not have access, you can not keep data private without security. How can we address this challenge? This segment is sponsored by Spirion. Visit https://securityweekly.com/spirionbh to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw195

Aug 20, 2020

Matt and Anton will discuss the new integration between Tanium and Chronicle, designed for distributed IT in a remote-work world. The two will explore some of the unique challenges that security teams are facing in light of this change. They will also provide details on the new integrations, which combines comprehensive endpoint telemetry from Tanium with Chronicle s cloud-scale analytics to inform threat hunting and investigations with one year of recorded endpoint activity. This is just the beginning of the partnership between Google Cloud and Tanium. Check out the blog post on Tanium's website to learn more about the future of the partnership and what it means for security. This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!

 

Risk remains the top concern for organizations adopting software-as-a-service (SaaS) models and this is an issue that is only getting worse. What is needed today is the ability to remove the dependency on human behavior and human error, bringing control back to the security team. Risk in a SaaS environment is largely an identity problem. Specifically, it is a misuse of identity and the privileged access granted to that identity. Before implementing any SaaS platform, you must consider how much access is really being granted in the cloud. More importantly, how is that privileged access being used? This segment is sponsored by Vectra. Visit https://www.vectra.ai/o365 to learn more about them! To see how Vectra can detect attacks in SaaS like Office 365, please visit: https://www.vectra.ai/o365

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw195

« Previous 1 2 3 4 5 6 Next »