Metrics, Training, Culture – Why Your Phishing Program Isn’t Working - Drew Rose, Living Security Phishing reports have become the standard for measuring security awareness, and yet breaches keep happening. Something is broken. Knowing how to recognize a phishing attempt is a tiny part of creating a security-focused culture and protecting your business from attacks.
This segment is sponsored by Living Security. Visit https://securityweekly.com/livingsecurity to learn more about them!
A New Perspective on Cloud Security Resilience - Ganesh Pai, Uptycs Cloud security, the next frontier. How do we build resilient services in the cloud and secure them. Ganesh Pai, CEO at Uptycs, joins us to discuss a new perspective on cloud security resilience.
This segment is sponsored by Uptycs. Visit https://securityweekly.com/uptycs to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw229
This week in the Enterprise News, Paul and the Crew talk: Secure and monitor AWS Lamba with new, not related, features from Datadog and Imperva, ServiceNow integrates with Microsoft solutions, SentinelOne wins two awards, Reducing risk with IAM, Kemp lanches Zero Trust, AWS launches another contianer product, Zscaler acquires Smokescreen, Sumo Logic acquires DF Labs, Uptycs, Salt Security and Spec Trust secure funding... & more!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw229
SIEM tools have been the bedrock of Security Operation Centers, or SOCs, for much of the history of modern security. That does not mean that they are loved: most SIEM tools are overwrought, complex, and hard to manage. In the past few years a new category of tool has emerged: SOAR. While many teams that invest in SOAR platforms are first leveraging them for automation, Code42 Principal Security Engineer & Researcher Nathan Hunstad believes that SOAR tools are also poised to finally displace SIEM at the top of the blue team tool pyramid, and rightly so.
Segment Resources:
https://www.code42.com/blog/is-soar-the-new-siem/
This segment is sponsored by Code42. Visit https://securityweekly.com/code42 to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw229
SolarWinds SUNBURST was a rude awakening for many security teams, and it won't be the last time security leaders face tough questions about how an adversary evaded defenses and stayed hidden. With advanced threats persisting inside the network for months, security teams need a new plan. In this session, ExtraHop VP, Security Response Services Mark Bowling discusses strategies to detect, investigate, and respond to post-compromise attack activities.
This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop-rsac to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw228
The Enterprise Security Weekly crew summarizes all the news from RSA Conference 2021, including product announcement, acquisitions, funding, and more!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw228
The perimeter is dissolving. Employees are using any device from any location for work. With limited visibility from our traditional networking and endpoint security controls, how do we protect our data? John Masserini, Global Chief Information Security Officer at Millicom (Tigo) Telecommunications, joins us to discuss the fundamentals of an identity strategy, including identity and access management, single sign-on, multi-factor authentication, and privileged access.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw228
This week in the Enterprise News: XM Cyber Announces Integration with Palo Alto Network's Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw227
Cyberattackers have not been slowed down by the worldwide pandemic. Phishing, cryptojacking, and trojans all continue to dominate the cybersecurity threat charts. It’s critical to know what security issues are most likely to crop up within your organization and their potential impacts. The challenge is that the most active threats change over time as the prevalence of different attacks ebb and flows. Register to learn about key threat trends facing businesses like yours in 2021. We’ll be joined by Data Scientist, Austin McBride, and Security Researcher, Artsiom Holub. We’ll tackle tough questions and take a deeper dive into recent threats to help you craft a strategy that helps you investigate threats, simplify operations, and scale security.
This segment is sponsored by Cisco Umbrella. Visit https://securityweekly.com/ciscoumbrella to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw227
What lessons can others still learn from the attack on the Florida water treatment facility? How does this incident shine a light on cybersecurity risks associated with the convergence of OT and IT? And what can be done to mitigate these risks?
Segment Resources:
https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952
https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw227
This week in the Enterprise Security News: Code42 enhances Incydr to help identify insider risk related to file uploads to unsanctioned websites, Imperva acquires CloudVector to provide visibility and security for API traffic, ThreatQuotient launches ThreatQ TDR Orchestrator to accelerate detection and response, KnowBe4 Launches Artificial Intelligence-Driven Phishing Feature, and some funding and acquisition updates from Thoma Bravo, Proofpoint, Darktrace, JupiterOne, and more!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw226
Web applications have never been more critical to your business. Yet, the everchanging threat landscape, from the move towards the cloud, to the explosion of devices on the internet, to the effects of the pandemic, keeps shifting the playing field. Join Carlos Morales, CTO Security Services, Neustar, to hear about how cyber criminals are taking advantage of these changes and considerations for how best to de-risk your application environment, no matter where your apps are hosted.
Segment Resources:
Learn more about [Security Solutions at Neustar] https://www.home.neustar/security-solutions
See our [Video] https://www.home.neustar/resources/videos/security-you-can-trust
Read our new white paper: [The Changing Face of Web Application Security] https://www.home.neustar/resources/whitepapers/web-application-security-threats
This segment is sponsored by Neustar. Visit https://securityweekly.com/neustar to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw226
Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and analyzing them en mass. What are the benefits of SBOMs and what types of risk that can be identified through their use?
Segment Resources:
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw226