Info

Enterprise Security Weekly (Video)

A look at the current state of enterprise security solutions, including new products, features and industry reporting. Hosted by Paul Asadoorian and John Strand.
RSS Feed Subscribe in Apple Podcasts
Enterprise Security Weekly (Video)
2022
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April


Categories

All Episodes
Archives
Categories
Now displaying: 2021
Jun 10, 2021

“Behind the scenes of the cyber fight” – talking about the good on the defender side, taking down cyber criminal supply chains, partnerships, taking down ransomware gangs.

This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!

 

Prior to building a web security program, you have to have a plan. How does one create that plan? In this segment, Kevin will focus on some concrete steps to help you create an AppSec plan using a simple framework.

This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw230

Jun 10, 2021

This week in the Enterprise News: Proofpoint unveils people-centric innovations across its three platforms, Citrix Secure Internet Access Simplifies Hybrid Workforce Challenges, CyberArk : Advances Industry-Leading Identity Security Platform, AI-powered cybersecurity provider ExtraHop to be acquired for $900M, New Israeli Unicorn Exabeam Hits $2.4 Billion Valuation, Microsoft acquires ReFirm Labs to boost its IoT security offerings, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw230

Jun 9, 2021

Traditional options of acquiring network detection and response (NDR) solutions have their individual pros and cons. SaaS or On-Premises NDR solutions allow you to customize it to your environment but require costly care and feeding such as detection tuning that distracts your SOC/IR teams from hunting adversaries. If you go with a Managed NDR you have predictable costs but receive generic detections and response options in a one-size fits all model. Join Stephen Newman, VP of Product Marketing to see how ThreatINSIGHT Guided-SaaS NDR combines a purpose-built NDR platform for adversary detection and response with Gigamon SOC/IR human talent dedicated to delivering guided expertise to your security team… together closing the SOC visibility gap, removing distractions, and providing advisory guidance when it matters most.

 

Segment Resources: https://www.gigamon.com/content/dam/resource-library/english/solution-brief/sb-gigamon-threatinsight.pdf

 

This segment is sponsored by Gigamon. Visit https://securityweekly.com/gigamon to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw230

May 27, 2021

Metrics, Training, Culture – Why Your Phishing Program Isn’t Working - Drew Rose, Living Security Phishing reports have become the standard for measuring security awareness, and yet breaches keep happening. Something is broken. Knowing how to recognize a phishing attempt is a tiny part of creating a security-focused culture and protecting your business from attacks.

This segment is sponsored by Living Security. Visit https://securityweekly.com/livingsecurity to learn more about them!

 

A New Perspective on Cloud Security Resilience - Ganesh Pai, Uptycs Cloud security, the next frontier. How do we build resilient services in the cloud and secure them. Ganesh Pai, CEO at Uptycs, joins us to discuss a new perspective on cloud security resilience.

This segment is sponsored by Uptycs. Visit https://securityweekly.com/uptycs to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw229

May 27, 2021

This week in the Enterprise News, Paul and the Crew talk: Secure and monitor AWS Lamba with new, not related, features from Datadog and Imperva, ServiceNow integrates with Microsoft solutions, SentinelOne wins two awards, Reducing risk with IAM, Kemp lanches Zero Trust, AWS launches another contianer product, Zscaler acquires Smokescreen, Sumo Logic acquires DF Labs, Uptycs, Salt Security and Spec Trust secure funding... & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw229

May 26, 2021

SIEM tools have been the bedrock of Security Operation Centers, or SOCs, for much of the history of modern security. That does not mean that they are loved: most SIEM tools are overwrought, complex, and hard to manage. In the past few years a new category of tool has emerged: SOAR. While many teams that invest in SOAR platforms are first leveraging them for automation, Code42 Principal Security Engineer & Researcher Nathan Hunstad believes that SOAR tools are also poised to finally displace SIEM at the top of the blue team tool pyramid, and rightly so.

Segment Resources:

https://www.code42.com/blog/is-soar-the-new-siem/

This segment is sponsored by Code42. Visit https://securityweekly.com/code42 to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw229

May 21, 2021

SolarWinds SUNBURST was a rude awakening for many security teams, and it won't be the last time security leaders face tough questions about how an adversary evaded defenses and stayed hidden. With advanced threats persisting inside the network for months, security teams need a new plan. In this session, ExtraHop VP, Security Response Services Mark Bowling discusses strategies to detect, investigate, and respond to post-compromise attack activities.

This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop-rsac to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw228

May 20, 2021

The Enterprise Security Weekly crew summarizes all the news from RSA Conference 2021, including product announcement, acquisitions, funding, and more!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw228

May 20, 2021

The perimeter is dissolving. Employees are using any device from any location for work. With limited visibility from our traditional networking and endpoint security controls, how do we protect our data? John Masserini, Global Chief Information Security Officer at Millicom (Tigo) Telecommunications, joins us to discuss the fundamentals of an identity strategy, including identity and access management, single sign-on, multi-factor authentication, and privileged access.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw228

May 13, 2021

This week in the Enterprise News: XM Cyber Announces Integration with Palo Alto Network's Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw227

May 13, 2021

Cyberattackers have not been slowed down by the worldwide pandemic. Phishing, cryptojacking, and trojans all continue to dominate the cybersecurity threat charts. It’s critical to know what security issues are most likely to crop up within your organization and their potential impacts. The challenge is that the most active threats change over time as the prevalence of different attacks ebb and flows. Register to learn about key threat trends facing businesses like yours in 2021. We’ll be joined by Data Scientist, Austin McBride, and Security Researcher, Artsiom Holub. We’ll tackle tough questions and take a deeper dive into recent threats to help you craft a strategy that helps you investigate threats, simplify operations, and scale security.

This segment is sponsored by Cisco Umbrella. Visit https://securityweekly.com/ciscoumbrella to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw227

May 12, 2021

What lessons can others still learn from the attack on the Florida water treatment facility? How does this incident shine a light on cybersecurity risks associated with the convergence of OT and IT? And what can be done to mitigate these risks?

Segment Resources:

https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952

https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw227

May 6, 2021

This week in the Enterprise Security News: Code42 enhances Incydr to help identify insider risk related to file uploads to unsanctioned websites, Imperva acquires CloudVector to provide visibility and security for API traffic, ThreatQuotient launches ThreatQ TDR Orchestrator to accelerate detection and response, KnowBe4 Launches Artificial Intelligence-Driven Phishing Feature, and some funding and acquisition updates from Thoma Bravo, Proofpoint, Darktrace, JupiterOne, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw226

May 6, 2021

Web applications have never been more critical to your business. Yet, the everchanging threat landscape, from the move towards the cloud, to the explosion of devices on the internet, to the effects of the pandemic, keeps shifting the playing field. Join Carlos Morales, CTO Security Services, Neustar, to hear about how cyber criminals are taking advantage of these changes and considerations for how best to de-risk your application environment, no matter where your apps are hosted.

 

Segment Resources:

Learn more about [Security Solutions at Neustar] https://www.home.neustar/security-solutions

See our [Video] https://www.home.neustar/resources/videos/security-you-can-trust

Read our new white paper: [The Changing Face of Web Application Security] https://www.home.neustar/resources/whitepapers/web-application-security-threats

 

This segment is sponsored by Neustar. Visit https://securityweekly.com/neustar to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw226

May 5, 2021

Software Bill of Materials (SBOM) are used to describe the list of ingredients for the software that organizations create or acquire. There's a rapidly expanding community of adopters, implementers, and producers that are creating, consuming, and analyzing them en mass. What are the benefits of SBOMs and what types of risk that can be identified through their use?

Segment Resources:

https://cyclonedx.org/

https://www.ntia.gov/sbom

https://owasp.org/scvs

https://dependencytrack.org/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw226

Apr 29, 2021

Authentication and authorization might sound similar, but they are two distinct security processes. Joe Carson, Chief Security Scientist at Thycotic, joins us to discuss why privileges, not identities, are one of the biggest challenges for identity and access. Joe will share Thycotic's simple approach to solving privileged access.

 

This segment is sponsored by Thycotic. Visit https://securityweekly.com/thycotic to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw225

Apr 29, 2021

In the Enterprise News for this week: HackerOne Enhances Security Testing Platform, Palo Alto Networks Expands Unit 42 Cybersecurity Consulting Group, Thoma Bravo to take cyber security firm Proofpoint private, BlackRock, Tudor Group Back Cybersecurity Startup Deep Instinct, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw225

Apr 28, 2021

Rickard Carlsson, CEO at Detectify, joins us to talk about collaboration as the modern approach application security. During the discussion, we'll cover: - why organizations should challenge transparency and open up their security practices and information internally, - how to approach security as a collaborative effort (with some real-life examples), - and Detectify’s vision of building a hub where security information and research is shared across the globe.

 

Segment Resources:

We recently published the ebook “A guide to modern web application security” for SaaS and tech organizations looking to bring their security up to speed with development. Download it here: https://blog.detectify.com/2021/04/09/modern-application-security-requires-speed-scale-and-collaboration/

 

This segment is sponsored by Detectify. Visit https://securityweekly.com/detectify to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw225

Apr 22, 2021

In the Enterprise News for this week, Darktrace targets listing for early May, KKR-backed cybersecurity firm KnowBe4 aims for $3 Billion valuation in U.S. IPO, Dell spins off VMware to fuel post-pandemic PC growth opportunities, lots of funding announcements, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw224

Apr 22, 2021

Phishing links are getting past existing protections and clicked. How do you prevent these attacks? In this segment, Chris Cleveland, CEO at Pixm, will demonstrate how computer vision protection in the browser stops these attacks in real time and how you can know your own gaps.

 

Segment Resources:

Threat Report: https://pixm.net/wp-content/uploads/2021/03/Pixm-Q4-2020-Threat-Report.pdf

 

This segment is sponsored by Pixm. Visit https://securityweekly.com/pixm to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw224

Apr 21, 2021

In cybersecurity attackers have a structural advantage over defenders: they can succeed with a staggeringly high failure-rate (not caring that most attacks get blocked at the perimeter). Meanwhile, defenders lose when that single successful attack goes unnoticed regardless of how many attacks were successfully stopped. Disproportionate consequences similarly advantage attackers: typical times to detect and contain that one successful attack are still measured in weeks and months. Yet high-availability and resiliency characteristics built-in to "Well-Architected" microservices offer defenders an opportunity to turn the tables and rob attackers of their asymmetric advantages. The key missing ingredient is a sufficient early-warning system that can detect and respond to advanced threats.

 

In this presentation, Jeff Deininger, a Principal Cloud Security Engineer, will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectural elements to deny attackers the crucial traction needed to establish a foothold at the beginning of a campaign, leaving attackers feeling like they are inescapably 'walking on ice'.

 

This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw224

Apr 8, 2021

This week in the Enterprise News, Cyble raises $4M, ThreatQuotient raises $22.5M, OneTrust acquires Convercent, Digital Shadows announces new threat intelligence capabilities, Rapid7 Announces Kubernetes Open Beta in InsightVM, LogRhythm Releases Version 7.7, Imperva unveils new data security platform built for cloud, Acronis releases a new version of Acronis Cyber Protect Cloud, Minerva Labs Launches Cloud Version of its Endpoint Threat Prevention Platform, What's Behind the Surge in Cybersecurity Unicorns? Cisco Umbrella unlocks the power of SASE and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw223

Apr 8, 2021

83% of businesses have experienced at least one firmware attack in the past two years - and yet most organizations lack visibility into this attack surface. We'll discuss why hackers are increasingly targeting firmware and what enterprises need to do to detect and prevent these attacks.

Segment Resources: Assessing Enterprise Firmware Security Risk in 2021 - https://eclypsium.com/2021/01/14/assessing-enterprise-firmware-security-risk-in-2021/

https://github.com/chipsec/chipsec

The Top 5 Firmware Attack Vectors - https://eclypsium.com/2018/12/28/the-top-5-firmware-and-hardware-attack-vectors/

Request a demo of the Eclypsium platform - https://eclypsium.com/

This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw223

Apr 7, 2021

Ryan Noon joins ESW team this week to chat through the significance of recent hacks (namely: SolarWinds and Hafnium), unpack growing enterprise demand for a “digital seatbelt,” and illuminate why Material takes a fresh approach to email security: building products with the assumption that bad actors will successfully hack inboxes.

Segment Resources: https://material.security/blog/email-is-too-important-to-protect-like-a-tsa-checkpoint https://www.cnbc.com/2021/03/09/microsoft-exchange-hack-explained.html

This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw223

Apr 1, 2021

This week in the Enterprise News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw222

« Previous 1 2 3 4 5 6 Next »