Info

Enterprise Security Weekly (Video)

If you’re looking for advice and information on enterprise security solutions, look no further than Enterprise Security Weekly! We give you an “insider” perspective into security vendors, including coverage on new product announcements, integrations, funding, M&A, and more! Adrian, Tyler, Katie, and Sean have unique perspectives on the enterprise security landscape. All four hosts are former analysts. Adrian has been a consultant, practitioner, founder, and runs Security Weekly Labs. Tyler has spent many years as a marketing executive for security vendors. Katie has also recently moved to a vendor marketing role. Sean is founder and CTO at Trimarc Security, a professional services company which focuses on improving enterprise security. Together they provide valuable resources for protecting the enterprise and following the market each week!
RSS Feed Subscribe in Apple Podcasts
Enterprise Security Weekly (Video)
2024
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April


Categories

All Episodes
Archives
Categories
Now displaying: 2022
Jun 3, 2022

Finally, in the Enterprise Security News, Funding is back, in preparation for RSA! Devo raises $100M and becomes our 56th unicorn, JupiterOne raises $70M and becomes our 57th unicorn! Open source projects get some security funding, 10 more funding announcements, Mimecast has been taken private and is now delisted from the NASDAQ, ReliaQuest acquires Digital Shadows, We talk about public and private market performance, The cybersecurity skills crisis gets worse, Expired certs + IoT devices = PAIN! All that and more, on this episode of Enterprise Security Weekly.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw276

Jun 3, 2022

In the Autumn of 2019, Salesforce started on an ambitious journey - to require all of their customers to use multi-factor authentication (MFA) as of February 2022. The journey required the collaboration of every product line and every business function within Salesforce. And the journey potentially required every single one of Salesforce’s customer to deploy new technology and to change all of their user’s behavior. Clearly this would be no simple journey, but it was one with massive rewards for everyone involved. Join Ian Glazer as he discusses the impetus for Salesforce’s MFA push, the challenges of such a large scale endeavor, some of the setbacks and victories along the way, and, most importantly, what you can take from Salesforce’s journey towards complete customer MFA adoption and apply it in your own organization.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw276

Jun 2, 2022

Web applications have a new and dangerous security gap which requires attention: client-side security. The code and content that a web application delivers into a web browser is a ripe attack surface and requires different consideration, tools, and knowledge than required by traditional web application security. This segment will explore what client-side security is, why client-side attacks are so dangerous, and what options are available to defend ourselves from this new threat.

 

Segment Resources:

"Magecart 101" - a courseware-style overview of the problem for security practioners: https://www.youtube.com/watch?v=T4al8idAE_M

A quick five minute explainer on the problem and Source Defense's solution: https://www.youtube.com/watch?v=f8MO45EQcKY

Source Defense's brand new (as of 5/25/22) "State of the Industry" report for client-side security: https://info.sourcedefense.com/third-party-digital-supply-chain-report-white-paper

 

This segment is sponsored by Source Defense. Visit https://securityweekly.com/sourcedefense to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw276

May 20, 2022

In the Enterprise Security News: The latest cybersecurity fundraising, We discuss the impact of the market downturn on the cybersecurity startup industry, Crypto muggings, Security researchers researching researchers simulating attackers, & Evil Encryption! 

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw274

May 20, 2022

Migrating off passwords and legacy authentication is a journey. Nok Nok has worked with global brands to incorporate passwordless, next-generation authentication into their consumer apps leading to significant improvements in onboarding, authentication success, speed and reduction in fraud among many other benefits. Learn how these organizations have mastered the transition.

 

Segment Resources:

www.noknok.com

https://www.youtube.com/watch?v=yQIwOx2XCSE 

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw274

May 19, 2022

Attack intelligence delivers customers actionable, relevant, and timely information. Learn why Collective Defense is an integral aspect of attack intelligence and hear about the cyber trends you need to watch.

 

Segment Resources:

https://www.ironnet.com/blog/what-is-attack-intelligence-and-why-do-you-need-it

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw274

May 13, 2022

In the Enterprise News for this week: Funding announcements from Material Security, Abnormal, Teleport, Tailscale, Smallsetp, Phylum and more. Acquisitions include HDiv Security, and Radiflow. New product announcements from Siren, Corelight, Artic Wolf, Onapsis and Aqua. And, in other news, all South Koreans are about to become one year younger, & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw273

May 13, 2022

According to CybeReady, during such turbulent times, one should regard all emails with extra caution and double-check the sender’s address carefully. Beware of requests that ask for technical assistance such as running software or helping to take down websites. These might not only be illegal but may also be used to hack systems on the corporate network. Try to remember that during times of crisis, there is an increase in phishing attempts of all kinds as hackers take advantage of the situation. In this circumstance, employees need to stay updated from both a news and computing perspective. To be proactive in the defense of computing environments, our security experts recommend:

1. Personal computer and phones: Install the latest operating system and security updates.

2. Implement 2FA/MFA: Use a phone number or authentication app as the second factor of authentication to all important applications, social media accounts (Facebook/Meta, Linkedin, Twitter, etc.), and personal email accounts. Backup email and ensure it is recoverable.

3. Change Passwords: If you are reusing a password in sites that hold your personal information, it is a good time to change your passwords.

4. Support a Culture of Security: Train your employees continuously, advise friends and family to do the same, and take an active role in creating a safer internet.

5. Defend Work from Home Environments: Install the operating system and security updates. If these are available you should see a notification on your computer or phone. Especially important to business continuity in these times of uncertainty is the need for automated cybersecurity training that adapts to employee educational needs and accelerates the learning process.

 

Segment Resources:

https://cybeready.com/blog

https://cybeready.com/resource-center/playbook

https://cybeready.com/ultimate-guide-to-phishing-protection

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw273

May 12, 2022

In this segment sponsored by Intel, we will explore all things Intel vPro® platform. Learn how Intel vPro® platform can help you keep your computers up-to-date, prevent attacks, provide reports on the status of the firmware in use, and implement advanced hardware security!

 

This segment is sponsored by Intel. Visit https://securityweekly.com/intel to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw273

May 6, 2022

This topic will go over getting value from SOAR beyond just an initial phishing workflow. It will focus on orchestration and response, give ideas for other types of workflows and change the conversation from using SOAR to replace analysts to increasing SOC retention!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw272

May 6, 2022

In the Enterprise Security News, Veza raises $110M for Data Security, Traceable raises $60M for API Security, 10 other security startups get funded, Synopsis buys Whitehat for $330M, HackerOne approves a PullRequest, Bright Security acquires WeHackPurple, LexusNexis acquires BehaviorSec, JupiterOne continues to release some compelling books, the DevSecOps evolution, the future of Product-Led Growth, & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw272

May 5, 2022

Due to the high influx of security incidents and limited resources available, conducting incident response is an enormous task for all organizations, large or small. This necessitates the use of security automation, in which we would require a single centralized platform that connects to all other security technologies in order to effectively address incidents in a short period of time. SOAR (Security Orchestration, Automation, and Response) functions similarly to an orchestrator, but instead of controlling and conducting multiple individuals playing various instruments, SOAR manipulates a variety of tools to produce a more streamlined and fluent incident response process. 

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw272

Apr 29, 2022

This week in the Enterprise News: Basis Theory raises $17 million funding round, Crunchbase Funding Round Profile, Devo Acquires AI-Powered Security Automation Innovator to Deliver the “Autonomous SOC”, Hivemapper Dashcam, Authtech, Twitter accepts Elon Musk’s $44 billion offer, Austin Peay State University on Twitter, Basis Theory raises $17 million funding round, & more!

 

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw271

Apr 29, 2022

Digital identity is key to modern security architectures; enables privacy-preserving, trusted services; and drives customer-oriented experiences. Key trends like passwordless, verified credentials, and personal identity will have a profound effect on enterprise security. Discover how you can make the most of these evolutions, and learn how you can support the industry and its professionals.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw271

Apr 28, 2022

Cloud security is confusing enough these days, but a complex product landscape doesn’t make it any easier. In this segment we’ll talk about what’s driving this, how to make sense of it, and where to find things that actually help.

To register for our upcoming webcast with Rich Mogull on Deploying Cloud Applications Securely, visit https://attendee.gotowebinar.com/register/3131398543024475915?source=esw

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw271

Apr 22, 2022

This week in the Enterprise Security News: Fortress InfoSec raises $125M to help critical infrastructure improve security, ThreatLocker raises $100M, thanks in part to Kaseya’s breach, Obsidian raises $90M to secure SaaS use, DoControl raises $30M to possibly compete with Obsidian, Blueshift raises a seed round to bring SOC and XDR to SMBs, Strike Security raises a seed round to take a different approach to pen testing, Thoma Bravo is still working on an Imprivata exit, The biggest startup failures of all time - how many security vendors are on the list? Is the SEC forcing CISOs into the boardroom, Better, but harder to collect, security metrics, & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw270

Apr 22, 2022

This is a recurring segment, in which we bring on a VC to provide an investor’s point-of-view on all this activity. It’s hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups! We're very excited to have Will back on and are looking forward to discussing:

- Huge valuations and potential pricing/market resets and corrections

- Interesting new security categories: DSPM, SaaS Security, Enterprise Browsers

- Why security startups seem to be more resilient than in other markets (for reference: https://www.cbinsights.com/research/biggest-startup-failures/)

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw270

Apr 21, 2022

Learn all about the technical ins and outs of HP SureClick Enterprise with HP expert Dan Allen and discover how SureClick Enterprise can help improve security efforts in your organization.

 

This segment is sponsored by HP Wolf Security. Visit https://securityweekly.com/hpwolf to learn more about them!

 

Segment Resources:

https://threatresearch.ext.hp.com/zero-trust-in-reverse-why-the-current-definition-of-zero-trust-is-only-half-full/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw270

Apr 15, 2022

This week in the Enterprise News: Datto to be Acquired by Kaseya for $6.2 Billion, with Funding Led by Insight Partners, Perforce Software Puppet, Synopsys acquires Juniper Networks, Managed detection and response startup Critical Start lands $215M in funding, Thinking About the Future of InfoSec, DuckDuckGo launches Mac app in beta, How I automated my presence in video calls for a week (and nobody knew), Why Do So Many Cybersecurity Products Suck?

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw269

Apr 15, 2022

Security professionals face a variety of challenges on a daily basis. The cybersecurity talent shortage and the so-called Great Resignation can lead to gaps in security, an increase in insider threats and overworked employees, not to mention external threats like hacking and ransomware. Digital forensics can help alleviate these challenges with solutions that collect evidence properly, automate workflows, function in Zero Trust environments and detect and mitigate insider threats.

 

Segment Resources: FTK Over the Air podcast: https://www.exterro.com/ftk-over-the-air-podcast

 

FTK Feature Focus weekly videos: https://youtube.com/playlist?list=PLjlGL4cu_NaM0e7h1RCTJwNnZb-dyUf3B

 

This segment is sponsored by Exterro. Visit https://securityweekly.com/exterro to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw269

Apr 15, 2022

With cybersecurity attacks continually on the rise, security teams are under more pressure than ever. It’s imperative to use your pen testing resources wisely, leveraging automation capabilities where it makes sense to save time and help conduct more impactful engagements. During this interview, Bob Erdman will discuss how to find the right balance between the reliability and efficiency of pen testing automation with the astuteness and logic of human intervention.

 

Segment Resources:

The Truth About Pen Testing Automation - https://www.coresecurity.com/blog/the-truth-abouth-pen-testing-automation

Core Impact Rapid Pen Tests - https://www.coresecurity.com/products/core-impact/rapid-pen-tests

 

This segment is sponsored by Core Security, A Help Systems Company. Visit https://securityweekly.com/coresecurity to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw269

Apr 15, 2022

Finally, in the Enterprise Security News for this week: NordVPN raises $100M and becomes the first Lithuanian Unicorn?, Coro lands a $60M Series C for small business-focused security, Airgap Networks closes a funding gap with a $13.4M Series A, Corsha lands a $12M Series A to bring MFA to machine-to-machine API traffic. What? Tru.id lands a $9M seed round to take a stab at using SIM cards for MFA, ex-Alienvault employees raise funding from Ballistic Ventures with Nudge Security, SeeMetrics scores a $6M seed round to provide better KPIs to CISOs, an essay on trust: the two sides of “Say” and “Do”, Ubiquiti continues to alienate the security community with its attacks against Brian Krebs, Why an option to edit tweets is a terrible idea, & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw268

Apr 8, 2022

Defensive and Offensive skills have never been mutually exclusive, but the value in training across disciplines has often been overlooked. Catherine joins us today to explain why familiarity with offensive skills, tools, and the attacker's mindset is such a huge benefit for defenders. A few of the highlights we'll cover in this interview include:

- How to get started, learning offensive tools and techniques

- What it means to be an 'Active Defender'

- How to get into the head of the attacker

- How to avoid 'tool-focused tunnel vision'

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw268

Apr 7, 2022

In the recent Shields Up advisory, CISA released guidance advising enterprises to prepare for an influx of malicious cyber activity. The advisory includes best practices for reducing the likelihood of a damaging cyber intrusion and how to detect and respond to potential incidents from nation state-sponsored actors. Josh Snow joins Enterprise Security Weekly to provide additional, practical advice for analysts who are on the front lines of the developing cyber conflict. He will dive into the specific practices and protocols that defenders should shore up, as well as behavioral indicators that signal active exploitation attempts.

 

Segment Resources:

A Practical Guide for Shields Up: https://www.extrahop.com/resources/papers/shields-up-guidance-for-organizations/

Free Shields Up Assessment: https://www.extrahop.com/lp/free-shields-up-assessment/

 

This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw268

Apr 1, 2022

In the Enterprise Security News for this week: 14 cybersecurity startups have raised funding! Massive late stage market corrections underway and talks of self-repricing valuations, A private equity firm acquires Zimperium, Even more massive amounts of cryptocurrency are stolen, The NPM package library is under active, constant attack, Microsoft Azure Defender IoT has trivial critical vulnerabilities, White house earmarks $11B for cybersecurity, Death to SPACs, as well as Several new security vendors and products!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw267

« Previous 1 2 3 4 5 6 Next »