Info

Enterprise Security Weekly (Video)

News, analysis, and insights into enterprise security. We put security vendors under the microscope, and explore the latest trends that can help defenders succeed. Hosted by Adrian Sanabria. Co hosts: Katie Teitler-Santullo, Darwin Salazar.
RSS Feed Subscribe in Apple Podcasts
Enterprise Security Weekly (Video)
2024
December
November
October
September
August
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
June
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April


Categories

All Episodes
Archives
Categories
Now displaying: July, 2024
Jul 27, 2024

This week, on Enterprise Security Weekly, we've got:

  1. Identity Security gets more funding
  2. Wiz walks away
  3. BlackHat Announces Startup Spotlight Finalists
  4. Crowdstrike post mortem
  5. Simple Security Tricks are the Best Security Tricks
  6. Splitting the CISO role
  7. Web scraping for AI is out of control
  8. SEC vs Solarwinds
  9. Vaping the Internet

Show Notes: https://securityweekly.com/esw-369

Jul 26, 2024

Edward Wu thinks so! Understandably so, as his startup, Dropzone.ai is making a big bet on generative AI to change the face (and pace) of security operations.

We'll talk about what has changed here, and I have so many questions:

  • after many generations of AI/ML technology in security, is the current gen really that dramatically different?
  • Dropzone is far from the only startup with the same idea here, how will they differentiate?
  • Is the problem that we need more help than we can possibly hire, or are we fundamentally doing something wrong in security operations?
  • Specifically, what is this tech doing to help?

Finally, we'll wrap by talking about where this tech goes next, and can we get there with current technology, or are we dependent on more breakthroughs from companies like OpenAI, Anthropic, and Meta?

Show Notes: https://securityweekly.com/esw-369

Jul 26, 2024

The emergence of generative AI has caused us to rethink things on two fronts:

  1. how we consume threat detection data, as defenders
  2. how we need to shift our thinking and approaches to prepare for attackers' newfound GenAI capabilities

But wait - is GenAI even useful for defenders or attackers? We'll dive deep into the state of AI as it pertains to security operations, just as Gartner announces that AI is hitting the trough of disillusionment. What better time to dispel the hype and focus on where real progress can be made?

Show Notes: https://securityweekly.com/esw-369

Jul 19, 2024

In this week's enterprise security news,

  1. Google is rumored to be considering acquiring Wiz for $23 BILLION
  2. ThreatConnect acquires Polarity
  3. XBOW and Sola Security are interesting new companies we’ll discuss
  4. What does “shared responsibility” actually mean?
  5. Palo Alto probably isn’t going to buy your startup
  6. Snowflake-related breaches continue getting worse
  7. MUCH less AI talk than usual
  8. Defragmenting your browser

All that and more, on this episode of Enterprise Security Weekly.

Show Notes: https://securityweekly.com/esw-368

Jul 19, 2024

On this segment, we're going to zoom all the way out to discuss one of my favorite topics: what's fundamentally wrong with this industry? I believe we're at an inflection point: security teams have budget, staff, and more sway at the board level than ever. The cybersecurity market is doing great - growing at an astonishing rate with cyber startups that almost never fail and funding that survives every market downturn.

So why are failures also breaking records? What are we getting wrong? Why are we failing?

These are the questions Richard, Katie, and I will try to answer in this segment.

Segment Resources:

Show Notes: https://securityweekly.com/esw-368

Jul 19, 2024

Three years after we last discussed this book on episode #221, Jarrett Rodrick returns, joined by co-author Tyler Wall to discuss an update of the book. We talk opportunities and layoffs. Career paths and experience. Degrees, certifications, and home labs. We talk about who cybersecurity is the right field for, and the pros and cons of the industry as a whole.

We also talk myths and reality about a cybersecurity career. Can you really make $100k just a few years in? Is it really an entry level field? Are you better off entering cyber from IT or the military?

Segment Resources:

Show Notes: https://securityweekly.com/esw-368

Jul 12, 2024

In this week's enterprise security news,

  1. Seed rounds are getting huge
  2. Lots of funding for niche security vendors
  3. Rapid7 acquires Noetic Cyber
  4. but Rapid7 is also rumored to sell itself!
  5. Slack battles infostealers
  6. The loss of Chevron deference impacts cyber
  7. Should cybersecurity put up a no vacancy sign?
  8. Figma and Google both make some embarrassing mistakes
  9. The RockYou2024 file does NOT contain 10 billion passwords
  10. I introduce a new news category: AI indegestion

All that and more, on this episode of Enterprise Security Weekly!

Show Notes: https://securityweekly.com/esw-367

Jul 12, 2024

I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and shadow IT. Identity is one of the most common entry points for attacks, so we've got to do better as an industry here.

We'll cover a variety of topics in this interview, including:

  • Why Henrique chose to go to Saviynt from Gartner
  • Vendor risk concentration in identity
  • Resilience in identity, especially when depending on a SaaS IdP
  • Identity attack evolution (and the creation of the ITDR category)
  • What's working in identity to move things forward, and what is holding us back

This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviynt to learn more about them!

Show Notes: https://securityweekly.com/esw-367

1