The interview will delve into the healthcare industry's tumultuous year in 2023, marked by 124 million breached health records across 725 hacking incidents (according to The HIPAA Journal). This interview will explore the critical role that MSSPs play in safeguarding health data and systems against potential security incidents, such as ransomware and business email compromise attacks. Jim Broome will share how to proactively prepare for an incident - including establishing a comprehensive incident response plan, outlining strategies for containment, restoration, and ongoing security operations, and how an MSSP can help.
Segment Resources: Tales from the Road Blog: An External Pen Test at a Healthcare Organization Reveals the Dangers of the Dark Web - https://www.directdefense.com/tales-from-the-road-an-external-pen-test-reveals-the-dangers-of-the-dark-web/
2023 Security Operations Threat Report: https://go.directdefense.com/2023-Security-Operations-Threat-Report
This segment is sponsored by DirectDefense. Visit https://securityweekly.com/directdefensersac to learn more about them!
In the dynamic landscape of cybersecurity, the urgency to eliminate passwords as a security vulnerability has never been more critical. Organizations are continuing to face a surge in the variety and complexity of cyber threats at historical rates, often fueled by compromised employee login credentials – resulting from attacks such as phishing which has been exacerbated by the rise in use of Artificial Intelligence (AI). The 2023 Verizon Data Breach Investigations Report underscores the staggering impact of breaches caused by stolen credentials, accounting for a staggering 74% of incidents. Christopher Harrell, Yubico’s Chief Technology Officer, shares how organizations can achieve passwordless authentication at scale with high assurance phishing-resistant multi-factor authentication (MFA) to elevate their security posture against phishing attacks while creating phishing-resistant users.
Segment Resources: https://www.yubico.com/blog/empowering-enterprise-security-at-scale-with-new-product-innovations-yubikey-5-7-and-yubico-authenticator-7/
This segment is sponsored by Yubico. Visit https://securityweekly.com/yubicorsac to learn more about them!
In this podcast segment, we delve into Sophos' fifth annual State of Ransomware report, exploring significant findings and trends in the evolving ransomware landscape. We'll discuss the sharp increase in recovery costs, the strategic targeting of backups by hackers, and the evolving role of cyber insurance in ransom payments. Our discussion will provide insights into how organizations can adapt their cybersecurity measures to mitigate these heightened threats and recover more effectively from attacks.
Segment Resources: Blog: The State of Ransomware 2024 Report: https://assets.sophos.com/X24WTUEQ/at/9brgj5n44hqvgsp5f5bqcps/sophos-state-of-ransomware-2024-wp.pdf Press release: Ransomware Payments Increase 500% In the Last Year, Finds Sophos State of Ransomware Report
This segment is sponsored by Sophos. Visit https://www.securityweekly.com/sophosrsac to learn more about them!
Show Notes: https://securityweekly.com/esw-364
We start off discussing the latest round of fundings, centered largely around data security and securing LLM use. This dovetails into a discussion about marketing language and how difficult it can be for buyers to work out what the latest round of early stage startups are doing.
Next, we discuss Cloudflare and Bugcrowd's acquisitions, as well as Synopsys's divestiture of its appsec portfolio.
From here, we dive into a raft of new features across both IT and cybersecurity products, like Azure, Dashlane, LastPass, and PagerDuty. Discussing Huntress's active remediation feature triggers a conversation about this latest product trend: vendors seem to think buyers are ready for fully automated remediation actions. We're not so sure they are.
To wrap up the cybersecurity coverage, Brandon Dixon has an interesting tutorial regarding a Security Copilot use case that looks a LOT like the default phishing enrichment use case that has been used for every SOAR POC ever. To clarify, this is a great piece in that it is all practical, has no marketing fluff, and shows you how to do something useful with Security Copilot. Where it pulls up short is managing to live up to the hype we've been hearing about Security Copilot from day one.
We agree to table the discussion on Microsoft Recall until we know more about what GA of the feature will look like, and then dig into a VERY interesting squirrel story about an audio-based hacking puzzle created by a rock band.
Show Notes: https://securityweekly.com/esw-364
"Identity security has been around forever though", you might be thinking. Allow me to clarify. Identity is the largest cybersecurity product category, but most of it is focused on identity governance, authentication, multi-factor, etc. Very little of it is focused on operational identity security. It's this trend, where we recently (within the last 2 years) started seeing the ITDR (Identity Threat Detection and Response) acronym that we'll be focused on today. Particularly:
And it's difficult to do better for this conversation than Will Lin. He spent the last half decade as a VC. On a daily basis, he was looking at the big picture of cybersecurity markets and trends. He discussed security challenges with CISOs and other security buyers on a regular basis, both directly and through the Security Tinkerers community he founded. All this led to a decision to quit the VC world to become a founder himself. Of all the categories he could have chosen, he chose identity security, and that's why we're happy to have him for this conversation.
Segment Resources:
Show Notes: https://securityweekly.com/esw-364
In this interview, join Swimlane Chief Information Security Officer, Mike Lyborg, and host Akira Brand as we discuss the value of cybersecurity marketplaces from a CISO perspective. Through insightful discussions, unpack the connection between outcomes-driven solutions and tangible business KPIs.
This segment is sponsored by Swimlane. Visit https://securityweekly.com/swimlanersac to learn more about them!
The past two years have witnessed an unprecedented surge in the adoption of generative artificial intelligence (AI) across various industries. And while this presents new efficiencies, with these benefits come significant security concerns. The widespread integration of AI applications increases the risk of data breaches and intellectual property theft, while also expanding organizations' vulnerability to malicious data injection and other AI-driven cyberattacks. During this interview Jim will explore why it’s imperative to implement robust security measures to mitigate these evolving risks effectively, and how working alongside an MSSP can benefit your overall security posture.
Segment Resources: https://go.directdefense.com/2023-Security-Operations-Threat-Report
This segment is sponsored by DirectDefense. Visit https://securityweekly.com/directdefensersac to learn more about them!
In recent years, ransomware attacks have undergone a transformative evolution, shifting from indiscriminate, mass-distributed assaults to highly targeted, sophisticated campaigns. Kris Lahiri is able to discuss the dynamic landscape of ransomware and dive into the techniques he has seen cybercriminals employ, the motivations behind these attacks, and the escalating impact on individuals, businesses, and critical infrastructure.
Segment Resources: https://www.egnyte.com/solutions/ransomware-detection https://www.egnyte.com/guides/governance/ransomware
This segment is sponsored by Egnyte. Visit https://securityweekly.com/egnytersac to learn more about them!
Show Notes: https://securityweekly.com/vault-esw-11
Organizations today are overwhelmed with the sheer magnitude of potential cybersecurity threats and there is plenty of vendor buzz around AI in Security products, but what is the reality? Threat detection and incident response (TDIR) strategy and execution have never been more critical and are essential in maintaining cyber resilience and strengthening the security posture of every organization. TDIR aims to identify potential threats and respond before they can impact a business. A layered defense focuses on identifying threat activity, prioritizing investigations, and measuring risk. As a result, organizations can take the appropriate threat mitigation steps. These security strategies and protocols signify a step forward with a TDIR strategy where everyone from the CISO to the security analyst wins.
This segment is sponsored by Graylog. Visit https://securityweekly.com/graylogrsac to learn more about them!
Axur is a cost-effective external cybersecurity solution that empowers security teams to handle threats beyond the perimeter. Our platform detects, inspects, and responds to brand impersonation, phishing scams, dark web mentions, threat intel vulnerabilities, and more.
This segment is sponsored by Axur. Visit https://securityweekly.com/axurrsac to learn more about them!
Segment Resources: https://www.axur.com/en-us/partners https://www.axur.com/en-us/outsourced-takedown https://www.axur.com/polaris/home
Vendors, sales channels, partners and other kinds of third parties are essential to most businesses. Ensuring that the information security risks of those other companies don't impact your own is the remit of Third Party Cyber Risk Management (TPCRM) teams. It is increasingly evident, however, that the existing practices and tools are not up to the challenge. They make the process even more adversarial than it needs to be, are focused on risk transfer and/or acceptance rather than reduction; are based on limited and low quality signals; and are often excruciatingly manual. We can do better as an industry, and in this conversation we are going to explore a new paradigm for TPCRM and its advantages for third and first parties.
Segment Resources: Alice in Supply Chains is a monthly marketing-free newsletter with curated news and commentary on TPCRM: https://www.linkedin.com/newsletters/alice-in-supply-chains-6976104448523677696/
This segment is sponsored by Tenchi Security. Visit https://securityweekly.com/tenchirsac to learn more about them!
Show Notes: https://securityweekly.com/vault-esw-10
As a special treat for this week's vault episode, we set up a conversation with Derek Manky to discuss Fortinet's FortiGuard Labs Threat Report. This is a bi-annual report put out by FortiGuard Labs, and in my opinion, it just keeps getting better and better. The report is chock full of actionable information and insights. It answered all my questions about the current state of threats and attacks, like:
There's not a dull moment in this conversation - I hope you enjoy listening to or watching it as much as I did making it!
Segment Resources:
Show Notes: https://securityweekly.com/vault-esw-9
Qwiet AI provides real time detection of security vulnerabilities in code along with the best AI generated fixes to aid developers in finding and fixing their code with the addition of AI AutoFix.
This segment is sponsored by Qwiet AI. Visit https://securityweekly.com/qwietrsac to learn more about them!
With scores of security tools implemented, configured, and integrated security teams are overwhelmed while knowing there is still a possibility for a breach. As they work to prioritize threat exposures, it is imperative for organizations to have a clear, context-rich, and up-to-date view of their security posture. Picus Security CTO and Co-founder, Volkan Ertürk, explains how consistent security validation allows security teams to pinpoint gaps, prioritize, and quantify risk so they can reduce threat exposure.
Segment Resources: Picus Red Report 2024: https://www.picussecurity.com/hubfs/Red%20Report%202024/Picus-RedReport-2024.pdf
This segment is sponsored by Picus Security. Visit https://www.securityweekly.com/picusrsac to learn more about them!
Platformization could mean reduction in innovation, reduction in the ability to be flexible, and less competition. But it doesn't have to be this way. Like the IT industry, there are ways for the cybersecurity industry to platformize, but also to have this become a net benefit to the industry as a whole.
Segment Resources: Navigating the SecOps Cloud Platform webinar recording: https://www.youtube.com/watch?v=MbzvLX-W2KY
Recon Infosec Case Study: https://info.limacharlie.io/hubfs/Case%20Studies/LimaCharlieReconInfosecMSSPCase_Study.pdf
Blumira Case Study: https://info.limacharlie.io/hubfs/Case%20Studies/LimaCharlieBlumiraCase_Study.pdf
This segment is sponsored by LimaCharlie. Visit https://securityweekly.com/limacharliersac to learn more about them!
Show Notes: https://securityweekly.com/esw-363
The next generation of identity security is not about the popular idea of convergence, but of unification. A single, AI-driven solution that integrates PAM with identity security and access management is the clear path forward to manage and secure all enterprise data through a unified control point.
Segment Resources: • https://www.sailpoint.com/products/identity-security-cloud/atlas/ • https://www.sailpoint.com/press-releases/sailpoint-accelerates-innovation-with-its-identity-security-platform-sailpoint-atlas/ • https://www.sailpoint.com/press-releases/sailpoint-leads-identity-security-evolution-through-relentless-innovation/ • https://www.sailpoint.com/navigate/
This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them!
Over the past 15 years, identity has evolved from a perimeter-based security model with clear boundaries to one that is fluid, flexible, and permeates every aspect of digital business. Simultaneously, AI has infiltrated every enterprise, becoming a double-edged sword for defenders, and fueling fraud attacks across every sector.
In this interview, Ping Identity CEO Andre Durand will walk through the evolution of the identity attack surface, and the opportunity decentralized identity has to dramatically improve both security and experience by putting users in control. He'll also discuss the increasing threats to individuals and businesses, given the influx of AI, and why we should consider this the era of “verify more, trust less.”
This segment is sponsored by Ping Identity. Visit https://securityweekly.com/pingrsac to learn more about them!
As companies adopt new digital cloud technologies, cybercrime threats are on the rise and becoming more sophisticated. Identity has come under attack in today’s digital-first environment and is critical to ensure we can securely connect people to technology. Okta is on a mission to eliminate identity threats and clear the path for organizations to safely use any technology.
Segment Resources: https://www.okta.com/blog/2024/02/introducing-the-okta-secure-identity-commitment/
https://www.okta.com/products/okta-ai/
https://www.okta.com/blog/2024/02/okta-acquisition-advances-identity-powered-security/
This segment is sponsored by Okta. Visit https://securityweekly.com/oktarsac to learn more about them!
Show Notes: https://securityweekly.com/esw-363
Only one funding announcement this week, so we dive deep into Thoma Bravo's past and present portfolio. They recently announced a sale of Venafi to Cyberark and no one is quite sure how much of a hand they had in the LogRhythm/Exabeam merger, and whether or not they sold their stake in the process.
We also have a crazy stat Ross Haleliuk spotted in Bessemer's analysis: "13 out of 14 cybersecurity companies acquired in the past year for over $100M were from Israel". Is this an anomaly? Does it just mean that Israel wasn't shy about selling when the market was down? We discuss.
A number of new product announcements continue to trickle out post-RSA.
We'll also discuss Sam Altman and OpenAI's decision to use Scarlett Johansson's voice against her will and what it could mean for deepfakes, advanced social engineering techniques, and general big tech sliminess.
Do you know what a "product glorifier" is? How about a glowstacker? You will if you check out the second-to-last story in the show notes!
Show Notes: https://securityweekly.com/esw-363
Artificial intelligence isn’t a magic wand… but could AI actually solve the alert triage problem every security operations center faces? In this interview with Jim McDonough from Intezer, we’ll talk about how 2023 was a tipping point for the maturity of AI tech, what these solutions actually bring to the table, how SOC teams in the real world are automating their processes with new AI tools, and why MSSPs are driving early adoption.
This segment is sponsored by Intezer. Visit https://securityweekly.com/intezerrsac to learn more about them!
This interview examines the state and future of cybersecurity. Join the conversation as a cybersecurity expert delves into the failings of current defenses, the relentless tactics of attackers, and the imperative for innovative solutions. Explore how Lumu’s latest announcement delivers the innovation that cybersecurity analysts need to operate cybersecurity and meet the demands of the moment.
This segment is sponsored by Lumu Technologies. Visit https://securityweekly.com/lumursac to learn more about them!
On April 1, Nightwing, formerly a business unit of Raytheon, launched as a standalone company. The company’s Vice President of Cyber Protection Solutions, Jon Check, will discuss the transition to Nightwing and its approach to the most pressing cybersecurity challenges, helping customers stay ahead of today’s threats.
This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them!
Show Notes: https://securityweekly.com/esw-362
The danger of post-breach disruption and downtime is extremely real. And while we should work to prevent these breaches in the first place, we must also be practical and pre-empt any potential incidents. Organisations armed with the most extensive software-based cybersecurity protection today continue to fall prey to hackers, have their operations disrupted and struggle to overcome the loss of data and system corruption. And with more business assets moving to the cloud than ever before - we are just asking for it aren't we? The answer to this lies in advanced engineering at the hardware layer. Easily integrated into enterprise servers and data centers to provide full-stack protection across the entire life cycle of a potential attack.
Segment Resources: https://x-phy.com/flexxon-fortifies-data-center-security-with-x-phy-server-defender/
This segment is sponsored by Flexxon. Visit https://www.securityweekly.com/flexxonrsac to learn more about them!
Over the past two years, we’ve seen the degree of digital trust in our day-to-day lives being pushed to its limits due to the unintended consequences of innovation. From GenAI to IoT security to quantum computing, we will see a “crescendo of trust” that will push trust to its absolute limits. Here, we will focus on IoT/device trust.
This segment is sponsored by DigiCert. Visit https://securityweekly.com/digicertrsac to learn more about them!
Security needs to be everywhere a potential threat exists – from an IOT device to an OT device, a factory floor, an element of infrastructure, an oil rig, a robotic device or an MRT machine – Cisco recognized that with increased connection comes a greater risk than ever before and that you must bring the security to these workloads...not the other way around. In order to keep up with today’s sophisticated and expansive threat landscape, security can no longer be a fence; it needs to be embedded through the fabric of data centers, whether public or private. Cisco Hypershield does just that and gives defenders a fighting chance against adversaries, as now the industry has the advantage.
Segment Resources: Hypershield Keynote: https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m04/unveiling-a-new-era-of-ai-native-security-with-cisco-hypershield.html
Cybersecurity Readiness Index: https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m03/cybersecurity-readiness-index-2024.html
DUO trusted access report: https://duo.com/assets/ebooks/2024-Duo-Trusted-Access-Report.pdf
Jeetu's blog: https://blogs.cisco.com/news/cisco-hypershield-security-reimagined-hyper-distributed-security-for-the-ai-scale-data-center
Official announcement: https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m04/unveiling-a-new-era-of-ai-native-security-with-cisco-hypershield.html
This segment is sponsored by Cisco. Visit https://securityweekly.com/ciscorsac to learn more about them!
Show Notes: https://securityweekly.com/esw-362
Suddenly SIEMs are all over the news! In a keynote presentation, Crowdstrike CEO George Kurtz talked about the company's "next-gen" SIEM. Meanwhile, Palo Alto, who was taken to task by some for not having an active presence on the RSAC expo floor, hits the headlines for acquiring IBM's SIEM product, just to shut it down!
Meanwhile, LogRhythm and Exabeam merge, likely with the hopes of weathering the coming storm. The situation seems clear - there's no such thing as "best of breed" SIEM anymore. It's a commodity to be attached to the existing dominant security platforms. Are the days numbered for the older pure-play SIEM/SOAR vendors out there? Crowdstrike and Palo Alto alone could displace a lot of incumbents, even with a less than stellar product.
Show Notes: https://securityweekly.com/esw-362
Despite building up impressive security stacks in the Cloud, organizations are still struggling to keep their environments safe. Pentera recently introduced Pentera Cloud as the first tool to provide automated pentesting capabilities for cloud environments. This conversation will focus on the challenge of security validation and pentesting in the cloud, and how Pentera Cloud is redefining the speed and scale of pentesting in the cloud.
This segment is sponsored by Pentera. Visit https://www.securityweekly.com/penterarsac to learn more about them!
Jason Keirstead, Cyware's VP of Collective Threat Defense, takes us beyond the AI buzz in cybersecurity. While AI has tremendous potential for cybersecurity, Jason emphasizes its pragmatic and deliberate application to modernize security operations — not as a panacea but as a strategic ally in enhancing threat intelligence, response capabilities, and operational collaboration. We discuss the practical benefits and limitations of AI, offering insights into how security professionals can leverage AI to augment, not replace, human decision-making and creativity in the ongoing fight against cyber threats.
This segment is sponsored by Cyware. Visit https://securityweekly.com/cywarersac to learn more about them!
Anomali’s AI-Powered Security Operations Platform is a cloud-native solution that delivers the industry’s most comprehensive set of integrated and automated security functions. Anthony Aurigemma discusses how Anomali Copilot automates mundane tasks and enables better analytics and reasoning for today’s security teams – automating half of an analyst’s day, enabling them to focus on strategic work. With the ability to augment or replace legacy security systems, Anomali’s Security Operations Platform helps security teams deliver intelligent, actionable, and accurate insights to their business.
This segment is sponsored by Anomali. Visit https://www.securityweekly.com/anomalirsac to learn more about them!
Show Notes: https://securityweekly.com/esw-361
The landscape of phishing attacks continues to rapidly evolve. In 2023, Zscaler ThreatLabz observed a year-over-year increase of 58.2% in global phishing attempts. This surge was characterized by emerging schemes, including voice phishing, recruitment scams, and browser-in-the-browser attacks.
This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them!
In today's complex world, organizations are challenged to modernize their network while also improving their security posture to support digital transformation initiatives. Tim Roddy will talk about what is driving the need for network transformation efforts and why organizations are moving to IAM and SASE (also known as Zero Trust Edge) solutions to support these efforts. He’ll discuss the fast-growing SASE market and the demand for SASE delivered as a managed service due to talent shortages.
This segment is sponsored by Open Systems. Visit https://securityweekly.com/opensystemsrsac to learn more about them!
It’s not rocket science, it’s network security. And yet for many organizations, the road to securing employees and information often results in trade-offs to performance, agility, scalable services, and user experience. While first-generation SASE solutions promised companies a way out of this complexity, those early deployments failed to resolve the root causes of these growth pains--enter Unified SASE as a Service. Going beyond SASE learn what Unified SASE as a Service is and why you should care.
This segment is sponsored by Aryaka. Visit https://securityweekly.com/aryakarsac to learn more about them!
Show Notes: https://securityweekly.com/esw-361
Emerging threats are targeting organizations from seemingly every angle. This means security teams must expand their focus to secure as many domains as possible. OpenText is building on its holistic approach to cybersecurity with new innovations that make it easier for organizations to secure themselves against next generation threats.
This segment is sponsored by OpenText. Visit https://securityweekly.com/opentextrsac to learn more about them!
In reaction to the increasing potential of threat actors unaffected by the current state of cybersecurity measures and vulnerability management tools yielding “rarely actioned reports and long lists of generic remediations” as the attack surface continues to expand, Gartner has suggested a new program: CTEM - Continuous Threat Exposure Management. A continuous threat exposure management (CTEM) program is an integrated, iterative approach to prioritizing potential treatments and continually refining security posture improvements. Join Hive Pro’s VP of Product Marketing and former Gartner Analyst, Zaira Pirzada to better understand: - The state of the current threat landscape - The SOC pain points - What Continuous Threat Exposure Management is and best practices to implement it
This segment is sponsored by Hive Pro. Visit https://securityweekly.com/hiveprorsac to learn more about them!
Traditional Managed Detection and Response (MDR) methods, centered on threat-based security, often miss the bigger picture of evolving cyber risks. This segment explores the shift towards a proactive, risk-based MDR approach, emphasizing the importance of anticipating and mitigating risks before they escalate into threats. We'll discuss the benefits of integrating risk management into security strategies and the key factors organizations should weigh when enhancing their cyber risk reduction efforts.
This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartrsac to learn more about them!
Show Notes: https://securityweekly.com/esw-361
It's the week before RSA and the news is PACKED. Everyone is trying to get their RSA announcements out all at once. We've got announcements about funding, acquisitions, partnerships, new companies, new products, new features...
To make things MORE challenging, everyone is also putting out their big annual reports, like Verizon's DBIR and Mandiant's M-Trends!
Finally, we've got some great essays that are worth putting on your reading list, including a particularly fun take on the Verizon DBIR by Kelly Shortridge.
Show Notes: https://securityweekly.com/esw-360
It's the most boring part of incident response. Skip it at your peril, however. In this interview, we'll talk to Joe Gross about why preparing for incident response is so important. There's SO MUCH to do, we'll spend some time breaking down the different tasks you need to complete long before an incident occurs.
Resources
This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them!
Show Notes: https://securityweekly.com/esw-360
This is a great interview with Adam Shostack on all things threat modeling. He's often the first name that pops into people's heads when threat modeling comes up, and has created or been involved with much of the foundational material around the subject. Adam recently released a whitepaper that focuses on and defines inherent threats.
Resources:
Show Notes: https://securityweekly.com/esw-359
We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some of the use cases are obvious, while others were a complete surprise to me. Check out this episode if you're looking for some ideas!
This segment is sponsored by SentinelOne. Visit https://securityweekly.com/sentinelone to learn more about them!
Show Notes: https://securityweekly.com/esw-359
A clear pattern with startups getting funding this week are "autonomous" products and features.
I'll believe it when I see it. Don't get me wrong, I think we're in desperate need of more automation when it comes to patching and security decision-making. I just don't think the majority of the market has the level of confidence necessary to trust security products to automate things without a human in the loop.
The way LimaCharlie is going about it, with their new bi-directional functionality they're talking up right now, might work, as detections can be VERY specific and fine-grained.
We've already seen a round of fully automated guardrail approaches (particularly in the Cloud) fail, however. My prediction? Either what we're seeing isn't truly automated, or it will become a part of the product that no one uses - like Metasploit Pro licenses.
Show Notes: https://securityweekly.com/esw-359
This week, Adrian and Tyler discuss some crazy rumors - is it really possible that a cloud security startup valued at over $8 billion in November 2021 just got bought for $200 million???
Some healthy funding for Cyera and Cohesity ($300m and $150m, respectively)
Onum, Alethea, Sprinto, Andesite AI, StrikeReady, YL-Backed Miggo, Nymiz, Salvador Technologies, and Simbian all raise smaller seed, A, or B rounds.
Akamai picks up API security startup, Noname Security, Zscaler picks up Airgap networks, and it's rumored that Armis will acquire Silk Security for $150M.
LimaCharlie seems to be doing some vertical growth, adding its own response and automation capabilities (what they call "bi-directional" capabilities). CISA releases a malware analysis system to the general public. Boostsecurity.io releases "poutine", an open source CI/CD pipeline vulnerability scanner.
Some great essays this week, with Phil Venables' Letter from the Future, Ben Hawkes' Robots Dream of Root Shells, and Aileen Lee's 10 year Unicorn anniversary piece.
We briefly discuss the 3rd party breach that affected Cisco Duo customers, and the financial impact of Change Healthcare's highly disruptive ransomware incident.
Finally, we talk about the latest research on the security of LLMs and the apps using them. It's not looking great.
For more details, check out the show notes here: https://www.scmagazine.com/podcast-episode/3188-enterprise-security-weekly-358
Show Notes: https://securityweekly.com/esw-358
Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on a whole different level.
In this interview, we'll talk to Joe McMann about how Binary Defense helps to protect the Cleveland Browns and other professional sports teams.
Show Notes: https://securityweekly.com/esw-358
This week, Tyler and Adrian discuss Cyera's $300M Series C, which lands them a $1.4B valuation! But is that still a unicorn? Aileen Lee of Cowboy Ventures, who coined the term back in 2013, recently wrote a piece celebrating the 10th anniversary of the term, and revisiting what it means. We HIGHLY recommend checking it out: https://www.cowboy.vc/news/welcome-back-to-the-unicorn-club-10-years-later
They discuss a few other companies that have raised funding or just come out of stealth, including Scrut Automation, Allure Security, TrojAI, Knostic, Prompt Armor.
They discuss Eclipsium's binary analysis tooling, and what the future of fully automated security analysis could look like.
Wiz acquired Gem, and Veracode acquired Longbow. Adrian LOVES Longbow's website, BTW.
They discuss a number of essays, some of which are a must read:
We briefly cover some other fun - reverse typosquatting, AI models with built-in RCE, and Microsoft having YET ANOTHER breach.
We wrap up discussing Air Canada's short-lived AI-powered support chatbot.
Show Notes: https://securityweekly.com/esw-357
In the days when Mirai emerged and took down DynDNS, along with what seemed like half the Internet, DDoS was as active a topic in the headlines as it was behind the scenes (check out Andy Greenberg's amazing story on Mirai on Wired). We don't hear about DDoS attacks as much anymore. What happened?
Well, they didn't go away. DDoS attacks are a more common and varied tool of cybercriminals than ever. Today, Michael Smith is going to catch us up on the state of DDoS attacks in 2024, and we'll focus particularly on one cybercrime actor, KillNet.
Segment Resources:
Show Notes: https://securityweekly.com/esw-357
NVD checked out, then they came back? Maybe?
Should the xz backdoor be treated as a vulnerability?
Is scan-driven vulnerability management obsolete when it comes to alerting on emerging threats?
What were some of the takeaways from the first-ever VulnCon?
EPSS is featured in over 100 security products, but is it properly supported by those that benefit from it?
How long do defenders have from the moment a vulnerability is disclosed to patch or mitigate it before working exploits are ready and in the wild?
There's SO much going on in the vulnerability management space, but we'll try to get to the bottom of some of in in this episode. In this interview, we talk to Patrick Garrity about the messy state of vulnerability management and how to get it back on the rails.
Segment Resources:
Show Notes: https://securityweekly.com/esw-356