Charles Thompson is the Senior Director of Product Management at Viavi. Charles will discuss the importance of response/remediation in a strong security strategy and the role wire-data plays in having the forensic detail needed to identify a breach, understand scope of impact, and confirm restoration of network performance to pre-incident baseline.

To learn more about Viavi Solutions, visit: https://securityweekly.com/viavi

Full Show Notes: https://wiki.securityweekly.com/ES_Episode140

Visit https://securityweekly.com/esw for all the latest episodes!

We interview Jack Jones, Chief Risk Scientist at RiskLens to talk about Understanding and quantifying cyber risk using FAIR!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode139

Visit https://securityweekly.com/esw for all the latest episodes!

Ruvi Kitov, CEO and Co-Founder of Tufin, talks about the importance of having a network-wide security policy! The discussion will be on the importance of having a network-wide security policy, the fact that most companies don’t have one, and therefore lack visibility and are not compliant with regulations and even with their own policies, and finally the value that we provide with SecureTrack.

To learn more about Tufin, visit: https://securityweekly.com/tufin

Full Show Notes: https://wiki.securityweekly.com/ES_Episode139

Visit https://securityweekly.com/esw for all the latest episodes!

John Strand and Paul Asadoorian discuss how Okta joins forces with Secret Double Octopus, Tenable unveils new innovations for Cyber Exposure analytics, Barracuda launches bot protection feature for firewall offerings, and some acquisition and funding updates from Palo Alto, FireEye, and Verodin!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode139

Visit https://securityweekly.com/esw for all the latest episodes!

In the Enterprise News, ThreatQuotient expands integration with MITRE ATT&CK Framework, JASK launches a new Heads Up Display for security operations centers, and we have some acquisition and funding updates from Guardicore, Auth0, and KnowBe4!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode138

Visit https://securityweekly.com/esw for all the latest episodes!

Candy Alexander is the President of Information Systems Security Association. Ms. Alexander has 30 years of information security experience working for various high-tech companies. She has held several positions as CISO (Chief Information Security Officer) for which she developed and managed corporate security programs. She is now working as a Virtual or Fractional CISO and Executive Cyber Security Consultant assisting companies large and small to improve their security programs through effective security initiatives.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode138

Visit https://securityweekly.com/esw for all the latest episodes!

Corey Thuen is the Co-Founder at Gravwell. Corey covers the topics: Framework for discussion: the pillars of the SOC and the 80/20 principle, Wire data, Log/Application Data, Endpoint protection/EDR, Threat Intel, Data fusion, SOAR, and much more!

To learn more about Gravwell, visit: https://securityweekly.com/gravwell

Full Show Notes: https://wiki.securityweekly.com/ES_Episode138

Visit https://securityweekly.com/esw for all the latest episodes!

Paul will be giving a technical segment on firewalls. Paul talks about an enterprise open-source firewalls?

Full Show Notes: https://wiki.securityweekly.com/ES_Episode137

Visit https://securityweekly.com/esw for all the latest episodes!

In the news, Atos launches a new unified cloud identity and access management solution, ExtraHop announces new panorama partner program, SysDig and In-Q-Tel partnership to provide U.S. government agencies with the SysDig Cloud Native VSP, and LogRhythm releases a Cloud Based NextGen SIEM platform!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode137

Visit https://securityweekly.com/esw for all the latest episodes!

Ferruh Mavituna is the Founder & Product Manager at Netsparker. Centralization vs. Decentralization of security is an interesting topic. Decentralization in web app penetration testing is popular in many large organizations because no good centralized solutions solve this problem. Instead small teams do independent or random testing, without consistency or well-defined processes. Web security automation is a better approach. If you have 100 actively developed applications across 10 different development teams, can you (and should you) centralize security testing?

To learn more about Netsparker, visit: https://securityweekly.com/netsparker

Full Show Notes: https://wiki.securityweekly.com/ES_Episode137

Visit https://securityweekly.com/esw for all the latest episodes!

We have a Security Industry Briefings Update, where we talk about 42Crunch, Viridium, Whitecanyon, and Eclypsium!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode136

Visit https://securityweekly.com/esw for all the latest episodes!

In the Enterprise news, Secureworks launches new cybersecurity analytics app, StackRox Kubernetes Security Platform Receives Red Hat Container Certification, SIEM Solutions Firm Exabeam Raises $75 Million, and Serverless monitoring startup Espagon expands to cover broader microservices TechCrunch, and more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode136

Visit https://securityweekly.com/esw for all the latest episodes!

Nik Whitfield is the CEO at Panaseer. He joins us to talk about Continuous Controls Monitoring!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode136

Visit https://securityweekly.com/esw for all the latest episodes!

In the Enterprise news, ThreatConnects new features make creating security playbooks easier, SolarWinds adds password management to security portfolio, Checkpoint Systems announces HALO IoT platform, and BlackHat USA offers an inside look at Intel's security engine!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode135

Visit https://securityweekly.com/esw for all the latest episodes!

Josh Abraham is in studio! He is a Staff Engineer at Praetorian, and he is going to talk about the MITRE attack framework for defenders!

Why Praetorian Benchmarks to MITRE ATT&CK: https://p16.praetorian.com/blog/why-praetorian-benchmarks-to-mitre-attack

Full Show Notes: https://wiki.securityweekly.com/ES_Episode135

Visit https://securityweekly.com/esw for all the latest episodes!

A self-described "Nerd with a big mouth" Jay is an 18-year startup veteran specialized in pre-IPO, hyper-competitive environments with a focus on new technology introduction, partner/customer acquisition. Jay joins us to discuss Patch management struggles and how to overcome them!

To get involved with Automox, visit: https://securityweekly.com/automox

Full Show Notes: https://wiki.securityweekly.com/ES_Episode135

Visit https://securityweekly.com/esw for all the latest episodes!

Security Legend Dave Kennedy sits down with our Founder and CTO Paul Asadoorian at InfoSec World 2019 to discuss his company Binary Defense and how they're helping the Security community! A great conversation between two security legends and long time best friends! Full Show Notes: https://wiki.securityweekly.com/ES_Episode134

Visit https://securityweekly.com/esw for all the latest episodes!

In the Enterprise news, ShieldX adds lateral movement prevention to the Elastic Security Platform for AWS, Tenable Integrates with Google Cloud Security Command Center, Capsule8 to help Google Cloud SCC members consolidate findings and speed up response, and Evident and Okta partnership simplifies identity verification and reduces risk for businesses!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode134

Visit https://securityweekly.com/esw for all the latest episodes!

This week, Paul Asadoorian is joined by Matt Alderman, as we interview Francis Dinha, the CEO of OpenVPN. Francis Dinha is the CEO of OpenVPN.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode134

Visit https://securityweekly.com/esw for all the latest episodes!

In the news, OpenVPN and JumpCloud Partner to Bring Secure Cloud-based Authentication and User Management to VPN, IdenTrust and Device Authority Collaborate to Deliver Secure Lifecycle Management to the IoT, Tufin Prices NYSE IPO at $108 Million, Bad security hygiene still a major risk for enterprise IT networks and much more!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode133

Visit http://securityweekly.com/esw for all the latest episodes!

We interview Patrick Tierney, the Sales Engineer at Endgame.

To get involved with Endgame, visit: https://securityweekly.com/endgame

Full Show Notes: https://wiki.securityweekly.com/ES_Episode133

Visit http://securityweekly.com/esw for all the latest episodes!

Matt Cauthorn is the VP of Cyber Security Engineering at ExtraHop. Matt Cauthorn leads a team of technical security engineers who work directly with customers and prospects. Matt uses his expertise with ExtraHop to explain The Three Horsemen of SOC Intel: Wire, Logs, Endpoint!

To get involved with ExtraHop, vist: https://securityweekly.com/extrahop

Full Show Notes: https://wiki.securityweekly.com/ES_Episode133

Visit http://securityweekly.com/esw for all the latest episodes!

Mike Weber is the Vice President of Coalfire and Rebecca Larson is the Director, Vulnerability Assessment Operations of Coalfire.

Coalfire ASV Scanning:

- ASV program (love, praise, struggle)
- Development and growth of scanning, 1-5 person team, partnership, marketing position
- Published opinion piece, getting knowledge, supporting the industry
- Scan platform
- RISE - movement in the company, coalfire programs, development at Coalfire
- Limitations of scanning, pen testing?

To learn more about Coalfire, visit: https://securityweekly.com/coalfire
Full Show Notes: https://wiki.securityweekly.com/ES_Episode132

Visit http://securityweekly.com/esw for all the latest episodes!

In the news, Cloud security company Bitglass raises $70M in late-stage round, Lockpath Announces Significant Updates to Keylight Platform, TrustBuilder Identity Hub introduces simple and scalable access management for Docker, Pulse Secure Announces Collaboration with New Strategic Authorized Education Partners, RedSeal raises more than $60 million for its cybersecurity tools, Google expands cloud security capabilities, including simpler configuration, and Sysdig Unites Cloud-Native Visibility and Security in Platform Update.

Full Show Notes: https://wiki.securityweekly.com/ES_Episode132

Visit http://securityweekly.com/esw for all the latest episodes!

In the last segment, we air the Security Briefing from Secure World Boston! Paul and Matt review the vendors at SecureWorld Boston 2019!

Full Show Notes: https://wiki.securityweekly.com/ES_Episode132

Visit http://securityweekly.com/esw for all the latest episodes!