Info

Enterprise Security Weekly (Video)

A look at the current state of enterprise security solutions, including new products, features and industry reporting. Hosted by Paul Asadoorian and John Strand.
RSS Feed Subscribe in Apple Podcasts
Enterprise Security Weekly (Video)
2022
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April


Categories

All Episodes
Archives
Categories
Now displaying: Page 3
Sep 1, 2021

GitLab is unique in many ways, but our transparency value is pushing us to mature our Security posture faster than attackers. Discover how GitLab iterates quickly to adapt to a world where everyone can contribute.

 

Segment Resources: https://about.gitlab.com/handbook/values/#transparency

 

This segment is sponsored by GitLab. Visit https://securityweekly.com/gitlab to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw241

Aug 26, 2021

This week, In the Enterprise News, Guardicore Centra lets teams stop ransomware and lateral movement, Netskope streamlines procedures with improved attribution models and collaboration, Cloudflare claims they blocked the ‘greatest DDoS attack in history’, SecurityScorecard partners up with Tenable to improve Risk Management, Sumo Logic delivers on SOAR promise by acquiring DFLabs, SCAR invests in cyber startup Hook Security, Hunters raises $30 Million in Series B, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw240

Aug 26, 2021

Deb has written a thriller series about an evil corporation called GlobeCom that takes over the world through human chip implants and the hackers who rise up against it to break its backbones and its grip on humanity. In it, she sticks very close to technology and hacks in use today to show the ramifications of tech over reach and couch the hackers as heroes. Her characters are drawn from hackers and agents she's met throughout her career and they have reviewed and approved the story. She is currently wrapping up her second book in the series, which delves more into AI and machine learning. She has written for a general audience, and the story is fast-paced and entertaining with reviewers saying her style is akin to Lee Child.

Segment Resources:

The book is available at https://www.amazon.com/Breaking-Backbones-Information-Hacker-Trilogy/dp/1665701080/; and her articles, speaking engagements and more information is available at www.debradcliff.com.

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw240

Aug 25, 2021

Deciduous is an app Kelly built with Ryan Petrich that simplifies the process of creating security decision trees. Security decision trees are valuable aids in threat modeling and prioritizing mitigations, harnessing the power of belief prompting from the realm of behavioral game theory.

Segment Resources:

- https://www.deciduous.app/

- https://swagitda.com/blog/posts/rick-morty-thanksploitation-decision-tree/

- https://swagitda.com/blog/posts/deciduous-attack-tree-app/

- https://learning.oreilly.com/library/view/security-chaos-engineering/9781492080350/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw240

Aug 19, 2021

This week In the Enterprise News, iboss adds features to its Cloud Platform for visibility and control, SailPoint Workflows enable customers to automate security tasks, Digital Shadows launches two premium services streams, Praetorian launches and Open Source security scanner, Tigera addresses demand for security of containers and Kubernetes, API Security 101, CVSS scores, and more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw239

Aug 19, 2021

As organizations shift to respond to an ever-changing landscape of cybersecurity challenges, cybercriminals are trying to stay one step ahead. The last two years have brought an explosion of ransomware attacks and other cybersecurity threats that prey on existing security weaknesses and vulnerabilities that opened when moving to a remote or hybrid work environment. Our discussion will include ways to combat these threats, as well as learning to boost your existing cybersecurity policies and infrastructure.

This segment is sponsored by Keeper Security. Visit https://securityweekly.com/keepersecurity to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw239

Aug 18, 2021

The security industry spends a lot of time talking about the tools of the SOC, especially around making the SOC more 'autonomous'. But is this really what we need? Allie is also presenting "How to effectively manage XDR" at Maintaining Endpoint Security: New opportunities and new risks (SC Media Virtual Event) on August 24, 2021.

Register Now: https://www.scmagazine.com/virtual-conference/maintaining-endpoint-security-new-opportunities-and-new-risks

 

Segment Resources:

https://go.forrester.com/blogs/stop-trying-to-take-humans-out-of-security-operations/

https://go.forrester.com/blogs/ransomware-survive-by-outrunning-the-guy-next-to-you/

https://go.forrester.com/blogs/xdr-faq-frequently-asked-questions-on-extended-detection-and-response/

https://go.forrester.com/blogs/top-5-lies-security-vendors-tell-about-the-siem/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw239

Aug 12, 2021

The reason our founder started Detectify is that they wanted to automate hacker knowledge and make it scalable. This is very different from how most hackers work today and what we believe will revolutionize hacking.

This segment is sponsored by Detectify. Visit https://securityweekly.com/detectify to learn more about them!

 

Tony "TJ Null" from Offensive Security will discuss the role of the community in learning infosec, particularly pentesting, and also in continuing education. Additionally, he will offer some practical tips on learning pentesting with help from the community. This segment is sponsored by Offensive Security. Visit https://securityweekly.com/offSec to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw238

Aug 12, 2021

This week in the Enterprise News: Latent AI, Optiv Security Launches Next-Gen Managed XDR, An Intriguing Update to Mandiant Advantage, ReversingLabs raises $56M to combat software supply chain, Morphisec Announces New Incident Response Services, & more!

 

Show Notes: https://securityweekly.com/esw238

Visit https://www.securityweekly.com/esw for all the latest episodes! 

Aug 11, 2021

As we dig into vulnerability management we uncover both old and new challenges. We still struggle with developing and maintaining an accurate asset inventory. We also, still, struggle to prioritize and execute remediation. There are many new approaches to solving these problems, from ad-hoc scanning to automation of all the things. Get our take on vulnerability management in this segment!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw238

Aug 6, 2021

In the Enterprise News, Armis Identifies Nine Vulnerabilities in pneumatic tubes, Corelight Introduces Smart PCAPs, SolarWinds disputes lawsuit, Code42 and Rapid7 Partner, and more news from this week at BlackHat 2021!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw237

Aug 5, 2021

Ransomware is flourishing and our endpoints are scattered outside the corporate network. Visibility is a challenge in this age of decentralized corporate assets. Our discussion today will explore the problem from two sides. On the endpoint, where much of the battle against ransomware tends to be fought, is prevention a lost battle? Regardless of hopes for better prevention, it is clear that the ability to detect and respond is as important as ever, so we'll discuss how security operations should be positioning themselves.

This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw237

Aug 5, 2021

Exfiltrate. Encrypt. Exploit. In 2021, ransomware attackers moved beyond exfiltrating and encrypting data to extract a ransom, working to compromise the victim’s build server to introduce an exploit through which to launch large scale attacks. VP of Cloud Security Matt Cauthorn joins Security Weekly to walk through the lateral movements these attackers use to pull off the Cyber Hat Trick.

 

This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw237

Jul 29, 2021

This week in the Enterprise News: Aqua Security Introduces new Aqua Platform, Decryption Tools, Security Summit 2021: Google expands Trusted Cloud, Clearview AI raises $30M to accelerate growth in image-search technology, & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw236

Jul 29, 2021

Security starts before detection, it starts before investigations. Mature security teams understand the importance of good hygiene and take proactive measures to secure themselves against the ever-increasing threat landscape. Join us this week as Stephanie Aceves, Threat Response SME Lead, talks through a holistic approach to security using the Tanium platform approach. Learn why the best security teams rely heavily on Tanium to get smarter, faster, better in responding to threats and how your organizations can do the same.

For folks interested in a trial of Tanium, check out https://try.tanium.com/

To stay connected with Tanium's Endpoint Security Specialist team, join our community site: https://community.tanium.com/s/ues-discussion-group or find us on Slack: https://docs.google.com/forms/d/e/1FAIpQLSf56reMK4BQPkoLO4MTp-QPMJsxOlJD-MqargZxhW3kNsA3dA/viewform?usp=sf_link

 

This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw236

Jul 28, 2021

Brief chat around the rise in Ransomware attacks, campaigns against our Infrastructure, the deficit in Cyber Talent, and how we could address the issue by extending Corporate Cyber Training programs to extend past the Corporate boundary.

Segment Resources:

https://www.aegon.com/home/

https://talklou.com/

https://www.infragardnational.org/

https://inl.gov/critical-infrastructure-protection-training/

https://www.ymcalouisville.org/chestnut/kids-and-teens/black-achievers.html

https://www.techgirlz.org/

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw236

Jul 22, 2021

The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities. In this segment, Mark talks about the best starting point for organizations to get back on track and prioritize your web app security.

This segment is sponsored by Acunetix. Visit https://securityweekly.com/acunetix to learn more about them!

 

Security can be somewhat of a mystery at a lot of organizations. Most companies choose to be tight-lipped about the security measures they have implemented. Rightfully so, there is an underlying fear that publicizing your security efforts could make you more vulnerable to security attacks and damage your reputation with your customers. However, there is another way. Transparency can be your ally in security.

This segment is sponsored by GitLab. Visit https://securityweekly.com/gitlab to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw235

Jul 22, 2021

In the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw235

Jul 21, 2021

Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software that they can address even before running their vulnerability management program. Ed will discuss the role asset inventory plays in your overall security strategy. This will include the importance of security context for IT assets, which teams benefit from the information, how to identify and assess the health of critical databases and how to effectively implement a cybersecurity asset management practice.

Segment Resources:

CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/

CSAM video overview: https://vimeo.com/551723071

Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/

 

This segment is sponsored by Qualys. Visit https://securityweekly.com/qualys to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw235

 

Jul 15, 2021

Against the ubiquitous backdrop of Zero Trust initiatives, we have all come to accept the motto of "Verify, then trust". Yet, here we are building an entire stack of Zero Trust enabled technologies, upon a broken implicit-trust foundation. Nowhere is this risk more apparent, than at the device and firmware level. Indeed this is why both nation-state and criminal actors have converged upon a strategy that combines supply chain attack dynamics, with readily exploitable devices. This allows them to impart maximum impact against victim organizations, and even those victim’s downstream partners and customers. In order to address this evolving threat, organizations must take back security control of their devices, and stop trusting the fox that has quite frankly, become the hen house.

This segment is sponsored by Eclypsuim. Visit https://securityweekly.com/eclypsium to learn more about them!

 

Data privacy and Web security teams are converging across enterprises and we are seeing more Privacy use cases like cookie banner consent and limiting data sharing (vendors like Facebook, Google etc. are capturing sensitive user data, accessing cameras, microphones, geolocation etc.) via security policies, under the security teams purview. At Tala we offer a Privacy scan that gives enterprises a full view of which vendors have access to sensitive data and how this data is being shared. This in turn helps set the right security controls in place.

This segment is sponsored by Tala Security. Visit https://securityweekly.com/talasecurity to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw234

Jul 15, 2021

In the Enterprise News, Contrast Security partners with Secure Code Warrior, Bandura releases the Cyber Intelligence Marketplace, Illumio beefs up zero-trust security with automated policy enforcement, Rapid7 Launches InsightCloudSec to Automate Continuous Security and Compliance, Leaked email shows Tanium just lost its fourth chief marketing officers in five years, Bitdefender launches eXtended EDR platform, ThycoticCentrify Releases a new version of Server Suite, Outpost24 acquires threat intelligence solution Blueliv, Microsoft acquires RiskIQ, Cybereason raises $275 million led by Steven Mnuchin's VC fund, and Arctic Wolf triples valuation and raises an additional $150m!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw234

Jul 14, 2021

Gas South and Extrahop have partnered to give Gas South visibility in areas of the network that are normally invisible or dark to the regular network team.

To learn more about ExtraHop, visit: https://securityweekly.com/extrahop

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw234

Jul 1, 2021

Threat hunters are under increased pressure to rapidly analyze, classify, detect and respond to malicious files. ReversingLabs is stepping forward to address these needs with its new Malware Lab Solution. The ReversingLabs Malware Lab solution powers the next generation of threat hunting by delivering a unique combination of static and dynamic analysis capabilities at scale to identify malicious files including those in the software supply chain.

This segment is sponsored by Reversing Labs. Visit https://securityweekly.com/ReversingLabs to learn more about them!

 

The development life cycle as we know it is rapidly changing, and today’s AppSec testing needs to keep up with shorter and faster processes. A shift-left approach is no longer enough to protect web assets - you need much more dynamic tools and ways of working.

This segment is sponsored by Detectify. Visit https://securityweekly.com/detectify to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw233

Jul 1, 2021

This week, In the Enterprise News, Atos launches thinkAI, AWS welcomes Wickr to the team, U.S. DoD approves two (ISC)² certifications as requirements for staff, JFrog to acquire Vdoo, & more!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw233

Jun 30, 2021

More than 96% of software development projects fail across the globe because too many businesses rely on the legacy DevOps process which allows us to run security testing right before going to production. Using the legacy DevOps can lead to a downfall of the project management triangle (Budget, Scope, and Time). However, with more efficient use of dynamic application security testing tools (DAST) in every single stage/sprint, the legacy DevOps can be transformed into DevSecOps, in turn preventing our projects from failing.

 

This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!

 

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw233

1 « Previous 1 2 3 4 5 6 7 Next » 26