HashiCorp Vault brings disaster recover to security secrets management, Oracle joins SafeLogic to develop FIPS module for OpenSSL security, and Cylance bringing enterprise security platform technology to home users.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode56
Visit http://securityweekly.com/esw for all the latest episodes!
John Strand from Black Hills Information Security, does a tech segment on real intelligence threat analytics. How it works, how you can get it up and running, how easy it is to get started, and what you can actually get out of the tool fairly quickly.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode55
Visit http://securityweekly.com/esw for all the latest episodes!
Ping Look serves as the Executive Advisor of security communications and awareness at Optiv. Ping joins us to discuss security awareness, business diversity, and more!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode55
Visit http://securityweekly.com/esw for all the latest episodes!
Building a SOC with limited resources, the top five barriers to implementation, Qualys is acquiring Nevis Networks, auditing your AWS security policies, and more enterprise news!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode55
Visit http://securityweekly.com/esw for all the latest episodes!
Where do the lines blur between monitoring, configuration, and vulnerability management? What is the best way to monitor systems in an enterprise? How to you manage machine to machine trust? Answers to all those questions and more in this segment!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode54
Visit http://securityweekly.com/esw for all the latest episodes!
Get some in-depth information on GDPR from Thomas Fischer, a Global Security Advocate at Digital Guardian and Director of BSides London!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode54
Visit http://securityweekly.com/esw for all the latest episodes!
Malwarebytes revamps their adware removal, Minerva Labs fights against ransomware, EdgeWave announces phishing detection and awareness, and more enterprise news!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode54
Visit http://securityweekly.com/esw for all the latest episodes!
Ferruh Mavituna of Netsparker joins us to discuss CI level automated web security!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode53
Visit http://securityweekly.com/esw for all the latest episodes!
Suffering breaches from ex-employees, Tanium announces threat response, the SANS Institute's incident response survey results, and is cybersecurity getting harder?
Full Show Notes: https://wiki.securityweekly.com/ES_Episode53
Visit http://securityweekly.com/esw for all the latest episodes!
If you are a security professional who has not taken the plunge into Docker, this segment is for you. Paul highlights some of the configuration options available for Docket containers and how you can apply them to both your operating system and application hardening strategies.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode53 (Including sample Docker files discussed in this segment)
Visit http://securityweekly.com/esw for all the latest episodes!
Paul and Doug talk about the need for and the pitfalls of Egress Filtering in your enterprise network. And sweaty lawyers.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode52
Visit http://securityweekly.com/esw for all the latest episodes!
Fortinet preps for a next-gen firewall, Samsung no longer males printers, beware of Cisco training, using the right switches, Kubernetes, requirements and testing, to update or not to update and more!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode52
Visit http://securityweekly.com/esw for all the latest episodes!
Apollo Clark discusses the tools and techniques your team can use to manage, monitor and tune your enterprise AWS deployment.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode51
Visit http://securityweekly.com/esw for all the latest episodes!
Love it or hate it, Docker (and containers) are here to stay. Embrace change in this segment where Paul and Apollo discuss using Docker in the enterprise. We cover security considerations, deployment scenarios and much more!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode51
Visit http://securityweekly.com/esw for all the latest episodes!
Microsoft buys another company, to patch (or not), the shift in the cybersecurity battleground, Carbon Black’s Petya assessment, and more enterprise news!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode51
Visit http://securityweekly.com/esw for all the latest episodes!
Brian Ventura is a SANS Instructor and infosec architect, while Ted Gary serves as the Product Marketing Manager at Tenable.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode50
Visit http://securityweekly.com/esw for all the latest episodes!
Five ways to maximize your IT training, pocket-sized printing, 30 years of evasion techniques, Ixia teases advanced visibility solutions, and more enterprise security news!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode50
Visit http://securityweekly.com/esw for all the latest episodes!
*Should EDR be installed on every system? Servers too? All clients?
*How important is the configuration of EDR?
*What should your goals be for defense: know malware? unknown malware? ransomware? or are these three different products?
*If you have a big name AV install, what should drive you to change it? e.g. Symantec or Mcafee...
*What are the most common threats missed by EDR?
*How much of a concern is: performance, scalability, manageability, and crashing the host OS?
*When should you consider running two, or more, EDR solutions on the same host? Or, do you run one flavor on some, and another flavor on another?
Full Show Notes: https://wiki.securityweekly.com/ES_Episode49
Visit http://securityweekly.com/esw for all the latest episodes!
Carbon Black releases Cb Response 6.1, what to ask yourself before committing to a cybersecurity vendor, Malwarebytes replaces antivirus with endpoint protection, and more enterprise security news!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode49
Visit http://securityweekly.com/esw for all the latest episodes!
What should we consider while building an internal penetration testing team? Would you still need external pen tests? Paul and John discuss the pros and cons!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode48
Visit http://securityweekly.com/esw for all the latest episodes!
Automating all the things, Juniper Networks opens a software-defined security ecosystem, millions of devices are running out-of-date systems, DUO New Zealand and McAfee join forces, and more enterprise news!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode48
Visit http://securityweekly.com/esw for all the latest episodes!
Containers are here to stay. While there is some resistance to this movement, Devops can help improve efficiency and security. For the first time security has a seat at the table when discussing the implementation of this new technology. Corey Bozdin comes on the show to discuss how we can use containers to improve security and how to scan your containers for vulnerabilities and exposures, including incorporating security into your SDLC.
Corey is currently responsible for coordinating the efforts of a global Product Management team, owning the product roadmap, and driving world-class execution of operational initiatives with Sales, Finance, and Support. He works closely with the Chief Product Officer to define, refine, and advance the Tenable product portfolio.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode47
Visit http://securityweekly.com/esw for all the latest episodes!
The power of an exploit, Carbon Black's open letter to Cylance, Viavi Solutions Introduces Scalable RF Monitoring for Heterogeneous Networks, and 13 AWS IAM Best Practices for Security and Compliance!
Full Show Notes: https://wiki.securityweekly.com/ES_Episode47
Visit http://securityweekly.com/esw for all the latest episodes!
Atif Ghauri is the CTO for Herjavec Group USA and comes on the show to talk about SEIM, EUBA and how to build a relationship with your MSSP! Atif has over 15 years of experience in technology strategy, implementation, and business development from Comcast, IBM and Unisys. Prior to Herjavec Group, he spent four years as the CISO for the advanced engineering group at Comcast.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode46
Visit http://securityweekly.com/esw for all the latest episodes!
Stopping insider threats with machine learning, the importance of inspecting encrypted traffic, performance and security relations, and what to do if you're SOC is overwhelmed with too many SEIM alerts.
Full Show Notes: https://wiki.securityweekly.com/ES_Episode46
Visit http://securityweekly.com/esw for all the latest episodes!