ES Episode30

From Paul's Security Weekly
Jump to: navigation, search

This week on Enterprise Security Weekly, Jayne Groll and Alan Shimel join us. In the news, SyferLock announces a technology alliance with OpenIAM, RiskIQ strengthens their digital threat mitigation capabilities, RiskSense Platform 7.0 is here, and more.

Announcements

ITPro.TV Annoucenment:

  • ITProTV’s Upcoming courses include Cybersecurity Analyst+, CCNA Cyber Ops, ITIL Operational Support and Analysis, and Microsoft System Center. ITProTV is introducing a new membership level soon. All current Premium Members will be granted the highest membership level available, so ​sign up today! Visit​ itpro.tv/enterprisesecurity and use code ​ ES30.
  • Get out and vote for your favorite security blogs and podcast! Security Weekly has been nominated for the 2017 RSA Social Security Awards Best Security Podcast, cast your vote today by visiting securityweekly.com/vote!
  • Attend the InfoSecWorld conference on April 3-5 in Orlando Florida, tons of great talks and Security Weekly listeners get10% off by using the code OS17-SW. Find out more at infosecworld.misti.com
  • Attend SOURCE Boston on April 24-27th for training and awesome talks! Use the code SECURITYWEEKLY for $100 off either a conference ticket or one of the trainings. Find out more at source conference.com
  • Attend the Shaves That Saves event at RSA this year on Wed Feb 15 from 6pm-8pm and watch security industry folks shave their heads for charity! All Proceeds will benefit St. Baldrick’s Foundation, an organization supporting lifesaving children’s cancer research. Find out more by visiting the link in our wiki at wiki.securityweekly.com.

Enterprise Security News

  1. Sopra Steria : ThreatQuotient Announces New Partnership with Sopra Steria - "A Threat Intelligence Platform helps C-Level executives to integrate Security Operations feedback into their risk analysis and strategic planning activities." comments Anthony Perridge, Regional Director for ThreatQuotient(TM). "Companies need more and more Intelligence driven services like the Threat Intelligence Platform. I strongly believe that classical Managed SOC offers will disappear in the near future and will be replaced by Intelligence Driven SOC offers focused on threat defence and fighting adversaries."
  2. SyferLock Announces Technology Alliance with OpenIAM to Provide Software-Based Authentication for OpenIAMs Identity and Access Management Solutions - SyferLock’s patented, software-based two-factor / multi-factor authentication solutions provide next generation One-Time Passwords/PINs (OTPs) for secure access to computers, networks and the Internet. SyferLock has engineered an enhanced authentication methodology and system using device-less OTPs that provides users with a simple, more secure way to access information leveraging their existing passwords.
  3. Bromium Secure Platform Assembles Endpoint Sensors for Enterprise Security - Cyber Parse - Cyber Security and Information Security - This actually sounds pretty solid: when an attack takes place in a Bromium Micro-VM, full forensic information is made available to the Bromium Secure Platform. That means the system is aware of the specific registry entry that was changed and what the malware attempted to do. The Secure Platform’s database is then queried in real-time to see if any other sensor has ever seen anything similar. Bromium Secure Platform is also able to help defend Windows Server infrastructure as well. Crosby said that the plan is to add Linux server support in the future. On servers, privilege escalation and memory based malware are increasingly common. Bromium sensors will define external processes that might process data, that comes from an un-trusted source. Those processes are then tracked, with Bromium’s platform looking for potential risky behaviors.
  4. RiskSense Unveils Multi-Client Dashboard That Enables Managed Service Providers to Deliver Outsourced Cyber Risk Management :: ITbriefing.net :: - the pioneer and market leader in pro-active cyber risk management, today announced RiskSense Platform 7.0. The new release includes a Multi-Client Dashboard that enables Managed Security Service Providers (MSSP) to deliver risk management offerings that align a client's vulnerability management priorities to focus on the most serious threats posed to their business operations.
  5. CloudPassage Announces Slack Integration for Halo - <-- Nifty
  6. Shavlik Announces Availability of Application Manager for System Center Configuration Manager (SCCM)
  7. RiskIQ Deepens Digital Threat Mitigation Capabilities | Acquires Maccabim


Interview: Jayne Groll and Alan Shimel, DevOps

Jayne Groll is a co-founder and Board Member of the DevOps Institute (DOI). She is also President of ITSM Academy. Jayne carries many IT credentials including ITIL Expert™, Certified ScrumMaster, Certified Agile Service Manager, DevOps Foundation and is a Certified Process Design Engineer (CPDE)™ . Her IT management career spans over 25 years in roles across a wide range of industries. Jayne is very active in the ITSM, Agile and DevOps communities and is the author of the Agile Service Management Guide. She is a frequent presenter at local, national and virtual events.

As Editor-in-chief of DevOps.com, co-founder of the DevOps Institute and Chief Executive Officer at The CISO Group, Alan Shimel is attuned to the world of technology, particularly cloud, security and open source. With the rise of DevOps awareness, Shimel has forged his DevOps outlets into a leading voice and destination for DevOps awareness and learning.