From Paul's Security Weekly
Recorded November 20, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020 and click the register button to register with our discount code!
- Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to securityweekly.com/rsac2020 and use our code to register!
- Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting securityweekly.com, selecting the webcast drop down from the top menu bar and clicking registration.
- Illusive Networks Extends Cyber Protection to OT and IoT Attack Surfaces - "Adversaries are increasing their focus on non-traditional IT attack surfaces, and concerns raised by evaporating perimeter security in the areas of IoT and OT are impacting transformation efforts," said Ofer Israeli, CEO and founder of Illusive Networks. Really? I'd like to see the research to back up this claim please.
- Vista Acquires a Majority Interest in Sonatype: A Great Day for our Customers, Partners and Community
- iTWire - Check Point Software says Cymplify acquisition brings new IoT cyber security technology - According to Check Point the proliferation of Internet-of-things (IoT) devices in consumer, enterprise, industrial and healthcare organisations, and their inherent security weaknesses, have created a security blind spot where cybercriminals launch 5th and 6th generation of cyber attacks to breach devices (IP camera surveillance), manipulate their operation (medical device infiltration) or even take over critical infrastructure (manufacturing plant) to generate “colossal damage”.
- StackRox Kubernetes Security Platform 3.0 Introduces Advanced Features and New Workflows for Configuration and Vulnerability Management
- After selling enterprise biz, Docker lands $35M investment and new CEO TechCrunch
- WhiteSource acquires automated dependency update solution Renovate
- Cyber Risk Analytics Firm CyberCube Raises $35 Million
- New infosec products of the week: November 15, 2019 - Hive Fabric enables users to deploy virtual desktops, virtual servers, and software-defined storage in a single install, eliminating the need for a multi-vendor and multi-contract approach. The latest software release brings increased security and integrations, furthering operational-focused capabilities and removing overhead associated with the day-to-day support of virtualization.
- Sysdig supports Google Cloud Run for Anthos to secure serverless workloads in production
- 1Password Raises $200 Million in Series A Funding
- NeuVector releases Security Policy as Code capability for Kubernetes - The release – built into the NeuVector platform – enables DevOps teams to automate container security by using Kubernetes Custom Resource Definitions (CRDs) to define and manage application security policies throughout application development and production.
Interview: Reuven Harrison, Tufin
Reuven brings more than 20 years of software development experience, holding two key senior developer positions at Check Point Software, as well other key positions at Capsule Technologies and ECS. He received a Bachelor's degree in Mathematics and Philosophy from Tel Aviv University.
Cloud, containers, and microservices
Interview: Jorge Salamero, Sysdig
- What are the challenges of implementing security in Kubernetes environments?
- What are the approaches you have seen out there?
- Scan for vulnerabilities pre-deployment (CI/CD)
- Continuously check compliance and audit changes across the stack
- Block runtime threats and attacks
- Respond to incidents and conduct forensics on Kubernetes
- Use cases when monitoring and security come together
- Can you tell me a bit more about the open source project Falco?