From Paul's Security Weekly
Jump to: navigation, search

Recorded November 20, 2019 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Annoucements:

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit and click the register button to register with our discount code!
    • Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to and use our code to register!
    • Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting, selecting the webcast drop down from the top menu bar and clicking registration.

    Enterprise News

    1. Illusive Networks Extends Cyber Protection to OT and IoT Attack Surfaces - "Adversaries are increasing their focus on non-traditional IT attack surfaces, and concerns raised by evaporating perimeter security in the areas of IoT and OT are impacting transformation efforts," said Ofer Israeli, CEO and founder of Illusive Networks. Really? I'd like to see the research to back up this claim please.
    2. Vista Acquires a Majority Interest in Sonatype: A Great Day for our Customers, Partners and Community
    3. iTWire - Check Point Software says Cymplify acquisition brings new IoT cyber security technology - According to Check Point the proliferation of Internet-of-things (IoT) devices in consumer, enterprise, industrial and healthcare organisations, and their inherent security weaknesses, have created a security blind spot where cybercriminals launch 5th and 6th generation of cyber attacks to breach devices (IP camera surveillance), manipulate their operation (medical device infiltration) or even take over critical infrastructure (manufacturing plant) to generate “colossal damage”.
    4. StackRox Kubernetes Security Platform 3.0 Introduces Advanced Features and New Workflows for Configuration and Vulnerability Management
    5. After selling enterprise biz, Docker lands $35M investment and new CEO TechCrunch
    6. WhiteSource acquires automated dependency update solution Renovate
    7. Cyber Risk Analytics Firm CyberCube Raises $35 Million
    8. New infosec products of the week: November 15, 2019 - Hive Fabric enables users to deploy virtual desktops, virtual servers, and software-defined storage in a single install, eliminating the need for a multi-vendor and multi-contract approach. The latest software release brings increased security and integrations, furthering operational-focused capabilities and removing overhead associated with the day-to-day support of virtualization.
    9. Sysdig supports Google Cloud Run for Anthos to secure serverless workloads in production
    10. 1Password Raises $200 Million in Series A Funding
    11. NeuVector releases Security Policy as Code capability for Kubernetes - The release – built into the NeuVector platform – enables DevOps teams to automate container security by using Kubernetes Custom Resource Definitions (CRDs) to define and manage application security policies throughout application development and production.

    Interview: Reuven Harrison, Tufin

    Reuven Harrison is the Chief Technology Officer at Tufin.
    Reuven Harrison is CTO and Co-Founder of Tufin. He led all development efforts during the company’s initial fast-paced growth period, and is focused on Tufin’s product leadership. Reuven is responsible for the company’s future vision, product innovation and market strategy. Under Reuven’s leadership, Tufin’s products have received numerous technology awards and wide industry recognition.

    Reuven brings more than 20 years of software development experience, holding two key senior developer positions at Check Point Software, as well other key positions at Capsule Technologies and ECS. He received a Bachelor's degree in Mathematics and Philosophy from Tel Aviv University.

    Segment Topic:
    Cloud, containers, and microservices

    Interview: Jorge Salamero, Sysdig

    Jorge Salamero is the Director of Product Marketing at Sysdig
    Jorge enjoys playing with containers and Kubernetes, home automation and DIY projects. Currently, he is part of the Sysdig team, and in the past was a Debian developer. When he is away from computers, you will find him walking with his 2 dogs in the mountains or driving his car through a twisted road.

    Segment Description:
    • What are the challenges of implementing security in Kubernetes environments?
    • What are the approaches you have seen out there?
    • Scan for vulnerabilities pre-deployment (CI/CD)
    • Continuously check compliance and audit changes across the stack
    • Block runtime threats and attacks
    • Respond to incidents and conduct forensics on Kubernetes
    • Use cases when monitoring and security come together
    • Can you tell me a bit more about the open source project Falco?