From Paul's Security Weekly
Recorded December 18, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
- OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
- We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
- Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
- MITRE updates ATT&CK for the cloud -- GCN
- Ping Identity Builds and Matures Zero Trust Security Infrastructures
- Windows Server 2008 R2 and Windows 7 are End of Life
- Automating App Security Testing: Atlassian Bamboo/Rapid7 Integration
- F5 Networks secures NGNIX software builds as precaution after visit from Russian law enforcement
- Apax Partners Acquisition of Coalfire Global Legal Chronicle
- Fortinet acquires SOAR provider CyberSponse - CRN - India
- Newest Secret Server Release | Performance, Flexibility, Control
- Threat Hunting: Survey Results from the Trenches Part 2
- Better Together: Guardsquare Partners with Zimperium to Provide Customers with Comprehensive Mobile App Protection
- Top 25 List of Online Cybersecurity Resources
- SaltStack Integrates with ServiceNow to Deliver Closed-Loop IT and Security Automation
Topic: Unify DevOps and SecOps
DevSecOps is all the rage, but what does it really mean? How do you achieve the integration of Security into DevOps? This segment explores the people and process challenges of DevSecOps and where to integrate security seamlessly into the DevOps pipeline.
Interview: Michael Roytman and Jason Rolleston, Kenna Security
Prior to Kenna Security, Jason was Vice President for Security Operations Products at McAfee. He was also the Head of Product Management for Enterprise Routing at Cisco with responsibility for product strategy across the enterprise & service provider markets, representing over $3B in business for WAN routing, Software Defined WAM (SDWAN), network function virtualization (NFV), and converged branch infrastructure. Jason joined Cisco in 2011 and over his tenure, led teams in Unified Communications, Branch Office Consolidation and In-door wireless location services.
Prior to Cisco, Jason held a variety of senior positions at Symantec Inc. including Enterprise Security Management, Endpoint Management and Datacenter Automation. He holds a Bachelor of Science in Applied Physics and a Masters in Engineering Management from Cornell University, and an MBA from the University of Chicago Booth School of Business.
Named one of Forbes’ 30 Under 30, Michael’s strong entrepreneurship skills include founding organizations such as Dharma Platform, a cloud-based data management platform, and TruckSpotting, a mobile app for tracking food trucks. He also serves on the board of Cryptomove, a moving target data protection startup. In addition, Michael chairs the Board of Dharma Platform and is a board member and the program director at the Society of Information Risk Analysts (SIRA).
Michael is a frequent speaker at security industry events, including Black Hat, BSides, Metricon, RSA, SIRACon, SOURCE, and more. Michael holds a Master of Science in Operations Research degree from Georgia Institute of Technology.
Risk-Based Vulnerability Management/Threat & Vulnerability Management
Risk-Based Vulnerability Management is transforming the vulnerability management industry by enabling enterprises to understand the true risk of their infrastructure and applications, saving them time and resources by prioritizing efforts around actions that reduce the most risk.