From Paul's Security Weekly
Recorded January 15, 2020 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
- OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
- We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
- Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
- Up Your Vulnerability Prioritization Game with Tenable Lumin for Tenable.sc
- How to Create Easy and Open Integrations with VMRays REST API - VMRay
- Neustar offers companies a flexible customer identity authentication solution - Help Net Security
- Zimperium integrates with Microsoft Defender Advanced Threat Protection EDR - Help Net Security
- PacketViper Deception360 now available for Microsoft Azure - Help Net Security
- Synopsys, Inc.s Acquisition Of Tinfoil Security Global Legal Chronicle
- Say Goodbye to Windows Server 2008 and Hello to Azure?
Interview: Mark Orlando, Bionic Cyber
Outdated defense approaches and the need to revisit traditional thinking about security operations in the enterprise
In today’s talent and budget-constrained environment, many organizations can’t afford a 24/7 security operations team to defend their enterprise. Even equipped with a SOC, defenders struggle mightily with bias, alert fatigue, turnover, and other issues that result in waste and inefficiency. We have to revisit the notion that "good security" means a bolted-on monitoring team and unsustainable investments in point products.
https://bioniccyber.com, which includes a link to our Github site where we post various tools and other resources for defenders. I also want to encourage people to check out SANS' growing blue team curriculum, specifically SEC450 for newer SOC analysts, since I think it addresses many of the things about SOC work we need to change.
Interview: Ward Cobleigh, VIAVI
VISA Security Alerts - What we can learn, and what we can do
The recent VISA security alerts highlight the need for ongoing network monitoring and the ability to react quickly to specific indicators of compromise (IOCs). How flow and wire data can flag malicious behaviors and identify breach scope and impact.