ESWEpisode169

From Security Weekly Wiki
Jump to navigationJump to search

Recorded January 22, 2020 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Annoucements:

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.


    Enterprise News

    1. New infosec products of the week: January 17, 2020 - Help Net Security
    2. Security Compass secures funding to enhance solutions portfolio and accelerate growth - Help Net Security - Not entirely certain how they help organizations, looks like they have products as well as services. Requires more digging to identify the value, seems to be a source analyzer...
    3. CyberArk's new just-in-time access capabilities help reduce risk and improve operational efficiency - Help Net Security - Great features here, all it takes is one production outage or security event and the business can make it really difficult to get code tested and deployed. These features will help organizations be more agile.
    4. Waterfall Security Solutions secures significant new funding round - Help Net Security
    5. Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects - Help Net Security - If I still had to support Windows 7, I'd consider this: Since the February Patch Tuesday is quite a while away and since Windows 7 and Windows Server 2008 R2 users without Extended Security Updates might not get the patch at all, ACROS Security decided to provide a micropatch that simulates the offered workaround (restricts access to the vulnerable JScript.dll) without its negative side effects (reduced functionality for components or features that rely on that particular .dll).
    6. STEALTHbits StealthRECOVER 1.5: Easier and faster AD rollback and recovery - Help Net Security
    7. New Kaspersky Sandbox automates protection from advanced threats - According to a Kaspersky survey of IT decision-makers, 47% of SMBs and 51% of enterprises say that it is becoming more difficult to differentiate between generic and advanced attacks. This means security analysts have to spend time evaluating numerous suspicious files instead of focusing on investigating, and responding to, the most critical threats. This could be even more challenging, as larger SMBs and small enterprises face an IT security talent shortage, so all the responsibilities of managing security fall on the shoulders of IT departments. While true, but not all sandboxes are the same...I'd look at some of the smaller startups, like Intezer or VMRay, but would also consider some of the free ones as well.
    8. ServiceNow to Acquire Loom Systems - With Loom Systems, ServiceNow will increase customers’ ability to apply AI to their knowledge base of issues and fixes for better insights into root causes and allow them to automate remediation tasks, reducing the number of Level 1 IT incidents. - I believe this is a valid use of AI/machine learning, plenty of data to "learn" from, or at least model and automate decisions and remediation processes. This is important for enterprise SOCs. I'd also look at Siemplify for this as well.
    9. Sysdig Closes $70M in Series E Funding to Enable Enterprises to Confidently Secure Cloud-Native Workloads in Production
    10. FireEye adds Cloudvisory to its stable | SC Media
    11. Flashpoint Introduces Compromised Credentials Monitoring, Helping Organizations Lessen Exposure from Breaches, Leaks - Are there reasons not to do this? Enterprise enables organizations to search and monitor Flashpoint’s unique collections for compromised enterprise accounts and passwords in order to flag accounts, reset employee passwords, and restrict permissions to prevent actors from accessing confidential or personally identifiable information (PII). Again, free vs. commercial argument could be made, but if you are in an enterprise setting, likely money well spent?


    Interview: Alex Horan and Juan Pablo Perez Etchegoyen, Onapsis

    JP Perez is the CTO at Onapsis

    As CTO, JP leads the innovation team that keeps Onapsis on the cutting edge of the Business-Critical Application Security market, addressing some of the most complex problems that organizations are currently facing while managing and securing their ERP landscapes. JP helps manage the development of new products as well as support the ERP cybersecurity research efforts that have garnered critical acclaim for the Onapsis Research Labs.

    JP is regularly invited to speak and host trainings at global industry conferences, including Black Hat, HackInTheBox, AppSec, Troopers, Oracle OpenWorld and SAP TechEd, and is a founding member of the Cloud Security Alliance (CSA) Cloud ERP Working Group. Over his professional career, JP has led many Information Security consultancy projects for some of the world's biggest companies around the globe in the fields of penetration and web application testing, vulnerability research, cybersecurity infosec auditing/standards, vulnerability research and more.






    Alex Horan is the Director of Product Management at Onapsis

    From my first job doing data entry (where I discovered I could fix the computers better than anyone else in the company) until now, I have not lost my passion for new technology and helping understand how technology can best help individuals and enterprises achieve results, without getting in their way.

    I am a security-focused product manager who has strong experience leading teams and directing the growth and development of products. My background in start-up based Project Management means I am very comfortable meeting with customers, prospects, and analysts in order to determine the best investment we can make in our product development. I also enjoy communicating the needs of those disparate communities to the engineering teams, be it in agile or waterful development.

    I understand the balance needed between providing a secure environment and allowing an organization to perform their business operations. This comes from my experience evaluating the security posture of a company and defining both IT/Security goals for an organization as well as creating the plan to achieve those goals.

    I am very comfortable at presenting at large conferences for both technical and managerial audiences. I understand the needs of the C-Suite and the folks who keep the business engines running, and so am often asked by sales and marketing to present to clients and prospects. These presentations can be on the value of our products, the state of security at that point in time or leading discussions on how that group could establish or streamline their IT or security processes by leveraging my technology.


    Segment Topic:
    SAP Vulnerability

    Segment Description:
    We can talk about the current state as it relates to SAP Vulnerabilities and security.


    Interview: Robert Siciliano, ProtectNowLLC.com

    Robert Siciliano
    is the Security Awareness Expert at ProtectNowLLC.com.

    Certified Speaking Professional Robert Siciliano CSP, in the 90's appeared on the Montel Williams Show posing as a water company worker, conning his way into unsuspecting homeowners residences. Recently he appeared on Dr. Oz discussing Child Identity Theft, then brought a hacked ATM on the Anderson Cooper show exposing over 1000 credit and debit cards and on CNN he stabbed a melon in the eye to demonstrate rideshare safety. He's written 5 books including a best seller. He's the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

    Segment Topic:
    Security Awareness: Empowering employees to care about security through security appreciation training

    Segment Description:
    Security goes against our core beliefs, therefore security awareness training often falls flat because employees don't care about security. By showing employees the "why" and how it benefits them as individuals, they are much more open to the "how" and begin to appreciate the value security provides.

    Segment Resources: