ESWEpisode177

From Security Weekly Wiki
Jump to navigationJump to search

Enterprise Security Weekly Episode 177 - 2020-03-25

Episode Audio

Enterprise Security Weekly Episode 177

Announcements

  • In our next webcast with Synopsys we will cover "Better, Faster, More Secure Code By Combining SAST and SCA" with Utsav Sanghani, their Senior Product Manager. Register for our upcoming webcasts and virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts by visiting securityweekly.com/ondemand. Each webcast will earn you 1 CPE credit that we will submit on your behalf if you provide your ISC2 number.
  • We are looking for high-quality guest suggestions for our Enterprise Security Weekly podcast to fill our upcoming recording schedule! We're committed to educating and providing entertainment for the InfoSec community and we would love to hear from you about who you would like us to interview on the show! Submit your suggestions for guests by visiting securityweekly.com/guests and submitting the form! We review suggestions monthly and will reach out to you once reviewed!
  • SecureWorld Boston has been rescheduled to July 15-16, 2020 at the Hynes Convention Center in Boston, Massachusetts! You can register for this event by visiting secureworldexpo.com and using the code "SECURITYWEEKLY" to save $100 on a full conference pass! We will keep you in the loop as soon as we know who from Security Weekly will be there!
  • TBD2

Interview: Keeping Systems Secure...From Home - 6:00-6:45PM

Description:

The cybersecurity challenges created by remote workforces and what it takes to deliver security to remote workers while avoiding impacting business operations. How do you continue vulnerability and patch management across endpoints and servers when everyone is working from home? To learn more about Qualys, visit: https://securityweekly.com/qualys

Content:

Media alert: https://www.qualys.com/company/newsroom/news-releases/usa/qualys-offers-free-remote-endpoint-protection-solution/ Blog: https://blog.qualys.com/technology/2020/03/24/free-remote-endpoint-protection-solution-secures-remote-workforces-with-one-click

Guest: Bio:
Sumedh Thakar is Chief Product Officer at Qualys
As Chief Product Officer at Qualys, Sumedh oversees worldwide engineering, development and product management for the Qualys software-as-a-service (SaaS) platform and integrated suite of security and compliance applications. A core systems and database engineer, Sumedh started at Qualys in 2003, architecting and delivering Qualys' PCI compliance platform to meet the Payment Card Industry (PCI) Data Security Standard (DSS) requirements. Today, more than 69 percent of ASVs and 50 percent of QSAs worldwide use Qualys PCI to perform PCI DSS certification.

Hosts

Matt Alderman - CEO at Security Weekly
Paul Asadoorian - Founder & CTO at Security Weekly

News - Threat Stack, Qualys, StackRox, Sysdig

Description:

How to Write an Automated Test Framework in a Million Little Steps, Qualys remote endpoint protection solution helps enterprises secure remote workforces, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams and more!


Content:

https://blog.sonatype.com/owasp-security-knowledge-framework

https://www.threatstack.com/blog/how-to-write-an-automated-test-framework-in-a-million-little-steps https://www.ixiacom.com/company/blog/microsoft-exchange-flaw-cve-2020-0688-still-affecting-130k-public-facing-servers https://www.helpnetsecurity.com/2020/03/25/qualys-remote-endpoint-protection/ http://www.globalsecuritymag.com/Sumo-Logic-Selects-StackRox-to,20200318,96788.html http://www.globalsecuritymag.com/Portshift-Announces-Kubei,20200323,96931.html http://www.globalsecuritymag.com/Sysdig-Provides-the-First-Cloud,20200324,96978.html http://www.globalsecuritymag.com/Kaspersky-Security-for-Microsoft,20200325,96995.html

https://www.helpnetsecurity.com/2020/03/23/windows-zero-days/


Matt Alderman's Content:

MattAlderman-0.png


Template:ESW177NewsMatt Alderman

Paul Asadoorian's Content:

Paul Asadoorian-0.png


  1. OWASP Security Knowledge Framework
  2. How to Write an Automated Test Framework in a Million Little Steps | Threat Stack
  3. Microsoft Exchange Flaw CVE-2020-0688 Still Affecting 130K Public-Facing Servers | Ixia
  4. Free Qualys remote endpoint protection solution helps enterprises secure remote workforces - Help Net Security
  5. Sumo Logic Selects StackRox to Protect Its Cloud-Native Applications and Services
  6. Portshift Announces Kubei Container Runtime Scanning Software with Launch of its Open Source Initiative
  7. Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering
  8. Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams
  9. Windows users under attack via two new RCE zero-days - Help Net Security


Fullaudio - None

Description:

This week, we talk Enterprise News, to discuss OWASP Security Knowledge Framework, How to Write an Automated Test Framework in a Million Little Steps, Sumo Logic Selects StackRox to Protect Its Cloud-Native Applications and Services, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, and Windows users under attack via two new RCE zero-days! In our second segment, we welcome Sumedh Thakar, Chief Product Officer at Qualys, to talk about Cybersecurity Challenges Created by a Remote Workforce! In our final segment, we welcome Tod Beardsley, Director of Research at Rapid7, to discuss SMB exposures and User Behavior Analytics failures, using findings from Rapid7 Research Labs!

To learn more about Qualys, visit: https://securityweekly.com/qualys To learn more about Rapid7 or to get a free trial, visit: https://securityweekly.com/rapid7

Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly



Matt Alderman's Content:

MattAlderman-0.png


Template:ESW177FullaudioMatt Alderman

Paul Asadoorian's Content:

Paul Asadoorian-0.png


Template:ESW177FullaudioPaul Asadoorian


Interview: Windows Exploits, Re-Training Your Security Solutions - 6:00-6:45PM

Description:

Tod Beardsley, research director, will discuss some of the trends in Internet scanning and attacker behavior given there are new Windows vulnerabilities and the workforce working from home. Should you re-train your User Behavior Analytics (UBA) and/or rely on other technologies? To learn more about Rapid7 or to get a free trial, visit: https://securityweekly.com/rapid7

Guest: Bio:
Tod Beardsley is Director of Research at Rapid7
Tod Beardsley is the Director of Research at Rapid7. He has over 30 years of hands-on security experience, stretching from in-band telephony switching to modern IoT implementations. He has held IT Ops and Security positions in large organizations such as 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Today, Tod directs the security research program at Rapid7, is a frequent speaker at industry conferences, is a CVE Board member, and is a contributing author to a number of research papers produced by Rapid7.

Hosts

Matt Alderman - CEO at Security Weekly
Paul Asadoorian - Founder & CTO at Security Weekly