ES Episode104

From Paul's Security Weekly
Jump to: navigation, search

Enterprise Security Weekly #104

Recorded August 29, 2018 at G-Unit Studios in Rhode Island!


Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Annoucements:

    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
    • Make sure you register for our webcast with Javelin Networks entitled "How to Get Attackers to Contain Themselves", which will be airing on August 30th from 12 pm to 1pm EST. Go to securityweekly.com/javelin to sign up today!
    • DerbyCon is holding its first-ever Mental Health & Wellness Workshop - to help support their efforts, please go to https://www.derbycon.com/wellness.

    Interview: Rick Holland, Digital Shadows

    Rick has more than 15 years’ experience working in information security. Before joining Digital Shadows, he was a vice president and principal analyst at Forrester Research, providing strategic guidance on security architecture, operations, and data privacy. Rick also served as an intelligence analyst in the US Army. He is currently the co-chair of the SANS Cyber Threat Intelligence Summit and holds a B.S. in business administration from the University of Texas, Dallas. Rick regularly speaks at leading security conferences across the globe and has been interviewed by industry and business media including BBC News, CNN, Dark Reading, Motherboard, NPR, The Register and Wall Street Journal.


    Tech Segment: Office 365 User Behavior Analytics

    Enterprise News

    1. VMware Launches Blockchain Project - Before you laugh, this is a valid use-case: Interest in employing blockchain technologies as an immutable engine for processing transactions across an extended supply chain is running high.
    2. Caveonix Brings RiskForesight to Hybrid Cloud Workload Deployments - RiskForesight provides cyber-risk and compliance features for workloads that span both on-premises and cloud deployments. At the core of RiskForesight is Caveonix's CaveoIQ machine learning and predictive analytics technology that provides compliance risk mitigation capabilities.
    3. Lacework Raises New Funds to Extend Cloud Security Capabilities - The Series B funding round was led by Sutter Hill Ventures and brings total funding to date for Lacework to $32.7 million. Lacework's core product platform, Polygraph, helps organizations detect potential threats.
    4. How Canonical Is Improving Ubuntu Linux Security - In a recent cryptojacking attack in Ubuntu, applications were found to be conducting unauthorized cryptocurrency mining on user desktops. The issue was quickly resolved, serving as a proof point for the resilience of Ubuntu's Snap application packaging system for helping to keep systems updated. "In the architecture of Snaps themselves we put a lot of work into being able to shape the container and define what the container is allowed to do," Shuttleworth said. "Any application that comes into the Snap Store has to be very explicit about all the things it wants to do."
    5. Qualys : How New Passive Network Sensor Boosts Platform Capabilities | MarketScreener
    6. Minerva Labs Achieves Certified Integration with McAfee ePO Through the McAfee Security Innovation Alliance - When Minerva is deployed alongside McAfee Endpoint Security, adversaries are forced to pick their poison. Either they implement evasive tactics and get stopped by Minerva, or use non-evasive techniques and McAfee security mechanisms will intervene.
    7. Bitdefender Total Security Review
    8. SailPoint IdentityIQ 7.3 Update Extends Identity Governance to Bots - The new release also provides enhanced policy controls such that organizations can govern both Amazon Web Services (AWS) cloud as well as SAP environments in a consistent way with the rest of the enterprise.
    9. CrowdStrike Helps Advance Malware Searches on Hybrid Analysis Portal
    10. Lacework Raises New Funds To Help Extend Cloud Security Capabilities
    11. Atos named a Leader in IoT Services by global analyst firm NelsonHall
    12. ManageEngine Adds Skype for Business Server Reporting to Exchange Reporter Plus
    13. Flexera and KPMG Expand Alliance to Keep Open Source Software Clean and Safe