ES Episode105

From Paul's Security Weekly
Jump to: navigation, search

Enterprise Security Weekly #105

Recorded September 5, 2018 at G-Unit Studios in Rhode Island!


Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Annoucements:

    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
    • DerbyCon is holding its first-ever Mental Health & Wellness Workshop - to help support their efforts, please go to https://www.derbycon.com/wellness.

    Enterprise News

    1. How the Department of Defense Is Using Open Source - Danger! Danger! "You don't have to reinvent the wheel. You can just find something someone else has done and you can get up to speed very quickly," he said.
    2. BitSight Launches Forecasting Capability for Cyber-Risk - The BitSight Forecasting capability builds on BitSight's existing ratings service that helps organizations measure and benchmark cyber-security posture and maturity. With Forecasting, BitSight now enables organizations to estimate the impact of different technology and process changes on their cyber-security risk score.
    3. A Better Way To Manage Shadow IT and Promote Healthy Cloud Adoption - OpenDNS Umbrella Blog
    4. SentinelOne Teams Up with Sumo Logic to Enhance Threat Defenses, and Achieve Proactive Security - By the means of this collaboration, Sumo Logic's customers will gain the ability to make use of SentinelOne’s next-gen endpoint protection directly via the Sumo Logic platform to avert, identify, and undo known as well as unknown threats in real time.
    5. Swimlane to Support McAfees Advanced Security Operations Center - Big win for Swimlane: 'Swimlane, a leader in security orchestration, today announced its security orchestration, automation and response (SOAR) platform has been selected by McAfee, the device-to-cloud cybersecurity company, for integration into the McAfee security operations center (SOC). Swimlane will automate and orchestrate a wide range of use cases surrounding incident response and other McAfee SOC processes.
    6. Fortinet Releases New IoT Security Controller for Network Segmentation - FortiNAC allows IT and OT teams to document all the connected devices in their IoT network and gives them the ability to shut down, segment and isolate sections of that network. But how do you make exceptions for IoT devices that should be there? More importantly, how do you monitor for changes or abuse of existing IoT devices?
    7. Secureworks opens up proprietary UEBA through partner programme - Secureworks’ decision to decouple its proprietary analytics offering from its endpoint agent will make the company’s high-fidelity detection and threat hunting capabilities available more broadly in the marketplace, while also giving clients the freedom to choose endpoint security products that best meet their needs. Are you a product company or a services company? These are difficult waters to navigate...

    Interview: Marc French, Mimecast and Ofer Maor, Synopsys

    Paul interviews Marc French the SVP Chief Trust Officer of Mimecast. Marc discusses what Mimecast does for the security industry and explains the path Mimecast has gone through.

    Paul interviews Ofer Maor the Director of Solutions for Synopsys. Ofer talks about the problem Synopsys solves, the deployment for the static analysis tool, and about the open source libraries from Synopsys.

    Interview: Bret Settle, Threat X and Willy Leichter, Virsec

    Paul talks with Bret Settle, the CEO of ThreatX about shifting the focus to the hacker. Bret explains how ThreatX classifies itself in the kill chain. Bret also talks about how ThreatX is automated to show vulnerabilities.

    We all hear about sophisticated attacks, and most think "That could never happen" or "That would never happen". While not everyone is targeted by advanced attackers, advanced attacks are happening. Don't believe us? Check out this interview and learn about innovative endpoint defenses and how attackers use covert signaling technologies (such as pulsing cooling fans!) to exfiltrate data.