ES Episode113

From Paul's Security Weekly
Jump to: navigation, search

Enterprise Security Weekly #113

Recorded October 31, 2018 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Annoucements:

    • If you are interested in quality over quantity and having meaningful conversations instead of just a badge scan, join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
    • Join us for our Webcast with Signal Sciences entitled Which way should you shift testing in the SDLC? This webcast will be held November 8th @3-4pm EST. Go to securityweekly.com/signalsciences to register now!

    Interview: Ian McShane, Endgame

    Ian McShane is the VP of Product Marketing for Endgame
    Ian McShane has nearly two decades of experience in operational IT and security and risk planning for enterprises, service providers and software vendors. He is a recognized leader for his ability to help organizations scale their security programs and bring products to market. During his tenure at Gartner, McShane specialized in research focused on assessing the impact of emerging technologies for security operations, breach detection and incident response. Prior to joining Gartner, he led Global Product Marketing and Product Management teams at Symantec for over 11 years, with a focus on email security, web security, endpoint security and advanced threat protection.


    Enterprise News

    1. Ping Identity Launches a Quickstart Private Sandbox - The Quickstart Private Sandbox for Open Banking and PSD2 deploys the latest versions of the Ping Identity Platform, including PingFederate, PingAccess and PingDirectory, complete with a set of example applications and APIs to allow service testing. The two reference applications are a sporting goods e-commerce store and a financial transaction aggregator. They integrate with a pair of test APIs for payments and accounts, which Ping has built to Open Banking’s Read/Write Data API Specifications. This allows financial services providers to quickly carry out transaction testing and account aggregation within a security conformant framework.
    2. Wallarm Advances Application Security With FAST 2.0 - "We want to continue our product expansion by releasing new unique approaches to improve our signatureless detection, Active Threat Verification and fuzzing with new impressive techniques,"
    3. IBM To Acquire Red Hat - IBM and Red Hat announced that the companies have reached a definitive agreement under which IBM will acquire all of the issued and outstanding common shares of Red Hat for $190.00 per share in cash, representing a total enterprise value of approximately $34 billion.
    4. LogRhythm Advances NextGen SIEM Security Platform With SOAR Features - LogRhythm announced its 7.4 release on Oct. 30, enhancing the company's NextGen SIEM platform with advanced Security Orchestration, Automation and Response (SOAR) capabilities. Among the new features in the LogRhythm update are case playbooks for organizing a workflow for security events. Automated response actions have also been added to the platform as well as Security Operations Center (SOC) metrics.
    5. Most Organizations Not Engaging in Threat Hunting, Fidelis Reports - According to the Fidelis 2018 State of Threat Detection Report, 63 percent of organizations do not currently employ threat hunting, or they do not know if they do. The Fidelis study was based on a survey of 580 security professionals from around the world.
    6. McAfee takes a big step into the cloud with MVision - Announced by chief executive Chris Young at the company's MPower Cybersecurity Summit, the initial modules of the MVision suite are MVision ePO, MVision Endpoint, MVision Mobile, MVision EDR, and MVision Cloud. MVision delivers McAfee's promise of true security as a service, Young claimed. "We're doing it all within the cloud."
    7. Neustar Acquires Verisigns Security Services Customer Contracts. - The acquisition consists of Distributed Denial of Service (DDoS) Protection, Managed DNS, DNS Firewall and fee-based Recursive DNS services customer contracts. Trusted by the world’s largest brands, Neustar will provide Verisign’s former Security Services’ customers with exceptional service and world-class support backed by a global cloud infrastructure and a broad security services portfolio.
    8. Endgame Improves Endpoint Security with Total Attack Lookback - Forensic evidence is a big deal. When a breach is detected so many questions arise, such as "How long have they been in my network?" and "What did they gain access to?". This new announcement can help with those challenges.
    9. NTT Security adds Botnet Infrastructure Detection to Managed Security Services - The enhancement will enable NTT Security to find attacks on customers’ internet-connected devices in real time and help affected organisations react more quickly, minimising interruption to the business. Machine learning is used to primarily detect Command & Control (C&C) servers, which are added to NTT Security’s blacklist, which is then accessed by experts to analyse the threat in detail and applied to detect attacks.