ES Episode116

From Paul's Security Weekly
Jump to: navigation, search

Enterprise Security Weekly #116

Recorded November 21, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Annoucements:

    • If you are interested in quality over quantity and having meaningful conversations instead of just a badge scan, join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
    • Join us for our Webcast with Chronicle entitled "Intelligence Powered Malware Hunting". This webcast will be held December 5th @3-4pm EST. Go to to register now!
    • Sign up for Pandora Podcasting early access! Go to to get access to our podcast on Pandora! The full release will be sometime in December.
    • Go to to register for stealthBITS webcast "Emerging & Continuing Trends in 2019: Privacy Regulations, Active Directory Security & Machine Learning" for an in-depth discussion from Gabriel Gumbs and myself. You can also view their assessment at:

    Interview: Rick Fernandez, LogRhythm

    Rick Fernandez
    is the Sr. Sales Engineer focused on Sales Integrators at LogRhythm.
    Rick Fernandez has 25 years applicable experience, 16 years technical execution and management experience of increasing responsibility and scope and over 9 years pre-sales and business development. Rick is the Sr. Security Engineer for Global System Integrator (SI) Team providing technical expertise for LogRhythm’s Most Valued Partners (MVP), focusing on Optiv, Unisys, Fujitsu, Protiviti, EY, and Deloitte. Successful managing escalations and developing reference architectures based on growth and changing security landscapes.

    Discussion: What Sis Want isn’t That Different from the Enterprise

    • Automate the Hunt // Automation // Contextualizing
    1. Contextualize and Enrich before analysts have to work with the alarm/data
    2. Ability to scale contextualization and enrichment so it pulls from your entire environment, not just a single source/log/event

    • Identity Access // IAM
    1. Identity Driven Security Alliance

    • Okta // IAM // SIEM that sits in the middle
    1. Discussion of role with our Technology Alliance Partners

    • Why the recent rise in IAM?
    1. Insider Threat
    2. Value of IAM
    3. Anomalous Behavior
    4. Respond via authentication // shrinking access

    Enterprise News

    1. Riverbed announces enhancements to SD-WAN solution |
    2. Israeli cybersecurity co Tufin plans Nasdaq IPO
    3. Flexera AdminStudio 2018 decreases the need for repackaging
    4. ItVoice | Online IT Magazine India F-Secure boosts Endpoint detection and response with unique on-demand elevate to experts
    5. Aruba Introduces New Secure, AI-Powered Mobility Innovations for the Experience Edge
    6. DigiCert Selected by USB-IF to Operate Managed PKI for USB Type-C Authentication
    7. F-Secure boosts endpoint detection and response with unique on-demand elevate to experts
    8. Siemens and Aruba, a Hewlett Packard Enterprise Company, Form Strategic Partnership for Integrated Networks
    9. Mimecast Joins IBM Security App Exchange Community
    10. Sophos Adds Endpoint Detection and Response to Intercept X Advanced
    11. Awake Security Debuts Network Traffic Analysis Platform to Detect Risks
    12. Alcide Advances Cloud-Native Security Firewall Platform

    Interviews: Venafi, Irdeto, and HP

    Our interviews with Jeff Hudson the CEO of Venafi, Dr. Kimberlee A. Brannock and Michael Howard from HP, and Ben Bennett and Mark Hearn from Irdeto.