ES Episode122

From Paul's Security Weekly
Jump to: navigation, search

Recorded January 16, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Annoucements:

    • RSA Conference 2019 is the place to be for the latest in cybersecurity data, innovation and thought leadership. From March 4 – 8, San Francisco will come alive with cybersecurity’s brightest minds as they gather together to discuss the industry’s newest developments. Go to rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass!
    • If you are interested in quality over quantity and having meaningful conversations instead of just a badge scan, join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.

    Enterprise News

    Mergers, Acquisitions & Partnerships

    1. TokenEx partners with SureCloud - SureCloud’s industry-leading GRC (governance, risk and compliance) platform is focused on delivering a purpose-built, SaaS workflow and assessment solution and TokenEx is a cloud-based data-protection platform, providing tokenization, pseudonymization, encryption and data vaulting as a unified Software as a Service (SaaS) for all sensitive data sets.
    2. Check Point Acquires Web Application Security Startup ForceNock - That was fast! Founded in 2017, ForceNock has developed patent-pending web application and API protection (WAAP) technology that leverages machine learning, behavioral analysis, and reputation-based analysis.Check Point says it plans on integrating this technology into its Infinity total protection solution.
    3. Check Point Enhances Infinity Platform With ForceNock Buyout
    4. Cybersecurity Market Worth Over $300bn by 2024: Global Market Insights, Inc.
    5. Zix agrees to acquire cloud-based cybersecurity provider AppRiver for $275M in cash - AppRiver serves more than 60,000 companies worldwide and is supported by what Zix says is “a 4,500-strong” reseller community. The company provides Microsoft Office 365 and Secure Hosted Exchange services, which serve as a lead generator for security products, according to Zix. AppRiver launched its spam and virus service in 2002
    6. Cybersecurity firm Syncurity closes $2M seed round of institutional investment - Syncurity IR-Flow is the SOAR platform built by analysts for analysts that takes a “process-first” approach and allows security teams to streamline the entire incident management process — from threat hunting and pre-conviction alert handling to post-conviction incident response.
    7. Cloud Security Firm Sonrai Emerges From Stealth With $18.5 Million in Funding - Sonrai was founded in 2017 by Brendan Hannigan and Sandy Bird, who previously founded and worked for Q1 Labs, which IBM acquired in 2011 for its QRadar intelligence and analytics platform. Hannigan and Bird joined IBM Security following the acquisition, where they served as general manager and CTO, respectively. Sonrai emerges from stealthSonrai’s Cloud Data Control product, which the company built from the ground up, is a native cloud service that aims to provide organizations the discovery, mapping, classification and automation capabilities needed control data and users across their cloud environments.
    8. Sonrai Security Unfurls Service to Track Data in the Cloud
    9. IAM Provider OneLogin Raises $100 Million - With the new capital, the company wants to accelerate adoption of its new products, including Multi-Factor Authentication (MFA), and to serve enterprises in the UAM category. The provider also plans further expansion in North America and Europe.
    10. Nozomi Networks, Schneider Electric Work Together to Secure Critical Infrastructure - This agreement provides Schneider Electric customers with our ICS cyber security and visibility solution, along with access to a global network of Schneider Electric consultants trained as Nozomi Networks Certified Engineers. We will also integrate our products with Schneider Electric’s EcoStruxure™ open, interoperable, IoT-enabled system architecture and platform.

    Security Product Launches & Announcements

    1. Commvault Enables Any Application And Any Cloud At Scale With Snapshot-assisted Backups - today announced that its IntelliSnap® snapshot technology has been tested and validated to work with Cisco HyperFlex™ hyperconverged systems to protect application workloads, file systems and virtual machines (VMs) without the need for third-party tools, providing customers with control, simplification and flexible architecture options that will meet their business needs now and in the future.
    2. Trustwave unveils new advanced Secure Email Gateway for blended threats - Trustwave SEG 8.2 supports Microsoft Azure Rights Management (Azure RMS), an enterprise cloud-based protection service that employs encryption, identity, and authorization policies to help secure documents and email content traversing across networks and devices.
    3. NopSec Announces a New Enterprise Unified VRM Solution - The focus of this release is to handle datasets from the largest of enterprises, with a user experience that makes understanding overall risk, managing vulnerabilities and remediation simple and straightforward.
    4. Auth0 Now Available on AWS Marketplace - Auth0's availability on AWS Marketplace makes it even more accessible to developers who need an extensible identity solution for new applications. Auth0 is quick to implement and easy for AWS customers to purchase so developers can easily get new applications up-and-running. An Enterprise Subscription to Auth0's highly scalable identity platform includes: Custom Domains, Unlimited Social Identity Providers, Unlimited Enterprise Identity Providers, HIPAA/BAA compliance, Single Sign On, and many other features.
    5. ConnectGuard Ethernet encryption technology protects mission-critical Carrier Ethernet services - ConnectGuard™ Ethernet encrypts Ethernet traffic with line-rate performance for lowest latency and highest throughput. It also comes with none of the complexity or performance cost associated with other data protection techniques. Built on the Advanced Encryption Standard, ConnectGuard™ Ethernet uses cryptographic techniques including dynamic key exchange and hardware tamper protection.
    6. Pulse Secure launches new vADC Community Edition to help developers build smarter applications for container and cloud platforms - Pulse vADC Community Edition integrates easily with common DevOps tools for automated provisioning and orchestration, such as Kubernetes, Terraform, Puppet and Chef, making it easy to start building secure and scalable applications from day one. Developers can use the Community Edition for commercial applications up to a limit of 10 Mbps, and up to four nodes can be clustered together for high availability, for a maximum aggregate bandwidth of 40 Mbps.
    7. Synopsys : Unveils Coverity Enhancements to Extend Breadth, Depth, and Scalability of Enterprise Application Security Testing
    8. Synopsys Improves Coverity Static Application Security Testing
    9. Vesta launches payment and fraud prevention solutions for e-Commerce
    10. XebiaLabs launches new DevOps risk and compliance capability for software releases - The XebiaLabs DevOps Platform provides a single pane of glass for technical and business stakeholders to track the release chain of custody across the end-to-end CI/CD toolchain, from code to production. And, with visibility into security and compliance issues, teams can take action to ensure that release failure risks, security vulnerabilities, and IT governance violations are resolved early in the software delivery cycle.



    Security Product Launches, and Announcements