ES Episode124

From Paul's Security Weekly
Jump to: navigation, search

Recorded January 30, 2019 at G-Unit Studios in Rhode Island!


Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Annoucements:

    • RSA Conference 2019 is coming up March 4 – 8 in San Francisco! Go to rsaconference.com/securityweekly-us19 to register now using the discount code 5U9SWFD to receive $100 off a full conference pass! If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!
    • Join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals in search of actionable information. Visit https://infosecworld.misti.com/ and use the registration code OS19-SECWEEK for 15% off the Main Conference or World Pass. If you are interested in booking an interview or briefing with Security Weekly, please go to securityweekly.com/conferencerequest to submit your request!
    • Registration is now open for the first Security Weekly webcast of 2019! You can register for our "Rise Above Complex Workflows: Practical Ways To Accelerate Incident Response" webcast now by going to securityweekly.com/webcasts.

    Interview: Andrew Peterson, Signal Sciences

    Andrew Peterson
    is the Founder & CEO of Signal Sciences.
    Andrew Peterson is the Founder & CEO @signalsciences. O’Reilly author of Cracking Security Misconceptions. He was previously the group product manager of international growth at Etsy. Prior to Etsy, Peterson was a health information management officer at the Clinton Foundation before which he was a senior product specialist at Google.


    • security folks must transition from looking for bugs to interacting with a process
    • we need to re-learn how to prioritize the bugs
    • typically we see a long list of medium and low severity bugs, always there, are they being exploited?
    • how do we prioritize functionality, bug fixes and security fixes?
    • how to connect w/ developers and prioritize bugs, know where attacks happen in infrastructure and code, 80% go here, lets secure that first?
    • the old goal was to have software with no bugs

    Enterprise News

    1. Blockchain security company AnChain.ai raises $2 mln in seed - PE Hub
    2. Cybersecurity Startup ReSec Raises $2 Million
    3. Medigate brings in $15M for medical device security platform - MedCity News
    4. Cato Networks raises $55 million to protect cloud-based computing services
    5. Sophos acquires DarkBytes as foundation of new MDR services
    6. Symantec Boasts Advanced Protection and Hardening Capabilities with Complete Endpoint Defense
    7. How Cynets Platform Approach Tames Cyber-Security Issues
    8. Salt Security Launches API Protection Platform
    9. Yubicos 2019 State of Password and Authentication Security Behaviors Report