ES Episode134

From Paul's Security Weekly
Jump to: navigation, search

Recorded April 24, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Annoucements:

    • Register for our upcoming webcast with ServiceNow by going to https://securityweekly.com/webcasts. If you have missed any of our previously recorded webcasts, you can find them at https://securityweekly.com/ondemand.

    • You can now submit your suggestions for guests in our recently released guest suggestion form! Go to https://securityweekly.com/guests and enter your suggestions!

    • We've heard from our listeners that they love our content, but the amount of content we distribute can sometimes be overwhelming. We've recently released our customizable listener interest list. Visit https://securityweekly.com/subscribe and click the button to Join the Listener List and let us know your interests.

    • The Layer 8 Conference has two tracks of talks on social engineering and Open Source Intelligence gathering. The conference is the only one of its kind and will be on Saturday, June 8th in Providence, Rhode Island. Check out the Mental Health Hackers village, the TOOOL lockpick village, the CTF with Trace Labs, all at layer8conference.com


    Interview: Francis Dinha, OpenVPN

    Francis Dinha
    is the CEO of OpenVPN.
    Francis Dinha fled Iraq in the 1970s to Sweden, where he earned a bachelors in Physics and Electrical Engineering & a masters in Computer Engineering. He was then recruited by a tech company in the U.S., and after brief stints in the dot com industry and with the US State Department helping build a communications infrastructure in Iraq, he co-founded OpenVPN.


    Enterprise News

    1. ShieldX adds lateral movement prevention to the Elastic Security Platform for AWS - ShieldX, the leader in elastic security, announced the addition of lateral movement prevention to the ShieldX Elastic Security Platform for AWS. Also known as East-West security, enterprises can now for the first time monitor and prevent lateral movement inside the AWS public cloud to complement ShieldX’s existing capability for VMWare ESXi and Microsoft Azure.
    2. Threat Stack Cloud Security Platform features improved visibility of Kubernetes environments - As companies adopt Kubernetes to help orchestrate their container infrastructure, security processes and policies have been slow to adapt. This has led to increased risk as companies deploy containers without the appropriate security processes and tools in place. Threat Stack is enabling its customers to securely adopt containers and Kubernetes by eliminating the additional risk associated with the lack of visibility into their container infrastructure.
    3. Tenable Integrates with Google Cloud Security Command Center - Tenable®, Inc. announced the integration of Tenable.io® — for vulnerability management in the Cloud — with Google Cloud Security Command Center (Cloud SCC). This provides organizations with enhanced visibility into their cloud assets, both public and private, delivered via a single dashboard. Cloud-focused organizations can now confidently manage Cyber Exposure across the entire modern attack surface and reduce cyber risk in their environments.
    4. Quest Software announced the introduction of Foglight Container Management - Quest Software announced the introduction of Foglight Container Management, a solution that provides real-time and historical analytics of containers and its hosts across physical, virtual and cloud environments. Foglight Container Management supports business’s container initiative by empowering IT infrastructure teams to quickly identify incidents and proactively prevent issues from happening. With Foglight Container Management, businesses can make faster, smarter decisions when it comes to container deployment.
    5. Flashpoint Strengthens Intelligence Platform with New Dashboards and Analytics, Expanded Collections and Tailored Alerting by Industry - The new innovations and enhancements strengthen Flashpoint Intelligence Platform, which grants access to the company’s archive of finished intelligence reports, data from illicit forums, marketplaces, chat services, paste sites, technical data, card and account shops, and vulnerabilities, in a finished intelligence experience. The platform scales Flashpoint’s internal team of specialised, multilingual intelligence analysts’ ability to quickly provide responses to customers. The platform now features new dashboards and analytics, expanded datasets, chat services and communities, and industry alerting that simplify an organisation’s consumption and automation of intelligence.
    6. RiskSense Research Report Finds Attackers Weaponized More Security Vulnerabilities Last Year than Ever Before - 2018 was most weaponized year on record Despite a 31% decrease in vulnerabilities compared to the high reached in 2016, last year had the most weaponized vulnerabilities ever (177), which represents a 139% increase compared to 2017 (74). Meanwhile, the percentage of vulnerabilities weaponized in 2018 (47.3%) was double compared to 2017 (20.6%) and 2016 (23.2%). Most exploits are available before a patch is 2018 also had the highest number of exploits in the wild before a patch was available (50), compared to the previous record set in 2010 (18). This represents a nearly 200% increase.
    7. Tenable Announces General Availability of Predictive Prioritization in Tenable.io
    8. Capsule8 to help Google Cloud SCC members consolidate findings and speed up response - Capsule8 provides Cloud SCC users run-time protection across their production environments through the Google Cloud Platform (GCP) Marketplace. Capsule8 is the only company providing high-performance attack protection for Linux production environments – whether containerized, virtualized, or bare metal.
    9. Evident and Okta partnership simplifies identity verification and reduces risk for businesses - Okta and Evident’s integration makes it easier and quicker for companies to efficiently verify identity to determine access to a platform, while decreasing the risks and liability associated with holding personally identifiable information (PII) by minimizing exposure to personal data.



    InfoSec World 2019: Dave Kennedy, Binary Defense