ES Episode135

From Paul's Security Weekly
Jump to: navigation, search

Recorded May 1, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Lee Neely
    is a Sr. Cyber Analyst at LLNL,SANS Analyst, SANS NewsBites Editor
  • Annoucements:

    • We just released our 2019 Security Weekly 25 Index Survey. Please go to securityweekly.com and click the Survey link to help us understand who's evaluating, using, or formerly used any of the Security Weekly 25 companies. The results will be summarized and presented back to all responders in a private webcast.


    Interview: Jay Prassl, Automox - Patch Management Struggles (And How To Overcome Them)

    Jay Prassl
    is the CEO of Automox.
    A self-described “Nerd with a big mouth” Jay is an 18-year startup veteran specialized in pre-IPO, hyper-competitive environments with a focus on new technology introduction, partner/customer acquisition. VP of Sales and Marketing at SolidFire (sold to NTAP), LeftHand Networks (sold to HPQ), Hewlett Packard.
    • What are IT and security teams struggling with the most in terms of patch management?
    • We don't have a well-defined patch management strategy because...?
    • How do you prioritize and automate the patching process? What are the benefits?
    • Tell us about patching data, what data can we collect and how could we use it?
    • The intersection of SecOps and IT Management
    • We have patch management today, but how do we distribute it and manage it? How does the cloud help?


    Enterprise News

    1. ThreatConnects New Features Make Creating Security Playbooks Easier for All Users - App Builder is a unique feature that allows developer-minded users increased control in an environment that they’re used to working in. Additionally, with a built-in debugger, a user can code, debug, and release without setting up a separate environment. and Because typical Playbooks go through dozens of versions, now users can manage them effectively. With version control users can continuously improve their Playbooks while not losing site of past iterations over time.
    2. Security Innovation to Deliver Expert Blockchain Training at BlackHat USA
    3. SolarWinds Acquires Passportal for MSP Password Management as a Service
    4. Secureworks launches new cybersecurity analytics app
    5. CyberX IIoT security app now available on Cortex security platform - IIoT and industrial control system (ICS) security company CyberX has announced the availability of its IIoT/ICS Asset Visibility & Threat Monitoring App on Cortex, an open and integrated AI-based continuous security platform. Building on Cortex allows Palo Alto Networks Cortex partners to use normalised and stitched together data from customers’ entire enterprises to build cloud-based apps that constantly deliver cybersecurity capabilities to joint customers.
    6. SolarWinds adds password management to security portfolio - SolarWinds today announced that it has launched SolarWinds Passportal suite—a unified set of password management and privileged client knowledge management tools, adding to its IT security product portfolio. SolarWinds CEO Kevin Thompson says, “The new SolarWinds Passportal product suite will give IT service providers the ability to more effectively manage and secure the broad range of IT ecosystems under their purview.
    7. BeyondTrust Research Discovers that 81 Percent of Critical Microsoft Vulnerabilities Mitigated by Removing Admin Rights
    8. Checkpoint Systems announces HALO IOT platform - The HALO platform captures data events from every connected sensor across a retailer’s supply chain. This data is then stored, processed and analysed in near real-time to deliver targeted, actionable insights viewed via the HALO portal and intelligent actions delivered directly to associates’ mobile devices. This enables users to view relevant key events, make well-informed decisions and drive tasks that will improve processes and increase performance. Organisational tasks and mobile task alerts can be generated automatically, using machine learning and artificial intelligence, or by manual input.
    9. ImmuniWeb unveils free website security test
    10. Black Hat USA Offers an Inside Look at Intel's Security Engine - Low-level firmware attacks are a pernicious problem in cybersecurity, and this August the team at Intel will be at Black Hat USA to share an inside look at how their Converged Security and Manageability Engine (CMSE) is built to thwart them.
    11. Security Operations Firm Red Canary Raises $34 Million
    12. 60 percent of enterprise codebases contain open-source vulnerabilities

    Interview: Joshua Abraham, Praetorian - MITRE Attack Framework For The Enterprise (Defenders)

    Joshua Abraham
    does tactical and strategic service offerings for Praetorian.
    Josh is a key member of the technical execution team. In this capacity, he is responsible for leading, directing, and executing client-facing engagements that include Praetorian’s tactical and strategic service offerings. Prior to joining Praetorian, Josh spent six years at Rapid7 where he helped build the company’s professional services division, defined the firm’s core methodologies, and trained new employees on the latest hacking techniques.

    Over the years, Josh has become a well-known resource for his contributions to the information security space. An avid researcher and presenter, Josh has spoken at numerous conferences including BlackHat, Def Con, ShmooCon, Derby Con, BSides, The SANS Pentest Summit, Infosec World, SOURCE Barcelona, CSI, OWASP, LinuxWorld and Comdex.

    Josh has a contributed to numerous open source security projects and is a respected security resource to the media and has been quoted by news outlets such as ComputerWorld, DarkReading, and SC Magazine. Josh holds a BS in Computer Science from Northeastern University.

    Contributed a good deal to Metasploit in the past.



    References: