ES Episode139

From Paul's Security Weekly
Jump to: navigation, search

Recorded May 29, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Annoucements:

    • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand

    • So many of the big East Coast cybersecurity tradeshows take place in crowded cities like Boston and New York, where parking is a nightmare and will cost you an arm and a leg. However, this year's Compass Cybersecurity Symposium is being held at Twin River Casino in Lincoln, RI, just 15 minutes outside of Providence! The venue has plenty of free and easy parking. Speakers include social engineering expert Chris Hadnagy and Security Weekly podcast founder Paul Asadoorian. Use the discount code "SW2019" to save $20 on registration!

    • Security Weekly will be at Hacker Halted in Atlanta, GA this October 10th-11th! EC-Council is offering our listeners a $100 discount to attend the two day conference. Use discount code HH19SW when you register or go to securityweekly.com/hackerhalted and register there! Make sure you checkout the keynote (Paul Asadoorian) and Mr. Jeff Man's talk as well!

    • Have you been trying your hardest to get a ticket to DerbyCon FinishLine?! We know that tickets sold out almost immediately, as they do almost every year, and we have an exciting announcement: Security Weekly is giving away 7 tickets to DerbyCon! Here's what you need to do - subscribe to the Security Weekly YouTube channel and send an email to sam@securityweekly.com with either a written or video testimonial about what Security Weekly means to you! That's it, it's really that simple! First 7 people to complete this will receive a ticket to DerbyCon! You will also be invited to participate in our Security Weekly DerbyCon interview series that Sam and Mark will be running at the conference!



    Enterprise News

    1. Okta Joins Forces with Secret Double Octopus - Together, Okta and Secret Double Octopus will provide employees with simple multifactor logins for desktops, the cloud, mobile apps, and any other legacy applications that a company might rely on. The move anticipates a shift to password-free solutions in the enterprise sector in the next few years.The news comes just days after Secret Double Octopus formed a similar partnership with Asigra, and indicates that demand is growing for the company’s password-free security solution. The partnership will further enhance Okta’s already robust MFA capabilities.
    2. Palo Alto buys Israeli cybersecurity firm Twistlock - This is all we know: Palo Alto Networks has acquired Israeli cybersecurity firm Twistlock, Israeli financial news websites reported on Wednesday. Israel’s The Marker said Palo Alto paid “hundreds of millions of dollars” for Twistlock, which developed a comprehensive cloud native security platform. Neither Palo Alto nor Twistlock were available for comment. Twistlock was founded in 2015.
    3. FireEye Buys Verodin in $250M Cash-and-Stock Deal - Verodin has the best solution for breach and attack simulation, though the Verodin approach is too unique to put it in a category: “Verodin gives us the ability to automate security effectiveness testing using the sophisticated attacks we spend hundreds of thousands of hours responding to, and provides a systematic, quantifiable and continuous approach to security program validation,” FireEye CEO Kevin Mandia
    4. Barracuda launches bot protection feature for firewall offerings - Adds the following features to their WAF: Bot spam detection — Reduce referrer spam and block comment spam Credential stuffing prevention — Block credential stuffing to stop account takeover attacks Request risk scoring — Track incoming requests and use advanced behavioural analytics to detect attackers Client fingerprinting — Track users with better fidelity than IP addresses Dedicated bot mitigation UI — New user interface makes it easy to configure bot mitigation features
    5. Tenable launches Nessus essentials - This is a good move for Tenable: "Nearly every cybersecurity professional has used Nessus at some point. Many even learned the fundamentals with Nessus," said Renaud Deraison, chief technology officer and co-founder, Tenable. "Our vision for Nessus Essentials is to advance the next generation of cyber professionals -- whether it's in the classroom or on the job. We're continuing to give back to the community, helping to close the security skills gap and building a foundation of cybersecurity."
    6. Tripwire Cloud Management Assessor Expands, Now Manages Secure Configuration for All Cloud Assets, from Cloud Storage to SaaS applications - Configuration auditing sounds boring, configuring things is tedious and auditing is associated with boring and tedious tasks. Back here in reality, configuration management is how security will largely be implemented moving forward, so get used to it: As an extension of Tripwire’s flagship secure configuration solution, Tripwire® Enterprise, CMA assesses cloud assets for publicly exposed data and secure configurations. CMA’s expanded coverage and new functionality allows organizations to monitor and control third-party SaaS applications such as Salesforce.com, in addition to Amazon Web Services, Azure and Google Cloud subscription accounts and cloud storage. Cloud Management Assessor helps customers determine the security state of their cloud deployments by gathering and evaluating configuration data.
    7. Intel reveals the beastly Core i9-9900KS, likely its fastest gaming chip (for real) - If you need fast processing, and not in the "cloud", this processor rules: The Core i9-9900K offers a base clock of 3.6GHz, and a boost clock of 5.0 GHz. The assumption has always been that the boost clock only applies to one core, and all of the remaining cores will be lower. It’s just that Intel doesn’t always list the clocks for all the cores.But now, with the the Core i9-9900KS, Intel says the single-core turbo boost clock will be 5GHz, and the remaining cores will also boost to 5GHz. So all eight cores will boost to 5GHz, and that’s saying something. I just built a system using Core i9-9900k for processing video (capture, conversion editing and exporting). It's ridiculously fast and not all that expensive. If you are doing security analytics work, consider building one of these systems, you will be happy.
    8. Extreme Networks Unveils IoT Security and Automated Threat Mitigation, ExtremeAI Security - Not sure how this is deployed, but enterprise switching seems really focused on the IoT threat, meanwhile WannaCry and RDP vulnerabilities (BlueKeep) run rampant in our networks. Sigh. ExtremeAI Security delivers deep visibility and detection of malicious traffic, and real-time monitoring of IoT devices for behavioral anomalies, “illuminating enterprise networks so attackers have nowhere to hide.” Through fully-automated remediation of suspicious devices and traffic, ExtremeAI Security would ensure threats are contained without manual intervention, preventing them from moving across the network.
    9. Tenable unveils new innovations for Cyber Exposure analytics - Tenable has announced new ways to prioritize vulnerabilities, taking a shot at the sub-industry created to do just that: Cyber Exposure Score: The Cyber Exposure score is an objective measure of cyber risk, derived through data science-based measurement of vulnerability data together with threat intelligence and asset criticality. The score is automatically generated through machine learning algorithms which combine the Tenable Vulnerability Priority Rating (VPR), for the likelihood of exploitability, with the Tenable Asset Criticality Rating (ACR), for the business criticality of the impacted asset. Organizations can also leverage scoring to trend improvement over time as a measure of security program effectiveness. This is a critical move for Tenable, can't wait to hear more!
    10. OneLogin Announces Partnership with Atlas Identity to Deliver Unified Access Management for the Enterprise - OneLogin, the industry leader in Unified Access Management today announced a systems integration partnership with Atlas Identity, an independent consultancy that specialises in cloud-based identity and access management (IAM) solutions. The partnership recognises Atlas Identity's vast experience and capability to deliver OneLogin and formalises Atlas Identity and OneLogin's joint commitment to providing a secure, seamless experience for organisations of all sizes, across all industries.


    Interview: Ruvi Kitov, Tufin

    Ruvi Kitov is the CEO & Founder of Tufin
    Ruvi Kitov is Chairman, CEO and Co-Founder of Tufin, the leading provider of Security Policy Orchestration solutions. Since Tufin’s founding in 2005, Ruvi has led the company through successful growth and product development, quickly gaining more than 2,000 customers among the world’s largest enterprises; Tufin is recognized as a market leader with consistent revenue growth, resulting in top rankings in the Deloitte Technology Fast 50 and other awards.

    With more than 20 years of industry experience, Ruvi previously served in key project management and development roles at Check Point Software. He graduated Cum Laude with a degree in Computer Science from the University of Maryland, College Park.

    Topic: The discussion will be on the importance of having a network-wide security policy, the fact that most companies don’t have one, and therefore lack visibility and are not compliant with regulations and even with their own policies, and finally the value that we provide with SecureTrack.


    Interview: Jack Jones, RiskLens

    Jack Jones is the Chief Risk Scientist at RiskLens
    Jack Jones has worked in technology, information security, and risk management for over thirty years. He has ten years of experience as a CISO with three different companies, including five years at a Fortune 100 financial services company. His work there was recognized in 2006 when he received the ISSA Excellence in the Field of Security Practices award at that year’s RSA conference. In 2012 Jack was honored with the CSO Compass award for leadership in risk management. He is also an adjunct professor at Carnegie Mellon University, where he teaches risk measurement and management in the CRO program. Jack is also the creator of the “Factor Analysis of Information Risk” (FAIR) framework adopted by the Open Group as an international standard. Currently, Jack is the Chief Risk Scientist at RiskLens, Inc., and Chairman of the FAIR Institute, a non-profit organization dedicated to evolving risk management practices. He has also co-authored a book on FAIR entitled “Measuring and Managing Information Risk, a FAIR Approach” which was inducted into the Cyber Security Canon in 2016.