From Paul's Security Weekly
Recorded June 5, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020 and click the register button to register with our discount code!
- Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to securityweekly.com/rsac2020 and use our code to register!
- Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting securityweekly.com, selecting the webcast drop down from the top menu bar and clicking registration.
Interview: Charles Thompson, Viavi
Topic: Charles will discuss the importance of response/remediation in a strong security strategy and the role wire-data plays in having the forensic detail needed to identify a breach, understand scope of impact, and confirm restoration of network performance to pre-incident baseline.
Topic Segment: Defending Your Environment Against Major Microsoft Vulnerabilities
Discussion point before we begin: What defines a "major" Microsoft vulnerability?
- Discovery - Scoping the problem is just one part of determining just how big of a problem you have if you even have a problem at all. The discovery must be an ongoing process, constantly looking for the known bad states, notifying the right people, and implementing a fix. This also means both externally and internally, whatever that means to you today.
- Temporary Countermeasures - These can vary, but should be considered a when Microsoft has a "major vulnerability", it is more likely attackers will go after this weakness vs. others.
- Be Resilient - This is extremely hard for large enterprises today, most of which have legacy systems and architecture that prevents them from moving fast. The faster you can build an environment, test a patch or fix, deploy it to production, the more resilient you become. I realize that various levels of resiliency may exist in your environment, keep focused on your most critical assets and most sensitive data first.
- I'd want two things - If I were to be in charge of defending a Windows environment, I'd want two capabilities: 1) The ability to run scenarios through the environment at any time, pointing out exposures. For major MS vulnerabilities, there would be a constant simulation running identifying the exposure 2) Configuration management would be critical to my plans, the ability to safely make a change across an environment with 10,000+ systems exists, and I'd want it.
Security Product Announcements
- Database Security for Amazon RDS
- Infoblox unveils simplified security platform to detect and stop cyber threats
- Palo Alto Networks launches new 'Prisma' cloud security suite
- CyberX Launches First Open Development Environment (ODE) for Securing IoT/ICS Devices Running Proprietary Protocols
- Sophos Intercept X Endpoint Protection
- Morphisec Announces Version 3.5 at Infosecurity Europe 2019 with New Unified Security Center for End-to-End Visibility Across All Blocked Attacks
- Securonix Partner Program Targets MSSPs
- Thycotic Expands Enterprise-Grade Privileged Access Management-as-a-Service Solution
- SecureAuth Innovates Secure Identity Management with its Intelligent Identity Cloud Service
Security Company Acquisitions
- Flexera Acquires RISC Networks
- Security stays hot as Imperva grabs Distil Networks
- Palo Alto Networks Announces Intent to Acquire Two Companies to Extend Its Cloud Security Leadership