From Paul's Security Weekly
Recorded June 5, 2019 at G-Unit Studios in Rhode Island!
- We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcasts by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand
- We need your help in a survey we are running for research purposes for an upcoming webcast. How mature is your process automation for your various security capabilities? Please visit securityweekly.com/fivestagesofautomationmaturity to submit your responses to our 5 Stages of Automation Maturity Survey! We'll share the results in a webcast in November!
Interview: Charles Thompson, Viavi
Topic: Charles will discuss the importance of response/remediation in a strong security strategy and the role wire-data plays in having the forensic detail needed to identify a breach, understand scope of impact, and confirm restoration of network performance to pre-incident baseline.
Topic Segment: Defending Your Environment Against Major Microsoft Vulnerabilities
Discussion point before we begin: What defines a "major" Microsoft vulnerability?
- Discovery - Scoping the problem is just one part of determining just how big of a problem you have if you even have a problem at all. The discovery must be an ongoing process, constantly looking for the known bad states, notifying the right people, and implementing a fix. This also means both externally and internally, whatever that means to you today.
- Temporary Countermeasures - These can vary, but should be considered a when Microsoft has a "major vulnerability", it is more likely attackers will go after this weakness vs. others.
- Be Resilient - This is extremely hard for large enterprises today, most of which have legacy systems and architecture that prevents them from moving fast. The faster you can build an environment, test a patch or fix, deploy it to production, the more resilient you become. I realize that various levels of resiliency may exist in your environment, keep focused on your most critical assets and most sensitive data first.
- I'd want two things - If I were to be in charge of defending a Windows environment, I'd want two capabilities: 1) The ability to run scenarios through the environment at any time, pointing out exposures. For major MS vulnerabilities, there would be a constant simulation running identifying the exposure 2) Configuration management would be critical to my plans, the ability to safely make a change across an environment with 10,000+ systems exists, and I'd want it.
Security Product Announcements
- Database Security for Amazon RDS
- Infoblox unveils simplified security platform to detect and stop cyber threats
- Palo Alto Networks launches new 'Prisma' cloud security suite
- CyberX Launches First Open Development Environment (ODE) for Securing IoT/ICS Devices Running Proprietary Protocols
- Sophos Intercept X Endpoint Protection
- Morphisec Announces Version 3.5 at Infosecurity Europe 2019 with New Unified Security Center for End-to-End Visibility Across All Blocked Attacks
- Securonix Partner Program Targets MSSPs
- Thycotic Expands Enterprise-Grade Privileged Access Management-as-a-Service Solution
- SecureAuth Innovates Secure Identity Management with its Intelligent Identity Cloud Service
Security Company Acquisitions
- Flexera Acquires RISC Networks
- Security stays hot as Imperva grabs Distil Networks
- Palo Alto Networks Announces Intent to Acquire Two Companies to Extend Its Cloud Security Leadership