ES Episode157

From Paul's Security Weekly
Jump to: navigation, search

Recorded October 16, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Annoucements:

    • Register for one of our upcoming webcasts with Bryce Shroeder and Barbara Kay of ServiceNow, Kevin O'Brien of GreatHorn, or Steve Laubenstein of Core Security (or all of them!) by going to securityweekly.com -> Click the webcast dropdown & Select Registration! If you have missed any of our previously recorded webcasts, you can find our on-demand library by selecting on-demand from the webcast drop down! If you attend any of our webcasts, you will receive 1 CPE credit per webcast!
    • We're currently running our annual Listener Feedback Survey! Please visit securityweekly.com -> click the survey tab & select "2019 Listener Survey" to submit your responses!
    • The new Security Weekly website is officially live! Visit securityweekly.com to check out all of our new sorting and filtering functionality! Please let us know if you find any issues or have any feedback by sending to website@securityweekly.net
    • Paul will be providing his insights & predictions in the information & cyber security space at a local (ISC)2 RI Chapter Meeting on Monday, November 18th @ Gregg's Restaurant in Providence. If you would like to join us, go to securityweekly.com/isc2ri

    Enterprise News

    1. Okta launches offerings for threat detection and remediation - Okta is introducing two features of SecurityInsights: UserInsight, suspicious activity reporting for end-users, and HealthInsight, customized, dynamic security best practice recommendations for administrators. These end-user and administrator functionalities build on Okta’s ThreatInsight, network effect-driven protection that prevents threat actors from compromising user accounts by identifying and blocking malicious IPs pre-authentication.
    2. Tenable Extends Lumin to All Platform Customers - The Cyber Exposure score is an objective measure of cyber risk, derived through data-science based measurement of vulnerability data together with other third-party data such as threat intelligence and asset criticality. The score is automatically generated through machine learning algorithms which combine the vulnerability with its likelihood of exploitability and the related asset’s business criticality.
    3. Thoma Bravo makes $3.9 billion offer to acquire Sophos - CEO Kris Hagerman, as you would expect, put the deal in the brightest possible light. “Sophos is actively driving the transition in next-generation cybersecurity solutions, leveraging advanced capabilities in cloud, machine learning, APIs, automation, managed threat response, and more. We continue to execute a highly-effective and differentiated strategy, and we see this offer as a compelling validation of Sophos, its position in the industry and its progress,”
    4. Radware's Kubernetes WAF Enables DevOps Organizations to Develop and Deliver Applications Securely Without Compromising Agility - Radware Kubernetes WAF is currently the only solution offering an auto policy generation and optimization engine for application security in Kubernetes environments, enabling protection against known threats and zero-day attacks alike. It provides data leakage protection across web applications and APIs and gives both DevOps and Security teams unprecedented visibility including security events and policies, application telemetry, network statistics, performance and minimal latency. The solution enables single termination of TLS traffic only at the host level and thus eliminates the need to manage multiple certificates across different parties.
    5. Announcing GraphQL Security Scanning - GraphQL makes it easy to decouple user interface needs from a backend API server by offering a buffet of data and relationships without restricting the format to a specific JSON payload. Nowadays UI developers can iterate quickly, but this puts extra load on API server engineers to make a performant, and most importantly safe, GraphQL API. One huge advantage of GraphQL APIs is that they are self-documenting. Most GraphQL APIs can be introspected to pull out the types, fields, and mutations. This can make it a joy to work with a tool like GraphiQL to explore an API, but also makes it very easy to get started scanning.
    6. Signal Sciences Announces Integration with Pivotal Container Service
    7. CounterFlow AI launches ThreatEye, an open, scalable AIOps platform - Differentiators are important: “Based on an AIOps-powered platform, ThreatEye enables machine learning and artificial intelligence to go to work for security analysts and provide them instant access to the hard facts sooner,” said Randy Caldejon, chief executive and co-founder at CounterFlow AI.
    8. Acronis' integrated stack of solutions provides edge, endpoint, and data center workloads protection - Acronis Cyber Protect, integrates seven key cyber protection capabilities into one easy-to-use solution – including backup, disaster recovery, AI-based protection against malware, data authenticity certification and validation, vulnerability assessments, patch management, and remote monitoring and management.


    Topic: Tactics For Understanding Security Vendor Products


    1. Conferences - Which conferences that we attended this year provided the best insights into the security vendor landscape? What types of information can you collect by visiting trade show booths?
    2. Webcasts - There are many choices for webcasts, what are the different types and which ones are most beneficial? (e.g. Security vendor finds a practitioner to present, product and feature announcement webinars, straight up sales-focused webinars).
    3. Analysts - What information is best collected from analysts?
    4. Peers - What types of questions should you ask for a peer review and how do you select a peer?
    5. Other resources - Owler is great for keeping track of product announcements, as well as a few select blogs about the industry. Independent reviews are rare but very valuable.

    Hacker Halted Interviews

    We air three pre recorded interviews from Hacker Halted with Cathy Ullman, Joe Gray, and Jenny Radcliffe!