A behavior analytics company has a new release, endpoint security for vulnerabilities and threats, outsource your threat hunting, get with the flow on your network, and waiting in the wings to get bought. PLus John and I discuss security training for the enterprise, what will work work best for you?
"Quick announcement, ITProTV has updated their course library to include CCNA Security, CEH v9, Metasploit, and Red Hat Linux"
Enterprise Security News
- http://www.marketwired.com/press-release/exabeam-30-delivers-advanced-system-architecture-detect-respond-non-human-insider-threats-2161624.htm - So there is this: "Automated machine accounts are the ultimate wolf in sheep's clothing for a hacker," said Nir Polak, CEO of Exabeam. "These accounts have access to sensitive information, are almost never monitored, and are growing at an exponential rate. To handle this threat, we've created an entirely new architecture that adds scale-out flexibility to our patented stateful tracking." but then this is what really got me: At a customer site, Exabeam 3.0 was the only security solution that detected DNS tunneling, attaching to Tor networks, and rogue authentication requests to directory services
- https://community.rapid7.com/community/nexpose/blog/2016/09/28/live-monitoring-for-endpoints - This is actually pretty neat: The same agent is used for all solutions on the Insight Platform, including Nexpose Now and InsightIDR, so you only need a single endpoint agent for both vulnerability management and endpoint threat detection.
- http://finance.yahoo.com/news/sqrrl-wipro-partner-deliver-threat-110000640.html - If you want to outsource threat hunting, there are no shortage of options. Questions: 1) Should you? 2) Rather than a one-off, are you doing this on a regular basis? 3) Is this job best suited to be done by a 3rd party or externally?
- http://www.eweek.com/small-business/webroot-boosts-security-strength-with-cyberflow-acquisition.html - Holy marketing Batman: Adding the FlowScape network behavioral analytics solution extends Webroot's leadership in machine learning-based cyber-security to the network layer. As malware is now overwhelmingly polymorphic and advanced persistent threats (APTs) mask their activities within everyday network noise, SaaS-based FlowScape adversarial analytics and unsupervised machine learning enables Webroot to further reduce time to classify and address threats. This is a good trend though? Combine endpoint management with network anomaly detection?
- http://www.finanznachrichten.de/nachrichten-2016-09/38670126-imperva-inc-why-imperva-stock-is-going-nuts-today-344.htm - Imperva, who once was the market leader in terms of cool appsec tech, is a hold on buying the product or the stock.
Topic: Security Training For Enterprises
- What are your goals?
- Why should you train?
- Who should you train?
- What topics and programs are the most effective?
- What if people get training then leave?
- Should you train in specific vendor solutions? Which ones? Why?
- SANS - We have a long history
- Other training?
- OnDemand vs. Virtual vs. Live