ES Episode25

From Security Weekly Wiki
Jump to navigationJump to search

Episode Audio

Enterprise Security Announcements

"Quick announcement, ITProTV has updated their course library with new courses. Upcoming courses include Cybersecurity Analyst+, CCNA Cyber Ops, ITIL Operational Support and Analysis, Penetration Testing, Ethical Hacking v9. ITProTV is introducing a new membership level. All current Premium Members will be granted the highest membership level available, so ​sign up today! Visit​ and use code ​ ES30."

Technical Applications: Interview with Don Pezet, ITPro.TV

Meet the CTO and host of ITPro.TV, Don Pezet. Don has been working in IT for over 18 years. He has also been training and hosting educational content for over 12 years. He is a certified trainer with many vendors, including Microsoft and Cisco. His combination of real-world experience, textbook knowledge, and a questionable sense of humor have helped him to entertain and educate thousands of people.

  • Certifications: A+, Network+, Security+, CVE, CCNA, CCNP, JNCIA, JNCIS, PMP, HP Master ASE, MCP, MCT, MCSE, MCSA, MCTS and MCITP
Don Pezet from ITPro.TV.
Don Pezet from ITPro.TV.

Interview Topic:

Filling the IT Security Skills Gap - Which skills are most lacking in enterprise security today? Why? How much does this impact the security program? How can we best fill the skills gap? (Examples: Windows Active Directory, Web Application Security, Malware analysis/reverse engineering)

Enterprise Security News

  1. Ixia Delivers Unprecedented Visibility into Virtual Data Center Traffic - Nicely done: Ixia CloudLens vPB is a packet processor that can be deployed in a virtual infrastructure to aggregate, filter, deduplicate, and distribute virtual traffic to security and performance monitoring tools, such as an intrusion protection, detection or data loss prevention system. I need this in my life.
  2. Partner Spotlight: Faster Threat Intelligence With Palo Alto Networks - Well done, this looks like something I would actually use. You can read this and see an example of how it actually works! More of this please!
  3. BRIEF-SSH Communications Security to cut 25 jobs globally - My guess is the PIM market is taking over, putting smaller players like SSH Communications who have a niche product, in a tough spot.
  4. $500 million cybersecurity firm Darktrace downplayed rumours it's considering an IPO - If they took $90 million, and claim a $500 million valuation, why do they need to IPO? If the product actually works, they should be selling it. Why not take another round to fund sales? This seems fishy as Darktrace claims to be one of the UK's busiest startups.
  5. Tufin Orchestration Suite R16-3 - Network Security Policy Management - Tufin Orchestration Suite R16-3 allows Palo Alto Networks customers to maximize both security and agility. Tufin Orchestration Suite delivers end-to-end change automation of network security policies across heterogeneous networks, including built-in risk analysis to proactively address policy violations. I really don't buy the whole "single pane of glass", sure there is a console with dashboards, but its still confusing. How can you analyze risk, or better yet, how does this help me analyze risk? I can see the use case though, I make one small firewall rule change, how does that affect the overall health and security of the network? I believe this is the problem statement, but have yet to see anything that would help.
  6. Juniper Networks Acquires AppFormix - Hosting Journalist - Applying machine learning technology, AppFormix redefines telemetry and operations management across software-defined infrastructures and application software layers. Wow, like what does this mean? "My lady humps, I don't even know what that means" "No one knows what it means, but its provocative". All I know is you need orchestration to manage all of your containers, and this seems to provide you with a management layer on top of orchestration like OpenStack or Kubernetes. Yup, my brain hurts too, but we will be dissecting this more in upcoming shows.
  7. HP shutting down default FTP, Telnet access to network printers - Could this be the path that leads us to salvation when it comes to IoT in the enterprise? Just how do we turn off all of those services when you have thousands of devices all using a different management platform? The real question is how much risk am I assuming?