ES Episode29

From Security Weekly Wiki
Jump to navigationJump to search

Episode Audio

Enterprise Security Announcements

"Quick announcement, ITProTV has updated their course library with new courses. Upcoming courses include Cybersecurity Analyst+, CCNA Cyber Ops, ITIL Operational Support and Analysis, Penetration Testing, Ethical Hacking v9. ITProTV is introducing a new membership level. All current Premium Members will be granted the highest membership level available, so ​sign up today! Visit​ and use code ​ ES30."

Interview: Zane Lackey, Signal Sciences

Zane Lackey, Signal Sciences
"Zane Lackey, Signal Sciences"

Zane Lackey is the Founder/Chief Security Officer at Signal Sciences and serves on the Advisory Boards of the Internet Bug Bounty Program and the US State Department-backed Open Technology Fund. Prior to Signal Sciences, Zane was the Director of Security Engineering at Etsy and a Senior Security Consultant at iSEC Partners.

Enterprise Security News

  1. Sopra Steria : ThreatQuotient Announces New Partnership with Sopra Steria - "A Threat Intelligence Platform helps C-Level executives to integrate Security Operations feedback into their risk analysis and strategic planning activities." comments Anthony Perridge, Regional Director for ThreatQuotient(TM). "Companies need more and more Intelligence driven services like the Threat Intelligence Platform. I strongly believe that classical Managed SOC offers will disappear in the near future and will be replaced by Intelligence Driven SOC offers focused on threat defence and fighting adversaries."
  2. SyferLock Announces Technology Alliance with OpenIAM to Provide Software-Based Authentication for OpenIAMs Identity and Access Management Solutions - SyferLock’s patented, software-based two-factor / multi-factor authentication solutions provide next generation One-Time Passwords/PINs (OTPs) for secure access to computers, networks and the Internet. SyferLock has engineered an enhanced authentication methodology and system using device-less OTPs that provides users with a simple, more secure way to access information leveraging their existing passwords.
  3. Bromium Secure Platform Assembles Endpoint Sensors for Enterprise Security - Cyber Parse - Cyber Security and Information Security - This actually sounds pretty solid: when an attack takes place in a Bromium Micro-VM, full forensic information is made available to the Bromium Secure Platform. That means the system is aware of the specific registry entry that was changed and what the malware attempted to do. The Secure Platform’s database is then queried in real-time to see if any other sensor has ever seen anything similar. Bromium Secure Platform is also able to help defend Windows Server infrastructure as well. Crosby said that the plan is to add Linux server support in the future. On servers, privilege escalation and memory based malware are increasingly common. Bromium sensors will define external processes that might process data, that comes from an un-trusted source. Those processes are then tracked, with Bromium’s platform looking for potential risky behaviors.
  4. RiskSense Unveils Multi-Client Dashboard That Enables Managed Service Providers to Deliver Outsourced Cyber Risk Management :: :: - the pioneer and market leader in pro-active cyber risk management, today announced RiskSense Platform 7.0. The new release includes a Multi-Client Dashboard that enables Managed Security Service Providers (MSSP) to deliver risk management offerings that align a client's vulnerability management priorities to focus on the most serious threats posed to their business operations.
  5. CloudPassage Announces Slack Integration for Halo - <-- Nifty
  6. Shavlik Announces Availability of Application Manager for System Center Configuration Manager (SCCM)
  7. RiskIQ Deepens Digital Threat Mitigation Capabilities | Acquires Maccabim