ES Episode37

From Paul's Security Weekly
Jump to: navigation, search

Enterprise Security Weekly - Episode 37

Episode Audio

Recorded March 16, 2017

Interview: Michael Dalgleish, LogRhythm

Michael Dalgleish

Michael Dalgleish is an industry veteran, spending the last 15 years deeply entrenched in the network and security world. At LogRhythm, Michael has worked with and built a team of security professionals who are growing strategic relationships with our partner community and customers. When not on the road evangelizing security intelligence and SIEM to our partners, Michael spends a majority of his time learning about the latest attack vectors, kill chains and advanced evasion techniques.

Enterprise Security News

  1. Skyhigh Networks Awarded Pioneering CASB Patents for Cloud Security and Cloud Governance - The patent covers the ability for companies to automate risk evaluation, threat monitoring and policy enforcement across thousands of cloud services. and The patent covers the technology that tokenizes sensitive customer data before uploading log events to the cloud-based analytics platform for shadow-IT discover including usage analytics and anomaly detection.
  2. LookingGlass Debuts New Partner Portal - “Threat intelligence is the next frontier for security-minded partners who have historically sold cybersecurity solutions that protect the datacenter and infrastructure,” said Pete Agresta, LookingGlass Chief Revenue Officer. "We created our intuitive, flexible and accessible portal to help our partners complete daily tasks that expedite marketing, sales and technical efforts." All in, in the channel.
  3. Acunetix Jenkins Plugin provides DevOps with on the spot identification of web vulnerabilities - Acunetix - Automation FTW: The Acunetix plugin for Jenkins the popular open source Continuous Integration (CI) and automation platform, allows development and operations teams to identify and track web application vulnerabilities early on in the Software Development Life Cycle (SDLC), and crucially, before they make it into production.
  4. Cisco Cloudlock and Team Drives: A Match Made In The Cloud! - Last week during Google Next, Google’s annual cloud conference, Google released Team Drives, a new way to collaborate on Google Drive that allows multiple people to have shared access to files and folders. In Team Drive, the team members are invited and automatically see the same files and folder structure in a shared Drive environment. We’re extremely excited to announce Cisco Cloudlock’s support for Google Team Drives.
  5. Deploy Instant Virtual Patching on SecureSphere WAF with Highly Accurate Web Vulnerability Data Blog | Imperva - Wow, just wow: Zero False-Positive Web Application Vulnerability Testing and Instant and Reliable Virtual Patching they claim: High-Tech Bridge’s ImmuniWeb uses proprietary machine learning technology for intelligent automation of web vulnerability scanning, complemented by human intelligence. Web security experts from High-Tech Bridge’s SOC (High-Tech Bridge is a CREST accredited company) constantly monitor web vulnerability scanning, and intervene with manual testing for the most complicated vulnerabilities, such as flawed application logic, authentication bypass or improper access control. With this hybrid approach to web security testing, ImmuniWeb delivers a zero false-positive service level agreement (SLA) to every customer.
  6. F-Secure Buys Inverse Path - Glimmers of hope for IoT security?