ES Episode57

From Paul's Security Weekly
Jump to: navigation, search

Enterprise Security Weekly #57

Recorded August 16, 2017 at G-Unit Studios in Rhode Island!

Episode Audio


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Interview: Mike Nichols, Endgame

    As the Director or Products at Endgame, Mike manages the PM team and ensures they are constantly listening to customers, researching the market, and deriving differentiated technology in order to choose the best strategic path for the company.

    1. How do you balance what customers want vs. what they really need in EDR?
    2. How do you handle the inevitable question of how EDR impacts performance and reliability?
    3. While EDR specifies "detection" what are some example of customer successes in the prevention side?
    4. EDR also incorporates response, what does Endgame do to help with response?
    5. What are some examples of the best integrations with your product?
    6. What features are the true differentiators between Endgame and the competition?

    Enterprise News

    1. STIX and TAXII: Sharing cyber threat intelligence | LookingGlass - . STIX makes it possible to explicitly characterize a cyber adversary’s motivations, capabilities, and activities, and in doing so, determine how to best defend against them. uhh. really?
    2. Integrating Wapack Labs CTAC with ThreatQ | ThreatQuotient - ThreatQuotient - Most threat intelligence providers just offer curated intelligence, meaning threat data that has gone through an analytical process to decide what should or shouldn’t be sent to customers. In contrast, the CTAC gives you direct access to the raw data which allows analysts a lot of flexibility.
    3. Public Cloud Is Most Secure: Report | SecurityWeek.Com - Alert Logic’s 2017 Cloud Security Report is based on the analysis of more than 2.2 million security incidents captured by the company’s products from more than 3,800 customers between August 2015 and January 2017.The data shows that organizations using public cloud environments have encountered, on average,
    4. To Secure Containers, Focus on the Applications | Twistlock
    5. Veracode and Research Shows Formal Education Leaves Developers Without Necessary Skills t | Hardware
    6. ServiceNow Launches Trusted Security Circles
    7. Expert Opinion Article: Best Practices for Privileged Access Management - Yea, so this is easy right? Discover all shared admin, user, application, and service accounts, SSH keys, database accounts, cloud and social media accounts, and other privileged credentials - including those used by third-parties/vendors-across your on - premise and cloud infrastructure.
    8. McAfee Announces Advanced Security for Amazon Web Services
    9. Flexera announces collaborative Software Asset Management vision to fix today's complex and broken software supply chain
    10. Rackspace Deploys RiskIQ PassiveTotal to Accelerate Investigation
    11. AWS Adds Raft of Management and Security Tools to Cloud Service

    Topic: Paul's IoC Enchanting Quadrants

    Defensive Matrix (3).png