ES Episode59

From Paul's Security Weekly
Jump to: navigation, search

Enterprise Security Weekly #59

Recorded August 30, 2017 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Michael Santarcangelo
    Founder of Security Catalyst, author of Into the Breach, and creator of the Straight Talk Framework.

  • Enterprise News

    Paul's Stories

    1. Fortinet FortiGate Virtualized Security Available for VMware Cloud on AWS
    2. Tufin Orchestration Suite R17-2 Offers Automation of Critical Firewall Tasks | Tufin
    3. Okta expands multi-factor authentication as it diversifies beyond single sign-on
    4. VMware Starts to Deliver on Cloud Promise
    5. Forcepoint Snaps Up RedOwl
    6. Gemalto Announces Data Protection Solutions for VMware Cloud on AWS
    7. Hot products at VMworld 2017
    8. AlgoSec drives digital transformation by aligning security management with business processes

    Matt's Stories

    VMWorld started Monday with a few announcements

    • VMWare to be “Cloud Switzerland”
    • VMWare on AWS out of beta
    • App Defense

    ForcePoint buys RedOwl

    Topic: Security Operations and Endpoint Protection

    • Jask.ai
    • ProtectWise
    • SecureSet
    • AutoMox

    Technical Segment: Enterprise Network Monitoring

    Twitter poll results for the best free or open-source enterprise network monitoring tools:

    --

    • @securityweekly Zabbix
    • @securityweekly Zabbix.. Looking to move from 3 to 3.2
    • @securityweekly Zabbix does the job
    • @ThomasAraneta @securityweekly I've been running 3.2 and actually quite happy with its dashboarding. It's so capabl… https://t.co/daLUSGYK46
    • @securityweekly Telegraf on Linux, for BSD still zabbix
    • @securityweekly They're all pretty awful. My xp is Zabbix, Influx, Ganglia, and a few others. Favorite is not an appropriate term.
    • @securityweekly Zabbix gets the job done but it isn't very pretty

    --

    • @securityweekly Ganglia still gets the job done

    --

    • @securityweekly Homemade python scripts.

    --

    --

    @securityweekly + No incoming connections on servers, just outgoing UDP No auth of data sources; Gotta trust fire… https://t.co/3PseVoLSuq

    @securityweekly Depends... https://t.co/6Do59FxjtO is nice (push vs pull), better for own code, but plugins avail.… https://t.co/LWfA66Vb7E

    @tmclaughbos @securityweekly Big fan of @PrometheusIO here.