ES Episode88

From Paul's Security Weekly
Jump to: navigation, search

Enterprise Security Weekly #88

Recorded April 25, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Annoucements:

    • Go to itpro.tv/securityweekly and use the code Secweekly30 to try it FREE for 7 days, and receive 30% off your monthly membership for the lifetime of your active subscription.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
    • Check out SOURCE Boston 2018 from May 9th - 10th! Go to sourceconference.com and register using the code SW75WMKW to get a $75 discount!

    Interview: Eddy Bobritsky and Lenny, Minerva Labs

    Eddy Bobritsky
    is the Founder and CEO of Minerva Labs
    Cyber and Information Security Expert with 13+ years of experience. After 7 years in different cyber units at the Israeli Defense Forces (IDF), Eddy was self-employed, senior consultant for the defense and finance industries, leading country level cyber security projects. During the military service as an officer, he and Minerva’s CTO Erez Breiman led the largest endpoint protection project in Israel. Eddy understands the cyber security world inside and out, and is passionate about creating disruptive innovations. Eddy’s main goal is to 'keep things simple' in order to help businesses operate seamlessly, which is why he started Minerva Labs. Eddy has Master's degree in Business Management and Information Technology.















    Lenny Zeltser
    is the VP of Products for Minerva Labs
    Lenny is a seasoned business and tech leader with extensive experience in information security. Prior to joining Minerva Labs, Lenny served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. He is also a senior instructor at SANS Institute. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.


    Tech Segment: Eyal Neemany, Javelin Networks

    Eyal NeemanySr. Cyber Security Researcher at Javelin-Networks
    Eyal will describe and explain how AD Domain Trusts and Forest Trusts works, and how they can leverage by attackers to hop from one domain to another, after the compromise of the first domain.

    1) Recon to map the domain forest trusts

    2) Recon to hunt cross-domain admins

    3) Stealing credentials of the cross-domain admins

    4) Lateral Movement and compromising of additional domains.

    The topic for this discussion will be about how we can improve testing for endpoint security solutions. There are two different levels of testing:

    1. Testing solutions during an evaluation stage
    2. Testing deployed solutions to ensure they are working and monitoring the gaps in coverage

    Enterprise News

    1. RSA Spotlight: VMware And Sophos Discuss Latest Innovations - VMware is continuing to build its name in the security space with updates to its AppDefense application, a product that protects workloads by monitoring them against their intended state. AppDefense initially supported applications running on vSphere-based virtualized and cloud environments, and has now been expanded to containers.
    2. Tackle Five Top Security Operations Challenges With Threat Intelligence - More than 80 percent of cybersecurity professionals polled by SANS (PDF) say that threat intelligence is providing them value. Most organizations are seeing value simply by aggregating massive volumes of global threat data into a central repository for sharing.
    3. Fortinet receives recommended rating in NSS Labs latest advanced endpoint protection test report - Highly skeptical, and not of Fortinet, but how the tests were conducted: In this year’s test, which included a record 20 vendors, FortiClient demonstrated a 100% block rate on exploits, document and script-based malware, as well as web and offline threats, with zero false positives
    4. Showcases Latest Products to Protect Data Security at IP Expo Manchester - latest products and features built on the Varonis Data Security Platform, including Varonis Edge, which extends data security from the core to the perimeter by analyzing devices such as DNS, VPN, and web proxies to detect security events, such as brute-force attacks, DNS tunnelling and credential stuffing.
    5. Twitter bans Kaspersky Lab from advertising on its platform
    6. SANS Experts Share Five Most Dangerous New Attack Techniques - The five threats outlined are: 1. Repositories and Cloud Storage Data Leakage 2. Big Data Analytics, De-Anonymization, and Correlation 3. Attackers Monetize Compromised Systems Using Crypto Coin Miners 4. Recognition of Hardware Flaws 5. More Malware and Attacks Disrupting ICS and Utilities Instead of Seeking Profit
    7. WinMagic survey Finds Most Companies Wont be Ready for EU GDPR Legislation on 25th May - Only half (51%) of companies say they have all the systems in place that will allow them to remove EU Citizen data from servers upon the request, including back-ups, in accordance with Articles 16 & 17 of GDPR. Worryingly, a fifth (21%) do not yet have any systems in place.
    8. Survey: Endpoints Still Vulnerable to Breaches Despite Advancements in Antivirus Technologies - Minerva Labs announced the results of a survey of 600 IT security professionals which found endpoint security solutions are failing to provide adequate protections to address today’s security threats, specifically malware. A majority of the respondents surveyed indicated a heightened concern of a major malware breach in the coming year and acknowledged that they require more than an antivirus (AV) solution on the endpoint to combat the rising threat.
    9. Oracle NetSuite Looks to Bring AI to SMBs

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+