ES Episode89

From Paul's Security Weekly
Jump to: navigation, search

Enterprise Security Weekly #89

Recorded May 2, 2018 at G-Unit Studios in Rhode Island!

Episode Audio


Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Annoucements:

    • Go to itpro.tv/securityweekly and use the code WEBINAR30 to try it FREE for 7 days, and receive 30% off your monthly membership for the lifetime of your active subscription.
    • Check out our On-Demand material! Some of our previously recorded webcasts are now available On-Demand at: securityweekly.com/ondemand.
    • Check out SOURCE Boston 2018 from May 9th - 10th! Go to sourceconference.com and register using the code SW75WMKW to get a $75 discount!
    • Ticket Sales are open for Social Engineering RI Conference. Saturday, June 16th at Salve Regina University in Newport RI. Go to - http://se-ri.org/ to register! Patrick Laverty will be joining us for an interview next week. Stay tuned to hear more about this conference!

    Enterprise News

    1. Cisco Sets New Standard for Production Grade Kubernetes, Enabling Enterprises to Confidently Deliver Technology Innovation Faster with AppDynamics and Cisco CloudCenter
    2. Intent based networking: turning intentions into reality with network security policy management - For example, the AlgoSec solution can automatically discover applications, as well as the connectivity flows that support them and the security policies associated with them, across heterogeneous environments (on-premise networks, SDN and cloud) and provides a detailed network map of applications.
    3. Fortinet Now Part of IBM Security New X-Force Threat Management Services - Working with IBM Security on X-Force Threat Management Services enables both organizations to further provide mutual customers with unprecedented threat insight, attack detection and prevention, and an integrated defense-in-depth strategy designed to seamlessly span across an organization’s entire attack surface.
    4. LogRhythm & Mimecast fuse email security & next-gen SIEM - Joint customers are now able to access LogRhythm’s advanced correlation and security analytics through email security data from Mimecast’s cloud service. The companies say that the combination of email security data with LogRhythm security data and business context is able to improve overall threat detection related to email and other IT systems.
    5. Swimlane Augments Security Orchestration, Automation and Response With Vmray Integration - Swimlane, a leader in security automation and orchestration (SAO), announced today integration with VMRay, a leading provider of advanced threat analysis and detection. The integration between Swimlane and VMRay helps customers rapidly inspect and classify potentially malicious files at scale, performing deep malware analysis and automating the incident response process for faster and more efficient advanced threat protection.
    6. ServiceNow snaps up VendorHawk to help its customers manage their SaaS spending - “Companies buy a lot of software they don’t end up using,” Lowndes told GeekWire in an interview last year. “We help companies use what they bought, save money where possible, and plan smarter for the future.”
    7. Juniper enhances cybersecurity platform - To give security teams a simplified and comprehensive view of threats and enable one-click mitigation, Juniper Networks SRX Series Next-Generation Firewalls now feed directly into the Advanced Threat Prevention (ATP) Appliance. This integration enables the aggregation and correlation of security events from various Juniper and third-party sources into a consolidated timeline view of all threats in the network, and allows security teams to teams prioritize critical alerts and mitigate threats with one click.
    8. Second wave machine learning from Cylance: lightweight and effective endpoint protection - In fact, its ML model is in line with DARPA‘s definition of second wave machine-learning algorithm – this article contains a full description of the DARPA ML wave definitions and what constituent parts make up the second wave. Second wave, according to the article: Statistical learning. Machines perform probabilistic decisions, classifying and predicting data – but the context of those decisions is not “understood” by the machine.

    Interview: Adam Gordon, ITProTV

    Adam Gordon
    Entertainer at ITProTV.
    Not too long ago, rock star legend Jimi Hendrix posed the important question, “are you experienced,” foreshadowing the birth of one of the most expert Microsoft experts in the history of experts, Adam Gordon. Holding 160 certifications and counting, Adam’s encyclopedia of knowledge is only rivaled by his massive, and quite ridiculous, collection of socks. Adam’s 30+ years as an IT instructor in the private and public sectors are fueled by his passion for gobbling down espresso like a college kid downing beers at Oktoberfest. His long hair and assortment of bracelets are a memento of his days working in the music industry, rubbing shoulders with celebrities in exclusive European clubs, but he now lives the quiet, married life in South Florida, teaching and traveling with his wife and two daughters. Learn all things Microsoft with Adam and stay updated on the latest trends in sock fashion live and on-demand with ITProTV.


    Tech Segment: Jeff Man, RSA Vendor Wrap-up

  • Jeff Man
    Cryptanalyst,
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist,
    Tribe of Hackers, & InfoSec Curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.

  • Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+