From Paul's Security Weekly
Jump to: navigation, search

Startup Security Weekly #55

Recorded September 15, 2017 at G-Unit Studios in Rhode Island!


  • Michael Santarcangelo
    Founder of Security Catalyst, author of Into the Breach, and creator of the Straight Talk Framework.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Announcements

    • Go to and use the code SS30 to try it FREE for 7 days, and receive 30% off your monthly memebership for the lifetime of your active subscription. To learn more about ITProTV's team solution, sign up for a free demo of their supervisor portal.
    • SANS HackFest, November 13-20, in Bethesda, MD (Washington, DC area). HackFest is SANS’s most offense-focused training event of the year; it includes the two-day Summit, three nights of NetWars with Coin-A-Palooza, one night of CyberCity missions, and a super-secret challenge, all alongside nine courses taught by their top Pen Test course authors and instructors. The HackFest Summit, November 13-14, is two days of informative and technical talks curated by SANS Fellow and friend of the podcast, Ed Skoudis. Paul will be presenting a talk titled, “How to Defend Against Penetration Testers...and Win.” Register at Security Weekly listeners can save $300 off the two-day HackFest Summit by using discount code Hackfest17 at registration.
    • Check out Endgame's webcast coming up Tuesday, September 19, 2017 from 4-5pm EDT. Endpoints are a breeding ground for malware and malicious payloads seeking to do all sorts of nasty things inside your network. When determining which product will be the most successful for you, what do you find most important to consider: detection rates, deployment capabilities, scope, maintenance, resilience, or a mix of all? Register for this webcast to hear Paul Asadoorian, John Strand, and Mike Nichols weigh in on endpoint detection, protection, and response! Go to to register for the webcast.
    • BSidesCT is a day-long information security conference in Southington, Connecticut on October 7th, 2017. They have an exciting lineup of speakers and a challenging CTF waiting for you to take your best shot. Due to an incredible response, general admission tickets are currently sold out. However, a waitlist is available through EventBrite. If you sign up through the link at, you will be alerted as tickets become available. However, Sponsorship packages, which include tickets, are still available. Please visit them at to check it out!

    Interview: Jason Brvenik, NSS Labs

    Jason Brvenik
    Chief Technology Officer of NSS Labs.

    Jason Brvenik brings more than 20 years of experience in systems design, integration, and security for both commercial and open markets. He was most recently a Principal Engineer in the Office of the Chief Security Architect at Cisco, a role he assumed after the $2.7 billion acquisition of Sourcefire in 2013. Prior to Cisco Jason was a Fellow and Vice President of Security Strategy at Sourcefire. As Chief Technology Officer (CTO), he will further build out the company’s security testing programs and cyber threat protection technologies to address the many gaps that exist in security today. Brvenik joined NSS Labs to drive the company’s unique opportunity to improve the overall state of security for the industry, given its independent third-party testing model and approach to security strategy, and bring out “truth in security” for buyers when evaluating vendors. During his 11 years at Sourcefire, Brvenik served as a Fellow and Vice President of Security Strategy, and previously managed field technical staff across the Americas as senior director of technical services. Given his experience creating secure manageable systems in a variety of scale and form, he also served as Sourcefire’s principal technologist, ensuring that technical solutions could scale to meet customers’ security requirements. Jason is a recognized security thought leader by leading publications such as Bloomberg Businessweek, Fortune, Network World, Information Security Magazine, and a bevy of other technical trade and business publications. He is a frequent speaker, including RSA Conference, as well as many government and industry verticals where he has helped the industry more broadly adopt groundbreaking security strategies.

    Startup Articles & Discussion

    Startup & Security Notes of Interest

    AppGuard raised $30M Series B

    CashShield raises $5.5M Series A

    Securonix raised $29M in Equity Round

    Startup Journey Updates

    Michael's Updates

    • Straight Talk on Identifying Value Proposition workshop launched; it's an approach for teams and is gaining traction in the enterprise space, especially higher education
    • Straight Talk Coaching and Advisory taking shape, too
    • Refining the message; it's the "brain audit" sequence that follows (and sometimes comes before) the category work

    Michael's Writing

    Getting ready to transition my column to a new home. And getting ready to get back to regular writing for my own blog. Maybe even some writing for security weekly.