Difference between revisions of "ESWEpisode177"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
(Added By Paul's Craptastic PPWorks Code)
Line 32: Line 32:
  
 
</p>
 
</p>
= News - Enterprise News  =
 
<!-- 
 
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 
-->
 
{|style="width: 100%;margin: auto; " cellpadding="10"
 
 
|-
 
|<p>'''Description:'''<br><br> Enterprise News TBD</p>
 
 
 
 
|}
 
 
 
==[https://twitter.com/@maldermania Matt Alderman]'s Content: ==
 
[[Image:MattAlderman-0.png|50px|thumb|left]]
 
<br>
 
{{Template:ESW177NewsMatt Alderman}}
 
 
==[https://twitter.com/@securityweekly Paul Asadoorian]'s Content: ==
 
[[Image:Paul_Asadoorian-0.png|50px|thumb|left]]
 
<br>
 
{{Template:ESW177NewsPaul Asadoorian}}
 
 
 
 
= Interview: Keeping Systems Secure...From Home - 6:00-6:45PM =
 
= Interview: Keeping Systems Secure...From Home - 6:00-6:45PM =
 
<!--   
 
<!--   
Line 94: Line 69:
 
 
 
|}
 
|}
 +
 +
= News - Threat Stack, Qualys, StackRox, Sysdig  =
 +
<!-- 
 +
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 +
-->
 +
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
 +
|-
 +
|<p>'''Description:'''<br><br> How to Write an Automated Test Framework in a Million Little Steps, Qualys remote endpoint protection solution helps enterprises secure remote workforces, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams and more!</p>
 +
 +
 +
 +
|-
 +
|<p>'''Content:'''<br><br> https://blog.sonatype.com/owasp-security-knowledge-framework
 +
https://www.threatstack.com/blog/how-to-write-an-automated-test-framework-in-a-million-little-steps
 +
https://www.ixiacom.com/company/blog/microsoft-exchange-flaw-cve-2020-0688-still-affecting-130k-public-facing-servers
 +
https://www.helpnetsecurity.com/2020/03/25/qualys-remote-endpoint-protection/
 +
http://www.globalsecuritymag.com/Sumo-Logic-Selects-StackRox-to,20200318,96788.html
 +
http://www.globalsecuritymag.com/Portshift-Announces-Kubei,20200323,96931.html
 +
http://www.globalsecuritymag.com/Sysdig-Provides-the-First-Cloud,20200324,96978.html
 +
http://www.globalsecuritymag.com/Kaspersky-Security-for-Microsoft,20200325,96995.html
 +
https://www.helpnetsecurity.com/2020/03/23/windows-zero-days/ </p>
 +
 +
|}
 +
 +
 +
==[https://twitter.com/@maldermania Matt Alderman]'s Content: ==
 +
[[Image:MattAlderman-0.png|50px|thumb|left]]
 +
<br>
 +
{{Template:ESW177NewsMatt Alderman}}
 +
 +
==[https://twitter.com/@securityweekly Paul Asadoorian]'s Content: ==
 +
[[Image:Paul_Asadoorian-0.png|50px|thumb|left]]
 +
<br>
 +
{{Template:ESW177NewsPaul Asadoorian}}
 +
  
 
= Interview: Windows Exploits, Re-Training Your Security Solutions - 6:00-6:45PM =
 
= Interview: Windows Exploits, Re-Training Your Security Solutions - 6:00-6:45PM =

Revision as of 18:20, 25 March 2020

Enterprise Security Weekly Episode 177 - 2020-03-25

Episode Audio

Enterprise Security Weekly Episode 177

Announcements

  • Register for our upcoming webcasts and virtual trainings by visiting securityweekly.com selecting the webcast/training drop down from the top menu bar and clicking registration. In our next webcast with Synopsys we will cover "Better, Faster, More Secure Code By Combining SAST and SCA" with Utsav Sanghani, their Senior Product Manager.
  • CyberSecurity Exchange Day hosted by OSHEAN and the Pell Center was originally scheduled for Wednesday, March 18th and has currently been postponed. The new date is still TBD and we will keep you posted as soon as we hear more!
  • SecureWorld Boston was scheduled for March 25th & 26th at the Hynes Convention Center. The event has been postponed until further notice. We will keep you in the loop as soon as we know more!
  • InfoSecWorld 2020 was originally scheduled for March 30 - April 1, 2020 at the Disney Contemporary Resort! This conference has been rescheduled for June 22nd-24th due to COVID-19. Security Weekly listeners still save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!

Interview: Keeping Systems Secure...From Home - 6:00-6:45PM

Description:

The cybersecurity challenges created by remote workforces and what it takes to deliver security to remote workers while avoiding impacting business operations. How do you continue vulnerability and patch management across endpoints and servers when everyone is working from home?

Content:

Media alert: https://www.qualys.com/company/newsroom/news-releases/usa/qualys-offers-free-remote-endpoint-protection-solution/ Blog: https://blog.qualys.com/technology/2020/03/24/free-remote-endpoint-protection-solution-secures-remote-workforces-with-one-click

Guest: Bio:
Sumedh Thakar is Chief Product Officer at Qualys
As Chief Product Officer at Qualys, Sumedh oversees worldwide engineering, development and product management for the Qualys software-as-a-service (SaaS) platform and integrated suite of security and compliance applications. A core systems and database engineer, Sumedh started at Qualys in 2003, architecting and delivering Qualys' PCI compliance platform to meet the Payment Card Industry (PCI) Data Security Standard (DSS) requirements. Today, more than 69 percent of ASVs and 50 percent of QSAs worldwide use Qualys PCI to perform PCI DSS certification.

Hosts

Matt Alderman - CEO at Security Weekly
Paul Asadoorian - Founder & CTO at Security Weekly

News - Threat Stack, Qualys, StackRox, Sysdig

Description:

How to Write an Automated Test Framework in a Million Little Steps, Qualys remote endpoint protection solution helps enterprises secure remote workforces, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams and more!


Content:

https://blog.sonatype.com/owasp-security-knowledge-framework

https://www.threatstack.com/blog/how-to-write-an-automated-test-framework-in-a-million-little-steps https://www.ixiacom.com/company/blog/microsoft-exchange-flaw-cve-2020-0688-still-affecting-130k-public-facing-servers https://www.helpnetsecurity.com/2020/03/25/qualys-remote-endpoint-protection/ http://www.globalsecuritymag.com/Sumo-Logic-Selects-StackRox-to,20200318,96788.html http://www.globalsecuritymag.com/Portshift-Announces-Kubei,20200323,96931.html http://www.globalsecuritymag.com/Sysdig-Provides-the-First-Cloud,20200324,96978.html http://www.globalsecuritymag.com/Kaspersky-Security-for-Microsoft,20200325,96995.html

https://www.helpnetsecurity.com/2020/03/23/windows-zero-days/


Matt Alderman's Content:

MattAlderman-0.png


Template:ESW177NewsMatt Alderman

Paul Asadoorian's Content:

Paul Asadoorian-0.png


  1. OWASP Security Knowledge Framework
  2. How to Write an Automated Test Framework in a Million Little Steps | Threat Stack
  3. Microsoft Exchange Flaw CVE-2020-0688 Still Affecting 130K Public-Facing Servers | Ixia
  4. Free Qualys remote endpoint protection solution helps enterprises secure remote workforces - Help Net Security
  5. Sumo Logic Selects StackRox to Protect Its Cloud-Native Applications and Services
  6. Portshift Announces Kubei Container Runtime Scanning Software with Launch of its Open Source Initiative
  7. Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering
  8. Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams
  9. Windows users under attack via two new RCE zero-days - Help Net Security


Interview: Windows Exploits, Re-Training Your Security Solutions - 6:00-6:45PM

Description:

Tod Beardsley, research director, will discuss some of the trends in Internet scanning and attacker behavior given there are new Windows vulnerabilities and the workforce working from home. Should you re-train your User Behavior Analytics (UBA) and/or rely on other technologies?

Guest: Bio:
Tod Beardsley is Director of Research at Rapid7
Tod Beardsley is the Director of Research at Rapid7. He has over 30 years of hands-on security experience, stretching from in-band telephony switching to modern IoT implementations. He has held IT Ops and Security positions in large organizations such as 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Today, Tod directs the security research program at Rapid7, is a frequent speaker at industry conferences, is a CVE Board member, and is a contributing author to a number of research papers produced by Rapid7.

Hosts

Matt Alderman - CEO at Security Weekly
Paul Asadoorian - Founder & CTO at Security Weekly