Difference between revisions of "ESWEpisode184"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
(Added By Paul's Craptastic PPWorks Code)
 
Line 131: Line 131:
  
 
We are used to dealing with phishing attacks via email and business email compromises. What happens when the attackers shift to other forms of communication? Phishing attacks against messaging services, for example, have a different threat profile that many are not prepared to address.
 
We are used to dealing with phishing attacks via email and business email compromises. What happens when the attackers shift to other forms of communication? Phishing attacks against messaging services, for example, have a different threat profile that many are not prepared to address.
 +
 +
To learn more, visit https://get.armorblox.com/enterprisesecurityweeklyshow.
  
  

Latest revision as of 13:13, 21 May 2020

Enterprise Security Weekly Episode #184 - May 20, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. News - Acquisition-Mania, SaltStack Breaches, & RSAC 2021 - 12:30 PM-01:00 PM


Announcements

  • Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
  • Join the Security Weekly Mailing List & receive your invite to our community Discord server by visiting securityweekly.com/subscribe and clicking the button to join the list!

Description

RSA Conference 2021 Changes Date from February to May 2021, Docker partners with Snyk on container image vulnerability scanning, Venafi acquires Jetstack to bring together developer speed and enterprise security, Onapsis expands assessments for its Business Risk Illustration service, Volterra launches VoltShare to simplify the process of securely encrypting confidential data end-to-end, and more!


Hosts

John Strand's Content:

Articles

Matt Alderman's Content:

Articles

Paul Asadoorian's Content:

Articles

  1. Advent's $1.9b Forescout acquisition fails to materialize
  2. Docker partners with Snyk on container image vulnerability scanning - SiliconANGLE
  3. SaltStack: 20 Breaches Within Four Days
  4. Illumio Pushes Segmentation, Zero-Trust to App Teams - SDxCentral
  5. Anchore Scanning for Windows Container Images Anchore
  6. Announcing Our State of Software Security: Open Source Edition Report
  7. FireEye unveils Cloudvisory: A multicloud security control centre
  8. SolarWinds' new solution provides upgraded CMDB model and increased security for enterprises - Help Net Security
  9. Venafi acquires Jetstack to bring together developer speed and enterprise security - Help Net Security
  10. Nehemiah Security Risk Quantifier 4.0: Modeling shared risks across business lines - Help Net Security
  11. Swimlane Analyst Hub: Increasing access to educational content and open-source tools - Help Net Security
  12. Volterra launches VoltShare to simplify the process of securely encrypting confidential data end-to-end - Help Net Security
  13. Onapsis expands assessments for its Business Risk Illustration service - Help Net Security
  14. Code Analysis Company SonarSource Acquires RIPS Technologies | SecurityWeek.Com
  15. VMware to Acquire Kubernetes Security Firm Octarine | SecurityWeek.Com


2. Interview - Managing Enterprise Security Assessments - 01:00 PM-01:30 PM


Visit https://securityweekly.com/plextrac for more information!


Announcements

  • Layer 8 is Going Virtual! The conference will still be held on Saturday June 6th. Security Weekly listeners save $20 on their ticket by visiting layer8conference.com and using the promo code "SecurityWeekly" before selecting your ticket type! Please consider supporting Layer8 or one of their partner organizations when purchasing your ticket! Some of the Security Weekly team will be in our own channel on the Layer8 Discord server answering questions and possibly doing some contests!

Description

Whether it's an external red team, internal red team, vulnerability scanning data, or a self-assessment questionnaire, results from all of these different types of assessments must be tracked and managed. Dan from Plextrac will walk you through how to track and manage all of these activities in one place!

To learn more about PlexTrac or to claim your Free Month, visit: https://securityweekly.com/plextrac



Guest(s)

Dan DeCloss

Dan DeCloss is the Founder and CEO of PlexTrac and has over 15 years of experience in Cybersecurity. Dan started his career in the Department of Defense and then moved on to consulting where he worked for various companies including serving as a Principal Consultant for Veracode on the penetration testing team. Dan's background is in application security and penetration testing, involving hacking networks, websites, and mobile applications for clients. He has also served as a Principal Security Engineer for the Mayo Clinic and a Sr. Security Advisor for Anthem. Prior to PlexTrac, Dan was the Director of Cybersecurity for Scentsy where he and his team built the security program out of its infancy into a best-in-class program. Dan has a master’s degree in Computer Science from the Naval Postgraduate School with an emphasis in Information Security. Additionally, Dan holds the OSCP and CISSP certifications. Dan has a passion for helping everyone understand cybersecurity at a practical level, ensuring that there is a good understanding of how to reduce their overall risk.


Hosts

3. Interview - Dealing With Phishing Attacks Outside of Email - 01:30 PM-02:00 PM


Announcements

  • Learn how hidden vulnerabilities lead to application compromise in our next webcast with Snyk! Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

In this segment we'll discuss why email security is still not a solved problem and how now that people are increasingly working from home, it poses an increased risk. We'll also share some interesting attacks that we've uncovered in the past several weeks since the beginning of shelter-in-place.


We are used to dealing with phishing attacks via email and business email compromises. What happens when the attackers shift to other forms of communication? Phishing attacks against messaging services, for example, have a different threat profile that many are not prepared to address.

To learn more, visit https://get.armorblox.com/enterprisesecurityweeklyshow.


Guest(s)

DJ Sampath

Dhananjay Sampath is the Co-founder & CEO of Armorblox. Prior to Armorblox, he was the VP of Engineering and a founding team member of StackRox, a Sequoia backed startup. Dhananjay was a senior research scientist at Deutsche Telekom labs, where he was responsible for the secure digital transformation of telcos to a cloud-native, software-defined stack. Prior to that, he was at Juniper Networks and introduced machine-driven classification to the Unified Threat Management platform. Dhananjay graduated from UC Santa Cruz with a Ph.D. in Computer Engineering. His work on Compact Routing Protocols was funded by grants from DARPA/DoD/ARO.


Hosts