Difference between revisions of "ES Episode132"

From Security Weekly Wiki
Jump to navigationJump to search
Line 41: Line 41:
= Enterprise News =
= Enterprise News =
= InfoSec World 2019: Patrick Tierney, Endgame & Dave Kennedy, Binary Defense =

Revision as of 17:54, 5 April 2019

Recorded April 10, 2019 at G-Unit Studios in Rhode Island!


  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Jeff Man
    Infosec analyst
    Pioneering ex-NSA pen tester
    PCI specialist
    Tribe of Hackers
    InfoSec Curmudgeon
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Annoucements:

    • We just released our 2019 Security Weekly 25 Index Survey. Please go to securityweekly.com and click the Survey link to help us understand who's evaluating, using, or formerly used any of the Security Weekly 25 companies. The results will be summarized and presented back to all responders in a private webcast.

    Interview: Rebecca Larson and Mike Weber, Coalfire

    Mike Weber is the Vice President of Coalfire

    Mike Weber is responsible for the oversight of Coalfire Labs operations, including penetration testing, application security assessments, forensics, and research and development. He leads a team of over 70 security professionals focused on offensive security services and compliance testing.
    Mike has 20 years of experience in senior security positions in various technical fields, including enterprise security planning, network engineering, vulnerability and risk assessment, penetration testing, system administration, and programming.
    Prior to joining Coalfire, Mike was the FSO and Director of Information Security Services at Critigen and CH2M HILL and served on a contract basis as the Deputy Chief Information Security Officer for the state of Colorado. Previously, he held positions including Computer Security Manager at the Department of Energy’s Rocky Flats Environmental Technology Site and as a programmer and QA specialist at Via Systems.

    Rebecca Larson is the Director, Vulnerability Assessment Operations ofCoalfire

    Beck is a twice-awarded Director of the CoalfireOne Scanning Services team within the Labs practice at Coalfire – she earned Team Member of the Quarter for successfully navigating the company’s annual ASV Lab in 2015 and was recognized as a Rising Star within the Labs organization at Hexacon 2018. She is responsible for all things ASV-related at Coalfire, including ensuring that Coalfire maintains its company-level ASV licensure by passing the PCI SSC’s validation Lab annually, maintaining Coalfire’s ASV staff, and ensuring satisfaction across Coalfire’s vulnerability scanning client base. She has been heavily invested in helping redesign and support the new CoalfireOne Scanning Platform, launching in Q2 of 2019.

    Coalfire ASV Scanning:

    • ASV program (love, praise, struggle)
    • ASV regulations
    • Development and growth of scanning, 1-5 person team, partnership, marketing position
    • How Jeff and Beck know each other
    • Published opinion piece, getting knowledge, supporting the industry
    • Scan platform
    • RISE - movement inthe company, coalfire programs, development at Coalfire
    • Limitations of scanning, pen testing?
    • Coalfire labs
    • PA QSA
    • Assessment of Payment Software, validating solutions, secure software development framework

    Enterprise News

    1. Cloud security company Bitglass raises $70M in late-stage round - SiliconANGLE
    2. Lockpath Announces Significant Updates to Keylight Platform
    3. TrustBuilder Identity Hub introduces simple, scalable access management for Docker
    4. Pulse Secure Announces Collaboration with New Strategic Authorized Education Partners
    5. RedSeal raises more than $60 million for its cybersecurity tools
    6. Google expands cloud security capabilities, including simpler configuration
    7. Sysdig Unites Cloud-Native Visibility and Security in Platform Update

    InfoSec World 2019: Patrick Tierney, Endgame & Dave Kennedy, Binary Defense