From Paul's Security Weekly
Recorded May 29, 2019 at G-Unit Studios in Rhode Island!
- Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
- OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
- We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
- Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.
- Okta Joins Forces with Secret Double Octopus - Together, Okta and Secret Double Octopus will provide employees with simple multifactor logins for desktops, the cloud, mobile apps, and any other legacy applications that a company might rely on. The move anticipates a shift to password-free solutions in the enterprise sector in the next few years.The news comes just days after Secret Double Octopus formed a similar partnership with Asigra, and indicates that demand is growing for the company’s password-free security solution. The partnership will further enhance Okta’s already robust MFA capabilities.
- Palo Alto buys Israeli cybersecurity firm Twistlock - This is all we know: Palo Alto Networks has acquired Israeli cybersecurity firm Twistlock, Israeli financial news websites reported on Wednesday. Israel’s The Marker said Palo Alto paid “hundreds of millions of dollars” for Twistlock, which developed a comprehensive cloud native security platform. Neither Palo Alto nor Twistlock were available for comment. Twistlock was founded in 2015.
- FireEye Buys Verodin in $250M Cash-and-Stock Deal - Verodin has the best solution for breach and attack simulation, though the Verodin approach is too unique to put it in a category: “Verodin gives us the ability to automate security effectiveness testing using the sophisticated attacks we spend hundreds of thousands of hours responding to, and provides a systematic, quantifiable and continuous approach to security program validation,” FireEye CEO Kevin Mandia
- Barracuda launches bot protection feature for firewall offerings - Adds the following features to their WAF: Bot spam detection — Reduce referrer spam and block comment spam Credential stuffing prevention — Block credential stuffing to stop account takeover attacks Request risk scoring — Track incoming requests and use advanced behavioural analytics to detect attackers Client fingerprinting — Track users with better fidelity than IP addresses Dedicated bot mitigation UI — New user interface makes it easy to configure bot mitigation features
- Tenable launches Nessus essentials - This is a good move for Tenable: "Nearly every cybersecurity professional has used Nessus at some point. Many even learned the fundamentals with Nessus," said Renaud Deraison, chief technology officer and co-founder, Tenable. "Our vision for Nessus Essentials is to advance the next generation of cyber professionals -- whether it's in the classroom or on the job. We're continuing to give back to the community, helping to close the security skills gap and building a foundation of cybersecurity."
- Tripwire Cloud Management Assessor Expands, Now Manages Secure Configuration for All Cloud Assets, from Cloud Storage to SaaS applications - Configuration auditing sounds boring, configuring things is tedious and auditing is associated with boring and tedious tasks. Back here in reality, configuration management is how security will largely be implemented moving forward, so get used to it: As an extension of Tripwire’s flagship secure configuration solution, Tripwire® Enterprise, CMA assesses cloud assets for publicly exposed data and secure configurations. CMA’s expanded coverage and new functionality allows organizations to monitor and control third-party SaaS applications such as Salesforce.com, in addition to Amazon Web Services, Azure and Google Cloud subscription accounts and cloud storage. Cloud Management Assessor helps customers determine the security state of their cloud deployments by gathering and evaluating configuration data.
- Intel reveals the beastly Core i9-9900KS, likely its fastest gaming chip (for real) - If you need fast processing, and not in the "cloud", this processor rules: The Core i9-9900K offers a base clock of 3.6GHz, and a boost clock of 5.0 GHz. The assumption has always been that the boost clock only applies to one core, and all of the remaining cores will be lower. It’s just that Intel doesn’t always list the clocks for all the cores.But now, with the the Core i9-9900KS, Intel says the single-core turbo boost clock will be 5GHz, and the remaining cores will also boost to 5GHz. So all eight cores will boost to 5GHz, and that’s saying something. I just built a system using Core i9-9900k for processing video (capture, conversion editing and exporting). It's ridiculously fast and not all that expensive. If you are doing security analytics work, consider building one of these systems, you will be happy.
- Extreme Networks Unveils IoT Security and Automated Threat Mitigation, ExtremeAI Security - Not sure how this is deployed, but enterprise switching seems really focused on the IoT threat, meanwhile WannaCry and RDP vulnerabilities (BlueKeep) run rampant in our networks. Sigh. ExtremeAI Security delivers deep visibility and detection of malicious traffic, and real-time monitoring of IoT devices for behavioral anomalies, “illuminating enterprise networks so attackers have nowhere to hide.” Through fully-automated remediation of suspicious devices and traffic, ExtremeAI Security would ensure threats are contained without manual intervention, preventing them from moving across the network.
- Tenable unveils new innovations for Cyber Exposure analytics - Tenable has announced new ways to prioritize vulnerabilities, taking a shot at the sub-industry created to do just that: Cyber Exposure Score: The Cyber Exposure score is an objective measure of cyber risk, derived through data science-based measurement of vulnerability data together with threat intelligence and asset criticality. The score is automatically generated through machine learning algorithms which combine the Tenable Vulnerability Priority Rating (VPR), for the likelihood of exploitability, with the Tenable Asset Criticality Rating (ACR), for the business criticality of the impacted asset. Organizations can also leverage scoring to trend improvement over time as a measure of security program effectiveness. This is a critical move for Tenable, can't wait to hear more!
- OneLogin Announces Partnership with Atlas Identity to Deliver Unified Access Management for the Enterprise - OneLogin, the industry leader in Unified Access Management today announced a systems integration partnership with Atlas Identity, an independent consultancy that specialises in cloud-based identity and access management (IAM) solutions. The partnership recognises Atlas Identity's vast experience and capability to deliver OneLogin and formalises Atlas Identity and OneLogin's joint commitment to providing a secure, seamless experience for organisations of all sizes, across all industries.
Interview: Ruvi Kitov, Tufin
With more than 20 years of industry experience, Ruvi previously served in key project management and development roles at Check Point Software. He graduated Cum Laude with a degree in Computer Science from the University of Maryland, College Park.
Topic: The discussion will be on the importance of having a network-wide security policy, the fact that most companies don’t have one, and therefore lack visibility and are not compliant with regulations and even with their own policies, and finally the value that we provide with SecureTrack.
- Why Network Complexity Kills Security
- Network segmentation: secure your network and enable attack containment
- 7 reasons to take a policy-centric approach to IT and Security
- Mind the Gap: Automate Compliance Gap Assessments to Drive Security
- A Survival Guide for Enterprise Security Policy Compliance
Interview: Jack Jones, RiskLens