ES Episode157

From Security Weekly Wiki
Revision as of 17:30, 19 November 2019 by Johnny (talk | contribs) (→‎Episode Audio)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Recorded October 16, 2019 at G-Unit Studios in Rhode Island!

Episode Audio

Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • John Strand
    Security analyst, Founder of Black Hills Information Security, and CTO of Offensive Countermeasures.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Annoucements:

    • Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
    • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!
    • We have officially migrated our mailing list to a new platform! Sign up for the list to receive invites to our virtual trainings, webcasts, and other content relative to your interests by visiting securityweekly.com/subscribe and clicking the button to join the list! You can also submit your suggestions for guests by going to securityweekly.com/guests and submitting the form! We'll review them monthly and reach out if they are a good fit!
    • Our first-ever virtual training is happening on March 19th @11:00am ET, with Adam Kehler & Rob Harvey from Online Business Systems Risk, Security & Privacy Team. In this training you will learn how to generate a complex SHA-256 hashed password and then use password cracking tools to break it. Register for our upcoming trainings by visiting securityweekly.com, selecting the webcast/training drop down from the top menu bar and clicking registration.

    Enterprise News

    1. Okta launches offerings for threat detection and remediation - Okta is introducing two features of SecurityInsights: UserInsight, suspicious activity reporting for end-users, and HealthInsight, customized, dynamic security best practice recommendations for administrators. These end-user and administrator functionalities build on Okta’s ThreatInsight, network effect-driven protection that prevents threat actors from compromising user accounts by identifying and blocking malicious IPs pre-authentication.
    2. Tenable Extends Lumin to All Platform Customers - The Cyber Exposure score is an objective measure of cyber risk, derived through data-science based measurement of vulnerability data together with other third-party data such as threat intelligence and asset criticality. The score is automatically generated through machine learning algorithms which combine the vulnerability with its likelihood of exploitability and the related asset’s business criticality.
    3. Thoma Bravo makes $3.9 billion offer to acquire Sophos - CEO Kris Hagerman, as you would expect, put the deal in the brightest possible light. “Sophos is actively driving the transition in next-generation cybersecurity solutions, leveraging advanced capabilities in cloud, machine learning, APIs, automation, managed threat response, and more. We continue to execute a highly-effective and differentiated strategy, and we see this offer as a compelling validation of Sophos, its position in the industry and its progress,”
    4. Radware's Kubernetes WAF Enables DevOps Organizations to Develop and Deliver Applications Securely Without Compromising Agility - Radware Kubernetes WAF is currently the only solution offering an auto policy generation and optimization engine for application security in Kubernetes environments, enabling protection against known threats and zero-day attacks alike. It provides data leakage protection across web applications and APIs and gives both DevOps and Security teams unprecedented visibility including security events and policies, application telemetry, network statistics, performance and minimal latency. The solution enables single termination of TLS traffic only at the host level and thus eliminates the need to manage multiple certificates across different parties.
    5. Announcing GraphQL Security Scanning - GraphQL makes it easy to decouple user interface needs from a backend API server by offering a buffet of data and relationships without restricting the format to a specific JSON payload. Nowadays UI developers can iterate quickly, but this puts extra load on API server engineers to make a performant, and most importantly safe, GraphQL API. One huge advantage of GraphQL APIs is that they are self-documenting. Most GraphQL APIs can be introspected to pull out the types, fields, and mutations. This can make it a joy to work with a tool like GraphiQL to explore an API, but also makes it very easy to get started scanning.
    6. Signal Sciences Announces Integration with Pivotal Container Service
    7. CounterFlow AI launches ThreatEye, an open, scalable AIOps platform - Differentiators are important: “Based on an AIOps-powered platform, ThreatEye enables machine learning and artificial intelligence to go to work for security analysts and provide them instant access to the hard facts sooner,” said Randy Caldejon, chief executive and co-founder at CounterFlow AI.
    8. Acronis' integrated stack of solutions provides edge, endpoint, and data center workloads protection - Acronis Cyber Protect, integrates seven key cyber protection capabilities into one easy-to-use solution – including backup, disaster recovery, AI-based protection against malware, data authenticity certification and validation, vulnerability assessments, patch management, and remote monitoring and management.


    Topic: Tactics For Understanding Security Vendor Products


    1. Conferences - Which conferences that we attended this year provided the best insights into the security vendor landscape? What types of information can you collect by visiting trade show booths?
    2. Webcasts - There are many choices for webcasts, what are the different types and which ones are most beneficial? (e.g. Security vendor finds a practitioner to present, product and feature announcement webinars, straight up sales-focused webinars).
    3. Analysts - What information is best collected from analysts?
    4. Peers - What types of questions should you ask for a peer review and how do you select a peer?
    5. Other resources - Owler is great for keeping track of product announcements, as well as a few select blogs about the industry. Independent reviews are rare but very valuable.

    Hacker Halted Interviews

    We air three pre recorded interviews from Hacker Halted with Cathy Ullman, Joe Gray, and Jenny Radcliffe!