Difference between revisions of "PSWEpisode641"

From Security Weekly Wiki
Jump to navigationJump to search
(Added By Paul's Craptastic PPWorks Code)
 
Line 1: Line 1:
''Recorded March 27, 2020 at G-Unit Studios in Rhode Island!''
+
 
 +
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
= Paul's Security Weekly Episode 641 - 2020-02-24 =
  
 
==Episode Audio==
 
==Episode Audio==
<!-- <div align="center">
 
{{#widget:SoundCloud
 
|id=496965687
 
|width=75%
 
|height=100
 
|color=660202
 
|visual=false
 
}}
 
</div> -->
 
  
=== Hosts ===
+
<!-- 
{{Template:Paul}}
+
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
{{Template:Matt}}
+
-->
{{Template:Jeff}}
+
 
<br><br>
+
<p>[https://securityweekly.com Paul's Security Weekly Episode 641]</p>
 +
 
 +
== Announcements ==
 +
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
<p>
 +
 
 +
<ul style="margin-left: 50px;">
 +
 +
<li>Is your Open Source code secure?  Learn how to verify your code during development, not after the build in our next webcast with Synopsys. Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand. Each webcast will earn you 1 CPE credit that we will submit on your behalf if you provide your ISC2 number.</li>
 +
 +
<li>Join us at InfoSecWorld 2020 - June 22nd-24th at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!</li>
 +
 +
<li>OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!</li>
 +
 +
</ul>
 +
 
 +
</p>
 +
= News - Cool Things We Found At RSAC 2020  =
 +
<!-- 
 +
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 +
-->
 +
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
 
 +
|<center>{{#ev:youtube|9oyJIxi6G8o }}</center>
 +
 
 +
|-
 +
|<p>'''Description:'''<br><br> We found some cool stuff at RSAC 2020!</p>
 +
 
 +
 
 +
 
 +
|-
 +
|<p>'''Content:'''<br><br> We found some cool topics, themes, companies and ideas, including:
  
= Announcements =
+
- Kuberenetes - Lots of talk about securing Kuberenetes.
{{Template:Announcements}}
+
- Fuzzbuzz - Unit testing and fuzzing applied to security, found a startup doing it!
 +
- CyCognito - Cool stuff, especially the image tracing.
 +
- Cool startup we want to bring on the show called Isovalant.
 +
- We learned a little about eBPF, its not a kernel module, its part of the code itself. It provides you with more than just network data and cilium is a tecnology that allows you to access eBFP.
 +
- Sysmon is really cool and to the point where you don't need to rely on an endpoint EDR to get information about Windows systems.
 +
- There was a cool company Threatlocker, doing a briefing to get more, but they can protect applications on Windows systems with some unique whitelisting, prevent process injection.
 +
- You could apply these to protect Sysmon
 +
</p>
  
 +
|}
  
= Interview:  -  6:00-7:00PM =
+
<!-- [[File:Gabriel Gumbs2.jpg|right|250px|thumb|<center>'''[https://twitter.com/GabrielGumbs Gabriel Gumbs]'''is the VP of Product Management at [https://www.spirion.com/ Spirion]</center>]] __>
+
==[https://twitter.com/@MrJeffMan Jeff Man]'s Content: ==
 +
[[Image:Jeff_Man_2-0.jpg|50px|thumb|left]]
 
<br>
 
<br>
<!-- <center>{{#ev:youtube|iPHM80z9D9k}}</center>-->
+
{{Template:PSW641NewsJeff Man}}
 +
 +
==[https://twitter.com/@maldermania Matt Alderman]'s Content: ==
 +
[[Image:MattAlderman-0.png|50px|thumb|left]]
 +
<br>
 +
{{Template:PSW641NewsMatt Alderman}}
 +
 +
==[https://twitter.com/@securityweekly Paul Asadoorian]'s Content: ==
 +
[[Image:Paul_Asadoorian-0.png|50px|thumb|left]]
 +
<br>
 +
{{Template:PSW641NewsPaul Asadoorian}}
 +
  
= Tech Segment: - 6:45PM-7:30PM =
+
= Interview: Protect Ya Data - 6:00-6:45PM =
<!-- [[File:MarkCooper.jpg|right|250px|thumb|<center>'''[https://twitter.com/thepkiguy Mark Cooper]'''is the President & Founder at [https://www.pkisolutions.com/ PKI Solutions].</center>]] -->
+
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
 
 +
|<center>{{#ev:youtube|wZp5qwNf8gg }}</center>
 +
 
 +
|-
 +
|<p>'''Description:'''<br><br> Gabriel Gumbs and the Security Weekly crew discuss strategies for protecting your data. We will explore practical use-cases for needing to manage access and protect your data as it pertains to security and compliance. Protect what matters most. Visit https://securityweekly.com/spirion for more information.</p>
 +
 
 +
|}
 +
{|style="width: 100%;margin: auto; " cellpadding="5"
 +
 
 +
|'''Guest:'''
 +
|'''Bio:'''
 +
|-
 +
 +
|[[Image:GabeGumbs-0.jpg|200px|thumb|<center>'''[https://twitter.com/@GabrielGumbs Gabe Gumbs]''' is Chief Innovation Officer at Spirion</center>]]
 +
 +
|Gabriel Gumbs is the VP of Product Management at Spirion where his focus is on the strategy and technology propelling Spirion’s rapidly-growing security platform. A cybersecurity industry veteran with a 19 year tenure in CyberSecurity, he has spent much of that time as a security practitioner, aligning security innovations with business objectives for Fortune 100 organizations. Gabriel is an information security thought leader, privacy advocate and public speaker.
 +
|-
 +
 
 +
|}
 +
==Hosts==
 +
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
 
 +
{|style="width: 100%;margin: auto; " cellpadding="1"
 +
 +
|[[Image:MattAlderman-0.png|100px|thumb|<center>[https://twitter.com/@maldermania Matt Alderman]  - CEO at Security Weekly</center>]]
 +
 +
|[[Image:Paul_Asadoorian-0.png|100px|thumb|<center>[https://twitter.com/@securityweekly Paul Asadoorian]  - Founder & CTO at Security Weekly</center>]]
 +
 +
|}
 +
 
 +
= Interview: Tales From The Crypt...Analyst - 6:00-6:45PM =
 +
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
 
 +
|<center>{{#ev:youtube|uIVagbVf71c }}</center>
 +
 
 +
|-
 +
|<p>'''Description:'''<br><br> There are many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working for the US Government out of NSA. The building where they worked was called "The Pit". Jeff Man sits with us for this segment to talk about, where he can, the history and events that transpired during his tenure with the NSA.</p>
 +
 
 +
|}
 +
{|style="width: 100%;margin: auto; " cellpadding="5"
 +
 
 +
|'''Guest:'''
 +
|'''Bio:'''
 +
|-
 +
 +
|[[Image:JeffMan2-0.jpg|200px|thumb|<center>'''[https://twitter.com/@mrjeffman Jeff Man]''' is Information Security Evangelist at Online Business Systems</center>]]
 +
 +
|Respected Information Security advocate, advisor, evangelist, international speaker, keynoter, host of Security & Compliance Weekly, co-host on Paul's Security Weekly, Tribe of Hackers, TOH Red Team, and currently serving in a Consulting/Advisory role for Online Business Systems. Nearly 40 years of experience working in all aspects of computer, network, and information security, including cryptography, risk management, vulnerability analysis, compliance assessment, forensic analysis and penetration testing. Certified NSA Cryptanalyst. Previously held security research, management and product development roles with the National Security Agency, the DoD and private-sector enterprises and was part of the first penetration testing "red team" at NSA. For the past twenty years, has been a pen tester, security architect, consultant, QSA, and PCI SME, providing consulting and advisory services to many of the nation's best known companies.
 +
|-
 +
 
 +
|}
 +
==Hosts==
 +
<!-- 
 +
************************* DO NOT EDIT THIS SECTION. THIS IS AUTO-GENERATED BY PPWORKS. YOUR CHANGES WILL BE LOST! ***************************
 +
-->
 +
 
 +
{|style="width: 100%;margin: auto; " cellpadding="1"
 +
 +
|[[Image:Jeff_Man_2-0.jpg|100px|thumb|<center>[https://twitter.com/@MrJeffMan Jeff Man]  - Sr. InfoSec Consultant at Online Business Systems</center>]]
 +
 +
|[[Image:MattAlderman-0.png|100px|thumb|<center>[https://twitter.com/@maldermania Matt Alderman]  - CEO at Security Weekly</center>]]
 +
 +
|[[Image:Paul_Asadoorian-0.png|100px|thumb|<center>[https://twitter.com/@securityweekly Paul Asadoorian]  - Founder & CTO at Security Weekly</center>]]
 +
 +
|[[Image:Scott_Lyons-0.jpg|100px|thumb|<center>[https://twitter.com/@Csp3r Scott Lyons]  - CEO at Red Lion</center>]]
 +
 +
|}
 +
 
 +
= Fullaudio - None  =
 +
<!-
 +
************************* MAKE CHANGES IN THE TEMPLATES BELOW! ***************************
 +
-->
 +
{|style="width: 100%;margin: auto; " cellpadding="10"
 +
 
 +
|-
 +
|<p>'''Description:'''<br><br> This week, live from RSAC 2020, we interview our very own Jeff Man! There are many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working for the US Government out of NSA. The building where they worked was called "The Pit". Jeff Man sits with us for this segment to talk about, where he can, the history and events that transpired during his tenure with the NSA! In our second segment, Gabriel Gumbs and the Security Weekly crew discuss strategies for protecting your data. We will explore practical use-cases for needing to manage access and protect your data as it pertains to security and compliance. Protect what matters most! In the final segment, Paul, Matt, and Scott talk all new thoughts, ideas, and findings from the RSA Conference 2020!
 +
 
 +
Visit https://www.securityweekly.com/psw for all the latest episodes!
 +
Visit https://securityweekly.com/spirion for more information.
 +
 +
Visit https://securityweekly.com</p>
 +
 
 +
 
 +
 
 +
|}
 +
 
 +
 +
==[https://twitter.com/@MrJeffMan Jeff Man]'s Content: ==
 +
[[Image:Jeff_Man_2-0.jpg|50px|thumb|left]]
 +
<br>
 +
{{Template:PSW641FullaudioJeff Man}}
 +
 +
==[https://twitter.com/@maldermania Matt Alderman]'s Content: ==
 +
[[Image:MattAlderman-0.png|50px|thumb|left]]
 
<br>
 
<br>
 
+
{{Template:PSW641FullaudioMatt Alderman}}
= Interview: Gabe Gumbs, [https://securityweekly.com/spirion Spirion] - 7:30-8:30PM =
+
[[File:Gabriel Gumbs2.jpg|right|250px|thumb|<center>'''[https://twitter.com/GabrielGumbs Gabriel Gumbs]'''is the VP of Product Management at [https://www.spirion.com/ Spirion]</center>]] Gabriel Gumbs is the VP of Product Management at Spirion where his focus is on the strategy and technology propelling Spirion’s rapidly-growing security platform. A cybersecurity industry veteran with a 19 year tenure in CyberSecurity, he has spent much of that time as a security practitioner, aligning security innovations with business objectives for Fortune 100 organizations. Gabriel is an information security thought leader, privacy advocate and public speaker.
+
==[https://twitter.com/@securityweekly Paul Asadoorian]'s Content: ==
 +
[[Image:Paul_Asadoorian-0.png|50px|thumb|left]]
 
<br>
 
<br>
 
+
{{Template:PSW641FullaudioPaul Asadoorian}}
 +
 +
==[https://twitter.com/@Csp3r Scott Lyons]'s Content: ==
 +
[[Image:Scott_Lyons-0.jpg|50px|thumb|left]]
 
<br>
 
<br>
{{SocialMedia}}
+
{{Template:PSW641FullaudioScott Lyons}}

Latest revision as of 14:27, 9 April 2020

Paul's Security Weekly Episode 641 - 2020-02-24

Episode Audio

Paul's Security Weekly Episode 641

Announcements

  • Is your Open Source code secure? Learn how to verify your code during development, not after the build in our next webcast with Synopsys. Register for our upcoming webcasts or virtual trainings by visiting securityweekly.com/webcasts. You can also access our on-demand library of previously recorded webcasts/trainings by visiting securityweekly.com/ondemand. Each webcast will earn you 1 CPE credit that we will submit on your behalf if you provide your ISC2 number.
  • Join us at InfoSecWorld 2020 - June 22nd-24th at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code or the schedule button to sponsor a micro-interview!
  • OSHEAN and the Pell Center are partnering together to present Cybersecurity Exchange Day on Wednesday, March 18th from 9am-3pm at Salve Regina University in the beautiful Newport, RI! Visit securityweekly.com/OSHEAN2020 to register for free and come join in the fun!

News - Cool Things We Found At RSAC 2020

Description:

We found some cool stuff at RSAC 2020!


Content:

We found some cool topics, themes, companies and ideas, including:

- Kuberenetes - Lots of talk about securing Kuberenetes. - Fuzzbuzz - Unit testing and fuzzing applied to security, found a startup doing it! - CyCognito - Cool stuff, especially the image tracing. - Cool startup we want to bring on the show called Isovalant. - We learned a little about eBPF, its not a kernel module, its part of the code itself. It provides you with more than just network data and cilium is a tecnology that allows you to access eBFP. - Sysmon is really cool and to the point where you don't need to rely on an endpoint EDR to get information about Windows systems. - There was a cool company Threatlocker, doing a briefing to get more, but they can protect applications on Windows systems with some unique whitelisting, prevent process injection. - You could apply these to protect Sysmon


Jeff Man's Content:

Jeff Man 2-0.jpg


Template:PSW641NewsJeff Man

Matt Alderman's Content:

MattAlderman-0.png


Template:PSW641NewsMatt Alderman

Paul Asadoorian's Content:

Paul Asadoorian-0.png


Template:PSW641NewsPaul Asadoorian


Interview: Protect Ya Data - 6:00-6:45PM

Description:

Gabriel Gumbs and the Security Weekly crew discuss strategies for protecting your data. We will explore practical use-cases for needing to manage access and protect your data as it pertains to security and compliance. Protect what matters most. Visit https://securityweekly.com/spirion for more information.

Guest: Bio:
Gabe Gumbs is Chief Innovation Officer at Spirion
Gabriel Gumbs is the VP of Product Management at Spirion where his focus is on the strategy and technology propelling Spirion’s rapidly-growing security platform. A cybersecurity industry veteran with a 19 year tenure in CyberSecurity, he has spent much of that time as a security practitioner, aligning security innovations with business objectives for Fortune 100 organizations. Gabriel is an information security thought leader, privacy advocate and public speaker.

Hosts

Matt Alderman - CEO at Security Weekly
Paul Asadoorian - Founder & CTO at Security Weekly

Interview: Tales From The Crypt...Analyst - 6:00-6:45PM

Description:

There are many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working for the US Government out of NSA. The building where they worked was called "The Pit". Jeff Man sits with us for this segment to talk about, where he can, the history and events that transpired during his tenure with the NSA.

Guest: Bio:
Jeff Man is Information Security Evangelist at Online Business Systems
Respected Information Security advocate, advisor, evangelist, international speaker, keynoter, host of Security & Compliance Weekly, co-host on Paul's Security Weekly, Tribe of Hackers, TOH Red Team, and currently serving in a Consulting/Advisory role for Online Business Systems. Nearly 40 years of experience working in all aspects of computer, network, and information security, including cryptography, risk management, vulnerability analysis, compliance assessment, forensic analysis and penetration testing. Certified NSA Cryptanalyst. Previously held security research, management and product development roles with the National Security Agency, the DoD and private-sector enterprises and was part of the first penetration testing "red team" at NSA. For the past twenty years, has been a pen tester, security architect, consultant, QSA, and PCI SME, providing consulting and advisory services to many of the nation's best known companies.

Hosts

Jeff Man - Sr. InfoSec Consultant at Online Business Systems
Matt Alderman - CEO at Security Weekly
Paul Asadoorian - Founder & CTO at Security Weekly
Scott Lyons - CEO at Red Lion

Fullaudio - None

Description:

This week, live from RSAC 2020, we interview our very own Jeff Man! There are many myths, legends and fables in hacker history. One of the themes of these legends surrounds some of the first red team hackers working for the US Government out of NSA. The building where they worked was called "The Pit". Jeff Man sits with us for this segment to talk about, where he can, the history and events that transpired during his tenure with the NSA! In our second segment, Gabriel Gumbs and the Security Weekly crew discuss strategies for protecting your data. We will explore practical use-cases for needing to manage access and protect your data as it pertains to security and compliance. Protect what matters most! In the final segment, Paul, Matt, and Scott talk all new thoughts, ideas, and findings from the RSA Conference 2020!

Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/spirion for more information.

Visit https://securityweekly.com



Jeff Man's Content:

Jeff Man 2-0.jpg


Template:PSW641FullaudioJeff Man

Matt Alderman's Content:

MattAlderman-0.png


Template:PSW641FullaudioMatt Alderman

Paul Asadoorian's Content:

Paul Asadoorian-0.png


Template:PSW641FullaudioPaul Asadoorian

Scott Lyons's Content:

Scott Lyons-0.jpg


Template:PSW641FullaudioScott Lyons