bh203

BH2020 Episode #3 – August 05, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. A Decade After Stuxnet’s Printer Vulnerability – 11:00 AM-11:15 AM

Description

We will describe the Print Spooler vulnerabilities that are found in Windows OS, and will explain how it’s related to Stuxnet. We will also release several tools. The name of Peleg and Tomer’s talk is entitled “A Decade After Stuxnet’s Printer Vuln: Printing is Still the Stairway to Heaven”, and is scheduled for August 6th at 11am PT during Black Hat 2020!

Guest(s)

Peleg Hadar
Peleg Hadar – Senior Security Researcher
Tomer Bar
Tomer Bar – Safebreach Labs lead

Hosts

PaulAsadoorian
PaulAsadoorian – Founder & CTO

2. Planning Security Strategy Without The Black Hat Expo? – 11:45 AM-12:00 PM

Sponsored By

sponsor
Visit https://securityweekly.com/crowdstrike for more information!

Description

This year we’ve seen organizations accelerate their so-called digital transformation almost overnight. Now we’re getting to the point where security leaders and business owners need to stop and take stock of what happened, what’s a temporary band aid, and figure out how to build their strategy without the luxury of getting yelled at by vendor booths in Mandalay Bay.

This segment is sponsored by CrowdStrike. Visit https://securityweekly.com/crowdstrike for a totally free trial!

CrowdStrike at Black Hat USA 2020 https://www.crowdstrike.blog/join-crowdstrike-at-black-hat-2020/

Guest(s)

Ian McShane
Ian McShane – VP, Product Marketing

Hosts

PaulAsadoorian
PaulAsadoorian – Founder & CTO

3. Defining the Dynamic Application Security Testing Market – 12:30 PM-12:45 PM

Sponsored By

sponsor
Visit https://securityweekly.com/netsparker for more information!

Description

Dynamic application security testing (DAST) for web applications has come a long way, establishing a niche market with a variety of offerings. In this segment Ferruh will discuss the big differences in DAST solutions available and help you understand which one is a pure DAST that you could rely on the most in this day and age.

This segment is sponsored by Netsparker.

Visit https://securityweekly.com/netsparker to get a trial of the best dynamic application scanning solution on the market!

Guest(s)

Ferruh Mavituna
Ferruh Mavituna – CEO

Hosts

PaulAsadoorian
PaulAsadoorian – Founder & CTO

4. Effectively Protecting Your Users Against Ransomware & Zero-Day Exploits – 01:15 PM-01:30 PM

Sponsored By

sponsor
Visit https://www.securityweekly.com/threatlocker for more information!

Description

ThreatLocker CEO, Danny Jenkins explains why his new approach of blocking everything that is not trusted and only allowing those applications that are approved, is a cleaner and more comprehensive approach to ensuring malware does not end up on your networks.

During this segment, Danny explains how he’s changing the entire approach and paradigm to cybersecurity.

This segment is sponsored by ThreatLocker.

To effectively protect your users from ransomware and zero-day exploits, visit https://www.securityweekly.com/threatlocker

Segment Resources: https://www.threatlocker.com/resources/stop-ransomware-12-things-you-should-have-done-to-stop-ransomware/ https://www.threatlocker.com/resources/less-hackable-for-small-business-owners/ https://www.youtube.com/threatlocker

Guest(s)

Danny Jenkins
Danny Jenkins – CEO

Hosts

PaulAsadoorian
PaulAsadoorian – Founder & CTO

5. What’s Next In Work From Home Security? – 02:00 PM-02:15 PM

Sponsored By

sponsor
Visit https://securityweekly.com/bitsight for more information!

Description

Security professionals need to be thinking of the next evolution of the approach from working from home, specifically focusing on the security of the home network for both employees and third party contractors. Stephen Boyer discusses how to rate the risk of these new attack vectors using data BitSight already has…

To request a security snapshot report, visit: https://securityweekly.com/bitsight

Resources:
https://www.bitsight.com/blog/identifying-unique-risks-of-work-from-home-remote-office-networks

https://bitsighttech.postclickmarketing.com/security-implications-of-an-increasingly-remote-workforce

https://www.bitsight.com/blog/coronavirus-pandemic-leads-to-new-and-evolving-cyber-threats

Guest(s)

Stephen Boyer
Stephen Boyer – Co-founder and CTO

Hosts

MattAlderman
MattAlderman – CEO

6. The Paramedic’s Guide to Surviving Cybersecurity – 02:45 PM-03:00 PM

Description

The security world is fraught with cases of mental health issues, burnout, substance abuse, and even suicide. We live in a world of threats and responses that trigger the deepest parts of our psyche; with the barriers between “online” and the physical world constantly crumbling. While some deal in theory, many of us deal with real incidents, challenges, and dangers every day and are constantly looking for techniques to respond better while staying saner.

Rich will share the lessons he learned in decades of emergency response and show how to apply them to your security career and daily practice to improve your effectiveness and mental resiliency.

Guest(s)

Rich Mogull
Rich Mogull – CEO

Hosts

MattAlderman
MattAlderman – CEO

7. Developer Security Champions – 03:30 PM-03:45 PM

Description

Firms that want to secure applications are challenged by understaffed security teams and lack of security awareness on the part of developers. Developer security champions are developers who act as a security point of contact in their team, but programs to create and support them require investment and planning.

Guest(s)

Sandy Carielli
Sandy Carielli – Principal Analyst

Hosts

MattAlderman
MattAlderman – CEO

8. Third-Party Risk Management (TPRM) – 04:15 PM-04:30 PM

Description

A firm’s network of third-party relationships can be a source of strength and an Achille’s heel, depending on the maturity of their risk management process. Companies have limited or no control over how third-parties secure their technology infrastructure, their applications, and their data, yet they’re on the hook for breaches, cybersecurity incidents, and regulatory fines incurred.

Guest(s)

Alla Valente
Alla Valente – Analyst, Security & Risk

Hosts

MattAlderman
MattAlderman – CEO

9. The Intersection of Security & Privacy Operations – 05:00 PM-05:15 PM

Sponsored By

sponsor
Visit https://securityweekly.com/spirion for more information!

Description

Are security operations teams prepared to respond to privacy threats? Although you can achieve security without privacy, namely keeping information safeguarded from those that should not have access, you can not keep data private without security. How can we address this challenge?

This segment is sponsored by Spirion.

Visit https://securityweekly.com/spirionbh to learn more about them!

Listners should visit the resources made available by Spirion to help understand how to deal with the challenges of Security and Privacy as they converge: https://info.spirion.com/2020-07-31_WB_TechTalkDPM_LPReg.html

Guest(s)

Gabe Gumbs
Gabe Gumbs – Chief Innovation Officer

Hosts

PaulAsadoorian
PaulAsadoorian – Founder & CTO