Enterprise Security Weekly Episode #197 – September 02, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Anchore Enterprise 2.4, Auth0 Bot Detection, & Bitdefender MDR – 12:30 PM-01:00 PM

Announcements

• BSides Boston is back in action for their 10 year anniversary! The conference will be held on Saturday, September 26th & tickets are only $10! You can get yours at https://bsidesbos.org! Some of the Security Weekly team will be in our own channel on the BSides Boston Discord server answering questions and possibly doing some contests!

• Join the Security Weekly Mailing List for webcast/virtual training announcements and to receive your personal invite to our Discord server by visiting https://securityweekly.com/subscribe and clicking the button to join the list!

• Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

• Security Weekly is ramping up our webcast/technical training schedule for the rest of 2020! In September you can Learn How to Extend the Enterprise Network for Remote Workers and Protect Your Home Network, Find out Why Traditional Data Security Can’t Be Zero Trust, and Learn how to reduce the blast radius of your cloud infrastructure. Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!

Description

Proofpoint’s $300 Million buyback program, LogRhythmn Power Users share their use cases, Bitdefender Enhances MDR Service to Increase Proactive Protection and Advanced Detection, Anchore Unveils Enterprise 2.4 With Expanded & Updated Capabilities, and Auth0’s new bot detection!

Hosts

LA gets a big SaaS exit as Fastly nabs the Culver City-based Signal Sciences for $775M – LA’s enterprise tech scene can claim a really big winner with Signal Sciences, the security monitoring and management company that is getting bought by Fastly, a provider of content delivery networking services, for $775 million. Proofpoint announces $300M buyback program – Proofpoint (NASDAQ:PFPT) plans to repurchase up to $300M that is around 5% of the company’s current market capitalisation of $6.41B. InfoSum Raises $15 Million And Adds Brian Lesser As Executive Chairman – InfoSum, a UK-based data platform that allows companies to match data in a privacy compliant-way, has raised $15 million and appointed Brian Lesser as executive chairman, the company said Tuesday.

LogRhythm Power Users Share their Use Cases – “We created custom dashboards to track metrics for testing new alarms in our SIEM, show how much time our team saved using automation, display the current status of our LogRhythm deployment, monitor Case Management metrics, and present the number of alarms triggered vs. triaged in a given period. These visualizations have empowered our operations and management teams — helping them achieve their goals and making it easier for our team to prove our effectiveness, show ROI, and demonstrate the need for investment in our program.” Palo Alto Networks To Acquire The Crypsis Group For $265M – Centrify Releases Privileged Access Service 20.4 – “Centrify Privileged Access Service 20.4 has extended SSH key vaulting capabilities beyond key storage and log in to now support SSH key management (inclusive of key rotation), setting policies for SSH key rotation, and leveraging an account that has an SSH key for system and account discovery operations.” Bitdefender Enhances MDR Service to Increase Proactive Protection and Advanced Detection – “The enhanced MDR service combines Bitdefender’s award-winning security technologies for endpoint protection, network traffic analysis and security analytics with the threat-hunting expertise of highly skilled analysts from global intelligence agencies. The service delivers leading incident detection with rapid response using automated pre-approved playbooks allowing analysts to take swift action to mitigate and remediate most threats. Expert tuning and detailed enterprise environment analyses are used to understand customers’ unique threat profiles and their main risks, and to create customer-specific action plans. This results in broad threat identification and mitigation that minimizes the impact of advanced attacks.” Anchore Unveils Enterprise 2.4 With Expanded & Updated Capabilities – “Security reports have been expanded to allow users to compare two different container images, enabling developers to more easily spot issues in their applications from issues in the base operating system. Vulnerability detection has been improved with support for a “hint” file which can prompt for detection of security issues in explicitly declared libraries, useful for language types like Go which don’t support a formal package management system.” FireMon Secures $40 Million Debt Financing – Auth0 launched Bot Detection – Monitoring sessions vs. IP addresses? “At a high level, Bot Detection monitors IP addresses for non-suspicious events, such as successful logins; suspicious events, such as numerous failed login attempts across multiple accounts; and IP reputation data, which is used to identify known threat actors. When suspicious traffic is detected, a CAPTCHA step is required to complete a login request — the system is designed to mitigate the majority of bot attacks targeting the login or registration flow. “ Auth0 Announces $120M in Series F Funding –

2. SWVHSC Micro Interviews: deepwatch & ExtraHop – 01:00 PM-01:30 PM

Description

deepwatch Lens Score – The first SecOps maturity benchmarking and planning app. Answers CISO Questions: How mature is my Security Program? How do I compare to my peers? What one thing should I do next? This segment is sponsored by deepwatch. Visit https://www.deepwatch.com/lens-score/ to try deepwatch Lens Score for free!

Every organization gets compromised – it’s how you fast you detect and respond that counts. Trends like the overnight move to remote work and the subsequent increase in phishing attacks, the acceleration of cloud adoption, and proliferation of enterprise IoT have expanded the attack surface and complicated the job of security professionals. We’ll explore those trends and the opportunity that lay ahead for security teams post-compromise to prevent an event that results in an outage or incident from becoming a full-scale data breach. This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!

For a free trial of Reveal(x)360 visit: www.extrahop.com/swbh

Guest(s)

Hosts

3. SWVHSC Micro Interviews: CrowdStrike & Synopsys – 01:30 PM-02:00 PM

Description

This year we’ve seen organizations accelerate their so-called digital transformation almost overnight. Now we’re getting to the point where security leaders and business owners need to stop and take stock of what happened, what’s a temporary band aid, and figure out how to build their strategy without the luxury of getting yelled at by vendor booths in Mandalay Bay. This segment is sponsored by CrowdStrike. Visit https://securityweekly.com/crowdstrike for a totally free trial!

CrowdStrike at Black Hat USA 2020 https://www.crowdstrike.blog/join-crowdstrike-at-black-hat-2020/

All applications use APIs—they’re nothing new to the development world. But are organizations factoring API security into their broader security strategy effectively? We’ve seen high-profile breaches at well-known companies stemming from their exposure or use of insecure API endpoints. This raises the question of how your software security initiative addresses the controls you need to ensure the APIs you use and produce are secure. Within this segment, Michael Borohovski will discuss key considerations when designing APIs, along with security controls and security testing that could make or break your software. This segment is sponsored by Synopsys.

Visit https://securityweekly.com/synopsys to learn more about them!

Guest(s)

Hosts