esw201

Enterprise Security Weekly Episode #201 – October 07, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. PingOne Services, Digital Shadows Key Alerts, & Azure Implements Datadog – 12:30 PM-01:00 PM

Announcements

  • Do you always end up missing our live streams? Need somewhere to flag Security Weekly podcasts that you want to listen to? Subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

Anchore Rolls Out Open Source DevOps Tools, Rapid7 Cloud Identity and Access Management Governance Module for DivvyCloud, Digital Shadows launches access key alerts, Microsoft Azure customers can now implement Datadog as a monitoring solution for their cloud workloads, and Ping Identity unveils PingOne Services!

Hosts

MattAlderman

Matt Alderman –

  1. Cyvatar Launches All-in-One Cybersecurity-as-a-Service to Disrupt the Industry with $3 Million Seed Round
  2. Tanium Announces $150 Million Funding Round Sparked by Major Industry Partnerships – Silicon Valley Daily
PaulAssadorian

Paul Assadorian –

  1. Anchore Rolls Out Open Source DevOps Tools – socaltech.com
  2. Rapid7 Announces Cloud Identity and Access Management Governance Module for DivvyCloud
  3. New CRITICALSTART and AttackIQ Offering Helps Security Teams Find Potential Gaps and Prevent Hackers From Breaching Them
  4. ZeroFOX acquires Cyveillance threat intelligence business from LookingGlass
  5. Microsoft Azure customers can now implement Datadog as a monitoring solution for their cloud workloads – Help Net Security
  6. Eclypsium raises $13M to scale the company, expand sales, delivery, and R&D – Help Net Security
  7. APIsec now provides detailed pen-test reports that can be automated and published automatically – Help Net Security
  8. Venafi Zero Touch PKI: Eliminating the effort, expense and risk of traditional PKI – Help Net Security
  9. DigitalOcean App Platform: Helping developers easily build, deploy, manage, and scale apps – Help Net Security
  10. Gfi becomes Inetum
  11. Tenable Announces Capability to Continuously See and Secure Cloud Compute Instances
  12. Apricorn Expands Storage Capabilities with Industry’s Largest Encrypted Hardware Drive
  13. Nimbus Achieves Success with Cloud Backup Powered by Asigra
  14. Digital Shadows launches access key alerts
  15. Ping Identity Acquires ShoCard
  16. Ping Identity unveiled PingOne Services,
  17. NormShield Secures $7.5 Million in Series A Funding

2. Trading Least Privilege for Security Theater – 01:00 PM-01:30 PM

Announcements

  • It’s official! Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. The inaugural edition of Security Weekly Unlocked also celebrates Security Weekly’s 15th Anniversary. Visit securityweekly.com/unlocked to submit your presentation & register for free!

Description

The appearance of safety and actual security often do not align as closely as we would like to think. As enterprise security products get “smarter”, the access that they require to your most sensitive data grows. What are some of the risks associated with common classes of security products?

Guest(s)

Cris Neckar

Cris Neckar –

CISO at Spring Labs

Cris is the Chief Information Security Officer of Spring Labs, providing a decentralized and transformative infrastructure for secure data exchange. Prior to joining Spring Labs, Cris co-founded Divergent Security, a top-tier offensive security assessment firm that has assessed many of the world’s most sensitive enterprise environments. With over 15 years of leadership experience in red teaming, penetration testing, security research, software development, incident response and recovery, and cyber security education and training. Cris has been directly involved in the identification and investigation of several high profile data breaches. CVEs to Cris’ name include critical, remotely exploitable vulnerabilities in the Windows kernel, Internet Explorer, Chrome, Cryptocurrency Exchange Platforms, and WebEx. Cris was one of the original members of Google’s Chrome Security Team.

Hosts

MattAlderman

Matt Alderman –

Executive Director at CyberRisk Alliance

PaulAssadorian

Paul Assadorian –

Founder/CIO at Security Weekly/CyberRisk Alliance

3. 2020 Threat Hunting Report: Insights From the CrowdStrike OverWatch Team – 01:30 PM-02:00 PM

Sponsored By

sponsor
Visit https://securityweekly.com/crowdstrike for more information!

Announcements

  • We have officially wrapped up all of the recordings for our 2020 webcasts & technical trainings! Stay tuned as we build out our schedule for next year! Visit https://securityweekly.com/ondemand to view all of our 2020 webcasts & trainings!

Description

Falcon OverWatch, the CrowdStrike® elite team of threat hunters, has the unparalleled ability to see and stop the most sophisticated threats, leaving adversaries with nowhere to hide. In this segment we’ll discuss the OverWatch team’s key threat hunting findings from the first half of 2020, as described in the 2020 Threat Hunting Report. The report reviews intrusion trends during that time frame, provides insights into the current landscape of adversary tactics and delivers highlights of notable intrusions OverWatch identified.

Download the full report https://www.crowdstrike.com/resources/reports/threat-hunting-report-2020/

Learn about the latest trends in cyber crime and take a deep dive into some of the tactics, techniques and procedures in use by specific cyber crime groups!

Visit https://securityweekly.com/crowdstrike to learn more about them!

Guest(s)

Jen Ayers

Jen Ayers –

Vice President, OverWatch at CrowdStrike

Jennifer Ayers, VP of OverWatch at CrowdStrike, has over 20 years of cybersecurity experience. She is responsible for a team of elite threat hunters who proactively hunt for malicious activity in globally diverse environments and uniquely pinpoint the most urgent threats for quick remediation with the integration of next-generation technology and machine learning. Prior to her current role with CrowdStrike, Jennifer was the director of product management at CrowdStrike and spent three years at FireEye within security operations. Jennifer also held multiple roles for GE as a cyber leader in incident response, computer forensics and supplier security.

Hosts

MattAlderman

Matt Alderman –

Executive Director at CyberRisk Alliance

PaulAssadorian

Paul Assadorian –

Founder/CIO at Security Weekly/CyberRisk Alliance