esw202

Enterprise Security Weekly Episode #202 – October 14, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Datadog Deployment Tracking, ‘Bad Neighbor’ Vulnerability, & Aqua’s Trivy – 12:30 PM-01:00 PM

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • It’s official! Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. The inaugural edition of Security Weekly Unlocked also celebrates Security Weekly’s 15th Anniversary. Visit securityweekly.com/unlocked to submit your presentation & register for free!

Description

Bad Neighbor Vulnerability, FireEye Announced ‘Mandiant Advantage: Threat Intelligence’ SaaS-based Offering, Aqua’s Trivy Now Available as a GitHub Action, Datadog adds Deployment Tracking to its APM to prevent outages related to bad code deploys, and Tenable and the Center for Internet Security Enter Partnership to Bolster Cyber Hygiene Across Public and Private Sectors!

Hosts

JohnStrand

John Strand –

MattAlderman

Matt Alderman –

  1. LookingGlass broadens executive team, setting its vision for next-generation cybersecurity products – Help Net Security
  2. FireEye Announced ‘Mandiant Advantage: Threat Intelligence’ SaaS-based Offering
PaulAssadorian

Paul Assadorian –

  1. CVE-2020-16898 “Bad Neighbor” Vulnerability: What You Need To Know
  2. Onapsis raises $55M to accelerate expansion into the mission-critical SaaS applications market – Help Net Security
  3. Datadog adds Deployment Tracking to its APM to prevent outages related to bad code deploys – Help Net Security
  4. Illusive Networks raises $24M to accelerate next phase of growth – Help Net Security
  5. Aqua’s Trivy Now Available as a GitHub Action
  6. Tenable and the Center for Internet Security Enter Partnership to Bolster Cyber Hygiene Across Public and Private Sectors
  7. Atos completes the acquisition of Paladion
  8. Atos completes the acquisition of digital.security

2. Social Engineering Attacks Through Vishing & Phishing – 01:00 PM-01:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/rapid7 for more information!

Announcements

  • Do you always end up missing our live streams? Need somewhere to flag Security Weekly podcasts that you want to listen to? Subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

  • We have officially wrapped up all of the recordings for our 2020 webcasts & technical trainings! Stay tuned as we build out our schedule for next year! Visit https://securityweekly.com/ondemand to view all of our 2020 webcasts & trainings!

Description

Learn about some of the latest techniques attackers are using when phishing and vishing, including how to protect your users!

This segment is sponsored by Rapid7.

Visit https://securityweekly.com/rapid7 to learn more about them!

https://www.rapid7.com/fundamentals/phishing-attacks/

https://blog.rapid7.com/2019/11/27/5-types-of-cybersecurity-attacks-to-watch-out-for-this-black-friday-and-cyber-monday/?cs=securityweekly

https://www.rapid7.com/research/under-the-hoodie/?cs=securityweekly

Guest(s)

Whitney Maxwell

Whitney Maxwell –

Security Consultant at Rapid7

Whitney Maxwell has over 5 years of experience in security. She received a DEFCON Black Badge in 2018 when she took first place in the Social Engineering Village competition where she performed vishing calls against a Fortune 500 company live in front of hundreds of spectators. She received her Masters of Technology degree in December of 2017 with an emphasis in cyber security from Brigham Young University. Her previous experience includes working on the Office 365 red team at Microsoft where she pen tested network infrastructures, coded internal toolsets, and adjudicated cases for the O365 bug bounty. Along with her professional experience she was one of the founding members of the Cyber Security Research Lab red team at Brigham Young University.

Hosts

MattAlderman

Matt Alderman –

Executive Director at CyberRisk Alliance

PaulAssadorian

Paul Assadorian –

Founder/CIO at Security Weekly/CyberRisk Alliance

3. SWVHSC Micro Interviews: CYRISMA & Mimecast – 01:30 PM-02:00 PM

Description

Simplifying The Process Of Identifying, Assessing & Mitigating Risks:
Liam Downward, CEO of CYRISMA, talks about burdensome technologies that generate bloat within any organization, high licensing costs along with the long deployment times. All of these affect the ROI on organizational resources Time, Money, and People.

This segment is sponsored by CYRISMA.

Visit https://securityweekly.com/cyrisma to learn more about them!

Get 10% off your monthly bill when you sign up! Visit: https://www.cyrisma.com

Summarizing the BlackHat Threat Intelligence Report:
Matthew Gardiner, Principal Security Strategist, from Mimecast will provide and overview of Mimecast and the results of their Threat Intelligence Report, BlackHat USA Edition, August 2020.

This segment is sponsored by Mimecast.

Visit https://securityweekly.com/mimecastbh to learn more about them!

Guest(s)

Liam Downward

Liam Downward –

CEO at CYRISMA

Liam started his career in 1998 in Dublin, Ireland and each year brought new challenges and with this where my passion of Information Security grew. In 2018, he saw that Cyber Security was becoming more complex and organizations would rather ignore risks as their budgets could not afford solutions to protect their data and CYRISMA was born.

Matthew Gardiner

Matthew Gardiner –

Principal Security Strategist at Mimecast

Matthew Gardiner is Principal Security Strategist at Mimecast and is currently focused on email security, phishing, malware, and cloud security. With more than 15 years focused in security, Matthew’s expertise in various roles includes threat detection & response, network monitoring, SIEM, endpoint threat detection, threat intelligence, identity & access management, Web access management, identity federation, cloud security, and IT compliance at RSA, Netegrity, and CA Technologies. Previously he was President and a member of the board of trustees of the security industry non-profit, the Kantara Initiative. Matthew has a BS in Electrical Engineering from the University of Pennsylvania and an SM in Management from MIT’s Sloan School of Management.

Hosts

MattAlderman

Matt Alderman –

Executive Director at CyberRisk Alliance