Enterprise Security Weekly Episode #203 – October 21, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Prisma Cloud 2.0, Blackpoint RISK, & Tenable Lumin – 12:30 PM-01:00 PM

Announcements

• Do you always end up missing our live streams? Need somewhere to flag Security Weekly podcasts that you want to listen to? Subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

• Tomorrow is the big day! The virtual doors open for the first-ever Security Weekly Unlocked virtual event at 10:30am and the last round table should end around 9:30pm! We have an outstanding line-up of presenters, who will be answering questions LIVE in our Discord server during their presentations! Make sure you register for this FREE event before it’s too late! Visit https://securityweekly.com/unlocked to view the line-up and register!

Description

Palo Alto Networks announces cloud native security platform, Akamai launches new API security tool, SentinelOne secures patent for unique approach to uncovering exploits in their initial payload stage, Splunk helps security teams modernize and unify their security operations in the cloud, and Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks!

Hosts

Matt Alderman – Sonrai Security Announces $20M in Series B Funding – Security Boulevard – 4iQ Raises $30 Million in Series C Funding, Names Kailash Ambwani as CEO – Accurics raises $20 million for ‘self-healing’ cloud monitoring tools –

Paul Assadorian – Palo Alto Networks announces cloud native security platform- Prisma Cloud 2.0 – This announcement integrates Aporeto and builds on the November 2019 introduction of Palo Alto Networks Prisma Cloud. The new Palo Alto Networks Prisma Cloud modules include: Data Security delivers data loss prevention (DLP) capabilities, offering discovery, classification, and malware detection for AWS S3. eSentire Launches Cloud Automation Security Assistant (CASA) in Microsoft Teams, Brings Users Over a Decade of MDR Expertise – CASA offers customers a single place within Microsoft Teams to actively manage alerts, engage eSentire experts on demand, and launch automated threat configurations for Microsoft Cloud Application Security, Microsoft 365, Microsoft Defender for Endpoint, Microsoft Azure, and Microsoft Graph Security API. Akamai launches new API security tool – The API Discovery and Profiling capability automatically and continuously discovers APIs based on a scoring mechanism that takes into account response content-type, path characteristics and traffic patterns. SentinelOne secures patent for unique approach to uncovering exploits in their initial payload stage – Help Net Security – The patent is a combination of three separate SentinelOne innovations — automatic feature extractor, code detector, and position-independent code detection — that significantly enhance the XDR platform’s detection capabilities. CyberSaint adds automation functionality to its CyberStrong platform to reduce manual intervention – Help Net Security – Splunk helps security teams modernize and unify their security operations in the cloud – Help Net Security – Blackpoint Cyber launches Blackpoint RISK, a cyber liability insurance solution for existing and new clients – Help Net Security – Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks – Help Net Security – Panaseer launches Continuous Controls Monitoring for Risk and Compliance – Tenable®, Inc. announced new Tenable Lumin™ – Attivo Networks Enhances Portfolio for Amplified Identity Access Management Control – Banyan Security enhances secure remote access for engineering resouces –

2. Prioritization to Prediction Vulnerability Research Series – 01:00 PM-01:30 PM

Sponsored By

Visit https://securityweekly.com/kennasecurity for more information!

Announcements

• Join Amit Bareket, Co-founder & CEO of Perimeter 81 & Paul Asadoorian for a technical deep-dive into the problems inherent in legacy VPN technology. Together they will explore solutions for the modern workforce & how momentum toward perimeter-less architecture is helping redefine the future of cybersecurity. Register Now by visiting https://securityweekly.com/perimeter81

Description

Organizations have millions of vulnerabilities. And our research has shown that those same organizations, large or small, on average, can only fix about one in ten of those vulnerabilities. But as a security practitioner you still need to keep your organization secure, so how do you do that when you can’t possibly fix ALL of your vulnerabilities? Ed Bellis will:
• Review what years of joint research into vulnerability management with the Cyentia Institute uncovered about the scope of the challenge
• A breakdown in performance factors by industry and platforms
• Lay out several factors that drive better remediation performance
• Provide a deeper understanding on the scope of exposures and how risk informs remediation strategies

This segment is sponsored by Kenna Security.

Visit https://securityweekly.com/kennasecurity to learn more about them!

Guest(s)

Ed Bellis – Co-Founder and CTO at Kenna Security

Ed Bellis, Co-founder and CTO of Kenna Security Ed Bellis is a security industry veteran and expert and known in security circles as “the father of risk-based vulnerability management.” He founded Kenna Security to deliver a data-driven risk-based approach to remediation and help IT teams prioritize and thwart would-be security threats. Ed is the former CISO of Orbitz and former Vice President, Corporate Information Security at Bank of America. He is an advisor to Dharma and former advisor to SecurityScoreboard.com and Society of Payment Security Professionals. Ed is a contributing author to the book, Beautiful Security (Oram, Andy & Viega, John, O’Reilly Media, 2009). He is a frequent speaker at industry conferences. Recent engagements include the 2017 Enterprise Security Summit (Dos and Don’ts of Establishing Metrics that Cultivate Real Security) and InfoSec World (Amateur Hour: Why APT’s Are the Least of Your Worries).

Hosts

Matt Alderman – Executive Director at CyberRisk Alliance

Paul Assadorian – Founder/CIO at Security Weekly/CyberRisk Alliance

3. deepwatch Lens Score & Series B – 01:30 PM-02:00 PM

Sponsored By

Visit https://securityweekly.com/deepwatch for more information!

Announcements

• We have officially wrapped up all of the recordings for our 2020 webcasts & technical trainings! Stay tuned as we build out our schedule for next year! Visit https://securityweekly.com/ondemand to view all of our 2020 webcasts & trainings!

Description

deepwatch formally launched its Lens Score app on October 20th. Corey joins us to discuss the app, its future, and how it helps CISOs achieve their security outcomes. Corey will also discuss the deepwatch Series B and how we plan to invest the funds.

This segment is sponsored by deepwatch.

Visit https://securityweekly.com/deepwatch to learn more about them!

Guest(s)

Corey Budzin – CTO at deepwatch

At deepwatch Corey Bodzin is accountable for driving the company’s product vision and strategy from a services organization based around commercial solutions to a product driven organization with services built around its own intellectual property. Before joining deepwatch, Corey spent the last 15 years creating products at cybersecurity companies like ExtraHop, Tenable, RSA, and Qualys. Prior to that he was a user of the products as leader of security teams at Wells Fargo, Charles Schwab, and Lucent. He is a cybersecurity veteran with 25+ years’ experience in driving thoughtful cybersecurity, risk management, and regulatory compliance for industries as diverse as energy, pharmaceuticals and financial services.

Hosts

Matt Alderman – Executive Director at CyberRisk Alliance

Paul Assadorian – Founder/CIO at Security Weekly/CyberRisk Alliance