esw207

Enterprise Security Weekly Episode #207 – November 18, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. AlgoSec CloudFlow, AWS Network Firewall, & Sysdig Zero Trust – 12:30 PM-01:00 PM

Announcements

  • Do you always end up missing our live streams? Need somewhere to flag Security Weekly podcasts that you want to listen to? Subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

  • We have officially wrapped up all of the recordings for our 2020 webcasts & technical trainings! Stay tuned as we build out our schedule for next year! Visit https://securityweekly.com/ondemand to view all of our 2020 webcasts & trainings!

Description

In the Enterprise News, the all new AWS Network Firewall, Zero Trust for kubernetes, interactive coding simulations, DNS monitoring, and Twitter appoints a new head of security! The latest acquisitions from Cisco, Acronis, Palo Alto Networks, and Flashpoint, and recent funding announcements from Unbound, Havoc Shield, Menlo Security and Cato networks!

Hosts

AdrianSanabria

Adrian Sanabria –

MattAlderman

Matt Alderman –

  1. A new Israeli Unicorn hits the block with $130M in funding
  2. Unbound Tech Raises $20M In Series B
  3. Chicago Inno – Cybersecurity startup Havoc Shield raises $1.4M
  4. Menlo Security: $100 Million Funding And $800 Million Valuation
  5. Cisco acquires container security startup Banzai Cloud
  6. Palo Alto Networks to acquire Expanse in deal worth $800M – TechCrunch
PaulAssadorian

Paul Assadorian –

  1. Sysdig launches zero trust network security for Kubernetes to cut miscrosegmentation time – Help Net Security
  2. AlgoSec CloudFlow Now Available in AWS Marketplace – ForexTV
  3. AWS Network Firewall: Network protection across all AWS workloads – Help Net Security
  4. Acronis accelerates growth plans with CyberLynx acquisition
  5. Alert Logic Integrates with AWS Network Firewall to Provide Comprehensive Web Application Threat Detection Solution
  6. Flashpoint Acquires CRFT to Bring No-Code Automation to Threat Intelligence
  7. How The Stadtwerke Klagenfurt Group Reduces Risk to Critical Infrastructure
  8. Palo Alto Networks Announces Intent to Acquire Expanse
  9. Expanse Announces Dedicated Section 889 Support
  10. Tanium Collaborates with IBM to Provide Endpoint Manageability, Security and Compliance for Regulated Industries
  11. Qualys announces new integration with Google Cloud and furthering partnership with Armor
  12. Datadog’s new capabilities for monitoring DNS provide visibility into the health of business-critical apps – Help Net Security
  13. Kount Event-Based Bot Detection protects the end-to-end customer journey from fraud – Help Net Security
  14. Uptycs enhances detection and investigation for on-premises and cloud workloads – Help Net Security
  15. Secure Code Warrior Missions: Interactive coding simulations of real-world applications – Help Net Security
  16. Tanium and IBM join forces to create a security and compliance monitoring solution for hybrid cloud – Help Net Security
  17. TrilioVault for Kubernetes 2.0: Managing data protection and migration across clouds – Help Net Security
  18. Cisco gains container security with Banzai Cloud buy
  19. New acquisition provides security from hackers’ view, Palo Alto Networks CEO says
  20. Twitter Taps Famous Hacker to Be Head of Security

2. How Network Detection Helps Fill The Gaps – 01:00 PM-01:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/gigamon for more information!

Announcements

  • Join Amit Bareket, Co-founder & CEO of Perimeter 81 & Paul Asadoorian for a technical deep-dive into the problems inherent in legacy VPN technology. Together they will explore solutions for the modern workforce & how momentum toward perimeter-less architecture is helping redefine the future of cybersecurity. Register Now by visiting https://securityweekly.com/perimeter81

Description

The recent surge of ransomware attacks has highlighted a shift in tactics employed by threat actors looking to extort organizations. Their methodology has changed from a quick, opportunistic attack to a prolonged, targeted approach. This shift in methodology presents threat groups with the opportunity to encrypt more critical data, but also presents security teams with the opportunity to detect activity before data is encrypted. In this talk we’ll explore how this allows security analysts to use network detection and response capabilities to discover malicious activity between initial compromise and encryption.

This segment is sponsored by Gigamon.

Visit https://securityweekly.com/gigamon to learn more about them!

https://atr-blog.gigamon.com/2020/03/18/quality-control-keeping-detections-fresh/

https://www.youtube.com/watch?v=LDpQ0Hy54P4&list=PLMnYhIkmPmIdD1ZCAwLn9AP8wYyG24nEk&index=4

https://blog.gigamon.com/2018/09/27/how-threat-hunting-can-evolve-your-detection-capabilities/

Guest(s)

Steve Porcello

Steve Porcello –

Senior Security Engineer at Gigamon

Steve started out as a security analyst for organizations in the New York City area, including some in the industrial, utility and financial services sectors. From there, he moved into the vendor space by joining innovative cyber security start-ups. He is now focused on using his experiences in incident response to promote and educate security teams about the benefits of Gigamon ThreatINSIGHT.

Hosts

AdrianSanabria

Adrian Sanabria –

Senior Research Engineer at CyberRisk Alliance

MattAlderman

Matt Alderman –

Executive Director at CyberRisk Alliance

PaulAssadorian

Paul Assadorian –

Founder/CIO at Security Weekly/CyberRisk Alliance

3. The Future of Osquery – 01:30 PM-02:00 PM

Sponsored By

sponsor
Visit https://securityweekly.com/uptycs for more information!

Announcements

  • Tomorrow is the big day! The virtual doors open for the first-ever Security Weekly Unlocked virtual event at 10:30am and the last round table should end around 9:30pm! We have an outstanding line-up of presenters, who will be answering questions LIVE in our Discord server during their presentations! Make sure you register for this FREE event before it’s too late! Visit https://securityweekly.com/unlocked to view the line-up and register!

Description

Osquery has grown in popularity because of its broad applicability in enterprise environments. In this tech segment, Ganesh Pai and Julian Wayte from Uptycs will talk about how organizations are using osquery to solve thorny problems such as fleet visibility, compliance and audit, and threat detection and investigation (including MITRE ATT&CK coverage).

This segment is sponsored by Uptycs.

Visit https://securityweekly.com/uptycs to learn more about them!

Context-rich detections from Uptycs will keep security analysts sane: https://www.uptycs.com/blog/fast-consolidated-and-context-rich-detections-from-uptycs-will-keep-security-analysts-sane

Website for the osquery project: https://www.osquery.io

MITRE ATT&CK Enterprise framework: https://attack.mitre.org/matrices/enterprise/

Solution page for Uptycs for EDR: https://www.uptycs.com/solutions/endpoint-detection-and-response

Guest(s)

Ganesh Pai

Ganesh Pai –

Founder and CEO at Uptycs

Ganesh Pai is Founder & CEO of Uptycs. He is a Boston-based entrepreneur and technologist (formerly Akamai, Verivue, NetDevices) and has been awarded multiple U.S. patents. Ganesh received a BE degree in electronics and communication engineering from Mangalore University and a MS in computer science from Temple University.

Julian Wayte

Julian Wayte –

Security Solutions Engineer at Uptycs

Julian Wayte is a Security Solutions Engineer for Uptycs. In this role, he helps organizations architect security solutions – based on endpoint telemetry and automated workflows – in order to solve a variety of security use cases. Julian loves working with and teaching osquery. He has worked for 20 years in various customer-facing, technical, IT roles helping organizations manage and secure their data.

Hosts

AdrianSanabria

Adrian Sanabria –

Senior Research Engineer at CyberRisk Alliance

MattAlderman

Matt Alderman –

Executive Director at CyberRisk Alliance

PaulAssadorian

Paul Assadorian –

Founder/CIO at Security Weekly/CyberRisk Alliance