esw209

Enterprise Security Weekly Episode #209 – December 02, 2020

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Amazon EKS, DFLabs Cloud Package, & CyberMDX Healthcare Security Suite – 12:30 PM-01:00 PM

Announcements

  • Do you always end up missing our live streams? Need somewhere to flag Security Weekly podcasts that you want to listen to? Subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

  • We have officially wrapped up all of the recordings for our 2020 webcasts & technical trainings! Stay tuned as we build out our schedule for next year! Visit https://securityweekly.com/ondemand to view all of our 2020 webcasts & trainings!

Description

This week in the Enterprise Security News, securing Amazon EKS, Attivo Networks announces a new integration, a cloud security mapping startup comes out of Stealth, recent funding announcements from DefenseStorm, GoSecure, EclecticIQ and more!

Hosts

AdrianSanabria

Adrian Sanabria –
MattAlderman

Matt Alderman –

  1. DefenseStorm Secures $12M in Series B Capital Raise
  2. Cloud security mapping startup Lightspeed comes out of stealth
PaulAssadorian

Paul Assadorian –

  1. Malwarebytes expands business protection for remote workers
  2. DFLabs Announces Novel, Highly Scalable IncMan SOAR SaaS Cloud Package
  3. Attivo Networks & SentinelOne: Protection Against Credential-Based Attacks
  4. Weaveworks Brings GitOps to Amazon EKS Distro
  5. Secure your Digital Transformation on Amazon EKS-Distro with Aqua
  6. Security, compliance, and visibility for Amazon EKS-D
  7. Rockwell Automation improves security of visualization apps with new industrial PCs and software
  8. EclecticIQ raises 20M to expand its portfolio and increase its global footprint
  9. GoSecure raises $35M to continue growth
  10. CyberMDX integrates its Healthcare Security Suite into Philips Cybersecurity Services
  11. AWS unveils Mac instances for Amazon Elastic Compute Cloud
  12. There’s a RAT in my code: new npm malware with Bladabindi trojan spotted

2. The Road To Secure Your Organization – 01:00 PM-01:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/netsparker for more information!

Announcements

  • SCYTHE is offering a FREE purple team workshop where attendees get hands-on in an isolated enterprise environment for three hours! It is scheduled for December 9th (the day before Security Weekly Unlocked!) Register for this free workshop now: https://securityweekly.com/purpleteamsw

Description

Before you go picking technologies, you have to have a plan. How does one create that plan? Ferruh will focus on some concrete steps to create an AppSec plan using Netsparker’s simple framework.

This segment is sponsored by Netsparker.

Visit https://securityweekly.com/netsparker to learn more about them!

Guest(s)

Ferruh Mavituna

Ferruh Mavituna –

CEO at Netsparker

Ferruh’s deep understanding of web application security was the driving force behind Netsparker’s success. Prior to founding Netsparker, he worked as security consultant and penetration tester for several enterprise companies in the US and UK. Ferruh focuses on web app security research and automated vulnerability detection & exploitation. A frequent speaker at conferences and podcasts, he has released several research papers and tools.

Hosts

AdrianSanabria

Adrian Sanabria –

Senior Research Engineer at CyberRisk Alliance

 MattAlderman

Matt Alderman –

Executive Director at CyberRisk Alliance

 PaulAssadorian

Paul Assadorian –

Founder/CIO at Security Weekly/CyberRisk Alliance

3. Cybersecurity & Diversity – 01:30 PM-02:00 PM

Announcements

  • Tomorrow is the big day! The virtual doors open for the first-ever Security Weekly Unlocked virtual event at 10:30am and the last round table should end around 9:30pm! We have an outstanding line-up of presenters, who will be answering questions LIVE in our Discord server during their presentations! Make sure you register for this FREE event before it’s too late! Visit https://securityweekly.com/unlocked to view the line-up and register!

Description

How bad is the diversity problem in the Cybersecurity industry? Have we made any progress or is it all talk? In this special Enterprise Security Weekly segment, we are joined by industry professionals to learn where have we been, where do we need to be, and how do we get there?

A few articles on the topic of diversity:

1. https://www.securityinfowatch.com/security-executives/article/21158705/why-gender-and-ethnic-diversity-are-important-in-security
2. https://www.csoonline.com/article/3572377/addressing-diversity-in-security.html
3. https://www.securitymagazine.com/articles/93947-engaging-in-diversity-equity-and-inclusion-for-stronger-cybersecurity
4. https://www.isc2.org/-/media/Files/Research/Innovation-Through-Inclusion-Report.ashx
5. https://itsecuritywire.com/featured/diversity-is-the-key-to-build-a-more-resilient-cyber-security-team/
6. https://cybersecurityventures.com/cybersecurity-is-people-cybersecurity-is-diversity/#:~:text=Looking%20at%20the%20data%2C%20women,less%20than%20their%20male%20counterparts.

Guest(s)

Jackie Abrams

Jackie Abrams –

VP of Product at DomainTools

Jackie Abrams focuses on solving big-picture threat intelligence challenges through industry collaboration and innovative solution design. Responsible for the product vision at DomainTools, she leads the team to deliver data, intelligence, and tools to help our users make the Internet a safer place.
Before joining DomainTools, she leveraged her OSINT research and digital investigations experience to develop products and services in support of mobile threat assessment for text messages and message senders. Jackie is a graduate of Cornell University and is an active supporter of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG), where she collaborates with threat intelligence and abuse mitigation practitioners on solving industry-wide problems in the digital services and ISP space.
Gabe Gumbs

Gabe Gumbs –

Chief Innovation Officer at Spirion

As Spirion’s Chief Innovation Officer, Gabriel imagines and create technology that pushes data security technology forward in an increasingly complex digital world. Responsible for seeing where data security is going next and ensuring that organizations of all sizes are able to get there. With a 18+ year tenure in CyberSecurity, he has spent most of that time as a security practitioner, aligning security innovations with business objectives for Fortune 100 organizations, today Gabe is responsible for spearheading innovation across the organization through thought and product leadership.
Mandy Logan

Mandy Logan –

Ambassador at Mental Health Hackers

Mandy/5urvivatrix is a hacker. She is also autistic, determined to combine principles of neurological functioning to enhance creation of sustainable and ethical AI, and focuses on development of tech for accessibility increase for non-verbal persons. Mandy survived injuries and 5 strokes and recreated a functioning body and brain through use of binary and her tongue pressure against her teeth. She passionately loves the InfoSec community and works to enhance diversity. Mandy founded Hacker Stand Up Comedy and speaks and volunteers at numerous conferences with her service animal, Trevor.
Susan Bosco

Susan Bosco –

Associate Provost for Academic Affairs at Roger Williams University

Susan Bosco is Associate Provost for Academic Affairs and Professor of Management and has been at the Mario J. Gabelli School of Business for 20 years.? She has consulted for a variety of companies in areas such as Customer Service, Project Management, Teamwork, Leadership, and Process Improvement. Dr. Bosco teaches Management Principles, Organizational Behavior, International Organizational Behavior and Managing Workplace Diversity.

Hosts

MattAlderman

Matt Alderman –

Executive Director at CyberRisk Alliance