Enterprise Security Weekly Episode #213 – January 13, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Amazon’s Parler Removal, Beyond Security & Vicarius Partner, & More SolarWinds! – 12:30 PM-01:00 PM

Announcements

• Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

• If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

Description

This week, Beyond Security partners with Vicarius, Amazon’s Parler removal and what it means for Cloud onfidence, Kount sold to Equifax, McAfee vs Crowdstrike, JumpCloud raises some funds, Red Hat acquires StackRox, and SolarWinds warnings of weak security and more!

Hosts

Adrian Sanabria – Red Hat to Acquire Kubernetes-Native Security Leader StackRox – F5 to Acquire Volterra to Create the First Edge 2.0 Platform for Enterprises and Service Providers – Equifax Announces Definitive Agreement to Acquire Kount –

John Strand –

Paul Asadoorian – Beyond Security Announces Technology Partnership Agreement with Vicarius – Amazon’s Parler removal shows cloud unit’s rarely used power – Kount sold to Equifax for $640 million – FBI probes Russian-linked postcard sent to FireEye CEO after cybersecurity – Comparing McAfee To CrowdStrike Brings Out Its Real Appeal (NASDAQ:MCFE) – Digital Defense, Inc. Integrates with Palo Alto Networks Cortex XSOAR to Automate Proactive Response Based on Vulnerability and Threat Risk – Supply Chain Attacks and Microsegmentation – New A32 launched by AlgoSec – Red Hat to acquire StackRox, enabling users to build, deploy and run apps across the hybrid cloud – Help Net Security – JumpCloud raises $200M to expand product development, marketing, and sales globally – Help Net Security – SolarWinds Hack Followed Years of Warnings of Weak Cybersecurity – INTRUSION Successfully Completes Beta Testing of its Newest Cybersecurity Solution, Shield; Announces General Availability –

Tyler Shields –

2. It’s 2021, Do You Know Where Your Assets Are? – 01:00 PM-01:30 PM

Announcements

• Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

Description

We all know asset management is one of the basics. In fact, it’s literally the first two items on the Center for Internet Security’s list of top 20 critical security controls.

https://www.cisecurity.org/controls/cis-controls-list/

The term “basics” can be deceptive though. We typically expect something basic to also be easy. This is InfoSec though, and the basics aren’t simple or easy. We call them basics because they’re foundational.

Put another way, the other 18 critical security controls on that top 20 list can’t be applied to assets that haven’t been discovered yet!

In the past few years, we’ve seen a resurgence in asset management. There are a few players taking a fresh crack at solving this problem and we’re hearing positive things. Could this be the year we get a better handle on discovering and managing assets? Join us as we discuss.

Hosts

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

Paul Asadoorian – Founder/CIO at Security Weekly/CyberRisk Alliance

Tyler Shields – CMO at JupiterOne

3. The DBoM Consortium – 01:30 PM-02:00 PM

Announcements

• Learn how to conquer cloud complexity in our first Security Weekly webcast of 2021 on January 28th @ 11am ET! Register at https://securityweekly.com/webcasts. If you missed any of our 2020 webcasts or technical trainings, they are available at https://securityweekly.com/ondemand

Description

The DBoM consortium is a Linux Foundation project to be able to share information with third parties safely, securely, and with control over the information, even after handing it over! Unisys has just open sourced the code to make this possible, and Chris was a big part of their effort. Using a blockchain based approach, DBoM works to share software bill of materials (SBoM)s in a fashion that works in a cloud centric, internet time approach.

Guest(s)

Chris Blask – Global Director, Industrial Control Systems Security at Unisys

A well regarded figure, Chris has been involved in the ICS and information security industries for more than 25 years, spanning the breadth of the cybersecurity spectrum. He invented one of the first commercial firewall products, built a multibillion-dollar firewall business at Cisco, co-founded an early Security Information and Event Management (SIEM) vendor and co-authored the first book on SIEM. He chairs the Industrial Control System Information Sharing and Analysis Center (ISAC), serves on the Board of Directors for the International Association of Certified ISAOs (Information Sharing and Analysis Organizations) and is involved with a wide range of national and international cybersecurity efforts. Chris lives in Orlando, Florida.

Hosts

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

Josh Marpet – COO at Red Lion

Paul Asadoorian – Founder/CIO at Security Weekly/CyberRisk Alliance

Tyler Shields – CMO at JupiterOne