Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
This week in the Enterprise News, Mission Secure Announces Series B, Akamai Technologies Acquires Inverse, for Microsoft, Security is a $10 Billion Business, Sontiq acquires Cyberscout, IRONSCALES improves the ability to detect phishing attacks, Imperva updates its WAAP and Data Security offerings, SonicWall Confirms A Zero-Day Vulnerability with NO other details, Arista intros Multi-Domain Macro-Segmentation Service (I don’t know what it means, but its provocative), & more!
Akamai Technologies Acquires Inverse Inc., Adds to Zero Trust Security Platform – Zero Trust? That could mean 50 different things! First off, it’s great to see good exits for Montreal-based companies – last year, Montreal-based vuln mgmt startup Delve Labs got picked up by SecureWorks. Interestingly, it looks like Inverse is basically an acqui-hire, but not your typical acqui-hire. It looks like, instead of developing a commercial product, they specialize in creating and maintaining open source products (specifically, Akamai is likely interested in Packetfence here). Instead of making money on commercial software licensing, they get paid to handle all the integration work. This is interesting, because this is likely one of the most common places where product deployments fail and purchases become shelfware. The average customer doesn’t have 5 python experts sitting around, waiting to work on the latest SIEM, threat intel or, in this case, NAC.
Israeli security startup Bridgecrew in negotiations for sale to Palo Alto Networks for over $100m – Another CSPM getting acquired here – I guess CSPM wasn’t part of one of the four acquisitions that went into Prisma Cloud already? Aporeto was microsegmentation, CloudGenix was SD-WAN, Twistlock was container security and PureSec was serverless security, so yeah, I guess they needed a CSPM acquisition. Also, in researching this story, I discovered that Lacework has an absolutely BRUTAL anti Prisma marketing campaign. It’s so aggressive, it’s kinda funny.
If Microsoft’s security business is $10bn… that could put them in the number one spot as the largest security company in terms of product revenue, and ignoring the fact that Microsoft Security isn’t a separate pure play company. By comparison, Cisco’s security business is only doing ~$3bn annually and they’ve done a TON of security acquisitions in the past decade – SourceFire, OpenDNS, Duo, CloudLock, Threatgrid…
U.S. based Rapid7 acquires Israeli cyber startup Alcide.io for $50M – Another container/Kubernetes-inspired acquisition! They picked up DivvyCloud less than 10 months ago, but from what I can tell, that was more of a broad CSPM play, whereas Alcide seems to be more specifically focused on Kubernetes. We’ll probably continue to see Kubes-related acquisitions for a while.
HelpSystems Acquires Digital Defense to Enhance Cybersecurity Portfolio – Security Boulevard – HelpSystems, the parent company that also acquired Core Security and Cobalt Strike, picked up Digital Defense. It makes a lot of sense as an acquisition, as (unless I’ve missed something), Core never had its own scan engine and depended on customers owning other tools to do the actual vulnerability scanning. While many might not know Digital Defense’s name, they’re a longtime IBM partner, providing the vulnerability scanning engine for QRadar.
Arista launches a zero trust security framework for the digital enterprise – I have no idea what this means, what problem it solves, or why it may be better than anything else: ” Arista Multi-Domain Macro-Segmentation Service is a suite of capabilities for integrating security policy with the network through an open and consistent network segmentation approach across network domains.”
Cymulate Integrates with Microsoft Defender for Endpoint – I like the honest marketing: “Cymulate, one of the only SaaS-based Continuous Security Validation platform to operationalize the entire MITRE ATT&CK® framework” I’m also a huge fan of testing this way: “Cymulate correlates EDR findings with hacking techniques, behavior-based attacks and malware launched from the Cymulate platform to validate endpoint protection efficacy against new threats and accurate detection and alerts of possible attacks.”
Tenable Empowers MSSPs to Launch Cloud-Based Vulnerability Management Services within Minutes – “Tenable®, Inc. announced an enhanced Managed Security Service Provider (MSSP) portal to supercharge partners’ cloud-based vulnerability management offerings with Tenable.io®. The updated portal will enable MSSPs to self-provision and self-service their own Tenable.io instances, up to 1,000 assets, empowering partners to build and launch vulnerability management services in the cloud within minutes.”
StackPath Launches Direct Connect – “StackPath Direct Connect for StackPath content delivery network (CDN), providing dedicated network connections from customers’ private networks to the StackPath edge platform. Traffic from customers’ on-premises origin servers can travel to and from the StackPath CDN without using the public internet.” Also, not so sure it does this: “decrease exposure to malicious activity and threats”
Barracuda launches high-speed expandable backup platform for Microsoft Office 365 – “Barracuda announced the latest version of Barracuda Cloud-to-Cloud Backup with a new platform that delivers a fast search and restore experience for Office 365 data, including Teams, Exchange Online, SharePoint, and OneDrive. Compared to traditional backup and recovery solutions, a cloud-native solution provides scale and resiliency, fast performance, and wide global coverage to protect Office 365 data born in the cloud.”
Rapid7 acquires Alcide.IO to extend cloud security – “these acquisitions will enhance Rapid7’s ability to provide a cloud native security platform to its customers and facilitate continuous management of risk and compliance across their cloud environments…Alcide’s industry leading cloud workload protection platform (CWPP) provides broad, real-time visibility and governance, container runtime and network monitoring, as well as the ability to detect, audit and investigate known and unknown security threats.”
SonicWall Confirms Zero-Day Vulnerability – “SonicWall has confirmed a zero-day vulnerability affecting its SMA 100 Series. Its disclosure arrives as NCC Group researchers report an observation of attacks exploiting a SonicWall flaw.” – No details have been published, other than “watch for IPs connecting to the management interface”.
Attack Surface Management is an important and growing field within Information Security. In this segment, we discuss how security teams can frame the problem and what can be done to get a handle on the ever-growing attack surface of enterprises!
Jonathan Cran –
Founder & CEO at Intrigue.io
Having provided penetration testing and security assessment services for the world’s largest organizations and government agencies, Jonathan’s extensive background includes experience as an executive, consultant, engineer, developer, investor, and researcher.
While working in foundational leadership roles at at Rapid7, Bugcrowd, and Kenna Security, Jonathan, also known as “Jcran” was the driving force behind the success of multiple industry-leading security technologies, standards and frameworks. Jonathan is also the inventor and owner of multiple security assessment patents, and is the originator of the Intrigue Core open source collection engine.
He is a member of a number of technology and security groups, including Exploit Prediction Scoring System (EPSS) Working Group , Cyber Policy Working Group (CFAA) and Austin Hackers (AHA). A frequent speaker at industry conferences, including Black Hat, RSA, Derbycon, Security BSides and DEFCON, Jonathan has also been quoted, and publicly recognized in numerous publications and is recognized as an information security trailblazer.
Adrian Sanabria –
Senior Research Engineer at CyberRisk Alliance
Paul Asadoorian –
Founder at Security Weekly
Tyler Shields –
CMO at JupiterOne
3. The Cyber Defense Matrix, the DIE Triad, and Cybersecurity Startups – 01:30 PM-02:00 PM
If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!
The Cyber Defense Matrix is a framework to help systematically organize they many things that we buy and do in cybersecurity. The DIE Triad offers a new way of thinking about resiliency, how we secure the future, and what startups should focus on to help us get there.
Sounil Yu –
CISO-in-Residence at YL Ventures
Sounil Yu is the CISO-in-Residence at YL Ventures, leveraging 30+ years of experience to support due diligence, vet entrepreneurs, and evaluate startup ideas. Sounil proactively supports the ideation processes of aspiring entrepreneurs and advises them on greenfield opportunities in cybersecurity. Previously, Sounil was the Chief Security Scientist at Bank of America. He created the Cyber Defense Matrix and the D.I.E. Triad, which are reshaping approaches to cybersecurity. He’s a Board Member of the FAIR Institute and SCVX; co-chairs Art into Science: A Conference on Defense; is a visiting fellow at GMU Scalia Law School’s National Security Institute; and advises many startups.