esw219

Enterprise Security Weekly Episode #219 – March 10, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Using Computer Vision to Combat Phishing – 01:00 PM-01:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/Pixm for more information!

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

Email security and phishing protection has many gaps that are exploited by attackers. Learn how computer vision can help prevent malicious URLs and websites from doing bad things to your users.

Threat Report: https://pixm.net/wp-content/uploads/2021/03/Pixm-Q4-2020-Threat-Report.pdf

This segment is sponsored by Pixm.

Visit https://securityweekly.com/Pixm to learn more about them!

Guest(s)

Chris Cleveland

Chris Cleveland – CEO at Pixm

Chris is the Founder and CEO of Pixm, a company that makes AI software to stop phishing breaches and make the web more trustworthy. He started Pixm while a graduate student at Columbia studying machine learning, after he won a pitch contest and a ticket to Blackhat. He started his career getting his thesis published and working in Princeton’s physics department, where he earned his bachelors. He likes travel, audiobooks, and movie soundtracks.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

2. Attack Surface Management, Monitoring, & Mapping – 01:30 PM-02:00 PM

Announcements

Description

The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.

https://github.com/OWASP/Amass

https://owasp.org/www-project-amass/

https://vimeo.com/481985359

Guest(s)

Jeff Foley

Jeff Foley – Project Leader at OWASP

@jeff_foley

Jeff Foley’s industry experience has been focused on information security research & development in order to build and assess next generation solutions. He is the Project Leader for Amass, an OWASP (Open Web Application Security Project) Foundation flagship project that performs in-depth attack surface mapping and asset discovery. Jeff is an Adjunct Professor teaching Penetration Testing at the SUNY (State University of New York) Polytechnic Institute and a Principal Consultant at ClaritySec, Inc. Previously, he was the US Manager for Penetration Testing & Red Teaming at National Grid, a multinational electricity and gas utility company. Prior to this, Jeff served as a Principal Investigator of offensive cyber warfare research & development at Northrop Grumman Corporation, an American global aerospace and defense technology company. In his spare time, Jeff enjoys experimenting with new blends of coffee, automating security tasks, and giving back to the information security community.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

3. CrowdStrike Falcon, Gigamon Hawk, Awake’s NDR, & Acquisitions – 02:00 PM-02:30 PM

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

Description

This Week, In the Enterprise Security News:

Okta acquires Auth0, KnowBe4 Acquires MediaPRO, PayPal to acquire Curv, and Dropbox to acquire DocSend

Aqua Security raises $135M, Privacera Secures a Series B, YL Ventures sells its stake in Axonius, Snyk Secures a Series E, and McAfee sells its Enterprise business

AWS Announces New Lower Cost Storage, Radware’s New Integrated Application Delivery & Protection, Bitdefender launches new Cloud-based EDR Solution, Awake’s NDR platform, CrowdStrike Falcon enhancements improve SOC efficiency, Tufin releases Vulnerability-Based Change Automation App, Gigamon launches Hawk, Sonatype Releases New Nexus Firewall Policy to Secure Software Supply Chains, & more!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

  1. Address cybersecurity challenges before rolling out robotic process automation – TechCrunch – RPA is a huge growing market and it has nothing to do with robotics. Imagine if Amazon’s returns processes were 100% automated (they might be, I’m not sure). Now imagine someone modifies that process to give everyone double their money back. I’m not sure if that’s a realistic scenario, but the prediction here is that we’ll be seeing a lot of RPA-related breaches before folks get the security right.
  2. ACQUISITION – Dropbox to acquire secure document sharing startup DocSend for $165M – TechCrunch – Looks like an attempt for Dropbox to compete more closely with Box? And also to maybe convince some Accellion customers to come into the 21st century?
  3. Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait… – Whether the SOC is evidence of product failure or a necessary investment is a favorite rant of mine. And Anton is one of my favorite people to have the debate with :)
  4. FUNDING – Privacera Secures $50 Million Series B – Advances Cloud-First Data Governance and Security Across Global Organizations – “Single pane of glass for multi-cloud data security”. That’s a huge Series B though.
  5. EXIT – YL Ventures sells its stake in cybersecurity unicorn Axonius for $270M – TechCrunch – YL has been consistently killing it. The original VC idea was to bet on at least one massive startup win for every 10-20 failures or mediocre returns. Very much a gamble. YL, a totally cybersecurity-focused, early stage VC has mastered the art of solid and steady returns for nearly every one of their investments. $270m is HUGE though, considering this is just one of their portfolio companies from their third fund, which was only a $75m fund. And there are six more portfolio companies from that fund that haven’t exited yet! I could definitely see Orca, Vulcan and Hunters bringing in respectable exits as well.
  6. ACQUISITION – PayPal to acquire cryptocurrency security startup Curv – TechCrunch – Curv is an interesting one. It’s like a cryptocurrency wallet for organizations that manage large amounts of the stuff. They allow users to create policies around when crypto funds can be transferred, how and how much. Very niche and specific, but very much needed in a market where so much cryptocurrency has been stolen from both individuals and exchanges, it’s a bit embarrassing.
  7. MERGER – Okta + Auth0: Powering Identity for the Internet – $6.5bn is a lot for a company that has nearly 100% product/feature overlap. Tyler says it’s not a logo buy, but I think that might be part of it. The other part, I think, is that although there’s a lot of overlap, Okta is strong where Auth0 is weak and vice versa. Still seems a lot like a T-Mobile + Sprint merger to me though.
PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

  1. AWS Announces New Lower Cost Storage Classes for Amazon Elastic File System – “One Zone storage classes provide single Availability Zone (AZ) storage at a 47% lower cost than existing multi-AZ storage classes”
  2. Radware’s New Integrated Application Delivery & Protection – “Alteon’s new Integrated Application Protection includes a Web Application Firewall (WAF) to protect from web-based attacks, Bot Manager to block malicious automated threats, and Application Programming Interface (API) protection to secure APIs and provide full visibility on API targeted threats.”
  3. Bitdefender launches new Cloud-based EDR Solution – “The new EDR package is resource-light and fully cloud-delivered for easy deployment and management and runs alongside third-party prevention technologies. Unique in the EDR space, it combines endpoint telemetry and human risk analytics with advanced threat detection capabilities. “
  4. Control web applications with two-clicks in Cloudflare Gateway – “We built Gateway to help customers replace the pain of backhauling user traffic through centralized firewalls. With Gateway, users instead connect to one of Cloudflare’s data centers in 200 cities around the world where our network can apply consistent security policies for all of their Internet traffic.”
  5. Blumira and Cerium Networks simplify threat detection and response – “Blumira’s modern, cloud-based SIEM (security information and event management) platform enables businesses, often with limited security resources or expertise, to seamlessly detect, investigate and respond to ransomware, misconfigurations and unknown security threats faster and earlier.”
  6. Unbound Security CORE enables enterprises to reimagine cryptographic infrastructure security – “Unbound Security unveiled Unbound Security CORE (Cryptographic Orchestration Reimagined for Enterprise), a new all-encompassing platform that enables businesses to manage all cryptographic keys from multiple environments in one single place.”
  7. Attivo offers solution for preventing the misuse of Active Directory – We covered this last week, it’s still getting some attention…
  8. Awake’s NDR platform strengthens cybersecurity across cloud, hybrid and IoT environments – Lots of words, still I can’t seem to understand the announcement or the value: “Awake’s NDR platform is a key pillar of Arista’s vision for zero trust security. With a new network-based multi-domain macro-segmentation service, situational awareness for all network resources and Awake’s NDR, Arista is transforming network security from an afterthought to networks that are inherently secure.”
  9. CrowdStrike Falcon platform enhancements improve SOC efficiency – Workflow stuff: “Customers can streamline their SOC operations with the new CrowdStrike Falcon notification workflows that provide automated real-time notifications tailored to specific types of events, conditions and cloud security posture findings and then be seamlessly delivered via email, generic webhooks or through Slack and PagerDuty integrations.”
  10. Strata Maverics Identity Orchestrator extends Azure AD control to on-premise applications – “Strata announced at Microsoft Ignite that its Maverics Identity Orchestrator platform for Microsoft Azure Active Directory (Azure AD) enables organizations to migrate applications to the Cloud without rewriting them so identity can be centrally managed by Azure AD.”
  11. Tufin releases Vulnerability-Based Change Automation App – This sounds cool though: “The VCA addresses this problem by automatically retrieving data from an organization’s vulnerability scanner and reflecting the results in the risk assessment step of an access request workflow.”
  12. McAfee sells its Enterprise business for $4 billion – “McAfee announced it has entered into a definitive agreement to sell its Enterprise business to a consortium led by Symphony Technology Group (STG) in an all-cash transaction for $4.0 billion.”
  13. LastPass Now Offers the Flexibility to Authenticate With SMS Passcode, Voice Call or YubiKey – “For business users, SMS passcodes and voice call authentication will offer flexibility for employees who may not be able to utilize their cell phones during the day. With these authentication methods, employees can set up a landline or desk phone as their secondary authentication method to ensure secure access. In the circumstance that a mobile phone is lost, employees can set up an alternative phone to provide authentication, so they are never locked out of their account. In addition to supporting these methods for the LastPass vault, LastPass now also supports voice call, SMS passcodes and YubiKey when authenticating into single sign-on applications. “
  14. Gigamon launches Hawk, partners with AWS to simplify and secure cloud adoption – “To close this critical cloud visibility gap, Gigamon is launching Hawk, the industry’s first elastic visibility and analytics fabric for all data-in-motion across any cloud network.”
  15. Sonatype Releases New Nexus Firewall Policy to Secure Software Supply Chains from “Dependency Confusion” Attacks – “Development pipelines confusing your own proprietary software components with public components in open source registries, having the same name but a completely different author, is extremely dangerous. Considering malicious code from counterfeit public components can be executed upon installation, it becomes clear the need to block such components as early as possible.”
  16. ACQUISITION – Okta acquires Auth0 for $6.5 billion
  17. ACQUISITION – KnowBe4 Acquires MediaPRO, Expanding its Presence in the Security Awareness Training Market
  18. FUNDING – Aqua Security protects containerized apps and infrastructure, raises $135M
TylerShields

Tyler Shields

@txs

CMO at JupiterOne

  1. FUNDING – Snyk Advances Developer-First Security with Series E Investment
  2. ACQUISITION – KnowBe4 Buys Competitor MediaPRO
  3. McAfee to Sell Enterprise Business to Equity Firm STG for $4B
  4. YL Ventures sells its stake in cybersecurity unicorn Axonius for $270M – TechCrunch
  5. Okta to Buy Rival Auth0
  6. Okta acquires cloud identity startup Auth0 for $6.5B – TechCrunch
  7. Aqua Security raises $135M at a $1B valuation for its cloud native security service – TechCrunch