esw220

Enterprise Security Weekly Episode #220 – March 17, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Investing In Cybersecurity – 01:00 PM-01:30 PM

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

Description

Ron joins us to cover various aspects of investing, including how to give the right pitch, what enterprises should be looking for in new technologies, are you 5% or amazing tech? Ron is also championing a new concept called data care and has launched his own podcast, Gula Tech Cyberfiction, in addition to some outstanding cybersecurity grants.

Gula Tech Foundation Grant Program – Data Care: https://www.gula.tech/foundation/

Gula Tech Non-Profits: https://www.gula.tech/projects/

Guest(s)

Ron Gula

Ron Gula – President at Gula Tech Adventures

@rongula

Ron is President at Gula Tech Adventures which focuses on cyber technology, cyber policy and recruiting more people to the cyber workforce. Since 2017, GTA has invested in dozens of cyber start-ups and funds and supported multiple cyber nonprofits and projects. From 2002 to 2016, Ron was the co-founder and CEO of Tenable Network Security. He helped grow the company to 20,000 customers, raise $300m in venture capital and grow revenues to $100m, setting up the company for an IPO in 2018. Prior to Tenable, Ron was a cyber industry pioneer and developed one of the first commercial network intrusion detection systems called Dragon, ran risk mitigation for the first cloud company, was deploying network honeypots in the mid 90s for the DOD and was a penetration tester for the NSA and got to participate in some of the nation’s first cyber exercises. Ron is involved in a variety of cyber nonprofits and think tanks including Defending Digital Campaigns, the Center for Internet Security, the National Security Institute and the Wilson Center. In 2020, Ron was honored to receive the Northern Virginia Technology Council Cyber Investor of the Year award and the Baltimore Business Journal Power 10 CEO award.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

2. ARM Support, Cyber “SPAC”, Cyber Fusion, Docker, & Beer Outage – 01:30 PM-02:00 PM

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Our next live webcast will be on April 29th at 11am ET where you will learn how to prepare for modern ransomware attacks! Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

Description

This week in the Enterprise Security News: funding announcements from Coalition, HeraSoft, Cowbell Cyber, Argon, Cynet, Docker, and Cyware. Sonatype Acquires MuseDev, Sumologic Acquires DF Labs, Acronis acquires Synapsys, Lookout grabs CipherCloud and a cybersecurity SPAC. Kasada announces some new features to its bot detection offering, Rapid7 introduces an agent for CloudFront, Aqua supports ARM, and Chris Roberts joins Cynet, & more!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

  1. MOVES – Cynet’s Newly Appointed Chief Security Strategist, Chris Roberts, to Launch a CISO Community and CISO Challenge for 2021
  2. MOVES – John Kindervag, Creator of Zero Trust, joins MSSP ON2IT – Kindervag, an ex-Forrester analyst best known for coining the Zero Trust phrase and philosophy has left Palo Alto Networks for a Zero Trust-focused MSSP firm.
  3. FUNDING – Rumble Raises $5m in VC Funding to Solve the Network and Asset Discovery Challenge
  4. FUNDING – Cloud cybersecurity startup Lumu raises a $7.5 million Series A – TechCrunch
  5. FUNDING – HeraSoft Looks To Stop Ransomware Attacks After $5M Series A
  6. FUNDING – Announcing our Series B Funding of $50M – Privacera
  7. FUNDING – Cynet Raises $40 Million Series C Funding Round to Bring the First Autonomous XDR Platform to Organizations of all Sizes
  8. FUNDING – Pathlock Secures $20 Million Strategic Growth Investment; Announces Rebrand from Greenlight Technologies
  9. MOAR FUNDING – Amid the Rapidly Evolving Privacy Landscape, DataGrail Raises $30 Million Led by Felicis Ventures to Advance Brand Trust and Transparency
  10. EVEN MORE FUNDING – Tausight Closes $20 Million Series A Financing to Discover and Help Secure Protected Health Information (PHI)
  11. WHERE IS ALL THIS MONEY COMING FROM – Corvus Insurance raises $100 million, aims to broaden business, cyber insurance reach, AI platform
  12. SERIOUSLY THIS IS INSANE – Aqua Security Announces $135 Million in Series E Funding at a $1 Billion Valuation
  13. FUNDING – Snyk Advances Developer-First Security with Series E Investment
  14. ACQUISITION – Datto Acquires Cyber Threat Detection Company BitDam
  15. ACQUISITION/PRE-IPO – IronNet Cybersecurity to go public in SPAC merger deal valued at $1.2 billion – Baltimore Business Journal
  16. ACQUISITION – Sumo Logic Signs Definitive Agreement to Acquire SOAR Provider DFLabs
  17. ACQUISITION – Lookout Acquires CipherCloud to Deliver Security from Endpoint to Cloud
  18. John Kindervag, Creator of Zero Trust, joins MSSP ON2IT – ON2IT
  19. FUNDING – LoginID Raises $6 Million in Seed Funding Round from Notable Fintech Investors
  20. FUNDING – A unicorn on steroids: Wiz raises $130 million series B to reach $1.7 valuation a year after its launch
  21. FUNDING – Vulcan Cyber raises $21M Series B for its risk-based vulnerability remediation platform – TechCrunch
  22. List of funding announcements (Google Sheet) – There were so many funding announcements, I HAD to toss them into a spreadsheet!
PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

  1. FUNDING – Coalition Raises $175M to Build the Future of Commercial Insurance – “Coalition, the leading cyber insurance and security company, today announced it has raised $175 million to accelerate its rapid growth and global expansion. Index Ventures led the funding with participation from General Atlantic and the company’s existing investors, valuing Coalition at $1.75 billion. “
  2. FUNDING – HeraSoft Looks To Stop Ransomware Attacks After $5M Series A – “Bartlesville, Oklahoma-based HeraSoft announced a $5 million Series A led by United Capital Management of Kansas. The company has developed a public protocol index layer that protects organizations from ransomware and other cyberattacks. The platform is anchored to Bitcoin and can help provide both data and application security”
  3. FUNDING – $20M Raised by AI-powered Cyber Insurance Innovator Cowbell Cyber – “Cowbell Cyber, the industry’s first AI-powered cyber insurance provider for small to medium enterprises (SMEs), today announced that it has closed $20 Million in Series A funding to scale its game-changing offering for continuous underwriting and closed-loop risk management.”
  4. STARTUP – Argon Exits Stealth Mode to Launch the First Unified Security Solution Protecting the Integrity of the DevOps pipeline – “Argon seamlessly connects to the existing CI/CD pipelines via an agentless implementation and instantly maps the development environment, assets, and user activities. The solution prioritizes and automates remediation of alerts according to security best practices and compliance rules, ensuring zero trust deployment. Argon’s code-tampering detection technology performs validity checks on every step of the CI/CD process to confirm no tampering has occurred.”
  5. Kasada Redefines Bot Mitigation with New Defenses Against Evolving Tactics – “A 15x increase in client interrogation sensors, ensuring the stealthiest automation tools are detected, New proprietary obfuscation, which deters reverse engineering attempts, making it extremely difficult and expensive for attackers to retool, An enhanced cryptographic challenge, wrecking the ROI of bot operations and helping to eliminate the need for CAPTCHAs”
  6. FUNDING – Autonomous breach protection startup Cynet raises $40M – “Cynet XDR, the company’s cross-layered detection and response offering, uses next-generation access control, EDR, network detection and response, user and entity behavior analytics and deception technologies with completely automated attack investigation and remediation on a single, intuitive platform. The service is backed by a 24/7 managed detection and response service.”
  7. ACQUISITION – Lookout Buys CipherCloud – “The acquisition broadens the Lookout product portfolio as well as its community of customers and partners including carrier, cloud, channel, distributor and managed security service providers (MSSP). As a part of the deal, CipherCloud will operate under Lookout brand and leadership.”
  8. IPO – Cybersecurity provider IronNet to go public by merging with blank-check company – Cyber SPAC? “IronNet’s software harnesses machine learning to detect malicious activity in companies’ systems. It can find threats in public cloud environments, as well as other parts of the corporate network, and provide an organization’s cybersecurity teams with data on each issue in a visual dashboard.”
  9. Rapid7 : Announces Release of New tCell Amazon CloudFront Agent – “To help with this problem, we are excited to announce tCell’s CloudFront agent, which leverages Lambda@Edge to help push security closer to the ‘edge’ without requiring any code changes to your applications. Now, you can integrate directly with Amazon CloudFront, AWS’ native CDN, using Lambda@Edge to monitor inbound and outbound traffic with minimal performance impact and without requiring your traffic to go somewhere else for inspection.”
  10. Cynet’s Newly Appointed Chief Security Strategist, Chris Roberts – “Cynet announced that Chris Roberts, a recognized cybersecurity researcher and newly appointed Chief Security Strategist for Cynet will launch a new CISO community specifically designed to help cybersecurity firms.”
  11. FUNDING – Docker Raises $23 Million in Series B Funding – “In the past year, applications have become paramount to not only all modern businesses but also as the primary means to connect society, all of which has greatly accelerated the need for developer velocity,” said Scott Johnston, CEO of Docker. “This new investment, combined with our user and ARR growth momentum, validates Docker’s mission of helping developers and development teams bring their ideas to life by conquering the complexity of app development.”
  12. FUNDING – Cyware Raises $30M in Series B Funding – “Cyware, a NYC-based Virtual Cyber Fusion platform provider, raised $30m in Series B funding.” Messaging on: “Cyber Fusion. Next-generation SOAR and Threat Intelligence Solved. Cyware is the only company building Virtual Cyber Fusion Centers enabling end-to-end threat intelligence automation, sharing, and unprecedented threat response for organizations globally.”
  13. ACQUISITION – Sonatype Acquires MuseDev – “MuseDev’s core offering automatically analyzes and provides uniquely accurate feedback on each developer pull request, making it easy to find and fix critical security, performance, and reliability bugs during code review.”
  14. Kaspersky launches Threat Hunting Services enabling timely detection of adversarial activity – “The service integrates several components. Kaspersky products send their telemetry to the Kaspersky Security Network1 and this telemetry is then analyzed in the internal Kaspersky Security Operations Center using more than 700 constantly updated proprietary TTP-based ‘hunts’2 tailored to the customer’s environment along with various detection engines. Since alerts are collected from all endpoints, this allows the system to detect links of one attack chain on various machines. All detections are further validated and prioritized by Kaspersky’s threat hunting team to ensure a timely response.”
  15. ACQUISITION – Sumo Logic acquires DFLabs to combat modern threat challenges – Help Net Security – “Sumo Logic announced that it has entered into an agreement to acquire DFLabs. The acquisition will extend Sumo Logic’s cloud-native SIEM solution to help reduce or eliminate tedious and error-prone manual tasks and empower SOC teams to accelerate threat detection, analysis, incident response and forensic investigations.”
  16. Accurics unveils channel program for partners who share a developer-first approach to cloud security – Help Net Security – “As new cloud native technologies accelerate innovation, bringing both benefits and risk, the Accurics channel program empowers partner organizations to help clients codify security throughout the development lifecycle, facilitating self-healing cloud native infrastructure and ensuring end-to-end security in all cloud applications.”
  17. ACQUISITION – Acronis acquires Synapsys – “Synapsys is a channel-centric group of companies that delivers Acronis Cyber Protection Solutions to thousands of customers through a network of sub-distributors, resellers, and managed service providers (MSPs) in South Africa and across the continent.”
  18. Aqua Security cloud native security platform protects high-density workloads on Arm-based infrastructure – Help Net Security – “This enables Aqua customers to take advantage of the high density and cost-effectiveness provided by Arm-powered hosts and devices across cloud infrastructure, edge and IoT platforms, including the new AWS Graviton2 instances from Amazon Web Services (AWS).”
TylerShields

Tyler Shields

@txs

CMO at JupiterOne

  1. Rumble raises $5m in VC funding to solve the network and asset discovery challenge
  2. IronNet Cybersecurity to Go Public in Merger
  3. Cyware Closes $30M Series B Just 7 Months After A Round
  4. Molson Coors Beer Operations Halted by Hack
  5. Airtable eyes $5 billion valuation in new funding round -sources
  6. Lookout Acquires SASE Cloud Provider CipherCloud
  7. Tetrate, Started by Istio Founders, Raises $40 Million to Help Enterprises With Cloud-Native Application Networking Platform
  8. Corvus Insurance Raises $100M As Cyber Attacks Increase

3. Attack Surface – What are we Missing? – 02:00 PM-02:30 PM

Announcements

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

Description

Ilia Kolochenko, founder of ImmuniWeb, joins Paul and Adrian to discuss the challenge of discovering and handling exposed data and vulnerabilities before the bad guys do.

Guest(s)

Ilia Kolochenko

Ilia Kolochenko – Chief Architect at ImmuniWeb

https://www.linkedin.com/in/kolochenko/

Ilia is the founder and Chief Architect at ImmuniWeb, a global application security company serving large customers from regulated industries in over 50 countries. He started his career as a penetration tester and has 15 years of security auditing and digital forensics practice. Today, Ilia drives continuous product improvement and leads data scientists, security analysts and software engineers at ImmuniWeb. Ilia holds a Bachelor degree in Computer Science and Mathematics, a Master of Legal Studies from Washington University in St. Louis and a Master of Science in Criminal Justice (Cybercrime Investigation) from Boston University. He is currently a Doctoral student (Ph.D. in Cybersecurity Leadership) at Capitol Technology University. Ilia Kolochenko is a Member of Europol Data Protection Experts Network (EDEN), GIAC Advisory Board Member and a Committee Member at Boston University MET CIC (Cybercrime Investigation & Cybersecurity) Center. Ilia is a CIPP/US, CIPP/E and GLEG certified professional.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly