esw221

Enterprise Security Weekly Episode #221 – March 24, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Platform Security – PaaS & Hosting – 01:00 PM-01:30 PM

Announcements

Description

– What security features does Heroku offer that the customer can control and how have these evolved over time?
– How do you balance the security of the application, with the security of the deployment, with the security of the platform?
– What are some tips and/or advice for deploying applications and keeping them secure during the lifecycle? (e.g. as a developer I may run applications in a secure environment, but then down the line someone runs my container with —privileged and exposes a security hole).

The goal being our audience learns what to consider when choosing a platform (or platforms) to run applications from a security perspective.

Guest(s)

Trey Ford

Trey Ford – VP Platform Strategy and Trust at Salesforce

@treyford

Transformational leader at the intersection of cybersecurity and strategy.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

2. “Jump-Start Your SOC Analyst Career” – 01:30 PM-02:00 PM

Announcements

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

Description

Jarrett Rodrick and Tyler Wall’s new book, “Jump-start Your SOC Analyst Career,” is meant to serve as a roadmap for those who wish to take their first steps into cyber security/SOC analyst. We discuss topics like introduction to investigative theory, prerequisite skill requirements, and cloud security monitoring. We included stories from real SOC analyst contributors to help the reader understand what challenges might lie before them.

The book is available on Amazon:

https://www.amazon.com/Jump-start-Your-Analyst-Career-Cybersecurity/dp/1484269039

Guest(s)

Jarrett Rodrick

Jarrett Rodrick – Senior Information Security Analyst at VMware

Jarrett Rodrick is the SOC Team Lead and Senior Information Security Analyst for VMware, the global leader in visualization technology. He’s a retired Cyber Network Defender and Cyber Warfare Specialist from the US Army and has over 8 years of Defensive Cyber Operations experience working with the Army’s Cyber Protection Brigade. Jarrett’s time with the Cyber Protection Brigade has provided him with the skills needed to fight in today’s cyberwar. Jarrett’s cybersecurity certifications include GSEC, GCED,
GCIH, GCIA, GCFE, GCFA, GSNA, GRID, GCUX, and GSTRT. Jarrett lives in Melissa, TX, with his wife and family and enjoys researching new and innovative technologies.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

3. Axis Security, Qualys, VMware, NFTs, & Linksys/Fortinet – 02:00 PM-02:30 PM

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

This week in the Enterprise News, Funding announcements from Security Scorecard, Secureframe, Axis Security, Orca, Cylera, and Vulcan Cyber. A non-funding announcement from Thinkst. Fortinet aquires ShieldX, VMware acquires Mesh7 and Copado aquires New Context. Knowbe4 files for IPO. Exabeam Launches First-ever Comprehensive Use Case Coverage, Linksys and Fortinet form an interesting partnership, Sonatype targets a more secure software supply chain with a 5-part announcement, CTO.ai Launches Serverless Kubernetes Platform and more!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

  1. FUNDING – SecurityScorecard snags $180M Series E to measure a company’s security risk – TechCrunch – I don’t want to say too much, because we’ll be reviewing the products in this space in a few months, but the entire value prop is a bit hard to swallow here. Can you glean some useful information from observing a company from the outside? Absolutely. Can that information be used to make a conclusion about the risk of doing business with that company? That’s the $290m question, I guess. SecurityScorecard takes a swift kick at Solarwinds while they’re down, but I wonder what a more comprehensive look at scores when companies were breached looks like. How many of Solarwinds’ own third-party vendors have a score as low as Solarwinds’ or lower? What I really worry about is these scorecard companies creating a compliance-like distraction away from a focus on improving security. Put another way, does an “A” from Security Scorecard really mean better security than someone with a B or a C?
  2. FUNDING – Secureframe raises $18M Series A to simplify cybersecurity compliance – TechCrunch – Helping orgs comply with SOC2 and ISO27k is about as far from sexy as you can get. That said, there’s no mention of blockchain, NFTs, AI/ML, ZeroTrust or next-gen. Secureframe is aiming to make a hugely painful process easier and that’s never a bad formula for a solid business model.
  3. FUNDING – Israeli-Founded Cyber Startup Axis Security Raises $50M – Some more money in the SASE pot. The Zero Trust dollars continue to flow!
  4. NON-FUNDING – Thinkst – We bootstrapped to $11 million in ARR – I LOVE the idea of a “non-funding announcement” to go after that signal that’s typically reserved for those that make funding announcements. Funding announcements are no-brainer announcements that are a key part of how we follow a company’s progress, even though we know from experience that it isn’t necessarily a sign of success. In fact, as the amounts get bigger and closer to Series D and beyond, if there aren’t clear signs of an exit, it tends to turn into less and less of a positive signal. Especially 24 months+ after the last raise. But what are the positive signals for bootstrapped companies? How do we know what they’re doing? If they’re growing? I hope more bootstrappers take a page from Thinkst’s strategy here and create their own milestones to publicly celebrate. It’s not only important for employees and morale, but to signal to the outside world that things are going well. It creates customer confidence and naturally, should come around full circle to help sales and growth!
  5. ACQUISITION – Fortinet Acquires Cloud And Network Security Startup ShieldX – A microsegmentation play aiming to strengthen Fortinet’s Zero Trust muscles. Deal value wasn’t shared. They’ve raised $34m to date, but haven’t raised in a good long while (over 3 years). I suspect they’ve been struggling to both raise another round and gain some sales traction. Combined with the fact that Fortinet isn’t sharing the deal value, my guess is gonna be that the VCs didn’t get a 20x return on this one. Looking at comps, Palo Alto (who typically do generous deals) paid $150m on $34.5m raised (4.4x) for Aporeto, Zscaler paid $31m on $18m raised for Edgewise (1.7x), and FireEye paid $13.5m for Cloudvisory. It’s really making me wonder how Illumio is doing (Series E, raised $332.5m to date). It’s interesting tech for sure, but clearly a hard sell in the current market.
  6. IPO – Cybersecurity training platform KnowBe4 files for a $100 million IPO – No secret S-1 here, you can go check it out now!
  7. TRENDS – US Gov offering buybacks on Chinese telco equipment – The FCC outlines its rules to incentivize US organizations to stop using ZTE and Huawei gear through their “Secure
    and Trusted Communications Networks Reimbursement Program”. Apparently they want to update the vendor list that qualifies for this, but ZTE and Huawei are the two mentioned in this filing.
  8. TRENDS – Google ditching cookies in Chrome to improve privacy – The general idea here (if I’m understanding it correctly) is that websites will be able to advertise to groups of individuals with similar preferences. The individuals within these groups will (in theory) have anonymity. I’ve spoken to a few folks about it though and it seems there are a lot more details here that aren’t clear cut – some “you’ll have to trust us on this bit” stuff.
  9. TRENDS – US privacy, consumer, competition and civil rights groups urge ban on ‘surveillance advertising’ – TechCrunch – Looks like Big Tech is set to have Yet Another Chat with Congress tomorrow. This time, it’s over “Surveillance Advertising”, which is excellent branding if you want to shame Big Tech over their practices. Unless you’re also an organization that regularly oversteps when it comes to surveillance… Hmmm, awkward. The open letter to Congress and Big Tech mostly focuses on the tangible harm social media has caused by taking a traditionally hands-off approach to some pretty vile content. Content that can be precisely targeted using social media’s ad machines. https://uploads-ssl.webflow.com/6037bac32729e03c425791a6/605789d32e8de8a73441e1a7_Coalition%20Letter.pdf
  10. TRENDS – NFTs could bridge video games and the fashion industry – TechCrunch – Cybercrime follows the money. The super-quick rise in NFT value means they’re probably already looking for ways to profit off it.
  11. OPEN SOURCE TOOLS – ConsoleMe: A Central Control Plane for AWS Permissions and Access – Another interesting open-source tool, courtesy of Netflix. It appears to be a front-end for managing AWS IAM roles and permissions, but not just for admins. Looks like this aims to be user-facing as well, for self-service use cases.
PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

  1. Exabeam Launches First-ever Comprehensive Use Case Coverage for Successful Outcome-based Security – “The new Threat Detection, Investigation & Response (TDIR) use case packages provide a powerful, prescriptive solution to help security operations centers (SOCs) improve workflows from collection to detection, investigation and response using an outcome-based approach. Generally available in Q2 2021, the TDIR packages address the complete lifecycle of security operations (SecOps) workflows with end-to-end content that includes prescribed data sources, detection models, watchlists, investigation checklists and response playbooks to assist analysts with repeatedly delivering successful outcomes.”
  2. Qualys Announces Resignation of CEO Philippe Courtot – Please give our regards to Philippe, his family and everyone at Qualys.
  3. Linksys and Fortinet offer connectivity and security for home networks – This is really interesting: “As part of the alliance, Fortinet has made a strategic investment of $75M in Linksys, which provides leading and next-generation router connectivity solutions to consumers and businesses worldwide. In addition, Fortinet will appoint a representative to the Linksys Board of Directors.”
  4. FUNDING – Cloud Security Company Orca Raises $210 Million at $1.2 Billion Valuation
  5. Stellar Cyber’s Open XDR Eases Big Cybersecurity Data Storage Woes – Is scaling storage really the big problem with SIEM and XDR? “Stellar Cyber, the innovator of Open XDR, the only intelligent, next-gen security operations platform, announced today that its open and highly flexible approach to the long-term storage of large volumes of security data eases concerns about storage complexity and costs seen in legacy SIEMs or some proprietary XDR solutions used by security operations centers.”
  6. ACQUISITION – VMware to Help Customers Make Modern Apps More Secure with Intent to Acquire Mesh7 – So many words: “Mesh7 has developed a contextual API behavior security solution based on Envoy that better protects modern cloud-native applications. Mesh7 technology helps customers improve application resiliency and reliability and reduce blind spots through the integration of deep Layer 7 insights with cloud, host, and reputation data. The Mesh7 solution empowers development, security, and operations leaders to address observability, security, and compliance for cloud-native, API-based, and other distributed applications.” What does it all mean?
  7. ACQUISITION – Copado acquires New Context to embrace multicloud DevSecOps – Does it have to my multi-cloud? “Today’s data doesn’t live in any one cloud or enterprise platform,” Leigh said. “To unlock the full potential of business data, the enterprise has to develop software that is multicloud. Today we have several customers orchestrating their multicloud software development practices through Copado. The New Context acquisition allows Copado to double down on that capability by adding their multicloud DevSecOps experience in products and services.”
  8. FUNDING – Healthcare IoT Security Firm Cylera Closes $10 Million Series A Round
  9. Cryptocurrency Security Startup Fireblocks Hopes to Bring Blockchain to the World’s Biggest Banks – Jewish Business News
  10. Cybersixgill Brings Their Industry Leading, Automated Threat Intelligence to the Swimlane Platform
  11. Sonatype targets a more secure software supply chain – “There are five parts to the Sonatype announcement. This includes the Muse acquisition, three product updates and support for the Nexus community. “
  12. Israeli Industrial Cybersecurity Company SCADAfence Protects Companies On Line – “If you ever watched a show like 24, then you know that a terrorist attack done by way of hacking into a public utility’s systems is one of the scariest threats to public safety. Imagine someone getting control over a power plant, or many power plants, and shutting down a whole region’s power supply. Now imagine it happening to an entire country or continent.”
  13. FUNDING – Vulcan Cyber raises $21M Series B for its risk-based vulnerability remediation platform
  14. SecurityScorecard Raises $180 Million in Series E Financing Round to Make Security Ratings Mainstream
  15. ACQUISITION – Fortinet Acquires Cloud And Network Security Startup ShieldX
  16. CTO.ai Launches Serverless Kubernetes Platform – “This powerful, yet easy-to-use, platform makes product delivery teams more efficient and eliminates the complexity experienced by developers when applications are deployed on top of a self-managed Kubernetes cluster. The CTO.ai platform was created to address the estimated $300 billion* lost in developer productivity every year, much of which comes from complex modern cloud tooling.”
  17. StackPulse Releases Free Edition of Reliability Platform – “With StackPulse, teams can apply DevOps and Site Reliability Engineering principles to the on-call process of identifying, responding to, and resolving service incidents and outages. Unlike traditional IT tools used for this purpose, StackPulse lets teams do away with complex paging rules or documented runbooks of steps to execute – and instead express operational processes as executable code”
TylerShields

Tyler Shields

@txs

CMO at JupiterOne