esw225

Enterprise Security Weekly Episode #225 – April 28, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Collaboration Rules! Challenging Transparency in Modern App Sec – 01:00 PM-01:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/detectify for more information!

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!

  • Our next technical training will be on May 6th at 11am ET exploring common misconfigurations of NGINX, the damage they could do, and how to avoid them! Next up, see how attackers gain access to endpoints and learn defensive strategies to protect against those attacks in our May 13th technical training also at 11am ET! Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

Description

Rickard Carlsson, CEO at Detectify, joins us to talk about collaboration as the modern approach application security. During the discussion, we’ll cover:

– why organizations should challenge transparency and open up their security practices and information internally,
– how to approach security as a collaborative effort (with some real-life examples),
– and Detectify’s vision of building a hub where security information and research is shared across the globe.

Segment Resources:
We recently published the ebook “A guide to modern web application security” for SaaS and tech organizations looking to bring their security up to speed with development. Download it here: https://blog.detectify.com/2021/04/09/modern-application-security-requires-speed-scale-and-collaboration/

This segment is sponsored by Detectify.

Visit https://securityweekly.com/detectify to learn more about them!

Guest(s)

Rickard Carlsson

Rickard Carlsson – Co-founder & CEO at Detectify

Detectify is led by entrepreneurial tech nerd Rickard Carlsson. As one of the co-founders, Rickard has grown Detectify from a group of ethical hackers with an idea on how to make the internet safer, to an international industry challenger that’s 140+ people strong. Combining software automation with the knowledge of elite hackers and scaling it to the masses, Detectify makes security a collaborative effort that changes traditional ways of working.

Rickard has a background in tech and management consulting, and has lived and worked in Sweden, India and the US.

Hosts

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance

TylerRobinson

Tyler Robinson

@tyler_robinson

Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

2. HackerOne Enhances Platform, PANW Expands Unit 42, & More Funding – 01:30 PM-02:00 PM

Announcements

  • Security Weekly listeners save $100 on their RSA Conference 2021 All Access Pass! RSA Conference will be a fully virtual experience from May 17th-20th, 2021. Security Weekly will be live streaming Monday-Thursday in the virtual broadcast alley, interviewing some of the top sponsors and speakers for the event. To register using our discount code, please visit https://securityweekly.com/rsac2021 [securityweekly.com] and use the code 5U1CYBER! We hope to “see” you there!

Description

In the Enterprise News for this week: HackerOne Enhances Security Testing Platform, Palo Alto Networks Expands Unit 42 Cybersecurity Consulting Group, Thoma Bravo to take cyber security firm Proofpoint private, BlackRock, Tudor Group Back Cybersecurity Startup Deep Instinct, and more!

Hosts

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance

  1. Pivot3 Simplifies and Unifies Management of Physical Security Infrastructure with New Surety Software
  2. Safe-T Group’s ZoneZero cybersecurity solution approved for federal government purchase by US GSA
  3. HackerOne Enhances Security Testing Platform
  4. Atos unveils global R&D Lab to drive innovation in Cybersecurity, High Performance Computing and Quantum
  5. Palo Alto Networks Expands Unit 42 Cybersecurity Consulting Group – MSSP Alert
  6. Thoma Bravo to take cyber security firm Proofpoint private
  7. Coalfire Acquires Neuralys Pen Testing Platform
  8. Cybersecurity unicorn Illumio in talks to raise funds from Thoma Bravo at $2.9B valuation – Silicon Valley Business Journal
  9. BlackRock, Tudor Group Back Cybersecurity Startup Deep Instinct
  10. AppOmni Closes $40 Million Funding Round Led by Scale Venture Partners
  11. Israeli Cybersecurity Startup Perception Point Raises $28M
  12. AirEye Raises $8M Series A to Extend Network Security into the Unprotected Digital Airspace
  13. CyberHat Secures $15 Million to Expand its CYREBRO Enterprise-Level Cybersecurity Protection to Small and Medium Sized Businesses – Security Boulevard
  14. Cigent Announces $7.6M Series A Funding Round; In-Q-Tel, CyberJunction, WestWave Capital Participate
  15. AccuKnox Secures $4.6M in Seed Funding to Meet Growing Demand for Zero-Trust Kubernetes Security Solutions
  16. Darktrace slashes valuation price estimate ahead of IPO: report
  17. KnowBe4 Exceeds Share Price Expectation With IPO
TylerRobinson

Tyler Robinson

@tyler_robinson

Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

3. Authentication vs. Authorization: Why Privileged Access Matters – 02:00 PM-02:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/thycotic for more information!

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

Authentication and authorization might sound similar, but they are two distinct security processes. Joe Carson, Chief Security Scientist at Thycotic, joins us to discuss why privileges, not identities, are one of the biggest challenges for identity and access. Joe will share Thycotic’s simple approach to solving privileged access.

This segment is sponsored by Thycotic.

Visit https://securityweekly.com/thycotic to learn more about them!

Guest(s)

Joseph Carson

Joseph Carson – Chief Security Scientist & Advisory CISCO at Thycotic

@joe_carson

-Chief Security Scientist at Thycotic
-Over 25 years’ experience in enterprise security
-Author of “Privileged Account Management for Dummies” and “Cybersecurity for Dummies”
-Cyber security advisor to several governments, critical infrastructure, financial and transportation industries
-Speaker at conferences globally

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance