Nathan Hunstad – Principal Security Engineer & Researcher at Code42

Nathan Hunstad is the Principal Security Research and Engineer at Code42 and focuses on automation, logging infrastructure, and threat analysis. He has over 10 years of security experience in numerous roles in both the public and private sector, including Security Operations, Threat and Vulnerability Management, Risk Assessment and Management, Cyber Intelligence, and Threat Hunting. He has a Masters of Science in Security Technologies from the University of Minnesota.

Adrian Sanabria

Senior Research Engineer at CyberRisk Alliance

Paul Asadoorian

Founder at Security Weekly

Tyler Shields

CMO at JupiterOne

Adrian Sanabria

Senior Research Engineer at CyberRisk Alliance

1. FUNDING: Security startup Tessian, which uses AI to fight social engineering, trousers $65M – TechCrunch – Trousers is a verb now?!?
2. FUNDING: Cynerio Raises $30 Million in Series B Funding to Secure Mission-Critical Medical and IoT Devices in Hospitals and Health Systems –

Paul Asadoorian

Founder at Security Weekly

1. Datadog’s AWS Lambda extension allows customers to collect telemetry from serverless applications – Help Net Security – “Datadog’s AWS Lambda extension allows customers to collect telemetry from serverless applications. Developers can quickly add custom business metrics, distributed tracing, and collect logs from serverless applications to identify and diagnose errors before they impact customer experience. Datadog Serverless Monitoring supports all official AWS Lambda runtimes, ensuring that every team has visibility into their services.”
2. Imperva introduces Serverless Protection to secure serverless computing functions – Help Net Security – “Protection against malicious activity: Purpose-built for serverless computing, Imperva uniquely enables a positive security model that provides protection against malicious changes, like zero-day exploits, within the function. Deployed as an AWS Lambda layer, it can be deployed once and applied to multiple AWS Lambda functions. Visibility and protection from internal and external code vulnerabilities: Imperva Serverless Protection secures serverless functions from vulnerabilities embedded in first and third-party code — the underlying risk factor that can trigger a software supply chain attack. It effectively monitors and blocks vulnerabilities without elaborate or manual steps involved. OWASP Serverless Top 10 coverage: Imperva Serverless Protection offers protections from misconfigurations, code-level risks, injections and weaknesses. It stops HTTP response splitting and method tampering, code injection, and other complex threats. It also monitors for insecure cookies and transport, logging of sensitive information, unauthorized network activity, weak authentication, and other potential vulnerabilities. Deep visibility into security incidents at the application layer: Imperva Serverless Protection runtime monitoring gathers log-level information to provide forensic detail so security teams can fully understand the context of every attack with virtually no impact on latency. It also identifies and maps third-party dependencies used during runtime.”
3. Jay Chaudhry: Zscaler Aims to Extend Zero Trust Architecture Through Smokescreen Acquisition – GovCon Wire – “Smokescreen designed its platform to help customers protect networks, applications and endpoints with deception decoys.”
4. Sumo Logic Completes Acquisition of DFLabs to Further Expand Cloud SIEM and Automation for Hybrid Cloud Customers and Managed Service Providers – “With the combined expertise and technology of Sumo Logic and DFLabs, we are well-positioned to continue to drive our momentum and leadership as the cloud-native SIEM of choice, which will now include a leading SOAR for customers and managed service providers of all sizes and maturities.”
5. ServiceNow backs $50M round for cybersecurity startup Uptycs – SiliconANGLE – “Uptycs’ provides what it describes as the first product in the cloud-native security analytics category that detects hacking attempts across both cloud workloads and endpoints such as employee devices. Normally, companies must use separate security tools to protect cloud workloads and endpoints. Consolidating a workflow normally spread across multiple applications into a single platform can improve administrators’ productivity by removing the need to switch back and forth among different interfaces.”
6. Salt Security Raises $70 million in Series C Funding – “Salt Security offers a unique approach to API security with its flagship solution, the Salt Security API Protection Platform. The big data engine and AI and ML at the heart of the Salt C-3A Context-based API Analysis Architecture automates the continuous discovery of APIs and exposed sensitive data, stops API attackers during their reconnaissance activities, and delivers remediation insights. Needing no agents, software changes, or inline code, the patented Salt platform deploys quickly, with no impact on application performance.”
7. SpecTrust raises $4.3M to unify people and data in the fight against cybercrime – Help Net Security – “SpecTrust’s no-code platform allows risk teams to deploy, optimize, and enforce layered cybercrime defenses with zero engineering required. Advanced capabilities are normally only accessible to the largest companies in the world; SpecTrust allows businesses of any size to rapidly mature fraud detection and prevention capabilities, optimize onboarding compliance processes and vet user identity with continuous risk and trust assessments.”
8. ServiceNow delivers new security integrations with Microsoft to automate security workflows – Help Net Security – “New integrations with the ServiceNow Security Operations Solution Suite include Microsoft Azure Sentinel, Microsoft Threat & Vulnerability Management, Microsoft Teams, and Microsoft SharePoint. These integrations will help security operations teams make smarter decisions across security planning, management, and incident response.”
9. Double Bullseye for SentinelOne in Recent Prestigious Global Accolades – “SentinelOne’s endpoint security solutions came out on top among endpoint vendors in the latest ATT&CK Evaluation performed by MITRE Engenuity. Having recently released its results from the 2020 evaluation, SentinelOne was proud to report that it was the only vendor to achieve complete visibility, with zero missed detections, across both Windows and Linux environments. In addition, SentinelOne was also proud to announce that it has recently been positioned by Gartner as a Leader in the 2021 Magic Quadrant for Endpoint Protection Platforms. SentinelOne believes the placement is a testament to the company’s innovative Singularity XDR platform and scaled go-to-market execution in record time. “
10. Rapid7 : Reducing Risk With Identity Access Management (IAM) – “DivvyCloud by Rapid7 contains an IAM Governance Module that essentially destroys and rebuilds an IAM policy stack by implementing a boundary view. When security teams are tasked with governing cloud environments at scale, this is when compliance might become a problem – without anyone realizing it. Even with what might be considered a sustainable boundary view, that perimeter will likely be more fluid than anyone can predict. DivvyCloud helps create a rational approach for managing that ever-changing identity-access perimeter.”
11. Kemp Launches Zero Trust Architecture to Simplify Secure Application Access – “Kemp, the always-on application experience (AX) company, today announces the launch of its Zero Trust Access Gateway (ZTAG) architecture to simplify the introduction of a zero-trust model for securing published workloads and services. The Kemp ZTAG solution is comprised of a suite of proxy, authentication, access logic, and automation capabilities that helps customers apply zero trust logic to load balanced web-based applications.”
12. AWS launches containerized web application solution App Runner – SD Times – “AWS App Runner is designed to help developers easily and rapidly develop, deploy and run containerized web applications and APIs by handling all the operational aspects such as provisioning, scaling and managing container orchestration, load balancing and CI/CD pipelines”

Tyler Shields

CMO at JupiterOne

Drew Rose – CSO – Founder at Living Security

As Living Security’s creative mastermind, Drew Rose combines his experience developing security programs and his love of game design to expertly craft immersive products. He seeks to engage end users and create excitement with his educational experiences and measurable outcomes. Drew is a CISSP with a Bachelors of Science in Cybersecurity who has spent years building and optimizing security programs in the public and private sectors. While serving in the military, Drew learned effective strategies for fighting cybercrime and earned a top-level security rating in the U.S. government. At Living Security, Drew applies his in-depth knowledge to reducing enterprise and personal risk by designing science-based, collaborative security awareness programs.

Ganesh Pai – CEO & Founder at Uptycs

Ganesh Pai is Founder & CEO of Uptycs. He is a Boston-based entrepreneur and technologist (formerly Akamai, Verivue, NetDevices) and has been awarded multiple U.S. patents. Ganesh received a BE degree in electronics and communication engineering from Mangalore University and a MS in computer science from Temple University.

Matt Alderman

Executive Director at CyberRisk Alliance

Paul Asadoorian

Founder at Security Weekly