esw230

Enterprise Security Weekly Episode #230 – June 09, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Redefining SaaS Security so SOC/IR Teams Aren’t in the Dark – 01:00 PM-01:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/gigamon for more information!

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!

  • Security Weekly is ecstatic to announce that Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Call for presentations & early registration for Security Weekly listeners is open now! Visit securityweekly.com/unlocked to submit your presentation & register for the early registration price before it expires!

Description

Traditional options of acquiring network detection and response (NDR) solutions have their individual pros and cons. SaaS or On-Premises NDR solutions allow you to customize it to your environment but require costly care and feeding such as detection tuning that distracts your SOC/IR teams from hunting adversaries. If you go with a Managed NDR you have predictable costs but receive generic detections and response options in a one-size fits all model. Join Stephen Newman, VP of Product Marketing to see how ThreatINSIGHT Guided-SaaS NDR combines a purpose-built NDR platform for adversary detection and response with Gigamon SOC/IR human talent dedicated to delivering guided expertise to your security team… together closing the SOC visibility gap, removing distractions, and providing advisory guidance when it matters most.

Segment Resources:
https://www.gigamon.com/content/dam/resource-library/english/solution-brief/sb-gigamon-threatinsight.pdf

This segment is sponsored by Gigamon.

Visit https://securityweekly.com/gigamon to learn more about them!

Guest(s)

Stephen Newman

Stephen Newman – Vice President Product Marketing, ThreatINSIGHT at Gigamon

Stephen Newman, VP of ThreatINSIGHT Product Marketing, has over 15 years of Product Management and Product Marketing experience in the field of Cyber Security, ranging from VPNs, email security, advance threats, identity-based security and cloud-native network detection and response. He has also lead teams of security researchers, engineers and analyst to track threat actors, understand their tactics, and devise machine learning techniques to identify their behavior inside enterprise networks.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

2. FireEye ‘Fire Sale’, Panaseer Security Guidance, & Infoblox 3.0 – 01:30 PM-02:00 PM

Announcements

  • Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!

  • Join us June 24 at 11 AM ET to learn how web application firewalls can help mitigate exposure in a complex threat landscape. Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

Description

This week in the Enterprise News: Proofpoint unveils people-centric innovations across its three platforms, Citrix Secure Internet Access Simplifies Hybrid Workforce Challenges, CyberArk : Advances Industry-Leading Identity Security Platform, AI-powered cybersecurity provider ExtraHop to be acquired for $900M, New Israeli Unicorn Exabeam Hits $2.4 Billion Valuation, Microsoft acquires ReFirm Labs to boost its IoT security offerings, and more!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

  1. ACQUISITION: Network security startup ExtraHop skips and jumps to $900M exit – TechCrunch – IPO stuffed, ExtraHop instead ops for a 9x exit to PE firms. 9x for what looked like a healthy business 2 years ago? What happened?? Finance analysts seem baffled and without an S-1, we may never know.
  2. ACQUISITION: FireEye sells FireEye Products unit to STG for $1.2 billion – Described by many as a firesale, the price is barely higher than what FireEye paid for Mandiant 7 years ago! Not a good sign. The multiple here was 1.64x – a far cry from the more typical 10-20x we see software vendors selling for. While some great research came out of FireEye over the years and the Mandiant business has always seemed to thrive, I’m not sure FireEye ever really built a product anyone really wanted or needed. Bit of a rant from me on them: https://twitter.com/sawaba/status/1400207552139431936 What’s really crazy though is who bought them – STG has also recently acquired RSA and McAfee.
  3. ACQUISITION: Coalfire Acquires Denim Group to Transform – There have always been consulting firms that build tools and even spin-off product companies, but it seems a more common trend these days. Where software cybersecurity companies can bring in a bigger multiple, they’re more of a risk. Services traditionally bring in a much lower multiple, but their revenue is more predictable, as the services product changes very slowly and demand is fairly constant. Bishop Fox raised a Series A from ForgePoint to build a managed subscription service. Coalfire was acquired by private equity and appears to be going for something similar with Denim Group and Threadfix. The FireEye product portfolio was just offloaded for less than 2x, leaving Mandiant behind, which was originally purchased for around 10x back in 2014! It’s an interesting trend that flips the funding/returns script somewhat.
  4. ACQUISITION: Microsoft acquires ReFirm Labs to enhance IoT security – Microsoft Security
  5. FUNDING: Cybersecurity startup Brinqa raises $110 mln from Insight Partners
  6. FUNDING [redacted] closes 35m in Series B funding to disrupt adversaries and hold attackers accountable – It literally took me 10 minutes of Googling to realize that [redacted] was the company’s actual name. I guess someone is getting a chuckle out of how clever they are, but I just found it irritating
  7. FUNDING: Exabeam Secures $200 Million at $2.4 Billion Valuation, Welcomes New CEO and President Michael DeCesare
  8. FUNDING – Uptycs secures $50M Series C as security platform continues to expand – TechCrunch
  9. FUNDING: Inspired by Podesta breach, Material Security raises $40 million to neuter email hacks
  10. FUNDING: Tessian raises USD65m Series C to advance security at the human layer
  11. FUNDING Israeli cloud security co Wiz raises another $120m – report – SURE, WHY NOT???
PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

  1. Microsoft acquires ReFirm Labs to boost its IoT security offerings
  2. After Nearly 6 Years, SMB Cybersecurity Provider Redacted Emerges From Stealth With $35M
  3. New Israeli Unicorn Exabeam Hits $2.4 Billion Valuation
  4. ALD Moves Forward with Merger with Hub Security
  5. Digital-Security Startup Aura Backed by Katzenberg Valued at Over $1 Billion
  6. SignalWire raises $30M to accelerate the creation of unified cloud communications tools
  7. Brinqa raises $110M to accelerate adoption of risk-based cybersecurity
  8. Proofpoint unveils people-centric innovations across its three platforms – “Available now, Proofpoint’s Information Protection and Cloud Security platform is the cloud native solution that combines enterprise data loss prevention (DLP), insider threat management, cloud app security broker (CASB), zero trust network access, remote browser isolation, and a cloud native web security solution.”
  9. Citrix Secure Internet Access Simplifies Hybrid Workforce Challenges – “I follow the SD-WAN and SASE industries fairly closely but never really considered Citrix a major vendor in the space. Recently, the company updated me on their offerings, and I finished the meeting with a positive outlook on their products. SIA is a very robust, cloud-delivered security solution that gives work from home employees the same level of security as they would have in the office.”
  10. Synopsys Acquires Code Dx
  11. Infoblox 3.0 Unites Hybrid DDI, Security to Unlock Cloud-first Strategies – “The company is uniting NIOS, an on-premises DDI solution, with its cloud-native BloxOne Threat Defense and BloxOne DDI platforms to help customers bridge core networking and security into cloud environments that underpin the needs of the modern enterprise.”
  12. CyberArk : Advances Industry-Leading Identity Security Platform – “CyberArk Dynamic Privileged Access: Drastically reduces risk of standing access by provisioning just-in-time access to hybrid and cloud workloads, starting with Windows and Linux Virtual Machines. Dynamic Privileged Access also includes full audit capabilities, providing insight into exactly who accessed what and when. Only CyberArk secures both standing and dynamic access across hybrid and multi-cloud environments while enforcing least privilege controls.
    CyberArk Secure Web Sessions: Adds additional layers of security to high-risk browser-based applications access via continuous monitoring, re-authentication enforcement and isolation of malicious processes originating on user devices. Secure Web Sessions enables enterprises to record and audit risky user behavior within any web application while maintaining a frictionless user experience.
    CyberArk Lifecycle Management for Privileged Users: An expansion of existing capabilities, customers can now further expedite employee onboarding, including those with privileged access, and meet audit and compliance mandates more efficiently. Lifecycle Management for Privileged Users integrates with existing solutions or can work with HR-driven identity management solutions, providing further flexibility to enterprises.”
  13. ThycoticCentrify Service Account Governance Adds Integration with Cloud Vaults Including AWS Secrets Manager and Azure Key Vault – “ThycoticCentrify announced enhancements to its industry-leading solution for service account governance, Thycotic Account Lifecycle Manager. The latest version enables IT teams to govern cloud-based service accounts with direct integrations to external vaults such as AWS and Azure, and service accounts used within the DevOps environment.”
  14. AI-powered cybersecurity provider ExtraHop to be acquired for $900M – SiliconANGLE
  15. Panaseer issues cyber measurement guidance to protect enterprises from compromise – “Panaseer’s CCM platform includes these and hundreds of other best practice security metrics via its new in-platform Security Metrics Catalogue. In addition to Panaseer’s expertise, the Security Metrics Catalogue has been curated from a wide community of customers, industry experts, and framework organisations such as NIST and in collaboration with the Center for Internet Security (CIS). The proposition also provides recommendations to enable security teams to instantly improve their security metrics programme overall via metric groupings that include a ‘getting started’ collection, a peer-based recommendation collection, a customer favourites collection, and access to newly emerging metric suggestions.”
TylerShields

Tyler Shields

@txs

CMO at JupiterOne

3. BTS of the Cyber Fight and Building a Resilient Web App Security Program – 02:00 PM-02:30 PM

Description

“Behind the scenes of the cyber fight” – talking about the good on the defender side, taking down cyber criminal supply chains, partnerships, taking down ransomware gangs.

This segment is sponsored by Fortinet.

Visit https://securityweekly.com/fortinet to learn more about them!

Prior to building a web security program, you have to have a plan. How does one create that plan? In this segment, Kevin will focus on some concrete steps to help you create an AppSec plan using a simple framework.

This segment is sponsored by Netsparker.

Visit https://securityweekly.com/netsparker to learn more about them!

Guest(s)

Derek Manky

Derek Manky – Chief, Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs

Experienced thought leader and innovator who has helped to build global collaborative frameworks in the cyber security industry. Strategist to global leaders/heads of state, private public sector relations, C-Suite consultant, threat intelligence expert on cybercrime.

Kevin Gallagher

Kevin Gallagher – Chief Revenue Officer at Netsparker by Invicti Security

@KRG2

Kevin Gallagher is the CRO of Invicti Security, the company behind the well-known brands, Acunetix and Netsparker. He is a top performing senior executive with 17+ years’ experience managing, bringing to market and selling innovative software management solutions to various high value market segments. Having worked at both start up’s and well established companies, Gallagher has earned recognition as a top – producing sales executive, serving as a motivating team leader and mentor.

Michael Daniel

Michael Daniel – President & CEO at Cyber Threat Alliance

@CyAlliancePrez

Michael leads the CTA team and oversees the organization’s operations. Prior to joining the CTA in February 2017, Michael served from June 2012 to January 2017 as Special Assistant to President Obama and Cybersecurity Coordinator on the National Security Council Staff. In this role, Michael led the development of national cybersecurity strategy and policy, and ensured that the US government effectively partnered with the private sector, non-governmental organizations, and other nations.

Hosts

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly