esw232

Enterprise Security Weekly Episode #232 – June 23, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. How Criminals Use Cloud Apps to Inject Chaos Into Work Environments – 01:00 PM-01:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/ciscoumbrella for more information!

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!

  • In our July 14th democast at 11 AM ET, learn how to reveal and protect your entire attack surface. Then join us July 15 at 11 AM ET to learn how a thoughtful approach to SASE can improve security and enable scalability. Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

Description

In 2020, cyber criminals used cloud apps, the cover of a pandemic, and a newly embraced work-from-home culture to serve up ransomware, steal data, and disrupt how companies do business. The year is over, but the challenges and risks remain. In this interview featuring Cisco’s Doni Brass, we lay out how companies and their IT teams can stave off threats in the cloud app discovery process, stop data from landing in the wrong hands, and identify and block cloud malware that can cost both time and treasure!
Segment Resources:
What attacks aren’t you seeing?
https://learn-umbrella.cisco.com/ebook-library/what-attacks-arent-you-seeing?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy20-q3-content-ebook-what-cyber-attacks-arent-you-seeing

The modern cybersecurity landscape: Scaling for threats in motion
https://learn-umbrella.cisco.com/technical-paper-library/the-modern-cybersecurity-landscape-scaling-for-threats-in-motion?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy21-q2-content-technical-papers-the-modern-cybersecurity-landscape

Cloud Security Buyers Guide
https://learn-umbrella.cisco.com/ebook-library/cloud-security-buyers-guide?utm_medium=media-article&utm_source=sc-magazine&utm_campaign=umb-fy21-q3-na-0201-paid-media-sc-magazine-podcast&utm_term=pgm&utm_content=umb-fy21-q2-content-ebook-cloud-security-buyers-guide

This segment is sponsored by Cisco Umbrella.

Visit https://securityweekly.com/ciscoumbrella to learn more about them!

Guest(s)

Doni Brass

Doni Brass – Product Management Lead at Cisco Umbrella

Doni Brass is passionate about technology and innovation in the fast growing world of cloud computing. With almost 15 years of product management experience across telecom, hardware and SaaS industries, he has seen firsthand the way Enterprise B2B products have undergone a fundamental shift towards product design based on user experience. Over the past 5 years Doni has brought a unique perspective to the Cloud Security space and has helped drive the transition from a traditional security stack to Cisco’s latest Cloud Security platform. He now leads a team of Product Managers dedicated to Cisco Cloud Application and Data Security (CASB & DLP).

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

2. How Teams Can Reduce the Visibility Gap – 01:30 PM-02:00 PM

Sponsored By

sponsor
Visit https://securityweekly.com/fastly for more information!

Announcements

  • Security Weekly is ecstatic to announce that Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Call for presentations & early registration for Security Weekly listeners is open now! Visit securityweekly.com/unlocked to submit your presentation & register for the early registration price before it expires!

Description

Security is a shared responsibility, but teams need to know what’s really going on in production with their web apps and APIs, as it’s happening, in order to achieve the reliable security that companies crave. In this podcast, Brendon Macaraeg will focus on the mission-critical need for real-time visibility. As many teams no longer work in the same room side by side, the role visibility plays today — and will continue to play in the future — can no longer be ignored. And it’s not just a shift toward distributed work that’s creating this increased need for information: while security teams may have more application security tools than ever before, very few of them will actually provide visibility into the important decisions they need to make, like which alerts to triage or which APIs are being targeted. Brendon will discuss why companies need to quickly move past legacy technologies that have limited visibility, to instead more active observability tools that provide real insights to act upon — allowing developers and IT security teams to collaborate in real time.

This segment is sponsored by Fastly.

Visit https://securityweekly.com/fastly to learn more about them!

Guest(s)

Brendon Macaraeg

Brendon Macaraeg – Senior Director of Product Marketing at Fastly

Brendon Macaraeg is the Senior Director of Product Marketing for Fastly’s product portfolio where he manages a team of product marketers responsible for messaging and positioning, sales enablement and competitive intelligence across Fastly’s portfolio of web app and API security, delivery and serverless compute offerings. He has over 8 years of security experience in various product marketing roles. He came to Fastly via its October 2020 acquisition of Signal Sciences, a web app and API security vendor. Prior security roles include supporting CrowdStrike’s Professional Services team and Symantec’s consumer and enterprise products and services. Before getting into security, he worked in product management across a variety of industries. He started his career as an editorial researcher and staff writer at PC Magazine. He has a Masters of Professional Studies from New York University’s Interactive Telecommunications Program and a Bachelor of Science from Minnesota State University, Moorhead.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

3. SentinelOne IPO, Cloudflare Integrations, D3FEND, & Rumble Network Discovery – 02:00 PM-02:30 PM

Announcements

  • Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!

Description

This week In the Enterprise News: Smoothwall Acquires eSafe Global, LookingGlass Cyber Announces Acquisition of AlphaWave, Vectra Launches Detect for AWS, SentinelOne announces IPO, & Building a Better Internet with Code BGP, and more!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

  1. FUNDING: Building a Better Internet with Code BGP – IDS for BGP, it’s about time!
  2. FUNDING: Transmit Security raises $543M Series A to kill off the password – TechCrunch – This is a series A larger than many VC firms’ entire funds! I checked – this isn’t just big for cybersecurity – it’s a big Series A by any measure. In the last year, the only other US Series A I could find that was bigger was a company called Perch, that sells and grows third-party D2C brands that sell through Amazon.
  3. FUNDING: Industrial cybersecurity firm Claroty raises $140 million from investors – A big Series D for the OT security world, especially considering that OT is fairly niche in the larger cybersecurity world.
  4. FUNDING: Startup Arctic Wolf Valued Above $4 Billion in New Investment – Arctic Wolf has emerged from the boom in managed services as a leader and this growth is evidence of that. They’ve already raised nearly $350m to date, with the last round a $200m Series E. That suggests an even larger forthcoming Series F, also backed by Viking Global Investors, a global hedge fund based in Connecticut.
  5. TOOLS: NSA Funds Development, Release of D3FEND – A matrix of mitigations to match MITRE ATT&CK
  6. TOOLS: Rumble Network Discovery 2.3 – Rumble is doing so much amazing stuff at such a fast pace! No one else comes even close to some of the stuff Rumble has done over the past 2 years. Release 2.3 brings a new RFC1918 coverage report that keeps track of which internal IPv4 subnets have been discovered, which are unscanned but are hinted at by discovered assets, and which are still uncharted territory. This report includes links to run new scans of the unmapped networks using Rumble’s lightning-fast subnet sampling feature.
  7. STANDARDS: Biden’s executive order on cybersecurity should include behavior transparency – TechCrunch – SBOMs aren’t enough! Great argument here for vendors to not only provide detailed baselines for their products’ behavior but to provide it in a format that’s easily consumable by security monitoring products!
PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

  1. Neo4j’s $325M funding round lifts fortunes of graph database industry
  2. Smoothwall Acquires eSafe Global
  3. Ping Identity : Announces the Acquisition of SecuredTouch to Accelerate Identity Fraud Capabilities
  4. LookingGlass Cyber Announces Acquisition of AlphaWave
  5. Splunk raises $1B from Silver Lake as it refocuses growth strategy on the cloud
  6. Vectra Launches Detect for AWS – ” Detect for AWS is a cloud-native SaaS solution that provides continuous, scalable agentless threat detection, prioritisation, investigation, and response to attacks targeting applications running on AWS, as well as users, compute, and storage instances, including the use on AWS of the control plane itself. Detect for AWS works both at runtime and holistically across all AWS regions and does not require packet mirroring.”
  7. Aqua Security Launches on AWS CloudFormation Public Registry for IaC Automation – “The Aqua validated CloudFormation templates for multiple resource types radically simplify provisioning and deploying modules as customers scale and help them easily upgrade as new versions of the Aqua Cloud Native Security Platform are released. “
  8. Claroty raises $140M to expand into new regions and enhance its product portfolio
  9. SentinelOne announces IPO
  10. Securitize raises $48M to expand into digital asset securities market
  11. SecurID’s enhancements allow organizations to strategize for the future of IAM – “The SecurID access management platform provides enterprises with a single, enterprise-grade, scalable, and secure way to account for employees, customers, and vendors: over the last quarter, the service’s daily cloud authentications grew by 338% versus the same time last year.”
  12. Ping Identity acquires SecuredTouch, accelerates identity fraud capabilities
  13. Pondurance acquires Bearing Cybersecurity to help clients assess and remediate security gaps
  14. Cloudflare integrates with Microsoft, Splunk, Datadog, and Sumo Logic – “Now, businesses will be able to funnel security insights from Cloudflare directly into their preferred analytics platform to easily analyze in the context of their entire technology stack – without the cost or complexity of building custom integrations.”
  15. Transmit Security raises $543M to accelerate its mission of helping the world go passwordless
  16. Skybox Security enables proactive vulnerability remediation across hybrid environments – “This latest release makes vulnerability management more precise and efficient by presenting numerous remediation alternatives beyond patching. Available now, Skybox identifies remediation options to pinpoint the best course of action. This innovation advances Skybox’s mission to proactively secure complex hybrid and multi-cloud networks through a single platform approach to security policy management and vulnerability and threat management.”
TylerShields

Tyler Shields

@txs

CMO at JupiterOne