esw235

Enterprise Security Weekly Episode #235 – July 21, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Reinventing Asset Inventory for Security – 01:00 PM-01:30 PM

Sponsored By

sponsor
Visit https://securityweekly.com/ for more information!

Announcements

  • CyberRisk Alliance, in partnership with InfraGard, has launched the Critical Infrastructure Resilience Benchmark study. Measure your readiness for ransomware by completing the survey and getting your score. Visit https://securityweekly.com/CIRB to take the survey

  • If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

Description

Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software that they can address even before running their vulnerability management program. Ed will discuss the role asset inventory plays in your overall security strategy. This will include the importance of security context for IT assets, which teams benefit from the information, how to identify and assess the health of critical databases and how to effectively implement a cybersecurity asset management practice.

Segment Resources:
CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/
CSAM video overview: https://vimeo.com/551723071

Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/

This segment is sponsored by Qualys.

Visit https://securityweekly.com/ to learn more about them!

Guest(s)

Ed Rossi

Ed Rossi – Vice President Product Management, Asset Inventory & Discovery at Qualys

Ed Rossi is an experienced product management leader with over 20 years in the IT Asset Management and Software Asset Management space. He recently joined Qualys as Vice President, Product Management, focused on Asset Inventory & Discovery. Ed spent six years at Flexera Software, leading the product team driving their ITAM & SAM offerings and concentrating on helping clients manage their technology investment from on-premises hardware and software to SaaS & Cloud Infrastructure. Previously, Ed was with IBM, where he focused on IT Asset Management, Discovery & Service Management products across several roles. Ed is passionate about the need for strong visibility across the IT ecosystem to support a strong IT Security program and to manage assets more effectively in an increasingly complex technological world.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerRobinson

Tyler Robinson

@tyler_robinson

Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

2. Rapid7 Acquires Intsights, Intezer Refines Malware Analysis, & Funding News – 01:30 PM-02:00 PM

Announcements

  • Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Our Call For Presentations Deadline has been extended through July 23rd at 11:59 pm ET! Visit securityweekly.com/unlocked to submit your presentation!

Description

In the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

  1. Sysdig Announces Intent to Acquire Apolicy for Infrastructure as Code Security With Auto Remediation
  2. AttackIQ Announces $44 Million in Series C Funding to Fuel Global Growth and Vision of Security Optimization
  3. Ex-Plaid employees raise $30M for Stytch, an API-first passwordless authentication platform – TechCrunch
  4. Microsoft puts PCs in the cloud with Windows 365
PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

  1. SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab – “With the addition of the two new attacks, SafeBreach allows security teams to validate their endpoint solutions against the following advanced attacks: Carbanak+FIN7 – attacks for local host infection and malicious behavior, Solorigate – attacks for SolarWinds Orion Platform compromise using SunBurst malware, APT29 (CozyBear) – attacks for local host infection and malicious behavior, Credential threat – techniques such as dumping passwords and authentication tokens, OS configuration changes – modifying the operating system configuration to enable malicious activity, Code execution – techniques to verify whether it is possible to enable malicious activity, Ransomware infection – known attacks including WannaCry, JAFF, Locky, NotPetya, and others”
  2. Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks – “Stellar Cyber has incorporated its XDR Kill Chain into the new version 4.0 of its Open XDR platform. It is the first platform on the market to integrate a kill chain that is purpose-built for XDR, increasing the ability of security analyst teams to spot quickly both internal and external attacks as well full attack progressions. The new version enables both enterprises and MSPs/MSSPs/MDRs to make powerful new advancements in security team efficiency and boost the effectiveness of cybersecurity protection, detection and response.”
  3. SentinelOne raises over $1 billion in upsized U.S. IPO – “SentinelOne Inc, a cybersecurity firm backed by billionaire investor Daniel Loeb’s hedge fund Third Point, raised about $1.23 billion through an upsized U.S. initial public offering on Wednesday, giving it a valuation of roughly $8.87 billion.”
  4. Intezer – Reimagining the Malware Analysis Experience – “Support for analyzing non-binary formats (e.g., Microsoft Office documents and PDF files), Sandboxing capabilities and behavior analysis, Automatic extraction of Indicators of Compromise (IoCs), Mapping capabilities to the MITRE ATT&CK® matrix using static code analysis, Improved UI and simplified reports, Plus much more coming on our roadmap soon, including URL scanning and analyzing phishing emails”
  5. Armis Secures 100% Visibility of all OT, ICS & IT Assets and Real-Time Detection Tactics in MITRE Engenuity ATT&CK® Evaluations for Industrial Control Systems (ICS) – ” Armis provided 100% visibility of all IT & OT/ICS assets with real-time detection of all initial access and lateral movement. In addition, Armis achieved 100% coverage of all MITRE Engenuity ATT&CK Evaluations for ICS tactics.”
  6. Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection – ” U.S. Patent No. 10,972,494 and U.S. Patent No. 11,019,091 validate Bugcrowd’s unique ability to leverage and integrate the expertise of the Crowd with its platform, common service infrastructure, workflow orchestration, and cross-organizational analytics to secure innovation sooner.”
  7. Rapid7 Acquires Threat Intelligence Firm Intsights for $335 Million – “Intsights seeks to be proactive — to recognize and mitigate an attack before it occurs. It does this by crawling both the surface and dark web looking for indications that an attack is being planned by a hacker or criminal gang.”
  8. Cybereason acquires Israeli cybersecurity firm Empow
  9. Riverbed Launches New Open-Forum Community to Serve NetOps, SecOps and IT Practitioners – “Riverbed announced today that it launched Riverbed Community, where customers, colleagues and peers come to connect to share their insights on visibility, performance and security of networks, applications and end users, and current issues affecting the IT industry, as well as shared experiences with Riverbed products and solutions. “
TylerRobinson

Tyler Robinson

@tyler_robinson

Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

3. Why Transparency Matters & Web Application Prioritization – 02:00 PM-02:30 PM

Description

The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities. In this segment, Mark talks about the best starting point for organizations to get back on track and prioritize your web app security.

This segment is sponsored by Acunetix.

Visit https://securityweekly.com/acunetix to learn more about them!

Security can be somewhat of a mystery at a lot of organizations. Most companies choose to be tight-lipped about the security measures they have implemented. Rightfully so, there is an underlying fear that publicizing your security efforts could make you more vulnerable to security attacks and damage your reputation with your customers. However, there is another way. Transparency can be your ally in security.

This segment is sponsored by GitLab.

Visit https://securityweekly.com/gitlab to learn more about them!

Guest(s)

Mark Ralls

Mark Ralls – President and Chief Operating Officer at Acunetix by Invicti

Mark Ralls is President and Chief Operating Officer of Invicti Security, a world leader in web application vulnerability scanning. In this role, Mark leads several functions, including the company’s Marketing team. Prior to joining Invicti, Mark was Managing Director of Business Operations at Vista Consulting Group, the consulting arm of Vista Equity Partners. Prior to joining Vista, Mr. Ralls worked as Senior Vice President of Product Management and Strategy at Social Solutions Global, where he led Product Management and Product Marketing teams and was responsible for driving product strategy for nonprofit and public sector customers. Before his time with Social Solutions, Mr. Ralls worked at SolarWinds, a provider of IT management software, where he served as Group Vice President of Business Applications and Analytics. Prior to SolarWinds, Mr. Ralls worked at the Boston Consulting Group, where he consulted for Fortune 1000 clients across a number of industries and functions.

Wayne Haber

Wayne Haber – Director of Engineering at GitLab

@WayneHaber

Wayne Haber, CISSP is the director of engineering at GitLab for the threat management and growth departments. His teams focus on things including vulnerability management, Kubernetes container security, growth hacking, and engineering productivity. Wayne has more than 20+ years of experience in security and engineering. When not working, Wayne is a dedicated learner averaging one book a week.

Hosts

MattAlderman

Matt Alderman

@maldermania

Executive Director at CyberRisk Alliance