Allie Mellen – Industry Analyst at Forrester Research

Allie supports security and risk professionals, covering security infrastructure and operations to assist clients in building and maturing their threat detection and response strategies. Her coverage includes the people, processes, and tools of the security operations center.

Adrian Sanabria

Senior Research Engineer at CyberRisk Alliance

Paul Asadoorian

Founder at Security Weekly

Tyler Shields

CMO at JupiterOne

Darren Guccione – CEO and Co-Founder at Keeper Security

Darren Guccione is the CEO and co-founder of Keeper Security, Inc., the creator of Keeper, the world’s most popular password manager and secure digital vault. Keeper software is used globally by millions of people and thousands of businesses.

Darren is an engineer and a CPA. He holds a Master of Science in Accountancy with Distinction from the Kellstadt School of Business at DePaul University and a Bachelors of Science in Mechanical and Industrial Engineering from the University of Illinois at Urbana-Champaign. Darren is an Evans Scholar and received the Distinguished Alumnus Award presented by The Department of Industrial & Enterprise Systems Engineering.

Darren has been named Cutting Edge CEO of the Year in 2019 and Publisher’s Choice Executive of the Year in 2020 by Cyber Defense Magazine’s InfoSec Awards. He is regularly featured on local and national news programs to report on cybersecurity events and topics. He serves as a panelist and keynote speaker in various technology events around the world.

Adrian Sanabria

Senior Research Engineer at CyberRisk Alliance

Paul Asadoorian

Founder at Security Weekly

Tyler Shields

CMO at JupiterOne

Adrian Sanabria

Senior Research Engineer at CyberRisk Alliance

1. TOOLS: New Anti Anti-Money Laundering Services for Crooks – Krebs on Security – So normally, when we mention tools, they’re for defenders. In this case, this is a tool to help cybercriminals avoid airing their dirty laundry to law enforcement while laundering their criminal proceeds.
2. MERGER: Norton and Avast are merging into an $8 billion antivirus empire – Close your eyes and imagine this: It’s February 2005 and you read the headline: “Hollywood Video and Blockbuster are merging into a video rental empire!”. What are your immediate thoughts, given you have 16 years of hindsight on the outcome for both those businesses?

   The real kicker? The big concern wasn’t Netflix, it was whether the FTC would allow it, citing anti-trust concerns!

   I’m betting the press release definitely won’t mention the fact that they’re representing the absolute bottom, gutter end of low-margin, discounted, shrinking consumer cybersecurity software. Symantec has been on a rollercoaster – first with the split from Veritas in 2014 when they also combined with Blue Coat and shuffled the exec team. Then, in 2019, the company was split into consumer and enterprise, with the consumer side becoming Norton LifeLock and the enterprise side going to Broadcom, which consumed Computer Associates a while back.

3. ACQUISITION: Sophos Acquires Refactr to Optimize Managed Threat Response (MTR) and Extended Detection and Response (XDR) with Security Orchestration Automation and Response (SOAR) Capabilities – Pitched as SOAR, but not really competing with the SOAR you’re thinking of. This is much more focused on pure DevOps/Cloud-first startup-style environments.
4. Daniel Miessler joins Robinhood as Head of Vulnerability Management and Application Security – Daniel Miessler is a very visible thought leader in the industry, so it’s worth a mention when he starts a new gig. Especially interesting is that he (like many, many others) has been critical of Robinhood in the past, but took down a blog post he wrote last fall. http://web.archive.org/web/20201127174713/https://danielmiessler.com/blog/why-robinhood-is-dangerous-for-new-investors/

   Overall, I see it as a positive development and I hope he can have some positive influence and impact on not just the security of the company and product, but on the company’s ethics as well.

Paul Asadoorian

Founder at Security Weekly

1. Tigera addresses growing demand for security of containers, Kubernetes, and microservices – Help Net Security – I need this single pane of glass, I’m not sure why, but I want it (I think?): “Calico provides automated capabilities to deliver an easy-to-understand and action-oriented view of Kubernetes networking, security and application layer that can be used to quickly resolve performance hotspots and troubleshoot connectivity issues. It provides a single pane of glass across multi-cluster and multi-cloud Kubernetes environments to deploy a standard set of egress access controls, enforce security policies for compliance, and observe and troubleshoot applications.”
2. Baffle raises $20M to secure cloud data – Help Net Security – Oh right, so here’s $20 million: “Baffle’s no-code, simple-to-deploy security mesh takes a data-centric approach at cloud scale without a performance impact or changes to applications.”
3. iboss adds new features to its Cloud Platform to give organizations more visibility and control – Help Net Security –
4. SailPoint Workflows enables customers to automate security tasks with no coding required – Help Net Security – “Automate use cases like event-driven certifications and custom approvals through APIs and event triggers, Accelerate innovation with easy drag-and-drop builder through no-code workflow, decreasing runtime and freeing up team power to focus on forward-looking projects, Connect to other SaaS applications, enabling a broad range of capabilities across a company’s technology ecosystem, Integrate into a customer’s cloud environment and SailPoint’s partner network” – This is hard as you have to have the right integrations with the right features and allow the user to tie it all together. I think we’re getting closer, however, I also believe you will need people on staff that can write code to make it all work, at least for a while…
5. CVSS Scores: A Practical Guide for Application – I can’t see filling out the CVSS scoring form for each vulnerability in your environment. You really need a tool that will do that for you, based on generalized inputs to the system, or variables that can be inferred or discovered. For example, whether or not an asset is exposed to the Internet, whether or not the vulnerable application is being used and how much and how many instances of it do I have in the environment? I also believe you need a list, or a way to flag certain vulnerabilities, based on external factors, these you just patch. Vulnerabilities in Windows (like the recent string of print spooler vulnerabilities), select VPN appliance vulnerabilities, the recent sudo vulnerability, should just be fast-tracked regardless of CVSS score or environmental factors.
6. API Security 101: Security Misconfiguration – “Security misconfigurations are a constant threat against both APIs and non-API applications alike.” – These often slip through the cracks, because often they are not in the code, but in the configuration. Web server configuration is often overlooked by developers, which is why I’m a huge fan of having a more well-rounded team so you can constantly evaluate security and improve security processes.
7. Praetorian Launches GoKart – an Open Source Security Scanner for Go – “GoKart puts Go code into single static assignment (SSA) form, structuring every value computed by the program as an assignment to a unique variable. SSA is used in compilers for optimization, and in a security context it helps trace the source of data used as input. Being able to follow data as it flows through a program, weaving in and out of objects and modules, is one of GoKart’s primary features, and what makes GoKart so powerful.”
8. Digital Shadows launches two premium professional services streams – “Takedowns-as-a-service is another part of this portfolio – especially for teams that don’t have the time or expertise to launch and manage takedowns effectively. With an average of 1,100 impersonating domains registered against them each year, clients can ensure that malicious domains get taken down, and remain taken down. Digital Shadows custom intelligence provides additional threat intelligence tools for specific strategic or tactical requirements. This includes reporting into a VIP’s exposure, tactical investigations into a suspicious domain, and deep investigations into an emerging tactic.”

Tyler Shields

CMO at JupiterOne