esw240

Enterprise Security Weekly Episode #240 – August 25, 2021

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. Deciduous / Decision trees + Security Chaos Engineering – 01:00 PM-01:30 PM

Announcements

Description

Deciduous is an app Kelly built with Ryan Petrich that simplifies the process of creating security decision trees. Security decision trees are valuable aids in threat modeling and prioritizing mitigations, harnessing the power of belief prompting from the realm of behavioral game theory.

Segment Resources:
– https://www.deciduous.app/
https://swagitda.com/blog/posts/rick-morty-thanksploitation-decision-tree/
https://swagitda.com/blog/posts/deciduous-attack-tree-app/
https://learning.oreilly.com/library/view/security-chaos-engineering/9781492080350/

Guest(s)

Kelly Shortridge

Kelly Shortridge – Senior Principal Product Technologist at Fastly

@swagitda_

Kelly Shortridge is a Senior Principal at Fastly in Product Technology and wrote the book on Security Chaos Engineering (O’Reilly Media). Kelly has been a successful enterprise product leader as well as an entrepreneur (with an exit to Crowdstrike) and investment banker. Kelly is best known for applying behavioral economics and resilience to information security and is a frequent advisor, author, and speaker on those topics.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

2. Penning a Cyber Thriller – 01:30 PM-02:00 PM

Announcements

  • InfoSec World 2021 is proud to announce its keynote lineup for this year’s in-person event! Hear from Robert Herjavec plus heads of security at the NFL, TikTok, U.S. Department of Homeland Security, Stanford University, and more… Plus, Security Weekly listeners save 20% on world pass and main conference registration! Visit https://securityweekly.com/isw2021 to register now!

Description

Deb has written a thriller series about an evil corporation called GlobeCom that takes over the world through human chip implants and the hackers who rise up against it to break its backbones and its grip on humanity. In it, she sticks very close to technology and hacks in use today to show the ramifications of tech over reach and couch the hackers as heroes. Her characters are drawn from hackers and agents she’s met throughout her career and they have reviewed and approved the story. She is currently wrapping up her second book in the series, which delves more into AI and machine learning. She has written for a general audience, and the story is fast-paced and entertaining with reviewers saying her style is akin to Lee Child.

Segment Resources:
The book is available at https://www.amazon.com/Breaking-Backbones-Information-Hacker-Trilogy/dp/1665701080/; and her articles, speaking engagements and more information is available at www.debradcliff.com.

Presenter(s)

Deb Radcliff

Deb Radcliff – Strategic Analyst, Author at CyberRisk Alliance

@DebRadcliff

Deb Radcliff was the first investigative reporter to make cyber crime a beat starting in 1996 after researching a best-selling book about Kevin Mitnick called the Fugitive Game. Since then, she has written hundreds of articles for business and trade magazines, won two Neal awards for investigative reporting, and was runner up for a third. She stood up an analyst program for SANS Institute and ran it for 15 years before joining the Cyber Risk Alliance as strategic analyst on the business intelligence unit. And she wrote her first book in a cyber thriller series, “Breaking Backbones: Information is Power,” which is selling well on Amazon and other outlets.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

3. Cloudflare Saves the Day, Sumo Logic SOAR, Tenable Risk Management, & Drones – 02:00 PM-02:30 PM

Announcements

  • CyberRisk Alliance, in partnership with InfraGard, has launched the Critical Infrastructure Resilience Benchmark study. Measure your readiness for ransomware by completing the survey and getting your score. Visit https://securityweekly.com/CIRB to take the survey

  • Security Weekly Unlocked will be held IN PERSON this December 5-7 at the Hilton Lake Buena Vista!

    We are excited to announce our first round of speakers: Lesley Carhart, David Kennedy, Alyssa Miller, O’Shea Bowens, Marina Ciavatta, Patrick Coble, Chris Eng, Eric Escobar, Nick Leghorn, Michael Schladt, Kevin Johnson, and Justin Kohler!

    Visit https://securityweekly.com/unlocked to register and check out our rockstar lineup!

Description

This week, In the Enterprise News, Guardicore Centra lets teams stop ransomware and lateral movement, Netskope streamlines procedures with improved attribution models and collaboration, Cloudflare claims they blocked the ‘greatest DDoS attack in history’, SecurityScorecard partners up with Tenable to improve Risk Management, Sumo Logic delivers on SOAR promise by acquiring DFLabs, SCAR invests in cyber startup Hook Security, Hunters raises $30 Million in Series B, and more!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Senior Research Engineer at CyberRisk Alliance

  1. TinyCheck
  2. Cloud Katana
  3. Google Cloud launches Unattended Project Recommender
  4. Minimalist Phones Try to Give Users What They Need—Not Always What They Want
  5. Paladin publicly launches Knighthawk, a first response drone for cities – TechCrunch
  6. Hunters brings in $30M Series B to grow XDR security tech – TechCrunch
  7. Automotive startup Upstream raises $62M Series C to scale cloud-based security – TechCrunch
  8. Apple’s Tim Cook, Microsoft’s Satya Nadella Plan to Visit White House
  9. Blumira raises $10.3M Series A to bring cloud-based SIEM to mid-market companies – TechCrunch
  10. build.security is now a part of Elastic – build.security
PaulAsadoorian

Paul Asadoorian

@securityweekly

Founder at Security Weekly

  1. Guardicore Centra enables security teams to stop ransomware and lateral movement – Help Net Security
  2. SCRA Announces Investment in Cybersecurity Startup, Hook Security – SCRA: South Carolina Research Authority
  3. Hunters raises $30M in Series B funding round led by Bessemer Venture Partners
  4. Netskope Streamlines Data Processes With Improved Attribution Models, Internal Collaboration
  5. ThycoticCentrify Enhances DevOps Security with Certificate-Based Authentication and Configurable Time-to-Live for All Cloud Platforms
  6. Cloudflare Claims To Have Blocked The ‘greatest DDoS attack in history’ – Somag News
  7. SecurityScorecard teams up with Tenable to improve risk management
  8. Cloudera Introduces Cloudera DataFlow
  9. Intezer – Intezer Analyze Transforms for Maltego
  10. Sumo Logic delivers on SOAR promise it made by acquiring DFLabs
TylerShields

Tyler Shields

@txs

CMO at JupiterOne