Philippe Lafoucrière – Distinguished Security Engineer at GitLab Inc.

Philippe Lafoucriere is a Distinguished Security Engineer at GitLab.
Before joining GitLab, Philippe was the founder and CEO of Gemnasium, a SaaS company that helped developers mitigate security vulnerabilities in open source code. Gemnasium was acquired by GitLab to implement robust security scanning functionality natively into GitLab’s CI/CD pipelines.

Adrian Sanabria

Senior Research Engineer at CyberRisk Alliance

Lee Neely

Senior Cyber Analyst at Lawrence Livermore National Laboratory

Paul Asadoorian

Founder at Security Weekly

John Smith – Principal Engineer, Security at ExtraHop

John Smith has over twenty years’ experience in IT and Security, including eighteen years as a practitioner before joining ExtraHop. John is a frequent speaker on podcasts and webinars, and has delivered talks at conferences like RSAC and multiple B-Sides events. His experience includes securing and architecting the US Centers for Disease Control’s Pandemic Response and Telework solution in 2007 and pioneering data-driven analytics and investigations.

Adrian Sanabria

Senior Research Engineer at CyberRisk Alliance

Lee Neely

Senior Cyber Analyst at Lawrence Livermore National Laboratory

Paul Asadoorian

Founder at Security Weekly

Adrian Sanabria

Senior Research Engineer at CyberRisk Alliance

1. Comcast Business to Acquire Masergy, a Pioneer in Software-Defined Networking and Cloud Platforms –
2. Elastic and Cmd Join Forces to Help Customers Take Command of Their Cloud Workloads –
3. Incident Response Firm BreachQuest Launches With $4.4 Million in Seed Funding –
4. IronNet Completes Business Combination with LGL Systems Acquisition Corp. –
5. Check Point Software Technologies Acquires Avanan, the fastest growing cloud email and collaboration security company, to redefine security for cloud email –

Lee Neely

Senior Cyber Analyst at Lawrence Livermore National Laboratory

Paul Asadoorian

Founder at Security Weekly

1. ThycoticCentrify Enhances DevOps Security with Certificate-Based Authentication and Configurable Time-to-Live for All Cloud Platforms – ” The latest version offers certificate-based authentication and the ability to configure Time-to-Live (TTL) for secrets, leading to even tighter DevOps security and easier management.”
2. LogPoint Acquires SecBI to Add SOAR and XDR Platforms – “LogPoint, a provider of security information event management (SIEM) platform and user behavior analytics tools, today revealed it has acquired SecBI, a provider of an integrated security orchestration and automated response (SOAR) and extended detection and response (XDR) platform.” – Check the boxes on acronym bingo.
3. D3 Security raises $10M to accelerate advancement of its next-generation SOAR platform – “D3’s SOAR platform helps many of the world’s most sophisticated security teams integrate their security tools, eliminate time-consuming tasks via automation, and orchestrate lightning-fast responses to threats.”
4. Query.AI’s enhancements drive efficiencies in cybersecurity investigations – “The Query.AI platform serves as a connective tissue that delivers federated search to conduct investigations across data silos and eliminates the antiquated approach of universal data centralization.”
5. Absolute Software : Announces General Availability of Absolute DataExplorer – Kinda neat how it lives in firmware, we always talk about bad things that could live in firmware, this is a legit tool that lives in firmware: “Anchored by its firmware-embedded Persistence® capabilities residing in more than 500 million endpoints, Absolute provides an undeletable digital tether to every device – enabling customers to maintain enhanced visibility across their device fleets and reliably monitor critical hardware and software information.”
6. Privileged Remote Access Version 21.2 Introduces BYOT for SSH, UI Enhancements, & More – “With this release, Privileged Remote Access enables organizations to properly manage and inject credentials managed by Azure AD Domain Services. Administrators can now leverage the Secure Remote Access Vault to rotate account credentials managed by Azure Active Directory Domain Services”
7. BeyondTrust Labs Report Demonstrates Removing Admin Rights and Implementing Application Controls Highly Effective in Preventing Malware – “Removal of admin rights and implementation of pragmatic application control are two of the most effective security controls for preventing and mitigating the most common malware threats.” – Agree?
8. Lift and drag: confronting complacency and disrupting inertia in cybersecurity strategy – “Psychological inertia, as it is known in medical literature, is prevalent in workplace change management because committing to the changes necessary to achieve higher-level objectives causes individuals to feel anxiety and fear. So, even though the workforce acknowledges the security benefits of a Zero Trust model, they resist the necessary changes in their daily routine.” – This is so common! “In fact, most wildly successful organizations can point to one or more significant disruptions that served as the catalyst to overcome status quo bias and drive innovation.” – I’ve always said you have to scramble a few eggs to make an omelet…
9. Exploiting CVE-2018-13379 – A Case Study – “Successfully authenticated user credentials were saved, in plaintext, to this file. Any unauthenticated visitor could exploit the vulnerability to retrieve this file and collect plaintext credentials.” – Why can’t we just patch this? Did we not know it existed or we knew and got pushback? “The primary method of access and lateral movement was through the VPN and Remote Desktop Protocol (RDP).” – Curious if MFA could be implemented system-wide for RDP connections as I believe this is possible, not expensive, and not a huge inconvenience. “Four months into the incident, PsExec was run from a VPN source IP to create a scheduled task on domain controllers.” – This should generate an alert, also curious how common this is for legitimate admins or software to create a scheduled task on a domain controller…