1. The Benefits of Automation, Starting With PCI – 03:00 PM-03:30 PM
Join us April 14th to learn how to monitor your wifi network for attacks with Nzyme, a free and open source wireless intrusion detection system. Live attendees will have the chance to win a $100 Hacker Warehouse gift card! Register at securityweekly.com/webcasts! Don’t forget to check out our library of on-demand webcasts & technical trainings at https://securityweekly.com/ondemand.
Managing firewall rule reviews, especially for PCI–DSS, can be complex but it doesn’t have to be. Hear from Jeff Styles as he talks about how you can automate this process to keep you compliant and secure.
Jeff Styles – SVP of Global Field Engineering and Field CISO at FireMon
Jeffrey Styles leads our global team of sales engineers. Working alongside key groups within FireMon, Jeff ensures technical win achievement and real-time strategic field intelligence. With more than 20 years of experience in perimeter cybersecurity, firewall engineering, and penetration testing he has held a series of security leadership positions in high-growth startups and large-scale Fortune 100 companies.
Director of Product Management at Tenchi Security
Sr. Product Marketing Manager at Axonius
CMO at JupiterOne
2. Filtering Out All the [Market] Noise – 03:30 PM-04:00 PM
Don’t miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
There’s a LOT of noise in the security industry. We’ve catalogued over 10,000 cybersecurity products and each of the companies behind these products has a marketing team, a twitter account, a blog, and a ton of content to blast at enterprise security buyers.
There’s an interesting connection between GreyNoise’s product, founder, and principles. While building a product that filtered out the noise that wastes most security operations teams’ time, Andrew was dead set against building a startup that resembled the typical security startup.
We’ll discuss Andrew’s unique path to market, the latest features of GreyNoise, and where the lines are drawn between malicious and benign scanning.
Andrew Morris – Founder and CEO at GreyNoise Intelligence
Andrew Morris is founder and CEO of GreyNoise Intelligence, a cyber security company based in Washington DC that analyzes Internet scanning traffic to separate threats from background noise. Andrew has a strong background in offensive cyber operations and security research. Before starting GreyNoise, Andrew worked in R&D at Endgame (military grade endpoint protection), security engineering at Intrepidus Group (mobile app security), and penetration testing at Knowledge Consulting Group.
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
In the Enterprise Security News for this week: Google intends to acquire Mandiant
HelpSystems to pick up Alert Logic – at least their 11th security acquisition in the past 3 years, Rumor that Abnormal Security could be our next security unicorn, Axonius raises a $200M Series E, A number of AppSec and cloud security startups raise their first big rounds, SEC requires public companies to report breaches within 4 days,Did we mention Google is buying Mandiant? All that and more, on this episode of Enterprise Security Weekly.
ACQUISITIONS: Google Announces Intent to Acquire Mandiant – After hearing rumors a few weeks back that Microsoft was in talks to acquire Mandiant (we discussed this on Episode 260 – https://securityweekly.com/esw260), some dismissed the Google/Mandiant chatter as just more rumors. We didn’t have to wait long to get official confirmation though – we now have a formal press release from both Mandiant and Google.
The product-side of this deal is largely straightforward. Mandiant has an EASM product (Intrigue acquisition), threat intel (iSIGHT Partners acq), Security Validation (aka BAS, Verodin acq) and an XDR/SOAR-like product called Automated Defense. All these roll up into what Mandiant calls the Advantage Platform. They’re very complementary to Google’s Chronicle and SIEMplify acquisitions, and round out a solid SecOps offering, as Google describes well in this press release.
What’s less clear, is how Google will integrate Mandiant’s services going forward. There are precedents for mixed product/services acquisitions getting acquired, but they’re mostly negative. If we reach WAY back to McAfee’s acquisition of Foundstone ($86M) and Symantec’s acquisition of @stake ($48M), we can track the slow death of both the products and services that came with each of these acquisitions.
Of course, Google isn’t McAfee or Symantec. And $5.4bn is a MUCH larger purchase price. Even if we factor in inflation, this deal is 42 times larger than the Foundstone acquisition and 75 times larger than the @stake acquisition. Of course, Mandiant is a public company with $483M in 2021 revenue and nearly 2,000 employees – a much larger company than Foundstone or @stake ever were.
I think it makes the most sense for Google to allow Mandiant’s services to continue to run as an autonomous, independent unit (if it isn’t broken…). Meanwhile, Mandiant’s founder and CEO, Kevin Mandia, has become increasingly involved in investing and is currently a Strategic Partner of Ballistic Ventures. It’s anyone’s guess as to whether he’ll choose to stay on long-term and continue to run Mandiant, or if he’ll pass the torch and devote himself full-time to investing.
ACQUISITION: HelpSystems to Acquire MDR Services Firm Alert Logic – Alert Logic was MDR before MDR was cool. Did we somehow miss HelpSystems acquiring Tripwire for $350M last month??? A few of HelpSystems other recent acquisitions: Digital Guardian, Vera, Clearswift, PhishLabs, Agari, Beyond Security, Digital Defense. This makes at least 11 cybersecurity acquisitions since 2019 for HelpSystems.
FUNDING RUMOR: Insight Leading Abnormal Security Funding Round at $4 Billion – I can’t see the full article, but I have a few more details, courtesy of StrictlyVC:
Abnormal Security, a 3.5-year-old, San Francisco-based cybersecurity company focused around socially engineered email attacks, is reportedly in talks to raise between $250 million and $300 million in funding led by Insight Partners.
FUNDING: Axonius, which brings asset visibility to complex IT environments, raises $200M – Axonius was already declared a unicorn after the last raise, so we’re not adding a new unicorn to the list. We’ve added 6 more unicorns in the past month, so things have shuffled around a bit. This is a Series E and brings total funding to $665M. Time to start talking exits? I hear Cisco and Microsoft have an appetite for cybersecurity acquisitions…
FUNDING: Cider Security raises $32 million for application security operating system – Apparently, the number is actually $38M in this Series A led by Tiger Global. “The world’s first AppSec Operating System”. Huh? Like Bright Security, they’re taking aim at the dev lifecycle. But instead of DAST, it looks like a more holistic approach, where they focus on providing visibility and security controls. If I’m understanding this right, they’re trying to remove friction from the process of improving security in app development, which is the opposite of what most dev-targeted AppSec solutions are doing. I applaud them for that, but still dislike the term “operating system” being repurposed to mean something else…
FUNDING: SecureCo, LLC – $2.5M Seed Round – New York-based, raised from Florida Funders and others. Possibly the worst website I’ve seen in 2022. Also not thrilled with the name. Tons of buzzwords, seems very military/federal-focused. Doing something around encrypting data in-transit. Perhaps some kind of peer-to-peer tunneling (ZTNA? SDP?) similar to ZeroBastion (we chatted with their CEO last week)??