esw271

Enterprise Security Weekly Episode #271 – April 28, 2022

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. The Turbulent Cloud Security Market – 03:00 PM-03:30 PM

Announcements

  • Security Weekly listeners, save $100 on your RSA Conference 2022 Full Conference Pass! RSA Conference will be live in San Francisco June 6th-9th, 2022. Security Weekly will be there in full force, delivering real-time, live coverage and interviewing some of the event’s top speakers and sponsors. To register using our discount code, please visit https://securityweekly.com/rsac2022 and use the code 52UCYBER. We hope to see you there!

Description

Cloud security is confusing enough these days, but a complex product landscape doesn’t make it any easier. In this segment we’ll talk about what’s driving this, how to make sense of it, and where to find things that actually help.

Guest(s)

Rich Mogull

Rich Mogull – SVP Cloud Security at FireMon

@rmogull

With twenty years of experience in information security, physical security, and risk management, Rich is one of the foremost experts on cloud security, having driven development of the Cloud Security Alliance’s V4 Guidance and the associated CCSK training curriculum.

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Director of Product Management at Tenchi Security

LarryPesce

Larry Pesce

@haxorthematrix

Principal Managing Consultant and Director of Research & Development at InGuardians

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

2. Digital Identity: The Cornerstone of Our Digital World – 03:30 PM-04:00 PM

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Description

Digital identity is key to modern security architectures; enables privacy-preserving, trusted services; and drives customer-oriented experiences. Key trends like passwordless, verified credentials, and personal identity will have a profound effect on enterprise security. Discover how you can make the most of these evolutions, and learn how you can support the industry and its professionals.

Guest(s)

Andrew Hindle

Andrew Hindle – Content Chair, Identiverse; Chair, IDPro at Identiverse

@andrewhindle

Andrew Hindle is an independent consultant specialising in digital identity, privacy and cyber security. He has served as the Identiverse Content Chair for eight years. He is the Board Chair of IDPro, of which he is also a founding member; he participates as a voting member of the User Managed Access Working Group at Kantara; and he is an active member of the Open Identity Foundation (OIDF).

Andrew has over 20 years’ experience in the software industry in a range of technical sales, pre-sales, product marketing and business development roles. He holds an IDPro CIDPRO, maintains CIPP/E, CIPM and CIPT privacy certifications with the IAPP, and has a BA in Oriental Studies (Japanese) from Oxford University.

Outside of the world of identity, Andrew is a trustee with his local and county scouting groups, rides regularly with a local road cycling group, and plays keyboard, guitar and bassoon (not at the same time!) with more enthusiasm than skill, and for an audience of one. Andrew is based in the UK and can also be found on twitter (@andrewhindle) and LinkedIn (linkedin.com/in/ahindle).

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Director of Product Management at Tenchi Security

LarryPesce

Larry Pesce

@haxorthematrix

Principal Managing Consultant and Director of Research & Development at InGuardians

TylerShields

Tyler Shields

@txs

CMO at JupiterOne

3. Austin Peay State, Basis Theory, Authtech, Hivemapper Dashcam, & Devo Autonomous SOC – 04:00 PM-04:30 PM

Announcements

  • Don’t miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Don’t forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Description

This week in the Enterprise News: Basis Theory raises $17 million funding round, Crunchbase Funding Round Profile, Devo Acquires AI-Powered Security Automation Innovator to Deliver the “Autonomous SOC”, Hivemapper Dashcam, Authtech, Twitter accepts Elon Musk’s $44 billion offer, Austin Peay State University on Twitter, Basis Theory raises $17 million funding round, & more!

Hosts

AdrianSanabria

Adrian Sanabria

@sawaba

Director of Product Management at Tenchi Security

  1. FUNDING: SonarSource raises $412M to scan codebases for bugs – TechCrunch – $412M Series ? co-led by Advent International and General Catalyst.

    Hugely confused at first, I eventually worked out that SonarQube and SonarSource are one and the same. The confusion comes from the fact that sonarsource.com is the commercial entity, with TOTALLY DIFFERENT BRANDING from Sonarqube.org, which is devoted to the FOSS side of the products. Both backed by the Swiss-based SonarSource S.A.

    Fundamentally a shift left AppSec product, focused on discovering issues in code before they get to production (whether through automated CI/CD pipeline testing, or an IDE plugin that shouts at devs in real time when they mess things up.

  2. FUNDING: ARMO raises $30M for the first open-source Kubernetes security platform
  3. FUNDING: Cybersecurity startup WiJungle raises seed funding of $22 million
  4. FUNDING: Basis Theory raises $17 million funding round
  5. FUNDING: Dassana Emerges From Stealth With $5M in Funding to Bring Cloud-Like Thinking to Logs
  6. FUNDING: Privy Closes $4M in Series A funding to Accelerate Growth
  7. GROWTH: How Privy hit $11.4M in Revenue with 19K Customers in 2022.
  8. FUNDING: Venture Round – SpiderOak – 2022-04-14 – Crunchbase Funding Round Profile
  9. ACQUISITIONS: Tenable Agrees to Acquire Bit Discovery
  10. ACQUISITIONS: Devo Acquires AI-Powered Security Automation Innovator to Deliver the “Autonomous SOC” – Devo.com – Devo acquires Kognos. Details of the deal appear to be private. Isn’t an autonomous SOC, by definition, NOT a SOC?
  11. ACQUISITIONS: Sophos Acquires SOC.OS for More MDR, XDR Security Automation – MSSP Alert – Now Thoma Bravo-backed, private Sophos is making some acquisitions. Sophos was taken private by Thoma in 2020 for $3.9B. This is the fourth acquisition since the take-private and Sophos’s 17th overall. Sophos went on a tear last summer, picking up Refactr (devops-focused SOAR), Braintrace (services), and Capsule8 (Linux attack prevention).

    SOC.OS is a SOCaaS provider, which makes sense, given Sophos’s mid-market focus.

  12. TRENDS: Hivemapper Dashcam – Hivemapper Network – Paying drivers to help create a competitor to commercial mapping services. What will be next in the defi world?
  13. REPORTS: Thinkst Applied Research – Thinkstscapes – The latest version of Thinkst’s roll-up of goings on for the previous 6 months is available and free (not even any form to fill out).
  14. NEW PRODUCTS: Authtech – Using flashing lights to authenticate? The concept isn’t new – the Timex Datalink series of watches were PDAs for your wrist in the 90’s. They flashed lights on the screen of your PC to transfer data to the watch.
  15. NEW PRODUCTS: SecurityScorecard Launches Cyber Risk Quantification Portfolio
  16. NEW PRODUCTS: Mindpass – Password Manager – Log into your password vault by picking out three random objects in 3D scenes. But why, when you could just use your fingerprint to log in???
  17. SQUIRREL: Twitter accepts Elon Musk’s $44 billion offer – TechCrunch
  18. SQUIRREL: Austin Peay State University on Twitter – We probably shouldn’t be laughing, but the comments in this thread are hilarious.
LarryPesce

Larry Pesce

@haxorthematrix

Principal Managing Consultant and Director of Research & Development at InGuardians

TylerShields

Tyler Shields

@txs

CMO at JupiterOne