Security Hygiene, Doing All the Little Things Right (All the Time) – Jody Brazil – BSW #254



Sponsored By


sponsor
Visit https://securityweekly.com/firemon for more information!

It doesn’t matter how much security technology you have, how much you spend on security: security outcomes are achieved by doing all the little things right. You can spend $10M on network security technology from any vendor, but you will fail to effectively secure your enterprise if you don’t properly manage the policy enforced by those firewalls.

That sounds really simple, but simple doesn’t scale. If you only have a few firewalls with policies consisting of tens of rules, it may be simple. But imagine an enterprise that has 2,000 firewalls, each firewall has a policy with an average of 500 rules, each rule has an average of 15 objects, each source and destination object represent an average of 50 IP addresses. This enterprise is managing, 2,000 firewalls, 1 million rules, 125 million connections, representing over 300 billion access paths. And just 1 wrong rule could expose the network to compromise.

This segment is sponsored by FireMon. Visit https://securityweekly.com/firemon to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes!

Full Episode Show Notes

Security Hygiene, Doing All the Little Things Right (All the Time)

Guests

Jody Brazil

Jody Brazil – CEO at FireMon

@jodybrazil

Jody is a seasoned entrepreneur with more than two decades of executive management experience and deep domain expertise in network security, including network security management and product development. Jody previously the CEO at FishNet Security, FireMon, and DisruptOps.

Hosts

Jason Albuquerque

Jason Albuquerque – Chief Operating Officer at Envision Technologies

@Jay_Albuquerque

Jason Albuquerque is the COO of Envision Technologies.

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Tyler Robinson

Tyler Robinson – Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

@tyler_robinson

As the Managing Director of Offensive Security & Research at Trimarc, Tyler leads a team of high-performance security professionals within the offensive security field by simulating sophisticated adversaries and creating scalable offensive security platforms using the latest techniques as seen in the wild. With over 2 decades of experience, Tyler specializes in Red Teaming, APT threat modeling, blackbox network penetration testing, and Physical/Social-Engineering. Tyler has presented at multiple conferences including BSides, DefCon and Blackhat panels, SANS security events and to multiple branches of the military.

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!