Enterprise Security Weekly (Video)

Semperis adds vulnerability assessment, security reporting, and auto-remediation to its DSP, AWS launches Amazon Honeycode to help quickly build mobile and web apps without programming, Attivo Networks Advanced Protection Disrupts Ransomware 2.0, Improved threat visibility, defense and protection across social platforms with SafeGuard 7.6, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode189

Despite running the mission-critical applications that power your business, ERP applications, such as SAP and Oracle E-Business Suite, and their custom code are often a cybersecurity blind spot. In this podcast, we'll be discussing how missing patches, misconfigurations, issues with custom code and other vulnerabilities are leaving your most important data and applications unprotected—and what to do about it. To request a complimentary assessment, visit https://securityweekly.com/onapsis Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode188

Paul, Matt, and Ferruh discuss the differences between DAST and other approaches such as SAST and IAST! They will debunk some common DAST myths and then follow-up on their last conversation and discuss Short-Term Vulnerability Management Tools! To learn more about Netsparker, visit https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode188

BeyondTrust Announces Integration with the SailPoint Predictive Identity Platform, Check Point Launches CloudGuard Cloud Native Security, CyberArk Alero enhancements provide secure privileged access for remote users, Digital Shadows announces new capabilities to identify and remediate unwanted code exposure, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode188

Heather will discuss a new book detailing best practices for designing scalable and reliable systems that are fundamentally secure. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode187

In this episode of Enterprise Security Weekly, Nucleus co-founder Scott Kuffer talks about the problems teams face in doing the process of vulnerability management effectively and how Nucleus is uniquely positioned in the marketplace to solve them. To learn more about Nucleus Security, visit: http://nucleussec.com Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode187

Morpheus Announces Zero-Trust Cloud Management Platform, Thycotic Releases New Version of DevOps Secrets Vault, Qualys Remote Endpoint Protection gets malware detection, F-Secure launches ID PROTECTION, Vectra integrates network threat detection and response for Microsoft Security Services, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode187

Co-Founder and CEO Casey Rosenthal and Co-Founder and CTO Aaron Rinehart of Verica join us today to talk Chaos Engineering and Security, Continuous Integration, Delivery, Verification, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode186

Whether you are deploying your own software or someone else's software, there are a chain of dependencies that likely includes vulnerabilities. From the base OS image, to utilities, to frameworks and app servers, to language specific libraries, all can contain vulnerabilities. Not only can they contain vulnerabilities, but the chain of dependencies can carry vulnerabilities as well. Learn how to combat this problem in this segment! To learn more about Snyk, visit: https://securityweekly.com/snyk Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode186

SureCloud Launches Cyber Resilience Assessment Solution, Blackpoint Cyber launches 365 Defense - a Microsoft 365 security add-on for its MDR service, Endace and Palo Alto Networks Cortex XSOAR enable accelerated forensics of cyberthreats, Zscaler acquires Edgewise Networks, WatchGuard Technologies Completes Acquisition of Panda Security, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode186

Security Leadership, Accountability in Security Leadership, and Enforcing Buy-in From the Top! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode185

What is the value of identity in a larger security conversation? Why does CyberArk partner with so many technology vendors? What's the value to you, the customer? It's an opportunity to talk about Privileged Access Management solution integrations with market leading software applications in the vulnerability management, SIEM, storage, discovery, orchestration & response, governance and many other fields. We will discuss why identity is an important part of securing an application - fundamental security principle that is not yet widely considered. To learn more about CyberArk, visit: https://securityweekly.com/cyberark Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode185

This week, MITRE ATT&CK for ICS: A Technical Deep Dive, Tufin Expands Security Automation Capabilities, Strengthen Business and Security Alignment with ThreatConnect, BeyondTrust Privilege Management for Windows and Mac SaaS Accelerates and Enhances Endpoint Security, Re-imaging threat detection, hunting and response with CTI, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode185

In this segment we'll discuss why email security is still not a solved problem and how now that people are increasingly working from home, it poses an increased risk. We'll also share some interesting attacks that we've uncovered in the past several weeks since the beginning of shelter-in-place. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode184

Whether it's an external red team, internal red team, vulnerability scanning data, or a self-assessment questionnaire, results from all of these different types of assessments must be tracked and managed. Dan from Plextrac will walk you through how to track and manage all of these activities in one place! To learn more about PlexTrac or to claim your Free Month, visit: https://securityweekly.com/plextrac Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode184

RSA Conference 2021 Changes Date from February to May 2021, Docker partners with Snyk on container image vulnerability scanning, Venafi acquires Jetstack to bring together developer speed and enterprise security, Onapsis expands assessments for its Business Risk Illustration service, Volterra launches VoltShare to simplify the process of securely encrypting confidential data end-to-end, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode184

Many companies hire external consultants to conduct incident response and remediation, which can add up quickly in cost. By providing these security consultants with network data in seconds as opposed to hours or days, we can drastically reduce remediation costs and speed breach containment. To learn more about VIAVI Solutions, visit: https://securitweekly.com/viavi Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode183

Discuss approach to vulnerability management at Toyota Financials and benefits of a full life-cycle approach to vulnerability management. To learn more about Qualys VMDR, visit: https://securityweekly.com/qualys Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode183

In the Enterprise Security News, how GitHub Code Scanning aims to prevent vulnerabilities in open source software, SlashNext Integrates with Palo Alto Networks Cortex XSOAR to Deliver Automated Phishing IR and Threat Hunting, Portshift Announces Extended Kubernetes Cluster Protection, Vigilant Ops InSight Platform V1 automatically generates device software bill of materials, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode183

Executing on a successful program and proving its efficacy is an impossibility for many security teams. Tune in as we discuss what steps you can take immediately to set more effective goals, track progress and share your success. You'll also have the opportunity to see how Rapid7's Vulnerability Management solution, InsightVM can help you create and contextualize metrics that your non-technical leadership and board—as well as your users—can understand. To learn more about Rapid7, or to request a Demo, visit: https://securityweekly.com/rapid7 Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode182

Broad shifts to remote access plus increased strain on budgets and resources make it a business imperative to accelerate cloud adoption, and do it securely. Network detection and response bridges the gap between security and network teams and enables scalable visibility and security for cloud and multicloud environments. To learn more about ExtraHop, visit: https://securityweekly.com/extrahop Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode182

Microsoft is to buy Israeli cybersecurity startup CyberX, ExtraHop Data Shows Shifts in IoT Device Usage During COVID-19 Have Broad Security Implications, Immuta and Snowflake help customers share data with automated privacy protection, Code42 Integrates with Palo Alto Networks Cortex XSOAR to Speed and Automate Insider Threat Incident Response, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode182

This week, we welcome Wim Remes, CEO and Principal Consultant at Wire Security, to discuss learning how to build an Enterprise Security Team, including how to find the right people! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode181

Unfortunately, the pandemic has been used as the subject in an aggressive spike of malicious cyber attacks attempting to monopolize the situation. Knowing how and where to focus your security efforts first is critical in maintaining security and privacy. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode181

This week in the Enterprise Security News, Obsidian Security lets security teams monitor Zoom usage, Guardicore Infection Monkey now maps its actions to MITRE ATT&CK knowledge base, Trustwave Security Colony delivers resources, playbooks and expertise to bolster security posture, Almost half of security pros being redeployed during pandemic, Why You Need Both SIEM and SOAR Solutions in your Cybersecurity, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode181

Peter will discuss this article and put it into even greater perspective: https://worldview.stratfor.com/article/linkedin-cybersecurity-recruitment-hostile-intelligence-agency. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode180

As we quickly pivot to remote work, what are the business impacts and security risks? What have we learned and how quickly can organizations adapt to this new paradigm? What activities should we take to make our organizations more resilient as we emerge from this crisis and prepare for the next? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode180

This week in the Enterprise Security News, Breach-and-Attack Simulation Firm SafeBreach Raises $19 Million, F-Secure launches protection and response service to protect remote workers, Swimlane acquires Syncurity to spur growth and affirm commitment to SOAR market, DefenseCode ThunderScan SAST 2.1.0 supports Go and ABAP languages, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode180

Tim Williams, Founder and CEO of Index Engines, joins us to discuss the cyber security software market and how it's focused on preventing ransomware attacks. How do you know if that line of defense fails? How do you prove that negative? Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode179

Many organizations today know about phishing and have taken steps to educate users, followed by phishing simulations. What comes next? This discussion will revolve around what many organizations are struggling with after they have built a phishing program. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode179

This week in the Enterprise Security News, NeuVector adds to container security platform and automates end-to-end vulnerability management, Sysdig Expands Unified Monitoring Across IBM Cloud Services Globally, Optiv Hires Deloitte Stalwart Kevin Lynch as Chief Executive Officer, Illusive Networks Integrates with Infoblox to Speed Deployment, Microsoft's April 2020 Patch Tuesday arrives with fixes for 3 zero-day exploits and 15 critical flaws, and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode179

What are the practical ways to get that time to value in app security? How can we utilize devs in the process without creating massive SAST integration projects and training them on false positives and complex challenges. So just fitting into their daily process, and only sending them actionable and real findings. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode178

What are the practical ways to get that time to value in app security? How can we utilize devs in the process without creating massive SAST integration projects and training them on false positives and complex challenges. So just fitting into their daily process, and only sending them actionable and real findings. To learn more about Netsparker, visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode178

New from BitDam, Ping, CrowdStrike, Automox, Ixia, Recorded Future, CyberArk, AlgoSec, Tufin, Unisys. Redis servers found exposed to the Internet and vulnerable! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode178

Tod Beardsley, research director, will discuss some of the trends in Internet scanning and attacker behavior given there are new Windows vulnerabilities and the workforce working from home. Should you re-train your User Behavior Analytics (UBA) and/or rely on other technologies? To learn more about Rapid7 or to get a free trial, visit: https://securityweekly.com/rapid7 Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177

The cybersecurity challenges created by remote workforces and what it takes to deliver security to remote workers while avoiding impacting business operations. How do you continue vulnerability and patch management across endpoints and servers when everyone is working from home? To learn more about Qualys, visit: https://securityweekly.com/qualys Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177

How to Write an Automated Test Framework in a Million Little Steps, Qualys remote endpoint protection solution helps enterprises secure remote workforces, Sysdig Provides the First Cloud-Scale Prometheus Monitoring Offering, Kaspersky Security for Microsoft Office 365 adds protection for SharePoint Online and Microsoft Teams and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode177

Fortinet Introduces Self-Learning AI Appliance for Sub-Second Threat Detection Enterprise IT World, GreatHorn Offers Free Email Protection for 60 Days, ZeroNorth raises $10M to further expand engineering, customer support and sales, WordPress to get automatic updates for plugins and themes, and more!! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode176

Acunetix: Automation as a Solution for Web Application Security - Mark Ralls - RSAC 2020 Mark Ralls, President and Chief Operating Officer at Acunetix, discusses web security challenges in small and medium enterprises and how automation can help fill the skills gap. To schedule a demo with Acunetix, visit: https://securityweekly.com/acunetix Netsparker: How to Scale Web Application Security - Kevin Gallagher - RSAC 2020 Kevin Gallagher, Chief Revenue Officer at Netsparker, discusses how to scale web application security including asset discovery, application scanning, prioritization of results, and more! To get a demo of NetSparker, please visit: https://securityweekly.com/netsparker Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode176

SaltStack: Managing Configuration & Patches with SaltStack - Mehul Revankar - RSAC 2020 Offering open-source and commercial solutions for configuration, patch, and vulnerability management, SaltStack is a must-have! Mehul Ravankar provides us with details about the various products and new features including the ability to import vulnerability scan data and remediate! To request a demo with SaltStack, visit: https://securityweekly.com/saltstack Synopsys: Enabling Developers Without Negatively Impacting Their Velocity - Utsav Sanghani - RSAC 2020 Utsav Sanghani, Senior Product Manager from Synopsys, discusses the latest efforts to enable developers in ensuring that software security is accounted for in their work without negatively impacting their velocity. To get a demo of Synopsys, please visit: https://securityweekly.com/synopsys Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode176

ExtraHop - Agents and logs don't play well in an IoT environment, however the network doesn't lie. Looking at the behaviors of IoT devices through the lens of the network traffic can help build an asset inventory help detect attacks. Corey Bodzin is the VP of Product Management for ExtraHop and discusses how network visibility can help with IoT security. To try RevealX Cloud for Free visit: https://securityweekly.com/extrahop Bandura - Todd Weller, Chief Strategy Officer at Bandura Cyber, provides an update on Bandura Cyber and discusses the latest trends and dynamics in threat intelligence. To find out more about Bandura Cyber, please email [email protected] Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode175

The pain caused by bad pricing models in cybersecurity and analytics tools Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode175

Neustar's enhanced UltraDNS capabilities boast greater capacity, global reach and security, WatchGuard acquires Panda Security to expand endpoint capabilities, Ping Identity launches two hybrid IT focused solution packages, and Fortinet updates FortiOS & launches next-gen firewall product!Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode175

Dashboards are a great way to enable junior security analysts to be more effective when trying to discover security events. Cory Thuen is the Founder and CEO of Gravwell, and they want to your logs, all of your logs. Gravwell's solution allows you to run queries and create dashboards that lead to actionable events. Cory explains how this works and even how customers are using Gravwell to collect logs on-premise and in the cloud. Vulnerabilities and exposures come from many different sources. Plextrac allows you to bring in data from anywhere and track those findings across your entire organization. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode174

It is no secret that elections are under constant attack. Attacks take many shapes and forms, from dis-information to malware to denial of service, its all in play as adversaries look to disrupt enemy infrastructure. Tod Beardsley, Director of Research at Rapid 7 brings unique and insightful perspectives on this topic as he is analyzing data from scans of the entire Internet and monitoring over 250 honeypots.Mike Nichols, Head of Product at Elastic, discusses election security and their partnership with the DDC to offer 2020 campaigns free security. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode174

News from Nozomi Networks, Code42, CrowdStrike, SCYTHE, Palo Alto Networks, Gurucul, SentinelOne and more! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode174

Ben Budge and Lyle Beck will discuss the problems they faced at Litehouse in regards to network and system monitoring and troubleshooting and how that ultimately took them to Extrahop. They will also discuss the value ExtaHop has brought to Litehouse and share some of those experiences. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode173

Scott Lyons will provide an overview of their CTF at InfoSec World 2020, including their training class, CTF 101. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode173

his week, in the enterprise news segment, IBM announces RSA Conference withdrawal, Dell Offloads RSA, 12 hottest new cybersecurity startups at RSA 2020, and lots of funding announcements. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode173

As K-12 schools and students move into a digital world, the traditionally separate areas of campus safety and cybersecurity are converging. Cyberbullying, the increase in violence on campus, hackers targeting school information systems and student data, and the technological overlap between campus safety and cybersecurity are all driving this trend. The segment will look at how schools are taking a layered approach to protecting Google G Suite and Microsoft Office 365 data from risks focused on the K-12 education environment. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode172