Enterprise Security Weekly (Video)

John Strand and Paul Asadoorian discuss how Okta joins forces with Secret Double Octopus, Tenable unveils new innovations for Cyber Exposure analytics, Barracuda launches bot protection feature for firewall offerings, and some acquisition and funding updates from Palo Alto, FireEye, and Verodin! Full Show Notes: https://wiki.securityweekly.com/ES_Episode139 Visit https://securityweekly.com/esw for all the latest episodes!

In the Enterprise News, ThreatQuotient expands integration with MITRE ATT&CK Framework, JASK launches a new Heads Up Display for security operations centers, and we have some acquisition and funding updates from Guardicore, Auth0, and KnowBe4! Full Show Notes: https://wiki.securityweekly.com/ES_Episode138 Visit https://securityweekly.com/esw for all the latest episodes!

Candy Alexander is the President of Information Systems Security Association. Ms. Alexander has 30 years of information security experience working for various high-tech companies. She has held several positions as CISO (Chief Information Security Officer) for which she developed and managed corporate security programs. She is now working as a Virtual or Fractional CISO and Executive Cyber Security Consultant assisting companies large and small to improve their security programs through effective security initiatives. Full Show Notes: https://wiki.securityweekly.com/ES_Episode138 Visit https://securityweekly.com/esw for all the latest episodes!

Corey Thuen is the Co-Founder at Gravwell. Corey covers the topics: Framework for discussion: the pillars of the SOC and the 80/20 principle, Wire data, Log/Application Data, Endpoint protection/EDR, Threat Intel, Data fusion, SOAR, and much more! To learn more about Gravwell, visit: https://securityweekly.com/gravwell Full Show Notes: https://wiki.securityweekly.com/ES_Episode138 Visit https://securityweekly.com/esw for all the latest episodes!

Paul will be giving a technical segment on firewalls. Paul talks about an enterprise open-source firewalls? Full Show Notes: https://wiki.securityweekly.com/ES_Episode137 Visit https://securityweekly.com/esw for all the latest episodes!

In the news, Atos launches a new unified cloud identity and access management solution, ExtraHop announces new panorama partner program, SysDig and In-Q-Tel partnership to provide U.S. government agencies with the SysDig Cloud Native VSP, and LogRhythm releases a Cloud Based NextGen SIEM platform! Full Show Notes: https://wiki.securityweekly.com/ES_Episode137 Visit https://securityweekly.com/esw for all the latest episodes!

Ferruh Mavituna is the Founder & Product Manager at Netsparker. Centralization vs. Decentralization of security is an interesting topic. Decentralization in web app penetration testing is popular in many large organizations because no good centralized solutions solve this problem. Instead small teams do independent or random testing, without consistency or well-defined processes. Web security automation is a better approach. If you have 100 actively developed applications across 10 different development teams, can you (and should you) centralize security testing? To learn more about Netsparker, visit: https://securityweekly.com/netsparker Full Show Notes: https://wiki.securityweekly.com/ES_Episode137 Visit https://securityweekly.com/esw for all the latest episodes!

We have a Security Industry Briefings Update, where we talk about 42Crunch, Viridium, Whitecanyon, and Eclypsium! Full Show Notes: https://wiki.securityweekly.com/ES_Episode136 Visit https://securityweekly.com/esw for all the latest episodes!

In the Enterprise news, Secureworks launches new cybersecurity analytics app, StackRox Kubernetes Security Platform Receives Red Hat Container Certification, SIEM Solutions Firm Exabeam Raises $75 Million, and Serverless monitoring startup Espagon expands to cover broader microservices TechCrunch, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode136 Visit https://securityweekly.com/esw for all the latest episodes!

Nik Whitfield is the CEO at Panaseer. He joins us to talk about Continuous Controls Monitoring! Full Show Notes: https://wiki.securityweekly.com/ES_Episode136 Visit https://securityweekly.com/esw for all the latest episodes!

In the Enterprise news, ThreatConnects new features make creating security playbooks easier, SolarWinds adds password management to security portfolio, Checkpoint Systems announces HALO IoT platform, and BlackHat USA offers an inside look at Intel's security engine! Full Show Notes: https://wiki.securityweekly.com/ES_Episode135 Visit https://securityweekly.com/esw for all the latest episodes!

Josh Abraham is in studio! He is a Staff Engineer at Praetorian, and he is going to talk about the MITRE attack framework for defenders! Why Praetorian Benchmarks to MITRE ATT&CK: https://p16.praetorian.com/blog/why-praetorian-benchmarks-to-mitre-attack Full Show Notes: https://wiki.securityweekly.com/ES_Episode135 Visit https://securityweekly.com/esw for all the latest episodes!

A self-described "Nerd with a big mouth" Jay is an 18-year startup veteran specialized in pre-IPO, hyper-competitive environments with a focus on new technology introduction, partner/customer acquisition. Jay joins us to discuss Patch management struggles and how to overcome them! To get involved with Automox, visit: https://securityweekly.com/automox Full Show Notes: https://wiki.securityweekly.com/ES_Episode135 Visit https://securityweekly.com/esw for all the latest episodes!

Security Legend Dave Kennedy sits down with our Founder and CTO Paul Asadoorian at InfoSec World 2019 to discuss his company Binary Defense and how they're helping the Security community! A great conversation between two security legends and long time best friends! Full Show Notes: https://wiki.securityweekly.com/ES_Episode134 Visit https://securityweekly.com/esw for all the latest episodes!

In the Enterprise news, ShieldX adds lateral movement prevention to the Elastic Security Platform for AWS, Tenable Integrates with Google Cloud Security Command Center, Capsule8 to help Google Cloud SCC members consolidate findings and speed up response, and Evident and Okta partnership simplifies identity verification and reduces risk for businesses! Full Show Notes: https://wiki.securityweekly.com/ES_Episode134 Visit https://securityweekly.com/esw for all the latest episodes!

This week, Paul Asadoorian is joined by Matt Alderman, as we interview Francis Dinha, the CEO of OpenVPN. Francis Dinha is the CEO of OpenVPN. Full Show Notes: https://wiki.securityweekly.com/ES_Episode134 Visit https://securityweekly.com/esw for all the latest episodes!

In the news, OpenVPN and JumpCloud Partner to Bring Secure Cloud-based Authentication and User Management to VPN, IdenTrust and Device Authority Collaborate to Deliver Secure Lifecycle Management to the IoT, Tufin Prices NYSE IPO at $108 Million, Bad security hygiene still a major risk for enterprise IT networks and much more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode133 Visit http://securityweekly.com/esw for all the latest episodes!

We interview Patrick Tierney, the Sales Engineer at Endgame. To get involved with Endgame, visit: https://securityweekly.com/endgame Full Show Notes: https://wiki.securityweekly.com/ES_Episode133 Visit http://securityweekly.com/esw for all the latest episodes!

Matt Cauthorn is the VP of Cyber Security Engineering at ExtraHop. Matt Cauthorn leads a team of technical security engineers who work directly with customers and prospects. Matt uses his expertise with ExtraHop to explain The Three Horsemen of SOC Intel: Wire, Logs, Endpoint! To get involved with ExtraHop, vist: https://securityweekly.com/extrahop Full Show Notes: https://wiki.securityweekly.com/ES_Episode133 Visit http://securityweekly.com/esw for all the latest episodes!

Mike Weber is the Vice President of Coalfire and Rebecca Larson is the Director, Vulnerability Assessment Operations of Coalfire. Coalfire ASV Scanning: - ASV program (love, praise, struggle) - Development and growth of scanning, 1-5 person team, partnership, marketing position - Published opinion piece, getting knowledge, supporting the industry - Scan platform - RISE - movement in the company, coalfire programs, development at Coalfire - Limitations of scanning, pen testing? To learn more about Coalfire, visit: https://securityweekly.com/coalfire Full Show Notes: https://wiki.securityweekly.com/ES_Episode132 Visit http://securityweekly.com/esw for all the latest episodes!

In the news, Cloud security company Bitglass raises $70M in late-stage round, Lockpath Announces Significant Updates to Keylight Platform, TrustBuilder Identity Hub introduces simple and scalable access management for Docker, Pulse Secure Announces Collaboration with New Strategic Authorized Education Partners, RedSeal raises more than $60 million for its cybersecurity tools, Google expands cloud security capabilities, including simpler configuration, and Sysdig Unites Cloud-Native Visibility and Security in Platform Update. Full Show Notes: https://wiki.securityweekly.com/ES_Episode132 Visit http://securityweekly.com/esw for all the latest episodes!

In the last segment, we air the Security Briefing from Secure World Boston! Paul and Matt review the vendors at SecureWorld Boston 2019! Full Show Notes: https://wiki.securityweekly.com/ES_Episode132 Visit http://securityweekly.com/esw for all the latest episodes!

Paul sits down with Wade Lance and Nir Greenberg of Illusive Networks at the RSA Conference 2019! Full Show Notes: https://wiki.securityweekly.com/ES_Episode131 Visit http://securityweekly.com/esw for all the latest episodes!

Dr. Branden R. Williams has more than twenty years of experience in business, technology, and information security as a consultant, leader, and an executive. His specialty is navigating complex landscapes—be it compliance, security, technology, or business—and finding innovative solutions that propel companies forward while reducing risk. Full Show Notes: https://wiki.securityweekly.com/ES_Episode131 Visit http://securityweekly.com/esw for all the latest episodes!

Paul Asadoorian and Matt Alderman recorded interviews with the following vendors at RSA Conference 2019: Endgame, Virsec, and SCYTHE. Full Show Notes: https://wiki.securityweekly.com/ES_Episode130 Visit http://securityweekly.com/esw for all the latest episodes!

Stackpath released new edge computing VMs, ExtraHop hires former Tenable and HPE leaders to support growth in cyber, Security professionals want to return fire to Venafi, Dragos acquires NexDefense, and 42Crunch unveils a new platform to discover API vulnerabilities and protect them from attacks! Full Show Notes: https://wiki.securityweekly.com/ES_Episode130 Visit http://securityweekly.com/esw for all the latest episodes!

Paul Asadoorian and Matt Alderman recap RSA Conference 2019, including their briefings with: - 42Crunch - Baffle - CyberInt - Eclypsium - Ericom Software - Lacework - Radware - RiskRecon and More! Full Show Notes: https://wiki.securityweekly.com/ES_Episode129 Visit http://securityweekly.com/esw for all the latest episodes!

This week, we interview Gururaj Pandurangi, Founder and CEO at Cloudneeti, to discuss Continuous Cloud Assurance! Gururaj Pandurangi is a founder and CEO of Cloudneeti, a software-as-a-service company focused on continuous cloud security, data privacy and compliance assurance. Gururaj has 20 years of professional experience, a good portion of it as an early adopter of cloud technologies and building global scale cloud products like Windows Live, Bing platform, Consumer Identity and Federations. To learn more about Cloudneeti, visit: https://securityweekly.com/cloudneeti Full Show Notes: https://wiki.securityweekly.com/ES_Episode129 Visit http://securityweekly.com/esw for all the latest episodes!

Paul Asadoorian and Matt Alderman recorded interviews with the following vendors at RSA Conference 2019: - Venafi - XM Cyber - Onapsis Full Show Notes: https://wiki.securityweekly.com/ES_Episode129 Visit http://securityweekly.com/esw for all the latest episodes!

Capsule8 expands threat detection platform for PCI DSS, BitSight unveils peer analytics for more effective security performance management, Imperva advances autonomous application protection capabilities, and Synopsys launches Polaris Software integrity platform! Full Show Notes: https://wiki.securityweekly.com/ES_Episode128 Visit http://securityweekly.com/esw for all the latest episodes!

Paul and Matt discuss some Funding and M&A, such as Elevate Security announces an $8 million series A to alter employee security behavior, Armorblox raises 16.5 million in series A, Bandura Cyber raises 10 million in venture funding, and much more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode128 Visit http://securityweekly.com/esw for all the latest episodes!

CylancePROTECT now available on AWS marketplace, Attivo Networks enhances deception platform with Forensic Collection, Cyber Security market will reach $365.26B by 2026, and Elevate Security raises $8M in Series A! Full Show Notes: https://wiki.securityweekly.com/ES_Episode127 Visit http://securityweekly.com/esw for all the latest episodes!

Cody Cornell is the CEO of Swimlane. Matt Alderman and Joff Thyer interview Cody, to discuss Security Orchestration, Automation, and Response! Full Show Notes: https://wiki.securityweekly.com/ES_Episode127 Visit http://securityweekly.com/esw for all the latest episodes!

Where do we stand today in the following 3 areas when it comes to vulnerability management: 1. Applications - DevOps, containers and applications in general (desktop and SaaS) - What are the new challenges and how do we solve them? 2. Infrastructure - We still have infrastructure, operating systems, IoT, network infrastructure, etc...How do we best make this happen and make sense of the results? 3. Mobile - How do we cover iOS, Android, Chrome OS? Do we even care? Full Show Notes: https://wiki.securityweekly.com/ES_Episode126 Visit http://securityweekly.com/esw for all the latest episodes!

Cisco unlocks IoT potential with Intent-Based Networking, Qualys extends cloud platform with patch management, Tenable announces general availability of Predictive Prioritization, and Lacework announces security support for Azure and Multicloud environments! Full Show Notes: https://wiki.securityweekly.com/ES_Episode126 Visit http://securityweekly.com/esw for all the latest episodes!

RSA Conference announces finalists for Innovation Sandbox Contest 2019, DigiCert announces all-in-one digital certificate management solution, Google's new Chrome extension warns you about stolen passwords, Signal Sciences raises 35$ Million to accelerate market expansion and tech innovation, and Palo Alto is in talks to buy Information Security firm Demisto! Full Show Notes: https://wiki.securityweekly.com/ES_Episode125 Visit http://securityweekly.com/esw for all the latest episodes!

Randall Trzeciak, the Director of the CERT Insider Threat Center at Carnegie Mellon University's Software Engineering Institute! Randall will be speaking at InfoSec World 2019 about "An Effective Insider Threat Program" on Saturday, March 30th @9:00 am. Full Show Notes: https://wiki.securityweekly.com/ES_Episode125 Visit http://securityweekly.com/esw for all the latest episodes!

In the Enterprise Security News, we will discuss how Cynets Platform approach tames cyber security issues, Salt Security launches API protection platform, Yubicos 2019 state of password and authentication security report, and we have some acquisition and funding updates from ReSec, Medigate, Cato Networks, Sophos, and DarkBytes! Full Show Notes: https://wiki.securityweekly.com/ES_Episode124 Visit http://securityweekly.com/esw for all the latest episodes!

Andrew Peterson is the Founder & CEO of Signal Sciences, and an O'Reilly author of "Cracking Security Misconceptions". He joins the show today to talk about prioritizing bugs, if certain bugs at lower levels are being exploited, how to connect with developers and prioritize bugs, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode124 Visit http://securityweekly.com/esw for all the latest episodes!

Jeff Man joins Paul to talk about Ping Identity offering advanced API cyber protection, AppDynamics keeps expanding monitoring vision, eSentire announces managed endpoint defense powered by Carbon Black, and Juniper Networks signs a deal with IBMs! Full Show Notes: https://wiki.securityweekly.com/ES_Episode123 Visit http://securityweekly.com/esw for all the latest episodes!

Paul and Jeff Man talk about Open-Source and free collaboration security tools. 1. Project Planning - OrangeScrum 2. Ticketing - Mantis Bug Tracker 3. Documentation - MediaWiki 4. Zabbix - Remote System Monitoring 5. Feedly - Share stories and RSS feed 6. Slack - Free! Full Show Notes: https://wiki.securityweekly.com/ES_Episode123 Visit http://securityweekly.com/esw for all the latest episodes!

In this segment, we will discuss some security product launches & announcements from Trustwave, NopSec, ConnectGuard, Pulse Secure, and Synopsys! Full Show Notes: https://wiki.securityweekly.com/ES_Episode122 Visit http://securityweekly.com/esw for all the latest episodes!

In this segment, they discuss some mergers, acquisitions, and partnerships, such as TokenEx partnering with SureCloud, Check Point acquires ForceNock, Zix agrees to acquire AppRiver for $275 million, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode122 Visit http://securityweekly.com/esw for all the latest episodes!

Neustar bolsters fraud detection capabilities with Trustid, almost half of containers in production have vulnerabilities, BlackBerry offers its security technology to IoT device makers, and Radware to acquire ShieldSquare for expansion of its cloud security portfolio! Full Show Notes: https://wiki.securityweekly.com/ES_Episode121 Visit http://securityweekly.com/esw for all the latest episodes!

Tony Cole is the Chief Technology Officer at Attivo Networks and is a cybersecurity expert with more than 30 years' experience, a bachelor's degree in computer networking and is a CISSP. Tony discusses the cyber deception in the enterprises today and gives a brief history of deception and it's applicability to cybersecurity. Full Show Notes: https://wiki.securityweekly.com/ES_Episode121 Visit http://securityweekly.com/esw for all the latest episodes!

Paul, Matt Alderman, and John Strand talk Paul's Top Ten List of 2018! They talk about Paul's personal favorite acquisitions, breaches, vulnerabilities, interviews, attack tools, news articles, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode120 Visit http://securityweekly.com/esw for all the latest episodes!

Bitdefender offers new managed threat monitoring service, Symantec and Fortinet partner to deliver robust and comprehensive cloud security service, Untangle partners with Malwarebytes to bring layered security to SMBs, and more! Full Show Notes: https://wiki.securityweekly.com/ES_Episode120 Visit http://securityweekly.com/esw for all the latest episodes!

This segment is sponsored by Acalvio. Check out their deception technologies by visiting https://securityweekly.com/acalvio. And remember, all [cyber] war is based on deception! Our guest is John Bradshaw, the Sr. Director of Solutions Engineering at Acalvio Technologies. John has more than 25 years of experience in the Cyber Security industry focusing on advanced, targeted threats. John joins Paul Asadoorian and John Strand to discuss the five tenets of enterprise deception, levels of interactivity for deception targets, and many more interest facets of deception technologies as they are applied to an enterprise security program! To learn more about Acalvio, go to: http://go.acalvio.com/demo Full Show Notes: https://wiki.securityweekly.com/ES_Episode119 Visit http://securityweekly.com/esw for all the latest episodes!

NopSec announces the latest release of its flagship product, Minerva Labs Anti-Evasion Platform achieves VMware ready status, SecurityScorecard announces partnership with cybernance to drive holistic view of cyber risk across the enterprise, and we have some acquisition and funding updates from Venafi, WhiteFox, and Pindrop! Full Show Notes: https://wiki.securityweekly.com/ES_Episode119 Visit http://securityweekly.com/esw for all the latest episodes!

Ixia extends collaboration with ProtectWise, Ping Identity brings in New Customer Identity as a service solution, Fortinet introduces new security automation capabilities on AWS, and Yubico announces YubiHSM 2 integration with AWS IoT Greengrass! Full Show Notes: https://wiki.securityweekly.com/ES_Episode118 Visit http://securityweekly.com/esw for all the latest episodes!