ESW #225 | SC Media
Active Directory, Cybersecurity Asset Management, Container security, DevOps, Cloud security, Email security

ESW #225

April 28, 2021



Sponsored By


sponsor
Visit https://securityweekly.com/detectify for more information!

Rickard Carlsson, CEO at Detectify, joins us to talk about collaboration as the modern approach application security. During the discussion, we’ll cover:

– why organizations should challenge transparency and open up their security practices and information internally,
– how to approach security as a collaborative effort (with some real-life examples),
– and Detectify’s vision of building a hub where security information and research is shared across the globe.

Segment Resources:
We recently published the ebook “A guide to modern web application security” for SaaS and tech organizations looking to bring their security up to speed with development. Download it here: https://blog.detectify.com/2021/04/09/modern-application-security-requires-speed-scale-and-collaboration/

This segment is sponsored by Detectify.

Visit https://securityweekly.com/detectify to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Collaboration Rules! Challenging Transparency in Modern App Sec

Guests

Rickard Carlsson

Rickard Carlsson – Co-founder & CEO at Detectify

Detectify is led by entrepreneurial tech nerd Rickard Carlsson. As one of the co-founders, Rickard has grown Detectify from a group of ethical hackers with an idea on how to make the internet safer, to an international industry challenger that’s 140+ people strong. Combining software automation with the knowledge of elite hackers and scaling it to the masses, Detectify makes security a collaborative effort that changes traditional ways of working.

Rickard has a background in tech and management consulting, and has lived and worked in Sweden, India and the US.

Hosts

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Tyler Robinson

Tyler Robinson – Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

@tyler_robinson

As the Managing Director of Offensive Security & Research at Trimarc, Tyler leads a team of high-performance security professionals within the offensive security field by simulating sophisticated adversaries and creating scalable offensive security platforms using the latest techniques as seen in the wild. With over 2 decades of experience, Tyler specializes in Red Teaming, APT threat modeling, blackbox network penetration testing, and Physical/Social-Engineering. Tyler has presented at multiple conferences including BSides, DefCon and Blackhat panels, SANS security events and to multiple branches of the military.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!

  • Our next technical training will be on May 6th at 11am ET exploring common misconfigurations of NGINX, the damage they could do, and how to avoid them! Next up, see how attackers gain access to endpoints and learn defensive strategies to protect against those attacks in our May 13th technical training also at 11am ET! Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand



Sponsored By


sponsor
Visit https://securityweekly.com/thycotic for more information!

Authentication and authorization might sound similar, but they are two distinct security processes. Joe Carson, Chief Security Scientist at Thycotic, joins us to discuss why privileges, not identities, are one of the biggest challenges for identity and access. Joe will share Thycotic’s simple approach to solving privileged access.

This segment is sponsored by Thycotic.

Visit https://securityweekly.com/thycotic to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Authentication vs. Authorization: Why Privileged Access Matters

Guests

Joseph Carson

Joseph Carson – Chief Security Scientist & Advisory CISCO at Thycotic

@joe_carson

-Chief Security Scientist at Thycotic
-Over 25 years’ experience in enterprise security
-Author of “Privileged Account Management for Dummies” and “Cybersecurity for Dummies”
-Cyber security advisor to several governments, critical infrastructure, financial and transportation industries
-Speaker at conferences globally

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!



In the Enterprise News for this week: HackerOne Enhances Security Testing Platform, Palo Alto Networks Expands Unit 42 Cybersecurity Consulting Group, Thoma Bravo to take cyber security firm Proofpoint private, BlackRock, Tudor Group Back Cybersecurity Startup Deep Instinct, and more! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

HackerOne Enhances Platform, PANW Expands Unit 42, & More Funding

Hosts

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Tyler Robinson

Tyler Robinson – Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

@tyler_robinson

As the Managing Director of Offensive Security & Research at Trimarc, Tyler leads a team of high-performance security professionals within the offensive security field by simulating sophisticated adversaries and creating scalable offensive security platforms using the latest techniques as seen in the wild. With over 2 decades of experience, Tyler specializes in Red Teaming, APT threat modeling, blackbox network penetration testing, and Physical/Social-Engineering. Tyler has presented at multiple conferences including BSides, DefCon and Blackhat panels, SANS security events and to multiple branches of the military.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

  • Security Weekly listeners save $100 on their RSA Conference 2021 All Access Pass! RSA Conference will be a fully virtual experience from May 17th-20th, 2021. Security Weekly will be live streaming Monday-Thursday in the virtual broadcast alley, interviewing some of the top sponsors and speakers for the event. To register using our discount code, please visit https://securityweekly.com/rsac2021 [securityweekly.com] and use the code 5U1CYBER! We hope to “see” you there!

prestitial ad