Container security, DevOps, Cloud Security, Application Isolation, Bug bounties, Security Research

ESW #166

December 19, 2019

 

 

In the Enterprise News, we talk about how MITRE updates ATT&CK for the cloud, Ping Identity builds and matures Zero Trust Infrastructures, SaltStack integrates with ServiceNow to deliver Closed-Loop IT and Security Automation, and some acquisition updates from Fortinet, CyberSponse, Guardsquare, Zimperium, and more!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Enterprise News

  1. MITRE updates ATT&CK for the cloud — GCN
  2. Ping Identity Builds and Matures Zero Trust Security Infrastructures
  3. Windows Server 2008 R2 and Windows 7 are End of Life
  4. Automating App Security Testing: Atlassian Bamboo/Rapid7 Integration
  5. F5 Networks secures NGNIX software builds as precaution after visit from Russian law enforcement
  6. Apax Partners Acquisition of Coalfire Global Legal Chronicle
  7. Fortinet acquires SOAR provider CyberSponse – CRN – India
  8. Newest Secret Server Release | Performance, Flexibility, Control
  9. Threat Hunting: Survey Results from the Trenches Part 2
  10. Better Together: Guardsquare Partners with Zimperium to Provide Customers with Comprehensive Mobile App Protection
  11. Top 25 List of Online Cybersecurity Resources
  12. SaltStack Integrates with ServiceNow to Deliver Closed-Loop IT and Security Automation

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Announcements

  • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand

 

 

Jason Rolleston, Chief Product Officer at Kenna Security & Michael Roytman, Chief Data Scientist at Kenna Security join Paul, Matt, and Jeff on this week’s episode of ESW to discuss how risk-based vulnerability management is transforming the vulnerability management industry by enabling enterprises to understand the true risk of their infrastructure and applications, saving them time and resources by prioritizing efforts around actions that reduce the most risk.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Risk-Based Vuln. Mgmt/Threat & Vuln. Mgmt

Segment Resources:

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Jason Rolleston

Jason Rolleston – Chief Product Officer

Michael Roytman

Michael Roytman – Chief Data Scientist

Announcements

  • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand

DevSecOps is all the rage, but what does it really mean? How do you achieve the integration of Security into DevOps? This segment explores the people and process challenges of DevSecOps and where to integrate security seamlessly into the DevOps pipeline.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

To learn more about our sponsors visit: The Security Weekly Sponsor’s Page

Unify DevOps and SecOps

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Matt Alderman

Matt Alderman – CEO

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Guests

Announcements

  • We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand
prestitial ad