ESW #219 | SC Media
Cybersecurity Asset Management, Cloud security, Attack surface mgmt, Email security, Leadership

ESW #219

March 10, 2021



Sponsored By


sponsor
Visit https://securityweekly.com/Pixm for more information!

Email security and phishing protection has many gaps that are exploited by attackers. Learn how computer vision can help prevent malicious URLs and websites from doing bad things to your users.

Threat Report: https://pixm.net/wp-content/uploads/2021/03/Pixm-Q4-2020-Threat-Report.pdf

This segment is sponsored by Pixm.

Visit https://securityweekly.com/Pixm to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Using Computer Vision to Combat Phishing

Guests

Chris Cleveland

Chris Cleveland – CEO at Pixm

Chris is the Founder and CEO of Pixm, a company that makes AI software to stop phishing breaches and make the web more trustworthy. He started Pixm while a graduate student at Columbia studying machine learning, after he won a pitch contest and a ticket to Blackhat. He started his career getting his thesis published and working in Princeton’s physics department, where he earned his bachelors. He likes travel, audiobooks, and movie soundtracks.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Audio



The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.

https://github.com/OWASP/Amass

https://owasp.org/www-project-amass/

https://vimeo.com/481985359 Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Attack Surface Management, Monitoring, & Mapping

Guests

Jeff Foley

Jeff Foley – Project Leader at OWASP

@jeff_foley

Jeff Foley’s industry experience has been focused on information security research & development in order to build and assess next generation solutions. He is the Project Leader for Amass, an OWASP (Open Web Application Security Project) Foundation flagship project that performs in-depth attack surface mapping and asset discovery. Jeff is an Adjunct Professor teaching Penetration Testing at the SUNY (State University of New York) Polytechnic Institute and a Principal Consultant at ClaritySec, Inc. Previously, he was the US Manager for Penetration Testing & Red Teaming at National Grid, a multinational electricity and gas utility company. Prior to this, Jeff served as a Principal Investigator of offensive cyber warfare research & development at Northrop Grumman Corporation, an American global aerospace and defense technology company. In his spare time, Jeff enjoys experimenting with new blends of coffee, automating security tasks, and giving back to the information security community.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

Audio



This Week, In the Enterprise Security News:

Okta acquires Auth0, KnowBe4 Acquires MediaPRO, PayPal to acquire Curv, and Dropbox to acquire DocSend

Aqua Security raises $135M, Privacera Secures a Series B, YL Ventures sells its stake in Axonius, Snyk Secures a Series E, and McAfee sells its Enterprise business

AWS Announces New Lower Cost Storage, Radware’s New Integrated Application Delivery & Protection, Bitdefender launches new Cloud-based EDR Solution, Awake’s NDR platform, CrowdStrike Falcon enhancements improve SOC efficiency, Tufin releases Vulnerability-Based Change Automation App, Gigamon launches Hawk, Sonatype Releases New Nexus Firewall Policy to Secure Software Supply Chains, & more! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

CrowdStrike Falcon, Gigamon Hawk, Awake’s NDR, & Acquisitions

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

Audio

prestitial ad