Container security, Cloud Security, Attack surface mgmt, Blue Team

RSA21 #3

May 19, 2021



Sponsored By


sponsor
Visit https://securityweekly.com/eclypsium for more information!

Against the ubiquitous backdrop of Zero Trust initiatives, we have all come to accept the motto of “Verify, then trust”. Yet, here we are building an entire stack of Zero Trust enabled technologies, upon a broken implicit-trust foundation. Nowhere is this risk more apparent, than at the device and firmware level. Indeed this is why both nation-state and criminal actors have converged upon a strategy that combines supply chain attack dynamics, with readily exploitable devices. This allows them to impart maximum impact against victim organizations, and even those victim’s downstream partners and customers. In order to address this evolving threat, organizations must take back security control of their devices, and stop trusting the fox that has quite frankly, become the hen house.

https://eclypsium.com/firmware-threat-report/

https://eclypsium.com/2020/07/21/device-integrity-and-the-zero-trust-framework/
https://eclypsium.com/2021/01/14/assessing-enterprise-firmware-security-risk-in-2021/

This segment is sponsored by Eclypsium.

Visit https://securityweekly.com/eclypsium to learn more about them!

Full Episode Show Notes

All Our Devices Aren’t Belong 2 Us

Guests

Scott Scheferman

Scott Scheferman – Principal Strategist at Eclypsium

@transhackerism

Scott, aka “Shagghie” in the community, is a public speaker, thought leader and cyber strategist. With decades of cyber consulting in both Federal and Commercial domains, he brings strong opinions and insight into any topic covering cyber, privacy, AI/ML, or the intersections of these. Winner of the first defcon badge-hacking contest and a defcon music artist, he currently works to bring urgent awareness to the device and firmware attack surface now being readily exploited.

Hosts

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.



Organizations continue to struggle understanding what Zero Trust is, how they move towards it, and ultimately how they implement it. There’s been a lot of co-opting of the term and practitioners are so tired of it and sometimes react in disgust or think that it’s marketing noise. I’d like to talk about the history of Zero Trust and where organizations can focus their efforts to start and/or continue their journey towards ZT.

So what is Zero Trust really?
Can organizations buy Zero Trust?
How do organizations get started implementing Zero Trust?
What kind of skills does an organization need to implement Zero Trust
Where does XDR, EDR, NAV, pick your technology fit in the Zero Trust narrative?

Segment Resources:

https://go.forrester.com/blogs/zero-trust-is-not-a-security-solution-it-is-a-strategy/ https://go.forrester.com/blogs/degree-requirements-are-poisoning-your-cybersecurity-talent-pool/ https://csrc.nist.gov/publications/detail/sp/800-207/final

Full Episode Show Notes

Zero Trust, Beyond the Buzzword

Guests

Steve Turner

Steve Turner – Analyst – Security and Risk at Forrester Research

@beingageek

Steve is an analyst at Forrester advising security and risk professionals about Zero Trust. Prior to joining Forrester, Steve served multiple security/infrastructure architecture, engineering, and emerging technology roles within the Fortune 500 financial, energy, public, and managed services provider (MSP) sectors.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.



Sponsored By


sponsor
Visit https://securityweekly.com/ReversingLabs for more information!

Threat hunters are under increased pressure to rapidly analyze, classify, detect and respond to malicious files. ReversingLabs is stepping forward to address these needs with its new Malware Lab Solution. The ReversingLabs Malware Lab solution powers the next generation of threat hunting by delivering a unique combination of static and dynamic analysis capabilities at scale to identify malicious files including those in the software supply chain.

Porous perimeters, remote workers, and highly targeted attacks such as Sunburst are challenging traditional security infrastructures, processes, and organizational structures, requiring leaders to introduce new malware analysis capabilities that centralize the analysis and investigation of suspected unknown and emergent threats to quickly determine the appropriate response.

A recent ReversingLabs survey of information security professionals validated this need with nearly 40 percent of respondents agreeing their organization could improve security with a more formalized threat hunting and malware lab program. ReversingLabs is addressing this with the ReversingLabs Malware Lab solution that equips threat hunting experts with the industry’s only unified threat analysis engine and console to rapidly analyze, classify, detect and respond to malicious files.

This segment is sponsored by Reversing Labs.

Visit https://securityweekly.com/ReversingLabs to learn more about them!

Press Release: https://blog.reversinglabs.com/newsroom/press-releases/reversinglabs-new-malware-lab-solution-enables-next-generation-of-threat-hunting

ReversingLabs Web Site
https://www.reversinglabs.com/

RSA Microsite:
https://register.reversinglabs.com/rsa-2021

Full Episode Show Notes

MalWare Labs, The Key to the Next Generation of Threat Hunting

Guests

Mario Vuksan

Mario Vuksan – CEO & Co-Founder at ReversingLabs

Mario founded ReversingLabs in 2009 and currently serves as CEO. In this role he drives all aspects of the company’s strategy, operations and implementation. Prior to ReversingLabs Mario has held senior technical positions at Bit9 (now Carbon-Black), Microsoft, Groove Networks, and PictureTel (now Polycom). He is the author of numerous research studies, speaking regularly at FS-ISAC, RSA, Black Hat and other leading security conferences.

Hosts

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.



Why is third-party risk still such a challenge? Are companies using recent risk events (pandemic, solar winds, Colonial pipeline) as an opportunity to get better at risk management? How can firms better prepare for attacks to their third-party ecosystem?

Segment Resources:

https://go.forrester.com/blogs/make-covid-19-the-supply-chains-final-cautionary-tale/

Full Episode Show Notes

Third-Party Risk / Supply Chain Risk

Guests

Alla Valente

Alla Valente – Analyst, Security & Risk at Forrester Research

@AllaValente

Alla is a senior analyst at Forrester serving security and risk professionals. She covers governance, risk, and compliance (GRC), third-party risk management (TPRM), and supply chain risk management (SCRM). In this role, Alla helps Forrester clients establish strategy, adopt best practices, and select technology to manage risk, address key regulatory compliance issues, and improve business resilience. Her research also includes ethics and trust in digital transformation, RegTech, and protecting the organization’s brand.

Hosts

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.



Sponsored By


sponsor
Visit https://securityweekly.com/acunetix for more information!

The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities. In this segment, Mark talks about the best starting point for organizations to get back on track and prioritize your web app security.

https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/

This segment is sponsored by Acunetix.

Visit https://securityweekly.com/acunetix to learn more about them!

Full Episode Show Notes

Don’t Fall Into the COVID-19 Trap: Prioritize Your Web App Security

Guests

Mark Ralls

Mark Ralls – President and Chief Operating Officer at Acunetix by Invicti

Mark Ralls is President and Chief Operating Officer of Invicti Security, a world leader in web application vulnerability scanning. In this role, Mark leads several functions, including the company’s Marketing team. Prior to joining Invicti, Mark was Managing Director of Business Operations at Vista Consulting Group, the consulting arm of Vista Equity Partners. Prior to joining Vista, Mr. Ralls worked as Senior Vice President of Product Management and Strategy at Social Solutions Global, where he led Product Management and Product Marketing teams and was responsible for driving product strategy for nonprofit and public sector customers. Before his time with Social Solutions, Mr. Ralls worked at SolarWinds, a provider of IT management software, where he served as Group Vice President of Business Applications and Analytics. Prior to SolarWinds, Mr. Ralls worked at the Boston Consulting Group, where he consulted for Fortune 1000 clients across a number of industries and functions.

Hosts

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.



Sponsored By


sponsor
Visit https://securityweekly.com/acunetix for more information!

The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities. In this segment, Mark talks about the best starting point for organizations to get back on track and prioritize your web app security.

https://www.acunetix.com/white-papers/acunetix-web-application-vulnerability-report-2021/

This segment is sponsored by Acunetix.

Visit https://securityweekly.com/acunetix to learn more about them!

Full Episode Show Notes

Don’t Fall Into the COVID-19 Trap: Prioritize Your Web App Security

Guests

Mark Ralls

Mark Ralls – President and Chief Operating Officer at Acunetix by Invicti

Mark Ralls is President and Chief Operating Officer of Invicti Security, a world leader in web application vulnerability scanning. In this role, Mark leads several functions, including the company’s Marketing team. Prior to joining Invicti, Mark was Managing Director of Business Operations at Vista Consulting Group, the consulting arm of Vista Equity Partners. Prior to joining Vista, Mr. Ralls worked as Senior Vice President of Product Management and Strategy at Social Solutions Global, where he led Product Management and Product Marketing teams and was responsible for driving product strategy for nonprofit and public sector customers. Before his time with Social Solutions, Mr. Ralls worked at SolarWinds, a provider of IT management software, where he served as Group Vice President of Business Applications and Analytics. Prior to SolarWinds, Mr. Ralls worked at the Boston Consulting Group, where he consulted for Fortune 1000 clients across a number of industries and functions.

Hosts

Matt Alderman

Matt Alderman – Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

prestitial ad