ESW #213 | SC Media
Cybersecurity Asset Management, DevOps, Cloud security, SOC

ESW #213

January 13, 2021

This week, Beyond Security partners with Vicarius, Amazon’s Parler removal and what it means for Cloud onfidence, Kount sold to Equifax, McAfee vs Crowdstrike, JumpCloud raises some funds, Red Hat acquires StackRox, and SolarWinds warnings of weak security and more! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Amazon’s Parler Removal, Beyond Security & Vicarius Partner, & More SolarWinds!

None

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer

John Strand

John Strand – Founder; Security Professional

Paul Asadoorian

Paul Asadoorian – Founder/CIO

Tyler Shields

Tyler Shields – CMO

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

We all know asset management is one of the basics. In fact, it’s literally the first two items on the Center for Internet Security’s list of top 20 critical security controls.

https://www.cisecurity.org/controls/cis-controls-list/

The term “basics” can be deceptive though. We typically expect something basic to also be easy. This is InfoSec though, and the basics aren’t simple or easy. We call them basics because they’re foundational.

Put another way, the other 18 critical security controls on that top 20 list can’t be applied to assets that haven’t been discovered yet!

In the past few years, we’ve seen a resurgence in asset management. There are a few players taking a fresh crack at solving this problem and we’re hearing positive things. Could this be the year we get a better handle on discovering and managing assets? Join us as we discuss. Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

It’s 2021, Do You Know Where Your Assets Are?

None

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer

Paul Asadoorian

Paul Asadoorian – Founder/CIO

Tyler Shields

Tyler Shields – CMO

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

The DBoM consortium is a Linux Foundation project to be able to share information with third parties safely, securely, and with control over the information, even after handing it over! Unisys has just open sourced the code to make this possible, and Chris was a big part of their effort. Using a blockchain based approach, DBoM works to share software bill of materials (SBoM)s in a fashion that works in a cloud centric, internet time approach. Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

The DBoM Consortium

None

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer

Josh Marpet

Josh Marpet – COO

Paul Asadoorian

Paul Asadoorian – Founder/CIO

Tyler Shields

Tyler Shields – CMO

Guests

Chris Blask

Chris Blask – Global Director, Industrial Control Systems Security

Announcements

prestitial ad