Cybersecurity Asset Management, Cloud Security

ESW #214

January 27, 2021



This week, in the Enterprise Security News, Platform9 unburdens users from the complexities of Kubernetes, Swimlane Raises $40 Million, SonicWall hacked by zero-days in its own products, Deloitte Buys Root9B, Cygilant and SentinelOne Partnership, Fortinet announces AI-powered XDR, AlgoSec Announced updates to A32, ESET Launches Enhanced Cloud-based Endpoint Security Management, Entrust acquires HyTrust, LogRhythm acquires MistNet, Huntress Acquires EDR Technology From Level Effect, & more! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Platform9, Swimlane, SonicWall 0-Days, & Fortinet

Hosts

Adrian Sanabria

Adrian Sanabria –

Senior Research Engineer at CyberRisk Alliance

Paul Asadoorian

Paul Asadoorian –

Founder/CIO at Security Weekly/CyberRisk Alliance

Tyler Shields

Tyler Shields –

CMO at JupiterOne

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Learn how to conquer cloud complexity in our first webcast of 2021, this Thurs, Jan 28th 11am ET! Next Thurs, Feb 4th 11am ET, in our first technical training of 2021, you’ll Learn How to Manage Insider Risks in the Work-from-Anywhere World! Register at https://securityweekly.com/webcasts. If you missed any of our 2020 webcasts or technical trainings, they are available at https://securityweekly.com/ondemand

Audio



Fredrik Nordberg Almroth, Security Researcher at Detectify, tells the story of how he managed to claim the top-level domain of an entire country – the Congo (DRC), .cd – before any bad actors could snatch it up. He will also discuss domain takeovers (TLD as well as subdomains) and how they can be prevented. Key to this is to keep track of your assets and monitor them for vulns. Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

DNS Hijacking

Technical description of the .cd hack: https://blog.detectify.com/2021/01/19/dns-hijacking-taking-over-top-level-domains-and-subdomains/

A run-through of the basics of DNS hijacking: https://blog.detectify.com/2021/01/19/dns-hijacking-taking-over-top-level-domains-and-subdomains/

Guests

Fredrik Nordberg Almroth

Fredrik Nordberg Almroth –

Co-Founder & Head of Engineering at Detectify

Hosts

Adrian Sanabria

Adrian Sanabria –

Senior Research Engineer at CyberRisk Alliance

Paul Asadoorian

Paul Asadoorian –

Founder/CIO at Security Weekly/CyberRisk Alliance

Tyler Shields

Tyler Shields –

CMO at JupiterOne

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

Audio



Do we really need to be freaking out? What could we and should we be doing in general regardless of SolarWinds? Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Supply Chain Security in the Face of Solarwinds

Guests

Allan Alford

Allan Alford –

CISO at The Cyber Ranch Podcast

Hosts

Adrian Sanabria

Adrian Sanabria –

Senior Research Engineer at CyberRisk Alliance

Paul Asadoorian

Paul Asadoorian –

Founder/CIO at Security Weekly/CyberRisk Alliance

Tyler Shields

Tyler Shields –

CMO at JupiterOne

Announcements

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

prestitial ad