ESW #221 | SC Media
Container security, Zero trust, SOC, Leadership

ESW #221

March 24, 2021



– What security features does Heroku offer that the customer can control and how have these evolved over time?
– How do you balance the security of the application, with the security of the deployment, with the security of the platform?
– What are some tips and/or advice for deploying applications and keeping them secure during the lifecycle? (e.g. as a developer I may run applications in a secure environment, but then down the line someone runs my container with —privileged and exposes a security hole).

The goal being our audience learns what to consider when choosing a platform (or platforms) to run applications from a security perspective. Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Platform Security – PaaS & Hosting

Guests

Trey Ford

Trey Ford – VP Platform Strategy and Trust at Salesforce

@treyford

Transformational leader at the intersection of cybersecurity and strategy.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

Audio



Jarrett Rodrick and Tyler Wall’s new book, “Jump-start Your SOC Analyst Career,” is meant to serve as a roadmap for those who wish to take their first steps into cyber security/SOC analyst. We discuss topics like introduction to investigative theory, prerequisite skill requirements, and cloud security monitoring. We included stories from real SOC analyst contributors to help the reader understand what challenges might lie before them.

The book is available on Amazon:

https://www.amazon.com/Jump-start-Your-Analyst-Career-Cybersecurity/dp/1484269039 Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

“Jump-Start Your SOC Analyst Career”

Guests

Jarrett Rodrick

Jarrett Rodrick – Senior Information Security Analyst at VMware

Jarrett Rodrick is the SOC Team Lead and Senior Information Security Analyst for VMware, the global leader in visualization technology. He’s a retired Cyber Network Defender and Cyber Warfare Specialist from the US Army and has over 8 years of Defensive Cyber Operations experience working with the Army’s Cyber Protection Brigade. Jarrett’s time with the Cyber Protection Brigade has provided him with the skills needed to fight in today’s cyberwar. Jarrett’s cybersecurity certifications include GSEC, GCED,
GCIH, GCIA, GCFE, GCFA, GSNA, GRID, GCUX, and GSTRT. Jarrett lives in Melissa, TX, with his wife and family and enjoys researching new and innovative technologies.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

  • If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!

Audio



This week in the Enterprise News, Funding announcements from Security Scorecard, Secureframe, Axis Security, Orca, Cylera, and Vulcan Cyber. A non-funding announcement from Thinkst. Fortinet aquires ShieldX, VMware acquires Mesh7 and Copado aquires New Context. Knowbe4 files for IPO. Exabeam Launches First-ever Comprehensive Use Case Coverage, Linksys and Fortinet form an interesting partnership, Sonatype targets a more secure software supply chain with a 5-part announcement, CTO.ai Launches Serverless Kubernetes Platform and more! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Axis Security, Qualys, VMware, NFTs, & Linksys/Fortinet

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, and join our Discord Server!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Audio

prestitial ad