PSW #674 | SC Media
Remote access, Container security, Pen testing, Deception

PSW #674

November 13, 2020

 

 

Sponsored By

 

sponsor
Visit https://securityweekly.com/attivonetworks for more information!

 

Attackers have repeatedly demonstrated that they can evade perimeter defenses to compromise a system inside the network. Once they get in, they must break out from that beachhead, conduct discovery, credential theft, lateral movement, privilege escalation, and data collection activities. Suppose they go looking for locally stored files or network shares and instead see nothing of value? What if they query Active Directory and don’t get real credentials in the responses? What if they look for ports or services to attack, and instead, their connections get redirected to systems with no value? If they can’t see and access data or accounts that move them forward, they can’t attack anything of value. Learn how deception and concealment technology can deny, detect, and disrupt attackers when they first enter the network.

This segment is sponsored by Attivo Networks.

Visit https://securityweekly.com/attivonetworks to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

Disrupt Attacks at the Endpoint with Attivo Networks

Calculating ROI for Attivo Deception and Concealment Technology: https://attivonetworks.com/documentation/Attivo_Networks-Calculating_ROI_for_Deception_Concelament.pdf

Using a Commercial Deception Solution to Improve MITRE ATT&CK Test Results for Endpoint Security: https://go.attivonetworks.com/Improving-MITRE-test-results-endpoint-security.html

Attivo Networks MITRE Shield Mapping: https://go.attivonetworks.com/WC-MITRE-Shield-Mapping-whitepaper.html

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Lee Neely

Lee Neely – Senior Cyber Analyst

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Tyler Robinson

Tyler Robinson – Managing Director of Network Operations

Guests

Joseph Salazar

Joseph Salazar – Technical Deception Engineer

Announcements

  • Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. This 1 day virtual event wraps up with the 15th anniversary edition of Paul’s Security Weekly live on Youtube! Visit https://securityweekly.com/unlocked to view the agenda and register for free!

Sponsored By

sponsor
Visit https://securityweekly.com/qualys for more information!

Sumedh and Badri discuss challenges associated with container Security & DevOps need for visibility into containers. Qualys’ new approach to runtime security.

This segment is sponsored by Qualys.

Visit https://securityweekly.com/qualys to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

Challenges With Securing Container Environments

Container Runtime Security Press Release: https://www.qualys.com/company/newsroom/news-releases/usa/qualys-adds-runtime-defense-capabilities-to-its-container-security-solution/

Container Runtime Security Technical Blog: https://blog.qualys.com/product-tech/2020/11/03/built-in-runtime-security-for-containers

Container Security webpage: https://www.qualys.com/apps/container-security/

Qualys Security Conference. https://www.qualys.com/qsc/2020/virtual/

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Lee Neely

Lee Neely – Senior Cyber Analyst

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Tyler Robinson

Tyler Robinson – Managing Director of Network Operations

Guests

Badri Raghunathan

Badri Raghunathan – Director of Product Management

Sumedh Thakar

Sumedh Thakar – President and Chief Product Officer

Announcements

  • Join Amit Bareket, Co-founder & CEO of Perimeter 81 & Paul Asadoorian for a technical deep-dive into the problems inherent in legacy VPN technology. Together they will explore solutions for the modern workforce & how momentum toward perimeter-less architecture is helping redefine the future of cybersecurity. Register Now by visiting https://securityweekly.com/perimeter81

In the Security News, not all cyberattacks are created equal, Google patches two more Chrome zero days, What does threat intelligence really mean, Cobalt Strike leaked source code, DNS cache poisoning is back, and Zebras & Dots! Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

Cobalt Strike Leak, DNS Cache Poisoning, & Decrypting Open SSH

None

Hosts

Jeff Man

Jeff Man – Sr. InfoSec Consultant

Larry Pesce

Larry Pesce – Senior Managing Consultant and Director of Research

Lee Neely

Lee Neely – Senior Cyber Analyst

Paul Asadoorian

Paul Asadoorian – Founder & CTO

Tyler Robinson

Tyler Robinson – Managing Director of Network Operations

Announcements

  • Would you like to have all of your favorite Security Weekly content at your fingertips? Do you want to hear from Sam & Andrea when we have upcoming webcasts & technical trainings? Have a question for one of our illustrious hosts, someone from the Security Weekly team, or wish you could “hang” out with the Security Weekly crew & community? Subscribe on your favorite podcast catcher, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe

  • In our upcoming webcasts & technical trainings, you will learn how to thwart attackers using deception & how to build a risk-based vulnerability management program! Visit https://securityweekly.com/webcasts to see what we have coming up, or visit securityweekly.com/ondemand to view our previously recorded webcasts!

prestitial ad