Let That Sink In – ESW #196
This week, first we talk Enterprise News, discussing Checkmarx Announces GitLab Integration, Panaseer Automates IRM with Archer Integration, How Attivo Networks Strengthens Active Directory Defense, Elastic Security 7.9 delivers a major milestone toward endpoint security integrated into the Elastic Stack, VMware brings Kubernetes to its VMware Fusion and VMware Workstation solutions, and more! In our second segment, we welcome Kwan Lin, Principal Data Scientist at Rapid7, to discuss "Under the Hoodie:" Rapid7's 2020 Pen Testing Report! In our final segment, we welcome Patrick Carey, Director of Product Marketing at Synopsys, to talk about Building Security into Application Development!
Visit https://securityweekly.com/rapid7 to learn more about them! Visit https://securityweekly.com/synopsys to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Full Audio
Segments
1. Elastic Security 7.9, Sumo Logic, & Attivo Networks – ESW #196
Checkmarx Announces GitLab Integration, Panaseer Automates IRM with Archer Integration, How Attivo Networks Strengthens Active Directory Defense, Elastic Security 7.9 delivers a major milestone toward endpoint security integrated into the Elastic Stack, VMware brings Kubernetes to its VMware Fusion and VMware Workstation solutions, and more!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Hosts

- 1. Sumo Logic Files For First Cybersecurity IPO Of 2020
- 2. Cyware Raises $10M for its Cybersecurity Collaboration Platform to Unify Security Teams – AlleyWatch
- 3. Checkmarx Announces GitLab Integration
- 4. Panaseer Automates IRM with Archer Integration
- 5. How Attivo Networks Strengthens Active Directory Defense
- 6. Palo Alto Networks Announces Intent to Acquire The Crypsis Group
- 7. Elastic Security 7.9 delivers a major milestone toward endpoint security integrated into the Elastic Stack – Help Net Security
- 8. VMware brings Kubernetes to its VMware Fusion and VMware Workstation solutions – Help Net Security
- 9. CI Security expands offerings to include EDR with Microsoft Defender ATP – Help Net Security


2. “Under the Hoodie:” Rapid7’s 2020 Pen Testing Report – Kwan Lin – ESW #196
Penetration testing is the practice of simulating a criminal breach of a sensitive area in order to uncover and fix defensive failures. Rapid7 just released it's 2020 "Under the Hoodie" report which looks at the last 12 months of data exploring the hows and whys of penetration testing, covering mainly internal and external network compromises, with some supplementary data on social engineering and red team simulations. During this podcast we'll talk about some of the key findings and ways you can better secure yourself in the following areas: -Internal network configuration and patch management -Password management and secondary controls - VPNs and internet-based applications This segment is sponsored by Rapid7. Visit https://securityweekly.com/rapid7 to learn more about them!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guest

Kwan is a Senior Data Scientist on the Rapid7 Labs team. His day to day activities often involve analyzing large-scale honeypot or Internet-scan data, applying statistical and machine learning methods to address research or operational challenges, and producing data visualizations to communicate findings to broad audiences. Kwan is a former Certified Public Accountant and holds degrees in International Security and Economics from the Fletcher School of Law and Diplomacy and Brown University.
Hosts

3. Under Pressure – Building Security Into Application Development – Patrick Carey – ESW #196
A recent study by Enterprise Strategy Group, commissioned by Synopsys, revealed that nearly half of the cybersecurity and development professionals surveyed indicate that their organization knowingly pushes vulnerable code into production due to time pressures. In every sector, development and security teams grapple with the competing demands of development velocity and application security. Today, Patrick Carey will join us to talk about how organizations are working to build security into their development toolchains and processes. This segment is sponsored by Synopsys.
Visit https://securityweekly.com/synopsys to learn more about them!
Announcements
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Guest

Patrick Carey is Senior Director of Product Marketing for Synopsys Software Integrity Group, where he manages go-to-market analysis and strategy for Synopsys’ portfolio of application security solutions. Patrick’s 30-year includes leadership roles in software development, product management, consulting, and marketing in a wide-range of companies, from early-stage start-ups to large companies including Citrix and Accenture. Patrick is based in Burlington, MA.
Hosts
