Make Your Brain Hurt – ESW #203
Full Audio
View Show IndexSegments
1. Prisma Cloud 2.0, Blackpoint RISK, & Tenable Lumin – ESW #203
Palo Alto Networks announces cloud native security platform, Akamai launches new API security tool, SentinelOne secures patent for unique approach to uncovering exploits in their initial payload stage, Splunk helps security teams modernize and unify their security operations in the cloud, and Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Tomorrow is the big day! The virtual doors open for the first-ever Security Weekly Unlocked virtual event at 10:30am and the last round table should end around 9:30pm! We have an outstanding line-up of presenters, who will be answering questions LIVE in our Discord server during their presentations! Make sure you register for this FREE event before it's too late! Visit https://securityweekly.com/unlocked to view the line-up and register!
Hosts
- 1. Palo Alto Networks announces cloud native security platform- Prisma Cloud 2.0This announcement integrates Aporeto and builds on the November 2019 introduction of Palo Alto Networks Prisma Cloud. The new Palo Alto Networks Prisma Cloud modules include: Data Security delivers data loss prevention (DLP) capabilities, offering discovery, classification, and malware detection for AWS S3.
- 2. eSentire Launches Cloud Automation Security Assistant (CASA) in Microsoft Teams, Brings Users Over a Decade of MDR ExpertiseCASA offers customers a single place within Microsoft Teams to actively manage alerts, engage eSentire experts on demand, and launch automated threat configurations for Microsoft Cloud Application Security, Microsoft 365, Microsoft Defender for Endpoint, Microsoft Azure, and Microsoft Graph Security API.
- 3. Akamai launches new API security toolThe API Discovery and Profiling capability automatically and continuously discovers APIs based on a scoring mechanism that takes into account response content-type, path characteristics and traffic patterns.
- 4. SentinelOne secures patent for unique approach to uncovering exploits in their initial payload stage – Help Net SecurityThe patent is a combination of three separate SentinelOne innovations — automatic feature extractor, code detector, and position-independent code detection — that significantly enhance the XDR platform’s detection capabilities.
- 5. CyberSaint adds automation functionality to its CyberStrong platform to reduce manual intervention – Help Net Security
- 6. Splunk helps security teams modernize and unify their security operations in the cloud – Help Net Security
- 7. Blackpoint Cyber launches Blackpoint RISK, a cyber liability insurance solution for existing and new clients – Help Net Security
- 8. Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks – Help Net Security
- 9. Panaseer launches Continuous Controls Monitoring for Risk and Compliance
- 10. Tenable®, Inc. announced new Tenable Lumin™
- 11. Attivo Networks Enhances Portfolio for Amplified Identity Access Management Control
- 12. Banyan Security enhances secure remote access for engineering resouces
2. Prioritization to Prediction Vulnerability Research Series – Ed Bellis – ESW #203
Organizations have millions of vulnerabilities. And our research has shown that those same organizations, large or small, on average, can only fix about one in ten of those vulnerabilities. But as a security practitioner you still need to keep your organization secure, so how do you do that when you can’t possibly fix ALL of your vulnerabilities? Ed Bellis will: • Review what years of joint research into vulnerability management with the Cyentia Institute uncovered about the scope of the challenge • A breakdown in performance factors by industry and platforms • Lay out several factors that drive better remediation performance • Provide a deeper understanding on the scope of exposures and how risk informs remediation strategies
This segment is sponsored by Kenna Security.
Visit https://securityweekly.com/kennasecurity to learn more about them!
Announcements
Join Amit Bareket, Co-founder & CEO of Perimeter 81 & Paul Asadoorian for a technical deep-dive into the problems inherent in legacy VPN technology. Together they will explore solutions for the modern workforce & how momentum toward perimeter-less architecture is helping redefine the future of cybersecurity. Register Now by visiting https://securityweekly.com/perimeter81
Guest
Ed Bellis, Co-founder and CTO of Kenna Security Ed Bellis is a security industry veteran and expert and known in security circles as “the father of risk-based vulnerability management.” He founded Kenna Security to deliver a data-driven risk-based approach to remediation and help IT teams prioritize and thwart would-be security threats. Ed is the former CISO of Orbitz and former Vice President, Corporate Information Security at Bank of America. He is an advisor to Dharma and former advisor to SecurityScoreboard.com and Society of Payment Security Professionals. Ed is a contributing author to the book, Beautiful Security (Oram, Andy & Viega, John, O’Reilly Media, 2009). He is a frequent speaker at industry conferences. Recent engagements include the 2017 Enterprise Security Summit (Dos and Don’ts of Establishing Metrics that Cultivate Real Security) and InfoSec World (Amateur Hour: Why APT’s Are the Least of Your Worries).
Hosts
3. deepwatch Lens Score & Series B – Corey Bodzin – ESW #203
deepwatch formally launched its Lens Score app on October 20th. Corey joins us to discuss the app, its future, and how it helps CISOs achieve their security outcomes. Corey will also discuss the deepwatch Series B and how we plan to invest the funds.
This segment is sponsored by deepwatch.
Visit https://securityweekly.com/deepwatch to learn more about them!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Guest
At deepwatch Corey Bodzin is accountable for driving the company’s product vision and strategy from a services organization based around commercial solutions to a product driven organization with services built around its own intellectual property. Before joining deepwatch, Corey spent the last 15 years creating products at cybersecurity companies like ExtraHop, Tenable, RSA, and Qualys. Prior to that he was a user of the products as leader of security teams at Wells Fargo, Charles Schwab, and Lucent. He is a cybersecurity veteran with 25+ years’ experience in driving thoughtful cybersecurity, risk management, and regulatory compliance for industries as diverse as energy, pharmaceuticals and financial services.