ESW #273 – Yasser Rasheed & Omer Taran
Full Audio
View Show IndexSegments
1. Protecting Your Environment with Intel vPro® Platform – Yasser Rasheed – ESW #273
In this segment sponsored by Intel, we will explore all things Intel vPro® platform. Learn how Intel vPro® platform can help you keep your computers up-to-date, prevent attacks, provide reports on the status of the firmware in use, and implement advanced hardware security!
This segment is sponsored by Intel.
Visit https://securityweekly.com/intel to learn more about them!
Sponsored By
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guest
Yasser Rasheed is the Global Director of Enterprise Client Sales at Intel, focusing primarily on Intel®vPro™ platforms and Intel’s competitive sales initiatives. Prior to this role, Yasser was the Chief Technology Officer (CTO) for Intel’s Business Client Platform Division, responsible for technical strategy, product definition, architecture and execution of key ecosystem innovation programs for Intel’s business client platforms. Yasser holds a Ph.D. in Electrical and Computer Engineering from the University of Toronto, and an Executive MBA from the University of Oregon.
Hosts
2. Overcoming Challenges in Multinational Phishing Simulations – Omer Taran – ESW #273
According to CybeReady, during such turbulent times, one should regard all emails with extra caution and double-check the sender’s address carefully. Beware of requests that ask for technical assistance such as running software or helping to take down websites. These might not only be illegal but may also be used to hack systems on the corporate network. Try to remember that during times of crisis, there is an increase in phishing attempts of all kinds as hackers take advantage of the situation. In this circumstance, employees need to stay updated from both a news and computing perspective.
To be proactive in the defense of computing environments, our security experts recommend:
Personal computer and phones: Install the latest operating system and security updates.
Implement 2FA/MFA: Use a phone number or authentication app as the second factor of authentication to all important applications, social media accounts (Facebook/Meta, Linkedin, Twitter, etc.), and personal email accounts. Backup email and ensure it is recoverable.
Change Passwords: If you are reusing a password in sites that hold your personal information, it is a good time to change your passwords.
Support a Culture of Security: Train your employees continuously, advise friends and family to do the same, and take an active role in creating a safer internet.
Defend Work from Home Environments: Install the operating system and security updates. If these are available you should see a notification on your computer or phone.
Especially important to business continuity in these times of uncertainty is the need for automated cybersecurity training that adapts to employee educational needs and accelerates the learning process.
Segment Resources: https://cybeready.com/blog
Announcements
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Guest
Omer Taran is the Co-Founder and CTO of CybeReady. As co-founder, he serves as the company’s technologist-in-residence. His vision for CybeReady drives him to build out solutions that serve a variety of enterprise customers by blending best practices and innovation.
Hosts
3. Becoming a Year Younger, Material Security, Tailscale, Radiflow, & Artic Wolf – ESW #273
In the Enterprise News for this week: Funding announcements from Material Security, Abnormal, Teleport, Tailscale, Smallsetp, Phylum and more. Acquisitions include HDiv Security, and Radiflow. New product announcements from Siren, Corelight, Artic Wolf, Onapsis and Aqua. And, in other news, all South Koreans are about to become one year younger, & more!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Security Weekly listeners, save $100 on your RSA Conference 2022 Full Conference Pass! RSA Conference will be live in San Francisco June 6th-9th, 2022. Security Weekly will be there in full force, delivering real-time, live coverage and interviewing some of the event’s top speakers and sponsors. To register using our discount code, please visit https://securityweekly.com/rsac2022 and use the code 52UCYBER. We hope to see you there!
Hosts
- 1. FUNDING: YL Ventures Announces $400M Fifth Fund to Champion Israeli Cybersecurity Innovation
- 2. FUNDING: What Our Series C Investment Means for Our Customers$200M Series C round at a $4BN valuation. So correction, we have 3 more unicorns this week and 56 unicorns now?
- 3. FUNDING: Teleport Raises $110 Million Series C at $1.1 Billion Valuation Led by Bessemer Venture Partners with Participation from New Investor Insight PartnersOne of our two new unicorns for this week (putting the count at, I think, 55 cybersecurity unicorns now). Teleport makes it easy to access infrastructure without exposing SSH and RDP all over the place. This apparently makes them worth $1.1B. They're not the first to do this (CloudPassage comes to mind), but it looks like they remove a lot of friction and overhead from the process of implementing this at scale.
- 4. FUNDING: Tailscale lands $100 million to ‘transform’ enterprise VPNs – TechCrunch$100M Series B with an "over $1B valuation", but not in USD, in CAD. So sadly, they're only a unicorn in Canada. There's a joke in here somewhere.
- 5. FUNDING: Edge Delta raises $63M to help companies analyze observability data ‘at its source’
- 6. FUNDING: Smallstep Raises $26 Million for Automated Certificate Management Platform
- 7. FUNDING: Phylum Raises $15 Million to Proactively Defend the Open-Source Supply Chain$15M Series A. Very exciting and needed product - Phylum gives risks scores to open source software packages! Is it abandoned? Is it buggy? Would the maintainer fail a KYC/AML check? Increasingly, we're seeing companies get shafted by shady FOSS packages. Phylum might not even be the first to do this - I expect to see more companies tackling this problem. As usual, I suspect the Qualys, R7, Tenable cloud to be late to the party, but they'll get there eventually, and this will be a feature of Tenable.io and InsightVM someday.
- 8. FUNDING: Network Perception Secures $13 Million Series A Funding Round – Network Perception
- 9. FUNDING (FEDERAL): DOE announces $12M to enhance cybersecurity of U.S. energy systems – Daily Energy InsiderOnly $12M??? That's barely a seed round in the private markets these days!!! This is specifically just for R&D projects, but still...
- 10. ACQUISITION: Datadog Signs Definitive Agreement To Acquire Hdiv Security; Terms Not Disclosed – Benzinga
- 11. ACQUISITION: Magnet Forensics Acquires Cybersecurity Software Firm Comae Technologies – Magnet Forensics
- 12. ACQUISITION: Sabanci Acquires OT Security Vendor Radiflow – Radiflow
- 13. PRODUCT FEATURE: Kubernetes taps Sigstore to thwart open-source software supply chain attacks
- 14. PLEASEDOABUGBOUNTY: Antwerp-based UTM provider Unifly secures €10M to safely manage drones in airspace
- 15. SQUIRREL: All South Koreans are about to become one year younger – here’s whyThere's apparently a tradition that Koreans are considered 1 year old at birth, and then gain a year on New Year's Day, regardless of their actual biological birth date! This has caused issues with age-based COVID vaccination programs and other scenarios that require an accurate *biological* age, so Korea's new president is making the shift to using biological ages official.
- 1. FUNDING – Material Security Reaches $1.1 Billion Valuation for ‘Zero Trust’ Security on Microsoft and Google Email"Material Security, a company that can protect email accounts even after they have been compromised, today announced it has secured $100 million in Series-C funding at a valuation of $1.1 billion. The round is led by Founders Fund, with participation from previous backers Andreesen Horowitz, Silicon Valley solo capitalist Elad Gil and other high-profile individual tech investors, gaining the company unicorn status just two years after the official launch of its product suite"
- 2. FUNDING – Abnormal Raises $200M+ To Protect The Modern Enterprise Workforce" Abnormal Security, the leading AI-based cloud-native email security platform, announced today the close of a $210 million Series C round of financing led by global software investor Insight Partners, with participation from Greylock Partners and Menlo Ventures. With this round, the 4-year-old company is now valued at $4 billion."
- 3. PARTNERSHIP – Exabeam partners with ZeroFox to improve cyber defense capabilities for customers"Exabeam and ZeroFox announced an OEM partnership to enhance indicators of compromise (IoC) with an added layer of threat intelligence for Exabeam Fusion SIEM and Exabeam Fusion XDR customers. In addition to Exabeam site collector and cloud connecter data, Exabeam will merge the ZeroFox Adversary Disruption service into the Exabeam Threat Intelligence Service, included in all Exabeam Fusion products, to further enrich customers’ data."
- 4. PRODUCT – Siren 12.1 provides organizations with 360 degrees data visibility capability"Siren is a flexible, investigative intelligence platform that uses a data model to drive the discovery of associated data. Siren fuses previously-disconnected paradigms such as business intelligence (BI) dashboards, link analysis, content search, and operational monitoring." and "Siren 12.1 introduces the ability to generate a rich 360 degrees entity description. These are scripted interactive templates which show information about the record with data coming not only from the record itself, but also from connected records and web service calls."
- 5. PARTNERSHIP – Kroll and Armis join forces to strengthen cyber resilience for critical systems
- 6. PRODUCT – CoreLight: Spotting Log4j traffic in Kubernetes environmentsNeat: "The demo environment contained 4 K8s pods. Those pods where network traffic monitoring is required, have two containers, the service itself and vxlan. The vxlan container encapsulates all network traffic to and from the pod into a vxlan and forwards that traffic to the sensor-core pod. This traffic forwarding could also take place to an external network sensor. "
- 7. PRODUCT – Arctic Wolf Launches Arctic Wolf Labs"the mission of Arctic Wolf Labs is to develop cutting-edge technology and tools that are designed to enhance the company’s core mission to end cyber risk, while also bringing comprehensive security intelligence to Arctic Wolf’s customer base and the security community-at-large." Look here for tools: https://github.com/rtkwlf/wolf-tools
- 8. PRODUCT – Onapsis Announces New Offering to Jumpstart Security for SAP Customers"Onapsis Assess Baseline empowers companies of any size to accelerate time-to-value by simplifying deployment with a new SaaS-based, zero-footprint model and focusing on a core, targeted set of critical vulnerabilities as first steps on their journey to ensure cybersecurity, compliance, and availability of their SAP applications. When organizations are ready to take on more, Onapsis Assess Baseline offers easy expansion to additional scope for vulnerability management as well as capabilities for continuous threat monitoring and application security testing."
- 9. PRODUCT – Aqua Security’s Trivy Integrates with Docker Desktop to Help Developers Easily Identify Vulnerabilities"The new extension enables Docker Desktop users to access Trivy directly through the dashboard — no CLI needed — to quickly and easily parse and scan an unlimited number of container images. Scan results include vulnerability findings for both operating systems and programming language packages." Also, Docker Desktop now supports Linux, whoohoo!
- 10. ANNOUNCEMENT – Anchore Joins Docker Extension Program to Enable Deep Analysis of Container ImagesSounds familiar: "The Anchore Docker Desktop Extension is unique because it seamlessly scans each container image behind the scenes, without requiring developers to request an individual scan or wait for a scan to complete. Instead, the Anchore extension instantly displays the number and type of packages along with vulnerabilities segmented by severity level, allowing users to easily search for specific packages or vulnerabilities"
