Careers, Leadership, Vulnerability management, Identity and access, Insider threat, Critical infrastructure

ESW #288 – Paddy Harrington, Sean Metcalf

Enterprise browsers are a new addition into the endpoint security market. Combining enhanced features not in the existing browsers, with centralized reporting and controls, they're promising to bring a better experience to the users and a more secure delivery of applications to the companies who use them. What's real, what's "vision", and what makes them different than all the other solutions that promise to "secure the browsing experience".

In the Enterprise Security News for this week: Funding rounds are back!, Bitwarden rasies $100M for password management

Cymulate raises $70M, and a ton more Series A, Series B, and Seed announcements from vendors just coming out of stealth, Ethereum’s merge completes and moves to proof of stake, Some updates on the Twitterpocalypse, The latest in annoying buzzword innovation, and some Cyber Insurance trends that I promise are interesting!

Attackers have been targeting Active Directory for years and more recently set their sights on Azure AD & Microsoft Office 365. There are ways to tighten up these platforms beyond the default configuration and greatly improve the security posture.

Segment Resources:

Trimarc Webcast on how to quickly level up Active Directory security: https://www.hub.trimarcsecurity.com/post/webcast-top-10-ways-to-improve-active-directory-security-quickly

Performing your own Active Directory Security Review - article and PowerShell tool: https://www.hub.trimarcsecurity.com/post/securing-active-directory-performing-an-active-directory-security-review

Trimarc Content Hub: https://hub.trimarcsecurity.com

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Enterprise Browsers: Unicorns or Trophy Winners? – Paddy Harrington – ESW #288

Enterprise browsers are a new addition into the endpoint security market. Combining enhanced features not in the existing browsers, with centralized reporting and controls, they're promising to bring a better experience to the users and a more secure delivery of applications to the companies who use them. What's real, what's "vision", and what makes them different than all the other solutions that promise to "secure the browsing experience".

Announcements

  • Security Weekly listeners save 20% on InfoSec World 2022 passes! InfoSec World will be held September 27th through the 29th at Disney's Coronado Springs Resort in Lake Buena Vista, Florida. Visit securityweekly.com/isw and use the code ISW22-SECWEEK20 to secure your spot now!

Guest

Paddy Harrington
Paddy Harrington
Senior Analyst at Forrester Research

Paddy is a senior analyst at Forrester advising security and risk professionals. He focuses on endpoint security on platforms ranging from desktop PCs to internet-of-things (IoT) devices. His research includes the endpoint’s impact on the security of business applications and data in light of the recent proliferation of edge devices and the evolving work environment.

Paddy has 27 years of high-tech experience. Prior to coming to Forrester, Paddy developed learning and enablement solutions for the worldwide sales engineering teams at Citrix Systems, covering the entire portfolio of Citrix solutions. Earlier at Citrix, he led a sales engineering team targeting midmarket to enterprise organizations with focuses on healthcare and finance. His team helped customers achieve the secure delivery of their applications. Previously, as the CIO of a consulting services company, Paddy was instrumental in the firm’s growth into a larger provider of networking, application delivery, and application security solutions.

Hosts

Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Katie Teitler
Katie Teitler
Senior Security Strategist at Axonius
Tyler Shields
Tyler Shields
CMO at JupiterOne

2. Microsoft Identity Security Issues – Sean Metcalf – ESW #288

Attackers have been targeting Active Directory for years and more recently set their sights on Azure AD & Microsoft Office 365. There are ways to tighten up these platforms beyond the default configuration and greatly improve the security posture.

Segment Resources:

Trimarc Webcast on how to quickly level up Active Directory security: https://www.hub.trimarcsecurity.com/post/webcast-top-10-ways-to-improve-active-directory-security-quickly

Performing your own Active Directory Security Review - article and PowerShell tool: https://www.hub.trimarcsecurity.com/post/securing-active-directory-performing-an-active-directory-security-review

Trimarc Content Hub: https://hub.trimarcsecurity.com

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

Sean Metcalf
Sean Metcalf
Founder & CTO at Trimarc

Sean Metcalf is founder and CTO at Trimarc (TrimarcSecurity.com), a professional services company which focuses on improving enterprise security. He is one of about 100 people in the world who holds the Microsoft Certified Master Directory Services (MCM) Active Directory certification, is a Microsoft MVP, and has presented on Active Directory, Azure AD, & Microsoft Cloud attack and defense at security conferences such as Black Hat, BSides, DEF CON, and DerbyCon.

Hosts

Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Katie Teitler
Katie Teitler
Senior Security Strategist at Axonius
Tyler Shields
Tyler Shields
CMO at JupiterOne

3. Funding Rounds Rebound, Bitwarden Password Management, Cymulate, & Ethereum’s Merge – ESW #288

In the Enterprise Security News for this week: Funding rounds are back!, Bitwarden rasies $100M for password management

Cymulate raises $70M, and a ton more Series A, Series B, and Seed announcements from vendors just coming out of stealth, Ethereum’s merge completes and moves to proof of stake, Some updates on the Twitterpocalypse, The latest in annoying buzzword innovation, and some Cyber Insurance trends that I promise are interesting!

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Hosts

Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
  1. 1. FUNDING: Open source password manager Bitwarden raises $100M - $100M Series B led by PSG, with Battery Ventures. I'm not sure I see enough market for all these password managers to capture. I'd love it if we saw market saturation on both the consumer and enterprise side, but I've been underwhelmed with adoption so far. More and more companies are requiring password database use, so that's a good sign, I think. How does the competition's war chests compare? Let's look at the most recent funding rounds for each: 1Password: $620M Series C in Jan 2022 Dashlane: $110M Series D in May 2019 Keeper Security: $60M PE round in August 2020 LastPass: Recently spun back out of PE-land; $200M revenue in 2021
  2. 2. FUNDING: Cymulate snaps up $70M to help cybersecurity teams stress test their networks with attack simulations - $70M Series D led by One Peak. Total raised is $141M with a ~$500M valuation. 200 employees, 500 paying customers. Sounds like the Breach and Attack Simulation (BAS) term is out and "Extended Security Posture Management" is in.
  3. 3. FUNDING: Reciprocity Announces $60M Growth Investment from Francisco Partners - $60M strategic growth investment from Francisco Partners. The company's ROAR (Risk Observation, Assessment, and Remediation) platform appears to be a GRC tool, estimating risk and tracking compliance activities
  4. 4. FUNDING: Isovalent Raises $40M Series B as Cilium and eBPF Transform Cloud Native Service Connectivity and Security - $40M Series B led by Thomvest Ventures. Creator of the Cilium project, which is apparently the default in several managed Kubernetes offerings from GCP and AWS. Also behind eBPF as well??
  5. 5. FUNDING: Huntress Scores $40M Funding, Plans International Expansion - $40M in debt financing. MDR platform.
  6. 6. FUNDING: Dig Security Secures $34 Million Series A Investment Led By SignalFire to Deliver Real-time Data Security for the Cloud - $34M Series A led by SignalFire. Data Security Posture Management (DSPM).
  7. 7. FUNDING: SaaS Alerts Secures $22M Investment from Insight Partners to Scale SaaS Security Monitoring and Response Platform - $22M Series A (?) led by Insight Partners. SaaS Security (aka CASB v2)
  8. 8. FUNDING: Data Security Company Open Raven Raises $20 Million - $20M Series B led by Pelion Venture Partners. Total funding at $40M. DSPM
  9. 9. FUNDING: Opus Security emerges from stealth to help tackle cloud security threats - $10M Seed from YL Ventures, Tiger Global, and angels. SOAR v2 - the founders are ex-Siemplify. SOAR v1 was difficult to implement and develop for, which led to this second round of automation/orchestration startups. I presume Opus would be competing with the likes of Rapid7 and Tines.
  10. 10. FUNDING: HyperComply raises $6.4m for due diligence service - $6.4M Seed, led by FirstMark Capital and Golden Ventures. Compliance automation, questionnaire assistance, accelerate SOC 2, etc...
  11. 11. FUNDING: Data protection RegTech Codenotary raises $6m
  12. 12. FUNDING: Hornetsecurity Boosts Private Equity Funding; Seeks More Cybersecurity Acquisitions – MSSP Alert - German, PE-backed Hornetsecurity is consolidating MSSPs with at least 5 firms acquired so far, and planning more with this financing.
  13. 13. ACQUISITIONS: Google completes acquisition of Mandiant
  14. 14. TRENDS: PromptBase - The world of AI art feels like it has exploded overnight. The results range from unbelievable to grotesque. As these tools are rapidly adopted and begin to cross over from hobbyist oddities to commercially useful, there are some tough questions. Should for-profit AI art services be required to pay the artists and respect the copyrights of works that their AI models were trained on? Is the output of an AI art tool really "art" and can it be sold as such? What happens when AI art tools are trained on AI art that trained on AI art that trained on AI art? Is the process of creating a prompt for one of these tools an artistic endeavor? At least one website things so: PromptBase is a marketplace where people can sell the prompts they used to create specific images. This marketplace is an eye opening collection of what these tools are truly capable of. Photorealistic people, clipart, icons, logos, stock photos. Redbubble, Shutterstock, Getty, Fiverr, and the rest of the entire media asset and creation industry must either be very nervous or very litigious right now.
  15. 15. TRENDS: How it Works — Yondr
  16. 16. TRENDS: World’s Biggest Ether Mining Firm to Shut Down After the ‘Merge’
  17. 17. TRENDS: North America is seeing a hiring jump in medical industry cybersecurity roles
  18. 18. TRENDS: Portabl – Universal Financial Identity for All
  19. 19. TWITTERPOCALYPSE: Ten Points from Peiter “Mudge” Zatko’s Twitter Testimony - 1. No dev environment - engineers test in PROD 2. No one knows what data they have or where it is 3. No central logging capabilities 4. Management is aware of issues, but prioritizes growth over security anyway 5. FTC is being misled 6. 80% of Twitter's user base is outside the US, but has no ability to monitor or review non-english tweets 7. Foreign agents are active in Twitter, but Twitter looks the other way 8. Twitter is reactionary & trails 10 years behind industry best practice 9. Twitter doesn't and can't remove user data, because they don't understand how it's all stored (potential violation of GDPR and CCPA) 10. Twitter employees can manipulate bank account info for large 3rd party advertisers
  20. 20. WINS: Twitter Agreed to Pay Whistleblower Roughly $7M in June Settlement - He also stands to profit from the actual whistleblowing complaint, if it results in fines against Twitter. It is all worth having yourself and family come under attack by armies of lawyers and investment advising firms?
  21. 21. WINS: The Reformed Analyst - Our very own Katie Teitler has a new newsletter on Substack that you should check out!
  22. 22. FAILS: Patreon security team layoffs cause backlash in creator community - We covered this over on Business Security Weekly episode 276, so we won't duplicate the effort here. You should go check that episode out though! https://securityweekly.com/bsw276
  23. 23. FAILS: £6bn Darktrace takeover collapses after US buyers walk away
  24. 24. FAILS: As Ex-Uber Executive Heads to Trial, the Security Community Reels
  25. 25. FAILS: Shiba Inu cloud credentials leaked on a public repository!
  26. 26. REPORTS: Momentum Cyber’s Market Review for August 2022 - Always worth a scroll, Momentum Cyber has some great stats and information on the latest market happenings.
  27. 27. BUZZWORDS: Votiro’s new messaging: Zero Trust Content Security - Votiro sanitizes files, messages, and other content. As they've expanded beyond file sanitization, they needed a term that was more inclusive of the new ground they're covering: Zero Trust Content Security. I understand the attraction - Zero Trust is one of the hottest buzzwords right now (https://swagitda.com/blog/posts/infosec-buzzword-bingo-2022/). They're using Zero Trust as a metaphor though, which will only further dilute and confuse literal uses of the Zero Trust term. Good work for industry analysts though, as buyers will turn to them to translate all the latest vendor-speak. I suppose Zero Trust Content Security is better than the long version: API-First Content Disarm and Reconstruction (CDR) Software-as-a-Service.
  28. 28. LEADERSHIP: Security for growth companies - A nice read from Bessemer on security recommendations for high growth startups, with some commentary from seven well known security leaders (Lenny Zeltser, Kathy Wang, Cassio Goldschmidt, Erik Bataller, Emilio Escobar, Talha Tariq, and Jason Chan). The five security principles proposed are: 1. Build a cybersecurity culture 2. Invest in identity 3. Secure your cloud and development environment 4. Manage your data assets and environment 5. Monitor your third-party risk
  29. 29. CYBERINSURANCE: Cyber Insurance Coverage & Policy Highlights - This is just one cyber insurance provider I stumbled across the other day, but I found their coverage highlights interesting and revealing. Probably should have occurred to me sooner that the latest cyber insurance product updates can provide a window into trends in attacks and breaches, but here we are. Some of the more notable highlights include: - Cryptojacking coverage - Bricking coverage - Invoice manipulation coverage - Social engineering coverage Their cyber insurance calculators are interesting as well, and a lot of fun to play around with: https://www.at-bay.com/cyber-risk-calculators/
  30. 30. SQUIRREL: Breaking: Linux company SUSE sold to Taco Bell
  31. 31. SQUIRREL: USB-C naming to somehow get worse with USB4 Version 2.0 - https://arstechnica.com/gadgets/2022/09/usb-c-naming-to-somehow-get-worse-with-usb4-version-2-0/
Katie Teitler
Katie Teitler
Senior Security Strategist at Axonius
Tyler Shields
Tyler Shields
CMO at JupiterOne
prestitial ad