Application security, Cybersecurity Asset Management, Vulnerability management

Everyone Works Everywhere – ESW #235

This week, in our first segment, we welcome Ed Rossi, Vice President of Product Management, Asset Inventory & Discovery at Qualys, to talk about Reinventing Asset Inventory for Security! Then, in the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more! Finally, we wrap up the show with two micro interviews from RSAC2021 featuring Mark Ralls from Acunetix by Invicti, and Wayne Haber from GitLab!

Segment Resources:

CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/

CSAM video overview: https://vimeo.com/551723071

Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/

Visit https://securityweekly.com/qualys to learn more about them!

Visit https://securityweekly.com/acunetix to learn more about them!

Visit https://securityweekly.com/gitlab to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Reinventing Asset Inventory for Security – Ed Rossi – ESW #235

Security teams relying on asset inventory from their IT counterparts can be a challenge due to a lack of security context for assets. This gap can lead to missed opportunities to identify and fix asset-centric issues like EOL or unauthorized software that they can address even before running their vulnerability management program. Ed will discuss the role asset inventory plays in your overall security strategy. This will include the importance of security context for IT assets, which teams benefit from the information, how to identify and assess the health of critical databases and how to effectively implement a cybersecurity asset management practice.

Segment Resources:

CSAM free trial: https://www.qualys.com/forms/cybersecurity-asset-management/

CSAM video overview: https://vimeo.com/551723071

Webpage: https://www.qualys.com/apps/cybersecurity-asset-management/

This segment is sponsored by Qualys.

Visit https://securityweekly.com/ to learn more about them!

Sponsored By

Qualys

Announcements

  • CyberRisk Alliance, in partnership with InfraGard, has launched the Critical Infrastructure Resilience Benchmark study. Measure your readiness for ransomware by completing the survey and getting your score. Visit https://securityweekly.com/CIRB to take the survey

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Ed Rossi
Ed Rossi
Vice President Product Management, Asset Inventory & Discovery at Qualys

Ed Rossi is an experienced product management leader with over 20 years in the IT Asset Management and Software Asset Management space. He recently joined Qualys as Vice President, Product Management, focused on Asset Inventory & Discovery. Ed spent six years at Flexera Software, leading the product team driving their ITAM & SAM offerings and concentrating on helping clients manage their technology investment from on-premises hardware and software to SaaS & Cloud Infrastructure. Previously, Ed was with IBM, where he focused on IT Asset Management, Discovery & Service Management products across several roles. Ed is passionate about the need for strong visibility across the IT ecosystem to support a strong IT Security program and to manage assets more effectively in an increasingly complex technological world.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

2. Rapid7 Acquires Intsights, Intezer Refines Malware Analysis, & Funding News – ESW #235

In the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more!

Announcements

  • Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Our Call For Presentations Deadline has been extended through July 23rd at 11:59 pm ET! Visit securityweekly.com/unlocked to submit your presentation!

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
  1. 1. SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab - "With the addition of the two new attacks, SafeBreach allows security teams to validate their endpoint solutions against the following advanced attacks: Carbanak+FIN7 – attacks for local host infection and malicious behavior, Solorigate – attacks for SolarWinds Orion Platform compromise using SunBurst malware, APT29 (CozyBear) – attacks for local host infection and malicious behavior, Credential threat – techniques such as dumping passwords and authentication tokens, OS configuration changes – modifying the operating system configuration to enable malicious activity, Code execution – techniques to verify whether it is possible to enable malicious activity, Ransomware infection – known attacks including WannaCry, JAFF, Locky, NotPetya, and others"
  2. 2. Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks - "Stellar Cyber has incorporated its XDR Kill Chain into the new version 4.0 of its Open XDR platform. It is the first platform on the market to integrate a kill chain that is purpose-built for XDR, increasing the ability of security analyst teams to spot quickly both internal and external attacks as well full attack progressions. The new version enables both enterprises and MSPs/MSSPs/MDRs to make powerful new advancements in security team efficiency and boost the effectiveness of cybersecurity protection, detection and response."
  3. 3. SentinelOne raises over $1 billion in upsized U.S. IPO - "SentinelOne Inc, a cybersecurity firm backed by billionaire investor Daniel Loeb’s hedge fund Third Point, raised about $1.23 billion through an upsized U.S. initial public offering on Wednesday, giving it a valuation of roughly $8.87 billion."
  4. 4. Intezer – Reimagining the Malware Analysis Experience - "Support for analyzing non-binary formats (e.g., Microsoft Office documents and PDF files), Sandboxing capabilities and behavior analysis, Automatic extraction of Indicators of Compromise (IoCs), Mapping capabilities to the MITRE ATT&CK® matrix using static code analysis, Improved UI and simplified reports, Plus much more coming on our roadmap soon, including URL scanning and analyzing phishing emails"
  5. 5. Armis Secures 100% Visibility of all OT, ICS & IT Assets and Real-Time Detection Tactics in MITRE Engenuity ATT&CK® Evaluations for Industrial Control Systems (ICS) - " Armis provided 100% visibility of all IT & OT/ICS assets with real-time detection of all initial access and lateral movement. In addition, Armis achieved 100% coverage of all MITRE Engenuity ATT&CK Evaluations for ICS tactics."
  6. 6. Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection - " U.S. Patent No. 10,972,494 and U.S. Patent No. 11,019,091 validate Bugcrowd’s unique ability to leverage and integrate the expertise of the Crowd with its platform, common service infrastructure, workflow orchestration, and cross-organizational analytics to secure innovation sooner."
  7. 7. Rapid7 Acquires Threat Intelligence Firm Intsights for $335 Million - "Intsights seeks to be proactive -- to recognize and mitigate an attack before it occurs. It does this by crawling both the surface and dark web looking for indications that an attack is being planned by a hacker or criminal gang."
  8. 8. Cybereason acquires Israeli cybersecurity firm Empow
  9. 9. Riverbed Launches New Open-Forum Community to Serve NetOps, SecOps and IT Practitioners - "Riverbed announced today that it launched Riverbed Community, where customers, colleagues and peers come to connect to share their insights on visibility, performance and security of networks, applications and end users, and current issues affecting the IT industry, as well as shared experiences with Riverbed products and solutions. "
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

3. Why Transparency Matters & Web Application Prioritization – Mark Ralls, Wayne Haber – ESW #235

The shift away from web application security, caused by the pandemic and the focus on remote workforces, resulted in an increased number of web vulnerabilities. In this segment, Mark talks about the best starting point for organizations to get back on track and prioritize your web app security.

This segment is sponsored by Acunetix.

Visit https://securityweekly.com/acunetix to learn more about them!

Security can be somewhat of a mystery at a lot of organizations. Most companies choose to be tight-lipped about the security measures they have implemented. Rightfully so, there is an underlying fear that publicizing your security efforts could make you more vulnerable to security attacks and damage your reputation with your customers. However, there is another way. Transparency can be your ally in security.

This segment is sponsored by GitLab.

Visit https://securityweekly.com/gitlab to learn more about them!

Guests

Mark Ralls
Mark Ralls
President and Chief Operating Officer at Acunetix by Invicti

Mark Ralls is President and Chief Operating Officer of Invicti Security, a world leader in web application vulnerability scanning. In this role, Mark leads several functions, including the company’s Marketing team. Prior to joining Invicti, Mark was Managing Director of Business Operations at Vista Consulting Group, the consulting arm of Vista Equity Partners. Prior to joining Vista, Mr. Ralls worked as Senior Vice President of Product Management and Strategy at Social Solutions Global, where he led Product Management and Product Marketing teams and was responsible for driving product strategy for nonprofit and public sector customers. Before his time with Social Solutions, Mr. Ralls worked at SolarWinds, a provider of IT management software, where he served as Group Vice President of Business Applications and Analytics. Prior to SolarWinds, Mr. Ralls worked at the Boston Consulting Group, where he consulted for Fortune 1000 clients across a number of industries and functions.

Wayne Haber
Wayne Haber
Director of Engineering at GitLab

Wayne Haber, CISSP is the director of engineering at GitLab for the threat management and growth departments. His teams focus on things including vulnerability management, Kubernetes container security, growth hacking, and engineering productivity. Wayne has more than 20+ years of experience in security and engineering. When not working, Wayne is a dedicated learner averaging one book a week.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Matt Alderman
Matt Alderman
VP, Product at Living Security
prestitial ad