Cloud security, Zero trust, Cybersecurity Asset Management, Incident response, Physical security, Remote access, Threat intelligence, Vulnerability management

Hacking Naked & Not Afraid – PSW #663

This week, we welcome back Harry Sverdlove, Founder and CTO of Edgewise, and Dan Perkins, Principal Product Manager at ZScaler, to talk about Protecting Critical Infrastructure and Workloads In Hybrid Clouds! In our second segment, it's the Security News! We'll be talking about how New Microsoft Defender ATP Capability Blocks Malicious Behaviors, Voice Phishers Targeting Corporate VPNs, IBM finds vulnerability in IoT chips present in billions of devices, Marriott faces London lawsuit over vast data breach, US firm accused of secretly installing location tracking SDK in mobile apps, and Disrupting a power grid with cheap equipment hidden in a coffee cup! In our final segment, we air two pre recorded interviews from Security Weekly's Virtual Hacker Summer Camp, with Corey Thuen, Co-Founder of Gravwell, and Deral Heiland, Principal Security Researcher for IoT at Rapid7!

Visit https://securityweekly.com/edgewise to learn more about them!

To learn more, visit: https://www.gravwell.io/summercamp2020

Visit https://securityweekly.com/rapid7 to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Protecting Critical Infrastructure In Hybrid Clouds – Dan Perkins, Harry Sverdlove – PSW #663

Customers are concerned about protecting critical services such as Active Directory from compromise. It's game over if AD is compromised. AD environments can be heterogeneous; public cloud, on-prem data centers, clients, servers. It is operationally complex to protect this environment while ensuring smooth business operations

How do you deal with changes in the environment? New apps? App updates? New systems? Harry will demo key points of Edgewise's answer to use software identity for microsegmentation and cloud workload protection.

This segment is sponsored by Edgewise Networks. Visit https://securityweekly.com/edgewise to learn more about them!

Sponsored By

Zscaler

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guests

Dan Perkins
Dan Perkins
Principal Product Manager at Zscaler

Dan is the product manager focused on building the Zscaler Workload Protection (Edgewise) platform into the best microsegmentation control on the market. His background is in virtualization systems, storage, and cybersecurity.

Harry Sverdlove
Harry Sverdlove
Chief Technologist at Zscaler

Harry Sverdlove, Chief Technologist for Secure Workload Communication, Zscaler, Inc. (formerly Co-Founder and Chief Technology Officer of Edgewise Networks), was previously CTO of Carbon Black, where he was the key driving force behind their endpoint security platform. Earlier in his career, Harry was principal research scientist for McAfee, Inc. (formerly Chief Scientist of SiteAdvisor), where he supervised the architecture of crawlers, spam detectors and link analyzers. Prior to that, Harry was director of engineering at Compuware Corporation (formerly NuMega), and principal architect for Rational Software, where he designed the core automation engine for Rational Robot.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Doug White
Doug White
Professor at Roger Williams University
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

2. Voice Phishers, ‘SpiKey’ Lock Picking, & Coffee Cup Hackers – PSW #663

New Microsoft Defender ATP Capability Blocks Malicious Behaviors, Voice Phishers Targeting Corporate VPNs, IBM finds vulnerability in IoT chips present in billions of devices, The Sounds a Key Make Can Produce 3D-Printed Replica, US firm accused of secretly installing location tracking SDK in mobile apps, and Disrupting a power grid with cheap equipment hidden in a coffee cup!

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Doug White
Doug White
Professor at Roger Williams University
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security

3. SWVHSC Micro Interviews: Gravwell & Rapid7 – Corey Thuen, Deral Heiland – PSW #663

What use cases are addressed by Threat Hunting Platforms and SIEMs? Where is the overlap and where are the differences? Corey Thuen, Founder of Gravwell, covers the high level and low-level tech that drives these differences. This segment is sponsored by Gravwell. Visit https://securityweekly.com/gravwell to learn more about them!

Gravwell is a threat hunting platform built for ingest and search of logs and binary data sources at scale. To learn more, visit: https://www.gravwell.io/summercamp2020

Deral Heiland, Principal Security Research IoT at Rapid7 will focus on the subject of IoT security and hacking, IoT testing and testing methods and related research topics. This segment is sponsored by Rapid7. Visit https://securityweekly.com/rapid7 to learn more about them!

Rapid7 Segment Resources: https://www.rapid7.com/research/%0D%0Ahttps://blog.rapid7.com/author/deral-heiland/

To gain access to our latest research (i.e. 2020 Q1 Threat Report, NICER and Under the Hoodie 2020 visit: https://www.rapid7.com/research/

Guests

Corey Thuen
Corey Thuen
Co-Founder at Gravwell

Corey Thuen is a founder of Gravwell and has spent over a decade doing cybersecurity at places like Department of Energy national labs, Digital Bond, and IOActive. That experience is now driving development of a full-stack analytics platform built to alleviate pain points he personally experienced from inflexible tools.

Deral Heiland
Deral Heiland
Principal Security Research IoT at Rapid7

Deral Heiland, CISSP, has over 20 years of experience in IT. Over the last 8+ years, he has focused on security research, security assessments, pen testing, and consulting.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Matt Alderman
Matt Alderman
VP, Product at Living Security
prestitial ad