Cybersecurity Asset Management, Cloud security, Email security, Identity and access, Security awareness, Threat intelligence, Zero trust, Incident response, Managed services

Hall of Shame – ESW #224

This week, we welcome Jeff Deininger, a Principal Cloud Security Engineer, joins us and will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectural elements to deny attackers the crucial traction needed to establish a foothold at the beginning of a campaign, leaving attackers feeling like they are inescapably 'walking on ice'.

Phishing links are getting past existing protections and clicked. How do you prevent these attacks? In this segment, Chris Cleveland, CEO at Pixm, will demonstrate how computer vision protection in the browser stops these attacks in real time and how you can know your own gaps.

In the Enterprise News for this week, Darktrace targets listing for early May, KKR-backed cybersecurity firm KnowBe4 aims for $3 Billion valuation in U.S. IPO, Dell spins off VMware to fuel post-pandemic PC growth opportunities, lots of funding announcements, and more!

Segment Resources:

Threat Report: https://pixm.net/wp-content/uploads/2021/03/Pixm-Q4-2020-Threat-Report.pdf

Visit https://securityweekly.com/extrahop to learn more about them!

Visit https://securityweekly.com/pixm to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. How Cloud Defenders Thwart Attacks Against Resilient Services – Jeff Deininger – ESW #224

In cybersecurity attackers have a structural advantage over defenders: they can succeed with a staggeringly high failure-rate (not caring that most attacks get blocked at the perimeter). Meanwhile, defenders lose when that single successful attack goes unnoticed regardless of how many attacks were successfully stopped. Disproportionate consequences similarly advantage attackers: typical times to detect and contain that one successful attack are still measured in weeks and months. Yet high-availability and resiliency characteristics built-in to "Well-Architected" microservices offer defenders an opportunity to turn the tables and rob attackers of their asymmetric advantages. The key missing ingredient is a sufficient early-warning system that can detect and respond to advanced threats.

In this presentation, Jeff Deininger, a Principal Cloud Security Engineer, will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectural elements to deny attackers the crucial traction needed to establish a foothold at the beginning of a campaign, leaving attackers feeling like they are inescapably 'walking on ice'.

This segment is sponsored by ExtraHop Networks.

Visit https://securityweekly.com/extrahop to learn more about them!

Sponsored By

ExtraHop Networks

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

Jeff Deininger
Jeff Deininger
Principal Cloud Security Engineer at Extrahop

Deininger has over 15 years of experience in security and IT operations
with a focus on data center technologies, service delivery and DevOps.
As an AWS Security Specialist, he is interested in the observability
conditions that create effective early warning systems for detecting and
containing cybersecurity events.

Hosts

Matt Alderman
Matt Alderman
VP, Product at Living Security
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Shields
Tyler Shields
CMO at JupiterOne

2. Stopping Phishing Breaches at the Point of Click – Chris Cleveland – ESW #224

Phishing links are getting past existing protections and clicked. How do you prevent these attacks? In this segment, Chris Cleveland, CEO at Pixm, will demonstrate how computer vision protection in the browser stops these attacks in real time and how you can know your own gaps.

Segment Resources:

Threat Report: https://pixm.net/wp-content/uploads/2021/03/Pixm-Q4-2020-Threat-Report.pdf

This segment is sponsored by Pixm.

Visit https://securityweekly.com/pixm to learn more about them!

Sponsored By

Pixm

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Chris Cleveland
Chris Cleveland
CEO at Pixm

Chris started PIXM after winning a pitch contest in Columbia’s machine learning graduate program. He built PIXM’s initial computer vision AI engine that stopped hundreds of phishing breaches at point of click in the browser. He has raised over five million in venture funding and is now on a mission to seal phishing gaps beyond the inbox with great technology.

Hosts

Matt Alderman
Matt Alderman
VP, Product at Living Security
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Shields
Tyler Shields
CMO at JupiterOne

3. Darktrace & Knowbe4 IPOs, Dell Spins Off VMWare, & Zscaler Keeps Growing – ESW #224

In the Enterprise News for this week, Darktrace targets listing for early May, KKR-backed cybersecurity firm KnowBe4 aims for $3 Billion valuation in U.S. IPO, Dell spins off VMware to fuel post-pandemic PC growth opportunities, lots of funding announcements, and more!

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Hosts

Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
  1. 1. FUNDING – Backup firm Druva protects data in the cloud with $147M in new funding - This is a Series H! Nearly half a billion raised with a ~$2bn valuation...
  2. 2. FUNDING – Grip Security raises $6M to improve SaaS security – TechCrunch - Looking like a very late-stage CASB, but they're YL Ventures-founded, so they've got to have something interesting up their sleeve with smart backing and the benefits of hindsight. I'm keen to find out more. Also - $6m is what a Series A looked like less than 10 years ago!
  3. 3. FUNDING – HYPR Raises $35M Series C Led by Advent International
  4. 4. FUNDING – Enterprise security platform Intrigue expands attack surface management with $2M round
  5. 5. FUNDING – Cado Security Closes $10M in Funding to Accelerate Adoption of First and Only Cloud-Native Digital Forensics Platform
  6. 6. FUNDING – PlexTrac Closes $10 Million Round to Fuel Growth of Cybersecurity Workflow Platform – PlexTrac
  7. 7. FUNDING – Talon Cyber Security Raises $26 Million to Develop Next-Generation Cyber Security for a Distributed Workforce
  8. 8. FUNDING – Wire closes $21m Series B funding led by UVC Partners · Wire
  9. 9. FUNDING – Open Source Security Management Firm WhiteSource Raises $75 Million
  10. 10. PUBLIC OFFERING – Cybersecurity Firm Darktrace Targets $4 Billion London IPO
  11. 11. PUBLIC OFFERING – Cellebrite to go public via $2.4 billion SPAC deal
  12. 12. MARKET REPORT – Crunchbase: Cybersecurity Research Report 2021 - * Despite the global pandemic, 2020 was a record year for cybersecurity investments with over $7.8 billion invested in the industry globally. * Investment in cybersecurity companies has increased more than ninefold since 2011. * The U.S. recorded 76% of all global cybersecurity funding in 2020, at $5.9 billion. * Israel is the second leading country in the industry – over 20% of the country’s venture funding went to cybersecurity companies in 2020. * 2020 recorded six new cybersecurity unicorns, a record for a single year at the time. Just a few months into 2021, nine new cybersecurity unicorns have already emerged, well surpassing the 2020 record. * In 2021, over $3.7 billion in cybersecurity investments have been recorded globally so far. This is on pace to smash the 2020 record.
  13. 13. NEW RELEASE – Introducing OpenSearch - A new FOSS fork of Elasticsearch and Kibana from AWS
  14. 14. NEW RELEASE – Checkov 2.0: Deeper, broader, and faster IaC scanning - BridgeCrew is already launching 2.0. The acquisition apparently isn't slowing them down much.
  15. 15. NEW RELEASE – Rumble 2.1: Notification Templates, AWS EC2 Enrichment, and Cisco SNTC Exports - No flies on HDM
  16. 16. TRENDS – Digital artists meet scam artists, as criminals pounce on NFT craze
  17. 17. ACQUISITION – The Next Phase of Velociraptor - Popular open source DFIR tool acquired by Rapid7. Metasploit still seems to be going strong after Rapid7 acquired it nearly 12 years ago, so this seems like a positive move.
Tyler Shields
Tyler Shields
CMO at JupiterOne
prestitial ad