Threat intelligence, Application security, Cloud security, Data security, DevOps, Privacy, Security awareness

One Bug Away – ESW #201

This week, first we talk Enterprise News, discussing how Anchore Rolls Out Open Source DevOps Tools, Rapid7 Cloud Identity and Access Management Governance Module for DivvyCloud, Digital Shadows launches access key alerts, Microsoft Azure customers can now implement Datadog as a monitoring solution for their cloud workloads, and Ping Identity unveils PingOne Services! In our second segment, we welcome Cris Neckar, CISO of Spring Labs, to discuss Trading Least Privilege for Security Theater! In our final segment, we welcome Jen Ayers, VP of OverWatch at Crowdstrike, for an interview on the 2020 Threat Hunting Report: Insights from the CrowdStrike OverWatch Team!

Visit https://securityweekly.com/crowdstrike to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. PingOne Services, Digital Shadows Key Alerts, & Azure Implements Datadog – ESW #201

Anchore Rolls Out Open Source DevOps Tools, Rapid7 Cloud Identity and Access Management Governance Module for DivvyCloud, Digital Shadows launches access key alerts, Microsoft Azure customers can now implement Datadog as a monitoring solution for their cloud workloads, and Ping Identity unveils PingOne Services!

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Hosts

2. Trading Least Privilege for Security Theater – Cris Neckar – ESW #201

The appearance of safety and actual security often do not align as closely as we would like to think. As enterprise security products get "smarter", the access that they require to your most sensitive data grows. What are some of the risks associated with common classes of security products?

Announcements

  • It's official! Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. The inaugural edition of Security Weekly Unlocked also celebrates Security Weekly's 15th Anniversary. Visit securityweekly.com/unlocked to submit your presentation & register for free!

Guest

Cris Neckar
Cris Neckar
CISO at Spring Labs

Cris is the Chief Information Security Officer of Spring Labs, providing a decentralized and transformative infrastructure for secure data exchange. Prior to joining Spring Labs, Cris co-founded Divergent Security, a top-tier offensive security assessment firm that has assessed many of the world’s most sensitive enterprise environments. With over 15 years of leadership experience in red teaming, penetration testing, security research, software development, incident response and recovery, and cyber security education and training. Cris has been directly involved in the identification and investigation of several high profile data breaches. CVEs to Cris’ name include critical, remotely exploitable vulnerabilities in the Windows kernel, Internet Explorer, Chrome, Cryptocurrency Exchange Platforms, and WebEx. Cris was one of the original members of Google’s Chrome Security Team.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Matt Alderman
Matt Alderman
VP, Product at Living Security

3. 2020 Threat Hunting Report: Insights From the CrowdStrike OverWatch Team – Jen Ayers – ESW #201

Falcon OverWatch, the CrowdStrike® elite team of threat hunters, has the unparalleled ability to see and stop the most sophisticated threats, leaving adversaries with nowhere to hide. In this segment we'll discuss the OverWatch team’s key threat hunting findings from the first half of 2020, as described in the 2020 Threat Hunting Report. The report reviews intrusion trends during that time frame, provides insights into the current landscape of adversary tactics and delivers highlights of notable intrusions OverWatch identified.

Download the full report https://www.crowdstrike.com/resources/reports/threat-hunting-report-2020/

Learn about the latest trends in cyber crime and take a deep dive into some of the tactics, techniques and procedures in use by specific cyber crime groups!

Visit https://securityweekly.com/crowdstrike to learn more about them!

Sponsored By

CrowdStrike

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Jen Ayers
Jen Ayers
Vice President, OverWatch at CrowdStrike

Jennifer Ayers, VP of OverWatch at CrowdStrike, has over 20 years of cybersecurity experience. She is responsible for a team of elite threat hunters who proactively hunt for malicious activity in globally diverse environments and uniquely pinpoint the most urgent threats for quick remediation with the integration of next-generation technology and machine learning. Prior to her current role with CrowdStrike, Jennifer was the director of product management at CrowdStrike and spent three years at FireEye within security operations. Jennifer also held multiple roles for GE as a cyber leader in incident response, computer forensics and supplier security.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Matt Alderman
Matt Alderman
VP, Product at Living Security
prestitial ad