Data security, DevOps, Vulnerability management, Zero trust, Incident response

Sassy & Thoughtful – ESW #231

This week, in our first segment, we welcome Ian Tien, CEO and Co-Founder of Mattermost, to discuss "Open-Source Enterprise Communication Security "! In the second segment, Russell From, Enterprise Services Integration Engineer Lead at Tanium joins to talk Tanium for Incidents! In the Enterprise News, Zero trust networking startup Elisity raises $26M , Contrast Security Launches Contrast Scan, Vectra Launches Detect for AWS, SOAR Is an Architecture, Not a Product, & Deloitte Acquires Cloud Security Posture Management!

Segment Resources:

To stay connected with Tanium's Endpoint Security Specialist team, join our community site:

https://community.tanium.com/s/ues-discussion-group

Visit https://securityweekly.com/tanium to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. Open Source Enterprise Communication Security – Ian Tien – ESW #231

Data security is more important than ever for enterprise organizations -- but in a time where data breaches have become common, it's also more challenging than ever. Mattermost co-founder and CEO Ian Tien shares how leveraging open source software can help enterprises work more securely by allowing organizations to maintain data sovereignty, inspect and evaluate source code, and adapt solutions to meet their security needs.

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Security Weekly is ecstatic to announce that Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Call for presentations & early registration for Security Weekly listeners is open now! Visit securityweekly.com/unlocked to submit your presentation & register for the early registration price before it expires!

Guest

Ian Tien
Ian Tien
CEO and Co Founder at Mattermost

Ian Tien is CEO and co-founder of Mattermost, Inc., a high trust, open source Slack-alternative empowering enterprise DevOps and InfoSec teams to increase safety, efficiency, and innovation. He was previously an engineering leader in Microsoft Office, where he earned over a dozen patents. Ian is an alumnus of Waterloo, Cornell and Stanford Business School, where he served as a teaching assistant for Andy Grove and Myron Scholes.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Shields
Tyler Shields
CMO at JupiterOne

2. Tanium for Incidents. How the Best Defense Gets Better: Part 1 – ESW #231

Security starts before detection, it starts before investigations. Mature security teams understand the importance of good hygiene and take proactive measures to secure themselves against the ever-increasing threat landscape. Join us this week as Russ From, Enterprise Services Lead, talks through a holistic approach to security using the Tanium platform approach. Learn why the best security teams rely heavily on Tanium to get smarter, faster, better in responding to threats and how your organizations can do the same.

For folks interested in a trial of Tanium, check out: https://try.tanium.com/

To stay connected with Tanium's Endpoint Security Specialist team, join our community site:

https://community.tanium.com/s/ues-discussion-group

or find us on Slack:

https://docs.google.com/forms/d/e/1FAIpQLSf56reMK4BQPkoLO4MTp-QPMJsxOlJD-MqargZxhW3kNsA3dA/viewform?usp=sf_link

This segment is sponsored by Tanium.

Visit https://securityweekly.com/tanium to learn more about them!

Sponsored By

Tanium

Announcements

  • Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!

Guest

Russell From
Russell From
Enterprise Services Integration Engineer Lead at Tanium

Russell From is currently an Enterprise Services Systems Integration Engineering Lead for Tanium where he leads Tanium’s Enterprise Services Security Specialists to enable public and private organizations utilize Tanium’s real-time endpoint management and visibility technology for threat investigation and remediation, SOC automation, software deployment, compliance, network discovery, patching, vulnerability scanning, integrity monitoring, and sensitive data discovery.

Previously, Russ was a Senior Network Security Engineer for US Cellular where he defended customers and business partners by focusing on proactive network behavior analysis, network forensics, mobile malware identification and remediation, DDoS defense, and threat intelligence automation. Russ also defended the largest electronic medical records vendor in the US as the Network Security lead on IPS, IDS, Network Decryption, Traffic Analysis, and Network Security Response on fully Micro-Segmented & Multi-Tenant infrastructure.

Before moving to the defensive side of cyber security, Russ had 8 years of experience including being a Principal Network Engineer where he worked to build the first public cloud infrastructure for North America’s largest wireless telecommunications carrier. Russ currently holds the CISSP, GPEN, GMON, GCIA, GCIH, and GSEC Gold certifications. Russ also has a bachelor’s from UW-Madison in Computer Engineering, an MBA from Marquette University, and is working to complete the SANS master’s in information security engineering program.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Shields
Tyler Shields
CMO at JupiterOne

3. RSA Outseer, Elisity Zero Trust, Contrast Scan, & SOAR Soup – ESW #231

This week, In the Enterprise News Paul and the crew talk: Zero trust networking startup Elisity raises $26M , Contrast Security Launches Contrast Scan, Vectra Launches Detect for AWS, SOAR Is an Architecture, Not a Product, & Deloitte Acquires Cloud Security Posture Management, & more!

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
  1. 1. Deloitte Acquires Cloud Security Posture Management - "Deloitte announced its acquisition of substantially all the assets of CloudQuest, Inc. (CloudQuest), a cloud security posture management (CSPM) provider based in Cupertino, Calif. The deal will bolster Deloitte’s existing cloud cybersecurity offerings with CloudQuest’s cloud-native security capabilities to more seamlessly manage security workflows, reduce risk and improve data security."
  2. 2. ThreatX raises $10M to strengthen its position in the web application security market – Help Net Security - They are taking on a lot of functionality: "1) WEB APP PROTECTION - Application and attack profiling combined with IP fingerprinting are continuously correlated to identify, track and block threat actors. 2) NATIVE API PROTECTION- API-native and has robust features to address API-centric attacks such as support for WebSockets, detection of host enumeration, and customer rules to identify expensive application calls. 3) BOT MANAGEMENT - To block or not to block. That is the question and the answer. Know when to let the good Bots in and keep the bad Bots out. 4) DDOS MITIGATION - Based on attacker profiling, detect and neutralize layer 7 attacks, OWASP Top 10, bots, DDoS, and zero-day threats with high precision"
  3. 3. Zero trust networking startup Elisity raises $26M - Sounds like Edgewise (who was acquired by ZScaler): "It combines the paradigm of zero trust access, meaning no user is trusted by default from inside or outside the network, and a software-defined perimeter to authorize users, devices, and apps based on policies before they can communicate with critical resources. Access is monitored by AI algorithms that track, monitor, and analyze flows and user behavior to make recommendations and discover all of an organization’s assets to build an encrypted mesh overlay between a cloud services panel and network probes."
  4. 4. Contrast Security Launches Contrast Scan - How is this different or better than the other SASTs on the market alread? "Contrast Security announced the release of Contrast Scan that revolutionizes static application security testing (SAST) with pipeline-native static analysis to analyze code and detect vulnerabilities early on in the software development life cycle (SDLC). The release of Contrast Scan extends the DevSecOps capabilities of the Contrast Application Security Platform to the entire SDLC, empowering security teams to run scans up to 10x faster and remediate vulnerabilities up to 45x faster while meeting compliance requirements of an organization's security policy."
  5. 5. Sonatype Launches Novel Deep Code Analysis Platform Designed for Developers - "today unveils Sonatype Lift (Lift), a first-of-its-kind, cloud-native, deep code analysis platform. Lift installs easily on any source repository in minutes and provides developer-friendly feedback on a wide range of bug types, ranging from lightweight style issues to complex coding errors commonly found in first-party source code and third-party open source libraries."
  6. 6. Vectra Launches Detect for AWS - Curious how it does all this, through logs and events, packet monitoring, both? Clearly not via an agent: "1) Reduce risk of cloud services being exploited with agentless runtime monitoring of applications, users, roles, serverless compute, and storage that allows for rapid and scalable deployment of applications. 2) Rapidly detect threats against your systems and data on AWS using one of the first behavioral AI that detects and prioritizes threats without relying on signatures, agents, or static policy while protecting against attacks looking to exploit misconfigured services. 3) Automate response to attacks on applications running on AWS using native capabilities in AWS, or deep integrations with other security solutions allowing teams to mitigate threats without relying on agents."
  7. 7. SOAR Is an Architecture, Not a Product - "But as SOAR use cases evolve to real-world situations and industry analysts adjust their definition of the market, it's becoming increasingly clear that SOAR is less of a singular platform and more of a comprehensive architecture for tying a lot of threads in the security stack together in a meaningful fashion, including threat intelligence platform (TIP) capabilities." - So SOAR is more about how you make the soup than the ingredients?
  8. 8. Check Point Software Technologies Launches Automated Unified Cloud Workload Protection - Buzzword winner of the week: "As the COVID-19 pandemic forced enterprises to transition to the new ‘work from anywhere’ environment, cloud became a natural progression for organizations looking to enable their remote workers quickly. As more organizations are still migrating to the cloud in parallel to undergoing the “shift-left” organizational change, security teams find themselves with multiple platforms to manage. These platforms provide neither the visibility nor the ability to protect the rapidly growing cloud workload deployments."
  9. 9. Google taps Thales to power Google Workspace client-side encryption - "hales today announced that its CipherTrust Manager and SafeNet Trusted Access have been integrated with Google Workspace Client-side encryption (beta coming soon), a new privacy and confidentiality offering for Google Workspace users. Providing enhanced key management capabilities and identity protection, customers can benefit from improved regulatory compliance and data ownership by allowing them to maintain ownership of keys used to encrypt Google Workspace documents."
  10. 10. Forcepoint to acquire UK-based cybersecurity firm Deep Secure - "Forcepoint, a global leader in data-first cybersecurity solutions that protect critical information and networks for thousands of customers throughout the world, today announced the company has signed a definitive agreement to acquire U.K. based Deep Secure. Deep Secure’s cybersecurity products and services protect organizations from cyberattacks delivered via malware and help prevent unwanted data loss."
  11. 11. Auth0 WebAuthn Passwordless Offers New Levels of Ease and Security for Modern Authentication - "With Auth0 WebAuthn Passwordless, users can authenticate with Web Authentication-powered (WebAuthn) biometrics, the official web standard for passwordless authentication as published by W3C and used by FIDO, for first-factor authentication. This form of authentication eliminates security weaknesses based on password reuse, since passwords are not required. Additionally, Auth0 WebAuthn Passwordless is an ideal option for companies looking to build and provide an authentication experience supporting conversion and retention of users who want more choice and less friction in their login experience."
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
  1. 1. IPO: Axonius Announces Addition of Jerry Raphael to its Executive Team - Axonius is prepping for an IPO! NYSE or NASDAQ? What does JuniperOne think? Discuss.
  2. 2. FUNDING: Investment News: Immersive Labs raises $75m - Interactive labs as a service for training! Also hiring assistance (practical testing).
  3. 3. FUNDING: Recorded Future launches its new $20M Intelligence Fund for early-stage startups – TechCrunch - Recorded Future is now an investor! It's hoping to fund some early-stage startups focused on using AI to create valuable intelligence that RF could plug into its own platform in the future.
  4. 4. RSA Introduces Outseer, a Spinout of its Fraud & Risk Intelligence Unit, to Transform Customer Authentication and Accelerate Revenue for the Digital Economy - The first big news to come out of RSA since it was acquired by STG, they're spinning out some of their products & services as a rebranded subsidiary! RSA Adaptive Authentication becomes Outseer Fraud Manager, RSA Adaptive Authentication for eCommerce becomes Outseer 3-D Secure, and RSA FraudAction becomes Outseer FraudAction.
Tyler Shields
Tyler Shields
CMO at JupiterOne
prestitial ad