Application security, Cybersecurity Asset Management, Cloud security, Compliance, Data security, DevOps, Identity and access, Incident response, Insider threat, Privacy, Remote access, Threat intelligence, Vulnerability management, Zero trust

Snake Oil – ESW #195

This week, first we talk Enterprise News, discussing how ThreatConnect Integrates with Microsoft Graph Security API to Strengthen Security Automation, Sectigo unveils Sectigo Quantum Labs to help orgs prepare for quantum computers, Trend Micro to offer comprehensive network and endpoint protection for IoT and 5G private networks, Thycotic Releases Thycotic Identity Bridge, and more! In our second segment, we air two pre recorded interviews from Security Weekly Virtual Hacker Summer Camp with Chris Morales from Vectra, and Anton Chuvakin from Google Cloud & Matt Hastings from Tanium! In our final segment, we air two more precorded interviews from Virtual Hacker Summer Camp with Dan DeCloss from PlexTrac, and Gabe Gumbs from Spirion!

To get one month free, visit: https://securityweekly.com/plextrac

Visit https://securityweekly.com/spirionbh to learn more about them!

Visit https://securityweekly.com/tanium to learn more about them!

To see how Vectra can detect attacks in SaaS like Office 365, please visit: https://www.vectra.ai/o365

Visit https://www.securityweekly.com/esw for all the latest episodes!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. ThreatConnect, Auth0 Bot Detection, & Thycotic Identity Bridge – ESW #195

ThreatConnect Integrates with Microsoft Graph Security API to Strengthen Security Automation, Sectigo unveils Sectigo Quantum Labs to help orgs prepare for quantum computers, Trend Micro to offer comprehensive network and endpoint protection for IoT and 5G private networks, Thycotic Releases Thycotic Identity Bridge, and more!

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

John Strand
John Strand
Founder; Security Professional at Black Hills Information Security
Matt Alderman
Matt Alderman
VP, Product at Living Security

2. SWVHSC: Micro-Interview – Tanium & Vectra – Anton Chuvakin, Chris Morales, Matt Hastings – ESW #195

Matt and Anton will discuss the new integration between Tanium and Chronicle, designed for distributed IT in a remote-work world. The two will explore some of the unique challenges that security teams are facing in light of this change. They will also provide details on the new integrations, which combines comprehensive endpoint telemetry from Tanium with Chronicle s cloud-scale analytics to inform threat hunting and investigations with one year of recorded endpoint activity. This is just the beginning of the partnership between Google Cloud and Tanium. Check out the blog post on Tanium's website to learn more about the future of the partnership and what it means for security. This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!

Risk remains the top concern for organizations adopting software-as-a-service (SaaS) models and this is an issue that is only getting worse. What is needed today is the ability to remove the dependency on human behavior and human error, bringing control back to the security team. Risk in a SaaS environment is largely an identity problem. Specifically, it is a misuse of identity and the privilege access granted to that identity. Before implementing any SaaS platform, you must consider how much access is really being granted in the cloud. More importantly, how is that privilege access being used? This segment is sponsored by Vectra. Visit https://www.vectra.ai/o365 to learn more about them! To see how Vectra can detect attacks in SaaS like Office 365, please visit: https://www.vectra.ai/o365

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Guests

Anton Chuvakin
Anton Chuvakin
Head of Solutions Strategy at Google Cloud

Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. He is an author of books “Security Warrior”, “Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management” and “PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance” (book website) and a contributor to “Know Your Enemy II”, “Information Security Management Handbook” and other books.

Chris Morales
Chris Morales
Principal Security Advisor at Vectra AI

Chris Morales is Principal Security Advisor at Vectra AI, where he advises and designs incident response and threat management programs for Fortune 500 enterprise clients. He has two decades of information security experience in an array of cybersecurity consulting, sales, and research roles. Christopher is a widely respected expert on cybersecurity issues and technologies and has researched, written and presented numerous information security architecture programs and processes.

Matt Hastings
Matt Hastings
Senior Director, Product Management at Tanium

Matt Hastings is a Senior Director of Product at Tanium. He has over a decade of experience in incident response, forensic analysis, and penetration testing with companies including Madiant (FireEye), where he worked with Fortune 500 companies, government agencies, and global organizations to investigate and respond to incidents and implement security controls. Matt also regularly lectures on incident response and forensic analysis for corporate groups and security conferences, including: Black Hat USA, Black Hat Asia, DerbyCon, DEFCON, BruCON, CounterMeasure, and BSides.

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

3. SWVHSC: Micro-Interview – Plextrac & Spirion – Dan DeCloss, Gabe Gumbs – ESW #195

The concept of purple teaming needs to be expanded to incorporate a culture of collaboration across all proactive and reactive activities within enterprise cybersecurity programs. Learn how PlexTrac can aid in all thing purple teaming and drive to the security posture forward for all. This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! To get one month free, visit: https://securityweekly.com/plextrac

Are security operations teams prepared to respond to privacy threats? Although you can achieve security without privacy, namely keeping information safeguarded from those that should not have access, you can not keep data private without security. How can we address this challenge? This segment is sponsored by Spirion. Visit https://securityweekly.com/spirionbh to learn more about them!

Guests

Dan DeCloss
Dan DeCloss
Founder / CEO & President at PlexTrac

Dan has over 15 years of experience in cybersecurity. Dan started his career in the Department of Defense and then moved on to consulting where he worked for various companies. Prior to PlexTrac, Dan was the Director of Cybersecurity for Scentsy where he and his team built the security program out of its infancy into a best-in-class program. Dan has a master’s degree in Computer Science from the Naval Postgraduate School with an emphasis in Information Security. Additionally, Dan holds the OSCP and CISSP certifications.

Gabe Gumbs
Gabe Gumbs
Chief Innovation Officer at Spirion

As Spirion’s Chief Innovation Officer, Gabriel imagines and create technology that pushes data security technology forward in an increasingly complex digital world. Responsible for seeing where data security is going next and ensuring that organizations of all sizes are able to get there. With a 18+ year tenure in CyberSecurity, he has spent most of that time as a security practitioner, aligning security innovations with business objectives for Fortune 100 organizations, today Gabe is responsible for spearheading innovation across the organization through thought and product leadership.

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
prestitial ad