Snake Oil – ESW #195
This week, first we talk Enterprise News, discussing how ThreatConnect Integrates with Microsoft Graph Security API to Strengthen Security Automation, Sectigo unveils Sectigo Quantum Labs to help orgs prepare for quantum computers, Trend Micro to offer comprehensive network and endpoint protection for IoT and 5G private networks, Thycotic Releases Thycotic Identity Bridge, and more! In our second segment, we air two pre recorded interviews from Security Weekly Virtual Hacker Summer Camp with Chris Morales from Vectra, and Anton Chuvakin from Google Cloud & Matt Hastings from Tanium! In our final segment, we air two more precorded interviews from Virtual Hacker Summer Camp with Dan DeCloss from PlexTrac, and Gabe Gumbs from Spirion!
To get one month free, visit: https://securityweekly.com/plextrac
Visit https://securityweekly.com/spirionbh to learn more about them!
Visit https://securityweekly.com/tanium to learn more about them!
To see how Vectra can detect attacks in SaaS like Office 365, please visit: https://www.vectra.ai/o365
Visit https://www.securityweekly.com/esw for all the latest episodes!
Follow us on Twitter: https://www.twitter.com/securityweekly
Like us on Facebook: https://www.facebook.com/secweekly
Full Audio
Segments
1. ThreatConnect, Auth0 Bot Detection, & Thycotic Identity Bridge – ESW #195
ThreatConnect Integrates with Microsoft Graph Security API to Strengthen Security Automation, Sectigo unveils Sectigo Quantum Labs to help orgs prepare for quantum computers, Trend Micro to offer comprehensive network and endpoint protection for IoT and 5G private networks, Thycotic Releases Thycotic Identity Bridge, and more!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Hosts
- 1. ThreatConnect Integrates with Microsoft Graph Security API to Strengthen Security Automation
- 2. Cyware Raises $10M in Series A Funding
- 3. What s New in Kubernetes 1.19? New Features and Updates
- 4. Getting the Most Out of Threat Intelligence Ingestion
- 5. Sectigo unveils Sectigo Quantum Labs to help orgs prepare for quantum computers – Help Net Security
- 6. Styra now enables highly regulated industries to take advantage of cloud-native authorization policy – Help Net Security
- 7. Mogo provides free access to MogoProtect to help understand and combat identity fraud – Help Net Security
- 8. Trend Micro to offer comprehensive network and endpoint protection for IoT and 5G private networks – Help Net Security
- 9. Auth0 Bot Detection: A security feature that reduces the effectiveness of a credential stuffing attack – Help Net Security
- 10. Cyware raises $10m funding to transform cybersecurity ecosystem
- 11. Cybersecurity Platform Company Keeper Security Raises $60 Million
- 12. Thycotic Releases Thycotic Identity Bridge
- 13. Forcepoint Delivers Global Enterprises New Remote Browser Isolation Solution Powered by Ericom
2. SWVHSC: Micro-Interview – Tanium & Vectra – Anton Chuvakin, Chris Morales, Matt Hastings – ESW #195
Matt and Anton will discuss the new integration between Tanium and Chronicle, designed for distributed IT in a remote-work world. The two will explore some of the unique challenges that security teams are facing in light of this change. They will also provide details on the new integrations, which combines comprehensive endpoint telemetry from Tanium with Chronicle s cloud-scale analytics to inform threat hunting and investigations with one year of recorded endpoint activity. This is just the beginning of the partnership between Google Cloud and Tanium. Check out the blog post on Tanium's website to learn more about the future of the partnership and what it means for security. This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more about them!
Risk remains the top concern for organizations adopting software-as-a-service (SaaS) models and this is an issue that is only getting worse. What is needed today is the ability to remove the dependency on human behavior and human error, bringing control back to the security team. Risk in a SaaS environment is largely an identity problem. Specifically, it is a misuse of identity and the privilege access granted to that identity. Before implementing any SaaS platform, you must consider how much access is really being granted in the cloud. More importantly, how is that privilege access being used? This segment is sponsored by Vectra. Visit https://www.vectra.ai/o365 to learn more about them! To see how Vectra can detect attacks in SaaS like Office 365, please visit: https://www.vectra.ai/o365
Announcements
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Guests
Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. He is an author of books “Security Warrior”, “Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management” and “PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance” (book website) and a contributor to “Know Your Enemy II”, “Information Security Management Handbook” and other books.
Chris Morales is Principal Security Advisor at Vectra AI, where he advises and designs incident response and threat management programs for Fortune 500 enterprise clients. He has two decades of information security experience in an array of cybersecurity consulting, sales, and research roles. Christopher is a widely respected expert on cybersecurity issues and technologies and has researched, written and presented numerous information security architecture programs and processes.
Matt Hastings is a Senior Director of Product at Tanium. He has over a decade of experience in incident response, forensic analysis, and penetration testing with companies including Madiant (FireEye), where he worked with Fortune 500 companies, government agencies, and global organizations to investigate and respond to incidents and implement security controls. Matt also regularly lectures on incident response and forensic analysis for corporate groups and security conferences, including: Black Hat USA, Black Hat Asia, DerbyCon, DEFCON, BruCON, CounterMeasure, and BSides.
Host
3. SWVHSC: Micro-Interview – Plextrac & Spirion – Dan DeCloss, Gabe Gumbs – ESW #195
The concept of purple teaming needs to be expanded to incorporate a culture of collaboration across all proactive and reactive activities within enterprise cybersecurity programs. Learn how PlexTrac can aid in all thing purple teaming and drive to the security posture forward for all. This segment is sponsored by PlexTrac. Visit https://securityweekly.com/plextrac to learn more about them! To get one month free, visit: https://securityweekly.com/plextrac
Are security operations teams prepared to respond to privacy threats? Although you can achieve security without privacy, namely keeping information safeguarded from those that should not have access, you can not keep data private without security. How can we address this challenge? This segment is sponsored by Spirion. Visit https://securityweekly.com/spirionbh to learn more about them!
Guests
Dan has over 15 years of experience in cybersecurity. Dan started his career in the Department of Defense and then moved on to consulting where he worked for various companies. Prior to PlexTrac, Dan was the Director of Cybersecurity for Scentsy where he and his team built the security program out of its infancy into a best-in-class program. Dan has a master’s degree in Computer Science from the Naval Postgraduate School with an emphasis in Information Security. Additionally, Dan holds the OSCP and CISSP certifications.
As Spirion’s Chief Innovation Officer, Gabriel imagines and create technology that pushes data security technology forward in an increasingly complex digital world. Responsible for seeing where data security is going next and ensuring that organizations of all sizes are able to get there. With a 18+ year tenure in CyberSecurity, he has spent most of that time as a security practitioner, aligning security innovations with business objectives for Fortune 100 organizations, today Gabe is responsible for spearheading innovation across the organization through thought and product leadership.
Host
