Malware, Vulnerability management

IBM Acquires Randori, Quantum Devices, Microsoft Defender, & RapidFort – ESW #278

Then, in the enterprise security news, CyberInt raises $28M for attack surface detection, RapidFort raises $8.5M for… pre-attack surface detection?

Managing and monitoring your quantum devices?

Making sure you don’t lose access to your crypto wallets, IBM acquires Randori, Contrast Security makes some of their tools free, Rumble adds more interesting new features, Microsoft Defender for everyone, and more!

Full episode and show notes

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Hosts

Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
  1. 1. FUNDING: Cyberint raises $28 million to help organizations gain visibility into external risk exposure
  2. 2. FUNDING: RevealSecurity Raises $23M - Sounding a lot like CASBv2 from the descriptions - detecting insider threat in SaaS, etc.
  3. 3. FUNDING: Attack surface management platform RapidFort raises $8.5M – TechCrunch - RapidFort is NOT an attack surface management platform. At least, not according to the current definition of this term. When you say "ASM" these days, the term invokes thoughts of scanners that discover abandoned, vulnerable assets exposed to the public Internet. But instead of finding existing security/tech debt, Rapidfort interestingly attempts to avoid sending it out there in the first place, by filtering out unnecessary and vulnerable components BEFORE they're put into production.
  4. 4. FUNDING: Quickpass Cybersecurity Raises $7 Million to Secure MSPs and Automate Helpdesk Security
  5. 5. FUNDING: evolutionQ News Release June 13, 2022 – evolutionQ Secures US$5.5 Million in Series A Funding for Global Expansion - "The quantum-safe software allows organizations building a network based on Quantum Key Distribution devices to easily deploy and cost-effectively manage quantum technologies throughout their network." Huh?
  6. 6. FUNDING: Firmware Supply Chain Company Binarly Raises $3.6 Million from WestWave Capital, Acrobator Ventures - Does Eclypsium have competition??
  7. 7. FUNDING: Kriptos Raises US$3.1 Million To Address Sensitive Data Breach - I don't think this translated well. Bi-lingual California-based Kriptos discovers and classifies data, but from this title, it sounds like they just needed money to pay for a breach! Data security is definitely back, and it will be interesting to see what early adopters say - is Data Security 2.0 better at DLP/classification than the original round of products in this space?
  8. 8. FUNDING: Bunkyr raises over $1M to bring frictionless security to developers and end users • Bunkyr - Two things caught my attention here: 1. As I've previously mentioned, cryptocurrency and especially hardware (cold) wallets are a challenge for the average consumer and it's painful to see all the folks losing thousands or tens of thousands of dollars to a forgotten pin or passphrase. Even Joe Grand is running a company that attempts to recover wallets now. 2. Though this company's primary focus is ensuring cold wallet owners never lose access, they manage to completely avoid mentioning cryptocurrency or wallets in the press release. I don't think it's a coincidence, but it still leaves me wondering what they're worried about.
  9. 9. ACQUISITIONS: IBM bolsters cyber security offerings with Randori acquisition
  10. 10. ACQUIHIRE: Darkbit Founders Join Aqua Security to Bolster Cloud Native Security Expertise - Both of Darkbit's founders join Aqua. They're not calling it an acquisition, so we won't either.
  11. 11. PARTNERSHIPS: We’ve joined the FIDO Alliance to build a better future for authentication
  12. 12. NEW PRODUCTS: Jit aims to simplify product security for developers - Not to be confused with git
  13. 13. NEW PRODUCTS: Contrast Security Makes Enterprise-Class Code Security Testing Tools Available to All Developers for Free - Free code scanning!
  14. 14. NEW PRODUCTS: SafeBreach Unveils SafeBreach Studio
  15. 15. NEW FEATURES: Noname Security Launches Most Advanced Global API Security Solution on the Market Delivering Greater Scalability and Performance
  16. 16. NEW FEATURES: Rumble 2.14: Sync assets, software, and vulnerability data from Tenable, run external discovery from our cloud, and extend your Microsoft Azure coverage - Rumble continues to impress and now has a large number of integrations that pull additional asset data and enrichment data into Rumble. List of integrations here: https://www.rumble.run/docs/integrations/
  17. 17. NEW PRODUCT: AnoMark - An interesting open source product that baselines (trains a model) on what's normal in your environment and can then alert when abnormal command-line parameters are used.
  18. 18. NEW PRODUCT: Microsoft Defender launches on Windows, macOS, iOS, and Android - Defender is now cross platform!
  19. 19. RECOMMENDED READING: The Tar Pit of CSPM – Chris Farris
  20. 20. RECOMMENDED READING: The Philosphy of Prevention – Chris Farris
  21. 21. TRENDS: Israel’s most overvalued cybersecurity startups exposed – report - The market correction heats up in InfoSec as Globes spills the tea on valuation multiples for some of the largest unicorns in security.
  22. 22. RESEARCH: Password policies of most top websites fail to follow best practices - Could it be that MFA has made password requirements complacent, or are tech companies neglecting security and their customers?
  23. 23. SQUIRREL: How Git Came to Be - https://twitter.com/swyx/status/1536832603411451905?t=NQ5XXCXUvYC9a5bC04cbyQ&s=09
Katie Teitler
Katie Teitler
Senior Security Strategist at Axonius
Tyler Shields
Tyler Shields
CMO at JupiterOne
prestitial ad