Careers, Leadership

New iboss Features, CVSS Scores, Praetorian GoKart, & Anti Anti-Money Laundering – ESW #239

This week In the Enterprise News, iboss adds features to its Cloud Platform for visibility and control, SailPoint Workflows enable customers to automate security tasks, Digital Shadows launches two premium services streams, Praetorian launches and Open Source security scanner, Tigera addresses demand for security of containers and Kubernetes, API Security 101, CVSS scores, and more!

Full episode and show notes

Announcements

  • In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
  1. 1. Tigera addresses growing demand for security of containers, Kubernetes, and microservices – Help Net Security - I need this single pane of glass, I'm not sure why, but I want it (I think?): "Calico provides automated capabilities to deliver an easy-to-understand and action-oriented view of Kubernetes networking, security and application layer that can be used to quickly resolve performance hotspots and troubleshoot connectivity issues. It provides a single pane of glass across multi-cluster and multi-cloud Kubernetes environments to deploy a standard set of egress access controls, enforce security policies for compliance, and observe and troubleshoot applications."
  2. 2. Baffle raises $20M to secure cloud data – Help Net Security - Oh right, so here's $20 million: "Baffle’s no-code, simple-to-deploy security mesh takes a data-centric approach at cloud scale without a performance impact or changes to applications."
  3. 3. iboss adds new features to its Cloud Platform to give organizations more visibility and control – Help Net Security
  4. 4. SailPoint Workflows enables customers to automate security tasks with no coding required – Help Net Security - "Automate use cases like event-driven certifications and custom approvals through APIs and event triggers, Accelerate innovation with easy drag-and-drop builder through no-code workflow, decreasing runtime and freeing up team power to focus on forward-looking projects, Connect to other SaaS applications, enabling a broad range of capabilities across a company’s technology ecosystem, Integrate into a customer’s cloud environment and SailPoint’s partner network" - This is hard as you have to have the right integrations with the right features and allow the user to tie it all together. I think we're getting closer, however, I also believe you will need people on staff that can write code to make it all work, at least for a while...
  5. 5. CVSS Scores: A Practical Guide for Application - I can't see filling out the CVSS scoring form for each vulnerability in your environment. You really need a tool that will do that for you, based on generalized inputs to the system, or variables that can be inferred or discovered. For example, whether or not an asset is exposed to the Internet, whether or not the vulnerable application is being used and how much and how many instances of it do I have in the environment? I also believe you need a list, or a way to flag certain vulnerabilities, based on external factors, these you just patch. Vulnerabilities in Windows (like the recent string of print spooler vulnerabilities), select VPN appliance vulnerabilities, the recent sudo vulnerability, should just be fast-tracked regardless of CVSS score or environmental factors.
  6. 6. API Security 101: Security Misconfiguration - "Security misconfigurations are a constant threat against both APIs and non-API applications alike." - These often slip through the cracks, because often they are not in the code, but in the configuration. Web server configuration is often overlooked by developers, which is why I'm a huge fan of having a more well-rounded team so you can constantly evaluate security and improve security processes.
  7. 7. Praetorian Launches GoKart – an Open Source Security Scanner for Go - "GoKart puts Go code into single static assignment (SSA) form, structuring every value computed by the program as an assignment to a unique variable. SSA is used in compilers for optimization, and in a security context it helps trace the source of data used as input. Being able to follow data as it flows through a program, weaving in and out of objects and modules, is one of GoKart's primary features, and what makes GoKart so powerful."
  8. 8. Digital Shadows launches two premium professional services streams - "Takedowns-as-a-service is another part of this portfolio – especially for teams that don't have the time or expertise to launch and manage takedowns effectively. With an average of 1,100 impersonating domains registered against them each year, clients can ensure that malicious domains get taken down, and remain taken down. Digital Shadows custom intelligence provides additional threat intelligence tools for specific strategic or tactical requirements. This includes reporting into a VIP's exposure, tactical investigations into a suspicious domain, and deep investigations into an emerging tactic."
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
  1. 1. TOOLS: New Anti Anti-Money Laundering Services for Crooks – Krebs on Security - So normally, when we mention tools, they're for defenders. In this case, this is a tool to help cybercriminals avoid airing their dirty laundry to law enforcement while laundering their criminal proceeds.
  2. 2. MERGER: Norton and Avast are merging into an $8 billion antivirus empire - Close your eyes and imagine this: It's February 2005 and you read the headline: "Hollywood Video and Blockbuster are merging into a video rental empire!". What are your immediate thoughts, given you have 16 years of hindsight on the outcome for both those businesses? The real kicker? The big concern wasn't Netflix, it was whether the FTC would allow it, citing anti-trust concerns! I'm betting the press release definitely won't mention the fact that they're representing the absolute bottom, gutter end of low-margin, discounted, shrinking consumer cybersecurity software. Symantec has been on a rollercoaster - first with the split from Veritas in 2014 when they also combined with Blue Coat and shuffled the exec team. Then, in 2019, the company was split into consumer and enterprise, with the consumer side becoming Norton LifeLock and the enterprise side going to Broadcom, which consumed Computer Associates a while back.
  3. 3. ACQUISITION: Sophos Acquires Refactr to Optimize Managed Threat Response (MTR) and Extended Detection and Response (XDR) with Security Orchestration Automation and Response (SOAR) Capabilities - Pitched as SOAR, but not really competing with the SOAR you're thinking of. This is much more focused on pure DevOps/Cloud-first startup-style environments.
  4. 4. Daniel Miessler joins Robinhood as Head of Vulnerability Management and Application Security - Daniel Miessler is a very visible thought leader in the industry, so it's worth a mention when he starts a new gig. Especially interesting is that he (like many, many others) has been critical of Robinhood in the past, but took down a blog post he wrote last fall. http://web.archive.org/web/20201127174713/https://danielmiessler.com/blog/why-robinhood-is-dangerous-for-new-investors/ Overall, I see it as a positive development and I hope he can have some positive influence and impact on not just the security of the company and product, but on the company's ethics as well.
Tyler Shields
Tyler Shields
CMO at JupiterOne
prestitial ad