Cloud security, Incident response, Threat intelligence

Platform9, Swimlane, SonicWall 0-Days, & Fortinet – ESW #214

This week, in the Enterprise Security News, Platform9 unburdens users from the complexities of Kubernetes, Swimlane Raises $40 Million, SonicWall hacked by zero-days in its own products, Deloitte Buys Root9B, Cygilant and SentinelOne Partnership, Fortinet announces AI-powered XDR, AlgoSec Announced updates to A32, ESET Launches Enhanced Cloud-based Endpoint Security Management, Entrust acquires HyTrust, LogRhythm acquires MistNet, Huntress Acquires EDR Technology From Level Effect, & more!

Full episode and show notes

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
  1. 1. Platform9 unburdens users from the complexities of Kubernetes while ensuring fast adoption - "Platform9 now allows all DevOps teams complete freedom to run multiple versions of managed Kubernetes across staging, production, and development environments. Users can also decide which upgrades and patches to perform and time them at their convenience."
  2. 2. Swimlane Raises $40 Million to Expand SOAR Business - "According to the company, the additional cash injection will be used to accelerate partnerships and alliances, expand research and development, and fuel global expansion. The total amount raised by the company is now $75 million."
  3. 3. SonicWall hit by attackers leveraging zero-day vulnerabilities in its own products? - "There is still no news about the potential zero-day in the SMA 100 Series, but SonicWall let us know that the guidance to disable Virtual Office and the HTTPS administrative interface no longer applies."
  4. 4. Deloitte Buys Cybersecurity Firm Root9B; Deborah Golden Quoted - Root9B has a very weird history, e.g. https://krebsonsecurity.com/2017/11/r-i-p-root9b-we-hardly-knew-ya/ "In mid-June 2015, an anonymous researcher who’d apparently done a rather detailed investigation into root9B’s finances said the company was “a worthless reverse-merger created by insiders with [a] long history of penny-stock wipeouts, fraud allegations, and disaster.”"
  5. 5. Cygilant and SentinelOne Partnership Offers Businesses Automated Cybersecurity for the Endpoint and Cloud
  6. 6. Fortinet announces AI-powered XDR for threat detection, investigation, and response - "FortiXDR is the only solution of its kind to leverage artificial intelligence (AI) for the investigation effort critical to incident response." - Okay, that's a stretch (maybe even a flat out lie). Dear marketing teams, don't do this! "Fortinet says that FortiXDR is AI-powered by a patent-pending Dynamic Control Flow Engine and continually trained by the threat data and research of FortiGuard Labs as well as the frontline expertise of its incident responders. The solution starts by leveraging the diverse security information shared across the Fortinet Security Fabric for correlation and analysis, converting them into high fidelity security incidents."
  7. 7. New A32 launched by AlgoSec - "Enable secure deployment of micro-segmentation in complex hybrid networks A32 automates identifying and mapping of the attributes, flows and rules that support business-critical applications across hybrid networks with the built-in AutoDiscovery capability. This accelerates organizations’ ability to make changes to their applications across the enterprise’s heterogeneous on-premise and cloud platforms, and to troubleshoot network or change management issues - ensuring continuous security and compliance."
  8. 8. ESET Launches Enhanced Cloud-based Endpoint Security Management Solution For Businesses Of All Sizes
  9. 9. Entrust acquires HyTrust to offer identity, encryption and security policy control for cloud environments - "By acquiring HyTrust, Entrust adds a critical management layer for encryption, cryptographic keys, and cloud security policy to its digital security solutions, serving the data protection and compliance needs of organizations accelerating their digital transformations."
  10. 10. LogRhythm acquires MistNet to expand reach in the threat detection space - "The acquisition will allow LogRhythm to deliver intelligent, machine-learning based detection and response capabilities that incorporate network detection, user and entity behavior analytics (UEBA), endpoint detection and response data (EDR), and additional MITRE ATT&CK detections to solve current and emerging security and risk problems."
  11. 11. Huntress Acquires EDR Technology From Level Effect - "As part of the acquisition, Level Effect co-founders Greg Ake and Robert Noeth will join the Huntress team to support the initial integration and ongoing development of the Recon software. Like the founding team at Huntress, both Ake and Noeth have strong backgrounds in the U.S. intelligence community, having worked within the National Security Agency, Air Force and other institutions."
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Shields
Tyler Shields
CMO at JupiterOne
prestitial ad