Securing The Enterprise Software Supply Chain – Harry Sverdlove – PSW #678

December 17, 2020

SolarWinds is just the latest example of how the enterprise software supply chain, when compromised, can be used successfully by attackers. These coordinated and well-managed attacks prey on trust, so how can we trust our enterprise software?

This segment is sponsored by Edgewise Networks.

Visit https://securityweekly.com/edgewise to learn more about them!

Announcements

Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Guest

Harry Sverdlove

Chief Technologist at Zscaler

http://zscaler.com/

Harry Sverdlove, Chief Technologist for Secure Workload Communication, Zscaler, Inc. (formerly Co-Founder and Chief Technology Officer of Edgewise Networks), was previously CTO of Carbon Black, where he was the key driving force behind their endpoint security platform. Earlier in his career, Harry was principal research scientist for McAfee, Inc. (formerly Chief Scientist of SiteAdvisor), where he supervised the architecture of crawlers, spam detectors and link analyzers. Prior to that, Harry was director of engineering at Compuware Corporation (formerly NuMega), and principal architect for Rational Software, where he designed the core automation engine for Rational Robot.

Hosts

Paul Asadoorian

Founder at Security Weekly

0offset

https://securityweekly.com

Jeff Man

Sr. InfoSec Consultant – Online Business Systems at Online Business Sytems

https://www.obsglobal.com/

Joff Thyer

Security Analyst at Black Hills Information Security

https://www.blackhillsinfosec.com/team/joff-thyer/

Larry Pesce

Product Security Research and Analysis Director at Finite State

https://www.finitestate.io/

Lee Neely

Information Assurance APL at Lawrence Livermore National Laboratory

Tyler Robinson

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

trob#6466

http://darkelement.io/

Cloud security

A Light Week, InfoSec Tabletop Gaming, White House CyberSec, & AI Galore! – ESW #308

March 9, 2023

In the enterprise security news, A light week in funding, after last week’s mega raises from Wiz and Sandbox AQ HP acquires some Zero Trust and CASB with Axis Security InfoSec-themed Table Top gaming is really catching on The White House’s updated cybersecurity strategy is more of an update than a game changer I go a bit nuts with AI news and essay...

Security awareness

Zero Trust ≠ Zero Risk: Leveraging Risk Techniques for Zero Trust Acceleration – Ron Woerner – PSW #773

February 15, 2023

Zero Trust is the buzzword of the 2020’s. Vendors are selling it, the US Federal Government is requiring it, and organizations are implementing it, but what does it really mean (I mean really beyond the hype)? In this segment, Paul and Ron will talk ways combat threats through people, process, and technology Zero Trust Risk Management. Segment R...

Zero trust

Advancing Zero Trust Priorities – Ashley Leonard – ESW #305

February 9, 2023

Syxsense and Enterprise Management Associates (EMA) recently teamed up to publish a survey around the current state of Zero Trust within enterprises as well as where it’s going. This interview will discuss the key findings and insights into the challenges many organizations face around Zero Trust, as well as endpoint security and network access. S...