Cloud security, Identity and access, Vulnerability management

‘Selfie Biometrics’, NetWitness, Okta, & Jetstack Secure – ESW #216

A new Open-source tool helps discover public Azure blobs, A New Eclypsium Integration with Kenna.VM, Armis Raises $125 Million, Okta launches its new open-source design system, Enterprise selfie biometrics solutions from Ping Identity, Bitglass announces technical integrations between SD-WAN providers and its SASE offering, Cisco AppDynamics strengthens security posture, RSA NetWitness Detect AI claims to provide advanced analytics for actionable threat detection, Jetstack Secure delivers protection and visibility of machine identities, Obsidian SaaS security solution now available on AWS Marketplace, and SentinelOne Acquires Scalyr, & more!

Full episode and show notes

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

  • Join us June 29th for a webcast with Tyler Robinson and Beau Bullock to learn how to pivot into the world of Crypto security. Visit https://securityweekly.com/webcasts to register with only your name and email! Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
  1. 1. Open-source tool BlobHunter helps pinpoint public Azure blobs that might contain sensitive files - "The result of their research was dishearthening – they found some 2.5 million records and files that included personally identifiable information (PII), 2,300 files related to individuals’ health status, 2,000 files containing financial information, one million invoice files, half a million log files, as well as files containing encryption and firmware keys, SSH, SSL VPN, SMTP and MySQL usernames and passwords, and more."
  2. 2. Customer Demand Drives New Eclypsium Integration with Kenna.VM - "The integration enables Eclypsium firmware security data to be imported into Kenna.VM, where it is combined with real-world threat and exploit intelligence and advanced data science to determine which vulnerabilities pose the highest risk and which can be deprioritized."
  3. 3. Cybersecurity Company Armis Raises $125 Million At A $2 Billion Valuation - "Israeli cybersecurity company Armis has announced the closing of a $125 million financing round led by Brookfield Asset Management at a company valuation of $2 billion. This latest financing round comes a year after US venture capital firm Insight Partners acquired control of Armis for almost half the current valuation - $1.1 billion."
  4. 4. Okta launches its new open-source design system with a focus on accessibility - "Identity and access management service Okta today launched its new design system, both for its own corporate and brand use, but also as an open-source project under the Apache 2.0 license. The Odyssey Design System, as the company calls it, is similar to the likes of Google’s Material Design or Microsoft’s Fluent Design. It may not have quite the same number of features, but what makes it stand out is a focus on accessibility, with every element of the design system being compliant with the W3’s Web Content Accessibility Guidelines."
  5. 5. Enterprise selfie biometrics solutions from Ping Identity, Ipsidy-LoginID partnership launched - "The new PingOne Verify cloud service validates a government-issued ID and matches it to a selfie with facial recognition and biometric liveness detection to strengthen fraud prevention without adding unnecessary friction into the process."
  6. 6. Bitglass announces technical integrations between SD-WAN providers and its SASE offering - "This enables any organization to integrate its existing SD-WAN fabric with the leading SASE platform from Bitglass. Traffic destined for the web, the cloud, and even on-premises resources can automatically be routed to Bitglass for real-time security enforcement. This stands in stark contrast to competing SASE offerings which integrate with a limited set of SD-WAN solutions. These alternatives then require security teams to build and maintain complex, resource-intensive integrations."
  7. 7. Cisco AppDynamics strengthens security posture while achieving peak app performance - I want to believe, I really do: "Built natively into the AppDynamics platform, users benefit from reduced alert fatigue, real-time threat detection, and automatic breach prevention. "
  8. 8. RSA NetWitness Detect AI provides advanced analytics for actionable threat detection - I really want to believe this too: "RSA NetWitness Detect AI applies cloud-scale processing for behavior analytics and uses unsupervised machine-learning to detect and respond to threats without manual oversight. The all-new SaaS solution provides high-fidelity, actionable insights on data captured by the RSA NetWitness Platform that empowers security teams to find, prioritize, and resolve threats faster and more efficiently." But, like, I really don't believe it until I see it...
  9. 9. Jetstack Secure delivers protection and visibility of machine identities to cloud native platforms - Sounds hot: "Jetstack Secure delivers comprehensive protection and full visibility of machine identities to cloud-native platform and security teams, including public trusted certificates for ingress TLS, as well as private certificates for internal workloads using mTLS across a service mesh."
  10. 10. Obsidian SaaS security solution now available on AWS Marketplace - This team is great, I hope they are doing this and kicking butt in the market: "Obsidian protects against account compromise, insider threats, access misuse, data leaks, excessive privileges and weak posture in SaaS applications with its cloud detection and response platform."
  11. 11. SentinelOne Acquires Scalyr to Revolutionize XDR and Security Analytics - Bold claims: "the autonomous cybersecurity platform company, today announced the acquisition of Scalyr, a leading cloud-native, cloud-scale data analytics platform. With this acquisition, SentinelOne will be able to ingest, correlate, search, and action data from any source, delivering the industry’s most advanced integrated XDR platform for realtime threat mitigation across the enterprise and cloud."
Adrian Sanabria
Adrian Sanabria
Director of Product Management at Tenchi Security
Tyler Shields
Tyler Shields
CMO at JupiterOne
prestitial ad