Incident response, Insider threat, Remote access, Threat intelligence

Threat Hunting Incident Response w/ Google Cloud & Tanium – Anton Chuvakin, Matt Hastings – BH20 #4

August 6, 2020

Matt and Anton will discuss the new integration between Tanium and Chronicle, designed for distributed IT in a remote-work world. The two will explore some of the unique challenges that security teams are facing in light of this change. They will also provide details on the new integrations, which combines comprehensive endpoint telemetry from Tanium with Chronicle’s cloud-scale analytics to inform threat hunting and investigations with one year of recorded endpoint activity.

This is just the beginning of the partnership between Google Cloud and Tanium. Check out the blog post on Tanium's website to learn more about the future of the partnership and what it means for security.

This segment is sponsored by Tanium.

Visit https://securityweekly.com/tanium to learn more about them!

Guests

Anton Chuvakin

Head of Solutions Strategy at Google Cloud

http://google.com/

Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019. Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. He is an author of books “Security Warrior”, “Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management” and “PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance” (book website) and a contributor to “Know Your Enemy II”, “Information Security Management Handbook” and other books.

Matt Hastings

Senior Director, Product Management at Tanium

http://tanium.com/

Matt Hastings is a Senior Director of Product at Tanium. He has over a decade of experience in incident response, forensic analysis, and penetration testing with companies including Madiant (FireEye), where he worked with Fortune 500 companies, government agencies, and global organizations to investigate and respond to incidents and implement security controls. Matt also regularly lectures on incident response and forensic analysis for corporate groups and security conferences, including: Black Hat USA, Black Hat Asia, DerbyCon, DEFCON, BruCON, CounterMeasure, and BSides.

Host

Paul Asadoorian

Founder at Security Weekly

0offset

https://securityweekly.com

Incident response

AI Hires Humans to Solve Captcha, Amazing Drones, & Buzzword Bingo 2023 Edition – ESW #310

March 23, 2023

This week in the Enterprise News: Dope Security nabs $16M led by GV to build out secure web gateways designed to work on endpoints, not in the cloud. We take the mystery out of some recent funding. Microsoft 365's Copilot tries to do your job for you. Mapping failures with decision trees. An AI hires a human to solve a CAPCHA, because it needed hel...

Incident response

Applied Research & the Power of Sustained Thinking – Casey Smith – ESW #309

March 16, 2023

Tap, tap - is this thing on? Why do defenders still struggle to detect attacks and attacker activities? Why do so many tools struggle to detect attacks? Today, we've got an expert on detection engineering to help us answer these questions. Thinkst's Canary and Canarytokens make in catching penetration testers and attackers stupidly simple. Thinkst...

Managed services

MSP = More Security Please? The state of Managed Service Providers – Raffael Marty – ESW #307

March 2, 2023

The MSP space has undergone a lot of changes in the past few decades, with the emphasis on security increasing dramatically in the last 5-10 years. We discuss how ConnectWise, which builds and sells solutions to MSPs, has tackled this challenge. We'll be asking questions both from Raffael's point-of-view, selling to MSPs, but also from the customer...