Enterprise Security Weekly
SubscribeAddressing Identity-Related Threats in 2024 – Rod Simmons – ESW #353
In this interview, we talk to Rod Simmons, the VP of Product Strategy at Omada. We'll discuss the complex topic of securing identities against ever growing threats. We'll discuss challenges like unnecessary access, accounts with too many permissions, and a threat landscape that is increasingly finding success from targeting identities. Finally, we'll discuss where the Identity Governance and Administration (IGA) market is going.
Segment Resources:
We don't cover a lot of stories in this week's episode, but we go deep on a few important ones. I'm biased, but I think it's a good one, especially having Darwin's input and encyclopedic knowledge available to us.
Also in this week's news:
- Homomorphic encryption pops up again!
- Microsoft Security Copilot has a release date!
- Sudo for Windows
- Microsegmentation pops up again!
- The TikTok Ban
- Darwin's Newsletter: The Cybersecurity Pulse
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Segments
Addressing Identity-Related Threats in 2024 – Rod Simmons – ESW #353
Will AI allow us to finally scale vuln mgmt and threat detection? – ESW #353
What can we do today to prevent tomorrow’s breach? – Michael Mumcuoglu – ESW #352
Defenders spend a lot of time and money procuring and implementing security controls. At the heart of SecOps and the SOC are technologies like XDR, SIEM, and SOAR. How do we know these technologies are going to detect or prevent attacks?
Wait for the annual pen test? Probably not a good idea.
In this segment, we'll talk with Michael Mumcuoglu about how MITRE's ATT&CK framework can help defenders better prepare for inevitable attack TTPs they'll have knocking on their doors.
Segment Resources:
- CardinalOps Contributes to MITRE ATT&CK for Fourth Consecutive Release
- ESG Report: Operationalize MITRE ATT&CK with Detection Posture Management
- Report: Enterprise SIEMs offer inadequate threat detection
- 2023 State of SIEM Detection Risk Report
In the enterprise security news,
- Axonius raises $200M and is doing $100M ARR!
- Claroty raises $100M and is doing $100M ARR!
- Crowdstrike picks up DSPM with Flow Security
- CyCode picks up Bearer
- Are attackers like lawyers?
- How a bank failed (with no help from a cyber attack)
- the FTC cracks down on customer data collection
- Apple’s car sadly won’t be a thing any time soon
- or maybe ever.
All that and more, on this episode of Enterprise Security Weekly.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Segments
What can we do today to prevent tomorrow’s breach? – Michael Mumcuoglu – ESW #352
Early stage startup M&A on fire, funding healthy, and attackers are like lawyers? – ESW #352
Hacktivism Unveiled: Insights into the Footprints of Hacktivists – Pascal Geenens – ESW #351
Pascal Geenens from Radware joins us to discuss the latest research findings relating to hacktivists an other actors using volumetric and other network-based attacks. We'll discuss everything from the current state of DDoS attacks to use in the military and even the impact of cyberattacks on popular culture!
You can find the report Pascal mentions here, on Radware's website: https://www.radware.com/threat-analysis-report/
In this week's news segment, we discuss the lack of funding announcements, and the potential effect RSA could have on the timing of all sorts of press releases. We also discuss 1Password's potential future with its sizable customer base and the $620M it raised a few years back.
Some other topics we discuss:
- NIST CSF 2.0
- insider threats
- Ivanti Pulse Secure's appliance software found to be running positively ancient software (11 year old Linux distro, 5-20+ year old libraries & components)
- Nevada AG trying to get messaging decrypted for children, to "protect them"
- Kelly Shortridge's response to CISA's secure development RFI
- OpenAI's new GenAI video product, Sora and the potential impact it could have on cybersecurity
- Instacart spews out crappy AI recipes and photos
Visit https://www.securityweekly.com/esw for all the latest episodes!
Segments
Hacktivism Unveiled: Insights into the Footprints of Hacktivists – Pascal Geenens – ESW #351
Funding goes quiet while M&A makes some noise! – ESW #351
Threat Intelligence & Threat Hunting – Chris Cochran – ESW Vault
Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 22, 2021.
Chris will discuss the relevance of intelligence and threat hunting today and how they work together. He will also talk about his EASY framework for creating impactful intelligence and its relation to hunting!
Segments
Threat Intelligence & Threat Hunting – Chris Cochran – ESW Vault
Material: cybersecurity word of the year, thanks to the SEC – Amer Deeba – ESW #350
In this segment, featuring guest Amer Deeba, we'll explore how the SEC's new breach reporting rules will affect companies. We've got a ton of questions: What behavior has to change? What additional preparation needs to take place? How does this rule affect data security? How does it affect crisis communications?
And most importantly, when is an incident "material"?
This is almost a special episode on crazy new products. For the first half of the show, we discuss startup funding, market forces, acquisitions - stuff we usually discuss.
Then we get into all the crazy new AI and non-AI products being announced and coming out. Have some disposable cash to pre-order crazy gadgets? This is the episode for you!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Segments
Material: cybersecurity word of the year, thanks to the SEC – Amer Deeba – ESW #350
Pretending to be Batman, self-destructing USB drives, and controlling your dreams – ESW #350
Zero-Trust is Meaningless if Your Cryptography is Flakey – Vincent Berk – ESW #349
Legacy systems are riddled with outdated and unreliable cryptographic standards. So much so that recent proprietary research found 61 percent of the traffic was unencrypted, and up to 80% of encrypted network traffic has some defeatable flaw in its encryption
No longer can enterprises take their cryptography for granted, rarely evaluated or checked.
Knowing when, where and what type of cryptography is used throughout the enterprise and by which applications is critical to your overall security policy, zero-trust approach, and risk management strategy. After all, zero-trust is meaningless if your cryptography isn't working.
Segment Resources: https://www.businesswire.com/news/home/20231030166159/en/Proprietary-Research-from-Quantum-Xchange-Shows-the-Dreadful-State-of-Enterprise-Cryptography
https://www.forbes.com/sites/forbestechcouncil/people/vincentberk/?sh=3d88055852c1
This segment is sponsored by Quantum Xchange. Visit https://securityweekly.com/quantumxchange to learn more about them!
This week, we discussed how a quick (minutes) and cheap ($15 a pop) fake ID service creates VERY convincing IDs that are possibly good enough to fool ID verification services, HR, and a load of other scenarios where it's common to share images of an ID. Kudos to 404Media's work there.
In the security market, we discuss who might be the first cybersecurity unicorn to go public in 2024, Oasis Security and Tenchi's funding rounds, Protect AI's acquisition of Laiyer AI and their FOSS project, LLM Guard. We discussed the seemingly inevitable M&A activity as unfunded security startups NEED to find a sale. Ross Haleliuk had an interesting LinkedIn post that goes deeper on this topic. Finally, we discussed Tyler's observation that Palo Alto Networks did the seemingly impossible - increased their valuation from $19B to over $100B in 5 years, despite having to weather a pandemic and market downturn along the way! Ryan pointed out that PANW joined the S&P 500 somewhere along the way - a watershed moment for them.
We discussed Bluesky and how it's likely too little too late when it comes to building back the community we lost when much of the InfoSec community left Twitter.
We also discussed a cybersecurity training scammer, Daniel Miessler's new Fabric tool, AnyDesk getting hacked, The Real Shim Shady vuln, new (voluntary) cybersecurity goals for healthcare, and the lack of toothbrush-enabled DDoS attacks!
Full show notes here: https://www.scmagazine.com/podcast-episode/3061-enterprise-security-weekly-349
Visit https://www.securityweekly.com/esw for all the latest episodes!
Segments
Zero-Trust is Meaningless if Your Cryptography is Flakey – Vincent Berk – ESW #349
Fake IDs threaten ID verification services, PANW hits $100B valuation, and other news – ESW #349
The Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain – Pete Morgan – ESW #348
We've seen general users targeted with phishing, financial employees targeted for BEC scams, and engineers targeted for access to infrastructure. The truly scary attacks, however, are the indirect ones that are automated. The threats that come in via software updates, or trusted connections with third parties.
The software supply chain is both absolutely essential, and fragile. A single developer pulling a tiny library out of NPM can cause chaos. A popular open source project changing hands could instantly give access to millions of systems. Every day, a new app store or component repository pops up and becomes critical to maintaining infrastructure.
In this interview, we'll chat with Pete Morgan about how these risks can be managed and mitigated.
Segment Resources:
- https://blog.phylum.io/q3-2023-evolution-of-software-supply-chain-security-report/
- https://blog.phylum.io/software-supply-chain-security-research-report-q2-2023/
- https://blog.phylum.io/q1-2023-evolution-of-software-supply-chain-security/
Segment description coming soon!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Segments
The Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain – Pete Morgan – ESW #348
The Internet of Shit, AI Funding, Market Struggles, The Cyber Why, and when to Quit – ESW #348
2024: The Year Cross-Platform Endpoint Management Finally Gets Good? – Zach Wasserman – ESW #347
We interview the co-founder and CTO of Fleet to understand why good, cross platform MDM/EMM has been such a challenge for so many years. Want good Windows device management? You're probably going to compromise on MacOS management. Ditto for Windows if you prioritize your Macs. Want good Linux device management? It doesn't exist.
Hopefully, Fleet can change all that in 2024, as they aim to complete their support for all major platforms, using the open source OSQuery project as their base.
Segment Resources:
- Zach's GitHub
- Zach's Conf42 DevSecOps Presentation on Securing the endpoint with open source software
- GopherCon 2022: Collect First, Ask Questions Later
- Glitches in the Matrix, or Taming Agent Chaos
Oleria, Vicarius, and Secret Double Octopus raise funding (NOTE: Secret Double Octopus is a real company that chose Secret Double Octopus as their name, I’m making none of this up). Rumors about Zscaler’s next 9-digit acquisition, 2 new security vendors and demystifying public cybersecurity companies.
Chrome gets AI features, security teams have TOO much data, and a new threat intel database from Wiz. Is bootstrapping a cybersecurity startup a realistic option? Finally, remember Furbies? NSA’s furby docs just dropped, and they are HILARIOUS. Thanks to Jason Koebler from 404Media for that.
Visit https://www.securityweekly.com/esw for all the latest episodes!
Segments
2024: The Year Cross-Platform Endpoint Management Finally Gets Good? – Zach Wasserman – ESW #347
Secret Double Octopus, Furbies, and Too Much Data! – ESW #347
Creating Trust in Biometric Authentication for Identity Verification – Sabrina Gross – ESW #346
The general public has varied opinions of biometric authentication, and an increasingly reluctant relationship with it, as more and more facial recognition is forced upon us (especially those of us that travel frequently). Facial recognition doesn't work for everyone, so what other options do we have?
In this interview, we'll explore accessibility in identity verification and the viability of voice-based authentication. How big an issue are AI-powered voice imposters? How will companies like Veridas combat these threats? We'll ask all these questions and more in this ESW interview.
On this segment, we talk a lot about AI, new technologies, and the future from a personal and consumer standpoint. Not a lot of enterprise-relevant stuff in the news today, but consumer products and AI will have a HUGE long-term impact, so that's how we're justifying today's topical focus ;)
Visit https://www.securityweekly.com/esw for all the latest episodes!
Segments
Creating Trust in Biometric Authentication for Identity Verification – Sabrina Gross – ESW #346
Dogs, AI, and Gyrogears (it’s a slow security news week) – ESW #346
GenAI Threats and Concerns, Building a Security Business Around Open Source – Ev Kontsevoy, Greg Notch – ESW #345
GenAI hype is still at peak levels, but clearly some of the hopes and dreams pinned on it will fail, while other use cases we haven't even imagined will become commonplace. Greg Notch joins us to share his thoughts on what security leaders and the general public should be more or less worried about when it comes to GenAI.
Many founders and early stage startups closely guard product details and information about their roadmap and go-to-market plan. Is it a bad idea then to build a company based around an open source project? Not at all, according to Ev Kontsevoy, whose company Teleport has done just that. Building a security vendor around open source isn't a magic formula for success, however, so we'll discuss the pros and cons of this approach.
We'll also discuss best practices for securing infrastructure at scale and Teleport's journey in enabling a different and more secure approach to managing remote infrastructure.
The year kicks off with TWELVE funding announcements and NINE acquisitions! Several new companies have merged, we already have a few dumpster fires burning and there is plenty of AI news to kick off the year.
The annual Consumer Electronics Show gives us previews of the invasive and insecure horrors that will be unleashed upon us this year, New Yorkers get right to repair, and Polish trains don’t. (see the show notes for more)
Finally, we talk Apple Vision Pro, Tetris, and skydiving iPhones.
Visit https://www.securityweekly.com/esw for all the latest episodes!