In the Enterprise News, Paul and Matt cover new InfoSec products of the week, CyberArk's new JIT access capabilities, a Micro patch that simulates a workaround for the recent zero-day IE flaw, easier and faster AD rollback and recovery with STEALTHbits StealthRECOVER, automating protection from advanced threats with the new Kaspersky Sandbox, compromised credentials monitoring with FlashPoint, and some funding and acquisition updates from Security Compass, Sysdig, Waterfall Security, ServiceNow, and FireEye!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects - Help Net Security - If I still had to support Windows 7, I'd consider this: Since the February Patch Tuesday is quite a while away and since Windows 7 and Windows Server 2008 R2 users without Extended Security Updates might not get the patch at all, ACROS Security decided to provide a micropatch that simulates the offered workaround (restricts access to the vulnerable JScript.dll) without its negative side effects (reduced functionality for components or features that rely on that particular .dll).
New Kaspersky Sandbox automates protection from advanced threats - According to a Kaspersky survey of IT decision-makers, 47% of SMBs and 51% of enterprises say that it is becoming more difficult to differentiate between generic and advanced attacks. This means security analysts have to spend time evaluating numerous suspicious files instead of focusing on investigating, and responding to, the most critical threats. This could be even more challenging, as larger SMBs and small enterprises face an IT security talent shortage, so all the responsibilities of managing security fall on the shoulders of IT departments. While true, but not all sandboxes are the same...I'd look at some of the smaller startups, like Intezer or VMRay, but would also consider some of the free ones as well.
ServiceNow to Acquire Loom Systems - With Loom Systems, ServiceNow will increase customers’ ability to apply AI to their knowledge base of issues and fixes for better insights into root causes and allow them to automate remediation tasks, reducing the number of Level 1 IT incidents. - I believe this is a valid use of AI/machine learning, plenty of data to "learn" from, or at least model and automate decisions and remediation processes. This is important for enterprise SOCs. I'd also look at Siemplify for this as well.
[caption id="attachment_210" align="alignleft" width="120"] Matt Alderman - CEO[/caption]
[caption id="attachment_210" align="alignleft" width="120"] Paul Asadoorian - Founder & CTO[/caption]
Our next webcast is February 13th with Sri Sundaralingam, Vice President, Product and Solutions Marketing at ExtraHop where we will discuss Cloud Native Network Detection and Response! Register for our upcoming webcasts by visiting securityweekly.com, selecting the webcast drop down from the top menu bar and clicking registration.
Join us at InfoSecWorld 2020 - March 30 - April 1, 2020 at the Disney Contemporary Resort! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020 and click the register button to register with our discount code!
Attend RSA Conference 2020, February 24-28 and join thousands of security professionals, forward-thinking innovators and solution providers for five days of actionable learning, inspiring conversation and breakthrough ideas. Register before January 24 and save $900 on a Full Conference Pass. Save an extra $150 by going to securityweekly.com/rsac2020 and using our code to register!