Sponsored By

Visit https://securityweekly.com/extrahop-rsac for more information!

SolarWinds SUNBURST was a rude awakening for many security teams, and it won’t be the last time security leaders face tough questions about how an adversary evaded defenses and stayed hidden. With advanced threats persisting inside the network for months, security teams need a new plan. In this session, ExtraHop VP, Security Response Services Mark Bowling discusses strategies to detect, investigate, and respond to post-compromise attack activities.

This segment is sponsored by ExtraHop Networks.

Visit https://securityweekly.com/extrahop-rsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Building a Response Strategy to Advanced Threats

Guests

Mark Bowling - Vice President of Security Response Services at ExtraHop

Mark Bowling is Vice President of Security Response Services at ExtraHop. He advises our global customers on risk management and mitigation strategy and helps them respond to complex cybersecurity incidents quickly, thoroughly, and in compliance with regulatory frameworks including GDPR, CCPA, NERC, PCI-DSS, ISO, SEC, and HIPAA. Prior to ExtraHop, Mark spent more than two decades investigating and combating cyber attacks in leadership roles with the FBI and the Department of Education.

Hosts

Adrian Sanabria - Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn't shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Jeff Man - #HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Matt Alderman - Executive Director at CyberRisk Alliance

@maldermania

Strategic Advisor at Automox, security consultant, and wizard of entrepreneurship.

Announcements

Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

Cybersecurity Asset Management

Investment round brings Armis valuation to $3.4B

SC StaffNovember 29, 2021

A $300 million funding round has increased security platform provider Armis’ valuation to $3.4 billion, the company announced Monday.

Cloud security

Funding round secures $38M for Stellar Cyber

SC StaffNovember 23, 2021

Stellar Cyber's Open XDR platform that collates data from networks, clouds, applications, endpoints and other sources provides 360-degree visibility in identifying and responding to attacks, according to the company.

Cloud security

As XDR trend gains steam, new alliance seeks ‘shared schema’ for data exchange

Bradley BarthNovember 19, 2021

CrowdStrike CTO Michael Sentonas addressed the recently announced CrowdXDR Alliance and its goal of providing users with an XDR platform featuring a variety of integrated solutions.

Building a Response Strategy to Advanced Threats – Mark Bowling – ESW #228