Third-party risk

Minerva, Rapid7, & Venafi – Enterprise Security Weekly #119

December 13, 2018
NopSec announces the latest release of its flagship product, Minerva Labs Anti-Evasion Platform achieves VMware ready status, SecurityScorecard announces partnership with cybernance to drive holistic view of cyber risk across the enterprise, and we have some acquisition and funding updates from Venafi, WhiteFox, and Pindrop!

Enterprise News

  1. How can businesses get the most out of pentesting? - The basic list.
    1. I did a briefing with XM Cyber
  2. Venafi Secures $100M Financing Round Led by TCV
  3. WhiteFox Defense lands $12 million as the demand for drone defense technologies intensifies - We covered a cool story on Hack Naked News about drones and their use to drop off contraband in prisons.
  4. Pindrop raises $90 million for biometric voice authentication
  5. Minerva Labs Anti-Evasion Platform Achieves VMware Ready Status | PR Newswire
  6. SecurityScorecard Announces Partnership with Cybernance to Drive Holistic View of Cyber Risk Across the Enterprise - The SecurityScorecard integration enables Cybernance customers to: Assess Vendor Cybersecurity Posture: View the overall grade and the 10 factor grades of data that comprise a vendor's SecurityScorecard rating along with the number of findings associated with each factor. Prioritize Vendors for Review: Use SecurityScorecard ratings to determine which vendors to prioritize for deeper reviews based on their cybersecurity risk posture. Validate Assessments: Validate or invalidate assessment responses from vendors by leveraging data from SecurityScorecard.
  7. NopSec announces the latest release of its flagship product, Unified VRM | PR Newswire - However, most sources for security data - the US national vulnerability database (NVD), threat intelligence, exploit databases - can be flawed or contain incorrect or irrelevant data, which may lead to inaccurate prioritization decisions. NopSec researchers and data scientists are continuously working together to validate this data and efficacy of the models. Furthermore, Unified VRM's attack simulation capabilities provide the ability to automatically validate vulnerabilities and filter out false positives.
  8. High profile incidents and new technologies drive cybersecurity M&A to record highs - Help Net Security - Interested to also see how this compares to new startups that are getting funding, for every one that gets acquired, a few more spring up as startups in the same space.
  9. Rapid7 Cyber-Exposure Report: Fortune 500 - Some Key findings include: Fortune 500-member organisations, on average, expose a public attack surface of 500 servers/devices, with many companies exposing 2,500 or more systems/devices. Of the appraised Fortune 500 organisations, 330 have weak or non-existent anti-phishing defences (i.e., DMARC) in the public email configuration of their primary email domains. Report is here and does not require registration to download/view. Also, we interviewed Tod Beardsley on Paul's Security Weekly about SONAR and Heisenberg.
  10. Bitdefender Top 10 Cybersecurity Predictions for 2019 - Security Boulevard
  11. Netwrix announces top seven IT security trends for 2019
  12. Claroty Announces Major Enhancements to Market-Leading Industrial Cybersecurity Platform
  13. New cyber security division for independent software testing company - Software Testing News
  14. Sophos Central Integrates Firewall Management to Improve Security
Full Show Notes Visit for all the latest episodes!


[caption id="attachment_210" align="alignleft" width="120"]John Strand John Strand - Founder; Security Professional, Black Hills Information Security.[/caption] [caption id="attachment_210" align="alignleft" width="120"]Paul Asadorian Paul Asadorian - CEO, Security Weekly.[/caption] [audio src="" ]
prestitial ad