Pyramid of Pain – ESW #186
Full Audio
View Show IndexSegments
1. Dragos, AttackIQ, Cortex XSOAR, & SureCloud – ESW #186
SureCloud Launches Cyber Resilience Assessment Solution, Blackpoint Cyber launches 365 Defense - a Microsoft 365 security add-on for its MDR service, Endace and Palo Alto Networks Cortex XSOAR enable accelerated forensics of cyberthreats, Zscaler acquires Edgewise Networks, WatchGuard Technologies Completes Acquisition of Panda Security, and more!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Layer 8 is Going Virtual! The conference will still be held on Saturday June 6th. Security Weekly listeners save $20 on their ticket by visiting layer8conference.com and using the promo code "SecurityWeekly" before selecting your ticket type! Please consider supporting Layer8 or one of their partner organizations when purchasing your ticket! Some of the Security Weekly team will be in our own channel on the Layer8 Discord server answering questions and possibly doing some contests!
Hosts
2. Unraveling Your Software Bill of Materials – Alyssa Miller – ESW #186
Whether you are deploying your own software or someone else's software, there are a chain of dependencies that likely includes vulnerabilities. From the base OS image, to utilities, to frameworks and app servers, to language specific libraries, all can contain vulnerabilities. Not only can they contain vulnerabilities, but the chain of dependencies can carry vulnerabilities as well. Learn how to combat this problem in this segment!
To learn more about Snyk, visit: https://securityweekly.com/snyk
Sponsored By
Announcements
Join us at InfoSecWorld 2020 - June 22nd-24th now a fully virtual event! Security Weekly listeners save 15% off the InfoSec World Main Conference or World Pass! Visit securityweekly.com/ISW2020, click the register button to register with our discount code!
Guest
Alyssa Miller, Business Information Security Officer (BISO) for S&P Global, directs the security strategy for the Ratings division, connecting corporate security objectives to business initiatives. She blends a unique mix of technical expertise and executive presence to bridge the gap that can often form between security practitioners and business leaders. Her goal is to change how we look at the security of our interconnected way of life and focus attention on defending privacy and cultivating trust.
A life-long hacker, Alyssa has a passion for technology and security. She bought her first computer herself at age 12 and quickly learned techniques for hacking modem communications and software. Her serendipitous career journey began as a software developer which enabled her to pivot into security roles. Beginning as a penetration tester, her last 15 years have seen her grow as a security leader with experience across a variety of organizations. She regularly advocates for improved security practices and shares her research with business leaders and industry audiences through her international public speaking engagements, online content, and other media appearances.
Hosts
3. Security Chaos Engineering – Aaron Rinehart, Casey Rosenthal – ESW #186
Co-Founder and CEO Casey Rosenthal and Co-Founder and CTO Aaron Rinehart of Verica join us today to talk Chaos Engineering and Security, Continuous Integration, Delivery, Verification, and more!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Guests
Aaron has been expanding the possibilities of Chaos Engineering in its application to other safety- critical portions of the IT domain notably cybersecurity. He began pioneering the application of Security in Chaos Engineering during his tenure as the Chief Security Architect at the largest private healthcare company in the world, UnitedHealth Group (UHG). While at UHG Aaron released ChaoSlingr, one of the first open source software releases focused on using Chaos Engineering in cybersecurity to build more resilient systems. Aaron recently founded a Chaos Engineering startup called Verica with Casey Rosenthal from Netflix and is a frequent author, consultant and speaker in the space.
Casey Rosenthal is CEO and cofounder of Verica; formerly the Engineering Manager of the Chaos Engineering Team at Netflix. He has experience with distributed systems, artificial intelligence, translating novel algorithms and academia into working models, and selling a vision of the possible to clients and colleagues alike. His superpower is transforming misaligned teams into high performance teams, and his personal mission is to help people see that something different, something better, is possible. For fun, he models human behavior using personality profiles in Ruby, Erlang, Elixir, and Prolog.
Hosts
