Rainbow Hands – ESW #192
Full Audio
View Show IndexSegments
1. CloudPassage, VMware Cloud, & Portshift K8SHIELD – ESW #192
Attivo Networks EDN enhancements prevent attackers from fingerprinting an endpoint, CloudPassage Expands Cloud Security Capabilities for Docker, Kubernetes, and Container-related Services on AWS, Digital Shadows announces integration with Atlassian Jira, LogRhythm Releases Version 7.5 of NextGen SIEM Platform and New Open Collector Technology, Cloudflare releases Workers Unbound, a secure serverless computing platform, and more!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Hosts
- 1. Fortinet Buys Cloud Security Firm OPAQFortinet has acquired Secure Access Service Edge (SASE) provider OPAQ in a move to add SASE capabilities to the Fortinet Security Platform and Security Fabric architecture. OPAQ brings the cloud-based Zero Trust Network Access (ZTNA) solution to Fortinet's existing SASE offering. The company has focused on security for widely distributed networks and endpoints, including branch offices, remote users, and IoT devices.
- 2. Attivo Networks EDN enhancements prevent attackers from fingerprinting an endpoint – Help Net SecurityUnlike traditional security solutions, these new capabilities proactively redirect suspicious endpoint inbound or outbound traffic to decoys for attacker engagement. The new EDN Deflect functionality provides alerts to unauthorized host and service scanning, which is critical because other security controls typically do not generate an alert for these types of activities.
- 3. Risk Assessment Company CyCognito Raises $30 Million
- 4. CloudPassage Expands Cloud Security Capabilities for Docker, Kubernetes, and Container-related Services on AWS
- 5. Attivo Networks integrates with FireEye for advanced threat protection
- 6. Tanium Brings Intelligence to the Edge with Zero Infrastructure Endpoint Management and Security
- 7. VMware Cloud on AWS drives app modernization, business continuity and better cloud economics – Help Net SecurityThese new offerings include the new Amazon Elastic Compute Cloud (Amazon EC2) i3en instances that can deliver nearly 50% lower cost per GB of raw storage, a 2-host SDDC configuration that lowers the entry price for production environments by 33%, and a new multi-tenant cloud management service that enables partners to support 5-10x more customers with no additional upfront costs, while enabling smaller organizations to purchase VMware Cloud on AWS on a per VM rather than per host basis.
- 8. Portshift unveils new K8SHIELD Framework and introduces context aware security policy enablement – Help Net Security
- 9. Sequitur Labs Launches EmSPARK 2.0 Security
- 10. Artificial Intelligence Cybersecurity Company CalypsoAI Announces $13 Million in Series A Funding
- 11. Digital Shadows announces integration with Atlassian Jira
- 12. LogRhythm Releases Version 7.5 of NextGen SIEM Platform and New Open Collector TechnologyNeat: Quickly onboard Cloud services: While customers can choose to manually create and customise collection interfaces if desired, Open Collector also provides several premade Beats. This allows analysts to onboard many popular cloud services with minimal administration work. Out-of-the-box Beats include those for Google G Suite, AWS S3, Event Hub and Sophos.
- 13. Attivo Networks Announces Endpoint Capabilities that Catch Attackers at Hello
- 14. RiskSense platform now provides visibility across both infrastructure and application vulnerability risk – Help Net Security
- 15. Sysdig Cuts Container and Kubernetes Visibility and Security Onboarding to 5 Minutes
- 16. Aqua Security Unveils New Platform to Secure the Build, Infrastructure, and Workloads of Cloud Native ApplicationsAuto-Remediation of many common weaknesses in configuration, in addition to remediation advice that can be applied manually, Additional public cloud support is now generally available for Google Cloud Platform (GCP) and Oracle Cloud, Infrastructure as Code (IaC) scanning of Terraform and AWS CloudFormation to find weaknesses in deployment templates
- 17. Dragos and Fortinet partner to broaden cybersecurity across industrial networksDragos announced that through a partnership with Fortinet it has released an initial integration of the Dragos Platform with FortiSIEM, giving cyber defenders at industrial organizations a unified view of threats and events across the converged enterprise IT and industrial OT (operational technology) environment. Threats detected on OT networks via the Dragos Platform can now be visualized in FortiSIEM.
- 18. Cloudflare releases Workers Unbound, a secure serverless computing platform"Cloudflare announced the release of Cloudflare Workers Unbound, offering a serverless platform for developers with unparalleled flexibility, performance, security, ease of use, and pricing." - So priced cheap, fast, secure AND easy to use? I don't believe it..
- 19. Sysdig Secure DevOps Platform offers onboarding, out-of-the-box dashboards and integrations – Help Net Security
- 20. Amazon Fraud Detector: Use machine learning in the fight against online fraud – Help Net Security
2. A New Paradigm: Immutable Security – Om Moolchandani – ESW #192
Learn about a new paradigm dubbed immutable security. What is immutable security? Why has it become more important than before? Infrastructure is being build and deployed with code, hence we can use this to our advantage and build security in from the start as we've always intended! This segment is sponsored by Accurics.
Visit https://securityweekly.com/accurics to learn more!
Announcements
Security Weekly is an official media partner for Virtual BlackHat 2020! To register and save $200, visit https://securityweekly.com/summercamp2020 and click the register button. Discount code: "20SecWeekbh" Alongside Virtual BlackHat, we will be running our conference micro-interviews, you guessed it, virtually, in an event called Security Weekly Virtual Hacker Summer Camp, August 3 - August 6, 2020. Options, pricing and availability are all listed on the same page! Reserve your slot now to get your message out to BlackHat attendees!
Guest
Om is co-founder and Chief Technology Officer at Accurics where he sets the technology strategy for the company. Prior to Accurics, Om was Chief Security Officer at AutoGrid, leading cloud security for its Energy SaaS cloud. Om was also head of cybersecurity for General Electric’s Industrial Cloud and Edge platform, Predix. He built edge, cloud and ICS cybersecurity products to protect critical infrastructure and industrial clouds. Om is an inventor at heart and has been a key contributor to multiple technology startups including CipherCloud where he architected the world’s first Cloud Access Security Broker (CASB ) product. Om holds a Masters and a Bachelors in Computer Applications from University of Technology in India, a specialization in Business Strategy from Harvard, and a specialization in IoT Business from MIT-Sloan. He also holds several specializations in cybersecurity and is a lifetime member of ISACA.
Hosts
3. Compliance & Fraud Prevention in FinTech – Neira Jones – ESW #192
Neira Jones discusses how financial services deals with PCI-DSS, other compliance standards, fraud and cyber crime.
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Guest
Neira advises organisations of all sizes on payments, fintech, regtech, cybercrime, information security, regulations (e.g. PSD2, GDPR, AML) and digital innovation. More than 20 years in financial services and technology made her believe in change through innovation and partnerships. She always strives to demystify the hype surrounding current issues and also enjoys her work as an expert witness, as well as cybersecurity due diligence on M&As. Neira likes engaging on social media and regularly addresses global audiences as a keynote speaker or chair person.
Hosts
