Enterprise Security WeeklySubscribe
Cloud Security, Zero trust, Data Security, Security Staff Acquisition & Development, Email security

Love Your Energy – ESW #223

Full Audio

View Show Index

Segments

1. Inbox: Zero Trust – Ryan Noon – ESW #223

Ryan Noon joins ESW team this week to chat through the significance of recent hacks (namely: SolarWinds and Hafnium), unpack growing enterprise demand for a “digital seatbelt,” and illuminate why Material takes a fresh approach to email security: building products with the assumption that bad actors will successfully hack inboxes.

Segment Resources:
https://material.security/blog/email-is-too-important-to-protect-like-a-tsa-checkpoint

https://www.cnbc.com/2021/03/09/microsoft-exchange-hack-explained.html

This segment is sponsored by Material Security.

Visit https://securityweekly.com/materialsecurity to learn more about them!

Sponsored By

Material Security

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

Co-Founder and CEO at Material Security

Ryan Noon is a serial entrepreneur and an expert on cloud security. He is the founder and CEO of Material Security, a company that protects the email of high-risk VIPs and top global organizations. Previously he ran infrastructure teams at Dropbox after it acquired his last company, Parastructure. Before that he helped build a company spun out of Stanford by the Department of Defense. He holds bachelors and masters degrees from Stanford in Computer Science and Computer Security.

Hosts

Principal Researcher at The Defenders Initiative
Principal Security Researcher at Eclypsium
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

2. Hackers Are Targeting Your Firmware. Are You Ready? – John Loucaides – ESW #223

83% of businesses have experienced at least one firmware attack in the past two years - and yet most organizations lack visibility into this attack surface. We'll discuss why hackers are increasingly targeting firmware and what enterprises need to do to detect and prevent these attacks.

Segment Resources: Assessing Enterprise Firmware Security Risk in 2021 - https://eclypsium.com/2021/01/14/assessing-enterprise-firmware-security-risk-in-2021/

https://github.com/chipsec/chipsec

The Top 5 Firmware Attack Vectors - https://eclypsium.com/2018/12/28/the-top-5-firmware-and-hardware-attack-vectors/

Request a demo of the Eclypsium platform - https://eclypsium.com/

This segment is sponsored by Eclypsium.

Visit https://securityweekly.com/eclypsium to learn more about them!

Sponsored By

Eclypsium

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

SVP Strategy at Eclypsium

John has extensive history in hardware and firmware threats from experience at Intel and the United States government. At Intel he served as the Director of Advanced Threat Research, Platform Armoring and Resiliency, PSIRT, and was a CHIPSEC maintainer. Prior to this, he was Technical Team Lead for Specialized Platforms for the US government.

Hosts

Principal Researcher at The Defenders Initiative
Principal Security Researcher at Eclypsium
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

3. Cybersecurity Unicorns, LogRhythm Version 7.7, Rapid7 Kubernetes Beta, & Cisco SASE – ESW #223

This week in the Enterprise News, Cyble raises $4M, ThreatQuotient raises $22.5M, OneTrust acquires Convercent, Digital Shadows announces new threat intelligence capabilities, Rapid7 Announces Kubernetes Open Beta in InsightVM, LogRhythm Releases Version 7.7, Imperva unveils new data security platform built for cloud, Acronis releases a new version of Acronis Cyber Protect Cloud, Minerva Labs Launches Cloud Version of its Endpoint Threat Prevention Platform, What's Behind the Surge in Cybersecurity Unicorns? Cisco Umbrella unlocks the power of SASE and more!

Announcements

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. VENDOR ANGER – Ubiquiti adds ads to their consoles following major breach
    "Hey @Ubiquiti, why are you pushing ads on the management interface for hardware I bought outright?" <-- Ubiquiti starts pushing ads in their console just after trying to downplay a breach! Customers are not best pleased.
  2. 2. NEW PRODUCT – Duo goes passwordless – TechCrunch
    We've seen a lot of passwordless moves in recent months, but Duo has the momentum and gravity to REALLY move the needle here.
  3. 3. HOT TAKES – “Honestly, a lot of free software is free as in *piano.*”
    "Honestly, a lot of free software is free as in *piano.* It's right there. Nobody is stopping you. You could totally spend hours of painstaking labor getting it carried up your front steps or built from a clusterfuck of diffs and patches or whatever. Everyone knows you won't." <-- this is the metaphor I've been needing for years for describing why FOSS isn't a panacea and is often more expensive than using commercial products.
  4. 4. HOT TAKES – Jason Chan: Thoughts on Selling to Security Leaders
    Jason Chan and a lot of other security leaders are fed up with what they see as increasingly obnoxious attempts to slip a sales meeting onto their calendars.
  5. 5. HOT TAKES: Signal Adds Payments—With a Privacy-Focused Cryptocurrency
    Signal beta tests cryptocurrency-enabled payments and many Signal fans are not happy about this new direction for the messaging app.
  6. 6. FUNDING – Aporia raises $5M for its AI observability platform – TechCrunch
    With all the AI/ML in enterprise security products, I felt like a company that tells you whether your ML is working or broken was both interesting and relevant.
  7. 7. Threat intelligence platform ThreatQuotient secures $22.5M
Principal Security Researcher at Eclypsium
  1. 1. FUNDING – Cyble raises $4M to provide early warning intelligence on cyber threats
    "Dark web monitoring and mitigation capabilities are front of mind for modern organizations and the market is growing rapidly."
  2. 2. ACQUISITION – OneTrust acquires Convercent to bring ethics and compliance capabilities into the OneTrust platform
    "The acquisition will build on OneTrust’s longstanding investments in creating the technology fabric of trust within an organization, bringing together privacy, security, data governance, ethics and compliance, GRC, third-party risk, and ESG into a single operational workflow."
  3. 3. Digital Shadows announces new threat intelligence capabilities mapping to MITRE ATT&CK framework
    I think when a vendor can mention MITRE ATT&CK in a press release, they are excited, but are we? "The new features draw on this collective global security ‘brain’ but provide security professionals with visualizations relevant to their specific organization so they can quickly determine the relevance or danger of a particular threat actor or incident to them. This insight is further enhanced by Digital Shadows own analysis of threat actors and updates within the same library. Combined, it means Digital Shadows customers gain actionable remediation advice against specific threat actors before they may pose a risk."
  4. 4. Rapid7 : Announces Kubernetes Open Beta in InsightVM
    Interesting play: "Integrating your Kubernetes environment with InsightVM can be accomplished by pulling the Rapid7 Kubernetes Monitor from DockerHub, deploy this to each cluster, and performing a few configuration steps. Once configured, data will appear in the Container Security section of InsightVM."
  5. 5. FUNDING – ThreatQuotient raises $22.5M to accelerate execution of new innovations
    "ThreatQuotient gives SOC analysts, incident responders and threat analysts unmatched flexibility, visibility and control over their company’s alerts and unique threats that they can’t get from other security operations solutions." - Sounds like they are way more than just threat intel...
  6. 6. PRODUCT – LogRhythm Releases Version 7.7 of NextGen SIEM Platform
    "Easier integration with third-party platforms: Version 7.7’s Alarm REST API provides a simpler integration with third-party ticketing systems, SOAR platforms, and other LogRhythm partner solutions...Seamless log configuration in the cloud: Cloud-to-cloud collection enables LogRhythm Cloud users to configure log sources regardless of origin through a Graphical User Interface (GUI)...Built-in support for more popular cloud-based services: LogRhythm has added new out-of-the-box Beats to help analysts onboard many popular cloud-based services, including Okta and Carbon Black Cloud, which further help customers secure the identities and endpoints within their environments. "
  7. 7. Imperva unveils new data security platform built for cloud
    "By supporting all databases regardless of where they are hosted, including database as a service (DBaaS), infrastructure as a service (IaaS) and multi and hybrid cloud environments, Imperva enables companies to maintain their security posture while rapidly embracing the cloud. The platform natively integrates with any database on Amazon Web Services, Google Cloud, Microsoft Azure, MongoDB Atlas and Snowflake, as well as many others."
  8. 8. Security Innovation launches monthly Web Application Security Bootcamp
  9. 9. Kaspersky launches ML-driven MDR for SMB, and splits B2B offering into frameworks based on customers’ IT security maturity
    "The new Kaspersky Managed Detection and Response (MDR) service ensures continuous machine learning-driven 24/7 protection while saving IT security teams’ resources for threat analysis, investigation and response. Thanks to two product tiers, Kaspersky MDR is now available not only for large enterprises, but for medium-sized businesses with different levels of IT security maturity and needs. "
  10. 10. Acronis releases new version of Acronis Cyber Protect Cloud
  11. 11. Minerva Labs : Launches Cloud Version of its Endpoint Threat Prevention Platform
    Looks like they've added some features: "The multi-layered engines combine advanced prevention-oriented cyber warfare approaches, such as deterrence-based & active deception, active camouflage, browser isolation, virtual patching, vaccination and other anti-evasion capabilities."
  12. 12. What’s Behind the Surge in Cybersecurity Unicorns?
    "SecurityWeek has identified more than 30 cybersecurity unicorns, with 13 of them announced in the past four months alone. The 13 companies to achieve billion-dollar valuation since December 2020 are Aqua, Axonius, BigID, Coalition, Feedzai, Forter, ID.me, Lacework, Orca, OwnBackup, Socure, Venafi and Wiz."
  13. 13. Cisco Umbrella unlocks the power of SASE with new security capabilities
    "Remote browser isolation (RBI), Data loss prevention (DLP), Cloud malware prevention" - Not sure how it all fits together, but interesting that Umbrella has all of these features now.
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

Related

You can skip this ad in 5 seconds