Enterprise Security WeeklySubscribe
Cloud Security, Leadership, Network Security, Distributed Workforce, Managed Services, Security Staff Acquisition & Development

The 1000th Unicorn – ESW #259

Full Audio

View Show Index

Segments

1. How Zapier’s Attila Török Manages Security for a 100% Remote Organization – Attila Török – ESW #259

Imagine having 500+ employees across the world — all working remotely. Now imagine making sure they can all do their work securely. This is exactly what Zapier’s Head of Security, Attila Török does. In this chat, you’ll hear from Attila regarding his experience and best practices for defending a cloud-based tech company with a remote workforce and infrastructure (including what systems to implement).

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

Head of Security at Zapier

Attila Török started his career developing custom Linux kernels for weird hardware and built government-issued document management systems for many years, before becoming a penetration tester. Later, he joined LogMeIn as the first security hire and eventually ran Security Assurance as a director. His core focus areas were infrastructure security, corporate IT security, and application security. Now at Zapier, he leads the Security Zone that combines Application Security, Cloud Security, Compliance, Detection & Response, and IT.

Hosts

Principal Researcher at The Defenders Initiative
Product Marketer and Content Strategist at OX Security
Product Security Research and Analysis Director at Finite State

2. A Look at Microsoft’s Cloud-Native SIEM – Darwin Salazar – ESW #259

In late 2019, Microsoft released their cloud-native SIEM, Sentinel. A lot in the world has changed since then so we'll be looking at Sentinel's progression, talking about it's features and what may make it attractive to enterprises in 2022 and beyond.

To register for Darwin’s upcoming workshop with Security Weekly, please visit: https://attendee.gotowebinar.com/register/2393226017093033995?source=esw

Microsoft Sentinel Ninja Training - https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/become-a-microsoft-sentinel-ninja-the-complete-level-400/ba-p/1246310#

Forrester MSFT Sentinel reports indicating 201% ROI over 3 years - https://www.microsoft.com/security/blog/2020/11/16/forrester-tei-study-azure-sentinel-delivers-201-percent-roi-over-3-years-and-a-payback-of-less-than-6-months/

If you want to get started with Kusto Query Language (KQL) without having to bootstrap your own environment, MSFT has a live log analytics workspace with tons of log data. You must have an Azure subscription to use. Link : https://aka.ms/lademo

Announcements

  • CRA's Business Intelligence Unit has launched its next survey on Zero Trust! What are Your Barriers to Zero Trust Implementation? Take our survey and enter to win a $500 Tango card by visiting https://securityweekly.com/zerotrust. Report results will be released at our upcoming Zero Trust E-Summit in March!

Guest

Lead Product Manager at Monad

Darwin is a Lead Product Manager at Monad. In the past, he’s served as a detection engineer, cloud security consultant, and analyst at places Datadog, Accenture, Ford Motors, and Johnson&Johnson.

Darwin has given presentations and workshops at DEF CON, fwd:cloudsec, and Security Weekly Unlocked. He also writes The Cybersecurity Pulse (TCP) where he keeps 2.5K+ subscribers up to date on all the innovation and trends happening in our industry.

Darwin enjoys lifting heavy objects, traveling, spending time with loved ones and the occasional cigar.

Fun fact: Darwin interned in studio at Security Weekly while completing his undergraduate studies!

Hosts

Principal Researcher at The Defenders Initiative
Product Marketer and Content Strategist at OX Security
Product Security Research and Analysis Director at Finite State

3. The 1000th Unicorn, Island Browser, Optiv For Sale, & Polar Bear Takeover – ESW #259

Finally, in the Enterprise Security News, Island raises $100M to introduce a new Chromium-based web browser, designed for the enterprise, Plextrac rasies a $70M Series B, HackerOne raises a $49M Series E, Tenable acquires BAS vendor Cymptom, Orca swallows up RapidSec (sorry, had to), Cybereason confidentially files for IPO, KKR looks to offload Optiv, Cybersecurity startup trends of 2022, 1000 Unicorns, Infosec Startup Buzzword Bingo, We’ve got fundings, IPOs, acquisitions, take privates, a $3B seed round, legislation that makes sense - all kinds of exciting stuff today, on this episode of Enterprise Security Weekly!

Announcements

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

  • We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. FUNDING: Cybersecurity co Island exits stealth with $100m funding
    Whoa, right out of stealth and it's the biggest funding announcement this week! And the attention isn't undeserved. For the last 2 years, they've been building a Chromium-based browser specifically for the Enterprise.
  2. 2. FUNDING: PlexTrac Raises $70M Series B Funding Round to Fuel Growth in Proactive Cybersecurity Management – PlexTrac
  3. 3. FUNDING: HackerOne Raises $49 Million in Series E
    A relatively small round for a Series E, but Bug Bounty Platforms aren't the typical security startup. I still have no idea what an exit looks like for HackerOne or BugCrowd. I don't think a vuln mgmt vendor would want them and I also don't think a pen testing firm is the right fit. Maybe a Verizon, Telstra, Singtel, or AT&T?
  4. 4. FUNDING: Slim.AI lands $31M to make container security ‘easy’ for developers
  5. 5. FUNDING: Network Security Firm Portnox Raises $22 Million in Series A Funding
    Out of the blue - I didn't realize Portnox was still 'knocking' around. I'm also surprised that they've apparently been bootstrapped until now?
  6. 6. FUNDING: Post-quantum cryptography provider PQShield raises $20M
  7. 7. FUNDING: Revelstoke nabs $13M to launch low-code SOAR solution
  8. 8. FUNDING: Scribe Security raises $7M to protect software supply chain
  9. 9. FUNDING: Startup Pixm raises $4.3M seed funding round for its computer vision-based anti-phishing software – SiliconANGLE
  10. 10. ACQUISITION: Cengage Group Acquiring Infosec for More than $190 Million
  11. 11. ACQUISITION: Worklyn Partners acquires Quadrant Information Security to expand security services – Help Net Security
  12. 12. ACQUISITION: Tenable Agrees to Acquire Cymptom
    Looks like a BAS vendor, which makes sense. Use Tenable.io/Nessus to find the vulns and Cymptom to validate them. Not quite the answer to Rapid7's Metasploit, but then, Metasploit isn't really an enterprise moneymaker - more of a 'deal sweetener'.
  13. 13. ACQUISITION: Orca acquiring web application security startup RapidSec
  14. 14. IPO: EXCLUSIVE SoftBank-backed Cybereason confidentially files for U.S. IPO -sources
    Unsurprising, given the path forged by Crowdstrike and SentinelOne. I'm irritated the S-1 is confidential though.
  15. 15. IPO? EXCLUSIVE KKR explores sale or IPO of cybersecurity consultant Optiv -sources
    It was a big deal when Blackstone smooshed Accuvant and Fishnet together to form Optiv - a $1.5B revenue company. Then it got sold to KKR for $2B, and it sounds like it didn't achieve the growth they were hoping for.
  16. 16. TAKE PRIVATE: Citrix Systems to Go Private in Deal Valued at $16.5 Billion, Including Debt
    And they're getting combined with TIBCO!
  17. 17. TRENDS: The Complete List Of Unicorn Companies
    1000 Unicorns!
  18. 18. TRENDS: Cybersecurity startup trends of 2022
    1. Security spend will move to the forefront for businesses in all sectors 2. The institutionalization of ransomware 3. The Great Consolidation is afoot
  19. 19. TRENDS: Infosec Startup Buzzword Bingo: 2022 Edition
    Automated, Discover(y), Cloud-native, Engine, Visibility, API, AI/ML, Seamless, Posture, One-click, Powerful, Dynamic, CONTINUOUS, Deep, Accelerate, Simple, Zero Trust, Agentless, Native, Lifecycle, Platform, Accurate, Enforce, Real-time, Context
  20. 20. LEGISLATION: I read the federal government’s Zero-Trust Memo so you don’t have to
    Some bold stuff in here! Who is this government, and why are they pushing for rational security controls and strategies? I'm confused.
  21. 21. LEGISLATION: Companies Face Stricter Cyber Rules in 2022
  22. 22. OPINION: The cybersecurity risk to our water supply is real. We need to prepare.
  23. 23. NEW PRODUCT: ‘Zero Trust’ is the guiding principle of Sikur’s latest security-focused smartphone
  24. 24. OPEN SOURCE: OpenSSF Announces The Alpha-Omega Project to Improve Software Supply Chain Security for 10,000 OSS Projects – Open Source Security Foundation
    https://openssf.org/press-release/2022/02/01/openssf-announces-the-alpha-omega-project-to-improve-software-supply-chain-security-for-10000-oss-projects/
  25. 25. SQUIRREL: Altos Labs launches with the goal to transform medicine through cellular rejuvenation programming
  26. 26. SQUIRREL: Polar bears move into abandoned Arctic weather station – photo essay
Product Marketer and Content Strategist at OX Security
Product Security Research and Analysis Director at Finite State

Related

You can skip this ad in 5 seconds