ESW #301 – David Hunt, Jerry Bell
Full Audio
View Show IndexSegments
1. How a Scientific Approach Can Save Security Testing – David Hunt – ESW #301
If you’ve ever worked on a red or purple team, you know scaling engagements to production is an intensive, unwieldy process. Technology pitfalls may exist, but the fundamental problem is this: the process of writing, testing, deploying, and verifying the efficacy of TTPs is highly flawed and inconsistent.
This conversation will focus on applying a scientific process to security testing in order to achieve production scale.
Segment Resources:
Prelude Build GitHub: https://github.com/preludeorg/build
Prelude Docs: https://docs.prelude.org/docs
Introducing Prelude Build: An Open Source IDE Purpose Built for Security Engineers: https://www.preludesecurity.com/blog/introducing-prelude-build-an-ide-purpose-built-for-security-engineers
A Practical Guide for Scaling Continuous Security Testing: https://www.preludesecurity.com/blog/scaled-security-testing-a-practical-guide
Prelude Build: https://www.preludesecurity.com/products/build
Announcements
Join our cybersecurity community on Discord! Connect directly with our expert hosts, join discussions with fellow audience members, and customize your notifications to receive alerts every time an episode of your favorite show publishes. Get your invite at securityweekly.com/discord!
Guest
David leads the engineering effort at Prelude as CTO. Before Prelude, he led the team that built MITRE CALDERA. He has spent his career analyzing security across countless industries, including enterprise, aerospace, and OT.
Hosts
2. InfoSec Community Culture & the Migration to Mastodon – Jerry Bell – ESW #301
We will discuss the migration of the security community from Twitter to Mastodon, logistical challenges, and related matters of managing the community.
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guest
Jerry has worked in IT for 30 years, holding various positions from programmer, to sysadmin and is currently the VP and CISO of IBM Public Cloud. Jerry has hosted the Defensive Security Podcast and has administered the Infosec.Exchange mastodon instance for the past 6 years.
Hosts
3. Unicorn Layoffs, Zombiecorns, IronNet, Remediant, & AI Generated Insecurity – ESW #301
Finally, in the enterprise security news, Security funding is back, baby! Security Unicorn layoffs continue though! We talk Zombiecorns, IronNet struggles, Netwrix acquires Remediant, We talk breaches: Lastpass, Rackspace, Okta via Github, Slack via Github, Github announces 2FA improvements, AI generates insecure code, Cyberinsurance challenges, Fyre Festival Fraudster Funding more Frauds All that and more, on this episode of Enterprise Security Weekly.
Announcements
Stay up-to-date with us on X (formerly known as Twitter) for the latest show clips and updates! Find us @SecWeekly and stay connected with our cybersecurity community.
Hosts
- 1. FUNDING: Aztec Raises $100 million to Build Encrypted Ethereum
- 2. FUNDING: CyberCube raises $50m for growth, with HSCM participating again – Artemis.bm
- 3. FUNDING: DataVisor Announces $40 Million Strategic Growth Investment Led by Brighton Park Capital
- 4. FUNDING: Germany’s VMRay ties up $34 million series B to expand threat detection and analysis
- 5. FUNDING: Trilio raises $17M for its cloud-native data protection service – SiliconANGLE
- 6. FUNDING: Seattle cybersecurity startup that aims to protect machine learning-based code lands $13.5M
- 7. FUNDING: FireTail Raises $5M to Accelerate API Security, Led by Paladin Capital Group
- 8. FUNDING: Cybersecurity startup SafeHouse raises pre-Series A funding
- 9. (DE)FUNDING: IronNet’s latest NDR updates provide broader visibility of cyber threats – Help Net Security
- 10. (DE)FUNDING: IronNet cybersecurity faces delisting threat, potential insolvency – Baltimore Business Journal
- 11. ACQUISITIONS: Netwrix Acquires Remediant to Provide Customers with Enhanced Privileged Access Security
I'm very curious about the terms of any deal happening after the valuation reset. We'll probably never know with this one though.
The only recent comp is Palo Alto picking up Cider Security for $195m on $38m raised. That's 5.1x on money raised, but no idea what their Series A valuation was back in March, or how much revenue they managed to pick up in the 8-9 months they've been out of stealth.
This is Netwrix's 6th acquisition since getting picked up by TA Associates (PE) back in 2020.
- 12. LAYOFFS: Cybersecurity unicorn Armis axes 25 employees
- 13. LAYOFFS: Cybersecurity startup CyCognito cuts 15% of jobs
- 14. NEW COMPANIES: Zecurity
Where to start? The name? The tagline (Sustainable Cybersecurity)? The description of what they do? "Zecurity's platform is a SaaS-based zero-trust platform to air gap your infrastructure from the Internet."
Everything about Zecurity reads like someone went to ChatGPT and asked for the most clickbaity cybersecurity startup copy ever.
- 15. NEW COMPANIES: QWERX
- 16. NEW COMPANIES: Picnic
- 17. NEW COMPANIES: Gomboc – Cloud Infrastructure Security
- 18. NEW FEATURES: Raising the bar for software security: next steps for GitHub.com 2FA
We've got quite a few breaches this week that begin and end with GitHub, so it's no surprise they're busy, trying to improve security for users and convince them to use it!
- 19. OPEN SOURCE: Google releases vulnerability scanner for open-source software, backed by community-editable database
- 20. BREACHES: Okta’s GitHub source code stolen, company downplays impact
- 21. BREACHES: Slack’s private GitHub code repositories stolen over holidays
- 22. BREACHES: Kevin Beaumont’s epic, month-long thread on the Rackspace breach
TL;DR - Rackspace made a big mistake choosing not to patch Exchange when they had a chance, but did an impressive job recovering from one of the worst worst-case scenarios I've seen a business deal with in a while - total destruction of a product line (though one that only accounted for 1% of their $3B revenue).
Still, no word on whether the email belonging to tens of thousands of small and medium-sized businesses were stolen.
- 23. BREACHES: The LastPass disclosure of leaked password vaults is being torn apart by security experts
And I was one of them! I have some insights to share after tearing apart and examining my own (old, forgotten, I should have deleted it years ago) Lastpass vault.
- 24. BREACHES: What’s in a PR statement: LastPass breach explained
- 25. BREACHES: A retrospective on public cloud breaches of 2022, with Rami McCarthy and Houston Hopkins
- 26. BREACHES: Notice of Recent Security Incident – The LastPass Blog
- 27. DRAMA: Insiders worry CISA is too distracted from critical cyber mission
- 28. TRENDS: Switzerland Strategy – Digital Switzerland Strategy 2023
Clearly, Switzerland saw episode 299 with Joe Carson and were inspired to put together an all-in-on-digital strategy. They turned around this plan pretty quick, I'm impressed! ;)
- 29. TRENDS: AI assistants help developers produce code that’s insecure
This is a question I've had for a while. If AI is trained on general human-produced content, and humans are susceptible to mistakes, bias, and myths... How does the AI know the different between good content, or good code, and crap? Isn't it liable to just regurgitate humanity's mistakes?
What I REALLY worry about are folks being okay with this - folks who just want AN answer, and care less about whether it's the RIGHT answer.
- 30. TRENDS: Non-Compete Clause Rulemaking
- 31. MARKET ANALYSIS: Zombiecorns, by the numbers
- 32. MARKET ANALYSIS: Welcome to ZOMBIE(corn)LAND!
u can’t do it alone. In the new world of the Zombiecorns, founders and leaders must look to their team to help carry them forward. Lead with passion, be transparent whenever possible, and help others to rally to your cause. If you try to be a hero and lead in silence you will not make it. Remember it took a team of people to get you where you are today, it’s going to take that same team of people to save you from the Zombiecorn fate.
- 33. REPORTS: NSA Publishes 2022 Cybersecurity Year in Review
- 34. REPORTS: The State of Cybersecurity in 2022 and Trends and Predictions for 2023
- 35. CYBERINSURANCE: Ohio Supreme Court Says Ransomware Is Not Physical Damage
- 36. CYBERINSURANCE: Cyber attacks set to become ‘uninsurable’, says Zurich chief
- 37. SQUIRREL: Convicted Fyre Festival Fraudster Is Planning Another Bahamas Venture, But the Bahamas Don’t Want Him
- 38. SQUIRREL: A Startup Founder and an Industry Analyst walk into a bar…
Startup Founder: How can I describe our product in a way that stands out to customers? The cybersecurity market is already saturated.
Industry Analyst: I got you dog, say no more