Enterprise Security WeeklySubscribe
Cloud Security, Application security, Zero trust, Supply chain, Endpoint/Device Security, Leadership, DevSecOps

ESW #308 – Roland Diaz, Ross Haleliuk

Full Audio

View Show Index

Segments

1. DIY Software Bill of Materials How-To – Roland Diaz – ESW #308

You know SBOMs can help you keep track of your software assets and therefore, their vulnerabilities. Despite even the White House pressing the issue, many vendors aren't forthcoming with SBOMs, and you can't afford to wait. With Tanium's Roland Diaz, we'll discuss the most important considerations when generating your own SBOMs (which is now something their product can also do!).

This segment is sponsored by Tanium. Visit https://securityweekly.com/tanium to learn more!

Sponsored By

Tanium

Announcements

  • Security Weekly listeners: Identiverse 2023 is heading to Vegas! Join the digital identity community at the ARIA Resort & Casino in Las Vegas, May 30th to June 2nd. Identiverse is a must-attend annual event that brings together over 2,500 security professionals for 4 days of world-class learning, engagement, and entertainment.

    As a community member, you’re able to receive 20% off your Identiverse 2023 tickets using code IDV23-SW20!

    Register today: securityweekly.com/identiverse2023

Guest

Director, Technical Product Management at Tanium

Hosts

Principal Researcher at The Defenders Initiative
Product Marketer and Content Strategist at OX Security
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

2. Product-Led Growth and Building Products in Cybersecurity – Ross Haleliuk – ESW #308

Looking at topics around go-to-market strategy and product management, including: how building products is unique in cybersecurity compared to other industries, what is product-led growth and what shape it takes in security, and how to do it right. Touching on the broader and adjacent topics of writing, supporting cybersecurity startups, investing, and the like.

Segment Resources: Venture in Security blog: https://ventureinsecurity.net/ Venture in Security Angel Syndicate: https://www.visangels.com/ Building Cyber Collective: https://ventureinsecurity.net/p/buildingcyber Top Venture in Security Articles: https://ventureinsecurity.net/p/top-posts

Announcements

  • Join us at an upcoming Official Cyber Security Summit in a city near you! This series of one-day, invitation-only, executive level conferences are designed to educate senior cyber professionals on the latest threat landscape.

    We are pleased to offer our listeners $100 off admission when you use code SecWeek23 to register.

    Visit securityweekly.com/cybersecuritysummit to learn more and register today!

Guest

Author at Cyber for Builders

Ross Haleliuk began his journey as a co-founder of a B2B edtech before building a decade-long career as a product leader across multiple industries, ending up in cybersecurity. His areas of expertise include go-to-market and product strategy, strategic positioning, product-market fit expansion, growth, operations, and fundraising.

Ross is currently a Head of Product at LimaCharlie. LimaCharlie’s SecOps Cloud Platform provides customers with comprehensive enterprise protection that brings together critical cybersecurity capabilities and eliminates integration challenges and security gaps for more effective protection against today’s threats.

Outside of work, Ross is a startup advisor, speaker, and angel investor. He often writes about cybersecurity industry trends, building security startups, investment, and growth on the world’s leading media platforms such as TechCrunch, Forbes, and VentureBeat, and in his blog Venture in Security.

Host

Principal Researcher at The Defenders Initiative

3. A Light Week, InfoSec Tabletop Gaming, White House CyberSec, & AI Galore! – ESW #308

In the enterprise security news, A light week in funding, after last week’s mega raises from Wiz and Sandbox AQ HP acquires some Zero Trust and CASB with Axis Security InfoSec-themed Table Top gaming is really catching on The White House’s updated cybersecurity strategy is more of an update than a game changer I go a bit nuts with AI news and essays, but a lot of it is really worth your time, I promise Doing evil things with chrome extensions Women in cybersecurity Letting strangers call you, on purpose All that and more, on this episode of Enterprise Security Weekly.

Announcements

  • We’d like to invite our listeners to be part of our 2023 SC Awards!

    Our prestigious and competitive SC Awards program recognizes outstanding innovations, organizations, and leaders that are advancing the practice of information security. This year, there are awards in 36 categories up for grabs, including best IT security-related training program, innovator of the year, best SASE solution, and more. We’d love to see your company in the spotlight!

    Visit securityweekly.com/scawards to submit your entries by March 20!

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. FUNDING: Oligo Security raises $20 million Series A to secure open-source libraries

  2. 2. FUNDING: Revelstoke Announces $20M Series B Funding Following Exponential Growth in Its First Year in Market

    https://www.prnewswire.com/news-releases/revelstoke-announces-20m-series-b-funding-following-exponential-growth-in-its-first-year-in-market-301765218.html

  3. 3. FUNDING: SOCRadar Announces $5M Series A Funding for New Extended Threat Intelligence (XTI) Cybersecurity Platform

    https://www.prnewswire.com/news-releases/socradar-announces-5m-series-a-funding-for-new-extended-threat-intelligence-xti-cybersecurity-platform-301765769.html

  4. 4. FUNDING: trackd Secures $3.35MM Seed Funding to Bring Its Novel Approach to Vulnerability Remediation to the Enterprise Security Market – trackd

  5. 5. FUNDING: Cado Security Announces $20M in Funding to Drive Innovation and Global Expansion
  6. 6. ACQUISITIONS: Hewlett Packard Enterprise fortifies network security with acquisition of Security Service Edge provider Axis Security

  7. 7. TOOLS: Cyber Fortress – Simulation-Strategic Games Based on Scenarios of the Latest Advanced Cyber Attacks

    An excellent-looking tabletop game developed by some folks in Poland, courtesy of FIRST.

  8. 8. USGOV: Cyber Command, NSA Successes Point Way to Future

    My favorite quote: "The command must work on readiness and resilience. Every member of the command also must buy into developing and maintaining a culture of continuous improvement."

  9. 9. USGOV: Biden Administration Releases Comprehensive National Cybersecurity Strategy

  10. 10. USGOV: Highlights from the New U.S. Cybersecurity Strategy – Krebs on Security

  11. 11. USGOV: The US National Cybersecurity Strategy: Takeaways for Private Sector Security Leaders

  12. 12. AI ESSAYS: Why AI Won’t Cause Unemployment

  13. 13. AI ESSAYS: How AI is Eating the Software World

  14. 14. AI ESSAYS: You Are Not a Parrot

    https://nymag.com/intelligencer/article/ai-artificial-intelligence-chatbots-emily-m-bender.html

  15. 15. AI NEWS: What OpenAI’s API announcement means for makers

  16. 16. AI NEWS: ChatGPT and Whisper APIs debut, allowing devs to integrate them into apps

  17. 17. AI NEWS: Introducing the ChatGPT App for Slack

    https://www.salesforce.com/news/stories/chatgpt-app-for-slack/

  18. 18. AI NEWS: Salesforce Ventures Launches $250M Generative AI Fund

    https://www.salesforce.com/news/stories/generative-ai-investing/

  19. 19. FUN&PROFIT: Let’s build a Chrome extension that steals everything

  20. 20. REPORTS: 2022 Year in Review – The DFIR Report

  21. 21. ATTACKS: Post-quantum algorithm vulnerable to side channel attacks, researchers

    https://www.scworld.com/analysis/policy/post-quantum-algorithm-attack

  22. 22. TRENDS: Inside Uber’s move to the Cloud: Part 1

  23. 23. TRENDS: Why we must finally draw more women into cybersecurity in 2023

  24. 24. TRENDS: Silicon Valley Bank shares slide on stock-sale plan to cope with cash burn
  25. 25. ESSAYS: Women in Cyber: Stats on female security vendor CEOs

  26. 26. ADVICE: Deploying MDR: Quotes from the experts

  27. 27. SQUIRREL: blahph0bia on Instagram: “volume slider cringe compilation”

  28. 28. SQUIRREL: Anyone – A radically different networking app

  29. 29. SQUIRREL: I Will Fucking Dropkick You If You Use That Spreadsheet — Ludicity

    https://ludic.mataroa.blog/blog/i-will-fucking-dropkick-you-if-you-use-that-spreadsheet/

  30. 30. SQUIRREL: ChatGPT for YouTube – YouTube summary with ChatGPT

  31. 31. SQUIRREL: Raising a fund with memes

Product Marketer and Content Strategist at OX Security
VP Traceable.ai, Cyber Angel Investor and Advisor at 90 Degree Ventures

Related

You can skip this ad in 5 seconds