Enterprise Security WeeklySubscribe
Vulnerability Management, Application security, Security Strategy, Plan, Budget, Email security, Breach, Risk Assessments/Management, Security Operations, Threat Management, Acquisition

D3FEND 1.0: A Milestone in Cyber Ontology – Peter Kaloroumakis – ESW #388

Full Audio

View Show Index

Segments

1. D3FEND 1.0: A Milestone in Cyber Ontology – Peter Kaloroumakis – ESW #388

Since D3FEND was founded to fill a gap created by the MITRE ATT&CK Matrix, it has come a long way. We discuss the details of the 1.0 release of D3FEND with Peter in this episode, along with some of the new tools they've built to go along with this milestone.

To use MITRE's own words to describe the gap this project fills:

"it is necessary that practitioners know not only what threats a capability claims to address, but specifically how those threats are addressed from an engineering perspective, and under what circumstances the solution would work"

Segment Resources:

Announcements

  • Want to shape the future of identity? Identiverse 2025 is looking for dynamic speakers like you to share groundbreaking ideas with over 3,000 identity and access management leaders. Join the most influential voices in IAM and help drive innovation in our industry. Submit your presentation proposal today at securityweekly.com/idvcfp

Guest

Principal Cybersecurity Engineer at MITRE

Peter Kaloroumakis is Principal Cybersecurity Engineer at MITRE where he leads the D3FEND project which is funded by the National Security Agency. He also supports various government sponsors on the development of their defensive cyber operations capabilities. Previously, he enlisted in the United States Air Force, where he served in Operation Iraqi Freedom, and earned a B.S in Computer Information Technology from University of Maryland Global Campus. He has worked as Principal Investigator at Northrop Grumman, was the founding CTO at BluVector Inc., and holds two patents in applying machine-learning technology to malware detection.

Host

Principal Researcher at The Defenders Initiative

2. Final fundings for 2024, Blackberry sells Cylance cheap, Product Testing Drama – ESW #388

In the enterprise security news,

  1. a final few fundings before the year closes out
  2. Arctic Wolf buys Cylance from Blackberry for cheap, a sentence that feels very weird to say
  3. the quiet HTTPS revolution
  4. passkeys are REALLY catching on
  5. resilience keeps showing up in the titles of news items
  6. Apple Intelligence insults the BBC’s intelligence
  7. MITRE ATT&CK evals drama
  8. Lastpass breach drama continues

All that and more, on this episode of Enterprise Security Weekly

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. FUNDING: Courtesy of the Security, Funded Newsletter, Issue #174 – All I Want for Christmas is [Shareholder Value]!

    A few final fundings before we wrap up 2024:

    1. Sublime Security raises a $60M Series B for email security
    2. Canadian-based Flare raised a $30M Series B for brand protection and threat intelligence
    3. Island raised an Series D, though the amount was not disclosed, ooooh, mysterious!
  2. 2. ACQUISITIONS: Arctic Wolf and BlackBerry Announce Acquisition Agreement for Cylance

    $160M??? That's a massive loss in value. Not too far off from Cybereason's losses.

  3. 3. NEW TOOLS: dreadnode/burpference: A research project to add some brrrrrr to Burp
  4. 4. GOOD NEWS: The Quiet HTTPS Revolution

    It might be small consolation, but we did it. We encrypted the public Internet.

    Internal networks? Probably not, there's probably still a lot of cleartext protocols flying around all over on teh LANs.

  5. 5. LEGISLATION: FCC, for first time, proposes cybersecurity rules tied to wiretapping law

    The USGov is scrambling to address telecom security after it became widely known that China thoroughly compromised them.

    It's not like this is the first time securing telecoms has come up, however. A birdie shared with me that, 11 years ago, it was decided to make security measures voluntary.

  6. 6. REGULATIONS: Ensure compliance with DORA ICT risk framework using runZero

    I don't know much about DORA, but what I've seen, I really like. Loving this push towards resilience, understanding your assets...

  7. 7. HOT TAKES: MITRE ATT&CK Evaluations Drama

    Ranking or scoring products always leads to bad places. Don't do it.

  8. 8. BREACHES: LastPass 2022 hack fallout continues with millions of dollars more reportedly stolen

    I had no idea so much crypto was stolen!

  9. 9. ESSAYS: Why Every Cybersecurity Leader Needs Financial Literacy

    So true. It's arguably more important than technical literacy, which explains why we've seen an increase in "professional" CISOs over the past decade or so. It's not uncommon to see a former chief financial officer, general counsel, or HR leader step into a CISO role in an organization with a sizable security staff that can benefit more from better management than having a cyber expert at the helm.

Fractional CISO | Author | Educator | Coffee Nerd at Cloud Security Labs
Product Marketer and Content Strategist at OX Security

3. 2024 End-of-Year News and Wrapup – ESW #388

As we wrap up the year, we have an honest discussion about how important security really is to the business. We discuss some of Katie's predictions for AppSec in 2025, as well as "what sucks" in security!

Hosts

Principal Researcher at The Defenders Initiative
  1. 1. RESEARCH: What sucks in security? Research findings from 50+ security leaders

    Some HUGELY interesting insights in this piece.

  2. 2. PREDICTIONS: Five Predictions for Application Security in 2025
  3. 3. ESSAYS: Let’s have an honest conversation about the state of cybersecurity
  4. 4. ESSAYS: A Year-End Reflection on the SIEM and SecOps Landscape
  5. 5. AI NEWS: BBC complains to Apple over misleading shooting headline

    If Apple can't get AI right in basic use cases like this, how can we expect any of this "AI SOC analyst" stuff to work well???

  6. 6. ANNOUNCEMENT: Microsoft Announces Security Update with Windows Resiliency Initiative

    While the "Windows Resilience Initiative" was triggered by Crowdstruck, it is more broad and thoughtful than just the handful of changes that would prevent another similar incident. The key components of the initiative include:

    1. Strengthening Reliability
    2. Reducing Administrative Privileges
    3. Strong Apps & Drivers Controls
    4. Improving Identity Protection
    5. Collaboration with Security Partners
    6. Data Protection (e.g. Personal Data Encryption feature)
    7. Transition to Rust
  7. 7. PASSWORDLESS: Convincing a billion users to love passkeys: UX design insights from Microsoft to boost adoption and security

    I'm really hoping Microsoft can help to continue accelerating passkey use.

  8. 8. SQUIRREL: Check Out 14 Hilarious Winners From the Nikon Comedy Wildlife Photography Awards Contest

    A squirrel story with actual squirrels. This is the story we leave you with for the last episode of the year. Enjoy the holidays!

Fractional CISO | Author | Educator | Coffee Nerd at Cloud Security Labs
Product Marketer and Content Strategist at OX Security

Related

You can skip this ad in 5 seconds