Soft skills for engineers – Evgeniy Kharam – ESW #401
When we use the phrase "talent gap" in cybersecurity, we're usually talking about adding headcount. For this interview, however, we're focusing on a gap that is evident within existing teams and practitioners - the often misunderstood soft skills gap.
Side note: I really hate the term "soft skills". How about we call them "fundamental business skills", or "invaluable career advancement skills"? Hmm, doesn't quite roll off the tongue the same.
Soft skills can impact everything, as they impose the limits of how we interact with our world. That goes for co-worker interactions, career advancements, and how we're perceived by our peers and community. It doesn't matter how brilliant you might be - without soft skills, your potential could be severely limited.
Did you know that soft skills issues contributed to the Equifax breach?
We'll also discuss how fear is related to some of the same limitations and challenges as soft skills.
Segment Resources:
Evgeniy is an author, cybersecurity architect, advisor, and podcaster with over 25 years of experience, including work with global VARs and MSSPs. An awarded dad and outdoor enthusiast, he offers a unique, panoramic view of the cybersecurity landscape. Currently, he leads his own cyber and media consulting services, leveraging deep industry knowledge to guide clients through complex security challenges. As the author of “Architecting Success: The Art of Soft Skills in Technical Sales,” Evgeniy extends his expertise to mentorship, emphasizing the crucial role of soft skills in technology.
Identiverse 2025 is returning to Las Vegas, June 3-6. Hear from 250+ expert speakers and connect with 3,000+ identity security professionals across four days of keynotes, breakout sessions, and deep dives into the latest identity security trends. Plus, take part in hands-on workshops and explore the brand-new Non-Human Identity Pavilion. Register now and save 25% with code IDV25-SecurityWeekly at https://www.securityweekly.com/IDV2025
How attackers exploit identity gaps to get into your cloud and SaaS – Paul Nguyen – ESW #401
You might know them from their excellent research work on groups like Scattered Spider, or their refreshing branding/marketing style, but Permiso is laying some impressive groundwork for understanding and defending against identity and cloud-based attacks. In this interview, we talk with co-founder and co-CEO Paul Nguyen about understanding the threats against some of cybercriminals' favorite attack surface, insider threats, and non-human identity compromise.
Segment Resources:
- This blog post from our threat research team on Scattered Spider shows how threat actors move laterally in an environment across identity providers, Iaas, PaaS and SaaS environments, and how this lateral movement ultimately creates blind spots for many security teams
- This great talk by Ian Ahl, from fwd:cloudsec 2024, touches on a lot of great TTPs used by attackers in IDPs and in the cloud
- Another blog, When AI Gets Hijacked: Exploiting Hosted Models for Dark Roleplaying
- and another, What Security Teams Can Learn From The Rippling/Deel Lawsuit: Intent Lies in Search Logs
Paul Nguyen is the Co-founder and Co-CEO of Permiso Security, an identity security startup helping security teams detect and protect against human and non-human identity threats. Prior to Permiso, he founded Invotas, a pioneer in security orchestration, which was subsequently acquired by FireEye. At FireEye, Nguyen served as the Senior Vice President of Product Strategy and Product Management.
With over 25 years of experience in the cybersecurity industry, Nguyen began his career as a white hat hacker at @stake (later acquired by Symantec) and Neohapsis (acquired by Cisco).
Nguyen co-founded Permiso Security in 2020, aiming to simplify identity security and help teams monitor suspicious and malicious activity of the identities in their environment. Permiso was named a finalist in two categories for the SC Awards in 2024 in the Most Promising Early Stage Startup and Best Threat Detection Technology categories. In 2022, they were named a SINET16 Innovator Award winner.
I'll be running an panelcast with Fastly, titled Security Without Speed Bumps: Using WAF Simulator to Transform DevSecOps Workflows. Join me for this exciting webcast on April 16th. To register for this panelcast, go to securityweekly.com/WAF
Best of Cyber April Fools, Tons of Free Tools, runZero positioned to disrupt? – ESW #401
This week, in the enterprise security news,
- we check the vibes
- we check the funding
- we check runZero’s latest release notes
- tons of free tools!
- the latest TTPs
- supply chain threats
- certs won’t save you
- GRC needs disruption
- the latest Rippling/Deel drama
All that and more, on this episode of Enterprise Security Weekly.
Adrian Sanabria
- FUNDING: Courtesy of the Security, Funded newsletter, #187 – It Was the FAFO of Times
This week's vibe check asks, "what's the biggest reason cybersecurity tools don't get fully adopted?"
The answer was a tie, with "lack of internal expertise" and "poor integration with existing workflows" dead even. Just behind them was "tools overpromise and underdeliver". Same as it ever was, sadly. Something I call "the customization tax" is central here. It's the work that the vendor can't or doesn't do for you, that YOU, as the buyer, have to do post-purchase before the product becomes useful, or even FUNCTIONAL.
Our funding for this week includes:
- Adaptive raises a $43M ???? from A16Z and OpenAI for phishing testing and security awareness??? Say that again? Isn't that one of the most saturated and commoditized product categories infosec has? I went a bit down a rabbit hole with this one. Can't find Adaptive on Tracxn or Crunchbase, so no idea if this is their first round or fifth, though I did find an A16Z post about the investment that mentions founder Brian Long is a Nine Inch Nails fan ¯_(ツ)_/¯
- Straiker raised a $21M Series A from Bain & Lightspeed for AI app & agent security
- GetReal raised a $17.5M Series A from Forgepoint Capital for a verification platform that can prevent deepfakes and impersonations
- SplxAI raised a $7M seed round from LAUNCHub Ventures, also for AI application security
- NEW FEATURES: runZero continues to evolve and… move into new categories?
Some of the security vendors out there are not like the others. They're often the ones to watch. That's why I've had my eye on runZero, which started out solving one of security's biggest challenges: asset discovery and identification. Traditional vuln scanners are terrible at asset identification, which ruins any subsequent analysis or attempts to identify vulns.
runZero quickly pivoted into the CAASM space, adding integrations at a rapid pace.
This new update brings vulnerability identification into the mix. It's basic, but focuses on what matters (stuff that's on KEV, for example, devices with default creds). By being basic, and focusing on what matters, they're either intentionally or unintentionally enabling buyers to sidestep both the traditional infrastructure vuln scanning solutions (Tenable, R7, Qualys), AND the vuln prioritization vendors (Nucleus, Vicarious, the now-acquired Vulcan Cyber, etc). Could runZero replace traditional vuln mgmt solutions? Probably not in the short term, but they're sure flirting with the idea in a way that would have me worried if I were in that space.
What's more, these new features are available in the community edition I use at home for my lab environment! Consider my interest piqued.
- MARKET TRENDS: Trump’s Aggression Sours Europe on US Cloud Giants
Huge potential impact on EMEA for US cybersecurity sellers. As the cloud buying trends go, I'd expect cybersecurity to follow.
- FREE TOOLS: BishopFox’s eyeballer: Convolutional neural network for analyzing pentest screenshots
SO COOL, I could have really used this 10+ years ago. I tried building something like this, didn't have great results when it came to automatically sorting the screenshots though.
- FREE TOOLS: The CVE Database: Curated Vulnerability Intelligence by Wiz
- FREE TOOLS: CVE to EPSS
- FREE TOOLS: Honeyfiles in Velociraptor!
- DFIR: The latest TTPs from the DFIR Report – Fake Zoom Ends in BlackSuit Ransomware
- SUPPLY CHAIN THREATS: Ransomware Found in VSCode Extensions Raises Concerns Over Microsoft’s Security Review
- SUPPLY CHAIN THREATS: Wild new LLM vulnerability just dropped, this time in Cursor
Not a vulnerability, and not in the LLM. We'll explain.
- CAREER: Certs Won’t Save You: The Harsh Truth About Cybersecurity Careers
Also check out Leslie Carhart's post with similar advice!
https://tisiphone.net/2025/04/01/lesley-what-happened-to-the-cybersecurity-skills-shortage/
- ESSAYS: GRC is Ripe for a Revolution
- DRAMA: The latest on the Rippling/Deel espionage case
The greatest insider threat case in recent memory just dropped some even more jaw-dropping details
- SQUIRREL: SOUTH KOREA IS OVER
Absolutely hypnotized by this story - the idea that an entire country could decline to destruction simply by not having enough babies, and this happening within my lifetime to a major country has my attention. Apparently, by the time my kids are my age, South Korea's population will be only 1 child for every 100 adults.
Ayman Elsawah
- SQUIRREL: Jokes on Us
The best of April Fools 2025
