Anchore Enterprise 2.4, Auth0 Bot Detection, & Bitdefender MDR – ESW #197

Announcements

• Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

• Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

• We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

• BSides Boston is back in action for their 10 year anniversary! The conference will be held on Saturday, September 26th & tickets are only $10! Get yours at https://bsidesbos.org! Some of the Security Weekly team will be in our own channel on the BSides Boston Discord server answering questions and possibly doing some contests!

Hosts

John Strand

Founder; Security Professional at Black Hills Information Security

https://www.blackhillsinfosec.com/

Matt Alderman

Chief Product Officer at CyberSaint

1. 1. LA gets a big SaaS exit as Fastly nabs the Culver City-based Signal Sciences for $775M
   LA’s enterprise tech scene can claim a really big winner with Signal Sciences, the security monitoring and management company that is getting bought by Fastly, a provider of content delivery networking services, for $775 million.
2. 2. Proofpoint announces $300M buyback program
   Proofpoint (NASDAQ:PFPT) plans to repurchase up to $300M that is around 5% of the company's current market capitalisation of $6.41B.
3. 3. InfoSum Raises $15 Million And Adds Brian Lesser As Executive Chairman
   InfoSum, a UK-based data platform that allows companies to match data in a privacy compliant-way, has raised $15 million and appointed Brian Lesser as executive chairman, the company said Tuesday.

Paul Asadoorian

Principal Security Researcher at Eclypsium

@0offset

https://securitypodcaster.com

1. 1. LogRhythm Power Users Share their Use Cases
   "We created custom dashboards to track metrics for testing new alarms in our SIEM, show how much time our team saved using automation, display the current status of our LogRhythm deployment, monitor Case Management metrics, and present the number of alarms triggered vs. triaged in a given period. These visualizations have empowered our operations and management teams — helping them achieve their goals and making it easier for our team to prove our effectiveness, show ROI, and demonstrate the need for investment in our program."
2. 2. Palo Alto Networks To Acquire The Crypsis Group For $265M
3. 3. Centrify Releases Privileged Access Service 20.4
   "Centrify Privileged Access Service 20.4 has extended SSH key vaulting capabilities beyond key storage and log in to now support SSH key management (inclusive of key rotation), setting policies for SSH key rotation, and leveraging an account that has an SSH key for system and account discovery operations."
4. 4. Bitdefender Enhances MDR Service to Increase Proactive Protection and Advanced Detection
   "The enhanced MDR service combines Bitdefender's award-winning security technologies for endpoint protection, network traffic analysis and security analytics with the threat-hunting expertise of highly skilled analysts from global intelligence agencies. The service delivers leading incident detection with rapid response using automated pre-approved playbooks allowing analysts to take swift action to mitigate and remediate most threats. Expert tuning and detailed enterprise environment analyses are used to understand customers' unique threat profiles and their main risks, and to create customer-specific action plans. This results in broad threat identification and mitigation that minimizes the impact of advanced attacks."
5. 5. Anchore Unveils Enterprise 2.4 With Expanded & Updated Capabilities
   "Security reports have been expanded to allow users to compare two different container images, enabling developers to more easily spot issues in their applications from issues in the base operating system. Vulnerability detection has been improved with support for a "hint" file which can prompt for detection of security issues in explicitly declared libraries, useful for language types like Go which don't support a formal package management system."
6. 6. FireMon Secures $40 Million Debt Financing
7. 7. Auth0 launched Bot Detection
   Monitoring sessions vs. IP addresses? "At a high level, Bot Detection monitors IP addresses for non-suspicious events, such as successful logins; suspicious events, such as numerous failed login attempts across multiple accounts; and IP reputation data, which is used to identify known threat actors. When suspicious traffic is detected, a CAPTCHA step is required to complete a login request — the system is designed to mitigate the majority of bot attacks targeting the login or registration flow. "
8. 8. Auth0 Announces $120M in Series F Funding