Enterprise Security Weekly Subscribe

SWVHSC Micro Interviews: CrowdStrike & Synopsys – Ian McShane, Michael Borohovski – ESW #197

September 2, 2020

This year we’ve seen organizations accelerate their so-called digital transformation almost overnight. Now we’re getting to the point where security leaders and business owners need to stop and take stock of what happened, what’s a temporary band aid, and figure out how to build their strategy without the luxury of getting yelled at by vendor booths in Mandalay Bay. This segment is sponsored by CrowdStrike. Visit https://securityweekly.com/crowdstrike for a totally free trial!

CrowdStrike at Black Hat USA 2020 https://www.crowdstrike.blog/join-crowdstrike-at-black-hat-2020/

All applications use APIs—they’re nothing new to the development world. But are organizations factoring API security into their broader security strategy effectively? We’ve seen high-profile breaches at well-known companies stemming from their exposure or use of insecure API endpoints. This raises the question of how your software security initiative addresses the controls you need to ensure the APIs you use and produce are secure. Within this segment, Michael Borohovski will discuss key considerations when designing APIs, along with security controls and security testing that could make or break your software. This segment is sponsored by Synopsys.

Visit https://securityweekly.com/synopsys to learn more about them!

Full episode and show notes

Guests

VP, Product Marketing at CrowdStrike

With almost twenty years in information security including practitioner, product manager, and a shift as the lead Gartner analyst for endpoint security and EDR, CrowdStrike’s VP of Product Marketing Ian McShane has seen a lot of crazy things in his time.

Michael Borohovski

Director of Software Engineering at Synopsys

http://synopsys.com/

Michael “Borski” Borohovski is Director of Software Engineering within the Synopsys Software Integrity Group. He co-founded and was CTO of Tinfoil Security, a SaaS company providing security tooling to DevOps teams, prior to the company’s acquisition by Synopsys in January 2020. With over thirteen years of experience in cybersecurity, Borski has made it his mission to empower developers and protect their work from those seeking to cause mischief. He is also a co-inventor on four patents—with an additional four pending. He holds a BS in Computer Science and Engineering from MIT.

Hosts

Chief Product Officer at CyberSaint

Paul Asadoorian

Principal Security Researcher at Eclypsium

https://securitypodcaster.com

Related

Vulnerability Management

Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland and More.. – SWN #439

December 20, 2024

Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland, and More, on this edition of the Security Weekly News.

Final fundings for 2024, Blackberry sells Cylance cheap, Product Testing Drama – ESW #388

December 19, 2024

In the enterprise security news, a final few fundings before the year closes out Arctic Wolf buys Cylance from Blackberry for cheap, a sentence that feels very weird to say the quiet HTTPS revolution passkeys are REALLY catching on resilience keeps showing up in the titles of news items Apple Intelligence insults the BBC’s intelligence MITRE ATT...

Risk Assessments/Management

D3FEND 1.0: A Milestone in Cyber Ontology – Peter Kaloroumakis – ESW #388

December 19, 2024

Since D3FEND was founded to fill a gap created by the MITRE ATT&CK Matrix, it has come a long way. We discuss the details of the 1.0 release of D3FEND with Peter in this episode, along with some of the new tools they've built to go along with this milestone. To use MITRE's own words to describe the gap this project fills: "it is necessary tha...