In the Enterprise News, discussing how IaaS cloud vulnerabilities are expected to increase 50% over 2018 figures, examining security process maturity in 400 organizations, Snow Software Unveils Risk Monitor to Combat Security and Compliance Threats, and some funding and acquisition updates from Aviatrix and enSilo!
In the leadership and communications section, Of the 4 manager types, only 1 boosts employee performance 26%, How to Look and Sound Confident During a Presentation, 2020 IT spending priorities — and the traps a cloud shift creates, and more!
This week, we welcome Kevin O'Brien, Co-founder and CEO at GreatHorn, to discuss email security.
Top cloud security controls you should be using, State of Software Security X, Developers: The Cause of and Solution to Security's Biggest Problems, and much more!
Mike Shema, Matt Alderman, and John Kinsella, talk about Bug Bounties, Pentesting, & Scanners.
Last week, Elastic and Endgame announced that they have formally joined forces to introduce Elastic Endpoint Security. Together, they combine Elastic’s free and open SIEM with Endgame's endpoint security product to give users an integrated solution that offers greater visibility across their environment. This is a step toward realizing Elastic’s vision for applying search to multiple use cases, like threat hunting, fraud detection, and security monitoring. Now, when users deploy a data collection agent for Elastic SIEM, they can protect the endpoint simultaneously and remove the inefficiency of multiple solutions that can’t respond in time to prevent damage and loss. And, to make Elastic Endpoint available to everyone, the company announced that they are eliminating per-endpoint pricing. No more counting endpoints or days of threat intelligence data retained.
Kevin O'Brien is the CEO & Co-Founder at GreatHorn. Kevin will be talking about Pen testers and phishing, Social engineering and why user training isn't the answer
In moments of stress, you should rely on your training, but perspective is lost in the moment of pressure, What to look out for in an email (for the non-technical person)
To learn more about GreatHorn, visit: https://securityweekly.com/greathorn
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://wiki.securityweekly.com/ESWEpisode158
In the news, we talk Security News, discussing how Amazon Echo and Kindle devices were affected by a WiFi bug, Ransomware and data breaches linked to uptick in fatal heart attacks, a woman was ordered to type in her iPhone password so police could search the device, and how the military found Marijuana at a North Dakota nuclear launch facility!
Tom Williams is the Director of Veterans Operations of Veterans MHH. Speaking about the challenges that veterans face and how MHH is looking to address those.
Erich Anderson is the Insider Threat Principal at ObserveIT. Erich will be covering: Authorities, Processes, Staff and Operations, Exploring the types of protections employees have in an organization, There are very limited laws and regulations at the Federal level, more at the State level but still not enough, and much more!
Show Notes: https://wiki.securityweekly.com/ESWEpisode158
This week, In our first segment, we talk Enterprise News, discussing how ManageEngine launched a holistic take on privileged access security, Avast faced a security breach aimed at messing up its CCleaner, Recorded Future enhanced partnership with ServiceNow to reduce organizational risk, and the Sophos Cloud Optix are now available on AWS marketplace!
In the leadership and communications section, Two Big Reasons that Digital Transformations Fail, DevSecOps model requires security get out of its comfort zone, 3 things CIOs should discuss with the CEO to optimize cybersecurity, and more!
Merlin Namuth is a former CISO. Namuth has over 24 years of IT experience with the last 21 years focused in security. His experience includes building and running numerous security programs, program management, managing incident response teams, computer forensics, compliance, architecture, and engineering complex security solutions. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/BSWEpisode148
From Stackoverflow to CVE, with some laughs along the way, Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise, Recent Site Isolation improvements in Chrome, policy_sentry is an IAM Least Privilege Policy Generator, auditor, and analysis database, and much more!
Doug Coburn is the Director, Professional Services at Signal Sciences. Doug will be discussing Containers, Layer 7, and application security. Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ASWEpisode81
Peter Kruse is the Founder of CSIS Security Group. "Nothing specific but a Google search will provide numerous research I have been involved with and conferences I have spoken at including Kaspersky SAS, NCSC, Underground Economy, Virusbulletin, CARO, APWG, Hackdays, Confidence, Cyberhagen and many more."
Cybercrime Tool Prices Bump Up in Dark Web Markets, Pen testers find mystery black box connected to ships engines, Using Machine Learning to Detect IP Hijacking - Schneier on Security, and much more!
We air three pre-recorded interviews from Hacker Halted with Cathy Ullman, Joe Gray, and Jenny Radcliffe!
DeCloss is the President and CEO of PlexTrac. The segment will focus on the importance of a high-quality report and what red and blue teamers should recognize goes into a good report. Often times, there’s no feedback loop after report delivery and collaboration can be limited post-engagement. That will lead into a demo of PlexTrac to highlight the efficiencies we provide when creating and receiving a report.
To learn more about PlexTrac, visit: https://securityweekly.com/plextrac
In our second segment, we talk Tactics for Understanding Security Vendor Products!
In the news, we discuss how Okta is launching offerings for threat detection and remediation, Tenable extends Lumin to all platform customers, Signal Sciences announces integration with Pivotal Container Service, and how Thoma Bravo made a 3.9 Billion dollar offer to acquire Sophos!
It's our quarterly security money segment and we'll review the Security Weekly 25 index.
In this segment, we'll share the results of our Security Weekly 25 Index Survey, which we completed earlier this year.
In the Application Security News, Key takeaways from Imperva breach, From Automated Cloud Deployment to Progressive Delivery, Designing Your First App in Kubernetes: An Overview Food for Thought, Autonomy and the death of CVEs?, and AppSec 'Spaghetti on the Wall' Tool Strategy Undermining Security!
Francois is a member of the Ping Identity Office of the CTO. He provides product and strategic direction to customers and partners with a focus on API infrastructures security and API cybersecurity.
To learn more about Ping Identity, visit: https://securityweekly.com/ping