Ryan Noon joins ESW team this week to chat through the significance of recent hacks (namely: SolarWinds and Hafnium), unpack growing enterprise demand for a “digital seatbelt,” and illuminate why Material takes a fresh approach to email security: building products with the assumption that bad actors will successfully hack inboxes.

Segment Resources: https://material.security/blog/email-is-too-important-to-protect-like-a-tsa-checkpoint

https://www.cnbc.com/2021/03/09/microsoft-exchange-hack-explained.html

This segment is sponsored by Material Security. Visit https://securityweekly.com/materialsecurity to learn more about them!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw223

Errol will talk about his experiences with information sharing and building the world's first Information Sharing & Analysis Center in 1999. Errol brings unique perspective to the table as he was the service provider behind the Financial Services ISAC, then a subscriber and ISAC member for 13 years in the banking and finance sector.

Segment Resources: National Council of ISACs - great resource to find out about all the different ISACs https://www.nationalisacs.org/

ISAOs - https://www.isao.org/information-sharing-groups/

Information Sharing Best Practices Toolkit: https://h-isac.org/h-isac-information-sharing-best-practices/

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw68

Errol will talk about his experiences with information sharing and building the world's first Information Sharing & Analysis Center in 1999. Errol brings unique perspective to the table as he was the service provider behind the Financial Services ISAC, then a subscriber and ISAC member for 13 years in the banking and finance sector.

Segment Resources: Errol's Testimony Before the House Financial Services Subcommittee Transcript - https://www.sifma.org/wp-content/uploads/2012/06/WeissCitionbehalfofSIFMAHFSsubchrgcybersecurity20120601.pdf

Video - https://www.c-span.org/video/?306361-1/cyberthreats-us-financial-industry (Errol Weiss - 30:03)

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw68

In the Leadership and Communications section, Developing a Risk Management Approach to Cybersecurity, How Automation Can Protect Against Data Breaches, The Problem with Cyber Insurance: Outdated Incentives, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw212

Are you struggling with Alert Overload, Manual Processes, Multiple/Disparate Tools, Talent Shortage, and/or Budget Constraints? Of course you are! John McClure, Chief Information Security Officer from Laureate Education, joins us to discuss how he solved these challenges by implementing SOAR and accelerating security.

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw212

PHP deals with two malicious commits, SSO and OAuth attack vectors to remember for your threat models, zines for your DevSecOps education!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw146

The security industry generally agrees on the value of enabling developers in an agile environment—although we don't agree on what to call it… “Shifting Left,” “Creating a Paved Path,” “DevSecOps.” Regardless of the name, we tend to focus on teaching developers how to Sec, but there’s less focus on security engineers learning how to Dev. This segment will focus on how to create a meaningful partnership between security and software engineers.

Segment Resources: https://segment.com/blog/shifting-engineering-right/

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw146

npm netmask library has a critical bug, when AI attacks, firmware attacks on the rise, Microsoft Hololens and order 66, a real executive order 13694, The Ubiquity breach saga, the FreeBSD and wireguard saga, is the cloud more secure? Hopefully for PHP it is, software updates limit muscle car to 3 HP, a brand new Windows 95 easter egg just in time for, well, easter, and aging wine in space, does it make a difference?

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw689

Paul, and the rest of the PSW Hosts, will talk to Robert about how he got his start in InfoSec.

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw689

With an uptick in malware scams and email compromises, the best thing we can do is educate the cryptocurrency community about risks and security best practices. https://www.youtube.com/playlist?list=PL1fKlftNZ_xGh8AFVy46suO193IIQ7lnq

https://www.kraken.com/en-us/features/security/kraken-security-labs

https://www.canisecure.com/

https://blog.kraken.com/security-labs/

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw689

This week in the Enterprise News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud & more!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw222

Security technology roll-outs often fail because of the following: 1) Weak Security Culture - users don't see value or understand the importance of taking action. 2) Security teams often fail to consider user experience in purchase, configuration, set-up and training of security technology, like endpoint security 3) End User communication about new technology is not communicated to the right users, at the right time, during the right stage of the project.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw222

Is there an emerging threat to your data post-C19 with disgruntled employees having to come back to an office? How do we protect our data and keep employees happy that have access to data from where they've been hiding over the past year?

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw222

In the second segment, the SCW hosts will continue the discussion with Raf and hopefully come up with some guidance on what can be done to make vulnerability management work better.

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw67

The SCW hosts discuss Rafal Los' recent blog post "Vulnerability Management is Still a Mess" (https://blogwh1t3rabbit.medium.com/vulnerability-management-is-still-a-mess-27519ffcecc0). In the first segment, we will learn all about Rafal's cybersecurity background and why vulnerability management has not evolved in line with the technology.

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw67

In the Leadership and Communications section, Being a CISO in 2021: How to Be a Business Leader in the Boardroom, Skills CISOs Need to Have in 2021, Build your cybersecurity A-team: 7 recruiting tips, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw211

NDR technologies such as ExtraHop are the latest tools in the CISO toolbox for combating cybersecurity threats. It enables previously unattainable speed and efficacy in detecting, identifying and responding to anomalies and malicious traffic and network events.

This segment is sponsored by ExtraHop Networks. Visit https://securityweekly.com/extrahop to learn more about them!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw211

Security and privacy technical analysis of TikTok, subtle parsing problems, chain of trust through a CI/CD pipeline, faster fuzzing even without source code, interplay of application security and application safety!

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw145

The OWASP Top 10 2021 is in development. A public survey has just been released. We have finished collecting data. I would like to discuss what the plans are for the OWASP Top 10 2021, and when it will be released, and how you can get involved.

https://owasp.org/www-project-top-ten/

https://github.com/OWASP/Top10

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw145

Learn what redirects are, the different types, how they work and how they are exploited by attackers. Oh, also learn how to defend against redirect attacks!

Sven's Slide Deck - Open Redirects: https://securityweekly.com/wp-content/uploads/2021/03/Netsparker-Sven-Morgenroth-3-25-21-Open-Redirect.pdf

This segment is sponsored by Netsparker. Visit https://securityweekly.com/netsparker to learn more about them!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw688

This week in the Security News: Doom exploit wins an award, a puzzle honors Alan Turing, anyone can create a deepfake, Jabber bugs, unquoted service paths, Nim malware, Deadly sins of secure coding, & are we living in the toughest time of Cybersecurity?

Register to attend Joff Thyer's upcoming Wild West Hacking Fest course "Enterprise Attacker Emulation and C2 Implant Development": http://bit.ly/JoffsC2Class

Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw688

Almost weekly, hackers discover and exploit vulnerabilities in popular programs like SolarWinds and Microsoft Exchange Server, impacting thousands. While it would be great to eradicate these vulnerabilities in the programs themselves, it is unlikely to happen any time soon. That’s why patching vulnerabilities quickly is important, yet even when patches are available, companies often fail to patch promptly. We’ll discuss barriers companies face that delay patching and Qualys’ experience with creating free services that help companies detect specific vulnerabilities and patching remotely for events like the SolarWinds and Microsoft Exchange incidents. The session will include a brief demo of Qualys free 60-day service to detect, prioritize, and patch vulnerable Exchange servers, and to detect environments missing compensating controls.

This segment is sponsored by Qualys.

Visit https://securityweekly.com/qualys to learn more about them!

Show Notes: https://securityweekly.com/psw688

Visit https://www.securityweekly.com/psw for all the latest episodes!

This week in the Enterprise News, Funding announcements from Security Scorecard, Secureframe, Axis Security, Orca, Cylera, and Vulcan Cyber. A non-funding announcement from Thinkst. Fortinet aquires ShieldX, VMware acquires Mesh7 and Copado aquires New Context. Knowbe4 files for IPO. Exabeam Launches First-ever Comprehensive Use Case Coverage, Linksys and Fortinet form an interesting partnership, Sonatype targets a more secure software supply chain with a 5-part announcement, CTO.ai Launches Serverless Kubernetes Platform and more!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw221

Jarrett Rodrick and Tyler Wall's new book, "Jump-start Your SOC Analyst Career," is meant to serve as a roadmap for those who wish to take their first steps into cyber security/SOC analyst. We discuss topics like introduction to investigative theory, prerequisite skill requirements, and cloud security monitoring. We included stories from real SOC analyst contributors to help the reader understand what challenges might lie before them. The book is available on Amazon: https://www.amazon.com/Jump-start-Your-Analyst-Career-Cybersecurity/dp/1484269039

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw221

- What security features does Heroku offer that the customer can control and how have these evolved over time? - How do you balance the security of the application, with the security of the deployment, with the security of the platform? - What are some tips and/or advice for deploying applications and keeping them secure during the lifecycle? (e.g. as a developer I may run applications in a secure environment, but then down the line someone runs my container with --privileged and exposes a security hole). The goal being our audience learns what to consider when choosing a platform (or platforms) to run applications from a security perspective.

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw221