Enterprise Security Weekly (Video‪)‬ Security Weekly Productions

Qwiet AI provides real time detection of security vulnerabilities in code along with the best AI generated fixes to aid developers in finding and fixing their code with the addition of AI AutoFix.
This segment is sponsored by Qwiet AI. Visit https://securityweekly.com/qwietrsac to learn more about them!
With scores of security tools implemented, configured, and integrated security teams are overwhelmed while knowing there is still a possibility for a breach. As they work to prioritize threat exposures, it is imperative for organizations to have a clear, context-rich, and up-to-date view of their security posture. Picus Security CTO and Co-founder, Volkan Ertürk, explains how consistent security validation allows security teams to pinpoint gaps, prioritize, and quantify risk so they can reduce threat exposure.
Segment Resources: Picus Red Report 2024: https://www.picussecurity.com/hubfs/Red%20Report%202024/Picus-RedReport-2024.pdf
This segment is sponsored by Picus Security. Visit https://www.securityweekly.com/picusrsac to learn more about them!
Platformization could mean reduction in innovation, reduction in the ability to be flexible, and less competition. But it doesn't have to be this way. Like the IT industry, there are ways for the cybersecurity industry to platformize, but also to have this become a net benefit to the industry as a whole.
Segment Resources: Navigating the SecOps Cloud Platform webinar recording: https://www.youtube.com/watch?v=MbzvLX-W2KY
Recon Infosec Case Study: https://info.limacharlie.io/hubfs/Case%20Studies/LimaCharlieReconInfosecMSSPCase_Study.pdf
Blumira Case Study: https://info.limacharlie.io/hubfs/Case%20Studies/LimaCharlieBlumiraCase_Study.pdf
This segment is sponsored by LimaCharlie. Visit https://securityweekly.com/limacharliersac to learn more about them!
Show Notes: https://securityweekly.com/esw-363

The next generation of identity security is not about the popular idea of convergence, but of unification. A single, AI-driven solution that integrates PAM with identity security and access management is the clear path forward to manage and secure all enterprise data through a unified control point.
Segment Resources: • https://www.sailpoint.com/products/identity-security-cloud/atlas/ • https://www.sailpoint.com/press-releases/sailpoint-accelerates-innovation-with-its-identity-security-platform-sailpoint-atlas/ • https://www.sailpoint.com/press-releases/sailpoint-leads-identity-security-evolution-through-relentless-innovation/ • https://www.sailpoint.com/navigate/
This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them!
Over the past 15 years, identity has evolved from a perimeter-based security model with clear boundaries to one that is fluid, flexible, and permeates every aspect of digital business. Simultaneously, AI has infiltrated every enterprise, becoming a double-edged sword for defenders, and fueling fraud attacks across every sector.
In this interview, Ping Identity CEO Andre Durand will walk through the evolution of the identity attack surface, and the opportunity decentralized identity has to dramatically improve both security and experience by putting users in control. He'll also discuss the increasing threats to individuals and businesses, given the influx of AI, and why we should consider this the era of “verify more, trust less.”
This segment is sponsored by Ping Identity. Visit https://securityweekly.com/pingrsac to learn more about them!
As companies adopt new digital cloud technologies, cybercrime threats are on the rise and becoming more sophisticated. Identity has come under attack in today’s digital-first environment and is critical to ensure we can securely connect people to technology. Okta is on a mission to eliminate identity threats and clear the path for organizations to safely use any technology.
Segment Resources: https://www.okta.com/blog/2024/02/introducing-the-okta-secure-identity-commitment/
https://www.okta.com/products/okta-ai/
https://www.okta.com/blog/2024/02/okta-acquisition-advances-identity-powered-security/
This segment is sponsored by Okta. Visit https://securityweekly.com/oktarsac to learn more about them!
Show Notes: https://securityweekly.com/esw-363

Only one funding announcement this week, so we dive deep into Thoma Bravo's past and present portfolio. They recently announced a sale of Venafi to Cyberark and no one is quite sure how much of a hand they had in the LogRhythm/Exabeam merger, and whether or not they sold their stake in the process.
We also have a crazy stat Ross Haleliuk spotted in Bessemer's analysis: "13 out of 14 cybersecurity companies acquired in the past year for over $100M were from Israel". Is this an anomaly? Does it just mean that Israel wasn't shy about selling when the market was down? We discuss.
A number of new product announcements continue to trickle out post-RSA.
We'll also discuss Sam Altman and OpenAI's decision to use Scarlett Johansson's voice against her will and what it could mean for deepfakes, advanced social engineering techniques, and general big tech sliminess.
Do you know what a "product glorifier" is? How about a glowstacker? You will if you check out the second-to-last story in the show notes!
Show Notes: https://securityweekly.com/esw-363

Artificial intelligence isn’t a magic wand… but could AI actually solve the alert triage problem every security operations center faces? In this interview with Jim McDonough from Intezer, we’ll talk about how 2023 was a tipping point for the maturity of AI tech, what these solutions actually bring to the table, how SOC teams in the real world are automating their processes with new AI tools, and why MSSPs are driving early adoption.
This segment is sponsored by Intezer. Visit https://securityweekly.com/intezerrsac to learn more about them!
This interview examines the state and future of cybersecurity. Join the conversation as a cybersecurity expert delves into the failings of current defenses, the relentless tactics of attackers, and the imperative for innovative solutions. Explore how Lumu’s latest announcement delivers the innovation that cybersecurity analysts need to operate cybersecurity and meet the demands of the moment.
This segment is sponsored by Lumu Technologies. Visit https://securityweekly.com/lumursac to learn more about them!
On April 1, Nightwing, formerly a business unit of Raytheon, launched as a standalone company. The company’s Vice President of Cyber Protection Solutions, Jon Check, will discuss the transition to Nightwing and its approach to the most pressing cybersecurity challenges, helping customers stay ahead of today’s threats.
This segment is sponsored by Nightwing. Visit https://securityweekly.com/nightwingrsac to learn more about them!
Show Notes: https://securityweekly.com/esw-362

The danger of post-breach disruption and downtime is extremely real. And while we should work to prevent these breaches in the first place, we must also be practical and pre-empt any potential incidents. Organisations armed with the most extensive software-based cybersecurity protection today continue to fall prey to hackers, have their operations disrupted and struggle to overcome the loss of data and system corruption. And with more business assets moving to the cloud than ever before - we are just asking for it aren't we? The answer to this lies in advanced engineering at the hardware layer. Easily integrated into enterprise servers and data centers to provide full-stack protection across the entire life cycle of a potential attack.
Segment Resources: https://x-phy.com/flexxon-fortifies-data-center-security-with-x-phy-server-defender/
This segment is sponsored by Flexxon. Visit https://www.securityweekly.com/flexxonrsac to learn more about them!
Over the past two years, we’ve seen the degree of digital trust in our day-to-day lives being pushed to its limits due to the unintended consequences of innovation. From GenAI to IoT security to quantum computing, we will see a “crescendo of trust” that will push trust to its absolute limits. Here, we will focus on IoT/device trust.
This segment is sponsored by DigiCert. Visit https://securityweekly.com/digicertrsac to learn more about them!
Security needs to be everywhere a potential threat exists – from an IOT device to an OT device, a factory floor, an element of infrastructure, an oil rig, a robotic device or an MRT machine – Cisco recognized that with increased connection comes a greater risk than ever before and that you must bring the security to these workloads...not the other way around. In order to keep up with today’s sophisticated and expansive threat landscape, security can no longer be a fence; it needs to be embedded through the fabric of data centers, whether public or private. Cisco Hypershield does just that and gives defenders a fighting chance against adversaries, as now the industry has the advantage.
Segment Resources: Hypershield Keynote: https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m04/unveiling-a-new-era-of-ai-native-security-with-cisco-hypershield.html
Cybersecurity Readiness Index: https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m03/cybersecurity-readiness-index-2024.html
DUO trusted access report: https://duo.com/assets/ebooks/2024-Duo-Trusted-Access-Report.pdf
Jeetu's blog: https://blogs.cisco.com/news/cisco-hypershield-security-reimagined-hyper-distributed-security-for-the-ai-scale-data-center
Official announcement: https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m04/unveiling-a-new-era-of-ai-native-security-with-cisco-hypershield.html
This segment is sponsored by Cisco. Visit https://securityweekly.com/ciscorsac to learn more about them!
Show Notes: https://securityweekly.com/esw-362

Suddenly SIEMs are all over the news! In a keynote presentation, Crowdstrike CEO George Kurtz talked about the company's "next-gen" SIEM. Meanwhile, Palo Alto, who was taken to task by some for not having an active presence on the RSAC expo floor, hits the headlines for acquiring IBM's SIEM product, just to shut it down!
Meanwhile, LogRhythm and Exabeam merge, likely with the hopes of weathering the coming storm. The situation seems clear - there's no such thing as "best of breed" SIEM anymore. It's a commodity to be attached to the existing dominant security platforms. Are the days numbered for the older pure-play SIEM/SOAR vendors out there? Crowdstrike and Palo Alto alone could displace a lot of incumbents, even with a less than stellar product.
Show Notes: https://securityweekly.com/esw-362