258 episodes

A look at the current state of enterprise security solutions, including new products, features and industry reporting. Hosted by Paul Asadoorian, Matt Alderman and John Strand.

Enterprise Security Weekly (Audio‪)‬ Security Weekly

    • Technology
    • 4.9 • 13 Ratings

A look at the current state of enterprise security solutions, including new products, features and industry reporting. Hosted by Paul Asadoorian, Matt Alderman and John Strand.

    Skipping Around - ESW #258

    Skipping Around - ESW #258

    This week, we welcome Jamie Moles, Senior Technical Marketing Manager at ExtraHop, to discuss Log4Shell: Impact and Lessons Learned! In the Enterprise Security News, Hunters raises a series C to continue building XDR, Anitian raises a $55M Series B, Four new startups emerge from stealth with seed funding, BugAlert is a new tool for notifying the public of new vulnerabilities, Turns out, Crypto.com WAS hacked, but it wasn’t Matt Damon’s fault, Who is at fault if a hacked car kills someone?, Merck wins - it was NOT an act of war, according to one court...Pearson is fined $1M for misleading investors about their 2018 data breach, Secrets of Successful Security Programs, & Why employees don’t care about your security policies! Lastly, we air a pre recorded segment with Adrian and Bikash Barai, Co-founder, CEO at FireCompass, to talk about Continuous Red Teaming Trends!
     
    Show Notes: https://securityweekly.com/esw258
    Visit https://securityweekly.com/extrahop to learn more about them!
     
    Visit https://www.securityweekly.com/esw for all the latest episodes!
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly

    • 2 hr 12 min
    Quality of Ingredients - ESW #257

    Quality of Ingredients - ESW #257

    This week, Rickard Carlsson from Detectify is with us to discuss a funeral for vulnerability management! Then, Will Clark from Accela joins us to talk about architecture and security in the trenches! In the Enterprise Security News: 1Password plans to do some shopping with their massive Series C, Devo announces a $250M round, Permiso Security and Tromzo emerge backed by both traditional VCs and industry execs, STG spins out McAfee’s MVISION XDR product as Trellix - the first of many spinouts, they say, Microsoft reminds us that, in addition to being the industry’s largest security vendor, they can also drop $70B on video games if they feel like it, More reminders that open source is essential, but orgs with massive budgets will still treat it as worthless and disposable, Real-world stories of CI/CD pipeline compromises, Is Uber’s former CSO going to jail?, and Tom Brady NFTs!
     
    Show Notes: https://securityweekly.com/esw257
    Segment Resources:
    Visit https://securityweekly.com/detectify to learn more about them!
     
    Visit https://www.securityweekly.com/esw for all the latest episodes!
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly

    • 2 hr 2 min
    Peach Melba Day - ESW #256

    Peach Melba Day - ESW #256

    It’s a new year and a time when we make resolutions…which often drop off by the start of February. To keep your security resolutions for 2022, today’s show will be about enterprise security pitfalls and the areas corporations should focus on when planning their cybersecurity strategy for the year. Topics will include proper data hygiene; ransomware prevention and recovery techniques; challenges in securing a distributed workforce and the changing role of IT and containing data sprawl. We’re looking forward to keeping you informed throughout 2022! 2021 was the most active year in federal cybersecurity policy. Ever. The Biden administration used executive orders, new regulations, public/private partnerships and novel law enforcement strategies to shore up federal systems and engage with industry. Meanwhile, an otherwise active year in Congress took a hit when several major pieces of legislation like incident reporting mandates and federal cybersecurity reform were left of the NDAA. SC Media government reporter Derek B. Johnson will discuss what came out last year's flurry and what we can expect Congress to prioritize in 2022. In the Enterprise Security News for this week: Pentera announces a $150m Series C - YAU (Yet Another Unicorn), Herjavec Group merges with Fishtech, Google acquires SOAR vendor SIEMplify, A European grocery store buys BAS vendor XM Cyber, Flashpoint acquires vuln intel vendor Risk Based Security, Recorded Future acquires SecurityTrails, Drama in the Israeli cybersecurity news, Security, Analyst is the #1 best job of 2022, Microsoft to start rolling out its own hardware security chip, & Some annoying words get banned!
     
    Show Notes: https://securityweekly.com/esw256
    Segment Resources: https://www.scmagazine.com/feature/policy/every-month-has-been-cybersecurity-awareness-month-for-the-biden-administration
     
    Visit https://www.securityweekly.com/esw for all the latest episodes!
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly

    • 1 hr 51 min
    Happy Holidays! - ESW #255

    Happy Holidays! - ESW #255

    This week, Dr. David Brumley from ForAllSecure is with us to discuss Bringing Autonomy to Appsec Then, in the enterprise security news, ZeroFox has a $1.4 billion dollar blank check, Corellium raises a $25m series A, GreyNoise makes its data free to help out Log4j sufferers, AWS suffers its third outage in a month (coincidentally hindering GreyNoise’s efforts), Ditching Unicorns for Dragons, Yet another easy way to become domain admin, thanks Microsoft, New report finds that current phishing training isn’t effective and is even potentially harmful. Finally, we’ll take a look at some of the biggest stories and interviews we discussed this year on ESW and will wrap with our thoughts and hopes for 2022.
     
    Show Notes: https://securityweekly.com/esw255
    Segment Resources:
    Article on competition: https://www.darpa.mil/about-us/timeline/cyber-grand-challenge
    Technical article on approach: https://spectrum.ieee.org/mayhem-the-machine-that-finds-software-vulnerabilities-then-patches-them
    Example vulns discovered: https://forallsecure.com/blog/forallsecure-uncovers-critical-vulnerabilities-in-das-u-boot
    https://github.com/forallsecure/vulnerabilitieslab
     
    Visit https://www.securityweekly.com/esw for all the latest episodes!
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly

    • 1 hr 56 min
    The Worst Metaphor - ESW #254

    The Worst Metaphor - ESW #254

    This week, we welcome Shoshana Gourdin, to discuss how Morale Is a Safety Control! Up next, we welcome Scott Crawford, Research Director at 451 Research / S&P Global Market Intelligence, to talk about The Evolution & Future of XDR & the SOC! In the Enterprise News: Is the art of VC valuations a lie?, Noname Security hits unicorn status, Dazz sounds like an 80's cartoon character and is the latest to join the CSPM category with a mega Series A, LogMeIn spins out Lastpass, We'll talk about Log4Shell for a little bit, but not too much, Everyone forgot that AWS had an outage last week, at least, until they had an outage this week, 83% of IT professionals can't guarantee infrastructure is safe from ex-employees, & Senate approves cyber-loaded defense bill but stripped out incident reporting! All that and more, on this episode of Enterprise Security Weekly!
     
    Show Notes: https://securityweekly.com/esw254
    Visit https://www.securityweekly.com/esw for all the latest episodes!
     
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly

    • 2 hr 5 min
    Treacherous Devs, Selling Text Messages, Spicy Takes, & Unicorns Galore - ESW #253

    Treacherous Devs, Selling Text Messages, Spicy Takes, & Unicorns Galore - ESW #253

    This week, we welcome Allie Mellen, Industry Analyst at Forrester Research to discuss Digging Into XDR! In the second segment, Vincent Berk, CTO and Chief Security Architect at Riverbed to talk about Securing the Invisible: Holes in Your Visibility Fabric & Where Hackers Hide! Finally, in the Enterprise Security News for this week: At least a dozen cybersecurity companies announced raises totaling more than $900m - just in the past week!, Permira proposes to take Mimecast private for $5.8bn, The leader of a Swiss tech company is accused of selling access to text message data for surveillance, A former Ubiquiti developer was behind the big breach announced earlier this year - he unsuccessfully tried to extort his employer, SentinelOne tries to bring mobile security back?, Google and Trail of Bits team up to release a tool that scans for vulnerable Python packages, CISA has assembled a panel that will begin making cybersecurity recommendations, Make sure to stick around for, This week's spicy take - Cloudflare recommends ditching your firewall, and This week's squirrel story - a new streaming service from an unexpected source! All that and more, on this episode of Enterprise Security Weekly!
    Segment Resources:
    https://visibility.riverbed.com/
    https://www.riverbed.com/solutions/security.html
    https://www.riverbed.com/products/npm/netprofiler-advanced-security-module.html
    Visit https://securityweekly.com/riverbed to learn more about them!
    Visit https://www.securityweekly.com/esw for all the latest episodes!
    Follow us on Twitter: https://www.twitter.com/securityweekly
    Like us on Facebook: https://www.facebook.com/secweekly
    Show Notes: https://securityweekly.com/esw253

    • 2 hr 5 min

Customer Reviews

4.9 out of 5
13 Ratings

13 Ratings

Spiel4 ,

I like this format more

Podcast is nice and short, sometimes the scarcasm doesn't translate well but it's interesting to listen to these guys perspective.

Top Podcasts In Technology

Lex Fridman
WBUR
Jack Rhysider
Jason Calacanis
NPR
Matt Binder

You Might Also Like

Johannes B. Ullrich
The Record Media
CyberWire, Inc.
ITWC
Paul Asadoorian