30 Min on: Vulnerability Management

Opus Security
30 Min on: Vulnerability Management

Join James Berthoty and security experts in 30-minute episodes exploring digital asset protection challenges. The surge of CVEs, evolving detection technologies, effective prioritization, and strategic approaches to security remediation, including the convergence of application and cloud security, operational pains of vulnerability management, financial aspects, and organizational cultural changes. Discover insights from cybersecurity professionals and learn about unified vulnerability management in today's cloud era.

الحلقات

  1. Scaling Vulnerability Management

    ٦ صفر

    Scaling Vulnerability Management

    In the season finale of "30 Min on: Vulnerability Management," host James Berthoty is joined by Meny Har and Or Gabay, founders of Opus Security. They reflect on the evolution and future trajectory of vulnerability management. As pioneers in the security sector, they share their journey from the inception of Opus to the challenges and achievements they've encountered along the way. Key Highlights: - Industry Evolution: Meny and Or discuss the rapid changes in vulnerability management over just a few months, emphasizing the shift towards recognizing vulnerability management as both a technical and organizational challenge. - Organizational Integration: They explore how vulnerability management is increasingly becoming integrated across different sectors within companies, necessitating robust and flexible systems that can handle diverse security demands. - Technical Challenges: The discussion delves into the technical complexities of managing vulnerabilities across various platforms, from on-prem systems to cloud environments, highlighting the need for advanced solutions that simplify these processes. - Future of Vulnerability Management: They predict further convergence of traditional and modern vulnerability management practices, stressing the importance of developing platforms that can adapt to evolving security landscapes. Why It Matters: This episode provides a unique perspective from the leaders who are at the forefront of redefining vulnerability management. Their insights are invaluable for anyone involved in cybersecurity, offering a look into the challenges of current systems and the innovative solutions necessary to enhance security in an increasingly complex digital world. Tune in for this comprehensive discussion on vulnerability management's past, present, and future, offering expert insights from the founders who are shaping the field.

    ٣٦ من الدقائق
  2. Building Seamless Security Ecosystems

    ٨ محرم

    Building Seamless Security Ecosystems

    In this episode of "30 Min on: Vulnerability Management", host James Berthoty is joined by Yuval Shchory, an influential figure at AWS with extensive background in product development and partnerships, ranging from Cisco to Checkpoint. Yuval shares insights from his extensive career trajectory, exploring how his technical beginnings and leadership roles have shaped his current focus on enhancing cloud security through strategic partnerships. Key Highlights: - Journey Through Security: Yuval recounts his evolution from technical sales to product management, leading significant security product lines and driving ecosystem development at major corporations like Cisco and AWS. - Partnership Dynamics: Discover Yuval's perspective on the importance of building effective ecosystems and partnerships in cloud security, which help align and integrate various security tools and platforms for better coverage and functionality. - Influence of Feedback: Yuval emphasizes the critical role of customer and partner feedback in shaping security products, ensuring they meet practical deployment and operational needs while fulfilling promised capabilities. - Evolving Cloud Security: Gain insights into the transition of cloud security strategies from basic compliance to complex threat prevention, underpinned by advanced technologies like AI and machine learning to provide actionable security intelligence. - Future of Security Products: Yuval discusses the potential transformations in security products, where integration and information sharing among diverse tools could lead to more consolidated and efficient security management systems. Why It Matters: Yuval's unique experience across various facets of the security industry provides a comprehensive view of how security products need to evolve and interconnect to address the growing complexities of cloud environments. This episode delves into the convergence of technology, business needs, and strategic partnerships, offering valuable lessons for anyone involved in developing, managing, or securing digital infrastructures. Tune in for an enlightening discussion on the future of security ecosystems and the role of partnerships in crafting a more secure and interconnected digital landscape.

    ٣١ من الدقائق
  3. Mastering AI Vulnerabilities

    ٢٦ ذو الحجة

    Mastering AI Vulnerabilities

    In this episode of "30 Min on: Vulnerability Management," host James Berthoty is joined by Adir, CTO of AIM Security, a leading company in generative AI security. Celebrating their recent funding round, Adir shares insights into the intersection of AI and vulnerability management. Key Highlights: Evolution of AI in Cybersecurity: Adir discusses his journey from vulnerability research to focusing on AI's role in modern cybersecurity, emphasizing the dual-edged influence of AI on both attackers and defenders. Redefining Vulnerability Research with AI: Learn how generative AI is transforming traditional vulnerability research, making complex tasks like reverse engineering more efficient and accessible. Balancing Attack and Defense with AI: Adir explains the transformative effects of AI on security strategies, highlighting how AI can streamline both the exploitation of vulnerabilities and their mitigation. Ethical Implications and AI Vulnerabilities: Dive into the ethical considerations of AI in security, including the risks and responsibilities introduced by integrating AI into cybersecurity frameworks. AI and Data Security Integration: Adir outlines how AI can be a game-changer in data security, providing detailed scenarios on how AI can potentially both compromise and safeguard data integrity. Why It Matters: Adir brings a unique perspective to the conversation with his deep expertise in both vulnerability research and AI, providing a comprehensive view of how AI is reshaping the landscape of cybersecurity. This episode is crucial for cybersecurity professionals looking to understand the emerging role of AI in vulnerability management and the broader security domain. Tune in for an enlightening discussion that navigates the complex interplay between artificial intelligence and cybersecurity, delivering valuable insights for adapting security strategies in the AI era.

    ٣١ من الدقائق
  4. Vulnerability Management in the Age of ADR

    ١٨ ذو الحجة

    Vulnerability Management in the Age of ADR

    In this episode of "30 Minutes on Vulnerability Management", host James Berthoty welcomes Daniel Shechter, CEO and co-founder of Miggo Security. Daniel introduces the innovative concept of Application Detection and Response (ADR), a pioneering approach in application security that promises to enhance the alignment between security practices and application development. Key Highlights: - Innovative Approach to Application Security: Daniel discusses the inception of ADR, designed to bridge the gap between security and development by providing a comprehensive view of application behavior from development through production. - Enhancing Security through Observability: Learn about the critical role of observability in security, as Daniel explains how ADR utilizes detailed application traces to improve security monitoring and threat detection. - Challenges in Modern Application Environments: Daniel delves into the complexities of securing modern applications that are distributed across various services and platforms, highlighting the need for security-oriented visibility that traditional methods lack. - Collaboration between Security and Engineering: Discover the importance of fostering a collaborative environment between security teams and developers to enhance application security and efficiency. Why It Matters: Daniel Shechter brings a fresh perspective on the necessity of integrating advanced security measures into the application lifecycle. By emphasizing the role of ADR, Daniel illustrates how real-time data and comprehensive observability can revolutionize security teams and developers' work together to tackle emerging threats effectively. Tune in to this enlightening discussion that showcases a novel security framework and highlights the strategic integration of security within application development, essential for anyone tasked with safeguarding or developing digital infrastructures in the modern technological landscape.

    ٢٧ من الدقائق
  5. The CISO Perspective on the Market

    ١٨ ذو القعدة

    The CISO Perspective on the Market

    In this informative episode of "30 Min on: Vulnerability Management," host James Berthoty sits down with Frank Kim to explore the evolving landscape where software development and security intersect. Frank, with a rich background transitioning from software engineering to cybersecurity, shares his insights on the challenges and strategies of integrating robust security practices within development workflows. Key Highlights: - Transition Paths: Frank discusses the common and not-so-common pathways developers take to enter security, shedding light on the cultural and educational shifts necessary to foster a security-centric mindset in development teams. - Evolution of Security Roles: As security needs become more intertwined with development, especially in cloud and DevOps environments, Frank emphasizes the importance of security professionals understanding and participating in development processes to effectively manage risks. - Challenges in Security Adoption: The discussion delves into the difficulties security leaders face when trying to implement security tools and practices within development cycles, highlighting the balance between depth of security and operational efficiency. - Impact of Frequent Deployments: Frank argues that frequent, smaller deployments can reduce overall risk by limiting the "blast radius" of changes and enabling faster response times to potential security incidents. - Educational Needs for Security Teams: Highlighting the importance of foundational knowledge in both development and operational tools, Frank stresses continuous education and awareness as key to keeping security practices current and effective. Why It Matters: This episode provides a deep dive into how security is not just a series of tools to be implemented but a discipline that must evolve with technological advancements and organizational changes. Frank Kim’s perspective as a seasoned security leader offers valuable insights into how security teams can more effectively collaborate with development teams to enhance the security posture of applications from design to deployment. Tune in to better understand how integrating security into the development process can lead to more secure, efficient, and resilient systems.

    ٣١ من الدقائق
  6. Convergence of Scanning Tools

    ٤ ذو القعدة

    Convergence of Scanning Tools

    On this episode of "30 Minutes on: Vulnerability Management" host James Berthoty interviews Aviv Mussinger, CEO and Co-Founder of Kodem, whose extensive background spans Israeli intelligence as well as cybersecurity roles at NSO Group. Aviv shares his journey, highlighting how his deep-rooted interest in technology led to a career in application security that revolutionized the field. Key Highlights: - Holistic Security Perspectives: Aviv articulates his approach to understanding the integral relationship between hardware and software security, providing a comprehensive framework for robust cybersecurity measures. - Rethinking Application Security: Discover Aviv's insights on transforming application security practices to accommodate the full lifecycle of development, enhancing both security posture and development efficiency. - Innovation in Security Technologies: Explore how Aviv’s initiative with Codem aims to revolutionize application security by integrating operational security directly with code development, offering unprecedented clarity and control over security threats. - Contextual Importance in Security: Aviv emphasizes the significance of context in security protocols, which enables a more precise understanding of application behavior and leads to more effective threat management. - Navigating Vulnerability Management Challenges: Aviv discusses the intricacies of vulnerability management in a tech landscape characterized by rapid evolution and complex threats, underscoring the need for adaptive and integrated security strategies. Why It Matters: With a unique background that covers both offensive and defensive security, Aviv Mussinger sheds light on the challenges and necessities of securing digital assets across diverse platforms and environments. In this episode, we explore how security disciplines are increasingly being converged and discuss how security must be strategically integrated into the development process. Tune in for this insightful discussion, which blends technical expertise with strategic innovation. This is crucial for anyone involved in shaping or securing modern digital infrastructures.

    ٢٩ من الدقائق
  7. Financial Value in Security Remediation

    ٢١ شوال

    Financial Value in Security Remediation

    In this informative episode of "30 Min on: Vulnerability Management" host James Berthoty welcomes Justin Somaini, a seasoned CISO with a notable career spanning companies like Unity, SAP, and Yahoo. Justin shares insights from his experience navigating security practices from startups to large enterprises. Key Highlights: - Evolving Security Roles: Justin discusses the evolution of security roles from early-stage startups to large corporations, highlighting the differences in expectations and responsibilities at each stage of company growth. - Strategic Security Initiatives: Insights into how regulated industries and corporate culture influence the adoption and implementation of security measures across organizations. - Shared Accountability Model: Exploration of the shared accountability model in vulnerability management, where security and operational teams collaborate to effectively address security vulnerabilities. - Automation and Integration: Discussion on the crucial role of automation in streamlining vulnerability management processes and the integration challenges faced when systems and staff are in transition. - Leadership in Security: Justin shares his experiences fostering a security-aware culture at the executive level and the impact of high-profile security breaches on driving organizational change. Why It Matters: Justin's extensive background offers a rare glimpse into the strategic decision-making processes that shape effective security postures in dynamic business environments. This episode is a must-listen for anyone interested in understanding how to scale security practices effectively as companies grow and evolve. Tune in to learn from Justin's profound experience and discover strategies to enhance your organization’s security framework as it scales.

    ٤١ من الدقائق
  8. Working with Engineering on Security

    ١٤ شوال

    Working with Engineering on Security

    This episode brings Shaun Blackburn into the spotlight, currently the CISO at Gemini, with a rich background in incident response, vulnerability management at Airbnb, cloud infrastructure security at Netflix, and a stint as a SOC manager at AWS. James and Shaun discuss the intricate weave of vulnerability management, security engineering, and operations, emphasizing the transformative approach to vulnerability management through automation and collaborative engineering efforts. Key Discussion Points: - Shaun Blackburn's Comprehensive Security Background: Exploring Shaun's diverse experiences across major tech firms and how these roles have shaped his understanding and approach to security. - Engineering the Future of Vulnerability Management: Shaun shares insights into Netflix's pioneering approach to automated vulnerability management, highlighting the shift from traditional, manual remediation processes to automated, engineering-driven solutions. - Building a Collaborative Security Culture: The conversation delves into strategies for fostering partnerships between security teams and service owners, aiming for a unified vision that benefits the entire organization. - The Role of QA in Security: Addressing the critical importance of improving QA processes to facilitate smoother, more efficient vulnerability management practices. - Adapting to the Evolving Landscape of Security Tools: Shaun discusses the need for a defense-in-depth approach in selecting security tools, emphasizing the importance of coverage, speed, and the capability to address specific threat models. Why It Matters: In a landscape where vulnerabilities are a constant and evolving threat, Shaun Blackburn's insights provide a roadmap for transitioning from reactive to proactive security measures. This episode is a must-listen for those seeking to understand the potential of engineering and automation in transforming vulnerability management processes. Through collaborative efforts and strategic tool selection, organizations can achieve more resilient and responsive security postures, ultimately leading to a safer digital environment. Join us for a forward-thinking discussion on redefining vulnerability management for the modern age.

    ٣٢ من الدقائق
  9. The Overhead in Security Remediation – The Path to Efficiency

    ٢٩ رمضان

    The Overhead in Security Remediation – The Path to Efficiency

    In our second episode of the 30 Min on: Vulnerability Management, James Berthoty sits down with Andy Ellis, a visionary in the field of cybersecurity with a journey from security engineer to CISO. They unravel the complexities of vulnerability management and the evolving responsibilities within security teams, underscored by the advent of Cloud Security Posture Management (CSPM) tools. Key Discussion Points: - Andy Ellis's Security Journey: Exploring Andy's path from security engineer to CISO, offering insights into the growth and challenges within the cybersecurity domain. - Operational Overhead in Security Remediation: Delving into the processes and strategies to mitigate operational overhead in security remediation, highlighting the significance of streamlined processes and efficiency. - Decentralization of Security: Discussing innovative approaches to minimize risks associated with administrative access and the concept of self-maintaining security measures in cloud environments. - Evolving Role of Security Professionals: Examining how the roles and knowledge base of security teams have expanded with the introduction of CSPM tools, emphasizing a holistic approach to network and application security in the cloud. - Prioritizing Process Over Vulnerabilities: Shifting focus from individual vulnerabilities to improving operational processes and maintaining a sustainable security posture that aligns with business goals. Why It Matters:  This conversation is crucial for understanding the current and future landscapes of cybersecurity, especially in managing vulnerabilities and operational overhead. Security professionals must adapt and think outside traditional roles as organizations increasingly adopt cloud technologies. This episode illuminates a decentralized and efficient security approach that not only protects against threats but also supports business agility and resilience. A seasoned expert and thought leader in vulnerability management will provide insight into navigating the challenges of vulnerability management. Join us for a deep dive into the world of security remediation and vulnerability management with Andy Ellis, as we explore effective strategies for overcoming operational challenges and advancing in the ever-evolving landscape of cybersecurity.

    ٣٦ من الدقائق
  10. 30 Min On Vulnerability Management With James Berthoty

    المقطع الترويجي للموسم ١

    30 Min On Vulnerability Management With James Berthoty

    Step into the ever-evolving world of cybersecurity with James Berthoty in "30 Min on: Vulnerability Management”, a podcast series powered by Opus Security dedicated to exploring the multifaceted challenges of managing vulnerabilities in today's cloud era. In this series of 30-minute episodes, you'll join James and a lineup of distinguished security experts as they dissect the complexities of securing digital assets against an ever-growing array of threats, including the convergence of application and cloud security, the operational pains of vulnerability management, and the cultural changes within organizations striving for security excellence. Series Highlights: - Expert Insights: Gain valuable perspectives from seasoned professionals, offering diverse experience from cybersecurity, intelligence, and technology startups. - Real-world Challenges: Understand the surge in CVEs, evolving detection technologies, and their impact on reshaping security landscapes for companies of all sizes. Strategic Approaches: Learn about effective vulnerability prioritization and the various strategic and operational approaches to security remediation, including integrating ASPM and Cloud platforms. - Cultural Shifts: Learn about effective vulnerability prioritization and the various strategic and operational approaches to security remediation, including integrating ASPM and Cloud platforms. - Unified Management: Discover the importance of a unified vulnerability management approach to seamlessly tackle vulnerabilities across different platforms.

    ١ من الدقائق
  11. Configuration and CVE Issues: The Overwhelming Challenge

    ٢٧ رمضان

    Configuration and CVE Issues: The Overwhelming Challenge

    In this opening episode of “30 Min on: Vulnerability Management” host James Berthoty and Opus’s Co-founder and CEO Meny Har discuss the burgeoning challenges of Configuration and CVE Issues in the modern digital landscape. This conversation, which was recorded in the hustle of Manhattan, goes beyond traditional boundaries and highlights the rise in vulnerabilities and the dire implications for organizations. Key Highlights: - The Surge in CVEs: Dive deep into the escalating numbers of CVEs and explore its profound impact on security postures across industries. - The Evolution of Detection Technologies: Discover how advancements in detection capabilities and the merging of ASPM and Cloud platforms are reshaping vulnerability management strategies. - Operational Challenges: Meny Har shares insights from his rich background in operations, from his time in the IDF to leading roles in tech startups, offering a unique perspective on managing the deluge of vulnerabilities with efficiency and strategic acumen. - Cultural Shifts in Security: The episode delves into the crucial cultural shifts within organizations, as security roles transition from centralized authority to orchestrators of risk, emphasizing cross-organizational collaboration for effective vulnerability management. - Unified Vulnerability Management: Discussing the convergence of Application Security and Cloud Security, this segment explores the necessity of a unified approach to handle vulnerabilities across different platforms seamlessly. Why It Matters: As the first episode sets the stage, listeners are invited to rethink vulnerability management through the lens of operational efficiency, strategic prioritization, and the indispensable role of collaboration between security and engineering teams. James and Meny navigate through the complexities of modern security challenges, offering actionable insights and fostering a dialogue on evolving security paradigms. Don't miss this engaging conversation filled with real-world anecdotes, expert analysis, and forward-thinking solutions to the overwhelming challenge of vulnerability management in today's cloud-centric world.

    ٣٤ من الدقائق

مقطع ترويجي

حول

Join James Berthoty and security experts in 30-minute episodes exploring digital asset protection challenges. The surge of CVEs, evolving detection technologies, effective prioritization, and strategic approaches to security remediation, including the convergence of application and cloud security, operational pains of vulnerability management, financial aspects, and organizational cultural changes. Discover insights from cybersecurity professionals and learn about unified vulnerability management in today's cloud era.

للاستماع إلى حلقات ذات محتوى فاضح، قم بتسجيل الدخول.

اطلع على آخر مستجدات هذا البرنامج

قم بتسجيل الدخول أو التسجيل لمتابعة البرامج وحفظ الحلقات والحصول على آخر التحديثات.

تحديد بلد أو منطقة

أفريقيا والشرق الأوسط، والهند

آسيا والمحيط الهادئ

أوروبا

أمريكا اللاتينية والكاريبي

الولايات المتحدة وكندا