Enterprise Security Weekly (Audio) Podcast Por Security Weekly Productions arte de portada

Enterprise Security Weekly (Audio)

Enterprise Security Weekly (Audio)

De: Security Weekly Productions
Escúchala gratis

Acerca de esta escucha

 News, analysis, and insights into enterprise security. We put security vendors under the microscope, and explore the latest trends that can help defenders succeed. Hosted by Adrian Sanabria. Co hosts: Katie Teitler-Santullo, Ayman Elsawah, Jason Wood, Jackie McGuire.© 2024 CyberRisk Alliance
Episodios
  • Monzy Merza, How Much AI is Too Much, and the Weekly News - Monzy Merza - ESW #415

    Monzy Merza, How Much AI is Too Much, and the Weekly News - Monzy Merza - ESW #415
    Jul 14 2025
    Segment 1: Interview with Monzy Merza - There is a Right and Wrong Way to use AI in the SOC

    In the rush to score AI funding dollars, a lot of startups build a basic wrapper around existing generative AI services like those offered by OpenAI and Anthropic. As a result, these services are expensive, and don't satisfy many security operations teams' privacy requirements.

    This is just the tip of the iceberg when discussing the challenges of using AI to aid the SOC. In this interview, we'll dive into the challenge of finding security vendors that care about security, the need for transparency in products, the evolving shared responsibility model, and other topics related to solving security operations challenges.

    Segment 2: Topic Segment - How much AI is too much AI?

    In the past few weeks, I've talked to several startup founders who are running into buyers that aren’t allowed to purchase their products, even though they want them and prefer them over the competition. Why? No AI and they’re not allowed to buy.

    Segment 3: News Segment

    Finally, in the enterprise security news,

    1. We cover the latest funding
    2. The Trustwave saga comes to a positive end
    3. Android 16 could help you evade law enforcement
    4. Microsoft is kicking 3rd party AV out of the kernel
    5. Giving AI some personality (and honesty)
    6. Log4shell canaries reveal password weirdness
    7. Denmark gives citizens copyright to their own faces to fight AI
    8. McDonald’s has an AI whoopsie
    9. Ingram Micro has a ransomware whoopsie
    10. Drama in the trailer lock industry

    All that and more, on this episode of Enterprise Security Weekly.

    Visit https://www.securityweekly.com/esw for all the latest episodes!

    Show Notes: https://securityweekly.com/esw-415
    Más Menos
    1 h y 44 m
  • Identity, AI & Access: Highlights from Identiverse 2025 - Sagi Rodin, Ajay Amlani, Treb Ryan, Ajay Gupta, Artyom Poghosyan, Amir Ofek - ESW #414

    Identity, AI & Access: Highlights from Identiverse 2025 - Sagi Rodin, Ajay Amlani, Treb Ryan, Ajay Gupta, Artyom Poghosyan, Amir Ofek - ESW #414
    Jul 7 2025
    Single Sign On (SSO) and Multi Factor Authentication (MFA) is critical to secure operations for companies of all sizes. Why is the foundation of cybersecurity still locked behind enterprise licensing? Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are essential—not optional—for protecting modern businesses. But today, these critical tools are overpriced, overcomplicated, and reserved for companies that can afford to overpay and have full-time security teams. That’s broken. Cubeless is tearing down the barriers. With Cubeless Verify, we’re delivering SSO and MFA that anyone can use—no IT army required. No hidden fees. No contracts. No catch. Just enterprise-grade security made simple, and free forever. The gatekeepers had their turn. Now it’s yours. Go to https://securityweekly.com/cubelessidv to start using Cubeless Identity today. As AI agents move beyond experiments to becoming critical internal and market-facing enterprise products, secure, scalable identity infrastructure becomes essential to achieve market-readiness. A lack of identity standards tailored specifically for AI agents, is creating a roadblock for developers. Existing infrastructure was not designed with autonomous agents in mind. How will identity standards need to evolve in order to meet the needs of an agent driven ecosystem? https://frontegg.com/product/frontegg-ai This segment is sponsored by Frontegg. Visit https://securityweekly.com/fronteggidv to learn more about them! Traditional IGA tools struggle to deliver full observability—and stall when it’s time to take action. Axonius Identities is changing that—bringing actionability to identity governance by embedding it into the broader cyber asset platform. In this session, CEO of AxoniusX, Amir Ofek shares how Axonius is modernizing IGA with real-time enforcement, unified asset-to-identity context, and a radically different approach to controlling access across dynamic environments. https://www.axonius.com/products/identities Axonius Blog: From Roles to Rules – An Access Paradigm Shift: https://www.axonius.com/blog/from-roles-to-rules Axonius Cybersecurity Asset Management Platform Overview: https://www.axonius.com/platform See how Axonius makes identity actionable. Visit https://securityweekly.com/axoniusidv. As enterprises are looking to rapidly deploy AI agents to drive innovation, they face an urgent need to secure this new "digital workforce" without hindering speed. Traditional security models weren't built for the unique identity and access demands of autonomous AI. This session will cut through the hype, address the real security concerns head-on, and outline a modern, cloud-native framework for managing privileged access for AI agents, ensuring your organization can innovate fast and stay secure. https://www.britive.com/use-cases/agentic-ai-security https://www.britive.com/resource/events/zero-standing-privileges-human-ai-nhi https://www.britive.com/resource/blog/agentic-ai-redefining-identity-security-cloud https://www.britive.com/resource/blog/owasp-vulnerabilities-llm-goes-rogue-navigating-corporate-chaos https://www.britive.com/resource/blog/agent-to-agent-access-security https://www.britive.com/resource/blog/genai-data-privacy-ip-protection https://www.britive.com/resource/blog/rethinking-nhi-cloud-security-strategies This segment is sponsored by Britive. Visit https://securityweekly.com/britiveidv to learn more about Britive's agentless cloud-native Privileged Access Management platform. As digital transformation accelerates and advanced threats evolve, industries of all kinds face rising pressure to secure identities, prevent fraud, and deliver seamless user experiences. Aware CEO Ajay Amlani shares how biometric technology is stepping up to meet these challenges—providing fast, accurate, and scalable solutions that strengthen security while reducing friction. Discover how biometrics is reshaping the identity landscape and enabling trust in an increasingly complex world. https://www.aware.com/blog/ This segment is sponsored by Aware. Visit https://securityweekly.com/awareidv to learn more about them! As threat landscapes grow more complex and stakeholder expectations rise, organizations must reimagine their approach to cyber resilience and trust. This interview will explore how artificial intelligence is transforming cybersecurity—from identifying vulnerabilities in real time to automating response and aligning security initiatives with broader business goals. Join us for a forward-looking discussion on what it means to lead with AI, earn digital trust, and create a resilient enterprise that’s built to withstand tomorrow’s threats. This segment is sponsored by SDG. Visit https://securityweekly.com/sdgidv to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-414
    Más Menos
    1 h y 50 m
  • The Illusion of Control: Shadow IT, SSO Shortcomings, and the True Path to Security - Dave Lewis - ESW #413

    The Illusion of Control: Shadow IT, SSO Shortcomings, and the True Path to Security - Dave Lewis - ESW #413
    Jun 30 2025
    Interview with Dave Lewis

    Organizations believe they have a firm grip on security with SSO and corporate IT policies, but in reality, shadow IT lurks in the background—expanding attack surfaces and exposing sensitive data. Employees bypass security controls for the sake of convenience, while SSO fails to provide the comprehensive security net organizations expect. Talk about the critical weaknesses in traditional SSO implementations, how shadow IT thrives under the radar, and why enterprises continue to experience data breaches despite security investments. Can cover real-world examples of security failures, highlight the role of human behavior in risk, and provide actionable strategies to regain control over enterprise security.

    This segment is sponsored by 1Password. Visit https://securityweekly.com/1password to learn more about them!

    Topic Segment: Is AI taking our jerbs or not?

    I listened to most of a debate between Marcus Hutchins and Daniel Miessler over whether generative AI will be good enough to replace a lot of jobs (Daniel's take), or so bad that it won't take any (Marcus's take). I got frustrated though, because I feel like some foundational assumptions were ignored, and not enough examples were shared or prepared.

    Assumption #1: Jobs exist because work needs to be done. This is a false assumption. Check out a book called "Bullshit Jobs" to go down this particular rabbit hole.

    Assumption #2: The primary task of a job is the job. This is rarely the case, unless you work in the service industry. How much of a developer's job is writing code? A lot less than you think. Employees spend a massive amount of time communicating with other employees, via meetings, emails, Slack chats - can AI replace this? Maybe all that communication is wasteful and inefficient? Could be, but for every job AI supposedly replaces, it becomes someone else's job to manage that AI agent. Does all of middle management become expert prompt engineers, or do they also disappear with no employees to manage?

    Assumption #3: Jobs aren't already being replaced. They are, they're just not terribly visible jobs. That contractor your marketing team was using to build blog/SEO content? He's probably gone. The in-house or contract graphic designer? Probably gone. There's a whole swath of jobs out there, where quality isn't very important, but work needs to be produced, and those jobs are being actively replaced with generative AI. With that said, I don't see any full time jobs that require quality work and a lot of communication with other employees getting replaced. Yet? Ever? That's the question.

    The Enterprise News

    In this week's enterprise security news,

    1. Not much interesting funding to discuss
    2. Securonix acquires ThreatQuotient
    3. Cellebrite acquires Corellium (that sounds a lot like a rock bought a stone or a gem or something)
    4. Yet another free vulnerability database
    5. ChatGPT can now clandestinely record meetings
    6. Threat detection resources
    7. a VERY expensive Zoom call (for the victim)
    8. Should we stop using SOC2s?
    9. Should we give up on least privilege?
    10. How much did it cost to change HBO to HBO Max, then to Max, then back to HBO Max?

    Visit https://www.securityweekly.com/esw for all the latest episodes!

    Show Notes: https://securityweekly.com/esw-413
    Más Menos
    1 h y 52 m
Todavía no hay opiniones