Enterprise Security Weekly (Audio) Podcast Por Security Weekly Productions arte de portada

Enterprise Security Weekly (Audio)

Enterprise Security Weekly (Audio)

De: Security Weekly Productions
Escúchala gratis

Acerca de esta escucha

 News, analysis, and insights into enterprise security. We put security vendors under the microscope, and explore the latest trends that can help defenders succeed. Hosted by Adrian Sanabria. Co hosts: Katie Teitler-Santullo, Ayman Elsawah, Jason Wood, Jackie McGuire.© 2024 CyberRisk Alliance
Episodios
  • The State of Cybersecurity Readiness for the Next Big Emergency - David Aviv, Bri Frost, Marshall Erwin - ESW #407

    The State of Cybersecurity Readiness for the Next Big Emergency - David Aviv, Bri Frost, Marshall Erwin - ESW #407
    May 19 2025
    Segment 1: Fastly Interview

    In this week's interview segment, we talk to Marshall Erwin about the state of cybersecurity, particularly when it comes to third party risk management, and whether we're ready for the next big SolarWinds or Crowdstrike incident. These big incidents have inspired executive orders, the Secure by Design initiative, and even a memo from JPMorgan Chase's CISO.

    We will discuss where Marshall feels like we should be pushing harder, where we've made some progress, and what to do about incentives. How do you convince a software supplier or service provider to prioritize security over features?

    This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them!

    Segment 2: Weekly Enterprise News

    In this week's enterprise security news,

    1. Agents replacing analysis is highly misunderstood
    2. only one funding round
    3. Orca acquires Opus to automate remediation
    4. OneDrive is updating to make BYOD worse?
    5. Companies are starting to regret replacing workers with AI
    6. Is venture capital hanging on by a thread (made of AI)?
    7. Potential disruption in the traditional vuln mgmt space!
    8. MCP is already looking like a dumpster fire from a security perspective
    9. malicious NPM packages
    10. and, IS ALCHEMY REAL?
    Segment 3: RSAC Conference 2025 Interviews

    Interview 1: Pluralsight

    Emerging technologies like AI and deepfakes have significantly complicated the threat landscape of today. As AI becomes more integrated into our lives, everyone - not just cybersecurity professionals - needs to develop security literacy skills to keep themselves, their organizations, and their loved ones safe. Luckily, there are countermeasures to spot and identify AI and deepfake-related threats in the wild. In this segment, Pluralsight's Director of Security and IT Ops Curriculum, Bri Frost, discusses how AI has changed the cybersecurity industry, how to spot AI and deepfakes in the wild, and the skills you should know to defend against these emerging threats.

    Pluralsight's AI Skills Report

    This segment is sponsored by Pluralsight. Visit https://securityweekly.com/pluralsightrsac to learn the skills you need to defend against the latest cyber threats!

    Interview 2: Radware

    Adversaries are rewriting the cybersecurity rules. Shifts in the threat landscape are being fueled by attackers with political and ideological agendas, more sophisticated attack tools, new coalitions of hacktivists, and the democratization of AI. Radware CTO David Aviv will discuss how companies must adapt their cyber defenses and lead in an evolving era of asymmetric warfare and AI-driven attacks.

    This segment is sponsored by Radware. Visit https://securityweekly.com/radwarersac to learn more about them!

    Visit https://www.securityweekly.com/esw for all the latest episodes!

    Show Notes: https://securityweekly.com/esw-407
    Más Menos
    2 h y 13 m
  • Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406

    Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406
    May 12 2025
    Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, and shares insights on integrating secrets management into systems design. This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them! Segment 2 - Weekly Enterprise News In this week's enterprise security news, we have: Funding, mostly focused on identity security and ‘secure-by-design’Palo Alto acquires one of the more mature AI security startups, Protect AILimaCharlie is first with a cybersecurity-focused MCP offeringMeta releases a ton of open source AI security tooling, including LlamaFirewallExploring the state of AI in the SOCThe first research on whether AI is replacing jobs is outSome CEOs are requiring employees to be more productive with AIAre prompts the new IOCs?Are puppies the new booth babes?We get closure on two previous stories we covered: one about an ex-Disney employee,and one about a tiny dog Segment 3 - Executive Interviews from RSAC CYWARE The legacy SecOps market is getting disrupted. The traditional way of ingesting large troves of data, analysis and actioning is not efficient today. Customers and the market are moving towards a more threat centric approach to effectively solve their security operations challenges. CERT Water Management Case StudyCybersecurity Alert Fatigue! How Threat Intelligence Can Turn Data Overload Into Actionable Insights BlogFrost & Sullivan's 2024 Threat Intelligence Platform Radar Report2025 TIP Buyer’s Guide This segment is sponsored by Cyware. Visit https://securityweekly.com/cywarersac to request a demo! SUMOLOGIC Intelligent SecOps is more than a buzzword—it's a blueprint for modernizing security operations through real-time analytics, contextual threat intelligence, and AI-powered automation. In this segment, Sumo Logic’s Field CTO Chas Clawson explains how SOC teams can accelerate detection and response, cut through alert noise, and improve security outcomes by fusing AI-driven automation with human context and expertise. He also shares the latest security capabilities Sumo Logic announced at the RSA Conference to help organizations build and operate Intelligent SecOps. Press Release: Sumo Logic Unifies Security to Deliver Intelligent Security OperationsBlog: RSAC 2025 Intelligent Security OperationsBrief: Sumo Logic Threat IntelligenceChas Blog: Cloudy with a chance of breach: advanced threat hunting strategies for a hyperconnected and SaaSy worldLinkedIn Live: Implications of AI in a modern defense strategy This segment is sponsored by Sumo Logic. Visit https://securityweekly.com/sumologicrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-406
    Más Menos
    2 h y 14 m
  • 2025 Security Trends: Identity, Endpoint, Cloud & the Rise of Browser Threats - Jason Mical, Lori Robinson, Hed Kovetz, Rob Allen, Vivek Ramachandran, Alex Pinto - ESW #405

    2025 Security Trends: Identity, Endpoint, Cloud & the Rise of Browser Threats - Jason Mical, Lori Robinson, Hed Kovetz, Rob Allen, Vivek Ramachandran, Alex Pinto - ESW #405
    May 5 2025
    Now in its 18th year, the Verizon Business DBIR is one of the industry’s longest standing and leading reports on the current cybersecurity landscape. This year’s report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint’s latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint’s Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it’s now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren’t just hacking systems anymore—they’re hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today’s most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405
    Más Menos
    1 h y 43 m
adbl_web_global_use_to_activate_T1_webcro805_stickypopup
Todavía no hay opiniones