Hacking Naked & Not Afraid – PSW #663
Full Audio
View Show IndexSegments
1. Protecting Critical Infrastructure In Hybrid Clouds – Dan Perkins, Harry Sverdlove – PSW #663
Customers are concerned about protecting critical services such as Active Directory from compromise. It's game over if AD is compromised. AD environments can be heterogeneous; public cloud, on-prem data centers, clients, servers. It is operationally complex to protect this environment while ensuring smooth business operations How do you deal with changes in the environment? New apps? App updates? New systems? Harry will demo key points of Edgewise's answer to use software identity for microsegmentation and cloud workload protection.
This segment is sponsored by Edgewise Networks. Visit https://securityweekly.com/edgewise to learn more about them!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guests
Harry Sverdlove, Chief Technologist for Secure Workload Communication, Zscaler, Inc. (formerly Co-Founder and Chief Technology Officer of Edgewise Networks), was previously CTO of Carbon Black, where he was the key driving force behind their endpoint security platform. Earlier in his career, Harry was principal research scientist for McAfee, Inc. (formerly Chief Scientist of SiteAdvisor), where he supervised the architecture of crawlers, spam detectors and link analyzers. Prior to that, Harry was director of engineering at Compuware Corporation (formerly NuMega), and principal architect for Rational Software, where he designed the core automation engine for Rational Robot.
Dan is the product manager focused on building the Zscaler Workload Protection (Edgewise) platform into the best microsegmentation control on the market. His background is in virtualization systems, storage, and cybersecurity.
Hosts
2. Voice Phishers, ‘SpiKey’ Lock Picking, & Coffee Cup Hackers – PSW #663
New Microsoft Defender ATP Capability Blocks Malicious Behaviors, Voice Phishers Targeting Corporate VPNs, IBM finds vulnerability in IoT chips present in billions of devices, The Sounds a Key Make Can Produce 3D-Printed Replica, US firm accused of secretly installing location tracking SDK in mobile apps, and Disrupting a power grid with cheap equipment hidden in a coffee cup!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Hosts
3. SWVHSC Micro Interviews: Gravwell & Rapid7 – Corey Thuen, Deral Heiland – PSW #663
What use cases are addressed by Threat Hunting Platforms and SIEMs? Where is the overlap and where are the differences? Corey Thuen, Founder of Gravwell, covers the high level and low-level tech that drives these differences. This segment is sponsored by Gravwell. Visit https://securityweekly.com/gravwell to learn more about them! Gravwell is a threat hunting platform built for ingest and search of logs and binary data sources at scale. To learn more, visit: https://www.gravwell.io/summercamp2020
Deral Heiland, Principal Security Research IoT at Rapid7 will focus on the subject of IoT security and hacking, IoT testing and testing methods and related research topics. This segment is sponsored by Rapid7. Visit https://securityweekly.com/rapid7 to learn more about them!
Rapid7 Segment Resources: https://www.rapid7.com/research/%0D%0Ahttps://blog.rapid7.com/author/deral-heiland/
To gain access to our latest research (i.e. 2020 Q1 Threat Report, NICER and Under the Hoodie 2020 visit: https://www.rapid7.com/research/
Guests
Corey Thuen is a founder of Gravwell and has spent over a decade doing cybersecurity at places like Department of Energy national labs, Digital Bond, and IOActive. That experience is now driving development of a full-stack analytics platform built to alleviate pain points he personally experienced from inflexible tools.
Deral Heiland, CISSP, has over 20 years of experience in IT. Over the last 8+ years, he has focused on security research, security assessments, pen testing, and consulting.