Platform9, Swimlane, SonicWall 0-Days, & Fortinet – ESW #214
This week, in the Enterprise Security News, Platform9 unburdens users from the complexities of Kubernetes, Swimlane Raises $40 Million, SonicWall hacked by zero-days in its own products, Deloitte Buys Root9B, Cygilant and SentinelOne Partnership, Fortinet announces AI-powered XDR, AlgoSec Announced updates to A32, ESET Launches Enhanced Cloud-based Endpoint Security Management, Entrust acquires HyTrust, LogRhythm acquires MistNet, Huntress Acquires EDR Technology From Level Effect, & more!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Paul Asadoorian
- Platform9 unburdens users from the complexities of Kubernetes while ensuring fast adoption"Platform9 now allows all DevOps teams complete freedom to run multiple versions of managed Kubernetes across staging, production, and development environments. Users can also decide which upgrades and patches to perform and time them at their convenience."
- Swimlane Raises $40 Million to Expand SOAR Business"According to the company, the additional cash injection will be used to accelerate partnerships and alliances, expand research and development, and fuel global expansion. The total amount raised by the company is now $75 million."
- SonicWall hit by attackers leveraging zero-day vulnerabilities in its own products?"There is still no news about the potential zero-day in the SMA 100 Series, but SonicWall let us know that the guidance to disable Virtual Office and the HTTPS administrative interface no longer applies."
- Deloitte Buys Cybersecurity Firm Root9B; Deborah Golden QuotedRoot9B has a very weird history, e.g. https://krebsonsecurity.com/2017/11/r-i-p-root9b-we-hardly-knew-ya/ "In mid-June 2015, an anonymous researcher who’d apparently done a rather detailed investigation into root9B’s finances said the company was “a worthless reverse-merger created by insiders with [a] long history of penny-stock wipeouts, fraud allegations, and disaster.”"
- Cygilant and SentinelOne Partnership Offers Businesses Automated Cybersecurity for the Endpoint and Cloud
- Fortinet announces AI-powered XDR for threat detection, investigation, and response"FortiXDR is the only solution of its kind to leverage artificial intelligence (AI) for the investigation effort critical to incident response." - Okay, that's a stretch (maybe even a flat out lie). Dear marketing teams, don't do this! "Fortinet says that FortiXDR is AI-powered by a patent-pending Dynamic Control Flow Engine and continually trained by the threat data and research of FortiGuard Labs as well as the frontline expertise of its incident responders. The solution starts by leveraging the diverse security information shared across the Fortinet Security Fabric for correlation and analysis, converting them into high fidelity security incidents."
- New A32 launched by AlgoSec"Enable secure deployment of micro-segmentation in complex hybrid networks A32 automates identifying and mapping of the attributes, flows and rules that support business-critical applications across hybrid networks with the built-in AutoDiscovery capability. This accelerates organizations’ ability to make changes to their applications across the enterprise’s heterogeneous on-premise and cloud platforms, and to troubleshoot network or change management issues - ensuring continuous security and compliance."
- ESET Launches Enhanced Cloud-based Endpoint Security Management Solution For Businesses Of All Sizes
- Entrust acquires HyTrust to offer identity, encryption and security policy control for cloud environments"By acquiring HyTrust, Entrust adds a critical management layer for encryption, cryptographic keys, and cloud security policy to its digital security solutions, serving the data protection and compliance needs of organizations accelerating their digital transformations."
- LogRhythm acquires MistNet to expand reach in the threat detection space"The acquisition will allow LogRhythm to deliver intelligent, machine-learning based detection and response capabilities that incorporate network detection, user and entity behavior analytics (UEBA), endpoint detection and response data (EDR), and additional MITRE ATT&CK detections to solve current and emerging security and risk problems."
- Huntress Acquires EDR Technology From Level Effect"As part of the acquisition, Level Effect co-founders Greg Ake and Robert Noeth will join the Huntress team to support the initial integration and ongoing development of the Recon software. Like the founding team at Huntress, both Ake and Noeth have strong backgrounds in the U.S. intelligence community, having worked within the National Security Agency, Air Force and other institutions."
DNS Hijacking – Fredrik Nordberg Almroth – ESW #214
Fredrik Nordberg Almroth, Security Researcher at Detectify, tells the story of how he managed to claim the top-level domain of an entire country - the Congo (DRC), .cd - before any bad actors could snatch it up. He will also discuss domain takeovers (TLD as well as subdomains) and how they can be prevented. Key to this is to keep track of your assets and monitor them for vulns.
Fredrik Nordberg Almroth is Co-Founder and Head of Engineering at Detectify, the web security company that automates knowledge from some of the world’s best ethical hackers and brings it into the hands of web application teams. Fredrik has helped organizations like Google, the UN and the US Air Force uncover web vulnerabilities, and he is a staunch security defender committed to making the internet safer for everyone. He is featured on Google Security Hall of Fame and has previously been elected Security Expert of the Future by Symantec.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Supply Chain Security in the Face of Solarwinds – Allan Alford – ESW #214
Do we really need to be freaking out? What could we and should we be doing in general regardless of SolarWinds?
Allan Alford has worked in cybersecurity for 20+ years and technology for 25+. He started in IT, pivoted to Engineering and product security, and brought it all back around to a CISO role that oversaw both enterprise and product. After 5 stints as a CISO in various industries in companies ranging from 18 to 50,000 employees, Allan launched a consulting practice with a partner that provides fractional CISO, strategic cybersecurity consulting services, risk assessments, maturity assessments, and other services. Allan gives back to the community by way of The Cyber Ranch Podcast and by his prolific writing on LinkedIn and in articles for various publications.
If you missed Security Weekly Unlocked, you can now access all of the content on-demand, whether you registered before the live event or not, by visiting https://securityweekly.com/unlocked and clicking either the button to register or the button to login!
