How Cloud Defenders Thwart Attacks Against Resilient Services – Jeff Deininger – ESW #224
In cybersecurity attackers have a structural advantage over defenders: they can succeed with a staggeringly high failure-rate (not caring that most attacks get blocked at the perimeter). Meanwhile, defenders lose when that single successful attack goes unnoticed regardless of how many attacks were successfully stopped. Disproportionate consequences similarly advantage attackers: typical times to detect and contain that one successful attack are still measured in weeks and months. Yet high-availability and resiliency characteristics built-in to "Well-Architected" microservices offer defenders an opportunity to turn the tables and rob attackers of their asymmetric advantages. The key missing ingredient is a sufficient early-warning system that can detect and respond to advanced threats.
In this presentation, Jeff Deininger, a Principal Cloud Security Engineer, will use a simulated attack to demonstrate how advanced threat detection works with commonplace architectural elements to deny attackers the crucial traction needed to establish a foothold at the beginning of a campaign, leaving attackers feeling like they are inescapably 'walking on ice'.
This segment is sponsored by ExtraHop Networks.
Visit https://securityweekly.com/extrahop to learn more about them!
Deininger has over 15 years of experience in security and IT operations
with a focus on data center technologies, service delivery and DevOps.
As an AWS Security Specialist, he is interested in the observability
conditions that create effective early warning systems for detecting and
containing cybersecurity events.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Stopping Phishing Breaches at the Point of Click – Chris Cleveland – ESW #224
Phishing links are getting past existing protections and clicked. How do you prevent these attacks? In this segment, Chris Cleveland, CEO at Pixm, will demonstrate how computer vision protection in the browser stops these attacks in real time and how you can know your own gaps.
Segment Resources: Threat Report: https://pixm.net/wp-content/uploads/2021/03/Pixm-Q4-2020-Threat-Report.pdf
This segment is sponsored by Pixm.
Visit https://securityweekly.com/pixm to learn more about them!
Chris started PIXM after winning a pitch contest in Columbia’s machine learning graduate program. He built PIXM’s initial computer vision AI engine that stopped hundreds of phishing breaches at point of click in the browser. He has raised over five million in venture funding and is now on a mission to seal phishing gaps beyond the inbox with great technology.
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Darktrace & Knowbe4 IPOs, Dell Spins Off VMWare, & Zscaler Keeps Growing – ESW #224
In the Enterprise News for this week, Darktrace targets listing for early May, KKR-backed cybersecurity firm KnowBe4 aims for $3 Billion valuation in U.S. IPO, Dell spins off VMware to fuel post-pandemic PC growth opportunities, lots of funding announcements, and more!
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Adrian Sanabria
- FUNDING – Backup firm Druva protects data in the cloud with $147M in new fundingThis is a Series H! Nearly half a billion raised with a ~$2bn valuation...
- FUNDING – Grip Security raises $6M to improve SaaS security – TechCrunchLooking like a very late-stage CASB, but they're YL Ventures-founded, so they've got to have something interesting up their sleeve with smart backing and the benefits of hindsight. I'm keen to find out more. Also - $6m is what a Series A looked like less than 10 years ago!
- FUNDING – HYPR Raises $35M Series C Led by Advent International
- FUNDING – Enterprise security platform Intrigue expands attack surface management with $2M round
- FUNDING – Cado Security Closes $10M in Funding to Accelerate Adoption of First and Only Cloud-Native Digital Forensics Platform
- FUNDING – PlexTrac Closes $10 Million Round to Fuel Growth of Cybersecurity Workflow Platform – PlexTrac
- FUNDING – Talon Cyber Security Raises $26 Million to Develop Next-Generation Cyber Security for a Distributed Workforce
- FUNDING – Wire closes $21m Series B funding led by UVC Partners · Wire
- FUNDING – Open Source Security Management Firm WhiteSource Raises $75 Million
- PUBLIC OFFERING – Cybersecurity Firm Darktrace Targets $4 Billion London IPO
- PUBLIC OFFERING – Cellebrite to go public via $2.4 billion SPAC deal
- MARKET REPORT – Crunchbase: Cybersecurity Research Report 2021* Despite the global pandemic, 2020 was a record year for cybersecurity investments with over $7.8 billion invested in the industry globally. * Investment in cybersecurity companies has increased more than ninefold since 2011. * The U.S. recorded 76% of all global cybersecurity funding in 2020, at $5.9 billion. * Israel is the second leading country in the industry – over 20% of the country’s venture funding went to cybersecurity companies in 2020. * 2020 recorded six new cybersecurity unicorns, a record for a single year at the time. Just a few months into 2021, nine new cybersecurity unicorns have already emerged, well surpassing the 2020 record. * In 2021, over $3.7 billion in cybersecurity investments have been recorded globally so far. This is on pace to smash the 2020 record.
- NEW RELEASE – Introducing OpenSearchA new FOSS fork of Elasticsearch and Kibana from AWS
- NEW RELEASE – Checkov 2.0: Deeper, broader, and faster IaC scanningBridgeCrew is already launching 2.0. The acquisition apparently isn't slowing them down much.
- NEW RELEASE – Rumble 2.1: Notification Templates, AWS EC2 Enrichment, and Cisco SNTC ExportsNo flies on HDM
- TRENDS – Digital artists meet scam artists, as criminals pounce on NFT craze
- ACQUISITION – The Next Phase of VelociraptorPopular open source DFIR tool acquired by Rapid7. Metasploit still seems to be going strong after Rapid7 acquired it nearly 12 years ago, so this seems like a positive move.
Matt Alderman
- Darktrace targets listing for early May
- KKR-backed cybersecurity firm KnowBe4 aims for $3 bln valuation in U.S. IPO
- HawkEye 360 Secures $55 Million Series C Funding Round
- Talon Cyber Security Raises $26M in Seed Funding
- ThreatQuotient Looks to Solve The Cyber Problem, Raises $22.5M
- CodeLogic Raises $16 Million in Series A Funding
- Hack The Box cybersecurity training community Raises $10.6m
- Cybersecurity Funding: PlexTrac Raises $10 Million in Series A Financing – MSSP Alert
- Cado Security raises $10M for cloud cybersecurity forensics
- Cylera Raises $10M for its Cybersecurity Platform for Healthcare IoT – AlleyWatch
- Dell spins off VMware to fuel post-pandemic PC growth opportunities
- Zscaler Buys Startup Trustdome To Control Cloud Permissions
- Israeli Cybersecurity Startup Cyberfish Acquired By Cofense
- Zscaler Advances Its Zero Trust Exchange Framework
- RiskIQ announced the launch of its RiskIQ Illuminate Internet Intelligence Platform
- Okta Stock Rises As Cybersecurity Firm Squares Off Versus CyberArk, SailPoint
- Thycotic & Centrify Merge to Form Cloud Identity Security Firm
