Multiple Soups – ESW #230
Full Audio
View Show IndexSegments
1. Redefining SaaS Security so SOC/IR Teams Aren’t in the Dark – Stephen Newman – ESW #230
Traditional options of acquiring network detection and response (NDR) solutions have their individual pros and cons. SaaS or On-Premises NDR solutions allow you to customize it to your environment but require costly care and feeding such as detection tuning that distracts your SOC/IR teams from hunting adversaries. If you go with a Managed NDR you have predictable costs but receive generic detections and response options in a one-size fits all model. Join Stephen Newman, VP of Product Marketing to see how ThreatINSIGHT Guided-SaaS NDR combines a purpose-built NDR platform for adversary detection and response with Gigamon SOC/IR human talent dedicated to delivering guided expertise to your security team… together closing the SOC visibility gap, removing distractions, and providing advisory guidance when it matters most.
Segment Resources:
https://www.gigamon.com/content/dam/resource-library/english/solution-brief/sb-gigamon-threatinsight.pdf
This segment is sponsored by Gigamon.
Visit https://securityweekly.com/gigamon to learn more about them!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guest
Stephen Newman, VP of ThreatINSIGHT Product Marketing, has over 15 years of Product Management and Product Marketing experience in the field of Cyber Security, ranging from VPNs, email security, advance threats, identity-based security and cloud-native network detection and response. He has also lead teams of security researchers, engineers and analyst to track threat actors, understand their tactics, and devise machine learning techniques to identify their behavior inside enterprise networks.
Hosts
2. FireEye ‘Fire Sale’, Panaseer Security Guidance, & Infoblox 3.0 – ESW #230
This week in the Enterprise News: Proofpoint unveils people-centric innovations across its three platforms, Citrix Secure Internet Access Simplifies Hybrid Workforce Challenges, CyberArk : Advances Industry-Leading Identity Security Platform, AI-powered cybersecurity provider ExtraHop to be acquired for $900M, New Israeli Unicorn Exabeam Hits $2.4 Billion Valuation, Microsoft acquires ReFirm Labs to boost its IoT security offerings, and more!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!
Hosts
- 1. ACQUISITION: Network security startup ExtraHop skips and jumps to $900M exit – TechCrunchIPO stuffed, ExtraHop instead ops for a 9x exit to PE firms. 9x for what looked like a healthy business 2 years ago? What happened?? Finance analysts seem baffled and without an S-1, we may never know.
- 2. ACQUISITION: FireEye sells FireEye Products unit to STG for $1.2 billionDescribed by many as a firesale, the price is barely higher than what FireEye paid for Mandiant 7 years ago! Not a good sign. The multiple here was 1.64x - a far cry from the more typical 10-20x we see software vendors selling for. While some great research came out of FireEye over the years and the Mandiant business has always seemed to thrive, I'm not sure FireEye ever really built a product anyone really wanted or needed. Bit of a rant from me on them: https://twitter.com/sawaba/status/1400207552139431936 What's really crazy though is who bought them - STG has also recently acquired RSA and McAfee.
- 3. ACQUISITION: Coalfire Acquires Denim Group to TransformThere have always been consulting firms that build tools and even spin-off product companies, but it seems a more common trend these days. Where software cybersecurity companies can bring in a bigger multiple, they're more of a risk. Services traditionally bring in a much lower multiple, but their revenue is more predictable, as the services product changes very slowly and demand is fairly constant. Bishop Fox raised a Series A from ForgePoint to build a managed subscription service. Coalfire was acquired by private equity and appears to be going for something similar with Denim Group and Threadfix. The FireEye product portfolio was just offloaded for less than 2x, leaving Mandiant behind, which was originally purchased for around 10x back in 2014! It's an interesting trend that flips the funding/returns script somewhat.
- 4. ACQUISITION: Microsoft acquires ReFirm Labs to enhance IoT security – Microsoft Security
- 5. FUNDING: Cybersecurity startup Brinqa raises $110 mln from Insight Partners
- 6. FUNDING [redacted] closes 35m in Series B funding to disrupt adversaries and hold attackers accountableIt literally took me 10 minutes of Googling to realize that [redacted] was the company's actual name. I guess someone is getting a chuckle out of how clever they are, but I just found it irritating
- 7. FUNDING: Exabeam Secures $200 Million at $2.4 Billion Valuation, Welcomes New CEO and President Michael DeCesare
- 8. FUNDING – Uptycs secures $50M Series C as security platform continues to expand – TechCrunch
- 9. FUNDING: Inspired by Podesta breach, Material Security raises $40 million to neuter email hacks
- 10. FUNDING: Tessian raises USD65m Series C to advance security at the human layer
- 11. FUNDING Israeli cloud security co Wiz raises another $120m – reportSURE, WHY NOT???
- 1. Microsoft acquires ReFirm Labs to boost its IoT security offerings
- 2. After Nearly 6 Years, SMB Cybersecurity Provider Redacted Emerges From Stealth With $35M
- 3. New Israeli Unicorn Exabeam Hits $2.4 Billion Valuation
- 4. ALD Moves Forward with Merger with Hub Security
- 5. Digital-Security Startup Aura Backed by Katzenberg Valued at Over $1 Billion
- 6. SignalWire raises $30M to accelerate the creation of unified cloud communications tools
- 7. Brinqa raises $110M to accelerate adoption of risk-based cybersecurity
- 8. Proofpoint unveils people-centric innovations across its three platforms"Available now, Proofpoint’s Information Protection and Cloud Security platform is the cloud native solution that combines enterprise data loss prevention (DLP), insider threat management, cloud app security broker (CASB), zero trust network access, remote browser isolation, and a cloud native web security solution."
- 9. Citrix Secure Internet Access Simplifies Hybrid Workforce Challenges"I follow the SD-WAN and SASE industries fairly closely but never really considered Citrix a major vendor in the space. Recently, the company updated me on their offerings, and I finished the meeting with a positive outlook on their products. SIA is a very robust, cloud-delivered security solution that gives work from home employees the same level of security as they would have in the office."
- 10. Synopsys Acquires Code Dx
- 11. Infoblox 3.0 Unites Hybrid DDI, Security to Unlock Cloud-first Strategies"The company is uniting NIOS, an on-premises DDI solution, with its cloud-native BloxOne Threat Defense and BloxOne DDI platforms to help customers bridge core networking and security into cloud environments that underpin the needs of the modern enterprise."
- 12. CyberArk : Advances Industry-Leading Identity Security Platform"CyberArk Dynamic Privileged Access: Drastically reduces risk of standing access by provisioning just-in-time access to hybrid and cloud workloads, starting with Windows and Linux Virtual Machines. Dynamic Privileged Access also includes full audit capabilities, providing insight into exactly who accessed what and when. Only CyberArk secures both standing and dynamic access across hybrid and multi-cloud environments while enforcing least privilege controls. CyberArk Secure Web Sessions: Adds additional layers of security to high-risk browser-based applications access via continuous monitoring, re-authentication enforcement and isolation of malicious processes originating on user devices. Secure Web Sessions enables enterprises to record and audit risky user behavior within any web application while maintaining a frictionless user experience. CyberArk Lifecycle Management for Privileged Users: An expansion of existing capabilities, customers can now further expedite employee onboarding, including those with privileged access, and meet audit and compliance mandates more efficiently. Lifecycle Management for Privileged Users integrates with existing solutions or can work with HR-driven identity management solutions, providing further flexibility to enterprises."
- 13. ThycoticCentrify Service Account Governance Adds Integration with Cloud Vaults Including AWS Secrets Manager and Azure Key Vault"ThycoticCentrify announced enhancements to its industry-leading solution for service account governance, Thycotic Account Lifecycle Manager. The latest version enables IT teams to govern cloud-based service accounts with direct integrations to external vaults such as AWS and Azure, and service accounts used within the DevOps environment."
- 14. AI-powered cybersecurity provider ExtraHop to be acquired for $900M – SiliconANGLE
- 15. Panaseer issues cyber measurement guidance to protect enterprises from compromise"Panaseer’s CCM platform includes these and hundreds of other best practice security metrics via its new in-platform Security Metrics Catalogue. In addition to Panaseer’s expertise, the Security Metrics Catalogue has been curated from a wide community of customers, industry experts, and framework organisations such as NIST and in collaboration with the Center for Internet Security (CIS). The proposition also provides recommendations to enable security teams to instantly improve their security metrics programme overall via metric groupings that include a ‘getting started’ collection, a peer-based recommendation collection, a customer favourites collection, and access to newly emerging metric suggestions."
3. BTS of the Cyber Fight and Building a Resilient Web App Security Program – ESW #230
“Behind the scenes of the cyber fight” – talking about the good on the defender side, taking down cyber criminal supply chains, partnerships, taking down ransomware gangs.
This segment is sponsored by Fortinet.
Visit https://securityweekly.com/fortinet to learn more about them!
Prior to building a web security program, you have to have a plan. How does one create that plan? In this segment, Kevin will focus on some concrete steps to help you create an AppSec plan using a simple framework.
This segment is sponsored by Netsparker.
Visit https://securityweekly.com/netsparker to learn more about them!
Guests
Kevin Gallagher is the CRO of Invicti Security, the company behind the well-known brands, Acunetix and Netsparker. He is a top performing senior executive with 17+ years’ experience managing, bringing to market and selling innovative software management solutions to various high value market segments. Having worked at both start up’s and well established companies, Gallagher has earned recognition as a top – producing sales executive, serving as a motivating team leader and mentor.
Derek Manky is chief security strategist and global vice president of threat intelligence at FortiGuard Labs. Derek formulates security strategy with more than 15 years of cyber security experience behind him. His ultimate goal to make a positive impact in the global war on cybercrime. He provides thought leadership to industry, and has presented research and strategy worldwide at premier security conferences. As a cybersecurity expert, his work includes meetings with leading political figures and key policy stakeholders, including law enforcement. He is actively involved with several global threat intelligence initiatives including NATO NICP, INTERPOL Expert Working Group, the Cyber Threat Alliance (CTA) working committee and FIRST – all in effort to shape the future of actionable threat intelligence and proactive security strategy.
Michael Daniel currently serves as the President & CEO of the Cyber Threat Alliance (CTA), a not-for-profit that enables cyber threat information sharing among cybersecurity organizations. Prior to coming to CTA in March 2017, Michael served for four years as US Cybersecurity Coordinator, leading US cybersecurity policy development, facilitating US government partnerships with the private sector and other nations, and coordinating significant incident response activities. From 1995 to 2012, Michael worked for the Office of Management and Budget, overseeing funding for the U.S. Intelligence Community. Michael also works with the Aspen Cybersecurity Group, the World Economic Forum’s Partnership Against Cybercrime, and other organizations improving cybersecurity in the digital ecosystem. In his spare time, he enjoys running and martial arts.