How to Secure Your CI/CD Pipeline by Prioritizing Cyber-Risk Management – Tal Morgenstern – ESW #309
Tal Morgenstern is the Co-Founder & CPO at Vulcan Cyber. Tal brings almost 20 years of experience in cybersecurity products development and design to Vulcan Cyber – experience he gained in the Israeli army, building cutting-edge Elbit systems, Israel’s largest defense contractor, and during his tenure in various R&D and product design roles.
- Security Weekly listeners: Identiverse 2023 is heading to Vegas! Join the digital identity community at the ARIA Resort & Casino in Las Vegas, May 30th to June 2nd. Identiverse is a must-attend annual event that brings together over 2,500 security professionals for 4 days of world-class learning, engagement, and entertainment.As a community member, you’re able to receive 20% off your Identiverse 2023 tickets using code IDV23-SW20!Register today: securityweekly.com/identiverse2023
Applied Research & the Power of Sustained Thinking – Casey Smith – ESW #309
Casey Smith is a Senior Security Researcher at Thinkst Applied Research. He enjoys continually working to understand and evaluate the limits of defensive systems. He led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. His background includes security analysis, threat research, penetration testing, and incident response. Casey has spoken at several security conferences. DerbyCon, Shmoocon, BlackHat USA, BlueHat, BlueHat IL, and Troopers.
- We’d like to invite our listeners to be part of our 2023 SC Awards!Our prestigious and competitive SC Awards program recognizes outstanding innovations, organizations, and leaders that are advancing the practice of information security. This year, there are awards in 36 categories up for grabs, including best IT security-related training program, innovator of the year, best SASE solution, and more. We’d love to see your company in the spotlight!Visit securityweekly.com/scawards to submit your entries by March 20!
Robert Downey Jr, K-Shaped, GPT-4, Rapid7, & SVB – ESW #309
- Security Weekly listeners save $100 on their RSA Conference 2023 Full Conference Pass! RSA Conference will take place April 24-27 in San Francisco and on demand. To register using our discount code, please visit https://securityweekly.com/rsac2023 and use the code 53UCYBER! We hope to see you there!
Adrian Sanabria
- DUMPSTER FIRE: Over 100 VCs, investors voice solidarity with Silicon Valley Bank
And then they told their portfolio companies to remove $44B from it.
Should we even bother talking about it? I guess not everyone has binged the details like we have...
- FUNDING: Capital One Ventures and Citi Ventures Invest in Securiti – Securiti
- FUNDING: Samsung Next Invests In Mitiga, Brings Total Funding to $45M
- FUNDING: Want data security? Concentrate on cybersecurity training, RangeForce raises $20M
- FUNDING: Revelstoke Announces $20M Series B Funding Following Exponential Growth in Its First Year in Market
- FUNDING: a16z-backed Uno launches a design-centric password manager
If someone finds a vulnerability in this app, it needs to be called "Uno Attack"
- ACQUISITIONS: Rapid7 Acquires Minerva Labs to Extend Leading Managed Detection and Response Service with Ransomware Prevention Technology
The Malware 'sandman' company finally gets an exit. I had lost track of this company, but they innovated a neat trick where they can convince malware that it's being investigated, which causes many malwares to get sleepy...
- NEW PRODUCTS: GPT-4
AI marches on. Unclear as to whether it's updating itself at this point.
- NEW TOOL: AI Content Detector Checks GPT-3, ChatGPT, & More for Free
Detect text written by an AI! Then, obfuscate it so no one can detect it as written by an AI! This tool giveth and then taketh away...
- NEW OPEN SOURCE: gh-sbom (automatically generate SBOMs!)
- NEW OPEN SOURCE: Bearer (FOSS SAST tool)
- ESSAYS: Cloud Security from First Principles
- ESSAYS: Software Security is More than Vulnerabilities
- ESSAYS: The K-Shaped Recovery of the Cybersecurity Industry
- ESSAYS: CISO Role Undergoes Evolution as Role Grows More Complex
- ESSAYS: Looking for ways to promote products and services that make cybersecurity a better place: five unique case studies
- REPORTS: Cybercrime Losses Exceeded $10 Billion in 2022: FBI
Not $10 Trillion? Are we sure about the numbers here? /sarcasm
- VULNERABILITIES: Critical Microsoft Outlook/365 bug CVE-2023-23397 under attack
We don't usually cover these, but this one is just incredible. :face_palm:
- SQUIRREL: Robert Downey Jr. joins Boston-based cybersecurity company’s board of directors – The Boston Globe
- SQUIRREL: UT Southwestern scientists discover agent that reverses effects of intoxication















