Congress Goes Cyber-Crazy, Emotet Returns, SnapAttack, & Netography – ESW #251
This week in the Enterprise Security News: NDR startup Netography raises a $45m Series A with Martin Roesch at the helm! Data Security startup Laminar comes out of stealth with a $32m Series A Threat Intel divestment SnapAttack spins out of Booz Allen Cloud Security startup Lacework raises $1.3bn in a single round, Lacework acquires Soluble, You can make some cash if you're willing to delete the NPM modules you manage, Congress goes Cyber Crazy - 18 new cybersecurity-related bills introduced, Emotet returns, but there are tracking tools, All that and more, on this episode of Enterprise Security Weekly!
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Hosts
- 1. FUNDING: Netography Raises $45 Million in Series A Funding, Led by Bessemer and SYN Ventures, to Secure the Atomized NetworkA whopper of a Series A! For... yet another NDR product? I'm getting heavy Protectwise (acq by Verizon) vibes here - both SaaS-based NDR, with the biggest difference that Protectwise consumed full PCAPs, while Netography aims to only consume netflow, arguing that there's less and less value in deep packet inspection going forward. Even if the product doesn't look all that impressive or compelling, I suspect it's the leadership that brought the VCs to the yard on this one - Martin Roesch was the founder and CEO of Sourcefire. Martin guided the $2.7bn sale of Sourcefire to Cisco in 2013, and was key in turning Cisco into a legitimate security vendor, which picked up a ton of notable security acquisitions following Sourcefire, including ThreatGRID, Neohapsis, OpenDNS, Lancope, CloudLock, and Duo Security. Cisco had security products before Sourcefire, but it didn't *feel* like a security company until after Sourcefire. It will be interesting to see where Roesch takes this one.
- 2. FUNDING: Israeli Data Security Startup Laminar Emerges from Stealth with $32 Million Series A – Laminar
- 3. FUNDING: Threat intel startup SnapAttack lands $8M Series A following Booz Allen spinout – TechCrunch
- 4. FUNDING: Cloud security firm Lacework secures $1.3 billion in new funding roundAs you do your double-take, I'll point out that $1.3bn is the size of the ROUND. The valuation is $8.3bn.
- 5. ACQUISITION: Lacework acquires Soluble to strengthen its data-driven cloud security platform – Help Net Security
- 6. TRENDS: I will pay you cash to delete your npm module
- 7. TRENDS: GitHub’s commitment to npm ecosystem securityhttps://github.blog/2021-11-15-githubs-commitment-to-npm-ecosystem-security/
- 8. TRENDS: Emotet botnet returns after law enforcement mass-uninstall operation
- 9. TRENDS: “As tech M&A soars into the stratosphere, one sector is doing more than its share to boost it toward those previously unimaginable heights: #Informationsecurity.”One of my mentors when I was learning the business and investment side of the industry, Brenon Daly. He always has some interesting takes on the market. It's good to see that the current market looks just as nuts to him as it has to us. It's also shocking to see it quantified on a bar graph, zoomed out to an annual time scale!
- 10. LEGISLATION: 18 new cybersecurity bills introduced as US congressional interest heats upWe won (by losing)! People are finally taking cybersecurity seriously. So now we're swamped with proposed cybersecurity legislation, and some of it is... not well thought out.
- 11. LEGISLATION: Congress Mulls Banning Big Ransomware PayoutsUtter idiocy.
- 12. RESEARCH: Mapping ATT&CK to CVE for Impact
- 13. TOOLS: Feodo Tracker (botnet tracker)
- 14. TOOLS?: SS7 Hack Software – How to hack SS7 and Intercept SMS
- 15. REPORTS: McAfee – Hidden Costs of Cybercrime
- 16. REPORTS: Inside the Mind of a Hacker 2021 Edition
- 17. SQUIRREL: The Mysterious Case of the F*cking Good Pizza