It's the week before RSA and the news is PACKED. Everyone is trying to get their RSA announcements out all at once. We've got announcements about funding, acquisitions, partnerships, new companies, new products, new features... To make things MORE challenging, everyone is also putting out their big annual reports, like Verizon's DBIR and Mandiant's M-Trends! Finally, we've got some great essays that are worth putting on your reading list, including a particularly fun take on the Verizon...

It's the most boring part of incident response. Skip it at your peril, however. In this interview, we'll talk to Joe Gross about why preparing for incident response is so important. There's SO MUCH to do, we'll spend some time breaking down the different tasks you need to complete long before an incident occurs. Resources 5 Best Practices for Building a Cyber Incident Response Plan This segment is sponsored by Graylog. Visit https://securityweekly.com/graylog to learn more about them! ...

This is a great interview with Adam Shostack on all things threat modeling. He's often the first name that pops into people's heads when threat modeling comes up, and has created or been involved with much of the foundational material around the subject. Adam recently released a whitepaper that focuses on and defines inherent threats. Resources: Here's the Inherent Threats Whitepaper Adam's book, Threat Modeling: Designing for Security Adam's latest book, Threats: What Every Engineer...

We've talked about generative AI in a general sense on our podcast for years, but we haven't done many deep dives into specific security use cases. That ends with this interview, as we discuss how generative AI can improve SecOps with Ely Kahn. Some of the use cases are obvious, while others were a complete surprise to me. Check out this episode if you're looking for some ideas! This segment is sponsored by SentinelOne. Visit https://securityweekly.com/sentinelone to learn more about them! ...

A clear pattern with startups getting funding this week are "autonomous" products and features. Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues autonomously" automated remediation automated compliance management & reporting I'll believe it when I see it. Don't get me wrong, I think we're in desperate need of more automation when it comes to patching and security decision-making. I just...

This week, Adrian and Tyler discuss some crazy rumors - is it really possible that a cloud security startup valued at over $8 billion in November 2021 just got bought for $200 million??? Some healthy funding for Cyera and Cohesity ($300m and $150m, respectively) Onum, Alethea, Sprinto, Andesite AI, StrikeReady, YL-Backed Miggo, Nymiz, Salvador Technologies, and Simbian all raise smaller seed, A, or B rounds. Akamai picks up API security startup, Noname Security, Zscaler picks up Airgap...

Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on a whole different level. In this interview, we'll talk to Joe McMann about how Binary Defense helps to protect the Cleveland Browns and other professional sports teams. Show Notes: https://securityweekly.com/esw-358

This week, Tyler and Adrian discuss Cyera's $300M Series C, which lands them a $1.4B valuation! But is that still a unicorn? Aileen Lee of Cowboy Ventures, who coined the term back in 2013, recently wrote a piece celebrating the 10th anniversary of the term, and revisiting what it means. We HIGHLY recommend checking it out: https://www.cowboy.vc/news/welcome-back-to-the-unicorn-club-10-years-later They discuss a few other companies that have raised funding or just come out of stealth,...

In the days when Mirai emerged and took down DynDNS, along with what seemed like half the Internet, DDoS was as active a topic in the headlines as it was behind the scenes (check out Andy Greenberg's amazing story on Mirai on Wired). We don't hear about DDoS attacks as much anymore. What happened? Well, they didn't go away. DDoS attacks are a more common and varied tool of cybercriminals than ever. Today, Michael Smith is going to catch us up on the state of DDoS attacks in 2024, and we'll...

NVD checked out, then they came back? Maybe? Should the xz backdoor be treated as a vulnerability? Is scan-driven vulnerability management obsolete when it comes to alerting on emerging threats? What were some of the takeaways from the first-ever VulnCon? EPSS is featured in over 100 security products, but is it properly supported by those that benefit from it? How long do defenders have from the moment a vulnerability is disclosed to patch or mitigate it before working exploits are...

As we near RSA conference season, tons of security startups are coming out of stealth! The RSA Innovation Sandbox has also announced the top 10 finalists, also highlighting early stage startups that will be at the show. In this week's news segment, We discuss the highlights of the Cyber Safety Review Board's detailed and scathing report on Microsoft's 2023 breach We spend a bit of time on the xz backdoor, but not too much, as it has been covered comprehensively elsewhere We discover half a...

This week, in the enterprise security news: Early stage funding is all the rage AI startups continue to pop out of stealth The buyer's market continues with more interesting acquisitions Purpose-built large language models for security Benchmarking LLMs for security GoFetch? More like... Get outta here (I couldn't think of anything clever) Crowdstrike and NVIDIA team up Why do people trust AI? What do Google Sheets and Carlos Sainz Jr. have in common? All that and more, on this episode of...

Many years ago, I fielded a survey focused on the culture of cybersecurity. One of the questions asked what initially drew folks to cybersecurity as a career. The most common response was a deep sense of curiosity. Throughout my career, I noticed another major factor in folks that brought a lot of value to security teams: diversity. Diversity of people, diversity of background, and diversity of experience. I've seen auto mechanics, biologists, and finance experts bring the most interesting...

While awareness and attention towards cybersecurity are on the rise, some popular and persistent myths about cybersecurity have almost become threats themselves. API security requires a modern understanding of the threat landscape, with the context that most API providers desire to be more open and accessible to all. We will debunk the 5 worst myths about protecting your APIs. Segment Resources: API Security Basics - Everything You Need to Know Graylog API Security - Gain Visibility &...

In the enterprise security news, Lots of funding news, including: - Nozomi Networks Raises $100 Million to Expand Industrial Cybersecurity Business - BigID Raises $60 Million at $1 Billion Valuation - J.P. Morgan Growth Leads $39 Million Investment in Eye Security - CyberSaint raises $21 million to accelerate market expansion Zscaler Acquires Avalor for $350 Million Cisco completes $28 bn acquisition of cybersecurity firm Splunk Airbus Calls Off Planned Acquisition of Atos Cybersecurity...

While awareness and attention towards cybersecurity are on the rise, some popular and persistent myths about cybersecurity have almost become threats themselves. API security requires a modern understanding of the threat landscape, with the context that most API providers desire to be more open and accessible to all. We will debunk the 5 worst myths about protecting your APIs. Segment Resources: API Security Basics - Everything You Need to Know Graylog API Security - Gain Visibility &...

We don't cover a lot of stories in this week's episode, but we go deep on a few important ones. I'm biased, but I think it's a good one, especially having Darwin's input and encyclopedic knowledge available to us. Also in this week's news: Homomorphic encryption pops up again! Microsoft Security Copilot has a release date! Sudo for Windows Microsegmentation pops up again! The TikTok Ban Darwin's Newsletter: The Cybersecurity Pulse All that and more, on this episode of Enterprise Security...

In this interview, we talk to Rod Simmons, the VP of Product Strategy at Omada. We'll discuss the complex topic of securing identities against ever growing threats. We'll discuss challenges like unnecessary access, accounts with too many permissions, and a threat landscape that is increasingly finding success from targeting identities. Finally, we'll discuss where the Identity Governance and Administration (IGA) market is going. Segment Resources: Analyst Report: The State of Identity...

In the enterprise security news, Axonius raises $200M and is doing $100M ARR! Claroty raises $100M and is doing $100M ARR! Crowdstrike picks up DSPM with Flow Security CyCode picks up Bearer Are attackers like lawyers? How a bank failed (with no help from a cyber attack) the FTC cracks down on customer data collection Apple’s car sadly won’t be a thing any time soon or maybe ever. All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-352

Defenders spend a lot of time and money procuring and implementing security controls. At the heart of SecOps and the SOC are technologies like XDR, SIEM, and SOAR. How do we know these technologies are going to detect or prevent attacks? Wait for the annual pen test? Probably not a good idea. In this segment, we'll talk with Michael Mumcuoglu about how MITRE's ATT&CK framework can help defenders better prepare for inevitable attack TTPs they'll have knocking on their doors. Segment...

In this week's news segment, we discuss the lack of funding announcements, and the potential effect RSA could have on the timing of all sorts of press releases. We also discuss 1Password's potential future with its sizable customer base and the $620M it raised a few years back. Some other topics we discuss: NIST CSF 2.0 insider threats Ivanti Pulse Secure's appliance software found to be running positively ancient software (11 year old Linux distro, 5-20+ year old libraries &...

Pascal Geenens from Radware joins us to discuss the latest research findings relating to hacktivists an other actors using volumetric and other network-based attacks. We'll discuss everything from the current state of DDoS attacks to use in the military and even the impact of cyberattacks on popular culture! You can find the report Pascal mentions here, on Radware's website: https://www.radware.com/threat-analysis-report/ Show Notes: https://securityweekly.com/esw-351

Check out this interview from the ESW Vault, hand picked by main host Adrian Sanabria! This segment was originally published on September 22, 2021. Chris will discuss the relevance of intelligence and threat hunting today and how they work together. He will also talk about his EASY framework for creating impactful intelligence and its relation to hunting! Show Notes: https://securityweekly.com/vault-esw-8

This is almost a special episode on crazy new products. For the first half of the show, we discuss startup funding, market forces, acquisitions - stuff we usually discuss. Then we get into all the crazy new AI and non-AI products being announced and coming out. Have some disposable cash to pre-order crazy gadgets? This is the episode for you! Show Notes: https://securityweekly.com/esw-350