))
Savage Wonder is a podcast about warriors and artists. It features long-form, one-on-one conversations with people who have a foot in both the world of the artist and the world of the warrior. It is produced by the Veterans Repertory Theater, a creative hub for talented veterans and world-class performers to create compelling live theater and events.
…
continue reading
Hosted by Adrian Sanabria, Tyler Shields, Katie Teitler, and Sean Metcalf. If you’re looking for advice and information on enterprise security solutions, look no further than Enterprise Security Weekly! We give you an “insider” perspective into security vendors, including coverage on new product announcements, integrations, funding, M&A, and more! Adrian, Tyler, Katie, and Sean have unique perspectives on the enterprise security landscape. All four hosts are former analysts. Adrian has been ...
…
continue reading
One-on-one, long-form discussions featuring staff, writers and friends of Havok Journal. The show is sponsored by two veterans non-profits: Second Mission Foundation and the Veterans Repertory Theater.
…
continue reading
1
Jump-starting SOC Analyst Careers, Addressing Cybersecurity Industry Challenges, and Historic Rumors in Enterprise Security - ESW #368
2:06:23
2:06:23
Play later
Play later
Lists
Like
Liked
2:06:23
In this episode of Enterprise Security Weekly, we revisit the insightful book "Jump-start Your SOC Analyst Career" with authors Jarrett Rodrick and Tyler Wall, exploring updates on career paths, opportunities, and the industry's reality. We delve into the myths versus the truths about cybersecurity careers, discussing the viability of high salaries…
…
continue reading
Kimberly Evans is a federal law enforcement officer as well as being an up-and-coming poet, photographer and writer. Follow her here.By Christopher Paul Meyer
…
continue reading
Kimberly Evans is a federal law enforcement officer as well as being an up-and-coming poet, photographer and writer. Follow her here.By Christopher Paul Meyer
…
continue reading
1
Joiners, Movers, Leavers, and Failures: Why is Identity Management Still Struggling? - Henrique Teixeira - ESW #367
1:31:28
1:31:28
Play later
Play later
Lists
Like
Liked
1:31:28
I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and …
…
continue reading
1
The risks and best practices of deploying AI to an enterprise - Martin Roesch, Anurag Lal - ESW #366
2:16:26
2:16:26
Play later
Play later
Lists
Like
Liked
2:16:26
We all might be a little worn out on this topic, but there's no escaping it. Executives want to adopt GenAI and it is being embedded into nearly every software product we use in both our professional and personal lives. In this interview, Anurag joins us to discuss how his company evaluated and ultimately integrated AI-based technologies into their…
…
continue reading
1
Access vs Actions, Beyond Traditional IGA, Remote Identity Verification, & Fraud - Tim Prendergast, Damon Tompkins, Andrew Bud, Chris Meyer - ESW Vault
58:32
58:32
Play later
Play later
Lists
Like
Liked
58:32
Traditional approaches to access management are no longer sufficient to safeguard enterprise security. Tim will explain why the most effective approach to modern enterprise security requires a Zero Trust model that extends beyond just access to encompass every action, no matter how minor. Tim will describe the importance of implementing a Zero Trus…
…
continue reading
1
iShield Key Experience, Automated (PKI) Infrastructure, & GenAI Identity Attacks - Kevin Fadaie, Roni Bliss, David Mahdi - ESW Vault
44:48
44:48
Play later
Play later
Lists
Like
Liked
44:48
FIDO security keys are not new in the authentication workflow. They have been around now for 10 years. What is new is the combination of the most secure multi-factor authentication method not only for logical but also for physical access control with the highest FIPS140-3 security certification in the market. Segment Resources: Video "Swissbit iShi…
…
continue reading
1
Bringing Autonomy to AppSec - Dr. David Brumley - ESW Vault
32:22
32:22
Play later
Play later
Lists
Like
Liked
32:22
Log4j, solar winds, tesla hacks, and the wave of high profile appsec problems aren’t going to go away with current approaches like SAST and SCA. Why? They are: -40 years old, with little innovation -Haven’t solved the problem. In this segment, we talk about fully autonomous application security. Vetted by DARPA in the Cyber Grand Challenge, the app…
…
continue reading
1
Shared irresponsibilities and the importance of product privacy: Apple vs Microsoft - Mark Batchelor, Vibhuti Sinha, Chris Simmons, Gerry Gebel, Ajay Gupta, Tarvinder Sembhi - ESW #365
2:41:25
2:41:25
Play later
Play later
Lists
Like
Liked
2:41:25
This week, we've got data security being both funded AND acquired. We discuss Lacework's fall from unicorn status and why rumors that it went to Fortinet for considerably more than Wiz was willing to pay make sense. Microsoft Recall and Apple Intelligence are the perfect bookends for a conversation about the importance of handling consumer privacy …
…
continue reading
1
Interest in Identity Security is Spiking - John Shier, Will Lin, Christopher Harrell, Jim Broome - ESW #364
2:31:08
2:31:08
Play later
Play later
Lists
Like
Liked
2:31:08
"Identity security has been around forever though", you might be thinking. Allow me to clarify. Identity is the largest cybersecurity product category, but most of it is focused on identity governance, authentication, multi-factor, etc. Very little of it is focused on operational identity security. It's this trend, where we recently (within the las…
…
continue reading
Kimberly Evans is a federal law enforcement officer as well as being an up-and-coming poet, photographer and writer. Follow her here.By Christopher Paul Meyer
…
continue reading
1
A CISO’s Perspective, Defending Against AI & Ransomware Evolution - Kris Lahiri, Jim Broome, Mike Lyborg - ESW Vault
46:35
46:35
Play later
Play later
Lists
Like
Liked
46:35
In this interview, join Swimlane Chief Information Security Officer, Mike Lyborg, and host Akira Brand as we discuss the value of cybersecurity marketplaces from a CISO perspective. Through insightful discussions, unpack the connection between outcomes-driven solutions and tangible business KPIs. This segment is sponsored by Swimlane. Visit https:/…
…
continue reading
1
Achieving Cyber Resilience, External Cybersecurity & Risk Reduction - Margarita Barrero, Andy Grolnick, Alexandre Sieira - ESW Vault
48:15
48:15
Play later
Play later
Lists
Like
Liked
48:15
Organizations today are overwhelmed with the sheer magnitude of potential cybersecurity threats and there is plenty of vendor buzz around AI in Security products, but what is the reality? Threat detection and incident response (TDIR) strategy and execution have never been more critical and are essential in maintaining cyber resilience and strengthe…
…
continue reading
1
Exploring the latest FortiGuard Labs Threat Report - Derek Manky - ESW Vault
40:53
40:53
Play later
Play later
Lists
Like
Liked
40:53
As a special treat for this week's vault episode, we set up a conversation with Derek Manky to discuss Fortinet's FortiGuard Labs Threat Report. This is a bi-annual report put out by FortiGuard Labs, and in my opinion, it just keeps getting better and better. The report is chock full of actionable information and insights. It answered all my questi…
…
continue reading
1
This Week: short on funding, long on research and analysis & RSAC Interviews - ESW #363
2:39:17
2:39:17
Play later
Play later
Lists
Like
Liked
2:39:17
Only one funding announcement this week, so we dive deep into Thoma Bravo's past and present portfolio. They recently announced a sale of Venafi to Cyberark and no one is quite sure how much of a hand they had in the LogRhythm/Exabeam merger, and whether or not they sold their stake in the process. We also have a crazy stat Ross Haleliuk spotted in…
…
continue reading
1
Post-RSAC, Our Heads Are Spinning, and Big News Keeps on Coming! Plus On-Site Interviews from RSAC - ESW #362
2:27:32
2:27:32
Play later
Play later
Lists
Like
Liked
2:27:32
Suddenly SIEMs are all over the news! In a keynote presentation, Crowdstrike CEO George Kurtz talked about the company's "next-gen" SIEM. Meanwhile, Palo Alto, who was taken to task by some for not having an active presence on the RSAC expo floor, hits the headlines for acquiring IBM's SIEM product, just to shut it down! Meanwhile, LogRhythm and Ex…
…
continue reading
1
Executive Interviews from RSAC! - ESW #361
2:09:12
2:09:12
Play later
Play later
Lists
Like
Liked
2:09:12
Tune in to hear 9 executive interviews from RSA Conference 2024, featuring speakers from Zscaler, Open Systems, Aryaka, OpenText, Hive Pro, Critical Start, Anomali, Cyware, and Pentera! Find individual descriptions for each interview on the show notes. Show Notes: https://securityweekly.com/esw-361
…
continue reading
1
Preparation: The Less Shiny Side of Incident Response - Joe Gross - ESW #360
1:57:07
1:57:07
Play later
Play later
Lists
Like
Liked
1:57:07
It's the most boring part of incident response. Skip it at your peril, however. In this interview, we'll talk to Joe Gross about why preparing for incident response is so important. There's SO MUCH to do, we'll spend some time breaking down the different tasks you need to complete long before an incident occurs. Resources 5 Best Practices for Build…
…
continue reading
1
Autonomous - I don't think that word means what you think it means - Adam Shostack, Ely Kahn - ESW #359
1:57:31
1:57:31
Play later
Play later
Lists
Like
Liked
1:57:31
A clear pattern with startups getting funding this week are "autonomous" products and features. Automated detection engineering Autonomously map and predict malicious infrastructure ..."helps your workforce resolve their own security issues autonomously" automated remediation automated compliance management & reporting I'll believe it when I see it…
…
continue reading
1
From Hackers to Streakers - How Counterintelligence Teams are Protecting the NFL - Joe McMann - ESW #358
1:47:19
1:47:19
Play later
Play later
Lists
Like
Liked
1:47:19
Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on a whole different level. In this interview, we'll talk to Joe McMann a…
…
continue reading
1
Understanding KillNet and Recent Waves of DDoS Attacks - Michael Smith - ESW #357
1:42:25
1:42:25
Play later
Play later
Lists
Like
Liked
1:42:25
In the days when Mirai emerged and took down DynDNS, along with what seemed like half the Internet, DDoS was as active a topic in the headlines as it was behind the scenes (check out Andy Greenberg's amazing story on Mirai on Wired). We don't hear about DDoS attacks as much anymore. What happened? Well, they didn't go away. DDoS attacks are a more …
…
continue reading
Lois Hicks-Wozniak is an active concert saxophonist and educator in the New York Metropolitan and the Hudson Valley region, committed to community engagement through new music and Global Music styles. A D’Addario Woodwinds Artist, her many awards include winning the Special Presentation Winners Recital Series, sponsored by Artists International Pre…
…
continue reading
1
Getting Vulnerability Management Back on the Rails - Patrick Garrity - ESW #356
1:57:23
1:57:23
Play later
Play later
Lists
Like
Liked
1:57:23
NVD checked out, then they came back? Maybe? Should the xz backdoor be treated as a vulnerability? Is scan-driven vulnerability management obsolete when it comes to alerting on emerging threats? What were some of the takeaways from the first-ever VulnCon? EPSS is featured in over 100 security products, but is it properly supported by those that ben…
…
continue reading
1
Why cyber hygiene requires curious talent - Clea Ostendorf - ESW #355
1:45:43
1:45:43
Play later
Play later
Lists
Like
Liked
1:45:43
Many years ago, I fielded a survey focused on the culture of cybersecurity. One of the questions asked what initially drew folks to cybersecurity as a career. The most common response was a deep sense of curiosity. Throughout my career, I noticed another major factor in folks that brought a lot of value to security teams: diversity. Diversity of pe…
…
continue reading
1
Top 5 Myths About API Security and What to Do Instead - Robert Dickinson - ESW #354
1:45:52
1:45:52
Play later
Play later
Lists
Like
Liked
1:45:52
While awareness and attention towards cybersecurity are on the rise, some popular and persistent myths about cybersecurity have almost become threats themselves. API security requires a modern understanding of the threat landscape, with the context that most API providers desire to be more open and accessible to all. We will debunk the 5 worst myth…
…
continue reading
1
Addressing Identity-Related Threats in 2024 - Rod Simmons - ESW #353
1:57:11
1:57:11
Play later
Play later
Lists
Like
Liked
1:57:11
In this interview, we talk to Rod Simmons, the VP of Product Strategy at Omada. We'll discuss the complex topic of securing identities against ever growing threats. We'll discuss challenges like unnecessary access, accounts with too many permissions, and a threat landscape that is increasingly finding success from targeting identities. Finally, we'…
…
continue reading
Mitchel Coffman is a New York City-based artist. He is the son of a Vietnam-era veteran and is the longtime friends of several special operations folks. His 25 oil-on-canvas portraits of fallen Rangers are featured at the 75th Ranger Regiment Hall of Honor at Hunter Army Airfield and his newest exhibit is an immersive look at the GWOT, titled, "Wis…
…
continue reading
1
What can we do today to prevent tomorrow's breach? - Michael Mumcuoglu - ESW #352
1:47:13
1:47:13
Play later
Play later
Lists
Like
Liked
1:47:13
Defenders spend a lot of time and money procuring and implementing security controls. At the heart of SecOps and the SOC are technologies like XDR, SIEM, and SOAR. How do we know these technologies are going to detect or prevent attacks? Wait for the annual pen test? Probably not a good idea. In this segment, we'll talk with Michael Mumcuoglu about…
…
continue reading
