Skill Piper

Enterprise Security Weekly (Audio)

Brought to you by, Security Weekly Productions

https://skillpiper.com/share/1112175960

Enterprise Security Weekly (Audio)

Hosted by Adrian Sanabria, Tyler Shields, Katie Teitler-Santullo, Darwin Salazar, and Sean Metcalf. If you’re looking for advice and information on enterprise cybersecurity solutions, look no further than Enterprise Security Weekly! We give you an “insider” perspective into security vendors, including coverage on new product announcements, integrations, funding, M&A, and more! Adrian, Tyler, Katie, and Sean have unique perspectives on the enterprise security landscape. All four hosts are former analysts. Adrian has been a consultant, practitioner, founder, and runs Security Weekly Labs. Tyler has spent many years as a marketing executive for security vendors. Katie has also recently moved...

...see more

    Education

Subscribe and Listen Anywhere

  • rss
  • spotify
  • apple
  • breez
  • youtube
  • castbox
  • overcast
  • podcastaddict
  • pocketcasts
  • podbean
  • playerfm
  • antennapod
  • podcastrepublic
  • anytimeplayer

Recent Episodes of Enterprise Security Weekly (Audio)


How to Make the World Quantum Safe - Vadim Lyubashevsky - ESW Vault

How to Make the World Quantum Safe - Vadim Lyubashevsky - ESW Vault

Check out this episode from the ESW Vault, hand picked by main host Adrian Sanabria! This episode was initially published on April 21 2023.

Quantum computers are scaling rapidly. Soon, they will be powerful enough to solve previously unsolvable problems. But they come with a global challenge: fully-realized quantum computers will be able to break some of the most widely-used security protocols in the world. Dr. Vadim Lyubashevsky will discuss how quantum-safe cryptography protects against this potential future.

Segment Resources:

IBM Quantum Safe: https://www.ibm.com/quantum/quantum-safe IBM scientists help develop NIST’s qu...

Episode 5 September 2024 46m and 10s


What asset management (ITAM) looks like outside cybersecurity - Danny Jenkins, Ed Skoudis, Jeremy Boerger, Maor Bin - ESW #374

What asset management (ITAM) looks like outside cybersecurity - Danny Jenkins, Ed Skoudis, Jeremy Boerger, Maor Bin - ESW #374

The top priority on the CIS Critical Security Controls list has never changed: inventory and control of enterprise assets. Yet it remains one of the most challenging controls to implement, much less master. The refrain, "you can't secure what you don't know about" is as old as information security itself.

Complicating this task is the fact that improving asset management isn't an aspiration unique to the security team. IT, finance, facilities, and other groups within large enterprises are concerned with this as well. This often leads to challenges: should all these groups attempt to standardize on one...

Episode 30 August 2024 1h, 44m and 9s


The end of the road for some cyber startups & making detection actually work! - Vivek Bhandari, Vivek Ramachandran, Mike Lyborg, Brandon Potter - ESW #373

The end of the road for some cyber startups & making detection actually work! - Vivek Bhandari, Vivek Ramachandran, Mike Lyborg, Brandon Potter - ESW #373

This week, in the enterprise security news,

A funding that looks like an acquisition And two for-sure acquisitions Rumors that there are funding problems for early stage cyber startups, and we’ll see a lot more acquisitions before the end of the year Speaking of rumors, Crowdstrike did NOT like last week’s Action1 acquisition rumor! Shortening detection engineering feedback loops HoneyAgents More reflections on Black Hat 2024 The attacker does NOT just have to get it right once and the defender does NOT have to get it right every time Remember BEC scams? Yeah, they’re still enterprise enemy...

Episode 23 August 2024 2h, 26m and 35s


Highlights from BlackHat/DefCon, Vulnerabilities, and Cyber Marketing Challenges - Brett Stone-Gross, Rakesh Nair, Rekha Shenoy, Marty Momdjian - ESW #372

Highlights from BlackHat/DefCon, Vulnerabilities, and Cyber Marketing Challenges - Brett Stone-Gross, Rakesh Nair, Rekha Shenoy, Marty Momdjian - ESW #372

In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and code quality over rushing products to market. Overall, the hosts express concerns about the frequency of security vulnerabilities and the potential impact on customer trust. Other topics of discussion include the Innovators and Investors Summit at Black Hat, the potential sale of Trend Micro, layoffs in the industry...

Episode 15 August 2024 2h, 8m and 47s


AI Red Teaming and AI Safety - Sounil Yu, Amanda Minnich - ESW #371

AI Red Teaming and AI Safety - Sounil Yu, Amanda Minnich - ESW #371

In this interview we explore the new and sometimes strange world of redteaming AI. I have SO many questions, like what is AI safety?

We'll discuss her presence at Black Hat, where she delivered two days of training and participated on an AI safety panel.

We'll also discuss the process of pentesting an AI. Will pentesters just have giant cheatsheets or text files full of adversarial prompts? How can we automate this? Will an AI generate adversarial prompts you can use against another AI? And finally, what do we do with the results?

...

Episode 9 August 2024 2h, 18m and 23s


Cybersecurity's Love Affair with Distractions - Fred Wilmot, Dani Woolf - ESW #370

Cybersecurity's Love Affair with Distractions - Fred Wilmot, Dani Woolf - ESW #370

Remember 20 years ago? When we were certain SIEMs would grant our cybersecurity teams superpowers? Or 10 years ago, when we were sure that NGAV would put an end to malware as we knew it? Or 15 years ago, when we were sure that application control would put an end to malware as we knew it? Or 18 years ago, when NAC would put an end to unauthorized network access?

Why do we keep thinking that the next vendor offering is going to solve all our problems? In this interview, we talk with Fred Wilmot about the hard work of building...

Episode 2 August 2024 2h, 18m and 8s


Generative AI (as used by defenders AND attackers) will Drive SOC Evolution - Greg Notch, Edward Wu - ESW #369

Generative AI (as used by defenders AND attackers) will Drive SOC Evolution - Greg Notch, Edward Wu - ESW #369

The emergence of generative AI has caused us to rethink things on two fronts:

how we consume threat detection data, as defenders how we need to shift our thinking and approaches to prepare for attackers' newfound GenAI capabilities

But wait - is GenAI even useful for defenders or attackers? We'll dive deep into the state of AI as it pertains to security operations, just as Gartner announces that AI is hitting the trough of disillusionment. What better time to dispel the hype and focus on where real progress can be made?

Edward Wu thinks so...

Episode 26 July 2024 1h, 58m and 49s


Jump-starting SOC Analyst Careers, Addressing Cybersecurity Industry Challenges, and Historic Rumors in Enterprise Security - ESW #368

Jump-starting SOC Analyst Careers, Addressing Cybersecurity Industry Challenges, and Historic Rumors in Enterprise Security - ESW #368

In this episode of Enterprise Security Weekly, we revisit the insightful book "Jump-start Your SOC Analyst Career" with authors Jarrett Rodrick and Tyler Wall, exploring updates on career paths, opportunities, and the industry's reality. We delve into the myths versus the truths about cybersecurity careers, discussing the viability of high salaries and the best entry points into the field. Next, we tackle the critical issues plaguing the cybersecurity industry despite its rapid growth and increased influence at the board level. We ask why, despite ample resources, are failures more prevalent than ever? Lastly, we cover significant news in enterprise...

Episode 19 July 2024 2h, 6m and 23s


Joiners, Movers, Leavers, and Failures: Why is Identity Management Still Struggling? - Henrique Teixeira - ESW #367

Joiners, Movers, Leavers, and Failures: Why is Identity Management Still Struggling? - Henrique Teixeira - ESW #367

I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and shadow IT. Identity is one of the most common entry points for attacks, so we've got to do better as an industry here.

We'll cover a variety of topics in this interview, including:

...

Episode 12 July 2024 1h, 31m and 28s


The risks and best practices of deploying AI to an enterprise - Martin Roesch, Anurag Lal - ESW #366

The risks and best practices of deploying AI to an enterprise - Martin Roesch, Anurag Lal - ESW #366

We all might be a little worn out on this topic, but there's no escaping it. Executives want to adopt GenAI and it is being embedded into nearly every software product we use in both our professional and personal lives. In this interview, Anurag joins us to discuss how his company evaluated and ultimately integrated AI-based technologies into their products. We discuss:

What to be aware of when deploying GenAI Key use cases and successes organizations are having with GenAI Some of the risks to be aware of How to prepare employees for GenAI Best practices to prepare...

Episode 28 June 2024 2h, 16m and 26s

Skill Piper
HomeBlogAboutContactNewsletter

© 2024 Skill Piper. All rights reserved

Twitter