The end of the road for some cyber startups & making detection actually work! - Vivek Bhandari, Vivek Ramachandran, Mike Lyborg, Brandon Potter - ESW #373

Security Weekly Podcast Network (Audio) - A podcast by Security Weekly Productions

Categories:

This week, in the enterprise security news, A funding that looks like an acquisition And two for-sure acquisitions Rumors that there are funding problems for early stage cyber startups, and we’ll see a lot more acquisitions before the end of the year Speaking of rumors, Crowdstrike did NOT like last week’s Action1 acquisition rumor! Shortening detection engineering feedback loops HoneyAgents More reflections on Black Hat 2024 The attacker does NOT just have to get it right once and the defender does NOT have to get it right every time Remember BEC scams? Yeah, they’re still enterprise enemy #1 All that and more, in the news this week on Enterprise Security Weekly! SquareX With employees spending most of their working hours on the browser, web attacks are one of the biggest attack vectors today. Yet, both enterprises and security vendors today aren’t focused on securing the browser – a huge risk given that attackers can easily bypass Secure Web Gateways, SASE and SSE solutions. This segment will demonstrate the importance of a browser-native solution, discuss the limitations of current solutions and how enterprises can better protect their employees from web attacks. Segment Resources: DEF CON talk abstract Enterprise use cases for SquareX Data Sheet Why Browser Native Solutions are better than Cloud Based Proxies Blog on the Many Failures of Secure Web Gateways This segment is sponsored by Square X. Visit https://securityweekly.com/squarexbh to learn how SquareX can protect your employees from web attacks! Tanium The recent CrowdStrike outage and subsequent disruption tested organizations' resiliency and confidence as the world went offline. It served as a reminder that in an increasingly technology-dependent world, things will go wrong – but security leaders can plan accordingly and leverage emerging technologies to help minimize the damage. In this interview, Tanium’s Vice President of Product Marketing Vivek Bhandari explains how AI and automation can help with remediation and even prevent similar outages from happening in the future, and breaks down the future of Autonomous Endpoint Management (AEM) as the solution for continuous cyber resilience in the face of disruption. Segment Resources: The Future of Converged Endpoint Management is Autonomous Endpoint Management (AEM) This segment is sponsored by Tanium. Visit https://securityweekly.com/taniumbh to learn more about them! Swimlane and GenAI Join Swimlane CISO, Mike Lyborg and Security Weekly’s Mandy Logan as they cut through the AI peanut butter! While Generative AI is the not-so-new hot topic, it's also not the first time the cybersecurity industry has embraced emerging technology that can mimic human actions. Security automation and its ability to take action on behalf of humans have paved the way for generative AI to be trusted (within reason). The convergence and maturity of these technologies now have the potential to revolutionize how SecOps functions while force-multiplying SOC teams. This segment is sponsored by Swimlane. Visit https://securityweekly.com/swimlanebh to learn more about them! Swimlane and ProCircular ProCircular, is a security automaton power-user and AI early adopter. Hear from Swimlane customer, Brandon Potter, CTO at ProCircular, about how use of Swimlane, has helped his organization increase efficiency, improve security metrics and ultimately grow their customer base without increasing headcount. Segment Resources: ProCircular Case Study ProCircular Web Site This segment is sponsored by Swimlane. Visit https://securityweekly.com/swimlanebh to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-373