Know the latest cybersecurity threats, innovations and actions to take. Our delivery is fast, and the security content coverage is thorough. We bring together today’s hardest working security talent to share their insights with you.
Great primer on actions to take: https://www.linkedin.com/pulse/winter-coming-lisa-r-lifshitz/PwC Canada on breach notification: pwc.com/ca/canadamandatorybreachFind Lisa: https://www.linkedin.com/in/lisa-r-lifshitz-93b0398/Find Constantine: www.linkedin.com/in/karbaliotis
David Senf of Cyverity is joined by Mike Davis of CounterTack and Josh Fu from Cylance to net out how our security industry is reshaped by artificial intelligence. We look at machine learning and where it is being embedded and which skills will need to be expanded.
I'm joined this week by Jonathan Nguyen-Duy from Fortinet, Travis Barlow and Mike Davis from CounterTack / GoSecure, and Ben Smith from RSA to learn how to plan, react and measure your incident response capabilities. Recorded live at the GoSec conference in Montreal.
Learn more:https://www.guidewire.com/about-us/news-and-events/eventshttps://main.strom.com/http://ridgecanada.com/
https://www.gosec.net/en/https://www.countertack.com/blog/topic/blogshttps://blog.rackspace.com/rackspace-launches-customer-reliability-engineering-and-managed-security-services-for-google-cloud-platform
Learn more and check out:http://www.devsecops.org/https://www.aporeto.com/blog/https://blog.conjur.org/https://www.arctiq.ca/our-blog/
MITRE ATT&CK:https://attack.mitre.org/wiki/Main_Page4 open-source ATT&CK tools analyzed:https://www.csoonline.com/article/3268545/data-breach/4-open-source-mitre-attandck-test-tools-compared.htmlAnomali blog:https://www.anomali.com/blog
We look for the balance between developers' security responsibility and the security team. Maya Kaczorowski from Google, Shannon Lietz from Intuit and Larry Maccherone from Comcast help weigh the options.
Read this:https://www.manning.com/books/reactive-application-developmentAttend this:https://www.cyberark.com/impact2018/Join the discussion:https://cloudsecurityalliance.org/group/containerization/#_overview
Ransomware, like any other attack, is not inevitable if you can stop the attacker at even one step along a kill chain. We look specifically at the 5 steps of a ransomware as an example of how to improve your odds of avoiding a breach. Stewart Cawthray from Thomson Reuters, Allan Liska from Recorded Future, Tim Gallo from FireEye and Birat Niraula from CapitalOne provide lots of great advice!
Check out:idpro.org/join to connect and share with others on identityaporeto.com/blog for the latest on app identity vs. user identity and many other resourceshttps://gallery.technet.microsoft.com/eBook-Defending-the-New-dcd58679
Cloud ushers in new security challenges, while alleviating others. My guests, Stu Solomon, CTO at Optiv and Allan Liska, senior analyst at Recorded Future apply the NIST Cybersecurity Framework to draw out key elements of consideration for your security in the cloud. If you're using Microsoft Azure, Amazon AWS, Google Cloud Platform or myriad other IaaS, PaaS and SaaS offerings, we hope you'll find this episode of value.
See the full report and slides in video format: https://youtu.be/VNgpkQkMi2k
Containers like Docker offer new automation awesomeness, portability and predictability. But traditional security tools and ops are only the start of reducing your risks. John Morello from Twistlock, Alfredo Hickman from Rackspace and Kellman Meghu from Sycomp pull the container stack apart to reveal security gaps.Please read NIST Application Container Security Guide co-authored by John Morellohttps://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-190.pdfAnd read Container Intrusions: Assessing the Efficacy of Intrusion Detection and Analysis Methods for Linux by Alfredo Hickmanhttps://www.sans.org/reading-room/whitepapers/detection/container-intrusions-assessing-efficacy-intrusion-detection-analysis-methods-linux-container-environments-38245
If you're new to security threat intelligence or want to refine your threat intel program, get details on the latest tools and techniques in 5 phases of the Threat Intel Lifecycle that my guests explain. Allan Liska from Recorded Future, Tim Gallo from FireEye and Wadeed Mian from ISA draw from their decades of experience to help you make the most of your threat intel program.
Learn how to decide which DDoS provider to select, what operational issues may come up and how to handle them. My guests: Laurent Gil co-founded a leader in DDoS solutions (Oracle Dyn formerly Zenedge) and Stewart Cawthray helped set up a DDoS service for a major telco and is now Senior Director Security at Thomson Reuters in Toronto, Canada. We delve into the difference between several different kinds of attacks with most time spent at the application layer (OSI layer 7).
Stewart Cawthray and Theo Van Wyk are my guests to help carefully extract our SIEM from the hot soup of new acronyms. Plus the Threat Radar, Frontline Actions and a little on Invisible Identity. Stewart is from Thomson Reuters and Theo is from Scalar.
Travis Barlow is our expert from an MSSP, GoSecure, with a lens to new threat while Kellman Meghu is our other industry expert from Sycomp.
© 2020-2025 Ivy Podcast Discovery LLC
